GeneralInformation

Hostnames	ec2-52-38-235-243.us-west-2.compute.amazonaws.com utah.gov
Domains	amazonaws.com utah.gov
Cloud Provider	Amazon
Cloud Region	us-west-2
Cloud Service	EC2
Country	United States
City	Boardman
Organization	Amazon Technologies Inc.
ISP	Amazon.com, Inc.
ASN	AS16509

WebTechnologies

JavaScript frameworks

JavaScript libraries

Tag managers

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2020-23064	Cross Site Scripting vulnerability in jQuery 2.2.0 through 3.x before 3.5.0 allows a remote attacker to execute arbitrary code via the <options> element.
CVE-2020-11023	4.3In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022	4.3In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2019-19919	7.5Versions of handlebars prior to 4.3.0 are vulnerable to Prototype Pollution leading to Remote Code Execution. Templates may alter an Object's __proto__ and __defineGetter__ properties, which may allow an attacker to execute arbitrary code through crafted payloads.
CVE-2019-11358	4.3jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.

OpenPorts

80 443

-1550078238 | 2024-05-02T03:52:59.992119

80 / tcp

HTTP/1.1 200 
Date: Thu, 02 May 2024 03:52:59 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: AWSALB=129RGkQSXP/0lzIsUkb2HYYZtRguBzWKfdQ3eg/+SFgGuskW6UeWEKkLTzfAPl8RtJCCYDuEB0KuEPosScRffks2qDyblM39HLrBKN/zG5cVnHsG8ut0mIBancU9; Expires=Thu, 09 May 2024 03:52:59 GMT; Path=/
Set-Cookie: AWSALBCORS=129RGkQSXP/0lzIsUkb2HYYZtRguBzWKfdQ3eg/+SFgGuskW6UeWEKkLTzfAPl8RtJCCYDuEB0KuEPosScRffks2qDyblM39HLrBKN/zG5cVnHsG8ut0mIBancU9; Expires=Thu, 09 May 2024 03:52:59 GMT; Path=/; SameSite=None
Server: nginx
Set-Cookie: JSESSIONID=DA3BCF2E24BEBA1A412BF32C4D794AEE; Path=/; HttpOnly
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
Content-Language: en-US

-1550078238 | 2024-05-01T12:56:13.130942

443 / tcp

HTTP/1.1 200 
Date: Wed, 01 May 2024 12:56:11 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: AWSALB=y1WUzae2wGA77UhJMp2lKb7JTvlJchWr0Qad73xm1lq/nPELX7yxJTCwfDHszdBKrfgmFnQyFWiVW3yniPR00wZgZTcO+CvLQkB81qLFjRLsCxQDRRrspOU2UFkv; Expires=Wed, 08 May 2024 12:56:11 GMT; Path=/
Set-Cookie: AWSALBCORS=y1WUzae2wGA77UhJMp2lKb7JTvlJchWr0Qad73xm1lq/nPELX7yxJTCwfDHszdBKrfgmFnQyFWiVW3yniPR00wZgZTcO+CvLQkB81qLFjRLsCxQDRRrspOU2UFkv; Expires=Wed, 08 May 2024 12:56:11 GMT; Path=/; SameSite=None; Secure
Server: nginx
Set-Cookie: JSESSIONID=7247974D2C1A882AE836A74935932744; Path=/; Secure; HttpOnly
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Frame-Options: DENY
Content-Language: en-US

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:9f:2d:1f:cf:ff:98:f3:13:56:0b:58:c6:08:00:49
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Organization Validation Secure Server CA
        Validity
            Not Before: Jun  8 00:00:00 2023 GMT
            Not After : Jun  7 23:59:59 2024 GMT
        Subject: C=US, ST=Utah, O=State of Utah, CN=*.utah.gov
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:c6:eb:bd:28:cd:94:b6:e6:3c:c4:29:ed:e3:ec:
                    89:d1:83:08:75:ab:f0:ed:b6:4c:cf:56:17:d7:77:
                    00:a3:c2:11:6c:63:06:96:4e:f5:38:a8:1d:eb:7f:
                    68:a9:76:33:53:c9:66:e5:9d:08:47:89:1a:13:96:
                    e7:65:ab:ad:0a:21:7a:3a:54:fa:96:97:27:fe:8b:
                    bc:64:3d:92:80:b2:20:9b:c6:92:47:15:8f:0f:36:
                    dc:b1:44:53:ca:00:2d:e3:c8:0d:7d:8d:9d:8d:84:
                    36:c7:15:6a:bf:1a:51:fe:41:2b:4b:0e:34:f5:f2:
                    0d:fc:08:bb:f8:7f:04:4f:b5:9f:f0:6a:01:92:1b:
                    af:41:ae:50:3a:50:06:83:da:1a:46:79:45:36:e8:
                    d8:e7:a3:46:ef:11:04:f5:63:cf:aa:7e:85:82:f4:
                    dc:59:dd:25:d7:e0:ce:b2:49:d9:0c:29:2b:79:b7:
                    a1:88:76:97:49:ef:f1:1e:84:e3:77:7b:d2:c6:f4:
                    a8:79:89:e1:d7:31:e2:7c:f5:3c:de:db:0d:3b:57:
                    16:12:00:aa:67:a7:ff:35:9e:d8:b3:44:b6:d8:cb:
                    bc:36:ec:c6:ae:82:18:15:9b:13:ee:05:58:4b:de:
                    f2:93:56:01:70:3f:a2:36:7e:7c:4c:b3:e8:bf:24:
                    73:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                17:D9:D6:25:27:67:F9:31:C2:49:43:D9:30:36:44:8C:6C:A9:4F:EB
            X509v3 Subject Key Identifier: 
                1E:A2:AD:34:A1:B0:DE:29:C5:3D:1F:76:01:41:0F:57:E8:A4:39:D4
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.6449.1.2.1.3.4
                  CPS: https://sectigo.com/CPS
                Policy: 2.23.140.1.2.2
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl
            Authority Information Access: 
                CA Issuers - URI:http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt
                OCSP - URI:http://ocsp.sectigo.com
            X509v3 Subject Alternative Name: 
                DNS:*.utah.gov, DNS:utah.gov
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
                                B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
                    Timestamp : Jun  8 13:05:27.130 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:45:6C:7D:E1:3E:27:1E:95:50:76:5C:86:
                                8A:1D:F7:66:31:DA:B8:33:46:A3:3F:F5:CE:C4:E9:93:
                                9A:6E:86:B3:02:20:73:E5:9D:AC:9F:7E:7D:FD:FE:CF:
                                C2:7F:29:7C:93:38:A3:47:49:3F:C1:74:84:F1:21:AB:
                                B9:B5:7A:84:BC:C0
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70:
                                91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB
                    Timestamp : Jun  8 13:05:27.223 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:6F:68:BB:AE:9B:A9:67:AF:23:92:F0:00:
                                55:85:5B:B4:BB:B2:2E:CF:DE:E4:EB:B6:B9:AD:0B:3E:
                                D1:94:2F:B9:02:20:0F:1E:AD:BA:5D:50:F6:5F:BB:C2:
                                2D:68:1C:4A:0E:3F:4C:CE:AF:E5:AC:F6:91:EC:24:CE:
                                79:07:2D:A4:A1:D4
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Jun  8 13:05:27.176 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:52:91:2F:50:9A:A4:DC:E2:F6:45:E8:08:
                                09:E6:56:B0:15:E1:02:3A:F7:76:6B:D1:76:F5:14:2A:
                                BE:18:8C:A9:02:21:00:9A:0D:A7:E8:1A:CF:05:20:70:
                                50:80:24:2C:13:C2:B9:83:60:15:8F:A1:52:AD:48:38:
                                9E:89:CD:18:F3:EC:8C
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        88:e7:c2:f2:4c:2e:45:de:e6:8f:db:e0:20:68:34:1b:d8:14:
        b8:d1:50:8a:22:6b:ea:92:7e:56:2b:29:67:4c:f8:47:de:48:
        e9:33:07:40:e0:3f:d6:e7:68:89:d5:0a:e4:c4:b1:1f:24:a4:
        d1:db:0d:bf:32:c1:37:ef:69:85:71:ce:cb:f2:8f:11:0a:fc:
        2f:1c:63:2a:6c:e1:1b:4e:1f:f9:22:2d:cd:a6:8e:ef:22:53:
        e5:8d:ed:68:32:c1:df:71:f0:21:19:0b:9d:4d:58:c8:65:18:
        1d:23:43:81:50:cf:99:24:1a:13:9b:e8:de:65:b8:41:78:93:
        0d:bc:e7:74:f5:b1:c2:cf:8b:c9:65:76:c2:1a:ea:02:83:c5:
        79:f7:88:12:e4:9f:32:92:cd:cf:e9:03:ac:94:f4:7a:79:b3:
        e6:c6:ba:e2:7d:19:7d:48:b8:cc:27:d6:6d:de:10:22:39:80:
        8c:59:68:4e:4e:ff:1d:51:f4:f4:14:72:e1:ab:95:aa:d5:0a:
        74:3c:ff:ee:e0:9f:90:68:25:a5:13:e4:5e:d4:25:08:80:02:
        09:0c:a0:5a:56:92:57:20:a7:78:b7:e9:5f:c4:c3:9e:2c:44:
        00:26:20:de:29:8e:e9:30:1e:d2:d0:0b:f0:42:84:fb:18:05:
        5e:b0:b6:ea

52.38.235.243

Last Seen: 2024-05-02

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-1550078238 | 2024-05-02T03:52:59.992119
80 / tcp

nginx

-1550078238 | 2024-05-01T12:56:13.130942
443 / tcp

nginx

Products

Pricing

Contact Us

52.38.235.243

Last Seen: 2024-05-02

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-1550078238 | 2024-05-02T03:52:59.992119 80 / tcp

nginx

-1550078238 | 2024-05-01T12:56:13.130942 443 / tcp

nginx

Products

Pricing

Contact Us

-1550078238 | 2024-05-02T03:52:59.992119
80 / tcp

-1550078238 | 2024-05-01T12:56:13.130942
443 / tcp