GeneralInformation

Hostnames	ec2-52-203-211-103.compute-1.amazonaws.com
Domains	amazonaws.com
Cloud Provider	Amazon
Cloud Region	us-east-1
Cloud Service	EC2
Country	United States
City	Ashburn
Organization	Amazon Technologies Inc.
ISP	Amazon.com, Inc.
ASN	AS14618

WebTechnologies

JavaScript frameworks

Prototype

JavaScript libraries

jQuery1.4.4

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2020-7656	6.1jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load method. The load method fails to recognize and remove "<script>" HTML tags that contain a whitespace character, i.e: "</script >", which results in the enclosed script logic to be executed.
CVE-2020-11023	6.1In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022	6.1In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2019-11358	6.1jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CVE-2015-9251	6.1jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
CVE-2012-6708	6.1jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '<' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common.
CVE-2011-4969	Cross-site scripting (XSS) vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag.

OpenPorts

80 443

-2100514759 | 2024-04-17T14:06:38.740197

80 / tcp

HTTP/1.1 301 Moved Permanently
Date: Wed, 17 Apr 2024 14:06:38 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Set-Cookie: AWSALB=YEj0SF/l/FCe/v3mtzn0LoFjehB9jQ2qt5/IlnH7xy1CVj4u+UXujTS2trB/JZlWdIhP8EMGp/XtldDid09sXHxlNwrezmg7RKa/n0mOwkBEsjikR+CjGLVQN1d+; Expires=Wed, 24 Apr 2024 14:06:38 GMT; Path=/
Set-Cookie: AWSALBCORS=YEj0SF/l/FCe/v3mtzn0LoFjehB9jQ2qt5/IlnH7xy1CVj4u+UXujTS2trB/JZlWdIhP8EMGp/XtldDid09sXHxlNwrezmg7RKa/n0mOwkBEsjikR+CjGLVQN1d+; Expires=Wed, 24 Apr 2024 14:06:38 GMT; Path=/; SameSite=None
Server: nginx
Location: https://52.203.211.103/secure/login/auth
P3P: policyref="http://www.turnto.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR CONi NOR"
X-Frame-Options: SAMEORIGIN
TurnTo-Node: 1
tt_request_id: 72e27b28fd176b90dd6771065a718e04
ttstatus: 1

-1398362516 | 2024-04-17T16:54:43.694940

443 / tcp

HTTP/1.1 200 OK
Date: Wed, 17 Apr 2024 16:54:43 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: AWSALB=z32TB03PyNLBrlfi/wfOv6gWyFoiCi2GwtEAhGxqfUft8TDRyxyfqbpekG++qcrMd6zm2yHzvOqKuqqWnuZTZoxbAEk/ejytQE2/nU1kn8a2fmcu+M3RA4odLOzj; Expires=Wed, 24 Apr 2024 16:54:43 GMT; Path=/
Set-Cookie: AWSALBCORS=z32TB03PyNLBrlfi/wfOv6gWyFoiCi2GwtEAhGxqfUft8TDRyxyfqbpekG++qcrMd6zm2yHzvOqKuqqWnuZTZoxbAEk/ejytQE2/nU1kn8a2fmcu+M3RA4odLOzj; Expires=Wed, 24 Apr 2024 16:54:43 GMT; Path=/; SameSite=None; Secure
Server: nginx
Vary: Accept-Encoding
Set-Cookie: JSESSIONID=4AD11F48D2B25B1111037DD80A0EBC86.app1; Path=/; Secure; HttpOnly; SameSite=None; Secure
Cache-Control: no-cache
Expires: -1
max-age: Thu, 01 Jan 1970 00:00:00 GMT
cache-Control: private
Content-Language: en-US
P3P: policyref="http://www.turnto.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR CONi NOR"
X-Frame-Options: SAMEORIGIN
TurnTo-Node: 1
tt_request_id: 67d8cb5bd6593951d4c8a885ccb6f5a4
ttstatus: 1

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:79:5c:74:50:d7:67:da:00:50:29:e4:d5:c4:81:cf
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Amazon, CN=Amazon RSA 2048 M02
        Validity
            Not Before: Jun  1 00:00:00 2023 GMT
            Not After : Jun 28 23:59:59 2024 GMT
        Subject: CN=*.turntodev.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:af:a8:9b:cb:ad:a6:28:3f:b9:73:8f:22:87:24:
                    4b:e5:02:6c:6a:81:3d:3b:a6:f4:d5:2c:64:ad:09:
                    b4:9e:71:48:74:c6:b9:34:2f:65:1b:e8:27:e5:f2:
                    da:86:ad:89:c8:78:9e:b5:78:57:6c:b5:f2:f8:16:
                    ae:64:90:fb:31:76:68:06:c2:a3:eb:91:52:1c:af:
                    bc:64:88:1e:73:d4:2c:d6:96:12:a6:0e:e4:45:2e:
                    1a:f8:0f:ab:23:35:e9:ec:92:6a:bb:0e:76:b9:f1:
                    15:81:86:db:73:17:92:1a:c8:4e:2a:a2:ed:02:10:
                    fc:d7:7b:cd:eb:80:c3:16:bf:15:72:c6:82:1f:70:
                    9e:b3:71:3a:91:46:0f:ff:16:00:7b:d2:c7:73:35:
                    db:b4:0b:6e:8f:fb:37:aa:59:f6:4a:9e:c1:2c:50:
                    d5:69:2f:86:b3:02:d6:ed:fd:b1:11:f1:6c:c4:a8:
                    00:ec:df:93:8b:f1:8b:29:ad:e3:96:c2:df:e0:25:
                    6b:d3:ca:aa:85:06:15:2d:02:1a:e8:70:4a:5e:a9:
                    e0:3e:73:e2:63:b9:9e:c5:b1:aa:42:63:b0:c2:0a:
                    b3:53:65:4c:e9:cc:d6:f7:6e:9f:c7:7b:63:c7:8b:
                    29:14:01:68:bb:97:a4:08:e7:23:e8:97:5b:36:96:
                    29:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                C0:31:52:CD:5A:50:C3:82:7C:74:71:CE:CB:E9:9C:F9:7A:EB:82:E2
            X509v3 Subject Key Identifier: 
                FD:1C:DF:6E:50:C3:99:8A:24:F1:3B:7A:43:0A:C7:22:90:FC:17:0A
            X509v3 Subject Alternative Name: 
                DNS:*.turntodev.com
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.r2m02.amazontrust.com/r2m02.crl
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            Authority Information Access: 
                OCSP - URI:http://ocsp.r2m02.amazontrust.com
                CA Issuers - URI:http://crt.r2m02.amazontrust.com/r2m02.cer
            X509v3 Basic Constraints: critical
                CA:FALSE
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Jun  1 15:16:49.794 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:37:FD:C6:99:E7:31:4F:E1:88:47:32:DC:
                                1C:50:27:5E:04:FC:BE:D8:10:A0:6C:05:5F:0A:27:A3:
                                60:D6:21:64:02:21:00:FE:C3:8B:C9:4A:0E:DD:98:68:
                                90:04:EE:06:DB:DB:17:61:3A:5C:4F:76:08:0C:18:CE:
                                97:0D:7C:97:99:F9:92
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Jun  1 15:16:49.843 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:A7:CD:FB:BA:DE:BC:C1:79:32:56:FA:
                                D9:BF:D1:E8:77:87:6E:DE:D7:74:5F:BA:24:10:BF:C8:
                                3F:1F:48:4E:62:02:21:00:AC:1F:4B:CC:C6:B6:3D:BD:
                                67:17:D2:B8:AA:61:16:A9:FF:F0:5A:5F:D1:CF:2D:A2:
                                9A:58:CA:DC:F8:B0:8A:A2
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
                                67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
                    Timestamp : Jun  1 15:16:49.845 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:20:DE:B8:DB:3A:C3:4A:72:39:8A:9B:B5:
                                59:47:C9:47:94:29:B7:32:A3:9A:89:BF:32:31:26:25:
                                48:98:43:BC:02:21:00:BB:EF:33:E0:5F:57:83:9D:BC:
                                A5:33:01:1D:F5:28:FC:F3:93:3A:49:9C:49:51:35:E3:
                                D4:B2:5B:B7:AC:63:8C
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        07:12:f8:b2:39:c1:52:d9:7a:40:ab:9d:55:69:d9:75:db:3e:
        e0:58:39:cb:d8:a5:4c:58:72:fb:bd:4c:ef:b9:57:8a:7c:2e:
        44:01:d7:16:aa:4c:78:f4:e3:70:20:2a:8d:61:5e:c5:45:7e:
        ff:83:bd:f3:48:9d:01:65:91:2e:9c:f8:b3:05:9b:cb:61:d5:
        92:e7:44:da:0e:57:01:b2:a3:1c:e4:2e:76:45:6e:7f:21:5c:
        60:86:35:70:6b:dd:b0:8a:4d:d6:65:25:a6:15:c5:76:c0:bb:
        f4:f8:20:89:e4:c9:c7:47:06:4e:d2:ba:24:07:97:da:81:51:
        25:af:22:74:14:82:be:1b:a7:ed:53:75:dd:c7:43:98:4a:b1:
        be:9d:f9:87:8c:18:28:4b:ef:5f:0b:79:45:19:e1:7d:81:9e:
        f8:20:ea:5e:fe:33:61:b9:3e:3b:25:b4:7c:7c:ac:b3:55:e3:
        50:1a:b6:17:c9:72:ff:67:65:e3:ee:3f:2b:ef:3b:30:16:a4:
        8e:76:79:2b:64:3c:19:ca:8f:94:b1:ea:a7:63:3b:8e:cc:da:
        df:1f:99:27:5c:86:8e:9f:f2:d8:04:02:be:9e:d7:f7:77:a1:
        8c:0e:82:e8:64:d4:9c:e6:20:7a:51:96:3f:f7:e5:5e:a6:65:
        a9:ac:e2:c7

52.203.211.103

Last Seen: 2024-04-17

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-2100514759 | 2024-04-17T14:06:38.740197
80 / tcp

nginx

-1398362516 | 2024-04-17T16:54:43.694940
443 / tcp

nginx

Products

Pricing

Contact Us

52.203.211.103

Last Seen: 2024-04-17

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-2100514759 | 2024-04-17T14:06:38.740197 80 / tcp

nginx

-1398362516 | 2024-04-17T16:54:43.694940 443 / tcp

nginx

Products

Pricing

Contact Us

-2100514759 | 2024-04-17T14:06:38.740197
80 / tcp

-1398362516 | 2024-04-17T16:54:43.694940
443 / tcp