GeneralInformation

Hostnames	ec2-54-228-76-138.eu-west-1.compute.amazonaws.com domainintel.nccgroup.com
Domains	amazonaws.com nccgroup.com
Cloud Provider	Amazon
Cloud Region	eu-west-1
Cloud Service	EC2
Country	Ireland
City	Dublin
Organization	Amazon.com, Inc.
ISP	Amazon.com, Inc.
ASN	AS16509

WebTechnologies

JavaScript libraries

UI frameworks

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2020-11023	4.3In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022	4.3In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2019-11358	4.3jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CVE-2015-9251	4.3jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.

OpenPorts

80 443 8443

1949896279 | 2024-05-08T00:02:31.628011

80 / tcp

HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Wed, 08 May 2024 00:02:31 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://54.228.76.138:443/

1563372950 | 2024-05-23T13:21:19.586162

443 / tcp

HTTP/1.1 200 OK
Cache-Control: private,no-store
Cache-control: no-cache="set-cookie"
Content-Security-Policy: default-src 'self';style-src 'self' 'unsafe-inline';font-src 'self';img-src 'self' data:;script-src 'self' 'unsafe-inline';frame-src 'self'
Content-Type: text/html; charset=utf-8
Date: Thu, 23 May 2024 13:21:16 GMT
Pragma: no-cache
Public-Key-Pins: pin-sha256="23kKnJQf65JdGvtIiDRP/xrttl4qwx6zPG0/7LZINwI="; pin-sha256="B+8GWglt28ZlEEbiXPZEeNGNGya1CdwFDFNAbzYS3/4="; max-age=5184000; strict; report-uri=/handlers/pkpreport.ashx
Set-Cookie: SessionID=czuisrsbd1bbs4vzxc2a2aw5; path=/; secure; HttpOnly; SameSite=Lax
Set-Cookie: SessionID=; path=/; secure; HttpOnly
Set-Cookie: AWSELB=1D494DF9040F99EE60DDE535448F1CEC1003F975C5DFE1AE3EED5360EA4DDA953F1B4BAFB91D303B86DCD99F2686A862561631E4F4ACC28592AF6D23160F7776F75FDB4688;PATH=/;MAX-AGE=14400
Set-Cookie: AWSELBCORS=1D494DF9040F99EE60DDE535448F1CEC1003F975C5DFE1AE3EED5360EA4DDA953F1B4BAFB91D303B86DCD99F2686A862561631E4F4ACC28592AF6D23160F7776F75FDB4688;PATH=/;MAX-AGE=14400;SECURE;SAMESITE=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Security-Policy: default-src 'self';style-src 'self' 'unsafe-inline';font-src 'self';img-src 'self' data:;script-src 'self' 'unsafe-inline';frame-src 'self'
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 6081
Connection: keep-alive

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:bc:1c:55:77:13:50:70:bf:8b:7f:e2:40:58:c8:8c
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Entrust, Inc., OU=See www.entrust.net\/legal-terms, OU=(c) 2012 Entrust, Inc. - for authorized use only, CN=Entrust Certification Authority - L1K
        Validity
            Not Before: Sep 14 15:00:42 2023 GMT
            Not After : Sep 14 15:00:41 2024 GMT
        Subject: C=GB, L=Manchester, O=NCC Group Plc, CN=domainintel.nccgroup.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b0:a6:5a:66:e5:d6:9a:5d:cc:44:dd:99:49:9b:
                    af:22:05:a0:13:20:a2:76:92:c2:e0:51:9b:82:c9:
                    2a:93:39:50:d3:4c:a5:8a:71:0c:4c:32:40:02:9d:
                    e6:e5:a6:b4:b5:31:7c:b3:da:ac:b2:ce:f4:63:bf:
                    ab:62:8b:0b:93:fa:96:71:e3:59:1e:53:1e:bb:6b:
                    82:d7:ab:1b:e0:86:b0:f4:d9:9b:d7:85:74:51:8c:
                    3f:f7:14:9f:a6:36:e6:74:17:3f:13:e9:ad:50:4f:
                    8e:f2:f3:8d:9c:81:ed:06:8e:a9:5b:17:cc:40:a4:
                    43:12:3f:4f:dc:50:39:24:70:62:cf:10:7a:5d:aa:
                    b3:c4:2a:0f:e4:30:ab:86:2a:e7:06:48:56:ee:4f:
                    52:20:8e:60:34:ac:81:2f:c4:e3:68:ff:01:b6:9b:
                    e4:ce:05:1b:81:6c:62:73:36:2d:f3:3f:76:c8:49:
                    a5:07:78:01:56:48:49:cc:61:35:ca:d6:0a:0a:08:
                    ac:cb:09:54:6c:a3:9f:f3:1e:87:fe:b6:f2:94:a8:
                    e1:3d:a0:bc:47:89:34:35:36:22:a6:6c:9a:78:13:
                    04:45:56:10:27:8e:27:47:b2:49:83:a3:fc:37:5a:
                    4e:7b:73:43:61:76:65:5d:19:dc:26:f5:26:c2:d8:
                    37:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                6D:25:AD:D1:56:26:4A:ED:36:60:F3:AE:BC:94:E7:02:62:11:23:C0
            X509v3 Authority Key Identifier: 
                82:A2:70:74:DD:BC:53:3F:CF:7B:D4:F7:CD:7F:A7:60:C6:0A:4C:BF
            Authority Information Access: 
                OCSP - URI:http://ocsp.entrust.net
                CA Issuers - URI:http://aia.entrust.net/l1k-chain256.cer
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.entrust.net/level1k.crl
            X509v3 Subject Alternative Name: 
                DNS:domainintel.nccgroup.com
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.2
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Sep 14 15:00:42.802 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:F7:64:A5:CD:E9:E3:24:69:C9:42:17:
                                5E:04:5D:B3:14:C7:09:DC:4B:2A:AC:40:94:3C:00:F2:
                                67:3C:83:B2:8B:02:21:00:F2:72:44:63:E8:FD:16:0C:
                                3C:30:8D:74:8A:F5:ED:52:98:C7:0F:C0:FF:58:7F:A6:
                                3A:5E:B1:90:4A:99:35:C0
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
                                ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
                    Timestamp : Sep 14 15:00:42.838 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:D9:9F:CE:9B:F0:5F:F1:B3:F1:86:0A:
                                67:9A:2E:97:60:49:5D:8C:9A:D8:8B:2E:78:73:E7:44:
                                05:CC:09:16:A9:02:20:78:0D:4F:41:41:75:88:5D:E5:
                                6B:79:0D:83:E6:71:E3:EB:26:4A:BA:B3:53:10:BA:F7:
                                4A:6B:B2:3A:66:32:25
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70:
                                91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB
                    Timestamp : Sep 14 15:00:42.857 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:B8:D4:C3:06:B2:1D:01:FD:D6:72:81:
                                4A:7A:76:AD:7B:15:2F:69:CA:FB:82:F3:28:7B:4A:00:
                                9F:0E:FA:04:2A:02:20:23:DD:98:64:C5:CB:90:AA:5A:
                                EE:BB:65:8E:76:E4:7C:84:80:50:05:BA:E1:E8:64:06:
                                A0:4C:6A:CB:B5:82:01
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        04:b6:bb:de:98:06:05:44:9d:2c:67:18:37:bf:c7:f8:38:68:
        7c:a8:90:a4:ce:40:52:2a:4a:ed:aa:ee:73:30:b9:30:2b:7f:
        7d:bd:ce:2d:01:a5:b4:aa:18:93:88:e4:3b:23:e2:14:9b:ba:
        8c:82:52:a9:10:52:31:4d:99:ac:09:89:51:e6:05:3f:41:58:
        32:0f:59:be:c9:b0:63:52:e0:39:02:0f:af:b6:90:79:a6:9c:
        93:1e:34:fc:38:4b:dc:4f:67:5d:03:a9:2b:f7:ba:6b:78:0b:
        89:48:67:d9:1d:49:ef:bd:be:18:04:ec:32:8a:41:4f:0d:da:
        04:9d:f2:fd:3a:17:cf:91:f6:a9:64:bd:86:db:ef:35:2e:a4:
        27:9b:4b:bb:8b:f8:12:e1:0e:ac:00:cf:d0:a2:6f:45:b5:38:
        a6:a0:30:41:44:03:63:03:dc:d9:ec:e2:f7:8c:ac:42:0b:9f:
        be:62:15:44:97:f7:2a:04:0a:20:cd:ec:91:df:0d:06:7f:ff:
        20:71:e6:40:26:08:63:80:c2:42:f3:99:18:bc:a4:91:dd:31:
        bf:67:de:e3:f7:cf:57:b6:36:3f:08:f3:cc:f7:59:fe:41:77:
        d6:35:f4:c4:ac:93:10:60:f9:90:70:83:04:e1:06:40:cb:b8:
        4a:83:4b:9f

-1479470129 | 2024-05-08T23:24:05.344623

8443 / tcp

HTTP/1.1 404 Not Found
Date: Wed, 08 May 2024 23:24:05 GMT
Content-Type: text/plain
Content-Length: 9
Connection: keep-alive
Server: nginx/1.22.1
X-Request-Id: 0be32e8d-a228-45df-ad8d-e26b5cc1c2fd
X-Runtime: 0.000083
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Amzn-Trace-Id: Root=1-663c0995-0e11ce7413943b870523df94
vary: Origin

54.228.76.138

Last Seen: 2024-05-23

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1949896279 | 2024-05-08T00:02:31.628011
80 / tcp

AWS ELB2.0

1563372950 | 2024-05-23T13:21:19.586162
443 / tcp

-1479470129 | 2024-05-08T23:24:05.344623
8443 / tcp

nginx1.22.1

Products

Pricing

Contact Us

54.228.76.138

Last Seen: 2024-05-23

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1949896279 | 2024-05-08T00:02:31.628011 80 / tcp

AWS ELB2.0

1563372950 | 2024-05-23T13:21:19.586162 443 / tcp

-1479470129 | 2024-05-08T23:24:05.344623 8443 / tcp

nginx1.22.1

Products

Pricing

Contact Us

1949896279 | 2024-05-08T00:02:31.628011
80 / tcp

1563372950 | 2024-05-23T13:21:19.586162
443 / tcp

-1479470129 | 2024-05-08T23:24:05.344623
8443 / tcp