GeneralInformation

Hostnames	ns3216533.ip-141-95-98.eu
Domains	ip-141-95-98.eu
Country	Germany
City	Frankfurt am Main
Organization	OVH GmbH
ISP	OVH SAS
ASN	AS16276

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-46674	7.8An issue was identified that allowed the unsafe deserialization of java objects from hadoop or spark configuration properties that could have been modified by authenticated users. Elastic would like to thank Yakov Shafranovich, with Amazon Web Services for reporting this issue.
CVE-2023-46673	7.5It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API.
CVE-2023-31419	7.5A flaw was discovered in Elasticsearch, affecting the _search API that allowed a specially crafted query string to cause a Stack Overflow and ultimately a Denial of Service.
CVE-2023-31418	7.5An issue has been identified with how Elasticsearch handled incoming requests on the HTTP layer. An unauthenticated user could force an Elasticsearch node to exit with an OutOfMemory error by sending a moderate number of malformed HTTP requests. The issue was identified by Elastic Engineering and we have no indication that the issue is known or that it is being exploited in the wild.
CVE-2023-31417	4.4Elasticsearch generally filters out sensitive information and credentials before logging to the audit log. It was found that this filtering was not applied when requests to Elasticsearch use certain deprecated URIs for APIs. The impact of this flaw is that sensitive information such as passwords and tokens might be printed in cleartext in Elasticsearch audit logs. Note that audit logging is disabled by default and needs to be explicitly enabled and even when audit logging is enabled, request bodies that could contain sensitive information are not printed to the audit log unless explicitly configured.

OpenPorts

22 80 443 3001 9200

479674392 | 2024-04-12T01:15:37.676338

22 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.11
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQDAAAAVab0cVAzxCjN6vBM0WU0e3yDFhf5QjeX8dfP8d4su
qKgz63LW7cx/M2BIkFalZKtsq8VhFMrTAJpMLdtl7qVs1q2iSowgfBfJT0ZEGMb9pPKwVtZXIJlw
HFbOR3jbfxTALEESn724XW8WRW5oWDBL8ALQRtWTouns014Y+aDcEAPKzObuqWxuTqdSS49qkrkb
gVlTXOr0iCugdevK0CyoDlK+ZnkmbqIXMrTKZWU+Iw0tVktiqtj2JSdRTYosYW/0E5GaZeDYSZlf
G2g8HrXkWq8+bSgnXpMiYncFEULpvgKa/tT/hR6674IzbQaM+MnPhh5iDJ2ecQBTN8QEqCoYJIrA
bju4hmhiST7R33eBlS+7pU97mzNFeVd1V6Yz/NNd4FWgtXyW34yzPNyebjj+bfm4iN7Gno97u4zT
tOQm2aEFVHbfUOCiPxlxei+jjvuFVYKw27hiSQ2uXBGvRIw9L3YRGFOFR3ILDMlvtr/GyuotBM+o
xh8UZpHASjE=
Fingerprint: 82:ec:0b:42:db:98:00:67:ad:3a:74:27:5b:4e:ec:23

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

731197476 | 2024-04-18T21:42:09.046379

80 / tcp

HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=utf-8
X-Content-Type-Options: nosniff
Date: Thu, 18 Apr 2024 21:42:08 GMT
Content-Length: 19

731197476 | 2024-04-16T07:15:25.005253

443 / tcp

HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=utf-8
X-Content-Type-Options: nosniff
Date: Tue, 16 Apr 2024 07:15:24 GMT
Content-Length: 19

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:a2:94:82:8a:a9:07:c2:d4:73:7e:83:3a:df:0d:f5
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=TRAEFIK DEFAULT CERT
        Validity
            Not Before: Apr 15 02:00:00 2024 GMT
            Not After : Apr 15 02:00:00 2025 GMT
        Subject: CN=TRAEFIK DEFAULT CERT
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:d5:11:d0:74:c1:5e:d0:19:00:83:82:85:47:20:
                    c3:d3:01:bf:24:13:3c:a2:53:ca:6d:cd:e5:4a:ef:
                    13:ff:67:27:a9:cd:18:06:80:d3:ea:d6:30:0e:54:
                    d8:ec:90:3e:ba:1e:87:1a:d9:c5:12:78:36:be:a9:
                    e9:d0:f7:b7:38:36:ac:98:2e:26:c2:ef:00:17:1e:
                    b6:81:c9:26:86:7c:f5:66:e5:96:34:ba:d4:84:88:
                    88:c6:79:38:1a:18:1d:5c:2b:9b:4c:48:90:f4:b5:
                    d2:be:35:80:51:a2:ca:bd:21:19:7e:07:2e:51:ea:
                    2d:ed:65:3a:eb:97:c4:0c:da:b4:ba:1f:95:7e:82:
                    0d:f2:63:7b:c8:3e:2d:73:3f:5f:d7:39:33:d9:cc:
                    d7:fc:54:9b:25:bb:98:31:48:00:68:da:90:98:b3:
                    5f:ea:53:db:3c:96:58:84:3a:27:fe:f3:3f:e3:99:
                    5b:bf:80:30:05:1c:8a:0a:fb:d8:95:8c:71:4c:c4:
                    98:bd:74:ca:6b:99:7a:a3:30:64:e3:df:d7:ed:3f:
                    af:e8:93:41:e3:a7:a2:5a:03:42:9d:e5:df:67:f9:
                    2e:d5:bb:15:90:be:fa:58:30:62:37:11:d6:a9:1f:
                    b3:2f:fa:d7:19:86:06:92:be:fc:3d:46:0c:1e:5d:
                    b4:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment, Data Encipherment, Key Agreement
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Alternative Name: 
                DNS:ce3b6a1eeb4873118e7e06b728c5ed4f.5e0b6e5f76a3f15d1b68ba51f5382a76.traefik.default
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        c4:d7:3d:6f:7a:88:2d:9f:69:02:98:ed:fe:51:a3:a3:b5:45:
        45:d3:85:bf:7d:a8:f9:75:85:b4:34:a8:db:d7:98:44:9e:b9:
        0f:03:62:ea:6d:16:33:c0:fa:72:03:89:c9:9c:ca:6c:6d:91:
        7a:21:0a:89:13:38:79:a1:10:3e:f6:63:a9:9c:e7:f3:d7:87:
        37:82:cb:4b:c3:e1:c1:3d:fa:b5:db:46:9e:21:8e:af:e4:4f:
        95:a6:fe:08:52:b6:38:7e:1c:10:b4:cc:aa:45:9c:93:64:f5:
        99:2c:0a:5d:a9:db:dd:a5:fa:1c:91:1b:8c:40:40:06:d7:2b:
        60:d4:2d:38:9f:d8:62:82:52:4b:43:87:47:97:fc:3e:80:01:
        8c:ff:f4:c4:3f:d8:2a:85:54:ed:fe:4a:d5:77:70:65:45:16:
        7a:74:ab:fd:28:65:e3:e2:01:4f:cd:90:c0:36:f0:30:3a:53:
        38:b5:28:e3:4c:fe:67:44:bc:ab:4b:7e:97:66:c3:6e:6b:e5:
        42:30:f2:22:14:1b:0d:83:93:0d:8d:09:e3:fa:cd:e3:f1:2d:
        33:9e:3f:95:25:0a:b7:bf:28:a5:f4:0b:e8:7e:34:68:bb:93:
        32:da:05:5c:31:77:e5:ba:32:fc:6b:8a:c8:a5:8b:86:da:3d:
        ef:3a:d3:c9

-1246004407 | 2024-04-09T16:55:26.689154

3001 / tcp

HTTP/1.1 400 Bad Request
Connection: close

287341593 | 2024-04-15T06:57:29.580620

9200 / tcp

HTTP/1.1 200 OK
X-elastic-product: Elasticsearch
Warning: 299 Elasticsearch-7.17.7-78dcaaa8cee33438b91eca7f5c7f56a70fec9e80 "Elasticsearch built-in security features are not enabled. Without authentication, your cluster could be accessible to anyone. See https://www.elastic.co/guide/en/elasticsearch/reference/7.17/security-minimal-setup.html to enable security."
content-type: application/json; charset=UTF-8
content-length: 546


Elastic:
  Total Size: 2.55 GB
  Total Docs: 2,155,074
  Indices:
    accounts (40.2 MB)
    accounts-000001 (678.0 B)
    accountsesdt (8.66 MB)
    accountsesdt-000001 (678.0 B)
    accountsesdthistory (8.96 MB)
    accountsesdthistory-000001 (1.1 KB)
    accountshistory (16.69 MB)
    accountshistory-000001 (1.1 KB)
    api (4.74 KB)
    blocks (1.57 GB)
    blocks-000001 (678.0 B)
    casa (226.0 B)
    cgi-bin (6.3 KB)
    delegators (86.44 KB)
    delegators-000001 (678.0 B)
    epochinfo (9.67 MB)
    epochinfo-000001 (678.0 B)
    esdts (1.01 MB)
    esdts-000001 (678.0 B)
    logs (81.67 MB)
    logs-000001 (678.0 B)
    miniblocks (41.98 MB)
    miniblocks-000001 (678.0 B)
    minio (6.27 KB)
    operations (274.18 MB)
    operations-000001 (1.1 KB)
    rating (7.8 MB)
    rating-000001 (226.0 B)
    read_me (4.4 KB)
    receipts (1.56 MB)
    receipts-000001 (678.0 B)
    rounds (194.58 MB)
    rounds-000001 (678.0 B)
    scdeploys (691.68 KB)
    scdeploys-000001 (678.0 B)
    scresults (110.88 MB)
    scresults-000001 (678.0 B)
    service (20.33 KB)
    tags (27.39 KB)
    tags-000001 (678.0 B)
    test (3.89 KB)
    tokens (8.87 MB)
    tokens-000001 (678.0 B)
    transactions (151.44 MB)
    transactions-000001 (1.1 KB)
    validators (4.83 MB)
    validators-000001 (226.0 B)
    .geoip_databases (32.47 MB)

141.95.98.67

Last Seen: 2024-04-18

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

479674392 | 2024-04-12T01:15:37.676338
22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

731197476 | 2024-04-18T21:42:09.046379
80 / tcp

731197476 | 2024-04-16T07:15:25.005253
443 / tcp

-1246004407 | 2024-04-09T16:55:26.689154
3001 / tcp

287341593 | 2024-04-15T06:57:29.580620
9200 / tcp

Elastic7.17.7

Products

Pricing

Contact Us

141.95.98.67

Last Seen: 2024-04-18

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

479674392 | 2024-04-12T01:15:37.676338 22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

731197476 | 2024-04-18T21:42:09.046379 80 / tcp

731197476 | 2024-04-16T07:15:25.005253 443 / tcp

-1246004407 | 2024-04-09T16:55:26.689154 3001 / tcp

287341593 | 2024-04-15T06:57:29.580620 9200 / tcp

Elastic7.17.7

Products

Pricing

Contact Us

479674392 | 2024-04-12T01:15:37.676338
22 / tcp

731197476 | 2024-04-18T21:42:09.046379
80 / tcp

731197476 | 2024-04-16T07:15:25.005253
443 / tcp

-1246004407 | 2024-04-09T16:55:26.689154
3001 / tcp

287341593 | 2024-04-15T06:57:29.580620
9200 / tcp