GeneralInformation

Hostnames	250.152.66.125.broad.zg.sc.dynamic.163data.com.cn eye.scxs.vip
Domains	163data.com.cn scxs.vip
Country	China
City	Zigong
Organization	CHINANET Sichuan province network
ISP	CHINANET-BACKBONE
ASN	AS4134

WebTechnologies

CDN

Alibaba Cloud CDN

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
CVE-2019-20372	4.3NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.
CVE-2014-4078	5.1The IP Security feature in Microsoft Internet Information Services (IIS) 8.0 and 8.5 does not properly process wildcard allow and deny rules for domains within the "IP Address and Domain Restrictions" list, which makes it easier for remote attackers to bypass an intended rule set via an HTTP request, aka "IIS Security Feature Bypass Vulnerability."

OpenPorts

22 123 161 8001 8081 8082 8090 8443 9100 9101

1833483857 | 2024-05-16T11:51:08.516883

22 / tcp

\r\n%connection refused by remote host.

1090556630 | 2024-05-05T11:25:24.455190

123 / udp

NTP
protocolversion: 3
stratum: 2
leap: 0
precision: -18
rootdelay: 0.00215148925781
rootdisp: 0.0567474365234
refid: 168034842
reftime: 3923897112.6
poll: 0

1392963914 | 2024-05-12T05:48:03.761639

161 / udp

SNMP:
  Versions:
    3
  Engineid Format: mac
  Engine Boots: 108
  Engineid Data: 70:f9:6d:3b:38:44
  Enterprise: 25506
  Engine Time: 17 days, 3:58:38

1637199859 | 2024-05-08T20:50:39.673281

8001 / tcp

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 08 May 2024 20:50:39 GMT
Content-Type: text/html
Content-Length: 615
Last-Modified: Wed, 10 Aug 2022 09:12:16 GMT
Connection: keep-alive
ETag: "62f37670-267"
Accept-Ranges: bytes

1129566825 | 2024-05-15T07:00:45.455625

8081 / tcp

HTTP/1.1 302 Found
Server: nginx/1.16.1
Date: Wed, 15 May 2024 07:00:45 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Location: /auth/login/?next=/
X-Frame-Options: SAMEORIGIN
Vary: Accept-Language, Cookie
Content-Language: zh-hans

950481880 | 2024-05-02T21:35:11.499556

8082 / tcp

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 May 2024 21:29:21 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 09 Jun 2020 03:43:26 GMT
Connection: keep-alive
ETag: "5edf055e-264"
Accept-Ranges: bytes

<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

199333125 | 2024-05-09T12:43:34.261869

8090 / tcp

HTTP/1.1 400 Bad Request
Server: unknow
Date: Thu, 09 May 2024 12:43:33 GMT
Content-Type: text/html
Content-Length: 650
Connection: close

-2006314276 | 2024-05-01T10:43:07.366617

8443 / tcp

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 May 2024 10:43:07 GMT
Content-Type: text/html
Content-Length: 9018
Last-Modified: Fri, 13 Jan 2023 10:58:10 GMT
Connection: keep-alive
ETag: "63c13942-233a"
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:7b:d6:e2:e8:72:46:55:ab:8b:2f:c7:91:17:69:9e
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=Encryption Everywhere DV TLS CA - G2
        Validity
            Not Before: Nov 20 00:00:00 2023 GMT
            Not After : Nov 19 23:59:59 2024 GMT
        Subject: CN=eye.scxs.vip
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:bc:46:0f:e7:37:c6:b3:ef:9a:02:55:d8:f4:38:
                    7a:8e:d7:53:e9:60:a0:5f:3e:d9:99:9e:8d:b5:2a:
                    a4:1a:df:c2:18:42:c0:a1:09:4a:c7:16:1d:32:4e:
                    5c:92:f1:01:ec:33:12:6b:9b:f9:00:03:ae:88:af:
                    b7:69:4a:ca:18:46:b2:97:b1:dd:5f:f5:10:b0:70:
                    2f:77:f6:5a:01:4f:11:8a:e7:c6:fd:b5:da:8f:8e:
                    ee:42:7e:23:cc:34:d1:0c:a2:da:e8:15:1a:e3:10:
                    b7:e3:db:73:ac:39:d8:67:51:30:43:2a:bd:ce:0a:
                    28:23:0e:25:f3:d9:f0:0f:60:01:13:3a:81:b2:9c:
                    2b:40:18:9a:91:7d:a5:72:e9:a4:23:44:fc:a4:6d:
                    a2:a0:a5:37:69:eb:e2:8b:be:fd:6f:01:37:4c:2f:
                    c1:ff:5e:95:ad:3a:68:b2:e7:02:3e:d9:52:d5:6f:
                    69:0b:db:bc:6e:82:6a:ec:c0:96:86:ab:8d:dd:38:
                    83:cd:ba:52:5e:b5:1d:89:59:cf:02:71:8b:d7:fb:
                    0c:e7:aa:ba:97:96:e5:1b:ac:de:33:c9:4d:5c:1b:
                    c7:a7:29:f6:f1:0d:29:a1:78:ba:f1:ed:c7:64:2d:
                    37:80:e6:19:14:bf:d7:71:21:be:f6:f3:2d:96:fa:
                    88:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                78:DF:91:90:5F:EE:DE:AC:F6:C5:75:EB:D5:4C:55:53:EF:24:4A:B6
            X509v3 Subject Key Identifier: 
                5A:30:74:82:38:0E:81:EC:3C:92:3D:D3:1A:A6:4C:C4:E7:D7:3B:34
            X509v3 Subject Alternative Name: 
                DNS:eye.scxs.vip
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
                  CPS: http://www.digicert.com/CPS
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            Authority Information Access: 
                OCSP - URI:http://ocsp.digicert.com
                CA Issuers - URI:http://cacerts.digicert.com/EncryptionEverywhereDVTLSCA-G2.crt
            X509v3 Basic Constraints: critical
                CA:FALSE
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Nov 20 08:44:02.362 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:FB:C7:7A:97:81:67:A9:74:B8:FB:40:
                                81:A0:D7:6E:07:22:8F:F6:27:1C:83:5D:5A:79:93:A4:
                                03:AF:FC:5B:0E:02:20:35:94:63:A5:BB:2F:9F:41:6E:
                                24:51:7B:43:63:F5:93:0A:B9:89:3B:3B:B5:44:01:95:
                                93:86:C9:B8:15:73:19
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Nov 20 08:44:02.397 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:A4:BD:54:4F:92:A3:4E:64:AE:DF:1E:
                                D7:FB:06:11:59:57:A2:10:BC:99:70:F5:EA:D5:C3:BF:
                                35:F1:15:D8:05:02:21:00:90:CC:D7:B2:0C:03:26:96:
                                9D:AA:54:F4:BD:41:A3:E4:2B:34:5D:19:FA:23:BF:66:
                                87:F8:2A:49:AA:9D:D3:96
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70:
                                91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB
                    Timestamp : Nov 20 08:44:02.361 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:CD:65:A4:A7:34:B8:9A:DA:AE:85:72:
                                B9:A3:BA:AB:0D:3F:02:4D:2A:A9:39:41:2C:CB:AE:66:
                                4D:0D:9C:16:9F:02:20:7C:BF:52:A3:D2:81:A2:5D:DD:
                                6C:60:15:B4:FD:03:DA:6F:8F:06:48:88:DA:59:34:83:
                                BF:2B:00:00:AC:5B:7D
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        bc:f0:e9:ee:91:21:d2:c2:ea:ce:86:33:cd:3f:c2:6f:e1:56:
        a6:f7:b7:3d:0f:26:3d:81:9c:f6:6b:90:e2:79:2c:bc:62:55:
        4b:f9:21:dc:f8:57:7b:79:54:1d:a0:b0:f2:fc:a1:36:0c:ea:
        a6:96:5e:28:e9:2c:a3:e0:6c:c3:71:c7:f9:2e:1b:85:ad:5f:
        dc:63:cb:50:a7:da:f9:a4:df:68:21:a2:5f:99:f3:92:26:9f:
        b8:a9:a5:07:5b:43:30:d2:d1:68:36:2e:fc:24:03:94:ec:6a:
        1c:d1:0c:0e:ef:63:71:ba:ea:ba:12:79:c6:2d:47:9e:37:e8:
        e9:44:bb:5a:5a:9d:fd:33:90:ff:5e:62:3f:f7:74:a8:c1:8c:
        d4:70:01:e4:1c:22:71:da:40:07:c9:c7:9a:52:57:62:b2:54:
        35:9d:22:4f:8d:11:a4:10:1f:3a:f3:6b:55:66:fe:8f:a1:e3:
        cb:e6:4f:12:6a:fc:e5:2c:9d:05:4e:d5:cb:f8:8b:cf:57:95:
        36:ea:ba:2d:f9:ed:ab:50:cd:ef:65:6b:97:46:36:89:d9:0f:
        6e:bc:17:05:31:c8:8b:b8:9a:12:ee:e2:b3:49:32:56:45:6c:
        d1:fc:43:dc:f2:2f:83:11:d1:16:1a:0a:44:6b:00:f9:40:4a:
        e8:84:2f:7d

-620423611 | 2024-05-08T05:37:14.589279

9100 / tcp

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Wed, 08 May 2024 05:37:11 GMT
Connection: close
Content-Length: 326

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Bad Request</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Bad Request - Invalid Verb</h2>
<hr><p>HTTP Error 400. The request verb is invalid.</p>
</BODY></HTML>

478582004 | 2024-05-06T09:21:46.993565

9101 / tcp

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/xml; charset=utf-8
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=rmw0mq3zfy5kqwfwbuox4apj; path=/; HttpOnly; SameSite=Lax
X-Powered-By: ASP.NET
Date: Mon, 06 May 2024 09:21:45 GMT
Content-Length: 77

125.66.152.250

Last Seen: 2024-05-16

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1833483857 | 2024-05-16T11:51:08.516883
22 / tcp

1090556630 | 2024-05-05T11:25:24.455190
123 / udp

1392963914 | 2024-05-12T05:48:03.761639
161 / udp

H3C

1637199859 | 2024-05-08T20:50:39.673281
8001 / tcp

nginx1.22.0

1129566825 | 2024-05-15T07:00:45.455625
8081 / tcp

nginx1.16.1

950481880 | 2024-05-02T21:35:11.499556
8082 / tcp

nginx

199333125 | 2024-05-09T12:43:34.261869
8090 / tcp

-2006314276 | 2024-05-01T10:43:07.366617
8443 / tcp

nginx

-620423611 | 2024-05-08T05:37:14.589279
9100 / tcp

478582004 | 2024-05-06T09:21:46.993565
9101 / tcp

Microsoft IIS httpd8.5

Products

Pricing

Contact Us

125.66.152.250

Last Seen: 2024-05-16

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1833483857 | 2024-05-16T11:51:08.516883 22 / tcp

1090556630 | 2024-05-05T11:25:24.455190 123 / udp

1392963914 | 2024-05-12T05:48:03.761639 161 / udp

H3C

1637199859 | 2024-05-08T20:50:39.673281 8001 / tcp

nginx1.22.0

1129566825 | 2024-05-15T07:00:45.455625 8081 / tcp

nginx1.16.1

950481880 | 2024-05-02T21:35:11.499556 8082 / tcp

nginx

199333125 | 2024-05-09T12:43:34.261869 8090 / tcp

-2006314276 | 2024-05-01T10:43:07.366617 8443 / tcp

nginx

-620423611 | 2024-05-08T05:37:14.589279 9100 / tcp

478582004 | 2024-05-06T09:21:46.993565 9101 / tcp

Microsoft IIS httpd8.5

Products

Pricing

Contact Us

1833483857 | 2024-05-16T11:51:08.516883
22 / tcp

1090556630 | 2024-05-05T11:25:24.455190
123 / udp

1392963914 | 2024-05-12T05:48:03.761639
161 / udp

1637199859 | 2024-05-08T20:50:39.673281
8001 / tcp

1129566825 | 2024-05-15T07:00:45.455625
8081 / tcp

950481880 | 2024-05-02T21:35:11.499556
8082 / tcp

199333125 | 2024-05-09T12:43:34.261869
8090 / tcp

-2006314276 | 2024-05-01T10:43:07.366617
8443 / tcp

-620423611 | 2024-05-08T05:37:14.589279
9100 / tcp

478582004 | 2024-05-06T09:21:46.993565
9101 / tcp