GeneralInformation

Hostnames	ec2-13-235-208-245.ap-south-1.compute.amazonaws.com unifi.bhaifi.com
Domains	amazonaws.com bhaifi.com
Cloud Provider	Amazon
Cloud Region	ap-south-1
Cloud Service	EC2
Country	India
City	Mumbai
Organization	Amazon Data Services India
ISP	Amazon.com, Inc.
ASN	AS16509
Operating System	Ubuntu

WebTechnologies

JavaScript frameworks

AngularJS

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 80 443 8080 8880

1976654453 | 2024-04-26T04:16:50.703191

22 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.11
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQDPnKvVjQp50g4pLJib69EV50u0w7BSB8NHPKCaUteGpZnZ
GggfEBykNLZGalvB9wi9B1cMJv2sELwJEaEnpVU1zd0l1J6af83JqeYFcxf3Fa9x2I9GLJIdkVoa
7FpDSc3mubDCtvn8Ta2qH9Ydhr4YK1LTNUkq3SliEWG6NcbIx6w4JBJ9P4/xonFVo/Hn+j0AbfOO
Oo/na4MNfzd30+0z8v4n7pJC5jUWnu61vNY2KEKwnKJuA1cWHJgRjEoHayLYfXXZcmhkyaeM5ZGN
U5lLUukMR324nRYFbwrUI8jaBt7UONXWjztj8TTUmkn4mJ3mseCxhtzS5MYYxwJdHyfZ43hVsxFk
uXksvF89oZ+deNlZ/UJU49g0SYNCGdtR4KTHxRDWn/BzT27NYe4TtEE/oc6pBv/kG9Co+FD8Enpx
2I2ZF8H11ia6eJyu2HbhiXPXRSpfI1oW2wlC84k6ZOrczO/6d54gbA9EYieh6B4yX+4g+phunTl8
4w+Nd1+VFbM=
Fingerprint: 52:24:1e:6d:27:59:74:4d:76:3a:c5:cc:9e:2d:fc:19

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

1651973090 | 2024-04-26T20:16:36.717711

80 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 26 Apr 2024 20:16:36 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Mon, 28 Nov 2022 11:36:47 GMT
Connection: keep-alive
ETag: "63849d4f-264"
Accept-Ranges: bytes

197639155 | 2024-04-30T10:18:16.884333

443 / tcp

HTTP/1.1 200 
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 30 Apr 2024 10:18:16 GMT
Content-Type: text/html
Content-Length: 1325
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
vary: accept-encoding
Accept-Ranges: bytes
Last-Modified: Tue, 14 Dec 2021 08:51:55 GMT
Cache-Control: max-age=0
Expires: Tue, 30 Apr 2024 10:18:16 GMT

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:cc:70:cd:f1:7d:7d:2a:65:39:ab:b5:16:cc:74:ab:6f:9c
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Mar 24 13:51:19 2024 GMT
            Not After : Jun 22 13:51:18 2024 GMT
        Subject: CN=unifi.bhaifi.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:eb:8b:6e:c7:30:db:72:28:92:b8:1b:06:a1:b9:
                    6d:6b:fa:62:e6:08:51:da:3a:50:4a:9d:29:02:4b:
                    e3:38:b8:63:37:f0:77:a8:b5:69:82:2d:5c:a2:53:
                    52:d6:e7:3b:28:a0:f7:fd:54:e5:d5:e3:70:86:79:
                    90:3a:d7:64:5a:5a:c6:71:fb:51:da:47:99:21:8f:
                    e0:67:66:73:e4:9b:47:bb:7d:f2:8c:b6:d5:cb:83:
                    2e:ca:bf:30:0d:57:49:93:56:03:fa:2f:d6:7c:89:
                    7e:ce:db:28:eb:c9:d7:6a:0c:de:5c:b7:fd:cb:c3:
                    b3:10:54:e2:6f:2a:b1:d1:56:3f:6c:81:22:cd:05:
                    3f:77:dd:bf:95:ca:2f:a2:4a:61:c4:99:dd:2b:45:
                    a1:b8:47:7b:81:70:a9:93:15:02:29:31:1c:90:57:
                    59:00:bc:fb:f3:03:4d:9a:ae:7a:3d:7e:3f:59:82:
                    bb:ce:ca:1b:7e:fa:b3:41:38:3c:8f:90:e2:f6:5a:
                    48:8f:33:fb:ec:e9:a8:aa:de:ed:fa:41:77:1e:e5:
                    f7:d6:a6:49:01:5d:83:18:96:db:17:27:48:85:22:
                    16:55:4f:db:5f:9a:0c:71:ab:d6:23:4e:c1:bd:dc:
                    d1:92:fd:14:37:48:28:d6:bf:9a:41:12:90:a5:29:
                    42:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                C4:81:CB:84:23:52:44:09:0E:16:2A:CD:67:BE:86:F9:55:58:1A:08
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:unifi.bhaifi.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
                                67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
                    Timestamp : Mar 24 14:51:19.516 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:A3:F1:1B:A5:91:6D:2C:BA:A1:7B:68:
                                5F:A7:54:84:24:14:02:CC:56:0C:B3:F9:85:26:30:4A:
                                FB:78:27:E8:E3:02:21:00:D2:A9:74:71:42:9C:1C:18:
                                E3:CF:8A:45:06:24:4C:63:40:DE:70:65:00:E1:71:7F:
                                43:1F:91:79:AC:9F:A4:C8
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E2:BF:D6:1E:DE:2F:2F:07:A0:D6:4E:6D:37:A7:DC:
                                65:43:B0:C6:B5:2E:A2:DA:B7:8A:F8:9A:6D:F5:17:D8
                    Timestamp : Mar 24 14:51:19.529 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:39:C4:24:57:CA:15:25:8A:85:6C:7A:1C:
                                35:42:77:6B:0B:41:D8:5E:AB:81:72:C7:65:79:D0:99:
                                4B:02:4B:56:02:20:35:58:8C:90:15:BA:A7:02:43:E2:
                                F7:51:23:31:64:4B:3A:D1:78:74:1C:CC:0C:36:BD:AB:
                                C4:AF:B7:3D:C0:0D
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        9b:0d:ea:08:47:9b:d2:63:e7:5e:bc:f4:8e:5d:2d:59:45:2e:
        71:dc:24:be:fc:5b:67:6c:e1:98:7e:0d:7b:3a:cc:c2:5d:b5:
        2a:aa:fa:29:98:5d:1d:85:90:44:55:5e:2d:a7:55:34:1c:e2:
        d5:03:57:75:1d:ff:7c:5e:42:9d:9d:dc:8b:be:81:d3:18:c6:
        46:ee:54:5b:0c:aa:f8:49:12:93:70:44:da:62:d7:57:0f:05:
        7d:9f:ba:d7:dc:89:0c:f3:05:79:fb:46:ed:68:ed:d9:8b:49:
        2a:e1:88:5b:c5:82:89:f8:1d:2c:b2:bd:fb:71:60:70:4f:66:
        43:b7:61:91:74:3c:07:aa:cb:22:47:3e:e9:5c:0e:64:c0:56:
        a5:55:91:98:43:0e:7a:49:88:f0:30:79:b4:5e:9a:7e:21:d2:
        9e:a4:c9:be:b8:ab:7c:83:71:66:60:da:2a:89:2f:fa:68:3f:
        f1:cd:4d:47:1b:09:2a:c7:f6:03:ae:15:dc:98:cf:74:63:af:
        9f:9a:d8:f4:05:38:e5:be:f9:3e:2f:0b:96:62:70:ca:29:29:
        e1:53:fc:f2:e9:50:ee:92:d5:67:77:4b:c7:55:60:82:99:83:
        67:89:c3:7c:c0:03:1b:e6:9f:94:b3:bd:4b:8c:ad:1b:f4:68:
        27:ff:90:53

-1315354782 | 2024-04-28T19:03:10.262189

8080 / tcp

HTTP/1.1 302 
Location: https://13.235.208.245/manage
Content-Length: 0
Date: Sun, 28 Apr 2024 19:03:09 GMT

-1490680950 | 2024-04-24T09:56:33.462696

8880 / tcp

HTTP/1.1 400 
Content-Type: text/html;charset=utf-8
Content-Language: en
Content-Length: 435
Date: Wed, 24 Apr 2024 09:56:33 GMT
Connection: close

<!doctype html><html lang="en"><head><title>HTTP Status 400 – Bad Request</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 400 – Bad Request</h1></body></html>

13.235.208.245

Last Seen: 2024-04-30

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1976654453 | 2024-04-26T04:16:50.703191
22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

1651973090 | 2024-04-26T20:16:36.717711
80 / tcp

nginx1.18.0

197639155 | 2024-04-30T10:18:16.884333
443 / tcp

nginx1.18.0

-1315354782 | 2024-04-28T19:03:10.262189
8080 / tcp

-1490680950 | 2024-04-24T09:56:33.462696
8880 / tcp

Products

Pricing

Contact Us

13.235.208.245

Last Seen: 2024-04-30

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1976654453 | 2024-04-26T04:16:50.703191 22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

1651973090 | 2024-04-26T20:16:36.717711 80 / tcp

nginx1.18.0

197639155 | 2024-04-30T10:18:16.884333 443 / tcp

nginx1.18.0

-1315354782 | 2024-04-28T19:03:10.262189 8080 / tcp

-1490680950 | 2024-04-24T09:56:33.462696 8880 / tcp

Products

Pricing

Contact Us

1976654453 | 2024-04-26T04:16:50.703191
22 / tcp

1651973090 | 2024-04-26T20:16:36.717711
80 / tcp

197639155 | 2024-04-30T10:18:16.884333
443 / tcp

-1315354782 | 2024-04-28T19:03:10.262189
8080 / tcp

-1490680950 | 2024-04-24T09:56:33.462696
8880 / tcp