GeneralInformation

Hostnames	ec2-52-9-212-205.us-west-1.compute.amazonaws.com alb-usw1.dev.fargeo.com
Domains	amazonaws.com fargeo.com
Cloud Provider	Amazon
Cloud Region	us-west-1
Cloud Service	EC2
Country	United States
City	San Jose
Organization	Amazon Technologies Inc.
ISP	Amazon.com, Inc.
ASN	AS16509
Operating System	Ubuntu

WebTechnologies

JavaScript frameworks

RequireJS

UI frameworks

Bootstrap3.3.2

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
CVE-2019-8331	4.3In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.
CVE-2018-20677	4.3In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.
CVE-2018-20676	4.3In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.
CVE-2018-14042	4.3In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.
CVE-2018-14040	4.3In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.
CVE-2016-10735	4.3In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.

OpenPorts

80 443

1949896279 | 2024-05-19T15:26:24.578110

80 / tcp

HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Sun, 19 May 2024 15:26:24 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://52.9.212.205:443/

584921549 | 2024-05-28T09:37:47.989625

443 / tcp

HTTP/1.1 200 OK
Date: Tue, 28 May 2024 09:37:47 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 24756
Connection: keep-alive
Server: nginx/1.18.0 (Ubuntu)
Vary: Authorization, Accept-Language, Cookie, origin
Content-Language: en
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Cross-Origin-Opener-Policy: same-origin

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:fa:24:2a:77:45:cf:0c:8c:b7:b2:50:34:f3:b2:28
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Amazon, CN=Amazon RSA 2048 M03
        Validity
            Not Before: Dec 19 00:00:00 2023 GMT
            Not After : Jan 16 23:59:59 2025 GMT
        Subject: CN=alb-usw1.dev.fargeo.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:d7:d2:a4:7c:7a:d1:ca:8e:a7:e0:f1:34:17:8d:
                    6a:a4:44:a2:74:b3:ce:76:a2:2f:bd:16:c5:76:db:
                    34:39:48:ae:30:4c:4e:5a:51:0a:37:47:ee:af:bd:
                    d5:3a:9a:63:f4:3e:1a:e1:02:99:7e:4e:9e:ff:6a:
                    98:84:e2:39:a2:5d:4c:f8:87:cb:0e:f4:19:bb:b0:
                    d3:90:ae:1d:e1:1b:76:24:58:44:56:8d:7c:82:42:
                    b7:75:30:1a:a4:94:65:93:72:28:3c:23:40:3e:01:
                    c8:54:bb:c7:bf:0f:47:f9:1a:fe:ef:87:58:d8:f1:
                    a3:e9:f6:69:2b:1d:68:f7:14:d3:7e:c3:50:8c:8c:
                    92:4e:c8:0c:e4:ac:5e:41:9a:9b:83:f4:6c:8d:bd:
                    06:8c:fe:16:cf:70:98:d8:20:da:ba:0e:d5:f9:92:
                    f2:74:8f:33:41:84:30:2c:e3:a9:02:96:cd:87:f9:
                    8d:be:a3:4a:54:29:8b:2f:6b:38:b6:e5:1e:db:db:
                    0a:bc:b2:44:81:be:f8:16:e2:86:80:53:34:3f:bb:
                    3b:9f:90:b3:77:fb:83:31:6f:0c:4b:84:49:7c:6c:
                    0d:e8:ba:7e:16:01:bc:58:d1:c4:6b:7f:36:ac:37:
                    dd:51:72:ce:6f:47:39:2a:ae:00:c8:00:20:24:a6:
                    c6:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                55:D9:18:5F:D2:1C:CC:01:E1:58:B4:BE:AB:D9:55:42:01:D7:2E:02
            X509v3 Subject Key Identifier: 
                0D:75:F2:0A:33:19:B1:F6:CD:EA:66:79:5F:11:6C:45:31:A4:F8:0F
            X509v3 Subject Alternative Name: 
                DNS:alb-usw1.dev.fargeo.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.r2m03.amazontrust.com/r2m03.crl
            Authority Information Access: 
                OCSP - URI:http://ocsp.r2m03.amazontrust.com
                CA Issuers - URI:http://crt.r2m03.amazontrust.com/r2m03.cer
            X509v3 Basic Constraints: critical
                CA:FALSE
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : Dec 19 19:46:52.187 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:D0:2F:A9:BE:3A:40:7C:DB:45:01:BD:
                                7A:2D:F4:16:CF:E9:9F:FA:31:CA:EE:38:A1:43:64:7B:
                                62:3A:C0:D8:34:02:20:34:72:E9:38:3A:AC:A2:00:F3:
                                0F:9B:11:E3:65:07:3E:15:5D:5B:27:7E:80:B4:BF:99:
                                79:4F:C0:3B:3C:89:DB
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
                                ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
                    Timestamp : Dec 19 19:46:52.176 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:D6:45:56:B3:AF:9C:2C:6A:3B:97:77:
                                69:91:AA:7A:5D:3D:AE:A9:DA:1B:78:B1:7A:E1:17:C5:
                                60:6B:98:8A:55:02:20:67:04:6E:50:81:B7:82:9F:85:
                                86:2F:86:79:1A:77:83:45:46:22:4E:84:D0:EA:BC:3F:
                                B8:42:88:A9:F7:4B:64
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 55:81:D4:C2:16:90:36:01:4A:EA:0B:9B:57:3C:53:F0:
                                C0:E4:38:78:70:25:08:17:2F:A3:AA:1D:07:13:D3:0C
                    Timestamp : Dec 19 19:46:52.266 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:E0:DC:AE:BE:38:8E:98:F6:5B:C1:60:
                                8B:72:9E:A1:C8:A1:57:C1:FA:5B:E2:B5:86:01:AA:EF:
                                7E:2B:A7:7A:A0:02:21:00:CF:05:D5:10:C0:0B:63:71:
                                34:1B:E1:A6:76:E9:0D:19:B3:63:BA:A7:3C:0D:1C:F9:
                                CA:C0:E1:4D:7D:26:C7:04
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        65:2d:71:be:e7:6b:b1:a9:76:d6:e1:fd:f4:d8:1e:10:9c:7d:
        65:2e:b3:40:79:74:f8:31:0d:ff:05:2a:54:36:34:91:a9:2d:
        97:be:2b:1e:bd:fc:11:be:80:db:fa:42:2b:22:17:e0:67:f5:
        65:35:19:9e:c4:ce:ce:72:54:68:35:3d:f0:12:28:1e:0b:c8:
        ee:f4:13:34:26:94:2a:19:33:b6:ab:66:6e:ab:9f:7c:54:ed:
        e4:c0:bf:4a:19:06:07:89:2c:60:88:25:aa:51:c7:ba:42:e3:
        2b:b6:be:bb:ce:99:3e:6a:be:5b:26:04:76:05:a0:00:d7:c5:
        9e:ef:98:73:ff:6f:70:68:05:f7:4a:de:fa:b1:69:ce:31:9d:
        27:11:41:6f:c4:46:0c:82:b4:db:df:f4:de:4b:dc:91:eb:a3:
        9b:32:23:d0:40:78:b5:2a:da:66:ba:59:46:4a:57:81:a8:08:
        36:e0:9b:77:f7:ca:4e:ad:12:aa:a9:d8:d5:dc:85:85:79:55:
        01:09:19:64:25:8b:37:ec:6d:48:40:5f:41:61:92:fa:aa:e4:
        07:d5:f5:9b:7d:1d:cb:37:7f:d5:0b:72:e1:5f:a4:f1:38:70:
        cf:29:d1:c5:97:b4:b8:1f:b7:12:07:6a:8a:47:77:02:6e:0b:
        75:84:44:da

52.9.212.205

Last Seen: 2024-05-28

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1949896279 | 2024-05-19T15:26:24.578110
80 / tcp

AWS ELB2.0

584921549 | 2024-05-28T09:37:47.989625
443 / tcp

nginx1.18.0

Products

Pricing

Contact Us

52.9.212.205

Last Seen: 2024-05-28

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1949896279 | 2024-05-19T15:26:24.578110 80 / tcp

AWS ELB2.0

584921549 | 2024-05-28T09:37:47.989625 443 / tcp

nginx1.18.0

Products

Pricing

Contact Us

1949896279 | 2024-05-19T15:26:24.578110
80 / tcp

584921549 | 2024-05-28T09:37:47.989625
443 / tcp