GeneralInformation

Hostnames	dhhgg123.cn app.dhhgg123.cn blog.dhhgg123.cn h5.dhhgg123.cn m.dhhgg123.cn mip.dhhgg123.cn mobile.dhhgg123.cn share.dhhgg123.cn vlog.dhhgg123.cn wap.dhhgg123.cn www.dhhgg123.cn
Domains	dhhgg123.cn
Country	Hong Kong
City	Tseung Kwan O
Organization	Starbow Ltd
ISP	Starbow Ltd.
ASN	AS133180

WebTechnologies

JavaScript frameworks

WOW

JavaScript graphics

WOW

JavaScript libraries

jQuery2.2.4

Web frameworks

WOW

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2020(2)

CVE-2020-11023

6.9In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

CVE-2020-11022

6.9In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

2019(1)

CVE-2019-11358

6.1jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.

2015(1)

CVE-2015-9251

6.1jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.

OpenPorts

21 80 443

21 / tcp

123273754 | 2025-03-18T07:57:21.028811

220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 15:57. Server port: 21.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
421 Unable to read the indexed puredb file (or old format detected) - Try pure-pw mkdb
211-Extensions supported:
 UTF8
 EPRT
 IDLE
 MDTM
 SIZE
 MFMT
 REST STREAM
 MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*;
 MLSD
 PRET
 AUTH TLS
 PBSZ
 PROT
 TVFS
 ESTA
 PASV
 EPSV
 SPSV
 ESTP
211 End.

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            c2:5c:57:87:e2:95:58:4d
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=CN, ST=Guangdong, L=Dongguan, O=BT-PANEL, OU=BT, CN=154.82.36.34/emailAddress=admin@bt.cn
        Validity
            Not Before: Oct 18 08:59:18 2024 GMT
            Not After : Jul 18 08:59:18 2034 GMT
        Subject: C=CN, ST=Guangdong, L=Dongguan, O=BT-PANEL, OU=BT, CN=154.82.36.34/emailAddress=admin@bt.cn
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (1024 bit)
                Modulus:
                    00:ee:ad:a3:9c:27:6e:bd:09:3b:5b:fd:42:32:ac:
                    a9:d7:55:b3:2f:60:9d:da:b0:bc:ea:95:76:47:e9:
                    45:e6:9b:1b:48:63:7a:39:c0:35:77:11:de:6b:10:
                    bf:ab:af:f6:5b:e8:f3:9c:bd:50:d0:f2:67:24:95:
                    43:f4:77:f5:41:40:21:06:2d:26:d0:b0:78:ca:da:
                    eb:48:8a:ee:f9:55:07:23:f4:ad:9b:78:51:0f:bb:
                    14:1b:f5:aa:7b:56:3e:bc:8e:7e:9c:e1:1d:a3:cb:
                    e7:b5:5a:3b:d4:4f:b9:08:fe:25:c4:d3:76:0d:b1:
                    b0:31:9e:91:59:dc:cd:96:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                14:21:4D:74:E2:5E:76:37:5D:29:C0:98:12:90:F8:4C:C3:40:0D:CB
            X509v3 Authority Key Identifier: 
                14:21:4D:74:E2:5E:76:37:5D:29:C0:98:12:90:F8:4C:C3:40:0D:CB
            X509v3 Basic Constraints: 
                CA:TRUE
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        3f:bf:8a:24:ba:2c:27:4f:07:17:13:cf:14:fb:77:7d:d0:5f:
        df:cf:ae:f9:6e:97:de:d2:f9:7a:47:b7:93:e9:b9:60:e5:06:
        d2:2a:22:d6:39:81:28:0c:f5:73:56:2b:16:01:8f:07:af:f9:
        16:05:25:41:1a:5c:07:dd:a9:ed:d7:d1:87:7e:12:9d:09:9c:
        d2:2d:7f:8a:77:8d:fd:9d:eb:da:8f:52:0e:5a:c5:96:83:a3:
        61:6f:5f:75:b1:e9:35:73:7a:c9:cf:17:cd:24:a4:1e:64:3e:
        97:05:b1:b4:1c:c5:f9:46:be:02:8a:ea:cb:c8:c7:fe:14:67:
        8d:e2

80 / tcp

-85749389 | 2025-03-18T01:32:51.013600

Hashes

hash

-141014493

http.dom_hash

1239617585

http.html_hash

-85749389

http.server_hash

-1340961475

http.title_hash

-1207101977

404 Not Found

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 18 Mar 2025 01:32:50 GMT
Content-Type: text/html
Content-Length: 138
Last-Modified: Mon, 23 Dec 2024 02:57:06 GMT
Connection: keep-alive
ETag: "6768d182-8a"
Accept-Ranges: bytes

443 / tcp

165436826 | 2025-03-10T22:43:02.923430

Hashes

hash

512826815

http.dom_hash

-465575161

http.favicon.hash

-1571122007

http.html_hash

165436826

http.server_hash

-1340961475

把握余生

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 10 Mar 2025 22:43:02 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Product: Z-BlogPHP 1.7.3
X-XSS-Protection: 1; mode=block
Upgrade-Insecure-Requests: 1
Strict-Transport-Security: max-age=31536000

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:0e:be:9a:bc:b0:d1:7a:c4:b3:8f:a0:a9:ed:bc:f7:0c:cf
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R10
        Validity
            Not Before: Nov  5 08:19:18 2024 GMT
            Not After : Feb  3 08:19:17 2025 GMT
        Subject: CN=h5.dhhgg123.cn
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b1:e7:9b:a6:a3:08:5e:ec:3c:7b:73:f6:c7:ef:
                    88:9e:7f:76:37:2d:e9:12:da:d9:60:46:60:81:ae:
                    e4:d2:cb:4e:a5:2a:67:83:1f:02:39:58:7c:b9:72:
                    25:14:1f:96:33:09:94:33:43:c2:86:0a:5c:dd:32:
                    ee:22:f7:7e:57:da:d4:0b:70:74:74:e9:c0:c6:42:
                    53:f8:d9:ab:4a:46:46:2e:1a:78:7c:48:dc:48:ee:
                    c6:c1:35:54:b0:c1:c6:71:80:bc:50:96:c6:5b:b1:
                    bd:b4:a4:00:14:70:36:24:54:b9:09:e0:3f:b3:b8:
                    07:e6:ac:8b:a8:bc:1f:7d:92:d5:7f:aa:08:68:5a:
                    53:db:0b:8b:fe:b5:bf:7c:0d:36:96:3c:86:d8:f9:
                    61:b8:7e:2e:e9:99:c3:92:08:85:d0:30:59:f9:b0:
                    ed:59:13:16:78:02:a5:23:30:e6:37:d6:b1:db:06:
                    95:4e:93:8e:41:e1:e7:8c:bc:b7:4e:e8:10:65:21:
                    27:bd:dd:ba:95:72:71:84:79:b6:55:af:97:d9:e7:
                    7a:fc:5a:09:dd:d5:bc:09:4a:9c:a8:69:49:8b:1c:
                    74:17:9c:6f:8f:90:8d:19:a6:0d:10:ac:66:7a:9b:
                    6a:c1:7b:3e:e2:60:a5:40:23:a2:cc:60:98:be:71:
                    2b:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                31:26:B1:F0:B5:2B:F9:9E:1F:32:D2:6E:7C:DA:50:64:28:50:C8:58
            X509v3 Authority Key Identifier: 
                BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8
            Authority Information Access: 
                OCSP - URI:http://r10.o.lencr.org
                CA Issuers - URI:http://r10.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:app.dhhgg123.cn, DNS:blog.dhhgg123.cn, DNS:dhhgg123.cn, DNS:h5.dhhgg123.cn, DNS:m.dhhgg123.cn, DNS:mip.dhhgg123.cn, DNS:mobile.dhhgg123.cn, DNS:share.dhhgg123.cn, DNS:vlog.dhhgg123.cn, DNS:wap.dhhgg123.cn, DNS:www.dhhgg123.cn
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : E6:D2:31:63:40:77:8C:C1:10:41:06:D7:71:B9:CE:C1:
                                D2:40:F6:96:84:86:FB:BA:87:32:1D:FD:1E:37:8E:50
                    Timestamp : Nov  5 09:17:49.125 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:EE:C9:6D:FE:C3:CF:DD:CA:1B:32:A0:
                                7B:4B:BA:D7:DD:8C:F1:67:9B:68:0B:13:73:C8:16:AF:
                                3D:0D:FA:AE:22:02:20:5D:DB:01:77:8C:7D:A5:BE:CD:
                                A4:62:87:C8:7F:91:D2:80:3B:17:06:C8:28:03:B4:F6:
                                E2:2C:C7:7E:F9:C1:16
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
                                1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
                    Timestamp : Nov  5 09:17:49.176 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:E4:78:29:B1:3E:AF:88:D3:A5:5B:3A:
                                94:10:E2:FA:48:23:7D:0B:09:49:CD:13:82:21:6D:D4:
                                E9:41:1C:B2:A5:02:21:00:D0:BC:D2:86:B0:90:2F:3A:
                                91:96:12:33:B4:C4:07:2C:60:51:42:69:CE:0E:FB:E4:
                                1B:1C:69:49:27:2B:E7:D9
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        a2:60:75:bf:68:8d:85:9d:ad:8e:50:50:4f:0c:ee:d2:90:41:
        9b:3a:31:6b:b2:86:9b:01:49:39:56:e6:96:ad:75:6b:3b:dd:
        56:d7:ef:49:9d:36:19:a0:b4:56:c0:01:9f:30:13:fb:ca:de:
        0d:f8:35:15:21:e4:8a:26:93:59:66:49:36:a1:5c:42:e1:56:
        97:00:39:b5:4b:d8:66:76:f5:c4:35:43:c9:09:8d:61:6c:46:
        97:2a:f2:09:d2:fc:25:17:e5:a6:12:58:21:b6:3c:a3:5f:65:
        f1:85:1c:36:8d:1b:37:27:03:44:00:35:9c:25:0e:bf:04:5a:
        9f:08:10:d9:bb:5a:2e:39:74:3c:ce:b1:aa:1e:f3:7d:17:a4:
        fb:05:6a:97:62:0f:31:dc:43:2f:4d:6b:e4:bc:1f:fa:b4:09:
        bd:fc:5a:ed:26:c0:5b:02:37:b0:a5:9c:2a:51:a8:f7:6b:5d:
        52:6d:d0:43:c5:d0:60:3f:cc:98:67:de:89:44:eb:c7:2b:06:
        6f:47:61:92:8d:6a:2f:66:46:0b:5b:cc:01:0b:05:76:9c:62:
        b7:e7:b4:a5:c7:d4:dc:67:d1:09:0a:bb:a4:52:a3:07:12:0c:
        de:8f:89:bc:59:e2:ad:ae:34:61:df:4b:3e:90:54:9a:f8:6f:
        cf:d8:03:02

Vulnerabilities

154.209.166.158

Last Seen: 2025-03-18

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

21 / tcp

123273754 | 2025-03-18T07:57:21.028811

Pure-FTPd

80 / tcp

-85749389 | 2025-03-18T01:32:51.013600

Hashes

nginx

443 / tcp

165436826 | 2025-03-10T22:43:02.923430

Hashes

nginx

Products

Pricing

Contact Us

154.209.166.158

Last Seen: 2025-03-18

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities All ports Port 443 Latest CVSS

OpenPorts

21 / tcp 123273754 | 2025-03-18T07:57:21.028811

Pure-FTPd

80 / tcp -85749389 | 2025-03-18T01:32:51.013600

Hashes

nginx

443 / tcp 165436826 | 2025-03-10T22:43:02.923430

Hashes

nginx

Products

Pricing

Contact Us

Vulnerabilities

21 / tcp

123273754 | 2025-03-18T07:57:21.028811

80 / tcp

-85749389 | 2025-03-18T01:32:51.013600

443 / tcp

165436826 | 2025-03-10T22:43:02.923430