GeneralInformation

Hostnames	my.airlst.com ec2-52-29-193-145.eu-central-1.compute.amazonaws.com
Domains	airlst.com amazonaws.com
Cloud Provider	Amazon
Cloud Region	eu-central-1
Cloud Service	EC2
Country	Germany
City	Frankfurt am Main
Organization	A100 ROW GmbH
ISP	Amazon.com, Inc.
ASN	AS16509

WebTechnologies

Documentation

Zendesk

Issue trackers

Zendesk

Live chat

Zendesk

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 80 443

1389845334 | 2024-04-17T05:40:37.228740

22 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.11
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQDtW1o97s59dgIeGxoiPUfmN4OywNDSLydEkureDi51XgqE
uG7G1LoLBPV+OJYKa7Da0aW8o6KTwpRdh2DWvmOA+SRuuvPpEfRcJFFpXv4N3g2h/ZsuyKKbxN6n
2/Pl5D5IuJLP999srB1rXVO5aJDVKurug3W4oYFOH2TJw6zIpbE6d+jee71lRLMx5e4So55EXI5o
Y9xLNgdurH8tRZfQsNdVbqvJLAH9G3m6XRlvrJ5RxOpM0GBDVouprQHH2rjRxyaSaFepRhJnssYQ
Z1SM6rOlcidugcxz4gGRCL+Tj2SFiEOhne2jRX+ti1+OSHWKwU4S9mWWO32NTuft5NBt+D+qcjUX
XAIrGDspbsVypfjXZUxNeauyE3yrLuTuhhIyAXJigLwWEw80GTi9mG3gd1/sGEDQRjtIYO3NK5sN
93tuCoouzbdq4/GxwwkhoFq9gnnWhSH3P1oxfg4zr7mPrUSp7uwtilVYWSjqUuRHMAoAPQzxS47z
A2oqnHfkBeE=
Fingerprint: c1:a7:77:6a:8e:0c:cc:49:f4:9d:40:d9:b0:43:2e:7f

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

-158149353 | 2024-05-02T15:34:15.535877

80 / tcp

HTTP/1.1 404 Not Found
Server: nginx/1.18.0
Date: Thu, 02 May 2024 15:34:15 GMT
Content-Type: text/html
Content-Length: 555
Connection: keep-alive

1990915506 | 2024-04-29T01:22:47.529578

443 / tcp

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 29 Apr 2024 01:22:47 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1537
Connection: keep-alive
Last-Modified: Tue, 30 Jan 2024 09:11:31 GMT
Vary: Accept-Encoding
ETag: "65b8bd43-601"
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; report=https://v1.api.airlst.com/security/csp
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=86400
Content-Security-Policy: default-src 'self' *.airlst.com; img-src 'self' * data: blob:; connect-src 'self' ekr.zdassets.com airlst.zendesk.com *.airlst.com *.pusher.com wss://main.sockets.airlst.com; style-src 'self' *.airlst.com *.airlst-events.com fonts.googleapis.com 'unsafe-inline'; script-src 'self' *.airlst.com  *.airlst-events.com *.googleapis.com *.getbee.io *.pusher.com static.zdassets.com 'unsafe-eval' 'unsafe-inline'; font-src 'self' *.airlst.com fonts.gstatic.com; frame-src 'self' *.airlst.com  *.airlst-events.com blob: app.getbee.io; report-uri https://v1.api.airlst.com/security/csp; report-to https://v1.api.airlst.com/security/csp;

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:98:9b:e5:99:3b:e8:3b:9e:16:f8:09:d6:98:a1:86:e4:4b
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Mar 13 23:43:13 2024 GMT
            Not After : Jun 11 23:43:12 2024 GMT
        Subject: CN=my.airlst.com
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (384 bit)
                pub:
                    04:2f:a0:e6:8c:3c:34:72:77:6b:84:79:96:77:c1:
                    b5:2e:58:34:7b:2a:89:cd:d4:86:0c:c2:c0:b2:6d:
                    01:c6:a7:5c:0f:20:02:52:83:ec:70:1a:86:93:4d:
                    b4:c4:f9:73:1d:6a:65:6a:d6:b8:bb:f9:46:af:6b:
                    b8:c7:bd:0d:38:7b:a0:ac:d7:7a:7b:91:8f:e4:87:
                    fa:bf:da:14:81:b7:73:9a:aa:90:93:80:d4:49:da:
                    62:4c:81:92:a3:ba:83
                ASN1 OID: secp384r1
                NIST CURVE: P-384
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                C0:06:B3:86:CD:F8:59:02:F8:5F:91:E0:AE:9B:B2:C1:DD:52:B2:2C
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:my.airlst.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E2:BF:D6:1E:DE:2F:2F:07:A0:D6:4E:6D:37:A7:DC:
                                65:43:B0:C6:B5:2E:A2:DA:B7:8A:F8:9A:6D:F5:17:D8
                    Timestamp : Mar 14 00:43:13.518 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:C9:A5:5B:76:DB:38:C6:6A:DC:B6:17:
                                1A:FE:EC:42:6A:55:89:76:26:FA:1E:F0:14:5E:55:8B:
                                3F:7C:3D:4C:98:02:20:4C:C9:22:8B:6A:DC:60:5A:9A:
                                4B:0A:34:2A:B1:51:95:45:54:46:CB:BB:09:42:BF:77:
                                8A:58:4E:A9:50:73:71
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Mar 14 00:43:13.472 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:DA:5E:0F:3C:0D:BC:18:6F:0E:7D:C2:
                                52:EF:A5:8C:18:25:47:4B:73:AE:86:26:87:09:44:FD:
                                A0:A9:42:34:01:02:20:6D:52:A2:90:E3:55:88:77:57:
                                15:21:E9:0E:DF:5D:99:FC:FD:B2:81:A1:D7:F7:6B:D4:
                                92:33:8C:9D:12:49:DB
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        0c:db:24:bc:db:f4:bb:de:51:32:1b:7c:e4:df:ee:8e:d5:2a:
        c6:8a:19:28:5c:83:7b:a8:af:db:ad:11:dd:64:b1:38:67:46:
        58:55:00:24:e8:f4:07:96:c0:73:1f:a2:a0:f0:b2:3b:45:c7:
        21:b3:fa:28:61:7f:68:64:44:9e:7b:f9:22:98:70:5a:75:3e:
        4f:58:de:db:82:30:9f:c2:11:16:17:00:cd:d1:2e:e3:08:da:
        37:e8:dd:a9:1a:eb:3a:98:e6:c3:67:6b:7c:6d:21:0f:bb:3a:
        5b:cb:77:d1:6d:3c:c6:45:c2:2f:4f:04:73:8b:32:b9:30:d3:
        be:b8:cc:f5:d3:51:5a:5a:58:92:93:64:9d:c0:54:b3:a0:03:
        28:2f:88:9d:ba:1b:05:bc:bb:80:56:0a:ed:0b:97:2f:6a:b3:
        4c:e2:e7:6a:c4:67:6d:0e:c6:9c:6d:8d:19:46:4f:21:42:3a:
        9a:88:9b:15:bf:95:28:7f:cb:61:e2:1f:34:0e:94:75:eb:6e:
        f1:ef:3e:b6:0d:56:ac:e0:be:39:fe:da:7a:85:24:d0:5f:dc:
        35:db:67:8c:61:a1:02:0f:0e:e8:bd:ea:23:de:d7:9e:e1:9f:
        af:fd:63:42:6b:6f:37:54:bc:51:94:89:1f:4c:9c:0a:2b:42:
        0e:44:15:c6

52.29.193.145

Last Seen: 2024-05-02

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1389845334 | 2024-04-17T05:40:37.228740
22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

-158149353 | 2024-05-02T15:34:15.535877
80 / tcp

nginx1.18.0

1990915506 | 2024-04-29T01:22:47.529578
443 / tcp

nginx

Products

Pricing

Contact Us

52.29.193.145

Last Seen: 2024-05-02

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1389845334 | 2024-04-17T05:40:37.228740 22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

-158149353 | 2024-05-02T15:34:15.535877 80 / tcp

nginx1.18.0

1990915506 | 2024-04-29T01:22:47.529578 443 / tcp

nginx

Products

Pricing

Contact Us

1389845334 | 2024-04-17T05:40:37.228740
22 / tcp

-158149353 | 2024-05-02T15:34:15.535877
80 / tcp

1990915506 | 2024-04-29T01:22:47.529578
443 / tcp