GeneralInformation

Hostnames	api.aihelps.com ec2-3-127-99-124.eu-central-1.compute.amazonaws.com bp0.cc
Domains	aihelps.com amazonaws.com bp0.cc
Cloud Provider	Amazon
Cloud Region	eu-central-1
Cloud Service	EC2
Country	Germany
City	Frankfurt am Main
Organization	A100 ROW GmbH
ISP	Amazon.com, Inc.
ASN	AS16509

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

80 443

256285003 | 2024-04-27T20:59:30.479444

80 / tcp

HTTP/1.1 400 Bad Request
Server: nginx/1.20.0
Date: Sat, 27 Apr 2024 20:59:30 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 210
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Processed-By: 1
X-Request-ID: 88dc66fc-eec0-faa6-636c-d1f834968e99

1012176076 | 2024-05-04T20:29:57.265135

443 / tcp

HTTP/1.1 303 See Other
Server: nginx/1.20.0
Date: Sat, 04 May 2024 20:29:56 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Processed-By: 1
Location: https://aihelps.docs.apiary.io/
Strict-Transport-Security: max-age=15768000

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:41:96:c9:b6:22:3b:e8:f9:2d:35:ff:48:95:22:75:a3:15
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Mar 13 20:41:23 2024 GMT
            Not After : Jun 11 20:41:22 2024 GMT
        Subject: CN=bp0.cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:e2:b1:2e:38:0a:da:4e:65:64:1e:69:ef:fe:9e:
                    e1:37:4d:4b:74:46:f9:c6:3e:90:34:17:8c:d2:2c:
                    ea:36:ce:77:e0:a3:46:5c:8f:60:17:93:20:72:85:
                    da:23:a3:7a:61:94:67:a8:05:f8:3d:89:46:b6:a1:
                    6d:06:f1:fa:d1:07:3e:21:92:4e:b8:19:5d:32:d9:
                    ca:c8:fb:38:39:fc:7f:43:51:54:5e:04:e3:34:c7:
                    03:a1:5a:f0:ef:ce:d4:d0:0c:de:10:63:4b:a6:1a:
                    1c:b6:af:05:b4:9d:db:77:5c:ab:69:7f:03:9f:b2:
                    02:ca:52:1a:7b:3e:51:32:de:9e:dd:8a:c7:20:9b:
                    63:37:61:c8:82:19:ee:72:4e:35:db:7a:1b:fc:da:
                    54:6b:13:02:4e:31:28:ac:0f:75:4f:24:2d:9b:72:
                    9f:a6:91:a6:75:78:af:ea:b5:b9:4d:55:12:30:4b:
                    54:98:f4:50:6a:31:26:de:c7:f0:80:25:ce:1a:a1:
                    df:59:f3:82:91:90:e6:80:a3:3c:1a:3b:e5:7b:f5:
                    80:74:ce:ae:14:0c:81:97:fb:09:44:6b:f2:5e:ea:
                    e6:3f:6c:3c:07:04:78:24:fd:b7:df:dd:f8:eb:99:
                    80:24:1d:e0:16:15:c7:d0:b2:cd:f4:d1:a5:84:cd:
                    e2:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                FB:C6:41:9B:1F:63:BD:B9:F0:36:A5:A3:CE:9F:AA:D9:0D:50:54:1D
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:api.aihelps.com, DNS:bp0.cc
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Mar 13 21:41:23.842 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:74:48:C8:28:08:41:88:B5:3C:F3:C6:22:
                                35:CB:FE:6C:2D:DE:ED:56:3E:AF:D9:DA:BD:CF:4C:4E:
                                8F:D2:8C:BD:02:20:23:3A:CF:CE:9D:C1:A2:EC:50:0D:
                                75:17:36:2E:57:A6:BE:6E:A9:B3:76:63:03:EC:0A:53:
                                24:F8:08:C6:C7:15
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E2:BF:D6:1E:DE:2F:2F:07:A0:D6:4E:6D:37:A7:DC:
                                65:43:B0:C6:B5:2E:A2:DA:B7:8A:F8:9A:6D:F5:17:D8
                    Timestamp : Mar 13 21:41:23.850 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:0F:D8:F5:47:1C:FC:14:78:94:17:F3:8D:
                                2F:6C:6C:4B:5F:07:7D:8E:01:D9:31:4B:32:19:66:CC:
                                0F:A6:51:E5:02:21:00:B8:AF:E1:52:67:B9:A1:4F:EB:
                                90:BC:0A:23:16:25:FB:57:7C:71:BE:CD:2E:86:E0:CE:
                                86:A8:08:B7:6E:BD:61
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        3c:79:6f:db:9f:97:9e:aa:87:8a:2c:9e:92:74:e0:05:f8:df:
        aa:f5:96:f7:79:3e:cd:38:13:f4:45:c7:38:32:fc:37:a2:38:
        6e:8b:29:ca:a8:3c:0c:aa:10:b3:c8:93:93:37:ea:31:6f:d8:
        91:cc:63:4e:23:04:c5:17:ea:db:b2:4f:92:22:56:b9:fe:67:
        ae:d5:18:f2:b9:8b:f9:b2:9d:df:47:39:8f:a0:bc:4e:e7:9f:
        86:77:7d:49:06:fd:19:33:78:e5:8f:14:dd:a0:c0:75:60:be:
        51:c4:d3:4c:99:94:34:31:f3:60:cf:a1:3d:22:64:2f:f1:db:
        19:d6:0f:db:6b:32:02:ad:33:b8:19:cc:4f:f0:9c:df:83:f8:
        68:b4:b4:95:4b:5b:6f:35:9e:b9:98:ab:f7:d4:6f:14:d2:5b:
        e2:02:b0:5a:4f:55:63:23:52:d5:db:ae:da:63:70:d9:d0:0d:
        1c:a6:66:eb:0a:07:4a:2a:3e:3c:fb:ca:e9:65:ba:94:85:ea:
        83:8b:fe:20:34:50:de:7c:ff:0d:5f:d5:35:ca:3d:9c:b2:a9:
        42:84:74:40:c8:a9:86:aa:a1:2e:fc:e0:20:95:50:2c:17:5f:
        e7:88:7b:e2:b2:db:88:91:9d:8c:bd:fe:18:67:18:9c:6a:0b:
        3f:06:be:77

3.127.99.124

Last Seen: 2024-05-04

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

256285003 | 2024-04-27T20:59:30.479444
80 / tcp

nginx1.20.0

1012176076 | 2024-05-04T20:29:57.265135
443 / tcp

nginx1.20.0

Products

Pricing

Contact Us

3.127.99.124

Last Seen: 2024-05-04

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

256285003 | 2024-04-27T20:59:30.479444 80 / tcp

nginx1.20.0

1012176076 | 2024-05-04T20:29:57.265135 443 / tcp

nginx1.20.0

Products

Pricing

Contact Us

256285003 | 2024-04-27T20:59:30.479444
80 / tcp

1012176076 | 2024-05-04T20:29:57.265135
443 / tcp