GeneralInformation

Country	China
City	Xiamen
Organization	Fuzhou city, fujian provincial network of CNCGROUP
ISP	CHINA UNICOM China169 Backbone
ASN	AS4837

WebTechnologies

JavaScript graphics

Three.js

UI frameworks

UIKit

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2024-23897	7.5Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system.
CVE-2023-2801	Grafana is an open-source platform for monitoring and observability. Using public dashboards users can query multiple distinct data sources using mixed queries. However such query has a possibility of crashing a Grafana instance. The only feature that uses mixed queries at the moment is public dashboards, but it's also possible to cause this by calling the query API directly. This might enable malicious users to crash Grafana instances through that endpoint. Users may upgrade to version 9.4.12 and 9.5.3 to receive a fix.
CVE-2023-2183	Grafana is an open-source platform for monitoring and observability. The option to send a test alert is not available from the user panel UI for users having the Viewer role. It is still possible for a user with the Viewer role to send a test alert using the API as the API does not check access to this function. This might enable malicious users to abuse the functionality by sending multiple alert messages to e-mail and Slack, spamming users, prepare Phishing attack or block SMTP server. Users may upgrade to version 9.5.3, 9.4.12, 9.3.15, 9.2.19 and 8.5.26 to receive a fix.
CVE-2023-1387	Grafana is an open-source platform for monitoring and observability. Starting with the 9.1 branch, Grafana introduced the ability to search for a JWT in the URL query parameter auth_token and use it as the authentication token. By enabling the "url_login" configuration option (disabled by default), a JWT might be sent to data sources. If an attacker has access to the data source, the leaked token could be used to authenticate to Grafana.

OpenPorts

87 88 89 502 503 3000 3306 8000 8050 8800 8888 9009 9100 9200

1603286913 | 2024-04-10T07:02:02.708066

87 / tcp

HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Wed, 10 Apr 2024 07:02:27 GMT
Content-Type: text/html
Content-Length: 866
Last-Modified: Wed, 26 Apr 2023 06:12:53 GMT
Connection: keep-alive
ETag: "6448c0e5-362"
Accept-Ranges: bytes

-631937737 | 2024-05-07T09:31:59.634975

88 / tcp

HTTP/1.1 403 Forbidden
Server: nginx/1.22.1
Date: Tue, 07 May 2024 09:32:27 GMT
Content-Type: text/html
Content-Length: 555
Connection: keep-alive

1875755471 | 2024-04-11T14:44:02.370562

89 / tcp

HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Thu, 11 Apr 2024 14:44:26 GMT
Content-Type: text/html
Content-Length: 2780
Last-Modified: Tue, 25 Apr 2023 06:04:17 GMT
Connection: keep-alive
ETag: "64476d61-adc"
Accept-Ranges: bytes

954611388 | 2024-05-07T11:33:16.120097

502 / tcp

HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Tue, 07 May 2024 11:33:43 GMT
Content-Type: text/html
Content-Length: 793
Last-Modified: Thu, 11 Jan 2024 13:59:54 GMT
Connection: keep-alive
ETag: "659ff45a-319"
Accept-Ranges: bytes

-815884540 | 2024-05-07T13:22:05.773993

503 / tcp

HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Tue, 07 May 2024 13:22:33 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive

-1083848502 | 2024-05-07T00:23:14.825059

3000 / tcp

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
X-Frame-Options: deny
X-Xss-Protection: 1; mode=block
Date: Tue, 07 May 2024 00:23:42 GMT
Transfer-Encoding: chunked

2019184402 | 2024-05-07T11:36:13.975757

3306 / tcp

MySQL:
  Protocol Version: 10
  Version: 8.0.27
  Capabilities: 65535
  Server Language: 255
  Server Status: 2
  Extended Server Capabilities: 57343
  Authentication Plugin: caching_sha2_password

1410193794 | 2024-04-28T14:39:05.966027

8000 / tcp

HTTP/1.1 404 
Content-Type: text/html;charset=utf-8
Content-Language: en
Content-Length: 431
Date: Sun, 28 Apr 2024 14:39:32 GMT

-1200890081 | 2024-04-15T20:24:36.590994

8050 / tcp

HTTP/1.1 404 
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Content-Length: 312
Date: Mon, 15 Apr 2024 20:25:01 GMT

-1282449584 | 2024-05-07T09:52:48.810668

8800 / tcp

HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Tue, 07 May 2024 09:53:16 GMT
Content-Type: text/html
Content-Length: 397
Last-Modified: Fri, 01 Dec 2023 08:09:10 GMT
Connection: keep-alive
ETag: "656994a6-18d"
Accept-Ranges: bytes

-567194451 | 2024-04-28T10:52:21.472319

8888 / tcp

HTTP/1.1 403 Forbidden
Date: Sun, 28 Apr 2024 10:52:48 GMT
X-Content-Type-Options: nosniff
Set-Cookie: JSESSIONID.8dd5f761=node0ettktk7htux0jm5a938ytjfh7583.node0; Path=/; HttpOnly
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=utf-8
X-Hudson: 1.395
X-Jenkins: 2.340
X-Jenkins-Session: 08850ef3
Content-Length: 541
Server: Jetty(9.4.45.v20220203)

-1937782893 | 2024-04-28T07:37:51.073918

9009 / tcp

HTTP/1.1 404 
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Content-Length: 312
Date: Sun, 28 Apr 2024 07:38:17 GMT

685599603 | 2024-05-07T08:57:07.255747

9100 / tcp

HTTP/1.1 400 Bad Request
Content-Type: text/plain; charset=utf-8
Connection: close

400 Bad Request
Prometheus Node Exporter:
  node_exporter_build_info:
    branch: HEAD
    goversion: go1.19.3
    revision: 1b48970ffcf5630534fb00bb0687d73c66d1c959
    version: 1.5.0
  node_os_info:
    id: centos
    id_like: rhel fedora
    name: CentOS Linux
    pretty_name: CentOS Linux 7 (Core)
    version: 7 (Core)
    version_id: 7
  node_uname_info:
    domainname: (none)
    machine: x86_64
    nodename: 0001.novalocal
    release: 3.10.0-862.el7.x86_64
    sysname: Linux
    version: #1 SMP Fri Apr 20 16:44:24 UTC 2018
  node_dmi_info:
    bios_date: 04/01/2014
    bios_vendor: SeaBIOS
    bios_version: 1.11.0-2.el7
    chassis_vendor: QEMU
    chassis_version: pc-i440fx-3.0
    product_name: OpenStack Nova
    product_version: 18.7.33
    system_vendor: OpenStack Foundation
  node_network_info:
    lo:
      address: 00:00:00:00:00:00
      broadcast: 00:00:00:00:00:00
      device: lo
      operstate: unknown
    docker0:
      address: 02:42:09:cd:67:e1
      broadcast: ff:ff:ff:ff:ff:ff
      device: docker0
      operstate: up
    veth41806ef:
      address: f2:a3:37:64:ce:32
      broadcast: ff:ff:ff:ff:ff:ff
      device: veth41806ef
      duplex: full
      operstate: up
    veth50f8007:
      address: 16:5d:32:d0:9e:db
      broadcast: ff:ff:ff:ff:ff:ff
      device: veth50f8007
      duplex: full
      operstate: up
    eth0:
      address: fa:16:3e:90:8a:a4
      broadcast: ff:ff:ff:ff:ff:ff
      device: eth0
      operstate: up

MAC Addresses

FA:16:3E:90:8A:A4
    Unknown

-65381726 | 2024-04-28T07:28:52.649764

9200 / tcp

HTTP/1.1 401 Unauthorized
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Content-Type-Options: nosniff
X-XSS-Protection: 1 ; mode=block
Referrer-Policy: no-referrer
content-length: 38

112.111.16.67

Last Seen: 2024-05-07

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1603286913 | 2024-04-10T07:02:02.708066
87 / tcp

nginx1.22.1

-631937737 | 2024-05-07T09:31:59.634975
88 / tcp

nginx1.22.1

1875755471 | 2024-04-11T14:44:02.370562
89 / tcp

Salesforce

954611388 | 2024-05-07T11:33:16.120097
502 / tcp

nginx1.22.1

-815884540 | 2024-05-07T13:22:05.773993
503 / tcp

nginx1.22.1

-1083848502 | 2024-05-07T00:23:14.825059
3000 / tcp

Grafana (Open Source)9.4.3

2019184402 | 2024-05-07T11:36:13.975757
3306 / tcp

MySQL8.0.27

1410193794 | 2024-04-28T14:39:05.966027
8000 / tcp

-1200890081 | 2024-04-15T20:24:36.590994
8050 / tcp

-1282449584 | 2024-05-07T09:52:48.810668
8800 / tcp

nginx1.22.1

-567194451 | 2024-04-28T10:52:21.472319
8888 / tcp

Jenkins2.340

-1937782893 | 2024-04-28T07:37:51.073918
9009 / tcp

685599603 | 2024-05-07T08:57:07.255747
9100 / tcp

Prometheus Node Exporter1.5.0

-65381726 | 2024-04-28T07:28:52.649764
9200 / tcp

Products

Pricing

Contact Us

112.111.16.67

Last Seen: 2024-05-07

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1603286913 | 2024-04-10T07:02:02.708066 87 / tcp

-631937737 | 2024-05-07T09:31:59.634975 88 / tcp

1875755471 | 2024-04-11T14:44:02.370562 89 / tcp

954611388 | 2024-05-07T11:33:16.120097 502 / tcp

-815884540 | 2024-05-07T13:22:05.773993 503 / tcp

-1083848502 | 2024-05-07T00:23:14.825059 3000 / tcp

2019184402 | 2024-05-07T11:36:13.975757 3306 / tcp

1410193794 | 2024-04-28T14:39:05.966027 8000 / tcp

-1200890081 | 2024-04-15T20:24:36.590994 8050 / tcp

-1282449584 | 2024-05-07T09:52:48.810668 8800 / tcp

-567194451 | 2024-04-28T10:52:21.472319 8888 / tcp

-1937782893 | 2024-04-28T07:37:51.073918 9009 / tcp

685599603 | 2024-05-07T08:57:07.255747 9100 / tcp

-65381726 | 2024-04-28T07:28:52.649764 9200 / tcp

Products

Pricing

Contact Us

1603286913 | 2024-04-10T07:02:02.708066
87 / tcp

-631937737 | 2024-05-07T09:31:59.634975
88 / tcp

1875755471 | 2024-04-11T14:44:02.370562
89 / tcp

954611388 | 2024-05-07T11:33:16.120097
502 / tcp

-815884540 | 2024-05-07T13:22:05.773993
503 / tcp

-1083848502 | 2024-05-07T00:23:14.825059
3000 / tcp

2019184402 | 2024-05-07T11:36:13.975757
3306 / tcp

1410193794 | 2024-04-28T14:39:05.966027
8000 / tcp

-1200890081 | 2024-04-15T20:24:36.590994
8050 / tcp

-1282449584 | 2024-05-07T09:52:48.810668
8800 / tcp

-567194451 | 2024-04-28T10:52:21.472319
8888 / tcp

-1937782893 | 2024-04-28T07:37:51.073918
9009 / tcp

685599603 | 2024-05-07T08:57:07.255747
9100 / tcp

-65381726 | 2024-04-28T07:28:52.649764
9200 / tcp