GeneralInformation

Hostnames	ec2-52-79-156-154.ap-northeast-2.compute.amazonaws.com mciam.hotinfo.click
Domains	amazonaws.com hotinfo.click
Cloud Provider	Amazon
Cloud Region	ap-northeast-2
Cloud Service	EC2
Country	Korea, Republic of
City	Incheon
Organization	AWS Asia Pacific (Seoul) Region
ISP	Amazon.com, Inc.
ASN	AS16509

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 3000 8000 8080 8443

894814010 | 2024-04-23T21:51:24.612660

22 / tcp

SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.6
Key type: ecdsa-sha2-nistp256
Key: AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBI1XaigCOtOQwQc0PQ1com0b
/d8NYiW7Xfrg0mP79qe6nWM9Nk61toq6qpUMxUW9yjprfk+FvXkgqtOE4YqgAVs=
Fingerprint: ff:cd:fe:ee:b8:45:7b:7e:81:7f:dc:02:8e:b2:5f:20

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	sntrup761x25519-sha512@openssh.com
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

2013617963 | 2024-04-28T05:35:54.060429

3000 / tcp

HTTP/1.1 400 Bad Request
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 28 Apr 2024 05:35:53 GMT
Content-Type: text/html
Content-Length: 666
Connection: close

1807208404 | 2024-04-30T17:59:35.905277

8000 / tcp

HTTP/1.1 403 Forbidden
X-Powered-By: Express
Date: Tue, 30 Apr 2024 17:59:34 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 13

1209394181 | 2024-05-08T03:40:01.271020

8080 / tcp

HTTP/1.1 200 OK
Referrer-Policy: no-referrer
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Robots-Tag: none
Cache-Control: no-cache, must-revalidate, no-transform, no-store
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-src 'self'; frame-ancestors 'self'; object-src 'none';
X-XSS-Protection: 1; mode=block
Content-Type: text/html;charset=utf-8
content-length: 3508

1319545479 | 2024-05-08T06:20:21.632661

8443 / tcp

HTTP/1.1 200 OK
Referrer-Policy: no-referrer
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Robots-Tag: none
Cache-Control: no-cache, must-revalidate, no-transform, no-store
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-src 'self'; frame-ancestors 'self'; object-src 'none';
X-XSS-Protection: 1; mode=block
Content-Type: text/html;charset=utf-8
content-length: 3509

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:20:32:5a:2e:6a:20:f9:df:07:39:2b:47:ab:de:78:47:ef
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Dec 30 06:30:00 2023 GMT
            Not After : Mar 29 06:29:59 2024 GMT
        Subject: CN=mciam.hotinfo.click
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:13:c3:01:a5:ce:de:fa:66:3b:55:60:10:5f:94:
                    6a:64:91:9e:f1:8e:db:4b:3d:41:99:ce:1c:89:9f:
                    42:d5:da:77:6b:f0:f1:de:67:8f:b6:5e:64:7d:7b:
                    d0:f1:de:73:36:22:67:30:b3:f6:1e:6f:d9:5e:0f:
                    fd:8f:9c:79:4c
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                69:38:9A:D7:64:4B:35:70:35:09:EC:78:D8:BB:21:79:67:19:AA:1B
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:mciam.hotinfo.click
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
                                67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
                    Timestamp : Dec 30 07:30:00.872 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:EC:E4:62:D1:D9:2F:C4:16:FD:92:8B:
                                5D:2D:D4:3A:5C:6A:33:34:35:DE:D9:35:4C:EE:33:C0:
                                83:C0:C9:A6:65:02:21:00:94:E6:DA:D5:C2:B0:0A:AA:
                                32:EF:9C:A8:01:04:4C:3C:23:A4:7E:A7:A1:B3:00:1E:
                                6C:ED:AF:BE:2B:80:4C:C6
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
                                B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
                    Timestamp : Dec 30 07:30:00.936 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:1D:E2:9B:5C:2D:99:87:CA:B6:B8:A1:70:
                                6F:C4:CB:19:76:4A:5A:26:45:FE:A7:EC:A9:BC:9D:C8:
                                1C:22:D8:2F:02:21:00:8A:7A:86:70:27:58:1D:B3:80:
                                A0:09:7A:39:AD:7C:0B:D7:86:D4:2B:C2:7E:CB:26:B1:
                                95:06:0A:1A:36:2B:82
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        41:ef:ab:1b:42:52:1a:b8:5f:79:19:0f:34:26:1f:61:8d:ee:
        85:df:f7:0a:50:e6:b0:1b:6a:ce:6a:ce:28:05:20:54:5d:47:
        24:b2:73:e5:57:40:8e:28:20:5f:16:32:07:94:38:00:fa:52:
        28:a1:74:ed:c8:46:8c:5a:4b:05:a6:fa:04:11:55:e4:2a:9e:
        61:49:7d:23:aa:dc:78:7a:46:60:27:80:e0:82:11:99:29:eb:
        7c:d2:4d:13:23:69:89:c1:7c:0a:6b:e8:a3:ae:4e:64:29:0f:
        f6:9f:d3:c9:f7:6b:e7:ac:5e:04:14:1c:80:ae:5a:5c:3a:9d:
        f8:ca:0f:c3:c3:7b:46:52:1f:86:56:c7:ba:a1:c0:f2:91:e4:
        28:4c:1c:b4:c3:69:cf:e9:d8:16:38:3e:89:cd:6d:5e:77:67:
        be:97:94:b3:ec:32:9a:32:42:83:ec:66:2a:9e:ce:f3:3f:f4:
        2c:7b:c1:b9:24:6d:4a:b9:24:57:87:3a:eb:05:0f:f5:61:f5:
        ab:c2:eb:ce:4c:fd:fe:5b:55:5a:86:b2:bd:89:f5:f5:c0:c5:
        1a:8f:88:62:66:21:6b:2e:d3:d1:e7:a0:67:7b:ff:94:3f:3f:
        dd:84:5f:70:35:9d:ac:95:8d:f6:5e:0a:1e:df:80:4a:e2:d0:
        e5:48:96:c4

52.79.156.154

Last Seen: 2024-05-08

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

894814010 | 2024-04-23T21:51:24.612660
22 / tcp

OpenSSH8.9p1 Ubuntu-3ubuntu0.6

2013617963 | 2024-04-28T05:35:54.060429
3000 / tcp

nginx1.18.0

1807208404 | 2024-04-30T17:59:35.905277
8000 / tcp

1209394181 | 2024-05-08T03:40:01.271020
8080 / tcp

1319545479 | 2024-05-08T06:20:21.632661
8443 / tcp

Products

Pricing

Contact Us

52.79.156.154

Last Seen: 2024-05-08

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

894814010 | 2024-04-23T21:51:24.612660 22 / tcp

OpenSSH8.9p1 Ubuntu-3ubuntu0.6

2013617963 | 2024-04-28T05:35:54.060429 3000 / tcp

nginx1.18.0

1807208404 | 2024-04-30T17:59:35.905277 8000 / tcp

1209394181 | 2024-05-08T03:40:01.271020 8080 / tcp

1319545479 | 2024-05-08T06:20:21.632661 8443 / tcp

Products

Pricing

Contact Us

894814010 | 2024-04-23T21:51:24.612660
22 / tcp

2013617963 | 2024-04-28T05:35:54.060429
3000 / tcp

1807208404 | 2024-04-30T17:59:35.905277
8000 / tcp

1209394181 | 2024-05-08T03:40:01.271020
8080 / tcp

1319545479 | 2024-05-08T06:20:21.632661
8443 / tcp