GeneralInformation

Country	China
City	Hefei
Organization	CHINANET Anhui province network
ISP	CHINANET-BACKBONE
ASN	AS4134

WebTechnologies

JavaScript frameworks

Prototype1.7.2

ExtJS

Network storage

Synology DiskStation

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

CVE-2021-3618

5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.

OpenPorts

53 515 548 554 3306 5000 5001 5353 5357 8000 9000 9001 9876 33060

-553166942 | 2024-04-29T18:28:21.766119

53 / tcp

Recursion: enabled

-571569590 | 2024-05-05T14:44:30.825407

515 / tcp

Unable to get printer printer: successful-ok

-2015151012 | 2024-05-01T19:16:33.405353

548 / tcp

AFP:
  Server Name: BOMEI_NAS
  UTF-8 Server Name: BOMEI_NAS
  Machine Type: Netatalk3.1.8
  Network Addresses:
    192.168.0.181
  AFP Versions:
    AFP2.2
    AFP3.1
    AFP3.2
    AFP3.3
    AFP3.4
    AFPX03
  UAMs:
    Cleartxt Passwrd
    DHCAST128
    DHX2
  Server Signature: 3121dd56533983c561d24cde6a1173b4
  Server Flags:
    Flag Hex: 0x8f79
    Super Client: True
    UUIDs: True
    UTF-8 Server Name: True
    Open Directory: True
    Reconnect: False
    Server Notifications: True
    TCP/IP: True
    Server Signature: True
    Server Messages: True
    Password Saving Prohibited: False
    Password Changing: False
    Copy File: True

-1034551859 | 2024-05-01T08:25:17.969025

554 / tcp

RTSP/1.0 200 OK
CSeq: 1
Date: Wed, May 01 2024 08:25:17 GMT
Public: OPTIONS, DESCRIBE, SETUP, TEARDOWN, PLAY, PAUSE, GET_PARAMETER, SET_PARAMETER

1513671470 | 2024-04-29T06:58:32.227726

3306 / tcp

MySQL:
  Protocol Version: 10
  Version: 5.7.43
  Capabilities: 65535
  Server Language: 8
  Server Status: 2
  Extended Server Capabilities: 49663
  Authentication Plugin: mysql_native_password

1156633224 | 2024-05-05T11:32:33.675707

5000 / tcp

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 May 2024 11:32:33 GMT
Content-Type: text/html; charset="UTF-8"
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Vary: Accept-Encoding
Cache-control: no-store
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Security-Policy: base-uri 'self';  connect-src ws: wss: *; default-src 'self' 'unsafe-eval' data: blob: https://*.synology.com https://www.synology.cn/; font-src 'self' data: https://*.googleapis.com https://*.gstatic.com https://fonts.gstatic.com; form-action 'self'; frame-ancestors 'self' https://gofile.me http://gofile.me; frame-src 'self' data: blob: https://*.synology.com https://www.synology.cn/ https://www.youtube.com http://www.youtube.com http://*.synology.com http://*.synology.cn; img-src 'self' data: blob: https://*.google.com https://*.googleapis.com http://*.googlecode.com https://*.gstatic.com https://*.gstatic.com https://*.googleapis.com https://*.google.com https://i.ytimg.com https://*.ggpht.com; media-src 'self' data: about:;  script-src 'self' 'unsafe-eval' data: blob: https://*.synology.com https://www.synology.cn/ https://*.google.com https://*.googleapis.com https://*.google.com https://*.googleapis.com; style-src 'self' 'unsafe-inline' https://*.googleapis.com https://*.googleapis.com;
Set-Cookie: id=;expires=Thu, 01-Jan-1970 00:00:01 GMT;path=/


Synology DiskStation Manager (DSM):
  Version: 6.2.3-25426
  Hostname: BOMEI_NAS
  Custom Login Title: 博美广告
  Login Welcome Title: 欢迎使用博美广告NAS服务器
  Login Welcome Message: Hi~你来了！

1640002658 | 2024-05-01T14:34:41.632834

5001 / tcp

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 May 2024 14:34:40 GMT
Content-Type: text/html; charset="UTF-8"
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Cache-control: no-store
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Security-Policy: base-uri 'self';  connect-src ws: wss: *; default-src 'self' 'unsafe-eval' data: blob: https://*.synology.com https://www.synology.cn/; font-src 'self' data: https://*.googleapis.com https://*.gstatic.com https://fonts.gstatic.com; form-action 'self'; frame-ancestors 'self' https://gofile.me http://gofile.me; frame-src 'self' data: blob: https://*.synology.com https://www.synology.cn/ https://www.youtube.com http://www.youtube.com http://*.synology.com http://*.synology.cn; img-src 'self' data: blob: https://*.google.com https://*.googleapis.com http://*.googlecode.com https://*.gstatic.com https://*.gstatic.com https://*.googleapis.com https://*.google.com https://i.ytimg.com https://*.ggpht.com; media-src 'self' data: about:;  script-src 'self' 'unsafe-eval' data: blob: https://*.synology.com https://www.synology.cn/ https://*.google.com https://*.googleapis.com https://*.google.com https://*.googleapis.com; style-src 'self' 'unsafe-inline' https://*.googleapis.com https://*.googleapis.com;
Set-Cookie: id=;expires=Thu, 01-Jan-1970 00:00:01 GMT;path=/


Synology DiskStation Manager (DSM):
  Version: 6.2.3-25426
  Hostname: BOMEI_NAS
  Custom Login Title: 博美广告
  Login Welcome Title: 欢迎使用博美广告NAS服务器
  Login Welcome Message: Hi~你来了！

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            cb:a2:9d:40:41:64:df:48
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=TW, L=Taipei, O=Synology Inc., CN=Synology Inc. CA
        Validity
            Not Before: Jul 23 15:14:58 2022 GMT
            Not After : Jul 24 15:14:58 2023 GMT
        Subject: C=TW, L=Taipei, O=Synology Inc., CN=synology
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:a1:c8:ee:b6:98:aa:87:fb:c5:6f:95:68:4e:98:
                    70:16:8e:24:57:a7:bc:62:6f:51:7e:1a:35:b8:23:
                    85:c4:f9:6f:89:35:5f:5d:a4:a5:55:17:ef:9f:1b:
                    af:5d:45:cd:24:2f:38:2e:0c:ff:f8:38:83:9f:fd:
                    5e:f6:06:2a:59:e5:95:50:9e:b5:45:97:6a:a1:4b:
                    eb:8e:e0:98:ba:c7:0a:11:b2:60:4a:44:7c:3f:8c:
                    7a:8d:3c:99:fd:86:70:7e:fe:bd:c3:44:f0:76:ca:
                    60:7e:8b:88:94:73:07:63:c8:cf:f4:6d:f0:cc:d0:
                    83:ef:a2:64:9c:44:fc:7f:03:1f:84:a8:90:7b:36:
                    4d:77:90:a8:c5:eb:b0:25:24:94:f2:31:af:40:08:
                    96:27:bc:d1:93:c4:51:0d:b4:d5:a7:19:9b:87:da:
                    82:7d:50:86:71:aa:3b:ef:79:2d:a1:fb:66:4c:a3:
                    83:65:da:95:a8:da:e1:77:74:6c:d7:d3:c7:55:33:
                    ca:c5:5b:12:77:82:56:7d:91:f8:07:b4:70:51:81:
                    7c:41:6a:93:30:b8:c1:8c:f6:57:21:e4:5e:79:55:
                    56:af:9d:8b:96:40:1a:88:d5:90:04:33:4c:71:54:
                    eb:7d:a6:f0:b0:80:42:75:f3:76:05:9e:0e:19:d4:
                    20:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: critical
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Subject Alternative Name: 
                DNS:synology
            X509v3 Subject Key Identifier: 
                AF:B5:9F:41:2D:CC:C4:B0:E8:8A:01:CC:0A:90:92:C6:08:E7:C3:B5
            X509v3 Authority Key Identifier: 
                DC:39:A7:C7:27:B7:97:60:13:A3:97:B4:8D:7F:8D:38:62:9D:E5:6B
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        a3:ca:30:f9:8d:ca:9d:ad:9d:af:00:14:5b:49:74:e9:76:6b:
        f1:1e:71:0f:95:99:6e:88:32:55:bd:d4:b3:0f:6b:9c:5d:b8:
        4b:0b:7a:bd:d8:49:06:8f:a5:c8:32:57:0b:65:19:9e:a4:35:
        da:5f:a4:3d:4f:1b:5e:ea:ed:89:25:20:b6:22:a1:d6:79:1d:
        a3:00:0b:54:3a:52:02:9d:e6:87:80:1b:6f:84:97:75:88:da:
        61:73:98:ea:fc:81:ca:fc:77:bf:6a:28:d8:b1:7b:ec:e0:38:
        89:8e:94:a1:64:e0:fa:af:c9:6b:ad:f2:85:c1:cd:05:e6:5e:
        f4:96:4b:a8:12:d1:1f:37:82:93:da:e0:98:18:60:4f:1a:16:
        36:3e:87:11:b5:0c:c9:5f:4d:96:d8:c0:2e:8a:44:4f:0d:b3:
        b7:38:fd:01:50:60:5d:68:bb:ad:4f:d4:e4:7e:aa:f9:fb:e0:
        0f:61:31:26:67:dd:e8:e4:f0:e8:93:41:ae:22:b9:39:c1:47:
        f7:d6:41:80:1f:18:5c:15:4d:fb:46:71:4a:28:a6:0f:c5:c9:
        25:1d:a3:55:07:3e:55:fa:d8:44:20:71:78:2a:d8:27:8d:4f:
        75:6e:f1:ae:29:4d:db:4f:8a:c8:1b:aa:55:a8:db:52:ae:0a:
        12:67:06:a1

-29455164 | 2024-04-30T20:56:36.944180

5353 / udp

mDNS:
  services:
    445/tcp smb:
      Name=BOMEI_NAS
      Address=192.168.0.181 fe80::211:32ff:fe35:95cf
    515/tcp printer:
      txtvers=1
      qtotal=2
      ty=Brother DCP-7080
      note=BOMEI_NAS(Brother DCP-7080)
      pdl=application/octet-stream
      rp=usbprinter1
      Name=usbprinter1 @ BOMEI_NAS
      Address=192.168.0.181 fe80::211:32ff:fe35:95cf
    548/tcp afpovertcp:
      Name=BOMEI_NAS
      Address=192.168.0.181 fe80::211:32ff:fe35:95cf
    631/tcp ipp:
      adminurl=http://BOMEI_NAS:631/printers/usbprinter1
      txtvers=1
      qtotal=1
      ty=Brother DCP-7080
      note=BOMEI_NAS
      product=(Brother DCP-8045D - CUPS+Gutenprint v5.2.10)
      pdl=application/octet-stream,application/pdf,image/urf,image/jpeg
      URF=W8,SRGB24,DM1,CP255,RS600-300
      UUID=
      rp=printers/usbprinter1
      Name=usbprinter1 @ BOMEI_NAS
      Address=192.168.0.181 fe80::211:32ff:fe35:95cf
    5000/tcp http:
      vendor=Synology
      model=DS918+
      serial=1780PDN141214
      version_major=6
      version_minor=2
      version_build=25426
      admin_port=5000
      secure_admin_port=5001
      mac_address=00:11:32:35:95:cf|00:e0:4c:01:3b:ca|00:e0:4c:01:3b:cb|00:e0:4c:01:3b:cc|a8:a1:59:93:3c:7f
      Name=BOMEI_NAS
      Address=192.168.0.181 fe80::211:32ff:fe35:95cf
    device-info:
      model=Xserve
      Name=BOMEI_NAS
      Address=192.168.0.181 fe80::211:32ff:fe35:95cf
  answers:
    PTR:
      _smb._tcp.local
      _http._tcp.local
      _ipp._tcp.local
      _printer._tcp.local
      _afpovertcp._tcp.local
      _device-info._tcp.local

MAC Addresses

00:11:32:35:95:CF
    OUI: 00:11:32
    Organization: Synology Incorporated
    Assignment: MA-L
    Registration Date: 2004-04-25
00:E0:4C:01:3B:CA
    OUI: 00:E0:4C
    Organization: REALTEK SEMICONDUCTOR CORP.
    Assignment: MA-L
    Registration Date: 2000-09-08
00:E0:4C:01:3B:CB
    OUI: 00:E0:4C
    Organization: REALTEK SEMICONDUCTOR CORP.
    Assignment: MA-L
    Registration Date: 2000-09-08
00:E0:4C:01:3B:CC
    OUI: 00:E0:4C
    Organization: REALTEK SEMICONDUCTOR CORP.
    Assignment: MA-L
    Registration Date: 2000-09-08
A8:A1:59:93:3C:7F
    OUI: A8:A1:59
    Organization: ASRock Incorporation
    Assignment: MA-L
    Registration Date: 2018-12-31

-171534721 | 2024-05-03T17:33:10.885339

5357 / tcp

HTTP/1.1 502 Bad Gateway
Server: nginx
Date: Fri, 03 May 2024 17:33:10 GMT
Content-Type: text/html
Content-Length: 552
Connection: keep-alive
Keep-Alive: timeout=20

-1539338981 | 2024-05-05T06:10:58.014126

8000 / tcp

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 05 May 2024 06:10:57 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 2986
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 11 Nov 2022 09:34:27 GMT
Cache-Control: max-age=0

-1254991168 | 2024-05-02T02:14:09.275563

9000 / tcp

HTTP/1.1 404 Not Found
connection: keep-alive
content-length: 0
date: Thu, 02 May 2024 02:14:08 GMT

-1715572095 | 2024-04-29T00:05:20.588433

9001 / tcp

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Length: 17334
Content-Type: text/html; charset=utf-8
Last-Modified: Wed, 25 Oct 2023 15:20:18 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Date: Mon, 29 Apr 2024 00:05:20 GMT

<!DOCTYPE html>
<html lang="zh-CN" ng-app="portainer" ng-strict-di data-edition="CE">
  <head>
    <meta charset="utf-8" />
    <title>Portainer</title>
    <meta name="description" content="" />
    <meta name="author" content="Portainer.io" />
    <meta http-equiv="cache-control" content="no-cache" />
    <meta http-equiv="expires" content="0" />
    <meta http-equiv="pragma" content="no-cache" />
    <base id="base" />
    <script>
      if (window.origin == 'file://') {
        // we are loading the app

-78499479 | 2024-05-03T19:18:30.845471

9876 / tcp

HTTP/1.1 400 Bad Request
Content-Type: text/plain; charset=utf-8
Date: Fri, 03 May 2024 19:18:30 GMT
Server: Kestrel
Cache-Control: no-store,no-cache
Pragma: no-cache
Transfer-Encoding: chunked
Vary: Accept-Encoding

36.6.57.8

Last Seen: 2024-05-05

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-553166942 | 2024-04-29T18:28:21.766119
53 / tcp

-571569590 | 2024-05-05T14:44:30.825407
515 / tcp

-2015151012 | 2024-05-01T19:16:33.405353
548 / tcp

Netatalk3.1.8

-1034551859 | 2024-05-01T08:25:17.969025
554 / tcp

1513671470 | 2024-04-29T06:58:32.227726
3306 / tcp

MySQL5.7.43

1156633224 | 2024-05-05T11:32:33.675707
5000 / tcp

nginx

1640002658 | 2024-05-01T14:34:41.632834
5001 / tcp

nginx

-29455164 | 2024-04-30T20:56:36.944180
5353 / udp

mDNS

-171534721 | 2024-05-03T17:33:10.885339
5357 / tcp

nginx

-1539338981 | 2024-05-05T06:10:58.014126
8000 / tcp

nginx1.20.1

-1254991168 | 2024-05-02T02:14:09.275563
9000 / tcp

-1715572095 | 2024-04-29T00:05:20.588433
9001 / tcp

Portainer2.19.1

-78499479 | 2024-05-03T19:18:30.845471
9876 / tcp

Products

Pricing

Contact Us

36.6.57.8

Last Seen: 2024-05-05

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-553166942 | 2024-04-29T18:28:21.766119 53 / tcp

-571569590 | 2024-05-05T14:44:30.825407 515 / tcp

-2015151012 | 2024-05-01T19:16:33.405353 548 / tcp

-1034551859 | 2024-05-01T08:25:17.969025 554 / tcp

1513671470 | 2024-04-29T06:58:32.227726 3306 / tcp

1156633224 | 2024-05-05T11:32:33.675707 5000 / tcp

1640002658 | 2024-05-01T14:34:41.632834 5001 / tcp

-29455164 | 2024-04-30T20:56:36.944180 5353 / udp

-171534721 | 2024-05-03T17:33:10.885339 5357 / tcp

-1539338981 | 2024-05-05T06:10:58.014126 8000 / tcp

-1254991168 | 2024-05-02T02:14:09.275563 9000 / tcp

-1715572095 | 2024-04-29T00:05:20.588433 9001 / tcp

-78499479 | 2024-05-03T19:18:30.845471 9876 / tcp

Products

Pricing

Contact Us

-553166942 | 2024-04-29T18:28:21.766119
53 / tcp

-571569590 | 2024-05-05T14:44:30.825407
515 / tcp

-2015151012 | 2024-05-01T19:16:33.405353
548 / tcp

-1034551859 | 2024-05-01T08:25:17.969025
554 / tcp

1513671470 | 2024-04-29T06:58:32.227726
3306 / tcp

1156633224 | 2024-05-05T11:32:33.675707
5000 / tcp

1640002658 | 2024-05-01T14:34:41.632834
5001 / tcp

-29455164 | 2024-04-30T20:56:36.944180
5353 / udp

-171534721 | 2024-05-03T17:33:10.885339
5357 / tcp

-1539338981 | 2024-05-05T06:10:58.014126
8000 / tcp

-1254991168 | 2024-05-02T02:14:09.275563
9000 / tcp

-1715572095 | 2024-04-29T00:05:20.588433
9001 / tcp

-78499479 | 2024-05-03T19:18:30.845471
9876 / tcp