GeneralInformation

Hostnames	ec2-35-172-204-163.compute-1.amazonaws.com sonosuite.com
Domains	amazonaws.com sonosuite.com
Cloud Provider	Amazon
Cloud Region	us-east-1
Cloud Service	EC2
Country	United States
City	Ashburn
Organization	Amazon Technologies Inc.
ISP	Amazon.com, Inc.
ASN	AS14618

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 80 443

-214801965 | 2024-05-24T10:22:14.433650

22 / tcp

SSH-2.0-OpenSSH_8.4p1 Debian-5+deb11u3
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQDEcvdnCjIzO0vlkOh5sm/jMbQ+XctrBeiAQwm9E097e9/+
6LMseXz9zh7lvbwTYCo9LOh7e2sGLfQ7I8CfWOdIccNOs9gRJaKnNLd00B4rJ4fWQZ9M4Nw3nSxK
Rev9cmaHAQCAo39v6onfMin2Aq7EDkmrHVpXyLpu1QU5agZcF9X98RGjnqDeCS0dZ97Si15Xyz75
cgtmlRYm2aJ7jwsVN+X1GWEsUu110KU9wJWmQ0o1rH+1SU2qQW5xG8kXLx5WM1jwtkZDLSypvgGv
et6pPWIQj9nnFdVLLxZAKdakTLs2fcBYDs0piiV1StsNpnC35Hn5Ci/yP2qYE2IDYW5MdY2d7ruh
wh6M6ontYkoOneO7ApHLwv0X4/nt0ZKeIsH+bWPJVNX0hlZCerHgdZT0cgc251lsS9k3EHdxS1qH
NHLWMx476onOVMd70Vw/sKHDenMpISi7vbhAP1D6jk+s1VxSCfPZF9esM60+HSha0a91Ux/upSzi
LINiFh3zwsE=
Fingerprint: be:67:a3:9e:96:b4:77:a7:85:33:6d:f3:c9:8b:b2:12

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

1584412971 | 2024-06-03T03:06:35.818991

80 / tcp

HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0
Date: Mon, 03 Jun 2024 03:06:29 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://35.172.204.163/

-1923822488 | 2024-06-03T14:25:30.307157

443 / tcp

HTTP/1.1 500 Internal Server Error
Server: nginx/1.18.0
Date: Mon, 03 Jun 2024 14:25:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=ctmupd5f4vldojtviupfsrrdpb; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Strict-Transport-Security: max-age=86400; includeSubDomains

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:8e:06:a0:40:86:9a:80:c6:a6:21:cf:b7:aa:7d:c7:0e:b0:dc:af
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=CloudFlare, Inc., OU=CloudFlare Origin SSL Certificate Authority, L=San Francisco, ST=California
        Validity
            Not Before: May  2 16:46:00 2024 GMT
            Not After : Apr 29 16:46:00 2039 GMT
        Subject: O=CloudFlare, Inc., OU=CloudFlare Origin CA, CN=CloudFlare Origin Certificate
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:d5:1d:d0:85:b0:2e:a1:8d:72:b7:a5:5d:93:58:
                    cc:1f:e8:3e:f1:bd:dd:4c:4a:e0:23:8f:c0:bd:00:
                    c5:31:50:4d:5d:14:17:42:08:a4:c5:cf:4a:27:c6:
                    7e:0d:09:5f:7f:ac:78:d7:39:28:6e:d6:50:9d:c8:
                    d8:b8:9b:b7:25:9a:08:ee:c9:85:84:da:97:79:6e:
                    57:b6:d6:25:bf:47:80:fc:61:03:76:c9:64:02:44:
                    5b:60:56:7c:fe:62:c1:63:52:9c:87:2a:75:24:38:
                    ce:2c:04:69:d5:52:cf:32:c6:e2:a9:c5:11:45:4b:
                    f1:c5:8d:87:51:15:b0:bb:cd:dc:5b:36:48:61:c1:
                    67:15:f2:5b:90:d8:9c:ae:23:d7:f8:b7:b0:e5:c9:
                    fa:e0:0a:d8:6f:0c:2b:61:f5:83:76:4b:73:36:1d:
                    1d:44:a2:a6:39:da:bb:3b:98:74:c3:83:ff:64:0d:
                    4f:1b:b8:a3:02:f4:0f:99:fa:ee:85:8c:85:1c:f9:
                    de:3b:4b:70:d5:4c:4d:de:61:86:55:e6:a1:b7:38:
                    d9:7c:81:eb:3b:6b:4b:cd:77:c7:47:71:08:22:c1:
                    a2:ea:a7:31:05:3e:9b:a5:55:66:09:fb:13:83:89:
                    ac:15:62:61:8d:22:e5:86:f7:54:ff:cf:4f:6d:48:
                    09:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Client Authentication, TLS Web Server Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                69:67:BE:B6:1F:B8:E2:A2:72:AA:E9:07:E1:1C:07:93:F0:B8:F5:A5
            X509v3 Authority Key Identifier: 
                24:E8:53:57:5D:7C:34:40:87:A9:EB:94:DB:BA:E1:16:78:FC:29:A4
            Authority Information Access: 
                OCSP - URI:http://ocsp.cloudflare.com/origin_ca
            X509v3 Subject Alternative Name: 
                DNS:*.sonosuite.com, DNS:sonosuite.com
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.cloudflare.com/origin_ca.crl
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        79:d3:a5:b8:d9:2f:02:45:f9:73:f3:6c:a2:1e:a4:0f:92:51:
        6c:f8:6b:4f:52:f8:91:b4:79:0a:38:4c:f4:f0:2f:1f:77:1d:
        f5:08:12:99:08:ca:ab:21:9f:b8:97:c7:9b:65:a9:1c:af:27:
        f1:b2:09:e8:b3:39:17:d4:48:fe:da:de:7c:8f:55:bb:b2:f6:
        1c:26:eb:ed:63:78:36:a7:40:94:6a:fa:09:c2:8b:7b:52:45:
        db:82:51:64:32:9a:22:8a:9e:5e:8e:b9:73:8e:07:98:70:04:
        57:33:e3:ba:b6:f9:6b:5b:a7:bd:c4:e3:78:9e:32:a4:26:3b:
        b6:9d:8d:23:6e:fd:16:3f:1b:3e:e0:a2:60:ef:98:82:77:a8:
        32:61:6d:a1:88:1c:a4:f2:3e:eb:f3:91:54:82:d3:57:09:cd:
        17:97:0e:6a:13:18:b6:ab:0a:7d:69:29:fb:9a:6f:b6:d1:ec:
        d2:d4:e0:04:01:26:15:a8:8d:2f:25:e2:67:0a:f1:05:e2:d8:
        0f:b8:41:bb:cd:55:bf:22:22:e2:9b:f4:b4:15:46:9c:fc:47:
        76:dc:c7:75:d0:ec:6c:3f:02:4b:31:97:ae:18:2b:e8:44:d1:
        97:10:8e:3c:05:36:b5:a9:8a:cc:b9:47:81:43:a6:e8:34:57:
        74:05:1e:22

35.172.204.163

Last Seen: 2024-06-03

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-214801965 | 2024-05-24T10:22:14.433650
22 / tcp

OpenSSH8.4p1 Debian 5+deb11u3

1584412971 | 2024-06-03T03:06:35.818991
80 / tcp

nginx1.18.0

-1923822488 | 2024-06-03T14:25:30.307157
443 / tcp

nginx1.18.0

Products

Pricing

Contact Us

35.172.204.163

Last Seen: 2024-06-03

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-214801965 | 2024-05-24T10:22:14.433650 22 / tcp

OpenSSH8.4p1 Debian 5+deb11u3

1584412971 | 2024-06-03T03:06:35.818991 80 / tcp

nginx1.18.0

-1923822488 | 2024-06-03T14:25:30.307157 443 / tcp

nginx1.18.0

Products

Pricing

Contact Us

-214801965 | 2024-05-24T10:22:14.433650
22 / tcp

1584412971 | 2024-06-03T03:06:35.818991
80 / tcp

-1923822488 | 2024-06-03T14:25:30.307157
443 / tcp