GeneralInformation

Country	China
City	Hangzhou
Organization	zhejiang jinshuofangzhiyouxiangongsi
ISP	CHINANET-BACKBONE
ASN	AS4134

WebTechnologies

JavaScript libraries

jQuery

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2012-2969	6.4Caucho Quercus, as distributed in Resin before 4.0.29, allows remote attackers to bypass intended restrictions on filename extensions for created files via a %00 sequence in a pathname within an HTTP request.
CVE-2012-2968	5.0Directory traversal vulnerability in Caucho Quercus, as distributed in Resin before 4.0.29, allows remote attackers to create files in arbitrary directories via a .. (dot dot) in a pathname within an HTTP request.
CVE-2012-2967	7.5Caucho Quercus, as distributed in Resin before 4.0.29, does not properly implement the == (equals sign equals sign) operator for comparisons, which has unspecified impact and context-dependent attack vectors.
CVE-2012-2966	7.5Caucho Quercus, as distributed in Resin before 4.0.29, overwrites entries in the SERVER superglobal array on the basis of POST parameters, which has unspecified impact and remote attack vectors.
CVE-2012-2965	7.5Caucho Quercus, as distributed in Resin before 4.0.29, does not properly handle unspecified characters in the names of variables, which has unknown impact and remote attack vectors, related to an "HTTP Parameter Contamination" issue.
CVE-2010-3972	10.0Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendData function in ftpsvc.dll in Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) 7.0, and IIS 7.5, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted FTP command, aka "IIS FTP Service Heap Buffer Overrun Vulnerability." NOTE: some of these details are obtained from third party information.
CVE-2010-2730	9.3Buffer overflow in Microsoft Internet Information Services (IIS) 7.5, when FastCGI is enabled, allows remote attackers to execute arbitrary code via crafted headers in a request, aka "Request Header Buffer Overflow Vulnerability."
CVE-2010-2087	4.3Oracle Mojarra 1.2_14 and 2.0.2, as used in IBM WebSphere Application Server, Caucho Resin, and other applications, does not properly handle an unencrypted view state, which allows remote attackers to conduct cross-site scripting (XSS) attacks or execute arbitrary Expression Language (EL) statements via vectors that involve modifying the serialized view object.
CVE-2010-1899	4.3Stack consumption vulnerability in the ASP implementation in Microsoft Internet Information Services (IIS) 5.1, 6.0, 7.0, and 7.5 allows remote attackers to cause a denial of service (daemon outage) via a crafted request, related to asp.dll, aka "IIS Repeated Parameter Request Denial of Service Vulnerability."

OpenPorts

80 81 5222 8083 9000 9090 9595 9999

662449347 | 2024-04-27T00:22:01.556853

80 / tcp

HTTP/1.1 200 OK
Server:  
Date: Sat, 27 Apr 2024 00:22:01 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1275
Connection: keep-alive
Cache-Control: no-cache,must-revalidate
Last-Modified: Wed, 20 Feb 2019 02:13:33 GMT
X-Frame-Options: SAMEORIGIN

662449347 | 2024-05-01T07:47:17.849792

81 / tcp

HTTP/1.1 200 OK
Server:  
Date: Wed, 01 May 2024 07:47:17 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1275
Connection: keep-alive
Cache-Control: no-cache,must-revalidate
Last-Modified: Wed, 20 Feb 2019 02:13:33 GMT
X-Frame-Options: SAMEORIGIN

754622717 | 2024-05-19T03:59:57.696843

5222 / tcp

<?xml version='1.0' encoding='UTF-8'?><stream:stream xmlns:stream="http://etherx.jabber.org/streams" xmlns="jabber:client" from="weaver" id="op7t14y67" xml:lang="en-US" version="1.0"><stream:features><starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"></starttls><mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><mechanism>PLAIN</mechanism><mechanism>SCRAM-SHA-1</mechanism><mechanism>CRAM-MD5</mechanism><mechanism>DIGEST-MD5</mechanism></mechanisms><compression xmlns="http://jabber.org/features/compress"><method>zlib</method></compression><auth xmlns="http://jabber.org/features/iq-auth"/><register xmlns="http://jabber.org/features/iq-register"/></stream:features>

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7360501657574974643 (0x6625c1428c6e24b3)
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: CN=weaver
        Validity
            Not Before: May  9 08:35:29 2018 GMT
            Not After : May  8 08:35:29 2023 GMT
        Subject: CN=weaver
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:8c:50:e5:99:8b:45:f6:1f:70:8a:4c:6b:1e:e2:
                    1d:f1:32:99:88:cb:c4:72:8d:30:88:78:7c:79:6b:
                    79:c6:d9:c2:36:b7:f4:7f:9e:38:35:49:f7:0c:5b:
                    2f:73:90:81:c4:e4:d8:e1:91:18:62:a2:8e:c5:37:
                    bf:b5:a1:d4:07:de:32:e3:63:33:03:8a:20:99:62:
                    81:70:8c:ce:97:a8:ee:dc:9e:65:21:29:00:57:f0:
                    0e:b8:66:14:dd:37:b1:a4:03:17:83:32:a3:d0:ce:
                    f4:ac:46:91:67:6c:6a:37:01:bf:c6:f9:bb:4a:f2:
                    c6:7a:06:4d:8e:f2:42:9f:80:27:1d:c2:b4:5a:da:
                    33:b3:e1:be:66:58:82:90:83:88:70:0c:6a:1c:46:
                    8e:27:b8:62:b0:a1:0e:f1:09:f7:4a:62:79:f7:b5:
                    ac:af:45:2a:4b:64:98:b7:45:3c:4b:a9:15:bc:d5:
                    0d:77:54:a5:4b:1d:8b:ab:b5:81:bf:e5:04:7a:b4:
                    22:4b:32:81:45:33:a4:1e:06:1f:51:fc:28:9b:36:
                    e7:40:b0:67:fc:ef:bc:95:eb:3a:50:87:c2:83:1d:
                    d7:2a:40:28:1d:88:c4:b1:12:23:18:3f:71:55:33:
                    a6:28:eb:c7:1e:d9:12:43:59:f4:4a:eb:bd:7f:fa:
                    b3:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Alternative Name: 
                othername: XmppAddr::weaver
            X509v3 Subject Key Identifier: 
                CE:73:20:3C:DC:F2:12:10:3A:93:10:80:09:E3:A1:96:1A:C0:B3:A9
            X509v3 Authority Key Identifier: 
                CE:73:20:3C:DC:F2:12:10:3A:93:10:80:09:E3:A1:96:1A:C0:B3:A9
    Signature Algorithm: sha1WithRSAEncryption
    Signature Value:
        89:a5:24:2a:fe:bd:01:50:cb:96:65:40:10:b8:5e:39:d4:02:
        e1:52:39:61:81:50:a5:bc:01:31:18:6c:35:e2:2b:ca:9c:33:
        bb:10:94:c1:f6:18:85:e7:fa:69:4d:b4:df:c8:04:45:00:b1:
        ff:37:3c:25:0a:73:c5:82:8c:ff:8c:55:e0:14:37:64:92:5d:
        42:96:72:a6:4d:d0:f4:d1:6b:4e:43:27:f2:ae:d8:76:28:5b:
        ea:fb:7c:1c:5d:f1:99:80:10:55:9f:64:6c:b7:7a:e6:5b:f6:
        68:f0:da:c8:8f:24:0d:b7:eb:c3:b3:e8:3c:7d:c5:e8:d7:f1:
        6f:da:9b:22:d8:6d:8e:2b:bb:f0:05:5d:f0:69:d7:dc:68:d0:
        ce:5d:c4:52:b5:04:75:52:19:cc:df:d0:0f:52:ce:3e:65:c5:
        c3:60:a7:c1:1f:ac:8a:0c:3a:ae:e1:3c:b8:cd:26:cf:61:f1:
        e3:aa:c7:ab:db:e4:80:9b:16:fd:a4:46:95:f7:ec:37:c5:be:
        2a:be:22:d1:4f:7d:f3:a9:55:2f:d8:42:aa:4e:19:d2:90:0f:
        4d:36:e1:29:55:66:04:86:50:cc:ae:cd:8b:e0:39:cc:2f:04:
        f1:c4:62:1c:59:6c:b1:37:dd:ba:73:4b:2f:9f:83:d1:67:03:
        58:3d:e4:23

-1099054045 | 2024-05-14T00:19:17.790683

8083 / tcp

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
Set-Cookie: ASP.NET_SessionId=zn0jsp4whhfupeuvhlk1yioc; path=/; HttpOnly
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Tue, 14 May 2024 00:19:16 GMT
Content-Length: 38290



<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">


<head id="Head1"><link rel="stylesheet" type="text/css" href="/DXR.axd?r=1_33,1_35,1_18,1_16,1_17,1_29,1_3-aR_As" /><title>

</title><meta name="viewport" content="width=device-width,height=device-height,inital-scale=1.0,maximum-scale=1.0,user-scalable=no;" /><link href="skin/verify.css" rel="stylesheet" />

    <style type="text/css">
        .style1 {
            width: 31px;
        }

        .style2 {
            width: 69px;
        }

        td {
            white-space: nowrap;
             padding:2px ;
        }
       
    </style>
</head>
<body>
    <form name="form1" method="post" action="" id="form1">
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTU3MTcyMjI4Nw9kFgICAw9kFggCBQ8UKwAGDxYCHgVWYWx1ZQYAgPykcWncCGRkZDwrAA4BCzwrAAgBBzLiAQABAAAA/////wEAAAAAAAAABAEAAACBAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkxpc3RgMVtbU3lzdGVtLkRhdGVUaW1lLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tl

1936686926 | 2024-05-17T22:40:24.084473

9000 / tcp

\x00\x00\x00\x08yesorno\x00\x08\x00\xe3\x85P\xff

1426640417 | 2024-04-26T10:44:25.375121

9090 / tcp

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 10:39:03 GMT
Content-Type: text/html; charset=UTF-8
Set-Cookie: JSESSIONID=105oyikapozivtthas94v9xmm;Path=/;HttpOnly
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Language: zh-CN
Content-Length: 4028

-535066109 | 2024-05-16T07:45:23.606526

9595 / tcp

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Tue, 21 Dec 2021 03:03:03 GMT
Accept-Ranges: bytes
ETag: "d0ee694517f6d71:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Thu, 16 May 2024 07:45:21 GMT
Content-Length: 4530

-1674154037 | 2024-05-14T12:18:47.375917

9999 / tcp

HTTP/1.1 200 OK
Server: Resin/3.1.12
Cache-Control: private
X-UA-Compatible: IE=edge,chrome=1
Content-Language: zh-CN
Set-Cookie: JSESSIONID=abcPUi8adFn6U71ixb39y; path=/
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Date: Tue, 14 May 2024 12:13:16 GMT

60.191.209.230

Last Seen: 2024-05-19

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

662449347 | 2024-04-27T00:22:01.556853
80 / tcp

662449347 | 2024-05-01T07:47:17.849792
81 / tcp

754622717 | 2024-05-19T03:59:57.696843
5222 / tcp

-1099054045 | 2024-05-14T00:19:17.790683
8083 / tcp

Microsoft IIS httpd7.5

1936686926 | 2024-05-17T22:40:24.084473
9000 / tcp

1426640417 | 2024-04-26T10:44:25.375121
9090 / tcp

-535066109 | 2024-05-16T07:45:23.606526
9595 / tcp

Microsoft IIS httpd7.5

-1674154037 | 2024-05-14T12:18:47.375917
9999 / tcp

Resin Web Server3.1.12

Products

Pricing

Contact Us

60.191.209.230

Last Seen: 2024-05-19

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

662449347 | 2024-04-27T00:22:01.556853 80 / tcp

662449347 | 2024-05-01T07:47:17.849792 81 / tcp

754622717 | 2024-05-19T03:59:57.696843 5222 / tcp

-1099054045 | 2024-05-14T00:19:17.790683 8083 / tcp

Microsoft IIS httpd7.5

1936686926 | 2024-05-17T22:40:24.084473 9000 / tcp

1426640417 | 2024-04-26T10:44:25.375121 9090 / tcp

-535066109 | 2024-05-16T07:45:23.606526 9595 / tcp

Microsoft IIS httpd7.5

-1674154037 | 2024-05-14T12:18:47.375917 9999 / tcp

Resin Web Server3.1.12

Products

Pricing

Contact Us

662449347 | 2024-04-27T00:22:01.556853
80 / tcp

662449347 | 2024-05-01T07:47:17.849792
81 / tcp

754622717 | 2024-05-19T03:59:57.696843
5222 / tcp

-1099054045 | 2024-05-14T00:19:17.790683
8083 / tcp

1936686926 | 2024-05-17T22:40:24.084473
9000 / tcp

1426640417 | 2024-04-26T10:44:25.375121
9090 / tcp

-535066109 | 2024-05-16T07:45:23.606526
9595 / tcp

-1674154037 | 2024-05-14T12:18:47.375917
9999 / tcp