GeneralInformation

Country	China
City	Yongchuan
Organization	yongchuan
ISP	CHINANET-BACKBONE
ASN	AS4134

WebTechnologies

JavaScript libraries

jQuery

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2014-4078	5.1The IP Security feature in Microsoft Internet Information Services (IIS) 8.0 and 8.5 does not properly process wildcard allow and deny rules for domains within the "IP Address and Domain Restrictions" list, which makes it easier for remote attackers to bypass an intended rule set via an HTTP request, aka "IIS Security Feature Bypass Vulnerability."

OpenPorts

443 3306 4433 7777 8000 8082 8087 8099 8180 8766 9000 9010 9090

-41194546 | 2024-05-15T02:17:35.083967

443 / tcp

HTTP/1.1 200 OK
Server: sslvpn
Date: Wed, 15 May 2024 02:17:34 GMT
Content-Type: text/html
Last-Modified: Sat, 16 Sep 2023 19:28:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains
Content-Security-Policy: default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src  * blob: data: ; 
Referrer-Policy: origin
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Set-Cookie: s_funcset1=16; path=/; secure; httponly
Set-Cookie: rjsslvpnSID=eb02f3452f434053cd3888c73de78911; path=/; secure; httponly
Set-Cookie: rjsslvpnCF=184; path=/; secure
Set-Cookie: rjsslvpnVER=16777216; path=/; secure; httponly
Accept-Ranges: bytes

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=RJ-SSLVPN-ROOTCA-2023-10-18-Wed-9:16:29
        Validity
            Not Before: Oct 16 17:16:39 2023 GMT
            Not After : Oct 14 17:16:39 2033 GMT
        Subject: CN=0.0.0.0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b6:2a:57:47:d5:c6:8d:d6:20:5b:88:4e:93:7d:
                    df:2e:3b:00:8e:36:4c:2d:0f:00:f9:f8:49:ec:c8:
                    49:e8:7c:14:78:28:e2:0a:0c:12:f3:23:74:e8:92:
                    98:ff:12:d1:1e:a7:37:83:0b:b1:e6:23:43:98:0c:
                    a4:d7:91:a6:aa:a3:fe:f0:b2:41:81:09:a5:5d:d1:
                    bf:1d:e4:1a:00:b6:3a:a2:f7:ac:33:40:15:f6:54:
                    95:46:10:5a:a3:a6:c6:ae:f7:3f:9f:a5:00:44:3a:
                    3b:05:fd:96:37:73:2d:7a:95:02:3d:b7:7a:85:b9:
                    a4:6e:a0:b8:ad:63:14:5c:ec:a2:7c:fe:a1:9e:ec:
                    60:7b:89:e7:04:f8:60:54:4b:f2:57:b1:da:50:45:
                    9f:50:40:4a:26:b6:ed:04:bc:d4:0e:9e:8b:64:b5:
                    56:5b:c8:fc:ae:80:85:cb:19:3d:f0:c7:94:8d:e8:
                    b7:bb:74:22:13:65:86:4e:af:14:14:ef:84:3e:db:
                    42:f7:22:97:47:dd:a1:00:0b:24:f3:fc:8a:bf:dc:
                    a9:b6:43:69:d4:ee:96:63:70:d8:6f:1e:f1:67:f6:
                    2d:05:b0:7b:39:53:24:43:86:1e:5e:8f:fd:05:72:
                    bd:1d:c1:00:3d:10:4e:fc:2f:f5:5d:3d:6b:5a:44:
                    5e:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                B0:1F:6E:44:37:F9:4E:26:EC:C9:53:97:8D:65:C6:41:78:9F:74:8B
            X509v3 Authority Key Identifier: 
                keyid:E6:13:A4:44:58:44:AB:06:1A:9D:81:48:3F:E7:88:FA:AD:F9:34:C7
                DirName:/CN=RJ-SSLVPN-ROOTCA-2023-10-18-Wed-9:16:29
                serial:01
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        96:f3:24:92:58:cb:28:38:9e:e3:31:8c:32:e2:d1:56:2f:48:
        d1:8c:da:d5:5b:2e:f5:0b:4e:dc:03:a4:9c:77:a0:9c:8e:af:
        eb:9a:2d:79:5f:6c:08:64:46:0d:9c:05:ad:aa:c1:02:ee:af:
        10:8a:1f:90:80:63:36:ef:34:3b:01:99:ee:79:10:3f:a7:9c:
        b5:dc:6b:e7:ed:14:36:b2:7f:06:67:67:17:71:c8:51:5e:20:
        6a:4b:0a:bc:87:c2:b5:a9:6b:50:19:b1:8e:bb:a4:d4:92:95:
        ac:2b:05:e2:91:d8:7c:96:77:e0:e1:fa:f4:81:1e:e0:79:81:
        f9:10:ce:d9:e9:54:a8:ab:cd:9e:41:54:a2:3b:35:82:56:65:
        bf:11:6b:53:56:78:ac:6e:62:0d:9c:67:b3:b3:78:ed:31:83:
        55:fa:e5:6c:ed:0e:57:c1:10:a2:3b:eb:6e:65:10:1b:19:4b:
        5d:28:cf:e3:89:cb:96:81:29:ce:b9:23:4f:ea:db:cf:bd:fb:
        3d:2f:3c:58:99:4f:2f:a7:db:90:ad:04:ad:75:00:aa:dc:85:
        42:75:4b:08:df:14:9d:7e:75:f5:00:a1:81:98:30:c4:77:97:
        94:77:d3:f1:6d:a8:74:ca:f0:23:78:6b:fd:65:be:be:72:28:
        59:66:5c:83

664949682 | 2024-05-08T11:03:16.594821

3306 / tcp

MySQL:
  Protocol Version: 10
  Version: 5.7.29-log
  Capabilities: 65535
  Server Language: 8
  Server Status: 2
  Extended Server Capabilities: 49663
  Authentication Plugin: mysql_native_password

212942771 | 2024-04-24T22:27:58.394340

4433 / tcp

HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 22:34:01 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: noindex, nofollow, noarchive, nosnippet, nosnippet, notranslate, noimageindex
Content-Length: 7915
Content-Type: text/html; charset=utf-8

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            cf:b9:f3:cc:fe:d6:4d:37
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=CN, ST=guangdong, L=shenzhen, O=sangfor, CN=sslvpn
        Validity
            Not Before: Nov 28 20:44:01 2019 GMT
            Not After : Nov 23 20:44:01 2039 GMT
        Subject: C=CN, ST=guangdong, L=shenzhen, O=sangfor, CN=sslvpn
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b3:57:4f:9b:75:1a:19:18:a8:60:3f:a6:53:ad:
                    d1:4c:23:bb:c9:3d:01:ea:e1:50:f2:1e:ce:43:08:
                    06:f0:3b:01:aa:77:41:6c:e4:5b:c6:c7:d6:2d:5a:
                    fd:25:77:90:b4:15:8f:08:cb:b9:61:dc:ac:d9:6a:
                    3b:3f:96:d7:18:c5:06:bb:7f:4d:b6:60:37:53:e0:
                    ff:d6:04:bd:76:95:39:03:76:27:e9:93:0b:04:d1:
                    82:3a:e0:5b:a9:5e:27:03:5b:4f:a5:c7:94:94:68:
                    8b:49:51:94:85:c5:3d:d1:73:63:d6:d1:13:6e:12:
                    8c:a3:70:d8:f8:64:d5:44:5a:68:55:2f:f8:f1:8d:
                    f3:ca:d9:ff:42:75:8f:06:18:53:91:eb:f7:8e:56:
                    2c:9d:fb:84:3c:11:72:43:5a:17:30:6f:60:b7:fd:
                    93:9c:1d:e6:98:51:3d:ab:9c:4d:5a:20:c0:11:7c:
                    b4:97:ac:f6:d3:1b:8e:03:96:09:ea:ff:e2:99:39:
                    36:61:58:c7:75:a7:5f:55:60:a3:84:4c:1b:66:4b:
                    e9:c4:47:b4:c0:13:be:71:8c:41:bf:da:68:96:4e:
                    4d:20:40:a8:7e:1b:43:0c:b6:db:d4:d5:83:ab:52:
                    53:dc:b3:53:e9:bf:24:b4:46:8b:26:7c:ec:41:9c:
                    de:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: critical
                TLS Web Server Authentication, TLS Web Client Authentication
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        27:a8:f7:29:ae:c7:c5:f5:e4:1a:09:89:39:08:e8:d4:1b:f6:
        22:23:50:b6:70:65:da:f1:d1:ef:b7:b2:54:97:10:73:2f:4b:
        f9:2d:5a:4d:e5:30:77:21:8a:37:e4:e4:70:1c:09:7c:be:c0:
        0e:ff:6b:ad:0b:b1:74:08:66:38:5b:ec:7a:75:9b:f9:20:23:
        18:2f:f5:61:7d:01:df:55:1b:64:26:70:bf:e4:eb:b3:9f:a0:
        17:3d:4e:38:41:e0:5d:87:e0:7f:0a:c9:ce:4e:69:37:02:9a:
        58:a5:ff:2f:25:23:49:b0:9a:97:d9:54:37:a5:a6:d3:0c:f6:
        95:81:de:8b:be:2d:ef:d1:55:a5:44:a1:95:b4:75:b3:16:8a:
        4e:6c:e3:f2:75:0c:ee:74:05:43:de:b4:34:b1:cc:72:66:58:
        9e:54:29:9d:34:2c:b0:a0:41:f8:64:27:59:bf:73:0e:f5:2f:
        7b:0a:a1:80:b6:d1:3c:16:00:d2:c5:cc:d8:bf:79:48:90:1e:
        d7:aa:84:36:e8:f7:01:f6:be:c4:3b:ce:50:64:b9:85:36:ab:
        91:4b:2b:73:2d:8c:cc:b5:69:e1:28:0f:d2:20:3a:b9:70:f5:
        a1:8f:8b:be:5b:df:d1:6d:00:22:ce:65:0f:50:5d:d8:8e:ce:
        a9:e0:2d:e3

286949381 | 2024-05-11T17:25:15.004242

7777 / tcp

HTTP/1.1 200 
Content-Type: application/json
Transfer-Encoding: chunked
Date: Sat, 11 May 2024 17:24:48 GMT

-1323025160 | 2024-05-12T00:53:30.274253

8000 / tcp

HTTP/1.1 401 
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Content-Type: text/html;charset=ISO-8859-1
Content-Language: zh-CN
Content-Length: 344
Date: Sun, 12 May 2024 00:51:58 GMT

1355394294 | 2024-05-02T22:02:54.724478

8082 / tcp

HTTP/1.1 403 Forbidden
Content-Type: text/html
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 02 May 2024 21:53:35 GMT
Content-Length: 1157

-1807965667 | 2024-05-12T16:03:19.805686

8087 / tcp

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Sun, 12 May 2024 16:03:15 GMT
Connection: close
Content-Length: 326

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Bad Request</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Bad Request - Invalid Verb</h2>
<hr><p>HTTP Error 400. The request verb is invalid.</p>
</BODY></HTML>

1879998822 | 2024-05-17T09:35:21.153444

8099 / tcp

HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Fri, 17 May 2024 09:35:18 GMT
Content-Type: text/html
Content-Length: 4484
Last-Modified: Fri, 14 Oct 2022 06:41:03 GMT
Connection: keep-alive
ETag: "6349047f-1184"
Accept-Ranges: bytes

775315382 | 2024-05-09T06:14:30.066006

8180 / tcp

HTTP/1.1 404 Not Found
Server: Apache-Coyote/1.1
Content-Length: 0
Date: Thu, 09 May 2024 06:14:29 GMT

1410193794 | 2024-04-26T10:29:06.041040

8766 / tcp

HTTP/1.1 404 
Content-Type: text/html;charset=utf-8
Content-Language: en
Content-Length: 431
Date: Fri, 26 Apr 2024 10:29:04 GMT

-1486395120 | 2024-04-27T23:21:58.877454

9010 / tcp

HTTP/1.1 200 OK
Date: Sat, 27 Apr 2024 23:21:55 GMT
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=utf-8
Content-Length: 3125
Set-Cookie: JSESSIONID=B575017696B517F8F8C0B59BCA249C8C; Path=/QueueNew; HttpOnly

1830667861 | 2024-05-16T02:45:45.291050

9090 / tcp

HTTP/1.1 404 Not Found
Server: Apache-Coyote/1.1
Content-Length: 0
Date: Thu, 16 May 2024 02:45:41 GMT

222.179.90.66

Last Seen: 2024-05-17

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-41194546 | 2024-05-15T02:17:35.083967
443 / tcp

664949682 | 2024-05-08T11:03:16.594821
3306 / tcp

MySQL5.7.29-log

212942771 | 2024-04-24T22:27:58.394340
4433 / tcp

286949381 | 2024-05-11T17:25:15.004242
7777 / tcp

-1323025160 | 2024-05-12T00:53:30.274253
8000 / tcp

1355394294 | 2024-05-02T22:02:54.724478
8082 / tcp

Microsoft IIS httpd8.5

-1807965667 | 2024-05-12T16:03:19.805686
8087 / tcp

1879998822 | 2024-05-17T09:35:21.153444
8099 / tcp

nginx1.20.2

775315382 | 2024-05-09T06:14:30.066006
8180 / tcp

1410193794 | 2024-04-26T10:29:06.041040
8766 / tcp

-1486395120 | 2024-04-27T23:21:58.877454
9010 / tcp

1830667861 | 2024-05-16T02:45:45.291050
9090 / tcp

Apache Tomcat/Coyote JSP engine1.1

Products

Pricing

Contact Us

222.179.90.66

Last Seen: 2024-05-17

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-41194546 | 2024-05-15T02:17:35.083967 443 / tcp

664949682 | 2024-05-08T11:03:16.594821 3306 / tcp

MySQL5.7.29-log

212942771 | 2024-04-24T22:27:58.394340 4433 / tcp

286949381 | 2024-05-11T17:25:15.004242 7777 / tcp

-1323025160 | 2024-05-12T00:53:30.274253 8000 / tcp

1355394294 | 2024-05-02T22:02:54.724478 8082 / tcp

Microsoft IIS httpd8.5

-1807965667 | 2024-05-12T16:03:19.805686 8087 / tcp

1879998822 | 2024-05-17T09:35:21.153444 8099 / tcp

nginx1.20.2

775315382 | 2024-05-09T06:14:30.066006 8180 / tcp

1410193794 | 2024-04-26T10:29:06.041040 8766 / tcp

-1486395120 | 2024-04-27T23:21:58.877454 9010 / tcp

1830667861 | 2024-05-16T02:45:45.291050 9090 / tcp

Apache Tomcat/Coyote JSP engine1.1

Products

Pricing

Contact Us

-41194546 | 2024-05-15T02:17:35.083967
443 / tcp

664949682 | 2024-05-08T11:03:16.594821
3306 / tcp

212942771 | 2024-04-24T22:27:58.394340
4433 / tcp

286949381 | 2024-05-11T17:25:15.004242
7777 / tcp

-1323025160 | 2024-05-12T00:53:30.274253
8000 / tcp

1355394294 | 2024-05-02T22:02:54.724478
8082 / tcp

-1807965667 | 2024-05-12T16:03:19.805686
8087 / tcp

1879998822 | 2024-05-17T09:35:21.153444
8099 / tcp

775315382 | 2024-05-09T06:14:30.066006
8180 / tcp

1410193794 | 2024-04-26T10:29:06.041040
8766 / tcp

-1486395120 | 2024-04-27T23:21:58.877454
9010 / tcp

1830667861 | 2024-05-16T02:45:45.291050
9090 / tcp