GeneralInformation

Hostnames	ec2-54-166-244-71.compute-1.amazonaws.com rewardscloud-nprd.com
Domains	amazonaws.com rewardscloud-nprd.com
Cloud Provider	Amazon
Cloud Region	us-east-1
Cloud Service	EC2
Country	United States
City	Ashburn
Organization	Amazon Technologies Inc.
ISP	Amazon.com, Inc.
ASN	AS14618

WebTechnologies

JavaScript frameworks

React

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

CVE-2021-3618

5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.

OpenPorts

80 443

-1137109147 | 2024-04-08T02:25:44.566341

80 / tcp

HTTP/1.1 200 OK
Date: Mon, 08 Apr 2024 02:25:43 GMT
Content-Type: text/html
Content-Length: 696
Connection: keep-alive
Server: nginx/1.20.1
Last-Modified: Wed, 08 Nov 2023 18:17:03 GMT
ETag: "654bd09f-2b8"
Referrer-Policy: no-referrer
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes

-1137109147 | 2024-04-02T16:59:22.039094

443 / tcp

HTTP/1.1 200 OK
Date: Tue, 02 Apr 2024 16:59:21 GMT
Content-Type: text/html
Content-Length: 696
Connection: keep-alive
Server: nginx/1.20.1
Last-Modified: Wed, 08 Nov 2023 18:17:03 GMT
ETag: "654bd09f-2b8"
Referrer-Policy: no-referrer
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:e5:99:44:21:8e:1c:12:fc:11:93:03:72:ca:b3:94
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Amazon, CN=Amazon RSA 2048 M02
        Validity
            Not Before: Jan 27 00:00:00 2024 GMT
            Not After : Feb 24 23:59:59 2025 GMT
        Subject: CN=*.rewardscloud-nprd.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b6:ad:ab:39:d5:57:0c:c6:fc:b8:6c:d3:2f:db:
                    06:88:5c:42:03:a4:7d:79:a8:47:6a:f9:56:01:a7:
                    4c:47:bb:e4:1b:de:31:5b:84:ae:31:59:4a:0e:34:
                    38:bd:81:7e:0a:8d:ec:8c:32:d8:49:38:77:6b:c2:
                    6b:db:89:6d:40:83:ad:b9:85:cd:02:f2:41:8a:6d:
                    23:1c:cf:37:2a:da:29:34:31:38:9b:16:c7:31:76:
                    3a:1c:03:29:7d:2a:d5:4e:22:da:1b:8b:db:7c:c9:
                    64:f7:7a:5f:35:cd:b0:db:b0:56:cc:4d:34:7f:b0:
                    a7:35:36:e9:9b:28:54:17:aa:f4:0c:e2:5a:c2:48:
                    9c:1b:27:c1:99:cb:c4:f9:4a:aa:93:b4:92:79:f9:
                    f9:d8:90:56:eb:65:e1:4e:6b:0a:6e:6d:f3:a4:dd:
                    38:f1:35:25:c4:aa:fd:f8:02:8e:d5:6b:b9:8c:c3:
                    35:4b:fd:22:1c:33:88:7b:e8:45:08:90:91:0b:78:
                    89:c5:bf:d4:8c:70:4d:b9:fe:0d:fb:8c:6c:8f:94:
                    77:b3:00:f1:7e:82:a4:d2:cb:4e:98:31:63:cf:e1:
                    5b:94:87:75:b8:9f:19:b5:7d:ff:95:c3:71:fa:b2:
                    8b:c2:5e:0b:be:20:80:4d:ef:0d:30:5e:1a:00:89:
                    42:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                C0:31:52:CD:5A:50:C3:82:7C:74:71:CE:CB:E9:9C:F9:7A:EB:82:E2
            X509v3 Subject Key Identifier: 
                DC:E9:FB:90:71:72:51:B6:A0:15:5D:92:6F:05:EA:8B:A2:7B:BA:07
            X509v3 Subject Alternative Name: 
                DNS:*.rewardscloud-nprd.com, DNS:rewardscloud-nprd.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.r2m02.amazontrust.com/r2m02.crl
            Authority Information Access: 
                OCSP - URI:http://ocsp.r2m02.amazontrust.com
                CA Issuers - URI:http://crt.r2m02.amazontrust.com/r2m02.cer
            X509v3 Basic Constraints: critical
                CA:FALSE
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : Jan 27 07:54:09.723 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:8E:FF:9E:67:63:63:2D:3F:F2:72:F4:
                                67:25:9A:B1:CE:57:62:07:02:62:7A:F2:D7:C6:DE:7E:
                                9A:3F:D6:A4:89:02:21:00:D6:12:0F:97:5F:80:41:B8:
                                75:39:2C:73:2C:7B:60:9E:B9:D3:FB:29:DA:0D:89:30:
                                0C:D6:93:14:DE:65:0A:EC
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 7D:59:1E:12:E1:78:2A:7B:1C:61:67:7C:5E:FD:F8:D0:
                                87:5C:14:A0:4E:95:9E:B9:03:2F:D9:0E:8C:2E:79:B8
                    Timestamp : Jan 27 07:54:09.766 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:45:D0:E6:23:0E:CE:78:D0:4E:64:70:2E:
                                B6:C0:7E:FE:E7:2B:2D:D9:3E:BD:15:78:21:01:29:99:
                                06:F6:03:93:02:20:59:CC:B0:BC:37:D2:1E:50:4F:69:
                                AF:3C:B3:7F:E1:97:F9:30:7F:80:F9:90:BF:B9:D8:6E:
                                AA:47:B2:C2:EF:3A
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : E6:D2:31:63:40:77:8C:C1:10:41:06:D7:71:B9:CE:C1:
                                D2:40:F6:96:84:86:FB:BA:87:32:1D:FD:1E:37:8E:50
                    Timestamp : Jan 27 07:54:09.814 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:68:8B:5A:85:DB:33:EC:C0:5C:92:90:28:
                                A6:93:59:1B:BC:5D:9B:80:5C:EE:79:58:9C:C9:FF:55:
                                E1:8B:45:F3:02:21:00:C6:75:FA:BD:E9:CF:26:CE:64:
                                9B:AC:10:E9:7A:60:29:23:9B:E4:BA:4F:27:ED:E1:A1:
                                A9:35:FC:79:80:09:78
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        3a:fd:fc:47:f8:92:d4:aa:e3:b4:a1:66:f2:cc:23:c5:9c:0f:
        d8:5c:6a:c1:58:fa:d8:07:45:35:8a:be:c3:8d:00:f0:67:65:
        50:30:ab:cd:b9:e5:a9:5d:bb:9a:c5:86:5a:e5:02:10:d7:a7:
        d2:99:bf:74:ee:81:7c:cb:65:1c:17:93:ba:3c:b7:23:86:9a:
        1a:79:62:6c:8b:aa:2c:e6:47:d3:c0:d7:75:86:cf:a2:4f:d1:
        2c:7f:80:68:e3:31:5f:75:28:98:a1:f9:02:5c:75:7d:a7:e6:
        4d:44:c9:d3:95:3a:2b:df:91:0e:59:f6:9d:a3:11:5d:4e:eb:
        e7:d0:0d:f0:80:17:c6:4c:4c:aa:1d:53:a0:5d:26:c7:b7:c1:
        39:1f:03:58:a0:c1:b6:4e:5c:79:bc:68:3e:67:d1:f6:da:f1:
        6c:82:06:a1:44:47:71:e8:6a:8d:2c:83:fb:17:d2:fa:d8:97:
        86:b6:01:ef:67:84:c4:29:77:08:83:a5:49:12:ca:3e:ea:0c:
        c8:ed:3d:d5:5e:ad:8f:cc:5c:5e:9f:fb:51:5d:13:35:63:8f:
        40:77:57:56:21:8d:3e:59:7a:e8:4d:57:75:8d:e8:1a:d8:88:
        bb:47:4f:6e:bd:eb:3e:9f:e1:d6:1e:e3:6e:ec:4d:8c:1e:a7:
        5c:d5:cc:d8

54.166.244.71

Last Seen: 2024-04-08

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-1137109147 | 2024-04-08T02:25:44.566341
80 / tcp

nginx1.20.1

-1137109147 | 2024-04-02T16:59:22.039094
443 / tcp

nginx1.20.1

Products

Pricing

Contact Us

54.166.244.71

Last Seen: 2024-04-08

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-1137109147 | 2024-04-08T02:25:44.566341 80 / tcp

nginx1.20.1

-1137109147 | 2024-04-02T16:59:22.039094 443 / tcp

nginx1.20.1

Products

Pricing

Contact Us

-1137109147 | 2024-04-08T02:25:44.566341
80 / tcp

-1137109147 | 2024-04-02T16:59:22.039094
443 / tcp