#Op_Tibet #Feb13 2020

Top Contenders For #Op_Tibet #February 2020


https://www.iflytek.com/
IP Address: 42.62.43.138
[GEO-IP] Country: China
[GEO-IP] State:
[GEO-IP] City:
[GEO-IP] Latitude: 34.7725
[GEO-IP] Longitude: 113.7266


Web Server: iflysec.Herald/1.1
IP address: 103.108.2.141
CMS: Could Not Detect
Cloudflare: Not Detected

PORT     STATE  SERVICE
21/tcp   closed ftp
22/tcp   closed ssh
23/tcp   closed telnet
80/tcp   open   http
110/tcp  open   pop3
143/tcp  open   imap
443/tcp  open   https
3389/tcp open   ms-wbt-server

Checking http://www.iflytek.com
Generic Detection results:
No WAF detected by the generic detection

--------------------------------------------------------------------

http://www.capital.cimc.com

IP Address: 116.7.233.136
[GEO-IP] Country: China
[GEO-IP] State: Guangdong
[GEO-IP] City: Shenzhen
[GEO-IP] Latitude: 22.5333
[GEO-IP] Longitude: 114.1333


Web Server: Apache
IP address: 61.144.248.66
CMS: Could Not Detect
Cloudflare: Not Detected

PORT     STATE  SERVICE
21/tcp   closed ftp
22/tcp   closed ssh
23/tcp   closed telnet
80/tcp   open   http
110/tcp  closed pop3
143/tcp  closed imap
443/tcp  closed https
3389/tcp closed ms-wbt-server

Generic Detection results:
The site http://www.capital.cimc.com seems to be behind a WAF or some sort of security solution. Reason: Blocking is being done at connection/packet level.

--------------------------------------------------------------------------

http://www.wiseweb.com.cn/

Web Server: Microsoft-IIS/7.5
IP address: 116.255.238.39
CMS: Could Not Detect
Cloudflare: Not Detected

Generic Detection results: The site http://www.wiseweb.com.cn seems to be behind a WAF or some sort of security solution. Reason: The server header is different when an attack is detected.The server header for a normal response is "Microsoft-IIS/7.5", while the server header a response to an attack is "Microsoft-HTTPAPI/2.0."