GeneralInformation

Hostnames	ec2-35-160-83-87.us-west-2.compute.amazonaws.com
Domains	amazonaws.com
Cloud Provider	Amazon
Cloud Region	us-west-2
Cloud Service	EC2
Country	United States
City	Boardman
Organization	Amazon.com, Inc.
ISP	Amazon.com, Inc.
ASN	AS16509

WebTechnologies

Analytics

JavaScript libraries

Miscellaneous

UI frameworks

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	7.5The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	7.4ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	7.7A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
CVE-2020-23064	6.1Cross Site Scripting vulnerability in jQuery 2.2.0 through 3.x before 3.5.0 allows a remote attacker to execute arbitrary code via the <options> element.
CVE-2020-11023	6.1In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022	6.1In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2019-20372	5.3NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.

OpenPorts

443

1441150621 | 2024-04-16T09:55:54.347279

443 / tcp

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 09:55:54 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.16.1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
ETag: W/"84423046ffede9d01a664431428ddb91"
Cache-Control: max-age=0, private, must-revalidate
Set-Cookie: visited=1; path=/; expires=Tue, 16 Apr 2024 10:55:54 GMT
X-Request-Id: 42456c30-132f-472e-a968-86782bebae72
X-Runtime: 0.016167

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:4c:96:7d:33:60:55:15:42:2e:e0:ae:bc:6f:63:f2
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Amazon, CN=Amazon RSA 2048 M01
        Validity
            Not Before: Aug 23 00:00:00 2023 GMT
            Not After : Sep 19 23:59:59 2024 GMT
        Subject: CN=*.sescsp.org.br
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:88:4b:f1:62:4a:31:fe:e6:6e:96:a2:49:e7:06:
                    9d:92:60:94:93:48:53:8e:bf:99:2a:18:12:48:34:
                    ee:36:5d:1f:db:7e:d5:9e:77:8f:36:1c:98:ec:9a:
                    1e:27:53:4e:a1:0f:e6:08:2d:d3:8e:28:78:8b:b1:
                    bf:27:52:e9:5e:4e:5a:ad:19:3e:bf:a1:6b:64:ae:
                    d7:e2:ea:60:77:d7:8e:b4:96:da:ad:8b:47:54:52:
                    2b:2b:cc:9f:8a:26:78:0e:72:b1:fb:69:da:ad:8b:
                    d0:7a:23:db:8f:43:7a:e4:05:54:fe:35:4f:1f:67:
                    ba:86:9d:ff:41:89:0b:cd:ee:98:07:fc:ad:fa:08:
                    b5:63:8f:5f:20:94:38:f7:53:9c:be:76:95:c1:0b:
                    10:40:90:89:d4:e0:9e:3f:4c:16:a8:13:90:08:89:
                    a5:08:4a:5a:56:87:2a:89:c0:1c:9d:8b:c0:e0:d0:
                    a1:aa:34:13:cd:b3:7a:f0:5e:da:f7:02:79:9b:f5:
                    54:ea:a0:2e:e6:69:b7:35:b2:03:77:f4:cf:78:ad:
                    f8:9c:5e:29:db:77:a0:04:32:d7:6c:95:a1:f4:72:
                    de:38:82:01:50:8c:cb:fe:9c:b7:be:02:f5:6d:6a:
                    a9:24:e2:b5:2e:1b:a3:07:9f:b5:bd:49:e4:f8:02:
                    77:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                81:B8:0E:63:8A:89:12:18:E5:FA:3B:3B:50:95:9F:E6:E5:90:13:85
            X509v3 Subject Key Identifier: 
                C0:41:6A:9B:47:A2:56:5F:3A:47:17:DD:20:98:2E:67:9C:BC:FA:48
            X509v3 Subject Alternative Name: 
                DNS:*.sescsp.org.br
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.r2m01.amazontrust.com/r2m01.crl
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            Authority Information Access: 
                OCSP - URI:http://ocsp.r2m01.amazontrust.com
                CA Issuers - URI:http://crt.r2m01.amazontrust.com/r2m01.cer
            X509v3 Basic Constraints: critical
                CA:FALSE
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Aug 23 13:10:21.559 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:86:B4:54:D9:CA:70:18:0D:4B:98:EC:
                                7D:74:97:DE:5C:CD:B0:6A:2E:5F:74:21:78:2E:EC:7A:
                                36:D8:D7:4D:05:02:20:5D:D2:F3:93:F2:1E:76:D2:78:
                                D1:11:E5:D0:E4:D9:EF:AC:3D:C5:2F:54:1D:54:CC:AD:
                                35:F4:08:00:9C:AC:A2
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Aug 23 13:10:21.613 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:DB:61:0D:D2:4C:9E:A4:21:1C:58:98:
                                91:CE:46:3E:04:8B:BB:31:AF:57:EA:87:11:92:F2:6D:
                                FA:C3:4C:9B:A1:02:20:1F:5F:38:CA:8C:73:61:77:1C:
                                BD:CF:DE:EE:47:61:D6:47:B7:9E:FC:43:D6:3D:A4:FD:
                                23:32:64:B8:F4:B5:51
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70:
                                91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB
                    Timestamp : Aug 23 13:10:21.536 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:6D:38:63:21:5A:A9:28:2A:EE:E0:E1:D3:
                                E8:0A:EC:62:5C:70:1D:CA:B7:05:BB:0D:A2:69:CC:EC:
                                A0:02:01:9D:02:20:0E:C4:D7:01:BC:28:7B:EF:0B:59:
                                91:5A:DD:A3:06:57:E6:D5:8D:C5:99:F0:97:4A:87:68:
                                CE:C3:5B:7D:27:B2
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        78:90:c0:67:8e:2c:a9:3f:d8:79:1b:e2:88:94:8d:a5:1e:dc:
        33:f4:fc:d0:66:63:74:f7:07:0f:10:18:60:11:73:12:fa:a2:
        47:4f:94:75:34:ca:f9:9f:64:82:e2:13:bd:5b:33:ba:92:0d:
        9e:33:43:ae:ab:e3:19:04:4f:ac:8c:cc:44:61:f4:37:c7:ab:
        c4:55:dd:58:14:e1:cd:af:93:5f:17:01:76:20:ba:1d:2c:df:
        26:a6:cc:36:e7:36:13:aa:4d:13:c1:a2:cf:e6:7c:a4:cc:fa:
        3f:f3:7c:e3:04:a8:2b:e1:83:e4:90:73:40:29:c2:22:02:a5:
        2d:cf:27:20:61:4f:d2:3a:a8:5d:36:2f:16:ed:84:b3:85:25:
        17:0f:36:92:a2:e9:34:d2:ef:09:7f:b8:ee:14:73:c7:29:ef:
        4a:be:a3:dd:21:7f:9d:1b:9c:7f:85:ef:07:c6:9c:63:51:cf:
        83:2e:c9:02:56:60:3d:33:56:d2:57:66:53:48:89:36:9f:c2:
        22:07:97:13:a8:08:31:54:a8:9c:76:d6:de:6c:7d:85:68:17:
        5e:1c:24:69:a4:a1:7d:55:d2:77:f3:5b:fe:f9:90:44:30:03:
        0b:cc:cd:67:61:8f:a3:33:82:b5:e5:02:6e:24:4a:a6:50:f0:
        3f:19:31:a1

35.160.83.87

Last Seen: 2024-04-16

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1441150621 | 2024-04-16T09:55:54.347279
443 / tcp

nginx1.16.1

Products

Pricing

Contact Us

35.160.83.87

Last Seen: 2024-04-16

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1441150621 | 2024-04-16T09:55:54.347279 443 / tcp

nginx1.16.1

Products

Pricing

Contact Us

1441150621 | 2024-04-16T09:55:54.347279
443 / tcp