GeneralInformation

Hostnames	atest.fvds.ru diyakov5.fvds.ru back.portal-nt.fvds.ru ctl.portal-nt.fvds.ru dashboard.portal-nt.fvds.ru front.portal-nt.fvds.ru grafana.portal-nt.fvds.ru mobile-front.portal-nt.fvds.ru sso.portal-nt.fvds.ru vm.portal-nt.fvds.ru
Domains	fvds.ru
Country	Russian Federation
City	Moscow
Organization	JSC IOT
ISP	JSC IOT
ASN	AS29182

WebTechnologies

JavaScript libraries

UI frameworks

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2023-26049	Jetty is a java based web server and servlet engine. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies, or otherwise perform unintended behavior by tampering with the cookie parsing mechanism. If Jetty sees a cookie VALUE that starts with `"` (double quote), it will continue to read the cookie string until it sees a closing quote -- even if a semicolon is encountered. So, a cookie header such as: `DISPLAY_LANGUAGE="b; JSESSIONID=1337; c=d"` will be parsed as one cookie, with the name DISPLAY_LANGUAGE and a value of b; JSESSIONID=1337; c=d instead of 3 separate cookies. This has security implications because if, say, JSESSIONID is an HttpOnly cookie, and the DISPLAY_LANGUAGE cookie value is rendered on the page, an attacker can smuggle the JSESSIONID cookie into the DISPLAY_LANGUAGE cookie and thereby exfiltrate it. This is significant when an intermediary is enacting some policy based on cookies, so a smuggled cookie can bypass that policy yet still be seen by the Jetty server or its logging system. This issue has been addressed in versions 9.4.51, 10.0.14, 11.0.14, and 12.0.0.beta0 and users are advised to upgrade. There are no known workarounds for this issue.
CVE-2023-26048	Jetty is a java based web server and servlet engine. In affected versions servlets with multipart support (e.g. annotated with `@MultipartConfig`) that call `HttpServletRequest.getParameter()` or `HttpServletRequest.getParts()` may cause `OutOfMemoryError` when the client sends a multipart request with a part that has a name but no filename and very large content. This happens even with the default settings of `fileSizeThreshold=0` which should stream the whole part content to disk. An attacker client may send a large multipart request and cause the server to throw `OutOfMemoryError`. However, the server may be able to recover after the `OutOfMemoryError` and continue its service -- although it may take some time. This issue has been patched in versions 9.4.51, 10.0.14, and 11.0.14. Users are advised to upgrade. Users unable to upgrade may set the multipart parameter `maxRequestSize` which must be set to a non-negative value, so the whole multipart content is limited (although still read into memory).
CVE-2022-2048	5.0In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid HTTP/2 request, the error handling has a bug that can wind up not properly cleaning up the active connections and associated resources. This can lead to a Denial of Service scenario where there are no enough resources left to process good requests.
CVE-2022-2047	4.0In Eclipse Jetty versions 9.4.0 thru 9.4.46, and 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, the parsing of the authority segment of an http scheme URI, the Jetty HttpURI class improperly detects an invalid input as a hostname. This can lead to failures in a Proxy scenario.
CVE-2021-34428	3.6For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, if an exception is thrown from the SessionListener#sessionDestroyed() method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can result in a session not being invalidated. This can result in an application used on a shared computer being left logged in.
CVE-2021-28169	5.0For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, it is possible for requests to the ConcatServlet with a doubly encoded path to access protected resources within the WEB-INF directory. For example a request to `/concat?/%2557EB-INF/web.xml` can retrieve the web.xml file. This can reveal sensitive information regarding the implementation of a web application.
CVE-2020-27216	4.4In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. If the attacker wins the race then they will have read and write permission to the subdirectory used to unpack web applications, including their WEB-INF/lib jar files and JSP files. If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability.
CVE-2020-11023	4.3In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022	4.3In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2019-8331	4.3In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.
CVE-2019-11358	4.3jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CVE-2018-20677	4.3In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.
CVE-2018-20676	4.3In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.
CVE-2018-14042	4.3In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.
CVE-2018-14040	4.3In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.
CVE-2017-9735	5.0Jetty through 9.4.x is prone to a timing channel in util/security/Password.java, which makes it easier for remote attackers to obtain access by observing elapsed times before rejection of incorrect passwords.
CVE-2017-7658	7.5In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second. When presented with a content-length and a chunked encoding header, the content-length was ignored (as per RFC 2616). If an intermediary decided on the shorter length, but still passed on the longer body, then body content could be interpreted by Jetty as a pipelined request. If the intermediary was imposing authorization, the fake pipelined request would bypass that authorization.
CVE-2017-7657	7.5In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request.
CVE-2017-7656	5.0In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), HTTP/0.9 is handled poorly. An HTTP/1 style request line (i.e. method space URI space version) that declares a version of HTTP/0.9 was accepted and treated as a 0.9 request. If deployed behind an intermediary that also accepted and passed through the 0.9 version (but did not act on it), then the response sent could be interpreted by the intermediary as HTTP/1 headers. This could be used to poison the cache if the server allowed the origin client to generate arbitrary content in the response.
CVE-2016-10735	4.3In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.
CVE-2015-9251	4.3jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.

OpenPorts

22 80 389 443 5432 6443 8042 10000 10250 30002 50070

-1820428964 | 2024-04-05T07:12:44.893693

22 / tcp

SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.6
Key type: ecdsa-sha2-nistp256
Key: AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMa6YV9dPCAcvIrXrAUF5Aa0
8qFhOYEVjUW43OzNgCYOytEQbsngLL0xB/H6Cfj9yNDb0DSLnQRwbCigqW8obb0=
Fingerprint: e9:25:68:a9:4a:90:99:d6:c9:fc:a3:d1:cb:2a:b7:cf

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	sntrup761x25519-sha512@openssh.com
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

-1770676154 | 2024-03-25T19:54:31.818667

80 / tcp

HTTP/1.1 503 Service Temporarily Unavailable
Date: Mon, 25 Mar 2024 19:54:31 GMT
Content-Type: text/html
Content-Length: 592
Connection: keep-alive

1234908227 | 2024-04-14T21:10:24.702678

389 / tcp

LDAP:
  NamingContexts: dc=example,dc=com
  SupportedControl:
    1.2.826.0.1.3344810.2.3
    1.2.840.113556.1.4.319
    1.3.6.1.1.12
    1.3.6.1.1.13.1
    1.3.6.1.1.13.2
    1.3.6.1.1.22
    1.3.6.1.4.1.4203.1.10.1
    2.16.840.1.113730.3.4.18
    2.16.840.1.113730.3.4.2
  SupportedExtension:
    1.3.6.1.1.8
    1.3.6.1.4.1.4203.1.11.1
    1.3.6.1.4.1.4203.1.11.3
  SupportedLDAPVersion: 3
  SupportedSASLMechanisms:
    CRAM-MD5
    DIGEST-MD5
    GS2-IAKERB
    GS2-KRB5
    GSS-SPNEGO
    GSSAPI
    NTLM
    OTP
    SCRAM-SHA-1
    SCRAM-SHA-256
  SubschemaSubentry: cn=Subschema

-1770676154 | 2024-04-16T08:55:09.918083

443 / tcp

HTTP/1.1 503 Service Temporarily Unavailable
Date: Tue, 16 Apr 2024 08:55:09 GMT
Content-Type: text/html
Content-Length: 592
Connection: keep-alive
Strict-Transport-Security: max-age=15724800; includeSubDomains

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:8a:f5:d8:f6:84:c7:8f:77:e7:c8:38:e9:3e:e4:3f:b0:1a
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Mar 18 13:47:33 2024 GMT
            Not After : Jun 16 13:47:32 2024 GMT
        Subject: CN=dashboard.portal-nt.fvds.ru
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:cb:25:43:fc:22:ec:3f:6f:f1:ef:66:5a:72:0c:
                    76:a3:de:c9:66:e1:eb:40:e8:84:1d:74:45:b3:4b:
                    48:54:b9:8a:4c:5b:10:81:6b:bc:0b:1c:cb:b5:23:
                    df:de:95:4b:28:f5:d3:fa:92:73:a1:ae:82:73:4e:
                    cc:bb:72:62:bc:16:04:44:04:51:d1:5d:db:a4:85:
                    3c:91:8b:2c:57:bc:c1:c9:6a:20:39:57:9f:e0:84:
                    d9:f4:e7:28:28:a9:ee:77:a2:0c:08:15:ac:56:f4:
                    e5:37:33:c5:5c:6a:76:d7:27:c0:f8:23:a7:34:81:
                    fe:87:52:d6:19:ca:b3:f7:9b:ae:e1:67:aa:24:fc:
                    de:f0:cd:f5:f5:ed:52:ba:0b:4c:0d:81:e4:93:bc:
                    e8:22:cf:fb:4a:e5:21:4a:c2:2f:15:f3:23:b4:68:
                    b6:5c:4d:39:1f:f8:26:0d:f0:55:60:be:20:e8:66:
                    37:21:1f:14:43:a1:24:9c:f7:ae:d0:0e:48:36:ea:
                    a6:8f:8a:fc:d1:31:70:64:0b:9d:66:5a:75:51:36:
                    96:41:c4:c5:9d:f1:9b:ab:d6:a3:6c:43:fe:40:11:
                    26:c6:98:66:96:a7:6c:1f:f8:13:80:76:dd:cb:99:
                    13:20:07:a9:77:c3:15:b0:a2:29:a4:0b:cd:58:30:
                    6c:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                3C:69:1E:B2:0B:16:37:89:9F:F2:65:DC:7C:59:75:E9:22:2C:DD:C0
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:back.portal-nt.fvds.ru, DNS:ctl.portal-nt.fvds.ru, DNS:dashboard.portal-nt.fvds.ru, DNS:front.portal-nt.fvds.ru, DNS:grafana.portal-nt.fvds.ru, DNS:mobile-front.portal-nt.fvds.ru, DNS:sso.portal-nt.fvds.ru, DNS:vm.portal-nt.fvds.ru
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
                                67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
                    Timestamp : Mar 18 14:47:33.687 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:D0:A9:6F:A6:4C:1A:D6:CD:BD:E9:D4:
                                1D:93:21:FB:F7:8E:80:32:AC:AD:5D:73:6D:2C:BB:89:
                                63:51:99:71:7D:02:21:00:F8:AD:F2:71:06:22:65:02:
                                B1:41:E6:09:C6:20:B7:24:EE:16:F1:3F:7A:52:CF:B4:
                                D8:88:E5:6B:16:24:2A:17
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E2:BF:D6:1E:DE:2F:2F:07:A0:D6:4E:6D:37:A7:DC:
                                65:43:B0:C6:B5:2E:A2:DA:B7:8A:F8:9A:6D:F5:17:D8
                    Timestamp : Mar 18 14:47:33.820 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:4F:91:EF:48:E8:5D:E2:5F:6E:86:C4:1D:
                                BF:24:30:FD:2C:40:0E:14:CA:B2:3D:3A:4D:4B:AC:87:
                                BD:7E:20:D2:02:21:00:B5:65:0B:23:31:CA:A6:BA:3E:
                                D9:D9:0B:07:C9:2C:CC:A9:4F:A3:DE:BC:FE:C1:2D:3C:
                                2B:20:AA:D6:27:3B:8F
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        99:e5:6f:b6:c2:8c:31:f4:5d:39:91:80:94:18:45:68:df:57:
        19:00:4f:76:2c:94:30:13:0e:65:a5:e6:8e:75:b8:30:9f:ee:
        be:7c:ca:66:16:6f:a0:a4:80:c2:de:5a:be:02:1a:21:5c:95:
        f9:f9:62:00:50:f4:0e:06:bd:40:99:85:ac:b0:9e:db:c5:dd:
        96:c4:36:f7:80:be:6c:9e:0b:2d:04:d6:9d:7b:6b:f7:45:cf:
        cd:93:6a:a4:f9:36:f3:70:e6:36:b6:aa:9c:5c:5a:c2:4d:8b:
        77:12:53:fe:7d:37:cb:c9:48:44:d4:36:f4:ec:ad:cd:cc:2f:
        68:73:95:45:27:f4:04:df:34:06:f4:fc:a3:a9:2c:20:22:e4:
        b4:20:f1:70:21:b4:f6:d0:67:8f:ce:d0:c5:51:4c:3d:25:db:
        18:63:64:80:0f:f0:66:40:24:b1:a2:bb:ae:cb:83:6d:cd:1f:
        1b:f0:76:d9:58:3a:66:25:15:63:f7:7e:84:68:f4:9a:12:f6:
        1b:60:94:c0:ce:6e:7f:a4:50:2b:fd:48:07:d9:e5:8b:42:08:
        dd:29:1c:ce:0f:39:f0:ab:cf:cc:85:e3:b4:b9:ae:d2:41:aa:
        10:44:74:fe:b5:a3:f3:e5:8c:eb:0d:ce:b5:ea:ba:f6:a1:bd:
        bd:4b:e2:b8

1321681067 | 2024-04-16T01:42:30.069772

5432 / tcp

PostgreSQL
FATAL:  no pg_hba.conf entry for host "224.135.200.193", user "postgres", database "template0", SSL encryption
FATAL:  no pg_hba.conf entry for host "224.135.200.193", user "postgres", database "template0", no encryption

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:88:6c:84:4e:44:19:ba:40:5a:07:e9:ef:ad:47:ac:e4:8a:bc:6a
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=localhost
        Validity
            Not Before: Nov 29 13:11:49 2023 GMT
            Not After : Nov 26 13:11:49 2033 GMT
        Subject: CN=localhost
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:e2:9f:86:3e:1a:ef:73:a5:c0:8b:bf:94:e6:ad:
                    aa:9a:fa:bf:42:15:33:26:87:36:73:04:6f:a7:51:
                    e3:ed:5b:e7:a8:1c:da:1e:00:55:08:c9:df:29:f0:
                    7a:c1:4f:8c:f1:bc:b5:08:3d:d7:66:5a:d2:89:3d:
                    06:42:d3:83:bb:ba:6b:d2:ec:8e:21:12:d5:39:10:
                    c2:c9:02:d1:46:e1:6f:22:71:d8:8a:58:73:81:43:
                    35:79:e3:79:ff:ff:4e:14:a7:36:5f:01:25:6a:49:
                    aa:59:bb:5e:11:81:2e:9d:54:d1:f1:68:73:5a:ca:
                    ca:02:f8:e5:3f:25:28:97:10:63:f5:ba:35:46:52:
                    d3:38:47:dd:ce:4f:11:79:65:33:e2:2c:d2:99:45:
                    62:87:f5:13:32:85:a6:af:e4:4a:63:f8:7a:3b:a5:
                    22:0f:75:b9:6c:50:ce:44:a1:cd:18:b7:c4:cc:5d:
                    d7:e7:9e:17:4d:f7:a5:fe:ae:22:df:3d:46:dd:31:
                    8b:8b:84:6f:3f:a3:82:0e:23:7a:fd:a0:ff:a0:79:
                    23:ca:86:4b:47:f2:61:19:42:ab:33:06:6f:e9:6d:
                    9e:bc:1b:b5:f8:3e:93:00:6a:1c:69:55:5d:d3:34:
                    a0:b0:ac:c4:fb:54:fe:7b:95:e0:46:2a:13:3c:de:
                    9b:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
            X509v3 Subject Alternative Name: 
                DNS:localhost
            X509v3 Subject Key Identifier: 
                AA:14:09:97:7F:19:F8:11:0B:EF:C4:3A:71:D3:6D:52:1C:07:50:0C
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        2d:34:8e:65:9f:15:56:71:df:32:21:73:94:81:4d:64:52:57:
        42:04:64:47:3e:a5:08:84:34:a4:63:29:da:c6:8b:52:38:21:
        34:5f:77:e8:54:5a:7a:86:20:82:70:de:2a:f5:4f:cb:8d:e8:
        fe:de:00:36:4d:e2:d0:f6:94:97:29:37:c2:be:51:9e:51:6e:
        db:72:6c:40:be:b8:d7:a8:80:46:af:3f:3a:dd:5b:37:e0:65:
        69:5f:1d:32:35:81:52:f7:4e:c7:29:08:7c:f5:dc:c8:f8:a5:
        46:66:e0:ed:90:60:7b:4f:65:3d:85:80:7a:2d:bb:f1:11:2d:
        d1:b5:a1:8a:d5:37:d0:f2:71:59:79:b4:08:29:45:3a:ca:a6:
        19:75:c5:58:f8:ec:6e:12:41:44:ce:09:f5:8c:93:7c:32:9b:
        4f:40:fa:d4:e6:79:e9:7a:03:fd:bb:26:6a:f9:38:02:f2:f5:
        dc:e2:73:42:87:29:3e:46:3a:85:ab:55:fc:b9:51:d1:25:1b:
        dc:9b:ee:cc:3f:a4:10:5c:ff:63:13:ee:7c:2d:de:bd:5a:d6:
        ce:82:7c:14:27:40:65:29:2c:7d:4d:97:45:5e:09:ed:f3:02:
        54:a2:ba:77:4f:37:99:5b:2b:2b:42:96:a3:43:39:b7:93:3f:
        fc:8a:d0:9d

-61568676 | 2024-04-19T02:41:33.809707

6443 / tcp

HTTP/1.1 403 Forbidden
Audit-Id: fabeda00-3351-4b2f-acb0-30aaf67b4fb0
Cache-Control: no-cache, private
Content-Type: application/json
X-Content-Type-Options: nosniff
X-Kubernetes-Pf-Flowschema-Uid: be067f2a-ac7c-454e-94b8-8cf2179fe386
X-Kubernetes-Pf-Prioritylevel-Uid: 31cab6ed-efdf-43e1-a173-6c4d1634dcbd
Date: Fri, 19 Apr 2024 02:41:33 GMT
Content-Length: 217

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3961997661205858607 (0x36fbd7e19d1a892f)
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=kubernetes
        Validity
            Not Before: Nov 28 13:01:30 2023 GMT
            Not After : Nov 27 13:06:30 2024 GMT
        Subject: CN=kube-apiserver
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b8:e8:a0:b4:b4:1c:f4:b3:35:c1:ca:0a:77:9c:
                    c3:3e:3d:61:34:60:fd:98:93:67:4f:69:f4:dc:ca:
                    a5:32:22:1a:e5:5b:28:44:e9:f4:24:cb:50:14:9f:
                    ab:69:e4:93:a5:d6:a7:b5:d2:ba:bd:68:dd:db:67:
                    92:74:c4:58:81:a4:50:85:19:ca:bd:e3:0d:54:34:
                    a2:58:cf:4d:e6:9d:42:be:db:d0:c0:3e:78:4d:5d:
                    84:e8:93:bd:06:01:cc:ec:d8:11:dd:23:16:41:c1:
                    7d:0d:a2:32:c2:6c:9f:3c:de:0a:86:ce:27:68:b8:
                    e9:62:f6:80:3b:46:0a:32:d4:c1:8d:d7:c3:8e:99:
                    40:f9:c5:af:d5:17:9d:d8:cc:83:80:f0:e3:33:a1:
                    96:1c:9d:0b:93:f3:33:be:e6:63:8a:5b:a2:71:54:
                    6d:eb:e8:5c:ae:b4:01:ee:15:a4:59:d4:b8:97:75:
                    01:80:a4:6f:d7:b7:88:e1:fd:52:cc:eb:6d:2b:58:
                    51:88:85:6b:a6:83:e3:be:f9:50:5a:da:0f:38:01:
                    42:d3:cd:a8:d8:9a:4d:aa:e9:eb:c5:5a:b9:95:25:
                    f4:ea:3a:f3:c8:9e:48:2f:4b:52:da:a2:9d:5f:83:
                    e6:58:62:4f:2a:67:f5:fd:d3:35:48:b2:1a:72:10:
                    bb:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Authority Key Identifier: 
                84:6F:BD:8E:58:43:AE:ED:CF:14:C5:0F:A3:BE:FF:33:1E:E7:E1:33
            X509v3 Subject Alternative Name: 
                DNS:k8s.local, DNS:kubernetes, DNS:kubernetes.default, DNS:kubernetes.default.svc, DNS:kubernetes.default.svc.cluster.local, DNS:portal, IP Address:10.96.0.1, IP Address:82.146.62.118
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        64:ef:44:36:17:cb:41:00:0e:ec:00:81:b6:38:80:c0:28:c3:
        7a:34:04:22:d5:36:75:4e:82:39:35:bd:d2:95:fc:96:86:4e:
        f9:c5:18:bb:3e:13:ea:4a:db:8a:e0:95:ca:f7:75:9f:a1:67:
        54:db:aa:46:09:d1:32:e8:f4:97:a8:d7:75:08:10:3a:c0:57:
        df:f7:fe:61:d8:98:77:47:cf:7c:31:2d:c4:59:1d:9e:52:34:
        40:a4:73:36:c9:ca:ca:94:10:58:c3:ac:ed:f7:c0:8c:df:69:
        db:0e:68:58:cb:db:e4:2a:a8:b1:5c:ae:ff:cf:c2:05:e4:bd:
        e9:a7:f2:1d:88:4c:90:d6:c1:67:5c:37:cc:39:fa:f8:ca:45:
        59:a1:e8:2b:7c:37:89:67:b1:13:2e:0f:df:da:14:8a:99:7e:
        d0:6d:b8:c6:fd:1e:76:83:f0:93:eb:9e:17:f1:18:f5:db:36:
        fc:88:f8:51:ad:ba:ad:3f:3e:96:96:6a:b2:e4:32:95:36:3f:
        54:57:56:7b:91:69:28:e8:6e:09:04:64:9c:36:9d:52:50:9d:
        57:02:99:42:54:e9:34:29:37:91:6a:86:53:c4:f0:d1:5d:dd:
        9c:ad:dd:53:6d:4e:03:2d:a9:70:08:93:c4:8e:21:90:cf:65:
        df:29:c6:e6

-2002686497 | 2024-03-21T20:25:42.477589

8042 / tcp

HTTP/1.1 200 OK
Date: Thu, 21 Mar 2024 20:25:42 GMT
Cache-Control: no-cache
Expires: Thu, 21 Mar 2024 20:25:42 GMT
Date: Thu, 21 Mar 2024 20:25:42 GMT
Pragma: no-cache
Content-Type: text/html;charset=utf-8
X-Content-Type-Options: nosniff
X-FRAME-OPTIONS: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Vary: Accept-Encoding
Content-Length: 6573

1286055688 | 2024-03-23T16:09:27.410713

10000 / tcp

Apache Hive:
  Database #1:
    Name: default

731197476 | 2024-04-17T00:52:22.853417

10250 / tcp

HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=utf-8
X-Content-Type-Options: nosniff
Date: Wed, 17 Apr 2024 00:52:22 GMT
Content-Length: 19

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8221736552153977114 (0x721979d563fb911a)
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=portal-ca@1701176793
        Validity
            Not Before: Nov 28 12:06:33 2023 GMT
            Not After : Nov 27 12:06:33 2024 GMT
        Subject: CN=portal@1701176793
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b9:c9:19:8e:2b:da:1a:62:f4:60:64:01:25:be:
                    e5:83:24:e2:5f:06:0e:52:f6:ab:28:c3:58:be:22:
                    44:47:a8:45:c6:bb:03:50:79:7d:c4:b7:98:51:96:
                    42:54:a3:70:71:8f:b8:49:67:a5:4b:0c:0f:e8:4e:
                    91:bd:b6:43:c1:54:cd:6c:3d:78:8c:c8:ac:86:9a:
                    18:ec:a7:cd:9d:60:b1:a4:b3:f6:1b:0d:f3:18:54:
                    76:3c:3d:16:16:fd:0b:18:57:8b:b7:44:cc:9a:d0:
                    e8:4d:5e:d8:13:46:9c:2c:05:41:ea:bd:42:3a:e9:
                    1f:c5:5e:8e:62:51:e5:b6:bf:46:8c:eb:dd:6b:74:
                    50:58:a5:bd:f9:2c:00:dc:ee:c4:32:14:f9:01:ff:
                    53:dd:e7:84:57:7e:12:42:73:c0:86:0e:08:60:eb:
                    5a:20:8d:34:01:2e:54:bf:eb:cb:04:93:d4:92:94:
                    1f:ce:86:fc:2c:15:83:73:dc:a2:f4:cc:23:c3:46:
                    f1:8e:d2:8f:39:69:3f:11:4c:f8:43:be:b4:ee:16:
                    34:46:34:2e:db:47:3e:60:c2:e7:73:9b:7e:f6:19:
                    89:98:f0:0c:34:7f:60:26:c2:11:ae:48:e0:cd:b3:
                    24:1b:e3:00:36:03:4f:4b:f3:10:39:cd:80:9d:ec:
                    d0:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Authority Key Identifier: 
                9A:FB:1F:10:5D:C1:B4:A4:FC:6E:91:F2:96:BB:0D:3E:8C:F6:F3:17
            X509v3 Subject Alternative Name: 
                DNS:portal
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        3a:b8:62:df:65:b9:8a:a8:91:6c:35:a3:b2:4e:7c:08:98:63:
        f0:d0:af:39:c0:03:4c:86:e3:db:b7:93:70:6d:b5:e6:05:7a:
        b7:a0:ac:35:21:88:10:9f:b8:d2:b2:c2:c0:fb:f2:d9:54:1c:
        28:75:42:f6:67:76:2d:4a:e8:2b:5c:06:bc:41:28:62:5f:c3:
        46:39:e3:bb:5d:4f:da:44:33:2e:2f:24:f0:f0:55:cd:e0:8b:
        45:7f:d9:f7:fc:fb:9c:cb:86:3e:ee:d1:44:ee:e8:b7:91:3c:
        d5:77:95:35:a8:66:c0:d1:9b:8a:f3:85:a4:f5:39:32:d7:9d:
        46:53:46:f0:82:7a:82:85:9a:2f:30:28:f2:22:62:df:24:c8:
        83:cb:48:1c:10:95:c4:53:18:d5:70:9a:3c:97:6d:fa:89:55:
        84:f7:12:d9:f8:fd:ff:7e:2c:0b:21:09:72:0b:ba:e1:9f:95:
        da:7e:6d:f4:57:4a:88:23:cc:78:04:45:20:be:f1:75:aa:c7:
        d9:bb:d4:aa:f1:0b:9f:a7:24:c7:de:7c:49:c3:6f:28:3f:66:
        14:47:a5:35:c8:a2:f0:cc:13:c4:ca:ac:af:cd:59:71:b1:e8:
        b5:27:22:98:22:4b:ce:88:15:6c:be:7c:83:43:88:4e:4a:62:
        e8:01:32:ea

677860685 | 2024-04-09T20:09:28.326652

30002 / tcp

\x00\x00\x00[~Y0W\xa0\x03\x02\x01\x05\xa1\x03\x02\x01\x1e\xa4\x11\x18\x0f20240409200928Z\xa5\x05\x02\x03\x02\xba\xb0\xa6\x03\x02\x01=\xa9\r\x1b\x0bEXAMPLE.COM\xaa\x1d0\x1b\xa0\x03\x02\x01\x00\xa1\x140\x12\x1b\x06kadmin\x1b\x08changepw

-225237790 | 2024-03-24T01:47:48.220211

50070 / tcp

HTTP/1.1 200 OK
Cache-Control: no-cache
Expires: Sun, 24 Mar 2024 01:47:48 GMT
Date: Sun, 24 Mar 2024 01:47:48 GMT
Pragma: no-cache
Expires: Sun, 24 Mar 2024 01:47:48 GMT
Date: Sun, 24 Mar 2024 01:47:48 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Accept-Ranges: bytes
Content-Length: 13529
Last-Modified: Tue, 01 Aug 2017 00:35:47 GMT
Server: Jetty(6.1.26)

82.146.62.118

Last Seen: 2024-04-19

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-1820428964 | 2024-04-05T07:12:44.893693
22 / tcp

OpenSSH8.9p1 Ubuntu-3ubuntu0.6

-1770676154 | 2024-03-25T19:54:31.818667
80 / tcp

1234908227 | 2024-04-14T21:10:24.702678
389 / tcp

-1770676154 | 2024-04-16T08:55:09.918083
443 / tcp

1321681067 | 2024-04-16T01:42:30.069772
5432 / tcp

PostgreSQL

-61568676 | 2024-04-19T02:41:33.809707
6443 / tcp

-2002686497 | 2024-03-21T20:25:42.477589
8042 / tcp

1286055688 | 2024-03-23T16:09:27.410713
10000 / tcp

Apache Hive

731197476 | 2024-04-17T00:52:22.853417
10250 / tcp

Kubernetes

677860685 | 2024-04-09T20:09:28.326652
30002 / tcp

-225237790 | 2024-03-24T01:47:48.220211
50070 / tcp

Jetty6.1.26

Products

Pricing

Contact Us

82.146.62.118

Last Seen: 2024-04-19

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-1820428964 | 2024-04-05T07:12:44.893693 22 / tcp

OpenSSH8.9p1 Ubuntu-3ubuntu0.6

-1770676154 | 2024-03-25T19:54:31.818667 80 / tcp

1234908227 | 2024-04-14T21:10:24.702678 389 / tcp

-1770676154 | 2024-04-16T08:55:09.918083 443 / tcp

1321681067 | 2024-04-16T01:42:30.069772 5432 / tcp

PostgreSQL

-61568676 | 2024-04-19T02:41:33.809707 6443 / tcp

-2002686497 | 2024-03-21T20:25:42.477589 8042 / tcp

1286055688 | 2024-03-23T16:09:27.410713 10000 / tcp

Apache Hive

731197476 | 2024-04-17T00:52:22.853417 10250 / tcp

Kubernetes

677860685 | 2024-04-09T20:09:28.326652 30002 / tcp

-225237790 | 2024-03-24T01:47:48.220211 50070 / tcp

Jetty6.1.26

Products

Pricing

Contact Us

-1820428964 | 2024-04-05T07:12:44.893693
22 / tcp

-1770676154 | 2024-03-25T19:54:31.818667
80 / tcp

1234908227 | 2024-04-14T21:10:24.702678
389 / tcp

-1770676154 | 2024-04-16T08:55:09.918083
443 / tcp

1321681067 | 2024-04-16T01:42:30.069772
5432 / tcp

-61568676 | 2024-04-19T02:41:33.809707
6443 / tcp

-2002686497 | 2024-03-21T20:25:42.477589
8042 / tcp

1286055688 | 2024-03-23T16:09:27.410713
10000 / tcp

731197476 | 2024-04-17T00:52:22.853417
10250 / tcp

677860685 | 2024-04-09T20:09:28.326652
30002 / tcp

-225237790 | 2024-03-24T01:47:48.220211
50070 / tcp