GeneralInformation

Hostnames	chihe.subaoxw.com
Domains	subaoxw.com
Country	China
City	Qingdao
Organization	China Unicom Shandong Province Network
ISP	CHINA UNICOM China169 Backbone
ASN	AS4837

WebTechnologies

JavaScript libraries

jQuery

Swiper

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2023

CVE-2023-44487

7.5The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

2021

CVE-2021-3618

7.4ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.

OpenPorts

80 443 4443

80 / tcp

-617618899 | 2025-02-17T01:18:21.419408

Hashes

hash

471629095

http.dom_hash

1239617585

http.html_hash

-617618899

http.server_hash

1830366617

http.title_hash

-1030444411

403 Forbidden

HTTP/1.1 403 Forbidden
Server: nginx/1.20.1
Date: Mon, 17 Feb 2025 01:18:21 GMT
Content-Type: text/html
Content-Length: 555
Connection: keep-alive

CVE-2023-44487 CVE-2021-3618

443 / tcp

-1578801479 | 2025-02-21T02:03:51.660612

Hashes

hash

224293703

http.dom_hash

1176770481

http.favicon.hash

-1308003850

http.html_hash

-1578801479

http.server_hash

1830366617

吃喝频道

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Fri, 21 Feb 2025 02:03:51 GMT
Content-Type: text/html
Content-Length: 11845
Last-Modified: Tue, 18 Feb 2025 03:44:58 GMT
Connection: keep-alive
ETag: "67b4023a-2e45"
Accept-Ranges: bytes

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:99:12:53:20:6e:a9:f3:d5:3d:99:5d:cb:f7:79:a8
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=Encryption Everywhere DV TLS CA - G2
        Validity
            Not Before: Jul 19 00:00:00 2024 GMT
            Not After : Oct 16 23:59:59 2024 GMT
        Subject: CN=chihe.subaoxw.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:a9:41:61:32:0c:8d:5e:6b:c8:8b:39:6b:37:1c:
                    03:ad:a3:67:45:29:20:b2:86:9d:0d:64:a3:e9:52:
                    bc:b5:c1:d7:e2:48:ac:6f:5d:aa:bd:dd:4f:1e:a4:
                    e6:14:cb:4f:7a:49:b5:50:50:fc:dc:2c:2e:ae:ca:
                    05:f6:98:95:ea:0d:99:7b:3f:d3:a3:5b:07:fb:25:
                    52:17:5d:20:ca:50:bb:f4:1a:2c:49:4b:13:1a:a4:
                    14:39:8f:86:d4:a4:8e:65:84:d8:18:45:f6:86:54:
                    2c:2d:75:f2:a4:c9:9e:0a:d2:68:4e:54:de:0c:1f:
                    cf:17:20:e5:bf:dc:27:89:2e:6b:a8:d1:33:56:a8:
                    60:ea:88:67:d9:3d:6e:ed:ef:49:aa:08:26:56:76:
                    a2:2b:db:6b:14:ba:dc:eb:3e:10:b8:d8:34:a2:32:
                    08:ac:24:a8:d5:62:ca:c1:90:2e:45:03:2e:b3:99:
                    01:52:04:67:b0:59:55:2b:e5:7d:a0:7e:d3:8d:ee:
                    78:f2:49:27:26:eb:40:ac:da:a3:76:b0:d9:5b:a7:
                    6f:66:b9:03:e8:0d:d7:21:69:04:f5:8b:8a:e0:7e:
                    2e:4b:b4:57:86:8d:b8:93:12:b6:63:d3:fc:7f:ae:
                    e2:8e:81:33:e5:cf:00:a4:81:d3:39:db:c3:b4:28:
                    86:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                78:DF:91:90:5F:EE:DE:AC:F6:C5:75:EB:D5:4C:55:53:EF:24:4A:B6
            X509v3 Subject Key Identifier: 
                E0:9A:ED:25:1F:F6:F0:74:E9:86:7D:D2:FF:C1:DF:1D:AF:86:FE:57
            X509v3 Subject Alternative Name: 
                DNS:chihe.subaoxw.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
                  CPS: http://www.digicert.com/CPS
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            Authority Information Access: 
                OCSP - URI:http://ocsp.digicert.com
                CA Issuers - URI:http://cacerts.digicert.com/EncryptionEverywhereDVTLSCA-G2.crt
            X509v3 Basic Constraints: critical
                CA:FALSE
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Jul 19 08:24:02.963 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:1A:B2:0C:98:69:96:3C:B9:38:3B:D2:BC:
                                F4:41:EA:FC:42:13:20:BA:8F:FD:C0:E4:CF:6E:2D:72:
                                5C:52:1D:86:02:20:23:BA:42:67:C3:0E:93:7C:33:03:
                                5B:58:AA:1D:5D:D0:52:31:21:C8:7B:7E:6D:91:3E:89:
                                07:1B:18:90:F7:99
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70:
                                91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB
                    Timestamp : Jul 19 08:24:02.831 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:0C:B7:E3:5B:23:DC:8A:5B:D4:CF:EE:4D:
                                78:39:40:A2:6F:1A:ED:2D:56:D9:79:C2:B3:58:28:38:
                                1E:AD:D3:9D:02:21:00:D7:CF:B8:D7:EB:0B:F7:F4:31:
                                52:CC:86:E0:27:CD:4D:38:A3:1E:58:1C:D6:98:EF:5F:
                                33:A8:00:79:78:05:6B
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
                                ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
                    Timestamp : Jul 19 08:24:03.004 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:76:31:8E:D0:02:2B:DB:AF:6D:A2:28:86:
                                E6:A3:56:25:E5:94:BB:75:50:F8:46:26:A3:5F:83:F0:
                                0E:38:15:FE:02:21:00:FE:57:36:E6:CC:95:CB:57:37:
                                D5:1C:00:A6:7F:14:89:67:09:35:AD:D6:97:87:97:CC:
                                E9:D3:D6:AD:DC:62:15
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        11:d0:e1:fe:77:6a:b2:f7:65:3c:3b:f2:15:1b:d1:6f:37:e7:
        94:61:12:ab:ff:ed:b0:bb:d7:b1:83:aa:74:20:5e:fb:5f:54:
        80:2e:ef:b9:c7:db:c4:8a:1d:d5:bb:57:b7:ec:04:d8:8a:84:
        9f:5e:47:27:7b:47:5c:4f:64:e3:b7:67:c5:6f:08:68:08:c3:
        b3:a6:98:ee:e9:0a:b8:c8:56:1f:5b:91:8c:3f:11:ef:1f:25:
        27:62:0d:4d:3d:1a:af:c9:14:3f:fa:53:93:f6:cc:54:6f:24:
        12:0f:eb:d4:a0:04:09:47:be:0f:73:f0:2a:d9:97:49:59:c8:
        2f:5e:c1:e2:36:a0:15:8c:40:f6:ef:37:9e:da:36:23:43:05:
        59:fb:dc:9d:48:49:42:4b:14:ed:bf:ef:c9:dc:96:4e:1f:f2:
        a2:f0:d8:19:ee:1c:a3:b0:c8:17:e7:1e:49:83:72:a1:a2:65:
        6a:86:63:9f:ea:39:2c:04:ad:38:52:01:07:d4:ef:ad:a7:0b:
        40:1e:84:bf:23:6b:89:36:ae:16:c6:b8:84:99:70:c5:4e:10:
        f2:76:1b:0d:46:1b:a0:d5:25:c3:e8:66:f7:c7:9d:ab:17:78:
        ac:5f:65:b3:7f:55:d2:6a:53:dc:f2:87:91:da:fd:19:5b:19:
        9b:37:ed:dd

CVE-2023-44487 CVE-2021-3618

4443 / tcp

1463565895 | 2025-02-24T06:50:28.840749

HTTP/1.1 400 Bad Request
Server: nginx
Date: Mon, 24 Feb 2025 06:50:14 GMT
Content-Type: text/html
Content-Length: 264
Connection: close
Strict-Transport-Security: max-age=31536000; includeSubDomains

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx</center>
</body>
</html>

123.232.38.158

Last Seen: 2025-02-24

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

80 / tcp

-617618899 | 2025-02-17T01:18:21.419408

Hashes

nginx1.20.1

443 / tcp

-1578801479 | 2025-02-21T02:03:51.660612

Hashes

nginx1.20.1

4443 / tcp

1463565895 | 2025-02-24T06:50:28.840749

nginx

Products

Pricing

Contact Us

123.232.38.158

Last Seen: 2025-02-24

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities All ports Port 80 Port 443 Latest CVSS

OpenPorts

80 / tcp -617618899 | 2025-02-17T01:18:21.419408

Hashes

nginx1.20.1

443 / tcp -1578801479 | 2025-02-21T02:03:51.660612

Hashes

nginx1.20.1

4443 / tcp 1463565895 | 2025-02-24T06:50:28.840749

nginx

Products

Pricing

Contact Us

Vulnerabilities

80 / tcp

-617618899 | 2025-02-17T01:18:21.419408

443 / tcp

-1578801479 | 2025-02-21T02:03:51.660612

4443 / tcp

1463565895 | 2025-02-24T06:50:28.840749