GeneralInformation

Hostnames	aaronturatv.com.br ec2-54-198-170-253.compute-1.amazonaws.com
Domains	aaronturatv.com.br amazonaws.com
Cloud Provider	Amazon
Cloud Region	us-east-1
Cloud Service	EC2
Country	United States
City	Ashburn
Organization	Amazon Data Services NoVa
ISP	Amazon.com, Inc.
ASN	AS14618
Operating System	Ubuntu

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

80 443 8000 8010

677579724 | 2024-04-18T00:37:05.854045

80 / tcp

HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 18 Apr 2024 00:37:05 GMT
Content-Type: text/html
Content-Length: 564
Connection: keep-alive

1651973090 | 2024-04-25T17:49:29.859398

443 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 25 Apr 2024 17:49:29 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 21 Apr 2020 14:09:01 GMT
Connection: keep-alive
ETag: "5e9efe7d-264"
Accept-Ranges: bytes

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:b3:9f:40:4e:e7:d2:33:8d:c8:48:2f:d4:36:bc:f9:e7:05
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Dec  1 11:27:50 2023 GMT
            Not After : Feb 29 11:27:49 2024 GMT
        Subject: CN=aaronturatv.com.br
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:cc:7f:f7:db:0f:40:b8:af:57:68:2a:bf:fd:f1:
                    9f:e2:5c:ac:0c:48:29:71:74:38:bb:f2:b8:aa:10:
                    1d:81:b0:07:42:47:e2:c9:04:84:d5:1b:41:e4:11:
                    b4:a6:63:86:6c:c9:cd:f6:dd:b8:a2:d8:9f:39:d6:
                    51:87:c5:b0:d8:ca:af:8c:a8:70:ae:de:7c:fb:6d:
                    c1:77:58:10:9f:1d:5a:3e:e9:33:4f:02:00:e0:b3:
                    ff:ab:fc:a6:3e:b4:8d:ac:72:02:c3:8e:56:fc:b6:
                    6b:67:28:6f:da:3d:49:fe:53:5f:b1:87:ac:f5:5d:
                    87:e7:2a:1d:90:c3:cc:e7:06:93:b5:52:d0:31:fc:
                    af:02:c4:ce:48:ee:66:33:1c:e4:c8:ff:6a:36:df:
                    71:b0:76:e0:ce:88:2e:82:c7:2f:bd:03:78:13:9c:
                    1d:f4:bf:b2:ea:d6:49:8f:bf:84:e6:28:8b:dc:02:
                    e7:a1:85:d7:ef:6d:6c:a8:8e:22:ff:2d:0f:0d:bd:
                    6f:0e:3c:09:de:62:71:cf:a4:e4:41:7d:13:e2:ae:
                    f3:86:a2:95:40:8c:11:db:b5:9a:85:2d:f2:64:4e:
                    ed:de:d8:a2:b1:d3:1c:58:fd:89:33:f8:a6:27:66:
                    80:86:c4:e0:f5:40:b2:9f:f3:84:02:7a:6e:18:53:
                    96:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                61:7C:82:7F:F2:A5:F7:6C:73:EC:96:E5:B7:CF:BD:09:47:6F:EB:DA
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:aaronturatv.com.br
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Dec  1 12:27:51.048 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:9A:5B:03:9F:99:53:53:19:95:30:72:
                                2E:06:F4:91:50:76:38:70:20:26:E2:B6:AE:D0:AA:9D:
                                8C:E7:23:F0:AA:02:20:6E:A5:16:B0:36:AB:CD:F1:F9:
                                F9:E7:4D:57:BC:6C:9C:AC:EB:F7:A6:CF:5F:BE:B1:87:
                                10:EE:18:56:7E:9F:80
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
                                67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
                    Timestamp : Dec  1 12:27:51.125 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:D9:5B:8B:4D:70:5F:B6:CD:D3:FB:E2:
                                0D:58:0E:7F:D5:9E:DE:43:A1:D7:3F:CB:89:4D:50:D1:
                                E9:CE:F7:CF:2A:02:21:00:D6:CE:C3:44:6F:84:5D:6E:
                                A7:BE:EB:75:CA:E1:C4:BB:3D:F6:6B:A8:27:98:52:A4:
                                22:B7:80:56:35:37:46:26
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        30:72:14:c2:3c:3b:81:9d:e4:b4:dd:96:a0:95:64:ae:1e:37:
        dc:e1:e3:a8:15:69:71:69:71:25:1e:30:07:34:ca:06:91:da:
        91:80:67:4f:97:b6:67:4f:fa:64:fc:6b:22:65:36:d1:58:93:
        aa:a1:74:9f:dd:78:e5:ae:ce:f2:a6:21:e5:a3:61:bb:99:2b:
        a9:68:73:fe:5b:99:7c:ed:c5:40:ea:66:34:56:89:25:af:bb:
        fe:c2:fd:96:22:85:d9:83:36:4c:02:64:21:65:8a:63:4d:7d:
        e2:d8:f6:1f:de:65:25:80:3f:ad:d0:15:b2:bc:a3:1b:de:db:
        2c:cf:87:d1:98:73:29:fa:da:8d:77:84:9b:78:27:e0:b1:5b:
        2c:cf:07:d7:01:da:52:92:1d:19:26:ea:3a:ea:99:f1:a1:ee:
        90:d5:53:e6:3c:4a:c5:86:8a:a2:91:b8:eb:7d:c0:50:7f:21:
        74:2b:c4:5a:fa:55:e7:63:c6:42:f1:ac:ef:21:d0:ff:1f:aa:
        fd:07:49:df:b0:67:53:1e:80:46:b1:88:f0:bc:e3:4e:68:5c:
        d2:3a:4c:72:e3:2a:52:74:7a:fb:f0:f7:82:74:3f:7a:13:e5:
        40:fc:4d:7e:c2:85:b8:06:94:c1:31:2b:fe:82:e4:f1:cb:4b:
        da:f0:a2:fa

1625071317 | 2024-04-22T12:18:45.371546

8000 / tcp

HTTP/1.1 500 Internal Server Error
Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-DNS-Prefetch-Control: off
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: no-referrer
X-XSS-Protection: 0
Content-Type: application/json; charset=utf-8
Content-Length: 1125
ETag: W/"465-GDj9L/oN8y13Hw8BD6eXuFxTpHw"
Date: Mon, 22 Apr 2024 12:18:45 GMT
Connection: keep-alive
Keep-Alive: timeout=5

-1060095501 | 2024-04-20T11:44:20.112698

8010 / tcp

HTTP/1.1 404 Not Found
X-Powered-By: Express
Access-Control-Allow-Origin: *
Content-Security-Policy: default-src 'none'
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
Content-Length: 139
Date: Sat, 20 Apr 2024 11:44:20 GMT
Connection: keep-alive
Keep-Alive: timeout=5

54.198.170.253

Last Seen: 2024-04-25

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

677579724 | 2024-04-18T00:37:05.854045
80 / tcp

nginx1.18.0

1651973090 | 2024-04-25T17:49:29.859398
443 / tcp

nginx1.18.0

1625071317 | 2024-04-22T12:18:45.371546
8000 / tcp

-1060095501 | 2024-04-20T11:44:20.112698
8010 / tcp

Products

Pricing

Contact Us

54.198.170.253

Last Seen: 2024-04-25

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

677579724 | 2024-04-18T00:37:05.854045 80 / tcp

nginx1.18.0

1651973090 | 2024-04-25T17:49:29.859398 443 / tcp

nginx1.18.0

1625071317 | 2024-04-22T12:18:45.371546 8000 / tcp

-1060095501 | 2024-04-20T11:44:20.112698 8010 / tcp

Products

Pricing

Contact Us

677579724 | 2024-04-18T00:37:05.854045
80 / tcp

1651973090 | 2024-04-25T17:49:29.859398
443 / tcp

1625071317 | 2024-04-22T12:18:45.371546
8000 / tcp

-1060095501 | 2024-04-20T11:44:20.112698
8010 / tcp