39.105.131.42
{
"scan_id": 1769233337,
"ip": "39.105.131.42",
"is_ipv4": true,
"is_ipv6": false,
"location": {
"network": "39.104.0.0/14",
"postal_code": "",
"coordinates": {
"latitude": "39.911",
"longitude": "116.395"
},
"geo_point": "39.911, 116.395",
"locale_code": "en",
"continent": "Asia",
"country_code": "CN",
"country_name": "China",
"city": "Beijing"
},
"location_updated_at": "2026-01-24T08:31:52Z",
"asn": {
"number": "AS37963",
"organization": "Hangzhou Alibaba Advertising Co.,Ltd.",
"country_code": ""
},
"asn_updated_at": "0001-01-01T00:00:00Z",
"whois": {
"network": "39.104.0.0/14",
"organization": "Hangzhou Alibaba Advertising Co.,Ltd.",
"descr": "Hangzhou Alibaba Advertising Co.,Ltd.",
"_encoding": {
"raw": "BASE64"
}
},
"whois_updated_at": "2024-12-09T11:26:59Z",
"tags": [
{
"name": "is_anonymous_proxy",
"pretty_name": "Anonymous Proxy",
"value": false,
"last_updated_at": "2026-01-24T08:31:52Z"
},
{
"name": "is_cdn",
"pretty_name": "CDN",
"value": false,
"last_updated_at": "2026-01-24T11:23:55Z"
},
{
"name": "is_satellite_provider",
"pretty_name": "Satellite Provider",
"value": false,
"last_updated_at": "2026-01-24T08:31:52Z"
}
],
"services": [
{
"port": 80,
"protocol": "tcp",
"name": "http",
"version": "7.5",
"product": "Microsoft IIS httpd",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:microsoft:internet_information_services:7.5",
"part": "a",
"vendor": "microsoft",
"product": "internet_information_services",
"version": "7\\.5",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
},
{
"uri": "cpe:/o:microsoft:windows",
"part": "o",
"vendor": "microsoft",
"product": "windows",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body": "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\r\n<html xmlns=\"http://www.w3.org/1999/xhtml\">\r\n<head>\r\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\" />\r\n<title>IIS7</title>\r\n<style type=\"text/css\">\r\n<!--\r\nbody {\r\n\tcolor:#000000;\r\n\tbackground-color:#B3B3B3;\r\n\tmargin:0;\r\n}\r\n\r\n#container {\r\n\tmargin-left:auto;\r\n\tmargin-right:auto;\r\n\ttext-align:center;\r\n\t}\r\n\r\na img {\r\n\tborder:none;\r\n}\r\n\r\n-->\r\n</style>\r\n</head>\r\n<body>\r\n<div id=\"container\">\r\n<a href=\"http://go.microsoft.com/fwlink/?linkid=66138&clcid=0x409\"><img src=\"welcome.png\" alt=\"IIS7\" width=\"571\" height=\"411\" /></a>\r\n</div>\r\n</body>\r\n</html>",
"body_murmur": -119375469,
"body_sha256": "370be45f65276b3b8de42a29adfb1220fc44a5e018c37e3e9b62fa7d5b523fd0",
"component": [
"IIS:7.5",
"Windows Server"
],
"content_length": 689,
"headers": {
"accept_ranges": [
"bytes"
],
"content_length": [
"689"
],
"content_type": [
"text/html"
],
"date": [
"Sat, 24 Jan 2026 20:56:54 GMT"
],
"etag": [
"\"dca184981f3d11:0\""
],
"last_modified": [
"Thu, 11 Aug 2016 03:32:50 GMT"
],
"server": [
"Microsoft-IIS/7.5"
],
"x_powered_by": [
"ASP.NET"
]
},
"protocol": "HTTP/1.1",
"request": {
"headers": {
"accept": [
"*/*"
],
"user_agent": [
"Mozilla/5.0 (compatible; Odin; https://docs.getodin.com/)"
]
},
"method": "GET",
"url": {
"host": "39.105.131.42",
"path": "",
"scheme": "http"
}
},
"status_code": 200,
"title": "IIS7"
}
},
"cve": [
{
"id": "CVE-2010-1899",
"score": 4.3,
"severity": "medium"
},
{
"id": "CVE-2010-2730",
"score": 9.3,
"severity": "high"
},
{
"id": "CVE-2010-3972",
"score": 10,
"severity": "high"
}
],
"url": "http://39.105.131.42/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2026-01-24T20:56:55.392Z"
},
{
"port": 443,
"protocol": "tcp",
"name": "https",
"version": "",
"product": "nginx/1.9.9",
"extra_info": "",
"tunnel": "ssl",
"modules": {
"http": {
"body": "<!DOCTYPE html>\n<html>\n<head></head>\n<body\n><script>location='/tplus/';</script></body>\n</html>\n",
"body_murmur": 1417248052,
"body_sha256": "acb53beade4d1c316eabf968c47723035c4fd0793d3b6deb0fe9b58d25a18538",
"component": [
"Nginx:1.9.9"
],
"content_length": 96,
"headers": {
"accept_ranges": [
"bytes"
],
"connection": [
"keep-alive"
],
"content_length": [
"96"
],
"content_type": [
"text/html; charset=utf-8"
],
"date": [
"Sat, 24 Jan 2026 09:49:31 GMT"
],
"etag": [
"\"569da705-60\""
],
"last_modified": [
"Tue, 19 Jan 2016 03:01:25 GMT"
],
"server": [
"nginx/1.9.9"
]
},
"protocol": "HTTP/1.1",
"request": {
"headers": {
"accept": [
"*/*"
],
"user_agent": [
"Mozilla/5.0 (compatible; Odin; https://docs.getodin.com/)"
]
},
"method": "GET",
"url": {
"host": "39.105.131.42",
"path": "",
"scheme": "https"
}
},
"status_code": 200
},
"tls": {
"certificate": {
"extensions": {
"authority_key_id": "keyidc3468a60a25963c481e3518972696b88d9f91b56\ndirname/c=cn/st=beijing/l=beijing/o=chanjet/ou=tplus\nserialaefd25864bc2278e",
"basic_constraints": {
"is_ca": true
},
"subject_key_id": "c3468a60a25963c481e3518972696b88d9f91b56"
},
"fingerprint_md5": "0E8318DC06D1BBF5B0DDCB94E75EBBA2",
"fingerprint_sha1": "DD6ED20F1F778FB592FF311F34F5A45E8DE67EDA",
"fingerprint_sha256": "635FDD701E905A283D7C728FD8213B8416DD57AB227E6BE7AC4180B50FA62546",
"issuer": {
"country": [
"CN"
],
"locality": [
"BEIJING"
],
"organization": [
"CHANJET"
],
"organizational_unit": [
"TPLUS"
],
"province": [
"BEIJING"
]
},
"issuer_dn": "/C=CN/ST=BEIJING/L=BEIJING/O=CHANJET/OU=TPLUS",
"jarm": "22b22b09b22b22b22b22b22b22b22b47321614530b94a96fa03d06e666d6d6",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "12609275790434117518",
"signature": {
"algorithm": {
"name": "SHA1-RSA",
"oid": "1.2.840.113549.1.1.5"
},
"self_signed": true,
"value": "OGUzNTVmZjAzNjkwOThmNzIzMjc1ODk0ODVlYzM2YmIxNTJlMmMwNjg5YThlNzZjZjdjMGE2MzMxNTM2ZWVhYWI2ZGI5NWYzZWZiNmNkNzZkZGZhNzU3ZTQwNWRhZjg0OWZlMTlhOThhZGRlNGRhYzAzZGJjZjE5ZmQxNjJmM2NiZTVmOGE1MWYyYTBlMDk0MjI3MzQ1NzA5NWY2ZGM3NmIxZTEzZWRkZDZkNGIzNjU0NTczMDFhZWFmMDlmZTQyOTVkZmViYTExOWQ4ZjQxMmM3NWMxZGNhYTUxOGUxMjc2ZDg1N2MyZTk4NjhiYmFlYmZlZDY4ZDMxZGQwZjgwNjNiMmEwZTFlODJlOGQxMGQ5NGE4YWQzZTVkMGNlYjE4NjllYWRjMzJlMmRhMDVhZjBiYTBhYTUwNGY0NDJhMjgwYjhiNzQ0MTVlZWUwMjgxYjY1M2M4NTRlN2VlZDdlMWFlOTZkMDk4ZDdlMWQ3ODVjMDJjMzZiM2I5MzQxZWFjMjU5YTBkY2MxODk4MzQxMDdlOTVlNjE1YmEwZjEwNjU5OTBlZDU2MzQ3ZTc3MmIwNmQ0ODBmNzU1ZDhkN2YzNzhhZWU4YmM0YWE3NGNlMGYwN2I4YmY3MzM2Nzc2YjI3MTAwOTlmNzA4Mjg0NWViZmU2Y2YyYWY5Nzg2OGE1ZjU="
},
"subject": {
"country": [
"CN"
],
"locality": [
"BEIJING"
],
"organization": [
"CHANJET"
],
"organizational_unit": [
"TPLUS"
],
"province": [
"BEIJING"
]
},
"subject_alt_name": {
"extended_dns_names": []
},
"subject_dn": "/C=CN/ST=BEIJING/L=BEIJING/O=CHANJET/OU=TPLUS",
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "9bf5e2021de16b38f171424905a34b4f665e1c4ad3bcbeeb7ef45f7f9a2f04ed",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 2048,
"modulus": "MHhhN2M1OTU1NTQwY2U1M2FmMTdjNzE0ZjkyMzdlZjdhMDU0MmU2N2JkMjhmOTFmNjcyM2RiNTU0YjZkZGQwOTcyN2I3MWUwMThkN2YzMjQ4NjZmZDA5YWM3Y2Q2YjgwOGRjMWE3NDVjNGU5ZGFmODEwZjBhNTEwZDFhNzhlYTNlYWQ0NmFhZDUwOWFkZGIzNjRhMzVhNDI2NGQzYzlmMGJkZDQ1MzU0N2QzODQ3MjQ1MDI4MzAwNzJiNWE1Yjk0NTc5YTdhMWVhZGFkYTdjNzA5ODYzMDVmZWM0NDQwMmJmNTU4NTVkMzAyNTg1ZmVmMDIxYmZkMTZiNzQ4MGE3ZDBkYjJiZGFhM2I1NDQxYjZmMGU3YWQ1ZWRkNzZjYjFiZGEzZWM2NTE3ZjBhMDdkZmJiNzU4NWRiMjA5MmY3ZTM3MGYyZjM5YzRhMWQwMWY2ZjM5MTMzMzM2NDE1MDk1ZmQzYjFlZmZjYzgxODI4YTk1OGEyMjc0ZTJkZWNjNTJkMzc2NjRhYWQ1YWMzYjE2ZGEyZWQ2OTYyZjc5YTQ5ODQ0ZjJhYjZkZGIyMGYwM2EzYWI4YWY0MTdlZTZkODg4MjAyMDlkMjE2YWY5YzQxZTkxNDk0ZGE4MjZkNmY1Nzk5YWE5YWE1NGI3ZDk0NTE3ZDIyMWMzMjg2MWE3NTYzNjg1MQ=="
}
},
"tbs_fingerprint": "7d45ebfc6d3c56def755b3ec36b07f1672ad3d0aae0b1c4cb8c517477e87c388",
"validation_level": "OV",
"validity": {
"length_seconds": 315360000,
"not_after": "2025-12-28T08:54:45",
"not_before": "2015-12-31T08:54:45"
},
"version": 2
},
"fingerprint_sha256": "635FDD701E905A283D7C728FD8213B8416DD57AB227E6BE7AC4180B50FA62546",
"precert": false,
"raw": "MIID4DCCAsigAwIBAgIJAK79JYZLwieOMA0GCSqGSIb3DQEBBQUAMFMxCzAJBgNVBAYTAkNOMRAwDgYDVQQIEwdCRUlKSU5HMRAwDgYDVQQHEwdCRUlKSU5HMRAwDgYDVQQKEwdDSEFOSkVUMQ4wDAYDVQQLEwVUUExVUzAeFw0xNTEyMzEwODU0NDVaFw0yNTEyMjgwODU0NDVaMFMxCzAJBgNVBAYTAkNOMRAwDgYDVQQIEwdCRUlKSU5HMRAwDgYDVQQHEwdCRUlKSU5HMRAwDgYDVQQKEwdDSEFOSkVUMQ4wDAYDVQQLEwVUUExVUzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKfFlVVAzlOvF8cU+SN+96BULme9KPkfZyPbVUtt3Qlye3HgGNfzJIZv0JrHzWuAjcGnRcTp2vgQ8KUQ0aeOo+rUaq1Qmt2zZKNaQmTTyfC91FNUfThHJFAoMAcrWluUV5p6Hq2tp8cJhjBf7ERAK/VYVdMCWF/vAhv9FrdICn0Nsr2qO1RBtvDnrV7ddssb2j7GUX8KB9+7dYXbIJL343Dy85xKHQH285EzM2QVCV/Tse/8yBgoqViiJ04t7MUtN2ZKrVrDsW2i7Wli95pJhE8qtt2yDwOjq4r0F+5tiIICCdIWr5xB6RSU2oJtb1eZqpqlS32UUX0iHDKGGnVjaFECAwEAAaOBtjCBszAdBgNVHQ4EFgQUw0aKYKJZY8SB41GJcmlriNn5G1YwgYMGA1UdIwR8MHqAFMNGimCiWWPEgeNRiXJpa4jZ+RtWoVekVTBTMQswCQYDVQQGEwJDTjEQMA4GA1UECBMHQkVJSklORzEQMA4GA1UEBxMHQkVJSklORzEQMA4GA1UEChMHQ0hBTkpFVDEOMAwGA1UECxMFVFBMVVOCCQCu/SWGS8InjjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQCONV/wNpCY9yMnWJSF7Da7FS4sBomo52z3wKYzFTbuqrbblfPvts123fp1fkBdr4Sf4ZqYrd5NrAPbzxn9Fi88vl+KUfKg4JQic0VwlfbcdrHhPt3W1LNlRXMBrq8J/kKV3+uhGdj0EsdcHcqlGOEnbYV8Lphou66/7WjTHdD4BjsqDh6C6NENlKitPl0M6xhp6twy4toFrwugqlBPRCooC4t0QV7uAoG2U8hU5+7X4a6W0JjX4deFwCw2s7k0Hqwlmg3MGJg0EH6V5hW6DxBlmQ7VY0fncrBtSA91XY1/N4rui8SqdM4PB7i/czZ3aycQCZ9wgoRev+bPKvl4aKX1",
"tags": [
"ov",
"trusted",
"self_signed"
]
}
},
"url": "https://39.105.131.42/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2026-01-24T10:00:45.185Z"
},
{
"port": 8080,
"protocol": "tcp",
"name": "http",
"version": "1.9.9",
"product": "nginx",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:igor_sysoev:nginx:1.9.9",
"part": "a",
"vendor": "igor_sysoev",
"product": "nginx",
"version": "1\\.9\\.9",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body": "<!DOCTYPE html>\n<html>\n<head></head>\n<body\n><script>location='/tplus/';</script></body>\n</html>\n",
"body_murmur": 1417248052,
"body_sha256": "acb53beade4d1c316eabf968c47723035c4fd0793d3b6deb0fe9b58d25a18538",
"component": [
"Nginx:1.9.9"
],
"content_length": 96,
"favicon": {
"md5_hash": "934ca9005945fdbbc9804f6980c1a067",
"murmur_hash": -2067519629,
"path": "http://39.105.131.42:8080/favicon.ico",
"size": 4286
},
"headers": {
"accept_ranges": [
"bytes"
],
"connection": [
"keep-alive"
],
"content_length": [
"96"
],
"content_type": [
"text/html; charset=utf-8"
],
"date": [
"Sun, 18 Jan 2026 10:20:20 GMT"
],
"etag": [
"\"569da705-60\""
],
"last_modified": [
"Tue, 19 Jan 2016 03:01:25 GMT"
],
"server": [
"nginx/1.9.9"
]
},
"protocol": "HTTP/1.1",
"request": {
"headers": {
"accept": [
"*/*"
],
"user_agent": [
"Mozilla/5.0 (compatible; Odin; https://docs.getodin.com/)"
]
},
"method": "GET",
"url": {
"host": "39.105.131.42:8080",
"path": "",
"scheme": "http"
}
},
"status_code": 200
}
},
"url": "http://39.105.131.42:8080/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2026-01-18T10:20:21.743Z"
}
],
"services_hash": "cc3e2a3a7de9c0e05356417d26db4d2761d78b7c19a1e2ffe02d110a29fc12ef",
"last_updated_at": "2026-01-24T20:56:55.392Z",
"banner": [
"http",
"tls"
],
"is_vuln": true,
"cveDetails": {
"CVE-2010-1899": {
"id": "CVE-2010-1899",
"references": [
"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-065",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7127"
],
"score": 4.3,
"services": [
"80/http"
],
"severity": "medium",
"summary": "Stack consumption vulnerability in the ASP implementation in Microsoft Internet Information Services (IIS) 5.1, 6.0, 7.0, and 7.5 allows remote attackers to cause a denial of service (daemon outage) via a crafted request, related to asp.dll, aka \"IIS Repeated Parameter Request Denial of Service Vulnerability.\"",
"vector_string": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"weakness": "CWE-119"
},
"CVE-2010-2730": {
"id": "CVE-2010-2730",
"references": [
"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-065",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6933"
],
"score": 9.3,
"services": [
"80/http"
],
"severity": "high",
"summary": "Buffer overflow in Microsoft Internet Information Services (IIS) 7.5, when FastCGI is enabled, allows remote attackers to execute arbitrary code via crafted headers in a request, aka \"Request Header Buffer Overflow Vulnerability.\"",
"vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"weakness": "CWE-119"
},
"CVE-2010-3972": {
"id": "CVE-2010-3972",
"references": [
"http://blogs.technet.com/b/srd/archive/2011/01/07/assessing-the-risk-of-public-issues-currently-being-tracked-by-the-msrc.aspx",
"http://secunia.com/advisories/42713",
"http://www.exploit-db.com/exploits/15803",
"http://www.kb.cert.org/vuls/id/842372",
"http://www.securityfocus.com/bid/45542",
"http://www.securitytracker.com/id?1024921",
"http://www.vupen.com/english/advisories/2010/3305",
"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-004",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/64248",
"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12370"
],
"score": 10,
"services": [
"80/http"
],
"severity": "high",
"summary": "Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendData function in ftpsvc.dll in Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) 7.0, and IIS 7.5, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted FTP command, aka \"IIS FTP Service Heap Buffer Overrun Vulnerability.\" NOTE: some of these details are obtained from third party information.",
"vector_string": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"weakness": "CWE-119"
}
}
}