GeneralInformation

Country	China
City	Hefei
Organization	CHINANET Anhui province network
ISP	CHINANET-BACKBONE
ASN	AS4134

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

2086 3001 3306 3792 9000

1225415968 | 2024-04-23T00:55:43.077032

2086 / tcp

HTTP/1.1 407 OK
Date: Wed, 20 Jan 2021 05:55:41 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 32
Connection: keep-alive

1527576330 | 2024-04-23T23:39:58.212399

3001 / tcp

HTTP/1.1 407 OK
Date: Wed, 20 Jan 2021 05:55:41 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 34
Connection: keep-alive

please add white ip 224.129.158.183

-186188282 | 2024-05-05T03:32:31.488034

3306 / tcp

HTTP/1.1 407 OK
Date: Wed, 20 Jan 2021 05:55:41 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 32
Connection: keep-alive

please add white ip 224.16.165.226

-1818593868 | 2024-05-17T01:43:56.476900

3792 / tcp

HTTP/1.1 407 OK
Date: Wed, 20 Jan 2021 05:55:41 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 35
Connection: keep-alive

please add white ip 224.250.202.58

-851841348 | 2024-05-16T23:43:20.959108

9000 / tcp

HTTP/1.1 407 Proxy Authentication Required
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 16 May 2024 23:43:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Proxy-Authenticate: Basic realm="Test Authentication System"

183.166.90.236

Last Seen: 2024-05-17

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1225415968 | 2024-04-23T00:55:43.077032
2086 / tcp

1527576330 | 2024-04-23T23:39:58.212399
3001 / tcp

-186188282 | 2024-05-05T03:32:31.488034
3306 / tcp

-1818593868 | 2024-05-17T01:43:56.476900
3792 / tcp

-851841348 | 2024-05-16T23:43:20.959108
9000 / tcp

nginx1.18.0

Products

Pricing

Contact Us

183.166.90.236

Last Seen: 2024-05-17

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1225415968 | 2024-04-23T00:55:43.077032 2086 / tcp

1527576330 | 2024-04-23T23:39:58.212399 3001 / tcp

-186188282 | 2024-05-05T03:32:31.488034 3306 / tcp

-1818593868 | 2024-05-17T01:43:56.476900 3792 / tcp

-851841348 | 2024-05-16T23:43:20.959108 9000 / tcp

nginx1.18.0

Products

Pricing

Contact Us

1225415968 | 2024-04-23T00:55:43.077032
2086 / tcp

1527576330 | 2024-04-23T23:39:58.212399
3001 / tcp

-186188282 | 2024-05-05T03:32:31.488034
3306 / tcp

-1818593868 | 2024-05-17T01:43:56.476900
3792 / tcp

-851841348 | 2024-05-16T23:43:20.959108
9000 / tcp