GeneralInformation

Hostnames	ec2-13-228-171-69.ap-southeast-1.compute.amazonaws.com 5e5a723fe8407.streamlock.net www.5e5a723fe8407.streamlock.net
Domains	amazonaws.com streamlock.net
Cloud Provider	Amazon
Cloud Region	ap-southeast-1
Cloud Service	EC2
Country	Singapore
City	Singapore
Organization	Amazon Data Services Singapore
ISP	Amazon.com, Inc.
ASN	AS16509

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

80 554 8080 8087 8089 9443

-1192623145 | 2024-04-28T08:52:12.376429

80 / tcp

HTTP/1.1 200 OK
Server: WowzaStreamingEngine/4.8.5.05
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: OPTIONS, GET, POST, HEAD
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Access-Control-Allow-Headers: Content-Type, User-Agent, If-Modified-Since, Cache-Control, Range
Date: Sun, 28 Apr 2024 08:52:11 GMT
X-Frame-Options: sameorigin
Referrer-Policy: no-referrer
Access-Control-Expose-Headers: Date, Server, Content-Type, Content-Length
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src 'self'
X-XSS-Protection: 1; mode=block
Content-Type: text/html
Content-Length: 202

1752367237 | 2024-04-03T14:47:49.622488

554 / tcp

RTSP/1.0 200 OK
CSeq: 1
Server: Wowza Streaming Engine 4.8.5.05 build20201006161917
Cache-Control: no-cache
Public: DESCRIBE, SETUP, TEARDOWN, PLAY, PAUSE, OPTIONS, ANNOUNCE, RECORD, GET_PARAMETER
Supported: play.basic, con.persistent

-158149353 | 2024-05-03T02:30:22.245705

8080 / tcp

HTTP/1.1 404 Not Found
Server: nginx/1.18.0
Date: Fri, 03 May 2024 02:30:22 GMT
Content-Type: text/html
Content-Length: 555
Connection: keep-alive

1299284228 | 2024-05-01T12:47:42.093598

8087 / tcp

HTTP/1.1 200 OK
Content-Length: 74
Content-Type: text/plain; charset=UTF-8
Date: Wed, 01 May 2024 12:47:41 GMT
Accept-Ranges: bytes
Server: Restlet-Framework/2.3.12
Vary: Accept-Charset, Accept-Encoding, Accept-Language, Accept
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization, Cache-Control, User-Agent, If-Modified-Since, Range, Content-Type
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: DELETE, POST, GET, OPTIONS, PUT
Access-Control-Expose-Headers: Server, WWW-Authenticate, Content-Length, Date, Content-Type
Connection: keep-alive

-618814747 | 2024-04-25T17:10:38.897156

8089 / tcp

HTTP/1.1 200 OK
Content-Type: application/json
Date: Thu, 25 Apr 2024 17:10:38 GMT
Accept-Ranges: bytes
Server: Restlet-Framework/2.3.12
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization, Cache-Control, User-Agent, If-Modified-Since, Range, Content-Type
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: DELETE, POST, GET, OPTIONS, PUT
Access-Control-Expose-Headers: Server, WWW-Authenticate, Content-Length, Date, Content-Type
Connection: keep-alive
Transfer-Encoding: chunked

628
{"swaggerVersion":"1.2","apis":[{"path":"/v2/servers/{serverName}/vhosts/{vhostName}/applications","description":"Application Operations"},{"path":"/v2/machine/monitoring/current","description":"Machine Level Current Statistics"},{"path":"/v2/machine/monitoring/historic","description":"Machine Level Historic Statistics"},{"path":"/v2/servers/{serverName}/licenses","description":"Server Licenses"},{"path":"/v2/servers/{serverName}/listeners","description":"Server Listeners"},{"path":"/v2/servers/{serverName}/log4j","description":"Server log4j system"},{"path":"/v2/servers/{serverName}/mediacache","description":"Server MediaCache"},{"path":"/v3/servers/{serverName}/mediacache","description":"Server MediaCache Version 3"},{"path":"/v2/servers/{serverName}/mediacasters","description":"Server MediaCasters"},{"path":"/v2/servers/{serverName}/monitoring","description":"Server Monitoring"},{"path":"/v2/servers/{serverName}/publishers","description":"Server Publishers"},{"path":"/v3/servers/{serverName}/publishers","description":"Server Publishers Version 3"},{"path":"/restinfo","description":"REST information"},{"path":"/v2/servers","description":"Servers Configuration"},{"path":"/v2/servers/{serverName}/status","description":"Server Status"},{"path":"/v2/servers/{serverName}/transcoder","description":"Server Transcoder"},{"path":"/v2/servers/{serverName}/tune","description":"Server Tuning"},{"path":"/v2/servers/{serverName}/users","description":"Server Users"},{"path":"/v2/servers/{serverName}/vhosts","description":"VHost Operations"}],"apiVersion":"1.0.0"}
0

-350316526 | 2024-05-01T07:02:44.101016

9443 / tcp

HTTP/1.1 200 OK
Access-Control-Expose-Headers: Date, Server, Content-Type, Content-Length
Cache-Control: no-cache
Server: WowzaStreamingEngine/4.8.5.05
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: OPTIONS, GET, POST, HEAD
Connection: Close
Access-Control-Allow-Headers: Content-Type, User-Agent, If-Modified-Since, Cache-Control, Range
Date: Wed, 01 May 2024 07:02:43 GMT
Content-Type: text/html
Content-Length: 0

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            ef:4d:80:bb:0f:ce:0c:7d:e2:08:69:51:e5:76:29:25
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
        Validity
            Not Before: Feb 29 00:00:00 2020 GMT
            Not After : Feb 28 23:59:59 2021 GMT
        Subject: CN=5e5a723fe8407.streamlock.net
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b5:9a:72:26:8d:ba:bd:e0:89:fd:ab:96:3b:4b:
                    4a:47:04:1e:d6:03:d9:89:01:ab:42:fd:c6:7c:4a:
                    63:97:33:82:9d:56:a7:11:04:a3:36:03:5a:ac:10:
                    f4:ef:61:a5:0e:d7:7f:f9:13:c2:88:6b:ed:8e:5c:
                    0a:10:ba:b2:6c:8b:f1:ac:0d:d5:10:e5:98:76:d3:
                    43:99:2d:1f:36:15:d9:f2:b8:e0:ec:c1:08:a9:b6:
                    cc:a2:31:58:7f:98:6c:81:81:55:e6:43:ae:a6:79:
                    52:2a:62:11:fd:83:3b:27:0d:98:04:ed:05:4c:9c:
                    97:b6:6a:2f:5f:dd:8b:1e:bc:1b:e0:db:77:dd:dc:
                    10:d8:fe:0a:66:8d:d5:5d:94:47:6a:a4:77:62:7f:
                    f7:81:75:ab:95:64:4f:a4:58:80:8b:c6:86:0c:63:
                    05:39:13:34:08:80:35:e2:d8:04:8a:c0:bd:de:8b:
                    48:35:7d:da:93:5a:fe:e2:ff:cc:d8:a3:5e:8a:11:
                    ac:9f:6a:40:8d:07:50:78:56:65:ce:e8:8c:a0:d8:
                    3d:27:d7:72:f2:3b:40:26:ea:9f:d6:fd:7a:5b:50:
                    96:80:14:df:25:a3:6f:6b:57:19:19:a2:3c:89:09:
                    d3:28:c8:d8:e5:d4:93:46:51:58:8c:ad:d6:4a:3a:
                    e5:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                8D:8C:5E:C4:54:AD:8A:E1:77:E9:9B:F9:9B:05:E1:B8:01:8D:61:E1
            X509v3 Subject Key Identifier: 
                C5:29:06:D5:2C:81:8F:5A:F6:F7:97:91:66:2B:75:42:E2:4E:B3:2F
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.6449.1.2.2.7
                  CPS: https://sectigo.com/CPS
                Policy: 2.23.140.1.2.1
            Authority Information Access: 
                CA Issuers - URI:http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt
                OCSP - URI:http://ocsp.sectigo.com
            X509v3 Subject Alternative Name: 
                DNS:5e5a723fe8407.streamlock.net, DNS:www.5e5a723fe8407.streamlock.net
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 7D:3E:F2:F8:8F:FF:88:55:68:24:C2:C0:CA:9E:52:89:
                                79:2B:C5:0E:78:09:7F:2E:6A:97:68:99:7E:22:F0:D7
                    Timestamp : Feb 29 14:17:25.188 2020 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:C5:10:A0:98:D6:A4:FE:05:57:A3:EC:
                                40:93:A9:5B:F6:E2:38:AD:76:80:26:01:BE:B2:AC:E1:
                                65:CE:35:14:37:02:20:1F:29:F0:89:58:EF:1E:52:A5:
                                83:02:78:96:3C:64:86:DE:61:9A:20:34:08:B7:A6:24:
                                F7:96:08:AE:AB:94:A1
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 94:20:BC:1E:8E:D5:8D:6C:88:73:1F:82:8B:22:2C:0D:
                                D1:DA:4D:5E:6C:4F:94:3D:61:DB:4E:2F:58:4D:A2:C2
                    Timestamp : Feb 29 14:17:25.205 2020 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:C6:67:01:4E:9C:4D:6C:D5:A6:8B:05:
                                8E:89:E6:8F:3B:DE:CB:85:EC:29:B5:3B:7A:F2:BF:83:
                                44:52:04:28:F0:02:21:00:F6:32:03:3F:E1:25:BA:78:
                                11:BE:9B:D3:86:CF:CB:49:53:0B:5E:DA:4F:DE:26:6C:
                                06:29:E3:2E:C7:C7:01:36
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        25:ea:b0:7e:73:9a:58:94:31:67:81:a7:14:27:2c:43:5a:54:
        88:52:33:cf:ac:61:93:de:d7:86:d5:72:6f:b2:c0:60:3a:6c:
        96:14:00:a7:5b:64:c0:60:6e:35:da:9b:e9:65:f7:a1:d1:e9:
        27:7d:4a:aa:96:fa:93:13:69:36:c3:34:5f:37:48:fa:98:90:
        b2:d5:1c:e4:dd:ae:70:81:d6:c2:9c:6e:4b:d5:44:4b:c6:f1:
        14:8b:cb:95:88:54:25:08:d4:b1:84:21:40:82:05:de:b7:50:
        9a:b9:9a:8d:ef:47:50:45:0f:e5:87:66:1e:9a:a3:73:7d:e1:
        30:87:33:e1:f4:85:12:10:12:b0:e3:f5:3d:fd:c4:f9:3a:7f:
        30:91:b7:a2:ce:9c:c7:ec:a2:2e:71:37:50:b4:7f:7a:67:4c:
        b8:a9:48:b5:d5:47:3d:9b:a8:15:63:14:0c:e4:4c:6d:d5:95:
        21:37:61:7b:32:e5:f0:40:19:f4:38:9c:57:bb:05:27:dd:d3:
        44:34:4c:5a:fb:3d:b6:a4:68:df:9e:85:b0:8d:f0:38:8c:d5:
        b8:1f:0a:8c:f1:5a:c6:b4:28:ae:fa:d1:e4:78:56:15:d5:cf:
        5e:4a:28:4b:42:d7:d2:fa:3f:96:4b:a0:4d:05:a5:b5:a4:1c:
        bd:39:52:72

MAC Addresses

5E:5A:72:3F:E8:40
    Unknown

13.228.171.69

Last Seen: 2024-05-03

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1192623145 | 2024-04-28T08:52:12.376429
80 / tcp

Wowza Streaming Engine4.8.5.05

1752367237 | 2024-04-03T14:47:49.622488
554 / tcp

-158149353 | 2024-05-03T02:30:22.245705
8080 / tcp

nginx1.18.0

1299284228 | 2024-05-01T12:47:42.093598
8087 / tcp

-618814747 | 2024-04-25T17:10:38.897156
8089 / tcp

-350316526 | 2024-05-01T07:02:44.101016
9443 / tcp

Wowza Streaming Engine4.8.5.05

Products

Pricing

Contact Us

13.228.171.69

Last Seen: 2024-05-03

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1192623145 | 2024-04-28T08:52:12.376429 80 / tcp

Wowza Streaming Engine4.8.5.05

1752367237 | 2024-04-03T14:47:49.622488 554 / tcp

-158149353 | 2024-05-03T02:30:22.245705 8080 / tcp

nginx1.18.0

1299284228 | 2024-05-01T12:47:42.093598 8087 / tcp

-618814747 | 2024-04-25T17:10:38.897156 8089 / tcp

-350316526 | 2024-05-01T07:02:44.101016 9443 / tcp

Wowza Streaming Engine4.8.5.05

Products

Pricing

Contact Us

-1192623145 | 2024-04-28T08:52:12.376429
80 / tcp

1752367237 | 2024-04-03T14:47:49.622488
554 / tcp

-158149353 | 2024-05-03T02:30:22.245705
8080 / tcp

1299284228 | 2024-05-01T12:47:42.093598
8087 / tcp

-618814747 | 2024-04-25T17:10:38.897156
8089 / tcp

-350316526 | 2024-05-01T07:02:44.101016
9443 / tcp