GeneralInformation

Hostnames	ec2-52-45-34-218.compute-1.amazonaws.com simplerisk.com
Domains	amazonaws.com simplerisk.com
Cloud Provider	Amazon
Cloud Region	us-east-1
Cloud Service	EC2
Country	United States
City	Ashburn
Organization	Amazon Technologies Inc.
ISP	Amazon.com, Inc.
ASN	AS14618

WebTechnologies

CDN

Google Hosted Libraries

jsDelivr

JavaScript frameworks

AngularJS

JavaScript libraries

jQuery3.7.1

UI frameworks

Bootstrap3.3.7

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
CVE-2019-8331	4.3In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.
CVE-2018-20677	4.3In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.
CVE-2018-20676	4.3In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.
CVE-2018-14042	4.3In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.
CVE-2018-14040	4.3In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.
CVE-2016-10735	4.3In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.

OpenPorts

80 443

-1149619535 | 2024-03-31T07:11:15.348479

80 / tcp

HTTP/1.1 404 
Date: Sun, 31 Mar 2024 07:11:15 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 306
Connection: keep-alive
Server: nginx/1.20.0
X-Application-Context: application
transactionId: 7bcbf090-92e8-4499-9013-de464710ed5e
Content-Language: en-US

998949173 | 2024-04-21T16:05:25.232500

443 / tcp

HTTP/1.1 200 OK
Date: Sun, 21 Apr 2024 16:05:22 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 3092
Connection: keep-alive
Set-Cookie: AWSALB=Vgac9taAaEqmiS0FnR/kssuO/+I9c3VwA6nmovBHooi4jrn5xhNsDQW7LaIhIlFTPPLegF/0/gAk4zLoKtMkTOwAiOtcDeGyUOnWOpkI+P7U0hTOR6tCArb7DUtk; Expires=Sun, 28 Apr 2024 16:05:22 GMT; Path=/
Set-Cookie: AWSALBCORS=Vgac9taAaEqmiS0FnR/kssuO/+I9c3VwA6nmovBHooi4jrn5xhNsDQW7LaIhIlFTPPLegF/0/gAk4zLoKtMkTOwAiOtcDeGyUOnWOpkI+P7U0hTOR6tCArb7DUtk; Expires=Sun, 28 Apr 2024 16:05:22 GMT; Path=/; SameSite=None; Secure
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Xss-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval' data:
Set-Cookie: SimpleRisk=m4oujtal35e1e1nlget9b4hiis; path=/; secure; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            87:d9:c8:79:09:51:18:11:80:e1:0b:c8:03:a2:fb:78
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
        Validity
            Not Before: Sep 28 00:00:00 2023 GMT
            Not After : Oct 28 23:59:59 2024 GMT
        Subject: CN=*.simplerisk.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:97:09:ce:15:21:e8:a5:ef:30:b4:5f:ac:38:a0:
                    f3:9e:43:f4:17:77:66:ac:e3:cb:85:c7:54:7d:02:
                    55:e4:b2:81:51:22:f0:f7:e9:23:38:b2:ac:91:84:
                    51:40:a3:cf:de:b5:78:ff:92:e2:28:8b:70:df:25:
                    dc:07:73:0f:6a:07:9e:93:08:79:29:79:d0:aa:1f:
                    6d:c5:1d:e3:dd:17:35:da:72:26:87:55:5d:6f:f6:
                    26:1b:e6:ed:fa:11:18:ee:99:0b:39:a3:ef:a7:0f:
                    69:df:35:17:45:62:fa:ce:17:3e:1a:5b:68:4f:c3:
                    3a:ba:10:1a:62:71:85:b2:c1:61:3a:af:a2:8f:91:
                    47:a0:ba:f5:54:57:44:b4:1f:63:f9:cf:8e:98:b4:
                    28:03:eb:cf:19:b6:90:e3:30:c4:18:a4:1e:95:0d:
                    39:9f:1f:7f:32:a2:36:47:c4:c3:de:e8:66:ef:c1:
                    51:2c:b2:20:e2:97:10:05:61:13:4e:ea:42:b4:95:
                    f7:45:08:50:d7:cd:b5:b0:c4:b4:c1:df:a2:96:bc:
                    ed:07:10:63:57:49:2c:15:9c:fd:75:29:56:a5:be:
                    26:72:13:96:97:a1:31:4e:1e:16:67:21:a3:92:76:
                    4d:69:79:91:2d:da:b2:2f:60:e4:3b:18:17:aa:46:
                    77:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                8D:8C:5E:C4:54:AD:8A:E1:77:E9:9B:F9:9B:05:E1:B8:01:8D:61:E1
            X509v3 Subject Key Identifier: 
                1D:F1:CD:68:54:41:59:F6:A1:B2:A2:1C:E8:F5:02:86:CE:29:89:E3
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.6449.1.2.2.7
                  CPS: https://sectigo.com/CPS
                Policy: 2.23.140.1.2.1
            Authority Information Access: 
                CA Issuers - URI:http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt
                OCSP - URI:http://ocsp.sectigo.com
            X509v3 Subject Alternative Name: 
                DNS:*.simplerisk.com, DNS:simplerisk.com
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
                                B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
                    Timestamp : Sep 28 19:30:31.381 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:87:51:2F:29:BA:B7:C2:2C:65:8E:90:
                                82:D1:04:0C:C0:A0:11:14:DD:17:BB:0E:FF:6E:73:30:
                                1A:AB:C9:36:11:02:20:55:0A:F7:7C:D9:EB:10:1D:6B:
                                C8:0D:55:F1:07:85:49:0E:C8:B8:86:B2:26:78:39:B7:
                                EE:82:00:C2:4D:65:70
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70:
                                91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB
                    Timestamp : Sep 28 19:30:31.460 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:A8:F9:CC:C4:BC:4F:7A:F6:57:3B:5F:
                                1C:C7:1F:74:51:AA:05:73:BC:75:4E:18:87:BE:4E:3D:
                                4C:83:D2:AB:30:02:20:51:BC:F2:02:2B:7B:0F:58:51:
                                43:45:F6:7B:BC:29:C5:32:89:5F:65:86:8B:8C:FB:6F:
                                95:BC:8B:A2:43:C1:AB
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Sep 28 19:30:31.503 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:5C:CF:28:52:01:6B:4B:3F:23:82:59:67:
                                A0:03:16:F3:AB:56:DE:81:0A:D7:13:08:BD:93:8B:C6:
                                4D:BF:70:49:02:21:00:E9:1F:EC:C0:3F:8B:21:0E:E5:
                                EB:67:94:48:AE:0F:FB:13:A8:89:E9:5B:EB:2E:41:27:
                                50:4C:10:E9:AA:1E:F7
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        2f:65:75:38:96:aa:aa:d0:e4:b3:dd:48:2b:93:2d:80:b4:54:
        09:c6:2d:29:66:b7:91:af:78:2c:c6:8c:70:76:12:3e:9e:5b:
        11:73:11:3a:b8:e6:9d:2d:c0:a9:9c:78:7a:82:58:c7:a3:6f:
        53:cc:8b:e5:cc:96:38:fb:a6:3a:1c:be:61:32:78:83:d4:7b:
        03:9a:21:aa:07:06:28:77:69:e6:a9:e1:a2:fd:c9:5b:80:b3:
        db:2f:52:80:a6:1e:af:b3:6b:e5:01:86:61:05:5e:6a:ad:4a:
        98:fc:f6:40:65:ff:9c:8d:fd:f4:ca:44:f0:89:31:f3:0b:93:
        41:e9:8c:7c:85:34:bc:79:03:f9:a4:32:03:4f:eb:d6:6c:08:
        a3:9b:9f:cc:3b:71:1a:02:ed:25:e7:d2:91:4b:6f:ad:ed:66:
        c7:e0:6f:77:47:6c:85:3e:4d:b2:e4:ba:63:4f:e2:fa:e4:b5:
        e5:94:f7:78:dc:52:8e:a6:a2:54:a0:88:6c:5b:e0:fc:18:ef:
        4f:a7:d8:bc:05:64:1e:32:41:3b:39:d0:00:cb:27:08:63:5e:
        39:11:21:53:83:fb:15:a2:be:24:6c:eb:84:eb:e5:14:f6:6d:
        ba:22:fe:3c:19:e2:e7:f0:26:8d:5e:f3:89:a0:6c:13:cb:73:
        8a:96:97:10

52.45.34.218

Last Seen: 2024-04-21

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-1149619535 | 2024-03-31T07:11:15.348479
80 / tcp

nginx1.20.0

998949173 | 2024-04-21T16:05:25.232500
443 / tcp

Products

Pricing

Contact Us

52.45.34.218

Last Seen: 2024-04-21

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-1149619535 | 2024-03-31T07:11:15.348479 80 / tcp

nginx1.20.0

998949173 | 2024-04-21T16:05:25.232500 443 / tcp

Products

Pricing

Contact Us

-1149619535 | 2024-03-31T07:11:15.348479
80 / tcp

998949173 | 2024-04-21T16:05:25.232500
443 / tcp