GeneralInformation

Hostnames	ec2-34-249-148-208.eu-west-1.compute.amazonaws.com invenio.sandbox.xpect.porsche.cloud
Domains	amazonaws.com porsche.cloud
Cloud Provider	Amazon
Cloud Region	eu-west-1
Cloud Service	EC2
Country	Ireland
City	Dublin
Organization	Amazon Data Services Ireland Limited
ISP	Amazon.com, Inc.
ASN	AS16509

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

80 443

532087352 | 2024-03-24T03:36:46.558465

80 / tcp

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Content-Security-Policy: script-src 'self' 'unsafe-inline';script-src-attr 'self' 'unsafe-inline';default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Content-Type: application/json; charset=utf-8
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Date: Sun, 24 Mar 2024 03:36:43 GMT
ETag: W/"36-VF6TvDhaW9rP/bc7+/GTKAzDJTo"
Expect-CT: max-age=0
Expires: 0
Origin-Agent-Cluster: ?1
Pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx/1.18.0
Strict-Transport-Security: max-age=15552000; includeSubDomains
Surrogate-Control: no-store
Vary: Origin
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 0
Content-Length: 54
Connection: keep-alive

974570904 | 2024-04-18T16:45:48.596075

443 / tcp

HTTP/1.1 403 Forbidden
Server: awselb/2.0
Date: Thu, 18 Apr 2024 16:45:48 GMT
Content-Type: text/html
Content-Length: 520
Connection: keep-alive

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:02:47:88:a4:1a:86:17:f2:1a:01:d2:04:3c:ac:8a
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Amazon, CN=Amazon RSA 2048 M02
        Validity
            Not Before: Feb 19 00:00:00 2024 GMT
            Not After : Mar 19 23:59:59 2025 GMT
        Subject: CN=invenio.sandbox.xpect.porsche.cloud
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:e0:1b:0f:aa:a1:72:5c:97:9b:f5:44:85:48:87:
                    7a:c4:5b:e4:ef:b6:f6:50:e8:04:54:24:1b:0a:4f:
                    30:7c:05:07:68:3f:b7:e9:53:95:f5:3b:39:59:d5:
                    a3:70:d4:23:a4:de:3c:4a:b6:54:80:f4:52:1b:9a:
                    dc:00:5c:05:de:4b:63:2f:0f:21:3c:ed:f2:1e:a0:
                    1b:73:9f:23:d3:c7:8c:e5:af:0f:e1:51:db:13:2b:
                    6f:b9:84:bd:36:8b:06:9b:05:05:2d:53:0b:bf:75:
                    1b:b6:5e:91:4f:e6:c5:a2:dc:43:94:02:22:a0:05:
                    95:07:97:b4:fe:9c:5d:15:1d:5a:57:cf:fe:85:bc:
                    ec:3a:e7:d4:41:39:24:8f:75:25:5f:9f:c9:4c:49:
                    36:16:2f:f7:dc:09:c0:a4:77:4f:85:c3:18:2f:87:
                    eb:af:56:0e:28:a7:90:9a:87:ba:1b:3b:07:1a:49:
                    e6:dc:f8:96:a7:8d:c8:04:df:9d:a4:02:b1:1e:28:
                    da:71:ae:98:df:6c:e5:d8:db:fa:31:cf:34:f0:82:
                    49:49:fc:31:7f:c7:91:f0:93:1a:51:6f:ca:4f:33:
                    7d:ac:66:1e:21:7f:64:f0:39:52:db:c1:80:63:8f:
                    f9:54:f9:f3:0e:54:66:cf:cf:57:1e:02:80:7f:3c:
                    2f:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                C0:31:52:CD:5A:50:C3:82:7C:74:71:CE:CB:E9:9C:F9:7A:EB:82:E2
            X509v3 Subject Key Identifier: 
                71:A6:DE:06:98:38:E6:08:B5:38:2B:CD:B1:73:8D:55:C0:ED:C8:57
            X509v3 Subject Alternative Name: 
                DNS:invenio.sandbox.xpect.porsche.cloud
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.r2m02.amazontrust.com/r2m02.crl
            Authority Information Access: 
                OCSP - URI:http://ocsp.r2m02.amazontrust.com
                CA Issuers - URI:http://crt.r2m02.amazontrust.com/r2m02.cer
            X509v3 Basic Constraints: critical
                CA:FALSE
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : Feb 19 16:20:27.757 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:76:41:38:BD:FA:00:28:3B:2E:7A:89:75:
                                44:98:10:5D:DE:9E:29:A6:25:C8:36:CF:A5:47:57:35:
                                17:EB:CA:D2:02:20:38:5F:79:A0:43:BB:5B:C8:9F:7E:
                                14:9D:B3:C3:4B:93:35:DE:B0:B7:82:DD:05:F8:2A:4D:
                                CE:2D:C6:6E:AC:9A
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 7D:59:1E:12:E1:78:2A:7B:1C:61:67:7C:5E:FD:F8:D0:
                                87:5C:14:A0:4E:95:9E:B9:03:2F:D9:0E:8C:2E:79:B8
                    Timestamp : Feb 19 16:20:27.816 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:10:14:8A:85:CE:11:31:AF:00:35:38:CA:
                                B7:C9:8D:EF:37:0C:AF:AE:BC:09:45:8B:F9:EA:2C:F4:
                                AD:DC:13:94:02:20:03:BD:66:9D:23:04:DE:CD:8F:EA:
                                A2:00:DD:A5:C8:BC:DD:48:FA:A5:C3:16:D8:CD:B4:21:
                                D6:80:F3:18:A6:26
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : E6:D2:31:63:40:77:8C:C1:10:41:06:D7:71:B9:CE:C1:
                                D2:40:F6:96:84:86:FB:BA:87:32:1D:FD:1E:37:8E:50
                    Timestamp : Feb 19 16:20:27.862 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:51:0B:AD:A0:24:C1:D2:7D:61:22:A8:1A:
                                EB:78:A9:DE:0C:14:83:A7:8C:FC:9B:9F:C4:66:49:AF:
                                E5:40:C4:34:02:20:65:E6:92:F4:08:80:4B:C2:A5:B9:
                                B4:B3:FA:5F:A3:78:86:2B:30:BE:F5:34:4B:1C:97:7D:
                                42:E3:CE:63:85:B6
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        8c:14:6a:99:3f:ad:78:bb:41:7e:cb:ca:b0:23:1c:77:cc:36:
        64:3a:48:72:4d:e8:f1:2b:c3:93:56:86:0c:c7:00:d9:08:7a:
        bc:fd:51:21:53:82:82:73:ae:f7:85:32:59:72:da:aa:9c:b8:
        aa:c8:cf:99:51:05:54:8a:8c:19:bd:27:3a:1a:7a:bd:00:44:
        5c:01:93:34:8f:a3:8c:fd:e9:84:b5:9a:ab:61:ce:65:a8:8e:
        ae:5f:b7:c3:e5:3b:09:a3:b0:f1:e8:00:8b:92:3c:22:66:ff:
        4c:c6:bc:5c:4b:c1:d6:27:3d:5c:0e:a1:41:84:8f:f6:0c:38:
        c9:b1:7f:c2:eb:c0:6c:31:4e:0f:51:e9:5f:3c:95:b1:2f:84:
        b3:be:35:3f:87:48:38:c7:a7:37:1b:3f:a4:77:d7:05:55:53:
        ce:dd:50:58:cc:3f:10:3c:e0:8e:94:d9:bc:29:4c:7b:ef:1d:
        1e:87:81:86:f1:f3:3e:5f:91:ac:37:4b:4f:3b:7c:46:f2:b7:
        61:af:9f:82:65:13:28:ae:d4:21:74:8a:d6:98:7f:ae:61:bb:
        b1:fa:e8:84:8d:02:b3:9c:42:61:4b:3a:3c:a0:4f:9b:75:9c:
        17:b4:12:e4:73:cf:49:88:65:c2:91:5d:5b:dd:71:67:a1:49:
        8d:36:e1:93

34.249.148.208

Last Seen: 2024-04-18

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

532087352 | 2024-03-24T03:36:46.558465
80 / tcp

nginx1.18.0

974570904 | 2024-04-18T16:45:48.596075
443 / tcp

AWS ELB2.0

Products

Pricing

Contact Us

34.249.148.208

Last Seen: 2024-04-18

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

532087352 | 2024-03-24T03:36:46.558465 80 / tcp

nginx1.18.0

974570904 | 2024-04-18T16:45:48.596075 443 / tcp

AWS ELB2.0

Products

Pricing

Contact Us

532087352 | 2024-03-24T03:36:46.558465
80 / tcp

974570904 | 2024-04-18T16:45:48.596075
443 / tcp