GeneralInformation

Country	China
City	Guiyang
Organization	CHINANET Guizhou province network
ISP	CHINANET-BACKBONE
ASN	AS4134

WebTechnologies

JavaScript libraries

jQuery

Web frameworks

Microsoft ASP.NET

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
CVE-2010-3972	10.0Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendData function in ftpsvc.dll in Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) 7.0, and IIS 7.5, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted FTP command, aka "IIS FTP Service Heap Buffer Overrun Vulnerability." NOTE: some of these details are obtained from third party information.
CVE-2010-2730	9.3Buffer overflow in Microsoft Internet Information Services (IIS) 7.5, when FastCGI is enabled, allows remote attackers to execute arbitrary code via crafted headers in a request, aka "Request Header Buffer Overflow Vulnerability."
CVE-2010-1899	4.3Stack consumption vulnerability in the ASP implementation in Microsoft Internet Information Services (IIS) 5.1, 6.0, 7.0, and 7.5 allows remote attackers to cause a denial of service (daemon outage) via a crafted request, related to asp.dll, aka "IIS Repeated Parameter Request Denial of Service Vulnerability."

OpenPorts

8000 8090 8888 9001 10001

-1953648445 | 2024-05-15T06:06:27.014581

8000 / tcp

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 13222
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
Set-Cookie: ASP.NET_SessionId=mcdhyb45jzjzlo55lmx02uzn; path=/; HttpOnly
Set-Cookie: Lang=zh-cn; expires=Thu, 15-May-2025 06:06:34 GMT; path=/
X-Powered-By: ASP.NET
Date: Wed, 15 May 2024 06:06:33 GMT

439390008 | 2024-05-17T06:39:41.057245

8090 / tcp

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Date: Fri, 17 May 2024 06:39:36 GMT

2128602611 | 2024-05-02T20:12:51.631450

8888 / tcp

HTTP/1.1 400 Bad Request
Server: nginx/1.18.0
Date: Thu, 02 May 2024 20:12:51 GMT
Content-Type: text/html
Content-Length: 657
Connection: close

-891883814 | 2024-05-13T07:02:47.410207

9001 / tcp

HTTP/1.1 404 
Content-Type: text/html;charset=utf-8
Content-Language: zh-CN
Content-Length: 648
Date: Mon, 13 May 2024 07:02:47 GMT

<!doctype html><html lang="zh"><head><title>HTTP状态 404 - 未找到</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP状态 404 - 未找到</h1><hr class="line" /><p><b>类型</b> 状态报告</p><p><b>描述</b> 源服务器未能找到目标资源的表示或者是不愿公开一个已经存在的资源表示。</p><hr class="line" /><h3>Apache Tomcat/9.0.69</h3></body></html>

929076245 | 2024-04-29T04:44:20.779381

10001 / tcp

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Mon, 29 Apr 2024 04:44:20 GMT
Connection: close
Content-Length: 326

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Bad Request</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Bad Request - Invalid Verb</h2>
<hr><p>HTTP Error 400. The request verb is invalid.</p>
</BODY></HTML>

58.42.237.24

Last Seen: 2024-05-17

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-1953648445 | 2024-05-15T06:06:27.014581
8000 / tcp

Microsoft IIS httpd7.5

439390008 | 2024-05-17T06:39:41.057245
8090 / tcp

Apache Tomcat

2128602611 | 2024-05-02T20:12:51.631450
8888 / tcp

nginx1.18.0

-891883814 | 2024-05-13T07:02:47.410207
9001 / tcp

929076245 | 2024-04-29T04:44:20.779381
10001 / tcp

Microsoft HTTPAPI httpd2.0

Products

Pricing

Contact Us

58.42.237.24

Last Seen: 2024-05-17

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-1953648445 | 2024-05-15T06:06:27.014581 8000 / tcp

Microsoft IIS httpd7.5

439390008 | 2024-05-17T06:39:41.057245 8090 / tcp

Apache Tomcat

2128602611 | 2024-05-02T20:12:51.631450 8888 / tcp

nginx1.18.0

-891883814 | 2024-05-13T07:02:47.410207 9001 / tcp

929076245 | 2024-04-29T04:44:20.779381 10001 / tcp

Microsoft HTTPAPI httpd2.0

Products

Pricing

Contact Us

-1953648445 | 2024-05-15T06:06:27.014581
8000 / tcp

439390008 | 2024-05-17T06:39:41.057245
8090 / tcp

2128602611 | 2024-05-02T20:12:51.631450
8888 / tcp

-891883814 | 2024-05-13T07:02:47.410207
9001 / tcp

929076245 | 2024-04-29T04:44:20.779381
10001 / tcp