GeneralInformation

Hostnames	app.fzmcsc.cn
Domains	fzmcsc.cn
Country	China
City	Xiamen
Organization	CHINANET Fujian province network
ISP	CHINANET-BACKBONE
ASN	AS4134

WebTechnologies

JavaScript libraries

jQuery

Web frameworks

Microsoft ASP.NET

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2010-3972	10.0Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendData function in ftpsvc.dll in Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) 7.0, and IIS 7.5, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted FTP command, aka "IIS FTP Service Heap Buffer Overrun Vulnerability." NOTE: some of these details are obtained from third party information.
CVE-2010-2730	9.3Buffer overflow in Microsoft Internet Information Services (IIS) 7.5, when FastCGI is enabled, allows remote attackers to execute arbitrary code via crafted headers in a request, aka "Request Header Buffer Overflow Vulnerability."
CVE-2010-1899	4.3Stack consumption vulnerability in the ASP implementation in Microsoft Internet Information Services (IIS) 5.1, 6.0, 7.0, and 7.5 allows remote attackers to cause a denial of service (daemon outage) via a crafted request, related to asp.dll, aka "IIS Repeated Parameter Request Denial of Service Vulnerability."

OpenPorts

80 88 443 1433 5222 7070 8000 8080 9000 9090 9981

-1183234733 | 2024-05-14T09:04:46.378408

80 / tcp

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Tue, 14 May 2024 09:04:45 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 3235
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
X-UA-Compatible: IE=8
Cache-Control: private,max-age=86400000
ETag: "HCPGHF5c4V7"
Last-Modified: Thu, 06 May 2021 01:48:18 GMT
Set-Cookie: ecology_JSessionid=aaasgFtQBQJ8J-cTxyX9y; path=/

864035421 | 2024-05-14T21:13:39.973915

88 / tcp

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 1840
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
Set-Cookie: ASP.NET_SessionId=kozgzseaekqezf55waem4h55; path=/; HttpOnly
X-Powered-By: ASP.NET
Date: Tue, 14 May 2024 21:13:39 GMT

1477589034 | 2024-05-07T03:03:06.265147

443 / tcp

HTTP/1.1 502 Bad Gateway
Server: nginx/1.24.0
Date: Tue, 07 May 2024 03:03:06 GMT
Content-Type: text/html
Content-Length: 559
Connection: keep-alive

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:c7:a8:6c:80:13:c4:67:d3:dc:d8:2c:77:f5:33:43
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=Encryption Everywhere DV TLS CA - G2
        Validity
            Not Before: Sep 26 00:00:00 2023 GMT
            Not After : Sep 25 23:59:59 2024 GMT
        Subject: CN=app.fzmcsc.cn
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:91:91:89:39:f2:35:4b:9a:ce:57:83:ab:44:ca:
                    08:b1:be:2c:a9:73:83:23:4e:73:6e:b9:35:1d:8a:
                    1b:d5:78:2f:34:87:31:b9:52:12:cc:fa:43:af:4e:
                    f9:1f:37:47:f9:59:b4:4b:65:8e:61:40:3c:82:65:
                    0a:e5:9a:2b:99:71:16:48:71:2a:b6:71:40:33:10:
                    fb:52:bb:7f:ec:a9:56:69:03:a1:fa:27:06:80:c9:
                    d4:eb:6e:ca:eb:0d:9d:7d:fe:98:ff:f8:c1:d0:58:
                    cc:01:82:5f:e4:ff:dc:a7:a6:60:70:62:42:8f:d6:
                    73:83:c6:c4:f4:ef:22:72:c8:7b:2b:2d:0d:d0:f3:
                    9b:13:dc:d5:2e:84:1d:eb:fd:ce:55:5f:f7:66:2c:
                    7c:19:63:38:d7:dc:38:f8:a8:a7:40:01:3e:07:76:
                    43:91:b4:b7:f4:24:9f:03:a1:68:b0:30:8b:ea:9c:
                    48:44:39:f3:67:36:64:3a:32:5a:d6:1d:27:2f:fe:
                    1f:9f:f7:36:81:88:46:31:db:e6:80:6f:62:ac:13:
                    2f:8a:1b:5c:47:d6:bb:51:c9:c6:ee:63:98:4a:f1:
                    9f:ab:37:8b:2e:39:9d:d3:a4:28:69:3d:b8:aa:f6:
                    98:fb:11:6a:74:4c:76:da:c2:84:89:21:cb:d9:73:
                    47:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                78:DF:91:90:5F:EE:DE:AC:F6:C5:75:EB:D5:4C:55:53:EF:24:4A:B6
            X509v3 Subject Key Identifier: 
                58:0B:A6:6A:23:5B:E1:29:79:C8:2B:05:B5:44:98:62:07:30:E2:60
            X509v3 Subject Alternative Name: 
                DNS:app.fzmcsc.cn
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
                  CPS: http://www.digicert.com/CPS
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            Authority Information Access: 
                OCSP - URI:http://ocsp.digicert.com
                CA Issuers - URI:http://cacerts.digicert.com/EncryptionEverywhereDVTLSCA-G2.crt
            X509v3 Basic Constraints: critical
                CA:FALSE
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
                                B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
                    Timestamp : Sep 26 07:58:06.838 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:A1:4E:C4:04:62:B7:55:2C:51:38:75:
                                32:CF:8D:A0:2A:5E:DC:B4:F4:72:58:B3:18:F2:59:68:
                                C0:BE:BC:CB:7A:02:21:00:B0:1E:0E:56:4D:FE:F1:B1:
                                2D:CE:74:B7:8F:97:70:36:5E:BF:B2:19:5A:0C:B2:78:
                                34:FE:FF:34:82:B0:88:9A
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Sep 26 07:58:06.837 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:8C:28:A9:5E:0F:B1:C1:75:99:C1:99:
                                C3:83:AF:2D:DA:9E:76:EE:02:6F:FB:FD:A2:27:01:FA:
                                47:39:42:CF:6E:02:20:44:D1:12:19:8E:D6:EC:3A:A6:
                                E0:9D:B8:FF:88:2D:CD:21:AB:5F:E3:A1:8B:CC:80:F8:
                                2E:32:A4:1A:D1:3B:CF
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70:
                                91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB
                    Timestamp : Sep 26 07:58:06.789 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:08:06:32:5E:3E:2E:C8:FE:F4:BD:32:D7:
                                8E:20:69:28:A4:F9:0F:84:9D:87:24:BB:47:BF:5D:B3:
                                1B:1E:80:74:02:20:06:54:F2:E5:80:BA:34:3D:98:0E:
                                DB:4A:3A:2B:08:52:F8:5F:17:FE:F9:69:80:0B:B8:2F:
                                AC:17:BE:87:BA:3F
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        41:27:12:cc:2f:93:09:68:08:51:05:d8:8b:b3:2e:cd:ce:b1:
        e6:25:32:4a:2a:96:4f:9d:34:79:ca:a9:ba:83:e9:d5:cb:76:
        b5:e8:3f:0e:c9:b4:01:37:a9:97:a6:37:da:f9:07:93:06:13:
        fc:37:4b:b3:f6:d5:66:c2:fc:da:1f:35:c7:8f:d1:06:f8:88:
        af:ae:41:d0:5e:d8:4c:ff:41:ff:e0:9e:f5:96:ca:ae:e7:3a:
        88:25:d2:30:46:af:c5:23:d1:7e:ea:b1:6f:ef:59:92:5a:a7:
        72:7c:fb:24:d8:a0:ee:7c:a3:b6:cc:b4:4b:1a:b0:eb:53:7b:
        e9:d2:cd:17:62:a4:33:17:b8:51:7c:68:c0:59:01:60:47:ce:
        ef:ba:6d:94:79:a1:af:0b:c8:08:5d:be:29:e4:93:b4:df:a2:
        b8:34:c4:84:0b:bd:95:8d:04:ba:94:a0:6c:4f:35:b6:29:d0:
        c6:3b:10:79:32:a9:a0:8f:46:2e:95:6c:d3:85:64:b8:c2:d9:
        15:00:7e:cc:f5:f2:34:05:21:a0:29:ba:47:5a:e9:0d:5e:fc:
        8a:bb:cf:59:38:ec:b3:06:1d:34:5c:f2:69:d5:7a:6a:ef:d1:
        e9:0e:ed:71:19:26:cf:1a:32:67:d9:c7:be:3f:1e:8f:bc:62:
        cc:f7:c1:28

-1310448906 | 2024-05-14T12:41:00.401647

1433 / tcp

MS-SQL NTLM Info:
  OS: Windows 7/Windows Server 2008 R2
  OS Build: 6.1.7601
  Target Name: USER-20180625DS
  NetBIOS Domain Name: USER-20180625DS
  NetBIOS Computer Name: USER-20180625DS
  DNS Domain Name: USER-20180625DS
  FQDN: USER-20180625DS

-1758168245 | 2024-05-17T08:01:02.542161

5222 / tcp

<?xml version='1.0' encoding='UTF-8'?><stream:stream xmlns:stream="http://etherx.jabber.org/streams" xmlns="jabber:client" from="weaver" id="wbdtv51ef" xml:lang="en-US" version="1.0"><stream:features><mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><mechanism>SCRAM-SHA-1</mechanism><mechanism>CRAM-MD5</mechanism><mechanism>DIGEST-MD5</mechanism></mechanisms><compression xmlns="http://jabber.org/features/compress"><method>zlib</method></compression><ver xmlns="urn:xmpp:features:rosterver"/><auth xmlns="http://jabber.org/features/iq-auth"/><register xmlns="http://jabber.org/features/iq-register"/></stream:features>

517821182 | 2024-05-05T11:41:27.805617

7070 / tcp

HTTP/1.1 200 OK
Date: Sun, 05 May 2024 11:41:17 GMT
X-Frame-Options: samedomain
X-XSS-Protection: 1;mode=block
X-Content-Type-Options: nosiff
Last-Modified: Fri, 10 Jun 2022 09:18:04 GMT
Content-Type: text/html
Accept-Ranges: bytes
Content-Length: 162

-1183234733 | 2024-05-15T01:38:31.775498

8000 / tcp

HTTP/1.1 200 OK
Server: WVS
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
X-UA-Compatible: IE=8
Cache-Control: private,max-age=86400000
ETag: "HCPGHF5c4V7"
Last-Modified: Thu, 06 May 2021 01:48:18 GMT
Set-Cookie: ecology_JSessionid=aaashNhHusGhh9_MzyX9y; path=/
Content-Type: text/html; charset=utf-8
Content-Length: 3235
Date: Wed, 15 May 2024 01:38:01 GMT

931026071 | 2024-04-19T14:02:31.243704

8080 / tcp

HTTP/1.1 404 Not Found
Server: Apache-Coyote/1.1
Content-Length: 0
Date: Fri, 19 Apr 2024 14:02:31 GMT

-800490336 | 2024-05-17T01:51:43.391034

9000 / tcp

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=ISO-8859-1
Transfer-Encoding: chunked
Date: Fri, 17 May 2024 01:51:43 GMT

-26266359 | 2024-05-17T00:14:07.245495

9090 / tcp

HTTP/1.1 200 OK
Date: Fri, 17 May 2024 00:13:58 GMT
Set-Cookie: JSESSIONID=node013fyaoec2q7tm1v633ghxk70ut10783.node0; Path=/; HttpOnly
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Content-Type: text/html;charset=utf-8
Set-Cookie: csrf=pv9d2OP06wE1VxG; Path=/;HttpOnly; HttpOnly
Content-Language: zh-CN
Content-Length: 7891

-1705858303 | 2024-05-13T20:17:42.092459

9981 / tcp

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/10.0
Set-Cookie: ASP.NET_SessionId=sicfgcudnai0oga2h41hpxqq; path=/; HttpOnly; SameSite=Lax
X-Powered-By: ASP.NET
Date: Mon, 13 May 2024 20:17:41 GMT
Content-Length: 3038

218.66.6.37

Last Seen: 2024-05-17

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-1183234733 | 2024-05-14T09:04:46.378408
80 / tcp

nginx1.24.0

864035421 | 2024-05-14T21:13:39.973915
88 / tcp

Microsoft IIS httpd7.5

1477589034 | 2024-05-07T03:03:06.265147
443 / tcp

nginx1.24.0

-1310448906 | 2024-05-14T12:41:00.401647
1433 / tcp

MS-SQL Server 2000 SP48.0.2039.0

-1758168245 | 2024-05-17T08:01:02.542161
5222 / tcp

517821182 | 2024-05-05T11:41:27.805617
7070 / tcp

-1183234733 | 2024-05-15T01:38:31.775498
8000 / tcp

931026071 | 2024-04-19T14:02:31.243704
8080 / tcp

Apache Tomcat/Coyote JSP engine1.1

-800490336 | 2024-05-17T01:51:43.391034
9000 / tcp

Apache Tomcat

-26266359 | 2024-05-17T00:14:07.245495
9090 / tcp

-1705858303 | 2024-05-13T20:17:42.092459
9981 / tcp

Microsoft IIS httpd10.0

Products

Pricing

Contact Us

218.66.6.37

Last Seen: 2024-05-17

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-1183234733 | 2024-05-14T09:04:46.378408 80 / tcp

nginx1.24.0

864035421 | 2024-05-14T21:13:39.973915 88 / tcp

Microsoft IIS httpd7.5

1477589034 | 2024-05-07T03:03:06.265147 443 / tcp

nginx1.24.0

-1310448906 | 2024-05-14T12:41:00.401647 1433 / tcp

MS-SQL Server 2000 SP48.0.2039.0

-1758168245 | 2024-05-17T08:01:02.542161 5222 / tcp

517821182 | 2024-05-05T11:41:27.805617 7070 / tcp

-1183234733 | 2024-05-15T01:38:31.775498 8000 / tcp

931026071 | 2024-04-19T14:02:31.243704 8080 / tcp

Apache Tomcat/Coyote JSP engine1.1

-800490336 | 2024-05-17T01:51:43.391034 9000 / tcp

Apache Tomcat

-26266359 | 2024-05-17T00:14:07.245495 9090 / tcp

-1705858303 | 2024-05-13T20:17:42.092459 9981 / tcp

Microsoft IIS httpd10.0

Products

Pricing

Contact Us

-1183234733 | 2024-05-14T09:04:46.378408
80 / tcp

864035421 | 2024-05-14T21:13:39.973915
88 / tcp

1477589034 | 2024-05-07T03:03:06.265147
443 / tcp

-1310448906 | 2024-05-14T12:41:00.401647
1433 / tcp

-1758168245 | 2024-05-17T08:01:02.542161
5222 / tcp

517821182 | 2024-05-05T11:41:27.805617
7070 / tcp

-1183234733 | 2024-05-15T01:38:31.775498
8000 / tcp

931026071 | 2024-04-19T14:02:31.243704
8080 / tcp

-800490336 | 2024-05-17T01:51:43.391034
9000 / tcp

-26266359 | 2024-05-17T00:14:07.245495
9090 / tcp

-1705858303 | 2024-05-13T20:17:42.092459
9981 / tcp