GeneralInformation

Country	China
City	Shanghai
Organization	Aliyun Computing Co., LTD
ISP	Hangzhou Alibaba Advertising Co.,Ltd.
ASN	AS37963

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

CVE-2021-3618

5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.

OpenPorts

80 7001 7022 8008 8080 8085 8090 9001

321870077 | 2024-05-30T02:12:55.478239

80 / tcp

HTTP/1.1 404 
Server: nginx/1.20.1
Date: Thu, 30 May 2024 02:12:55 GMT
Content-Length: 0
Connection: keep-alive

2076024633 | 2024-05-31T07:03:50.141459

7001 / tcp

HTTP/1.1 401 Unauthorized
Content-Type: text/plain; charset=utf-8
Www-Authenticate: Basic realm="Restricted"
X-Content-Type-Options: nosniff
Date: Fri, 31 May 2024 07:03:50 GMT
Content-Length: 13

Unauthorized

501510358 | 2024-05-19T19:52:09.649837

8008 / tcp

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 19 May 2024 19:52:09 GMT
Content-Type: text/html
Content-Length: 4833
Last-Modified: Fri, 16 May 2014 15:12:48 GMT
Connection: keep-alive
Vary: Accept-Encoding
ETag: "53762af0-12e1"
Accept-Ranges: bytes

-1093040884 | 2024-05-31T22:08:35.951449

8080 / tcp

HTTP/1.1 404 
Content-Length: 0
Date: Fri, 31 May 2024 22:08:35 GMT

-271613094 | 2024-05-27T23:49:02.628958

8085 / tcp

HTTP/1.1 500 Internal Server Error
Server: nginx/1.20.1
Date: Mon, 27 May 2024 23:48:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 177
Connection: close

<html>
<head><title>500 Internal Server Error</title></head>
<body>
<center><h1>500 Internal Server Error</h1></center>
<hr><center>nginx/1.20.1</center>
</body>
</html>

-1569274055 | 2024-05-27T09:04:13.401025

8090 / tcp

HTTP/1.1 500 Internal Server Error
Server: nginx/1.20.1
Date: Mon, 27 May 2024 09:04:13 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 579
Connection: close

223025798 | 2024-05-28T05:27:16.296406

9001 / tcp

HTTP/1.1 200 OK
content-type: text/html; charset=utf-8
content-length: 714
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-readtime: 2
Date: Tue, 28 May 2024 05:27:16 GMT
Connection: keep-alive
Keep-Alive: timeout=5

<!DOCTYPE html>
<html lang="en">

<head>
	<meta charset="UTF-8" />
	<meta name="viewport" content="width=device-width, initial-scale=1.0" />
	<meta http-equiv="X-UA-Compatible" content="ie=edge" />
	<title>COOL-AMIND 一个很酷的后台权限管理系统</title>
	<meta name="keywords" content="cool-admin，后台管理系统，vue，element-ui，nodejs" />
	<meta name="description" content="element-ui、egg.js、midway.js、mysql、redis、node.js、前后端分离、权限管理、快速开发， COOL-AMIND 一个很酷的后台权限管理系统" />
	<link rel="stylesheet" href="css/welcome.css">

<body>
<div class="reveal">HELLO COOL-ADMIN</div>
<script src="js/welcome.js"></script>
</body>

</html>

139.196.98.126

Last Seen: 2024-05-31

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

321870077 | 2024-05-30T02:12:55.478239
80 / tcp

nginx1.20.1

2076024633 | 2024-05-31T07:03:50.141459
7001 / tcp

501510358 | 2024-05-19T19:52:09.649837
8008 / tcp

nginx1.20.1

-1093040884 | 2024-05-31T22:08:35.951449
8080 / tcp

-271613094 | 2024-05-27T23:49:02.628958
8085 / tcp

nginx1.20.1

-1569274055 | 2024-05-27T09:04:13.401025
8090 / tcp

nginx1.20.1

223025798 | 2024-05-28T05:27:16.296406
9001 / tcp

Products

Pricing

Contact Us

139.196.98.126

Last Seen: 2024-05-31

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

321870077 | 2024-05-30T02:12:55.478239 80 / tcp

nginx1.20.1

2076024633 | 2024-05-31T07:03:50.141459 7001 / tcp

501510358 | 2024-05-19T19:52:09.649837 8008 / tcp

nginx1.20.1

-1093040884 | 2024-05-31T22:08:35.951449 8080 / tcp

-271613094 | 2024-05-27T23:49:02.628958 8085 / tcp

nginx1.20.1

-1569274055 | 2024-05-27T09:04:13.401025 8090 / tcp

nginx1.20.1

223025798 | 2024-05-28T05:27:16.296406 9001 / tcp

Products

Pricing

Contact Us

321870077 | 2024-05-30T02:12:55.478239
80 / tcp

2076024633 | 2024-05-31T07:03:50.141459
7001 / tcp

501510358 | 2024-05-19T19:52:09.649837
8008 / tcp

-1093040884 | 2024-05-31T22:08:35.951449
8080 / tcp

-271613094 | 2024-05-27T23:49:02.628958
8085 / tcp

-1569274055 | 2024-05-27T09:04:13.401025
8090 / tcp

223025798 | 2024-05-28T05:27:16.296406
9001 / tcp