GeneralInformation

Hostnames	ec2-44-240-5-214.us-west-2.compute.amazonaws.com strapi.refref.me
Domains	amazonaws.com refref.me
Cloud Provider	Amazon
Cloud Region	us-west-2
Cloud Service	EC2
Country	United States
City	Boardman
Organization	Amazon.com, Inc.
ISP	Amazon.com, Inc.
ASN	AS16509
Operating System	Ubuntu

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

80 443 4000

1949896279 | 2024-05-08T12:41:26.564463

80 / tcp

HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Wed, 08 May 2024 12:41:26 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://44.240.5.214:443/

803326929 | 2024-05-15T08:49:11.448568

443 / tcp

HTTP/1.1 200 OK
Date: Wed, 15 May 2024 08:49:11 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.18.0 (Ubuntu)
Content-Security-Policy: connect-src 'self' https:;img-src 'self' data: blob: market-assets.strapi.io d16giuoj1b12ds.cloudfront.net;media-src 'self' data: blob: market-assets.strapi.io d16giuoj1b12ds.cloudfront.net;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
Vary: Origin
X-Powered-By: Strapi <strapi.io>

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0d:e2:72:61:ed:3c:da:27:0d:6a:14:8d:3b:b3:59:b8
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Amazon, CN=Amazon RSA 2048 M03
        Validity
            Not Before: Feb 29 00:00:00 2024 GMT
            Not After : Mar 30 23:59:59 2025 GMT
        Subject: CN=strapi.refref.me
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:99:2d:0a:88:c6:4d:23:df:ce:a8:56:51:43:44:
                    72:95:64:7e:13:78:0b:43:b4:1e:be:0b:2d:c2:0c:
                    58:2c:a5:66:8a:19:6c:a8:73:f9:c6:2a:ac:2a:b8:
                    54:95:94:19:b3:55:09:3c:e4:d9:02:d3:77:8d:2d:
                    64:57:1e:43:6b:7f:98:b3:f8:0a:98:21:a4:3c:25:
                    46:56:8e:39:58:ab:59:1c:90:1a:0b:16:1f:0c:d8:
                    0a:92:df:21:e2:7a:76:d9:8c:f1:ab:06:63:00:6f:
                    c3:03:c6:22:6a:a8:d5:75:90:8c:f4:ab:02:7e:80:
                    99:16:ca:4c:c8:1e:23:e5:c1:32:48:0b:68:88:51:
                    04:a5:84:92:e1:d4:ba:90:06:3d:7a:a2:b1:79:9f:
                    d7:7d:a2:e1:bc:4a:3e:93:3a:46:59:e8:95:98:af:
                    07:00:7d:29:e7:9f:58:eb:14:c5:a2:83:0c:81:32:
                    0e:88:0d:ff:4f:a4:41:25:77:13:4d:12:3b:d9:16:
                    9a:9c:7b:97:d2:48:cc:63:d3:09:01:8d:f6:2c:3e:
                    96:72:8c:0c:46:b2:cf:bf:9c:ec:88:9e:d8:8d:ee:
                    18:b4:6c:99:90:45:d1:e4:3f:1d:6e:1c:00:88:af:
                    f5:26:c6:09:41:95:44:e8:5e:a2:bf:6b:67:6d:75:
                    c8:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                55:D9:18:5F:D2:1C:CC:01:E1:58:B4:BE:AB:D9:55:42:01:D7:2E:02
            X509v3 Subject Key Identifier: 
                90:A3:58:A5:C5:FF:C1:8B:80:B9:71:D6:50:0F:CF:C9:4E:B4:4D:34
            X509v3 Subject Alternative Name: 
                DNS:strapi.refref.me
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.r2m03.amazontrust.com/r2m03.crl
            Authority Information Access: 
                OCSP - URI:http://ocsp.r2m03.amazontrust.com
                CA Issuers - URI:http://crt.r2m03.amazontrust.com/r2m03.cer
            X509v3 Basic Constraints: critical
                CA:FALSE
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : Feb 29 03:17:39.845 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:60:6A:76:77:D4:28:87:EC:74:E9:63:FA:
                                D3:6C:C8:22:A3:8A:78:6A:70:04:7B:D9:4B:D3:FD:91:
                                0E:63:8F:8B:02:20:5C:19:E4:A8:13:4D:AD:AD:6E:E5:
                                72:B4:16:FD:DF:1A:65:62:02:39:9D:6B:1E:A7:92:D7:
                                A8:89:B8:37:0F:17
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 7D:59:1E:12:E1:78:2A:7B:1C:61:67:7C:5E:FD:F8:D0:
                                87:5C:14:A0:4E:95:9E:B9:03:2F:D9:0E:8C:2E:79:B8
                    Timestamp : Feb 29 03:17:39.787 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:FF:5B:C6:D0:75:D4:27:CB:26:80:EC:
                                5A:54:CB:49:16:6D:80:69:05:0D:B8:F8:26:D4:C4:D1:
                                37:AA:B1:D2:D1:02:20:35:CB:62:5F:A4:37:F3:8A:77:
                                02:54:69:AA:FE:9B:8C:F1:C3:E8:62:6C:3F:97:D5:A7:
                                31:7E:EE:60:67:AD:F1
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : E6:D2:31:63:40:77:8C:C1:10:41:06:D7:71:B9:CE:C1:
                                D2:40:F6:96:84:86:FB:BA:87:32:1D:FD:1E:37:8E:50
                    Timestamp : Feb 29 03:17:39.816 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:6A:24:0C:17:4A:A4:8A:89:D8:FC:A3:5B:
                                E7:55:C2:4E:B4:01:1E:2A:86:5D:0E:FE:9A:96:58:2E:
                                A1:9C:DA:7B:02:21:00:BB:6E:14:EE:70:83:01:AC:89:
                                C6:C8:25:BE:D6:26:10:B7:7D:FA:66:DB:5A:6F:2F:4A:
                                AA:6F:1C:A2:66:D0:80
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        08:42:d5:be:d7:fa:57:e3:3d:e2:01:4b:18:4e:2d:1f:b1:50:
        c7:88:77:45:d0:bd:04:48:3c:79:ff:3a:6c:78:e3:b0:29:1e:
        48:91:56:ed:aa:4c:3d:f2:c9:dd:be:50:5c:9c:27:3f:21:f7:
        02:44:74:62:69:86:ac:a2:75:3a:78:19:2d:e5:22:33:71:c2:
        6e:82:87:26:02:f6:5a:8b:07:60:35:dc:31:46:bc:df:2f:31:
        61:88:89:0a:c4:77:66:55:fc:2c:54:bd:a3:b3:0d:1c:54:d6:
        04:fa:ea:57:d5:7d:af:0f:a0:9b:45:be:03:0f:57:0c:61:fe:
        b1:2c:6e:7b:0b:db:67:2c:ca:22:bc:6f:70:07:23:7a:fa:b2:
        f6:33:f6:30:24:95:14:da:5d:a7:bb:fe:11:5c:d4:0c:7a:c6:
        33:ab:6b:74:27:55:7c:75:43:30:f1:e5:0a:96:da:d3:c6:b2:
        cc:70:aa:b7:77:d1:62:f0:12:c7:41:c3:a9:3c:a9:ed:b6:fe:
        f0:f7:97:6a:5e:12:7a:e2:52:b7:43:89:e3:1d:75:f3:f5:75:
        70:b6:f4:d8:15:d8:8c:64:63:e7:31:2e:21:14:ea:16:fb:e4:
        3f:6a:49:86:88:e2:4e:bf:5a:9c:42:94:37:b7:4e:dd:80:48:
        f0:b9:28:9b

-1715137130 | 2024-05-01T03:33:55.667847

4000 / tcp

HTTP/1.1 400 Bad Request
Server: awselb/2.0
Date: Wed, 01 May 2024 03:33:39 GMT
Content-Type: text/html
Content-Length: 122
Connection: close

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
</body>
</html>

44.240.5.214

Last Seen: 2024-05-15

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1949896279 | 2024-05-08T12:41:26.564463
80 / tcp

AWS ELB2.0

803326929 | 2024-05-15T08:49:11.448568
443 / tcp

nginx1.18.0

-1715137130 | 2024-05-01T03:33:55.667847
4000 / tcp

AWS ELB2.0

Products

Pricing

Contact Us

44.240.5.214

Last Seen: 2024-05-15

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1949896279 | 2024-05-08T12:41:26.564463 80 / tcp

AWS ELB2.0

803326929 | 2024-05-15T08:49:11.448568 443 / tcp

nginx1.18.0

-1715137130 | 2024-05-01T03:33:55.667847 4000 / tcp

AWS ELB2.0

Products

Pricing

Contact Us

1949896279 | 2024-05-08T12:41:26.564463
80 / tcp

803326929 | 2024-05-15T08:49:11.448568
443 / tcp

-1715137130 | 2024-05-01T03:33:55.667847
4000 / tcp