GeneralInformation

Hostnames	ec2-52-201-208-245.compute-1.amazonaws.com ai-ctf.bsidescpt.net
Domains	amazonaws.com bsidescpt.net
Cloud Provider	Amazon
Cloud Region	us-east-1
Cloud Service	EC2
Country	United States
City	Ashburn
Organization	Amazon Technologies Inc.
ISP	Amazon.com, Inc.
ASN	AS14618
Operating System	Ubuntu

WebTechnologies

Font scripts

Font Awesome

JavaScript libraries

jQuery

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

80 443

-667856820 | 2024-04-13T01:13:43.463622

80 / tcp

HTTP/1.1 403 Forbidden
Date: Sat, 13 Apr 2024 01:13:43 GMT
Content-Type: application/json
Content-Length: 45
Connection: keep-alive
x-amzn-requestid: f81f607b-00ec-49df-8dba-6cb2719cff2d

-2125943579 | 2024-04-23T00:41:22.636365

443 / tcp

HTTP/1.1 200 OK
Date: Tue, 23 Apr 2024 00:41:22 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 4031
Connection: keep-alive
Server: nginx/1.18.0 (Ubuntu)

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0d:96:9a:e1:bf:c6:f1:09:b2:fe:62:43:60:b6:f7:20
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Amazon, CN=Amazon RSA 2048 M02
        Validity
            Not Before: Nov 29 00:00:00 2023 GMT
            Not After : Dec 27 23:59:59 2024 GMT
        Subject: CN=*.bsidescpt.net
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:be:71:a4:8d:b7:46:26:47:a8:5e:90:60:ee:bc:
                    c9:6a:a5:43:f1:15:1e:14:e0:bd:8b:c3:bd:23:79:
                    3f:d1:7d:f9:8a:5a:0e:a4:64:5e:cd:78:16:7e:23:
                    d7:04:5c:a5:4c:30:fc:b5:57:83:b2:5a:59:fa:b5:
                    3d:28:8d:06:11:69:89:f0:65:90:9a:ef:f0:e8:e2:
                    0d:ff:2c:b1:76:4c:67:70:f3:44:a5:78:3a:b2:a5:
                    5f:12:65:f6:7e:4e:70:c4:c7:5a:94:56:bd:83:84:
                    1b:62:b4:d2:5f:de:f3:ee:11:7a:21:14:38:c5:fc:
                    37:7f:85:a8:2f:fe:26:0a:d0:07:74:9c:d6:2f:de:
                    1a:66:7c:ca:af:2e:fc:1c:40:db:76:a0:84:82:97:
                    77:92:1f:f9:9b:9d:c2:a1:de:1a:0e:b3:4c:5c:bb:
                    ae:3a:95:c6:89:fd:56:1d:42:50:66:19:ac:f4:c0:
                    34:56:a3:46:46:92:54:cb:ef:75:4e:20:2a:b9:75:
                    e7:e4:68:39:f8:20:aa:e5:44:4e:de:d3:60:38:b0:
                    55:27:62:24:6e:e2:1b:b2:79:47:82:17:d7:d8:cb:
                    36:46:68:5b:c5:bd:a9:19:b0:5b:76:45:ab:17:d4:
                    f5:55:5e:9d:16:a4:33:ce:65:69:54:c5:3c:9f:f0:
                    a8:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                C0:31:52:CD:5A:50:C3:82:7C:74:71:CE:CB:E9:9C:F9:7A:EB:82:E2
            X509v3 Subject Key Identifier: 
                A2:92:A9:E6:CA:C6:83:54:C6:95:95:0E:F6:A5:8E:5A:9D:63:7A:E1
            X509v3 Subject Alternative Name: 
                DNS:*.bsidescpt.net, DNS:ai-ctf.bsidescpt.net
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.r2m02.amazontrust.com/r2m02.crl
            Authority Information Access: 
                OCSP - URI:http://ocsp.r2m02.amazontrust.com
                CA Issuers - URI:http://crt.r2m02.amazontrust.com/r2m02.cer
            X509v3 Basic Constraints: critical
                CA:FALSE
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
                                B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
                    Timestamp : Nov 29 07:05:45.051 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:AE:59:B5:97:40:91:0C:1A:8D:C0:ED:
                                2B:F9:3E:D0:C0:AF:B8:F8:D7:5C:80:6C:3B:DF:5A:31:
                                F6:FF:73:BA:47:02:20:34:D4:E5:30:08:9B:62:98:BF:
                                75:51:E3:92:07:D9:72:EB:E0:9E:2B:0D:D4:42:AD:B1:
                                CF:02:98:11:E2:F4:DA
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Nov 29 07:05:44.981 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:40:E1:70:0E:CB:A1:30:45:44:2A:BE:1C:
                                1F:72:54:8A:19:98:6B:2B:F9:86:A7:71:69:C9:85:27:
                                74:15:AC:6D:02:20:5C:3F:42:FA:58:04:47:12:8F:AE:
                                73:2F:B1:AD:07:1B:93:82:D1:14:33:A4:2F:AD:B9:82:
                                AC:76:35:E3:18:9C
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70:
                                91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB
                    Timestamp : Nov 29 07:05:45.000 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:CF:5D:46:A6:EA:D7:8E:70:4E:81:05:
                                0C:D5:9F:2A:1E:84:D5:B7:30:A4:A0:4B:C5:B0:54:60:
                                2F:E9:02:7C:7A:02:21:00:D5:C6:6F:EE:A3:0E:4B:91:
                                D5:70:6A:87:1C:5C:80:04:A6:65:5B:6A:27:76:D2:21:
                                48:C0:4A:A2:06:79:09:A8
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        19:63:2f:10:40:99:40:0c:fb:1a:af:8c:12:db:68:cf:58:5e:
        26:16:f9:65:22:e0:d1:05:50:1f:7a:99:23:ae:0b:4a:8b:86:
        43:c4:68:f7:0c:8d:f7:1a:fc:21:4b:c6:dd:3c:c7:8c:e2:6e:
        61:b1:c8:6a:66:5f:5f:b7:5d:0e:66:0f:f5:3c:f1:01:f4:88:
        ce:9f:cc:27:66:57:5a:31:ec:e1:00:c2:bb:4e:46:ea:4f:7d:
        55:8d:d6:a4:6a:48:d5:92:a0:93:d8:da:1b:0d:e9:12:b3:33:
        6c:39:c1:63:7f:ea:33:b6:62:79:34:1c:6d:11:78:8c:dd:0b:
        63:a3:c3:7d:0f:91:ab:41:32:6d:2e:b2:18:e9:c3:06:fc:e8:
        d5:af:a7:c6:66:16:90:d4:eb:65:33:54:39:02:d9:2b:2e:cf:
        d8:4b:25:64:39:b4:ea:63:f4:5e:50:a0:68:94:d8:5f:8d:bb:
        1e:30:29:ca:5e:a9:75:3d:68:40:31:24:2d:56:b0:ab:a8:29:
        37:5e:a0:d8:31:b7:ea:c3:83:b8:d5:d2:43:ca:43:e7:a2:f7:
        1d:3d:74:cc:ab:7f:83:79:1a:2e:9f:8c:a5:55:9c:1f:51:01:
        eb:25:3e:6f:44:51:3c:e5:2a:54:1c:c3:29:49:ff:62:0b:77:
        2b:c0:eb:f7

52.201.208.245

Last Seen: 2024-04-23

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-667856820 | 2024-04-13T01:13:43.463622
80 / tcp

-2125943579 | 2024-04-23T00:41:22.636365
443 / tcp

nginx1.18.0

Products

Pricing

Contact Us

52.201.208.245

Last Seen: 2024-04-23

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-667856820 | 2024-04-13T01:13:43.463622 80 / tcp

-2125943579 | 2024-04-23T00:41:22.636365 443 / tcp

nginx1.18.0

Products

Pricing

Contact Us

-667856820 | 2024-04-13T01:13:43.463622
80 / tcp

-2125943579 | 2024-04-23T00:41:22.636365
443 / tcp