GeneralInformation

Hostnames	ec2-52-67-207-112.sa-east-1.compute.amazonaws.com avon.com.vc natura-avon.com.vc natura.com.vc short.suiteshare.com
Domains	amazonaws.com avon.com.vc natura-avon.com.vc natura.com.vc suiteshare.com
Cloud Provider	Amazon
Cloud Region	sa-east-1
Cloud Service	EC2
Country	Brazil
City	São Paulo
Organization	Amazon Data Services Brazil
ISP	Amazon.com, Inc.
ASN	AS16509

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	7.5The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	7.4ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	7.7A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
CVE-2019-20372	5.3NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.

OpenPorts

22 80 443

-1021642019 | 2024-03-31T13:45:18.808702

22 / tcp

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABAQDFjQUcyyWr6kz9hVSvi5sjU3U20HGEghwqmeSO6qftdZkW
twW8w5R1t+er8gWM2ZR6GAwGKYsdt7n0qXmwd307hKLmfBFbxhLXHSbVOXZY320/i4upxtSEv3us
dVlCubIBfJ54rzDhtfsL/zyh6oGkb+ZJOuwB/JToEAn4EPR0M9FZ4Z/jDKTWp3QfEasB1PTnjZ1i
lnEGWeM2bzmhUKt0+o6e2f7Zac+PvHFYF7A/8qNgHm1lkudxnDOLDjJFyk24ovS2DWYVWLOK0hmo
9iw/tZN8Y2MdApZ0UXtMhlqMUJHaNrhN29Tpd4VTSSNfQHGZMtOWzXMCS9L3C5A3295b
Fingerprint: aa:a6:66:dc:07:6b:91:59:9c:bc:5a:b5:b8:d4:9e:ce

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	diffie-hellman-group14-sha1

Server Host Key Algorithms:
	ssh-rsa
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

1560989878 | 2024-04-11T02:09:52.762806

80 / tcp

HTTP/1.1 404 Not Found
Server: nginx/1.17.3
Date: Thu, 11 Apr 2024 02:09:52 GMT
Content-Type: text/html
Content-Length: 555
Connection: keep-alive
Vary: Accept-Encoding

387380075 | 2024-04-01T06:39:57.414446

443 / tcp

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Mon, 01 Apr 2024 06:39:57 GMT
Set-Cookie: XSRF-TOKEN=eyJpdiI6InNRQThKMUw1VEU0YjV4aGNmXC9yQndRPT0iLCJ2YWx1ZSI6Im5CbW5vQlM4Zk9JSk02MktBTHdncUk1Z2dKUVoyVXlBVXYwSlJxUVh2RVwvRm1XMGVRQTdxNmtucVhXYkREQWxRQjNIVFVHWGtETUhXdlRtRjNQRldvZzVKMWtxcCtlVlRRbXh2WUQ0QjVhYXN5WngrV3dITHhaXC9NMHZ1Mk5iYTMiLCJtYWMiOiJhOTAwNTMzMWQ0NmM0Zjg2ZmE3MWJiYTM0MDg2NTM5ZGUwNDQ5Y2U3MDc1MThlMzM1ODc1YWNjNGE2MTllYTE2In0%3D; expires=Mon, 01-Apr-2024 08:39:57 GMT; Max-Age=7200; path=/; secure; samesite=strict
Set-Cookie: suiteshare_short_session=eyJpdiI6IkVmcHRcL1VcL0FKazNhcytvVVh4YmJkQT09IiwidmFsdWUiOiJPQ0d4bmJsVDZ1bEZuU2VYUUhoTFwvXC84d25RYkxqajh5NHA0emJsVmNRdlF2S1Zlc0RyVGZmN1B5WG9yVWxDT1FvcW1LR3JyZytGUU4zdUNxV0I4aitNOHFtakFzeUlXU1FHMmRqNFpkYjhKRjQxS1pSbWxqcXpPODNUMDlIWDZNIiwibWFjIjoiY2E4YmM5ZmFlNTdhYjU1MTY2NzAzNTYxMWFhMTE1MDY3MTFjN2ZkYTQ2YWM0MWEyMTljZjZmMTQ4MDkwZTYyOCJ9; expires=Mon, 01-Apr-2024 08:39:57 GMT; Max-Age=7200; path=/; secure; httponly; samesite=strict
Set-Cookie: dark_mode=0; expires=Thu, 30-Mar-2034 06:39:57 GMT; Max-Age=315360000; path=/; samesite=strict
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:c1:57:4d:a5:bf:89:0e:7c:e8:6c:8f:2b:b2:49:f8:44:5a
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Feb 23 16:47:55 2024 GMT
            Not After : May 23 16:47:54 2024 GMT
        Subject: CN=short.suiteshare.com
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (384 bit)
                pub:
                    04:0b:95:c1:90:12:36:9a:e2:70:5f:00:22:d5:e7:
                    65:ef:b2:49:1d:d8:cb:7a:4b:2d:35:b6:92:22:3c:
                    ef:d2:15:36:65:ad:5c:ee:8f:e1:7e:f6:1c:56:f2:
                    47:ed:b4:fb:43:a4:5d:39:84:1c:9f:74:3a:3e:37:
                    9d:51:6f:c2:8f:65:bb:a5:75:58:40:be:87:2a:56:
                    2b:6f:8f:c8:d1:7f:b7:e4:a9:0f:66:58:1e:5b:5a:
                    b9:77:f5:03:25:e4:e4
                ASN1 OID: secp384r1
                NIST CURVE: P-384
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                CF:86:C3:A7:A5:52:A9:E8:AB:8F:1C:D1:7A:16:E8:CB:3C:7D:F9:21
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:avon.com.vc, DNS:natura-avon.com.vc, DNS:natura.com.vc, DNS:short.suiteshare.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E2:BF:D6:1E:DE:2F:2F:07:A0:D6:4E:6D:37:A7:DC:
                                65:43:B0:C6:B5:2E:A2:DA:B7:8A:F8:9A:6D:F5:17:D8
                    Timestamp : Feb 23 17:47:55.452 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:11:37:B8:0B:0B:D2:99:1E:4D:E3:7E:F4:
                                D4:A9:50:ED:1F:01:43:51:EE:3D:6C:56:CC:37:7E:F4:
                                1D:76:BF:A7:02:21:00:B8:CD:6A:09:E1:6D:E6:4F:45:
                                6E:85:13:FD:8F:2F:18:74:DE:E5:6F:B0:1B:64:33:3C:
                                85:58:F8:53:FB:70:59
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
                                B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
                    Timestamp : Feb 23 17:47:55.485 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:0C:C2:61:53:F0:DA:E6:D2:C2:A5:61:44:
                                FC:30:00:30:AD:F4:84:45:5D:5C:C4:A1:33:A4:A1:22:
                                72:D2:0D:4F:02:20:22:63:E5:EB:97:B5:34:31:E9:B6:
                                3A:F8:AC:14:37:CC:4E:36:AD:52:56:EA:F8:BF:90:A9:
                                49:1B:0A:B3:69:C1
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        95:d6:bb:4f:95:73:ec:78:34:14:16:8e:04:c9:ca:94:b6:67:
        44:c9:97:64:ec:81:b5:e4:61:98:99:23:bc:a6:64:03:8b:7d:
        a9:a9:95:49:60:02:f1:0f:1b:74:e8:58:3b:18:c6:30:18:50:
        86:7c:dc:dc:97:40:c0:63:35:28:d8:af:67:81:1e:0e:3b:cc:
        2b:9d:05:45:35:64:f6:83:0b:d8:24:ac:14:dd:e3:38:c1:88:
        42:02:03:cd:3f:fb:9e:2d:e1:04:40:ee:f4:88:43:04:c2:d9:
        f2:5a:d4:93:91:41:f6:be:42:01:fe:45:5d:8d:27:38:0a:6f:
        fb:e6:7b:fd:28:b2:eb:bd:79:cd:69:dd:4a:9d:c4:01:13:b6:
        9e:e9:9e:6e:72:ee:55:38:ae:6c:90:06:fd:0d:a3:7b:52:db:
        df:50:c3:27:6d:f9:59:e6:e2:fd:ac:ea:48:77:f1:ef:0c:78:
        a7:e6:1a:a7:e1:0e:35:8e:d7:3d:46:7c:b3:a1:f3:11:ef:3b:
        48:b9:fe:d2:63:2b:a0:87:90:85:5b:e0:fa:79:7b:80:e2:8a:
        e2:f6:ee:3f:7c:ac:6a:fa:35:f0:08:d6:c9:92:ae:34:8c:6a:
        30:bd:c2:7c:07:0a:8f:73:a8:8a:81:9f:79:bd:d2:c8:45:51:
        69:db:9f:c8

52.67.207.112

Last Seen: 2024-04-11

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1021642019 | 2024-03-31T13:45:18.808702
22 / tcp

OpenSSH7.6p1 Ubuntu-4ubuntu0.3

1560989878 | 2024-04-11T02:09:52.762806
80 / tcp

nginx1.17.3

387380075 | 2024-04-01T06:39:57.414446
443 / tcp

nginx

Products

Pricing

Contact Us

52.67.207.112

Last Seen: 2024-04-11

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1021642019 | 2024-03-31T13:45:18.808702 22 / tcp

OpenSSH7.6p1 Ubuntu-4ubuntu0.3

1560989878 | 2024-04-11T02:09:52.762806 80 / tcp

nginx1.17.3

387380075 | 2024-04-01T06:39:57.414446 443 / tcp

nginx

Products

Pricing

Contact Us

-1021642019 | 2024-03-31T13:45:18.808702
22 / tcp

1560989878 | 2024-04-11T02:09:52.762806
80 / tcp

387380075 | 2024-04-01T06:39:57.414446
443 / tcp