GeneralInformation

Hostnames	ec2-52-40-98-210.us-west-2.compute.amazonaws.com yeedi.com
Domains	amazonaws.com yeedi.com
Cloud Provider	Amazon
Cloud Region	us-west-2
Cloud Service	EC2
Country	United States
City	Boardman
Organization	Amazon Technologies Inc.
ISP	Amazon.com, Inc.
ASN	AS16509

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
CVE-2019-20372	4.3NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.

OpenPorts

80 443

6575781 | 2024-04-27T06:28:40.227850

80 / tcp

HTTP/1.1 502 Bad Gateway
Date: Sat, 27 Apr 2024 06:28:39 GMT
Content-Type: text/html; charset=utf8
Content-Length: 559
Connection: keep-alive
Server: nginx/1.17.4

6575781 | 2024-04-29T18:47:51.220823

443 / tcp

HTTP/1.1 502 Bad Gateway
Date: Mon, 29 Apr 2024 18:47:51 GMT
Content-Type: text/html; charset=utf8
Content-Length: 559
Connection: keep-alive
Server: nginx/1.17.4

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7c:2e:93:54:37:8c:be:1c:f0:5c:e9:ad:42:32:4c:6c
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=CN, O=WoTrus CA Limited, CN=WoTrus DV Server CA  [Run by the Issuer]
        Validity
            Not Before: Feb 27 00:00:00 2024 GMT
            Not After : Feb 26 23:59:59 2025 GMT
        Subject: CN=*.yeedi.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:cf:95:6c:29:f7:38:1d:b7:d7:5c:6b:69:45:2b:
                    d9:4d:7d:3e:12:bc:ba:af:b5:bb:eb:55:5b:71:8a:
                    95:8b:8c:46:0e:81:de:77:c5:a4:f8:0d:d6:d2:85:
                    50:da:94:93:df:05:e0:2a:e2:d7:83:8f:ba:12:33:
                    ec:61:10:c4:2f:61:1d:e9:f0:a3:b0:4f:8d:66:71:
                    67:70:75:8f:78:62:32:05:69:28:2e:f2:45:e7:c7:
                    e3:57:eb:30:f9:1b:10:ab:47:d7:2f:96:b7:d8:26:
                    e5:fa:9d:ed:2b:d9:28:73:a4:75:be:e0:09:ff:cc:
                    48:07:48:a5:aa:c3:8f:c6:bd:c7:a2:db:11:96:af:
                    8d:e2:86:aa:8f:b6:6c:b2:1c:da:81:24:04:e2:a4:
                    68:05:d7:46:92:3f:57:d6:92:b5:0c:28:31:9a:a4:
                    eb:90:f5:e0:81:84:40:35:57:ab:21:90:a4:b8:a0:
                    cf:b8:af:ab:c3:a3:e6:d1:5e:a8:64:ab:1d:98:9e:
                    3e:22:96:b5:e7:1a:37:81:60:d7:3a:c0:bb:8d:78:
                    98:b7:4f:78:2f:d5:28:17:6a:09:f7:64:41:c4:70:
                    6a:9d:93:72:88:c8:5a:62:db:22:21:65:2b:b4:9e:
                    1f:f7:54:75:3b:67:c6:09:88:99:28:c4:d1:ea:d8:
                    68:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                99:9B:2D:F6:8B:F0:A3:DB:89:D4:9E:FB:E5:74:2F:68:D2:90:4F:E4
            X509v3 Subject Key Identifier: 
                E5:D0:6E:50:96:8C:50:A7:52:46:50:82:98:AE:97:CC:31:09:36:8C
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.6449.1.2.2.22
                  CPS: https://sectigo.com/CPS
                Policy: 2.23.140.1.2.1
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.crlocsp.cn/WoTrusDVServerCA_2.crl
            Authority Information Access: 
                CA Issuers - URI:http://aia.crlocsp.cn/WoTrusDVServerCA_2.crt
                OCSP - URI:http://ocsp.crlocsp.cn
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
                                1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
                    Timestamp : Feb 27 02:24:55.702 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:99:69:7A:FA:09:C4:47:1F:A4:40:4F:
                                48:4F:8F:65:7F:C0:B1:DE:1C:5D:52:29:CD:1F:18:B4:
                                31:0A:2A:F2:96:02:20:7F:18:C3:BF:26:A8:F6:70:3F:
                                57:9A:36:02:E2:D5:43:2A:77:07:FD:26:44:79:08:9C:
                                89:26:1D:34:5E:98:60
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Feb 27 02:24:55.934 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:EE:CB:38:57:BA:FD:B7:87:7E:03:0C:
                                74:7D:A4:73:78:E2:53:53:6C:B8:C5:0A:09:B0:56:FB:
                                8E:AA:EE:92:23:02:21:00:8B:76:A1:7F:0F:B9:59:D2:
                                C5:C6:09:4D:A3:3B:18:CE:DD:B5:58:01:74:BC:32:E4:
                                00:30:60:27:AA:6D:C7:DD
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : Feb 27 02:24:55.809 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:97:3B:64:F6:5D:F9:DE:03:D4:23:E0:
                                94:C0:78:C6:9C:EC:4B:D6:DE:CD:41:F6:44:2D:F6:8C:
                                A7:E4:45:EC:D7:02:20:6A:22:CE:A6:24:6C:14:59:F4:
                                38:10:31:50:49:5C:72:87:BC:83:C9:2C:B8:E4:37:10:
                                9E:17:9B:C7:72:E1:D1
            X509v3 Subject Alternative Name: 
                DNS:*.yeedi.com, DNS:yeedi.com
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        64:96:36:73:4b:fe:d0:ec:9e:4f:2a:06:0e:89:17:1d:e1:f6:
        e2:d8:f6:22:ff:7e:c8:f5:4a:10:27:a7:6d:c6:38:aa:eb:98:
        8f:22:30:d1:55:cb:0a:cc:57:19:56:09:32:18:f7:94:36:27:
        27:85:2f:f3:ef:2d:d3:16:85:96:ec:9f:ee:9d:5e:5f:4d:36:
        3a:9c:3a:e7:d3:42:8b:4e:99:66:c7:8d:e0:bb:76:0e:e1:8f:
        e6:87:6d:ed:2c:d2:d8:4f:21:05:e7:6d:2f:b3:11:6d:51:b0:
        89:d2:81:1f:40:4f:44:95:b6:ba:1c:4f:e6:b3:5c:43:8e:17:
        be:77:f3:ae:27:d8:a4:e1:b8:e3:c2:64:db:85:f7:96:ff:6d:
        62:e3:18:06:bd:0e:58:11:f7:38:fc:d5:e6:25:4a:a9:5a:b5:
        a2:5d:63:5b:cf:30:12:a6:7a:e6:c2:f9:6b:b1:4a:ed:a7:9f:
        94:e8:53:70:f9:43:5e:30:29:a4:4e:e7:68:58:94:46:4b:8e:
        de:a1:03:a4:d0:c8:de:3a:4a:e2:4d:19:f0:c0:1b:4b:ee:29:
        1d:55:98:db:4a:2a:99:c8:ef:46:cf:2c:52:05:69:d9:a0:75:
        6f:af:a5:dd:13:14:41:64:02:7f:dd:b5:02:e9:38:d0:26:6b:
        ee:c8:6a:cf

52.40.98.210

Last Seen: 2024-04-29

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

6575781 | 2024-04-27T06:28:40.227850
80 / tcp

nginx1.17.4

6575781 | 2024-04-29T18:47:51.220823
443 / tcp

nginx1.17.4

Products

Pricing

Contact Us

52.40.98.210

Last Seen: 2024-04-29

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

6575781 | 2024-04-27T06:28:40.227850 80 / tcp

nginx1.17.4

6575781 | 2024-04-29T18:47:51.220823 443 / tcp

nginx1.17.4

Products

Pricing

Contact Us

6575781 | 2024-04-27T06:28:40.227850
80 / tcp

6575781 | 2024-04-29T18:47:51.220823
443 / tcp