GeneralInformation

Hostnames	ec2-18-130-101-40.eu-west-2.compute.amazonaws.com wordspark.co.uk www.wordspark.co.uk
Domains	amazonaws.com wordspark.co.uk
Cloud Provider	Amazon
Cloud Region	eu-west-2
Cloud Service	EC2
Country	United Kingdom
City	London
Organization	Amazon Data Services UK
ISP	Amazon.com, Inc.
ASN	AS16509

WebTechnologies

CMS

Grav

JavaScript libraries

jQuery

Programming languages

PHP

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 80 443

-2013095266 | 2024-05-20T03:05:09.752221

22 / tcp

SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.6
Key type: ecdsa-sha2-nistp256
Key: AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBI2ums6cG7eW1KZzzUyudcgQ
4QweYMY2LbEV9xeAvQifkc/oV0HAlfftwy2FVofAC2odKfDin2azveW0VNeaWgI=
Fingerprint: e9:58:cc:fe:f8:f7:a6:6a:8d:fd:81:79:38:d2:66:62

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	sntrup761x25519-sha512@openssh.com
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

-587076659 | 2024-05-04T20:57:46.684833

80 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 20:57:46 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: grav-site-bd536a7=dmhc6ca5ldreo1inp0qprqjjc0; expires=Sat, 04 May 2024 21:27:46 GMT; Max-Age=1800; path=/; domain=18.130.101.40; HttpOnly; SameSite=Lax
Pragma: no-cache
Cache-Control: max-age=604800
Expires: Sat, 11 May 2024 20:57:46 GMT
ETag: "c09a2298d9f284bb205eadd178ce35f0"

1678805290 | 2024-05-19T22:16:57.538002

443 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 19 May 2024 22:16:56 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: grav-site-bd536a7=23fgk2qnjljb8tkp1mltbmfm5o; expires=Sun, 19 May 2024 22:46:56 GMT; Max-Age=1800; path=/; domain=18.130.101.40; secure; HttpOnly; SameSite=Lax
Pragma: no-cache
Cache-Control: max-age=604800
Expires: Sun, 26 May 2024 22:16:56 GMT
ETag: "e20977c9489664ec3427def72b788c5e"

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:20:5b:94:a1:81:bb:4d:89:d9:bc:b9:1d:7e:01:88:cb:d5
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: May 10 22:25:45 2024 GMT
            Not After : Aug  8 22:25:44 2024 GMT
        Subject: CN=wordspark.co.uk
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:a6:9e:1d:ac:2b:a0:cf:3d:9c:bb:4c:b1:ba:47:
                    48:3e:77:b7:a2:87:81:ca:73:77:7d:b3:08:75:e9:
                    fc:46:2c:34:92:1c:ec:23:65:37:68:f8:95:b7:20:
                    d6:cd:68:d7:d7:76:8b:e1:84:ed:91:bf:f1:99:3c:
                    30:9b:a9:4f:5c
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                91:14:25:2D:D1:2C:E5:37:70:05:1E:39:6C:A0:B4:0A:96:FD:B2:18
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:wordspark.co.uk, DNS:www.wordspark.co.uk
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DF:E1:56:EB:AA:05:AF:B5:9C:0F:86:71:8D:A8:C0:32:
                                4E:AE:56:D9:6E:A7:F5:A5:6A:01:D1:C1:3B:BE:52:5C
                    Timestamp : May 10 23:25:45.705 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:45:D1:46:BB:A9:C5:76:B0:28:B1:BB:BB:
                                82:E2:F5:1C:AE:14:63:CD:5D:60:FC:B3:E0:42:6A:51:
                                14:58:27:9F:02:21:00:88:A6:7F:CA:2A:A1:C7:7A:00:
                                5E:D7:76:36:F3:4A:1F:E5:03:EE:B0:97:E8:08:DB:61:
                                F0:4F:58:E4:69:32:47
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : May 10 23:25:45.505 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:2A:9D:E2:45:61:41:8D:74:E3:08:00:41:
                                9E:B9:F6:77:63:E3:9F:8F:78:88:69:6E:6E:3A:59:06:
                                90:BE:CF:88:02:20:7F:D6:14:09:FC:CC:77:8C:F5:07:
                                F1:C4:5F:17:CB:CF:DC:68:EF:56:12:CB:80:9C:35:A3:
                                87:1F:AE:AC:74:F3
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        61:bd:a7:65:2e:bf:0a:23:65:e2:dc:0b:c3:a0:c1:6b:d1:db:
        33:bc:cd:20:66:e0:d5:bd:d9:50:cb:cb:bb:01:6d:9b:53:79:
        d3:c2:8c:18:58:cc:46:38:ca:b9:78:27:d3:ab:f7:8f:7b:2f:
        ce:6a:f5:c7:45:c5:21:76:14:82:aa:68:9d:58:de:4a:bb:90:
        22:85:b6:f9:6e:3a:c3:2e:00:ce:79:09:64:2b:47:8b:b8:92:
        e8:5d:0f:a3:b5:28:12:3d:9c:2c:ce:c1:75:d5:27:80:62:b5:
        02:f9:61:d9:0f:70:bf:3f:9e:32:b3:93:ce:25:34:0c:30:7a:
        00:a7:10:ac:34:2b:f8:8d:d0:f6:d4:cf:2e:45:28:8b:9c:89:
        d1:30:a2:e2:32:ed:6d:dc:ff:0b:e3:b7:6f:0f:b1:ef:fe:02:
        55:a1:26:19:ab:bc:1b:e8:c5:56:76:c7:4f:f9:0c:b8:e7:6e:
        08:6b:59:0a:a8:37:27:5e:15:47:87:e9:2f:8e:3c:a4:30:7f:
        ac:69:3c:41:8b:2f:2a:a3:10:11:65:2b:a5:b7:fa:3a:13:3c:
        f2:31:f7:d7:3c:80:b0:f0:39:1c:d4:64:ab:e0:e4:a6:a1:88:
        c2:ec:04:1d:94:ce:ff:e0:0d:3f:09:d0:9e:ff:b5:6b:b2:24:
        da:7b:92:ac

18.130.101.40

Last Seen: 2024-05-20

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-2013095266 | 2024-05-20T03:05:09.752221
22 / tcp

OpenSSH8.9p1 Ubuntu-3ubuntu0.6

-587076659 | 2024-05-04T20:57:46.684833
80 / tcp

nginx1.18.0

1678805290 | 2024-05-19T22:16:57.538002
443 / tcp

nginx1.18.0

Products

Pricing

Contact Us

18.130.101.40

Last Seen: 2024-05-20

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-2013095266 | 2024-05-20T03:05:09.752221 22 / tcp

OpenSSH8.9p1 Ubuntu-3ubuntu0.6

-587076659 | 2024-05-04T20:57:46.684833 80 / tcp

nginx1.18.0

1678805290 | 2024-05-19T22:16:57.538002 443 / tcp

nginx1.18.0

Products

Pricing

Contact Us

-2013095266 | 2024-05-20T03:05:09.752221
22 / tcp

-587076659 | 2024-05-04T20:57:46.684833
80 / tcp

1678805290 | 2024-05-19T22:16:57.538002
443 / tcp