194.213.38.242
{
"scan_id": 1726660205,
"ip": "194.213.38.242",
"is_ipv4": true,
"is_ipv6": false,
"location": {
"network": "194.213.38.192/26",
"postal_code": "391 55",
"coordinates": {
"latitude": "49.4094",
"longitude": "14.8154"
},
"geo_point": "49.4094, 14.8154",
"locale_code": "en",
"continent": "Europe",
"country_code": "CZ",
"country_name": "Czechia",
"city": "Chýnov"
},
"location_updated_at": "2024-03-21T11:29:20Z",
"asn": {
"number": "AS13036",
"organization": "T-Mobile Czech Republic a.s.",
"country_code": ""
},
"asn_updated_at": "0001-01-01T00:00:00Z",
"whois": {
"network": "194.213.38.240/29",
"organization": "Siemens, s.r.o.",
"descr": "Siemens, s.r.o.",
"_encoding": {
"raw": "BASE64"
}
},
"whois_updated_at": "2024-09-17T06:35:57Z",
"tags": [
{
"name": "is_anonymous_proxy",
"pretty_name": "Anonymous Proxy",
"value": false,
"last_updated_at": "2024-03-21T11:29:20Z"
},
{
"name": "is_cdn",
"pretty_name": "CDN",
"value": false,
"last_updated_at": "2024-09-16T05:29:46Z"
},
{
"name": "is_satellite_provider",
"pretty_name": "Satellite Provider",
"value": false,
"last_updated_at": "2024-03-21T11:29:20Z"
}
],
"hostnames": [
{
"name": "hq.inekon.cz",
"last_updated_at": "2024-09-18T19:26:30.61830215Z"
}
],
"services": [
{
"port": 53,
"protocol": "tcp",
"name": "domain",
"version": "",
"product": "",
"extra_info": "",
"tunnel": "",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2024-08-11T16:31:04.775Z"
},
{
"port": 443,
"protocol": "tcp",
"name": "https",
"version": "",
"product": "",
"extra_info": "",
"tunnel": "ssl",
"modules": {
"http": {
"body_murmur": 16943792,
"body_sha256": "f3bdb980f84d0976e28e841cec7ebabfa9b695bfea1b87931b63d2011b561629",
"content_length": 1852,
"headers": {
"connection": [
"keep-alive"
],
"content_language": [
"en"
],
"content_length": [
"1852"
],
"content_security_policy": [
"default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; font-src 'self' data:; frame-ancestors 'self';"
],
"content_type": [
"text/html;charset=utf-8"
],
"set_cookie": [
"KC_STATE_CHECKER=eyJhbGciOiJIUzUxMiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJiNjk1OTlkOC1mYzdlLTQyZjItOTZjYS1lZmNlYTk3ZDk1NDYifQ.eyJta3kiOiJpbnZhbGlkUGFyYW1ldGVyTWVzc2FnZSIsIm10eSI6IkVSUk9SIiwibXBhciI6WyJyZWRpcmVjdF91cmkiXSwic3RhdCI6NDAwLCJjbGlkIjoiYmJmYzhkMGEtNTA1OS00MjdhLWE2N2UtZDI5MTcwOWJlNDE1Iiwic3QyIjoiYjg1NTdlNmEtZDI5OS00ODA0LWIzM2YtYjNiYzk1OTlhNzgzIn0.aCePksTeYnJb3SUdR8J-mwaiTAeGQOKGjyLWcBJglxRJhnR32FO0VOFYIZeCHOBnr3G1FLPCe14SKqYykJAOWw;Version=1;Path=/auth/realms/customer/;Max-Age=300;HttpOnly"
],
"strict_transport_security": [
"max-age=63072000; includeSubDomains; preload"
],
"unknown": [
{
"key": "referrer_policy",
"value": [
"no-referrer"
]
},
{
"key": "x_robots_tag",
"value": [
"none"
]
}
],
"x_content_type_options": [
"nosniff"
],
"x_frame_options": [
"SAMEORIGIN"
],
"x_xss_protection": [
"0"
]
},
"protocol": "HTTP/1.1",
"redirects": [
{
"body_murmur": -9616316,
"body_sha256": "075f0fd7eeb4bfec31816d61be72b064d4899853b224bd5f380041d7dd0b1d19",
"content_length": 110,
"location": "https://iem.sieserver.cz/auth/realms/customer/protocol/openid-connect/auth?client_id=ie-management&scope=openid&redirect_uri=https%3A%2F%2F194.213.38.242%2Fcb&nonce=528798428dc18906f3fa6faf2352a703&response_type=code&state=1435d59058ba4767d449c946e7560c21",
"status_code": 302,
"status_line": "302 Moved Temporarily"
}
],
"status_code": 400,
"title": "Login to IEM"
},
"tls": {
"certificate": {
"extensions": {
"authority_key_id": "0102030406",
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": true,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": true,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": true,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": true
},
"subject_alt_name": {
"dns_names": [
"localhost",
"iem.sieserver.cz"
],
"ip_address": [
"127.0.0.1"
]
},
"subject_key_id": "0102030407"
},
"fingerprint_md5": "FE8D3055F8BCDDCF2BC2492995B534F4",
"fingerprint_sha1": "A26C604EE1331A9A73D02BCBAFCF8827E57F8618",
"fingerprint_sha256": "7785D098EBAE85505C471FA142E226B998FE95192295481B9755BAB6F4C26070",
"issuer": {
"common_name": [
"iem.sieserver.cz Intermediate Certificate"
],
"country": [
"Czech republic"
],
"locality": [
"Prague"
],
"organization": [
"Siemens"
],
"organizational_unit": [
"DI FA"
],
"province": [
"Prague"
],
"street": [
"Siemensova"
]
},
"jarm": "15d3fd16d29d29d00042d43d00000041ad16ead50175e1e575f5579aa6b5c8",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "999201776",
"signature": {
"algorithm": {
"name": "SHA256-RSA",
"oid": "1.2.840.113549.1.1.11"
},
"self_signed": false
},
"subject": {
"common_name": [
"iem.sieserver.cz"
],
"country": [
"Czech republic"
],
"locality": [
"Prague"
],
"organization": [
"Siemens"
],
"organizational_unit": [
"DI FA"
],
"province": [
"Prague"
],
"street": [
"Siemensova"
]
},
"subject_alt_name": {
"dns_names": [
"iem.sieserver.cz",
"localhost"
],
"extended_dns_names": [
{
"domain": "sieserver",
"fld": "sieserver.cz",
"subdomain": "iem",
"tld": "cz"
}
]
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "bfeafa6d7013711374f025c656de547df7f0cbe74d2fc55d6cdbf7517110a3dd",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "8cc21789c1a30c5c1a3eb1855ef4d8a88740423a15adfbcf89b0c42af82ad37b",
"validation_level": "OV",
"validity": {
"length_seconds": 315619200,
"not_after": "2034-01-10T14:35:38",
"not_before": "2024-01-10T14:35:38"
},
"version": 2
},
"fingerprint_sha256": "7785D098EBAE85505C471FA142E226B998FE95192295481B9755BAB6F4C26070",
"precert": false,
"tags": [
"ov"
]
}
},
"url": "https://194.213.38.242/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2024-09-18T18:28:10.663Z"
},
{
"port": 1883,
"protocol": "tcp",
"name": "mqtt",
"version": "",
"product": "",
"extra_info": "",
"tunnel": "",
"modules": {
"mqtt": {
"topic": [
"$SYS/broker/clients/inactive",
"$SYS/broker/clients/active",
"$SYS/broker/load/sockets/1min",
"$SYS/broker/load/sockets/15min",
"$SYS/broker/load/sockets/5min",
"$SYS/broker/version",
"$SYS/broker/uptime",
"$SYS/broker/clients/disconnected",
"$SYS/broker/clients/connected"
]
}
},
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2024-09-18T18:10:31.125Z"
},
{
"port": 3443,
"protocol": "tcp",
"name": "http",
"version": "",
"product": "Apache httpd",
"extra_info": "",
"tunnel": "ssl",
"softwares": [
{
"uri": "cpe:/a:apache:http_server",
"part": "a",
"vendor": "apache",
"product": "http_server",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": -1033213406,
"body_sha256": "e4faf37a3b66fab615c9afd6ba20c59c07cf4979de20a5c194ef00607beebdae",
"component": [
"Apache HTTP Server",
"Django",
"Python"
],
"content_length": 10941,
"headers": {
"cache_control": [
"no-cache, no-store, must-revalidate, private"
],
"content_language": [
"en"
],
"content_length": [
"10941"
],
"content_type": [
"text/html; charset=utf-8"
],
"date": [
"Mon, 16 Sep 2024 12:56:19 GMT"
],
"expires": [
"Mon, 16 Sep 2024 12:56:19 GMT"
],
"pragma": [
"no-cache"
],
"server": [
"Apache"
],
"set_cookie": [
"csrftoken=EEo2uypYgxZcOMuZp5nTkMR3Ou2m835522RAn1XiNpwBSYkuRC9ujoZuxN6BDM8j; expires=Mon, 15 Sep 2025 12:56:19 GMT; HttpOnly; Max-Age=31449600; Path=/; SameSite=Lax; Secure",
"sessionid=ql01hp8zvgiy4mfbklri83wq42grm0zw; HttpOnly; Path=/; SameSite=Lax; Secure"
],
"strict_transport_security": [
"max-age=15768000"
],
"unknown": [
{
"key": "referrer_policy",
"value": [
"same-origin"
]
}
],
"vary": [
"Cookie,Accept-Language"
],
"x_content_type_options": [
"nosniff",
"nosniff"
],
"x_frame_options": [
"sameorigin"
],
"x_xss_protection": [
"1; mode=block"
]
},
"protocol": "HTTP/1.1",
"redirects": [
{
"location": "/wbm/login/",
"status_code": 302,
"status_line": "302 Found"
}
],
"status_code": 200,
"title": "Log in - SINEMA Remote Connect"
},
"tls": {
"certificate": {
"extensions": {
"basic_constraints": {
"is_ca": true
},
"extended_key_usage": {
"any": false,
"apple_code_signing": false,
"apple_code_signing_development": false,
"apple_code_signing_third_party": false,
"apple_crypto_development_env": false,
"apple_crypto_env": false,
"apple_crypto_maintenance_env": false,
"apple_crypto_production_env": false,
"apple_crypto_qos": false,
"apple_crypto_test_env": false,
"apple_crypto_tier0_qos": false,
"apple_crypto_tier1_qos": false,
"apple_crypto_tier2_qos": false,
"apple_crypto_tier3_qos": false,
"apple_ichat_encryption": false,
"apple_ichat_signing": false,
"apple_resource_signing": false,
"apple_software_update_signing": false,
"apple_system_identity": false,
"client_auth": false,
"code_signing": false,
"dvcs": false,
"eap_over_lan": false,
"eap_over_ppp": false,
"email_protection": false,
"ipsec_end_system": false,
"ipsec_intermediate_system_usage": false,
"ipsec_tunnel": false,
"ipsec_user": false,
"microsoft_ca_exchange": false,
"microsoft_cert_trust_list_signing": false,
"microsoft_csp_signature": false,
"microsoft_document_signing": false,
"microsoft_drm": false,
"microsoft_drm_individualization": false,
"microsoft_efs_recovery": false,
"microsoft_embedded_nt_crypto": false,
"microsoft_encrypted_file_system": false,
"microsoft_enrollment_agent": false,
"microsoft_kernel_mode_code_signing": false,
"microsoft_key_recovery_21": false,
"microsoft_key_recovery_3": false,
"microsoft_license_server": false,
"microsoft_licenses": false,
"microsoft_lifetime_signing": false,
"microsoft_mobile_device_software": false,
"microsoft_nt5_crypto": false,
"microsoft_oem_whql_crypto": false,
"microsoft_qualified_subordinate": false,
"microsoft_root_list_signer": false,
"microsoft_server_gated_crypto": false,
"microsoft_sgc_serialized": false,
"microsoft_smart_display": false,
"microsoft_smartcard_logon": false,
"microsoft_system_health": false,
"microsoft_system_health_loophole": false,
"microsoft_timestamp_signing": false,
"microsoft_whql_crypto": false,
"netscape_server_gated_crypto": false,
"ocsp_signing": false,
"sbgp_cert_aa_service_auth": false,
"server_auth": true,
"time_stamping": false
},
"key_usage": {
"certificate_sign": false,
"content_commitment": false,
"crl_sign": false,
"data_encipherment": false,
"decipher_only": false,
"digital_signature": true,
"encipher_only": false,
"key_agreement": false,
"key_encipherment": true
},
"subject_alt_name": {
"dns_names": [
"sieserver.cz"
],
"ip_address": [
"194.213.38.242",
"192.168.37.110"
]
}
},
"fingerprint_md5": "3D586D8034635122AEB7EA6AC769F836",
"fingerprint_sha1": "BCFDBE70A0CFEB83C5DF11B46A4B773C9AC868B7",
"fingerprint_sha256": "BD84848BDE57C69C5A156787941108FCD191B056A83405F602E0E27D11B2DBAD",
"issuer": {
"common_name": [
"CA 440028 SINEMA RC"
]
},
"jarm": "15d15d15d29d15d00042d42d000000ed3bcba39b97e2d41fffa7e67a75c095",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "142",
"signature": {
"algorithm": {
"name": "SHA256-RSA",
"oid": "1.2.840.113549.1.1.11"
},
"self_signed": false
},
"subject": {
"common_name": [
"sieserver.cz"
]
},
"subject_alt_name": {
"dns_names": [
"sieserver.cz"
],
"extended_dns_names": [
{
"domain": "sieserver",
"fld": "sieserver.cz",
"tld": "cz"
}
]
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "13c42b1dcdebd2119c67b5542cf40450ed9a6790d759803dabe8282966649f63",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 4096
}
},
"tbs_fingerprint": "78d18e104bec4016377a5473d9d2932294fdbcfcb8daa2d08bfe07f47cb144bc",
"validation_level": "DV",
"validity": {
"length_seconds": 31708800,
"not_after": "2025-01-04T13:57:35",
"not_before": "2024-01-03T13:57:35"
},
"version": 2
},
"fingerprint_sha256": "BD84848BDE57C69C5A156787941108FCD191B056A83405F602E0E27D11B2DBAD",
"precert": false,
"tags": [
"dv",
"trusted"
]
}
},
"cve": [
{
"id": "CVE-1999-0070",
"severity": "medium"
},
{
"id": "CVE-1999-1199",
"severity": "high"
},
{
"id": "CVE-2023-25690",
"severity": "critical"
},
{
"id": "CVE-2023-27522",
"severity": "high"
}
],
"url": "https://194.213.38.242:3443/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2024-09-16T22:12:25.466Z"
},
{
"port": 5443,
"protocol": "tcp",
"name": "spss",
"version": "",
"product": "",
"extra_info": "",
"tunnel": "",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2024-09-17T17:35:57.66Z"
},
{
"port": 20000,
"protocol": "tcp",
"name": "dnp",
"version": "",
"product": "",
"extra_info": "",
"tunnel": "ssl",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2024-09-17T14:59:46.882Z"
},
{
"port": 50001,
"protocol": "tcp",
"name": "unknown",
"version": "",
"product": "",
"extra_info": "",
"tunnel": "",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2024-09-16T21:26:28.807Z"
}
],
"services_hash": "67881910233cea14d9424a3a01714ac8151fc16e4ccb08acd8b8cfc54f7147b1",
"last_updated_at": "2024-09-18T18:28:10.663Z",
"banner": [
"mqtt",
"http",
"tls"
],
"is_vuln": true,
"cveDetails": {
"CVE-1999-0070": {
"id": "CVE-1999-0070",
"references": [
"https://lists.apache.org/thread.html/rc5d27fc1e76dc5650e1a3f1db1de403120f4c2d041cb7352850455c2%40%3Cusers.httpd.apache.org%3E"
],
"score": 5,
"services": [
"3443/http"
],
"severity": "medium",
"summary": "test-cgi program allows an attacker to list files on the server.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"weakness": "NVD-CWE-noinfo"
},
"CVE-1999-1199": {
"id": "CVE-1999-1199",
"references": [
"http://marc.info/?l=bugtraq&m=90252779826784&w=2",
"http://marc.info/?l=bugtraq&m=90276683825862&w=2",
"http://marc.info/?l=bugtraq&m=90280517007869&w=2",
"http://marc.info/?l=bugtraq&m=90286768232093&w=2",
"http://www.redhat.com/support/errata/rh51-errata-general.html#apache",
"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E",
"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
],
"score": 10,
"services": [
"3443/http"
],
"severity": "high",
"summary": "Apache WWW server 1.3.1 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via a large number of MIME headers with the same name, aka the \"sioux\" vulnerability.",
"vector_string": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"weakness": "NVD-CWE-Other"
},
"CVE-2023-25690": {
"id": "CVE-2023-25690",
"references": [
"http://packetstormsecurity.com/files/176334/Apache-2.4.55-mod_proxy-HTTP-Request-Smuggling.html",
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2023/04/msg00028.html",
"https://security.gentoo.org/glsa/202309-01"
],
"score": 9.8,
"services": [
"3443/http"
],
"severity": "critical",
"summary": "Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack.\n\n\n\n\nConfigurations are affected when mod_proxy is enabled along with some form of RewriteRule\n or ProxyPassMatch in which a non-specific pattern matches\n some portion of the user-supplied request-target (URL) data and is then\n re-inserted into the proxied request-target using variable \nsubstitution. For example, something like:\n\n\n\n\nRewriteEngine on\nRewriteRule \"^/here/(.*)\" \"http://example.com:8080/elsewhere?$1\"; [P]\nProxyPassReverse /here/ http://example.com:8080/\n\n\nRequest splitting/smuggling could result in bypass of access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning. Users are recommended to update to at least version 2.4.56 of Apache HTTP Server.\n\n\n",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-444"
},
"CVE-2023-27522": {
"id": "CVE-2023-27522",
"references": [
"https://httpd.apache.org/security/vulnerabilities_24.html",
"https://lists.debian.org/debian-lts-announce/2023/04/msg00028.html",
"https://security.gentoo.org/glsa/202309-01"
],
"score": 7.5,
"services": [
"3443/http"
],
"severity": "high",
"summary": "HTTP Response Smuggling vulnerability in Apache HTTP Server via mod_proxy_uwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55.\n\nSpecial characters in the origin response header can truncate/split the response forwarded to the client.\n\n\n",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"weakness": "CWE-444"
}
}
}