GeneralInformation

Hostnames	ec2-54-237-156-20.compute-1.amazonaws.com blue-origin-cms-prod.cdiapps.com cms-prod.cdiapps.com cms-upload-prod.cdiapps.com connected-preprod.cdiapps.com ebook-preview-prod.cdiapps.com green-origin-cms-prod.cdiapps.com media2-prod-int.cdiapps.com media2-prod-origin.cdiapps.com origin-cms-prod.cdiapps.com origin-connected-preprod.cdiapps.com roses-prod.cdiapps.com blue-origin-connected.mcgraw-hill.com catalog.mcgraw-hill.com connected.mcgraw-hill.com green-origin-connected.mcgraw-hill.com ocr.mcgraw-hill.com origin-connected.mcgraw-hill.com atlas-jobs-prod.adz.mh.com blue-origin-connected-prod.adz.mh.com cms-upload-prod.adz.mh.com ebook-preview-prod.adz.mh.com green-origin-connected-prod.adz.mh.com media2-prod-int.adz.mh.com origin-connected-prod.adz.mh.com dss.k12.mhedu.com help.k12.mhedu.com media.k12.mhedu.com media2.k12.mhedu.com ocr.k12.mhedu.com
Domains	amazonaws.com cdiapps.com mcgraw-hill.com mh.com mhedu.com
Cloud Provider	Amazon
Cloud Region	us-east-1
Cloud Service	EC2
Country	United States
City	Ashburn
Organization	Amazon.com, Inc.
ISP	Amazon.com, Inc.
ASN	AS14618

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2013-2220

7.5Buffer overflow in the radius_get_vendor_attr function in the Radius extension before 1.2.7 for PHP allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large Vendor Specific Attributes (VSA) length value.

CVE-2007-3205

5.0The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin.

OpenPorts

80 443

-1572777844 | 2024-05-09T05:53:02.843739

80 / tcp

HTTP/1.1 301 Moved Permanently
Date: Thu, 09 May 2024 05:53:01 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Server: Apache/2.4.58 () PHP/8.2.9
Upgrade: h2,h2c
X-Powered-By: PHP/8.2.9
X-Redirect-By: WordPress
Location: https://store.multisequence.com/

-23674247 | 2024-05-20T11:18:58.785387

443 / tcp

HTTP/1.1 302 Moved Temporarily
Date: Mon, 20 May 2024 11:18:57 GMT
Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Set-Cookie: AWSALB=m6eFQmrpEdYWR+klz8GjpfAbyB7jaeTYXHnm9baxA4eB78cBnEtWHntCt6XSMjLDTasdyadGR8qU0VxY+IUmkwb+B/J/Puq0Hb4yY+Jo5HIXEALU7Tc2hoxDumwS; Expires=Mon, 27 May 2024 11:18:57 GMT; Path=/
Set-Cookie: AWSALBCORS=m6eFQmrpEdYWR+klz8GjpfAbyB7jaeTYXHnm9baxA4eB78cBnEtWHntCt6XSMjLDTasdyadGR8qU0VxY+IUmkwb+B/J/Puq0Hb4yY+Jo5HIXEALU7Tc2hoxDumwS; Expires=Mon, 27 May 2024 11:18:57 GMT; Path=/; SameSite=None; Secure
Server: nginx
Location: https://my.mheducation.com/login

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:69:18:db:15:21:4d:1e:89:49:d9:9a:f1:f0:37:a3
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Amazon, CN=Amazon RSA 2048 M02
        Validity
            Not Before: Nov 13 00:00:00 2023 GMT
            Not After : Dec 11 23:59:59 2024 GMT
        Subject: CN=connected.mcgraw-hill.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:a8:b8:8d:2a:78:23:e0:21:80:f7:9d:60:fe:e1:
                    39:14:11:e8:5b:3f:c4:bd:8f:21:60:43:f4:12:a9:
                    b8:bc:3f:4b:cc:1d:2b:db:3a:01:4b:17:71:4d:2d:
                    28:67:88:9d:cf:cd:f2:0d:37:09:42:42:f5:d2:82:
                    f7:9f:36:b1:87:f7:60:a6:8d:e2:fa:55:67:cf:0d:
                    0e:c9:70:64:e2:79:0c:26:92:88:53:74:0f:f1:c0:
                    e0:bc:cd:e2:e4:79:8b:5c:15:34:3f:36:8e:ab:4a:
                    88:09:04:ee:20:a0:45:06:81:8c:4c:b1:3c:eb:db:
                    32:d8:ff:6d:df:cb:18:d0:39:72:b4:97:68:c8:80:
                    98:1f:0f:58:db:0b:04:c5:f1:36:4b:dc:7d:42:ff:
                    9d:59:6a:af:32:d7:50:f3:99:ed:e6:83:cc:af:e6:
                    83:85:c6:5c:12:c1:43:cb:30:c0:8e:f6:13:b6:8a:
                    ef:4b:d8:50:d4:f9:53:63:3d:47:70:13:5f:dd:e3:
                    5d:98:4e:83:03:8f:83:17:54:3e:22:13:69:9e:32:
                    98:8d:1e:ec:40:79:5a:40:17:df:68:54:57:78:89:
                    89:52:2c:64:bb:eb:ef:08:e6:8a:08:b6:6b:04:d9:
                    45:84:84:fe:8e:51:f2:5d:f4:19:f0:23:ed:c3:60:
                    68:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                C0:31:52:CD:5A:50:C3:82:7C:74:71:CE:CB:E9:9C:F9:7A:EB:82:E2
            X509v3 Subject Key Identifier: 
                9A:85:85:2D:BC:E1:8A:04:B2:01:DB:CC:7D:58:8C:CD:CB:85:F4:63
            X509v3 Subject Alternative Name: 
                DNS:connected.mcgraw-hill.com, DNS:ebook-preview-prod.adz.mh.com, DNS:ocr.k12.mhedu.com, DNS:cms-prod.cdiapps.com, DNS:blue-origin-connected.mcgraw-hill.com, DNS:blue-origin-connected-prod.adz.mh.com, DNS:origin-cms-prod.cdiapps.com, DNS:media2-prod-int.cdiapps.com, DNS:dss.k12.mhedu.com, DNS:media2.k12.mhedu.com, DNS:origin-connected-preprod.cdiapps.com, DNS:help.k12.mhedu.com, DNS:origin-connected.mcgraw-hill.com, DNS:connected-preprod.cdiapps.com, DNS:ocr.mcgraw-hill.com, DNS:media.k12.mhedu.com, DNS:green-origin-connected-prod.adz.mh.com, DNS:atlas-jobs-prod.adz.mh.com, DNS:ebook-preview-prod.cdiapps.com, DNS:catalog.mcgraw-hill.com, DNS:media2-prod-origin.cdiapps.com, DNS:cms-upload-prod.cdiapps.com, DNS:green-origin-cms-prod.cdiapps.com, DNS:cms-upload-prod.adz.mh.com, DNS:blue-origin-cms-prod.cdiapps.com, DNS:origin-connected-prod.adz.mh.com, DNS:green-origin-connected.mcgraw-hill.com, DNS:roses-prod.cdiapps.com, DNS:media2-prod-int.adz.mh.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.r2m02.amazontrust.com/r2m02.crl
            Authority Information Access: 
                OCSP - URI:http://ocsp.r2m02.amazontrust.com
                CA Issuers - URI:http://crt.r2m02.amazontrust.com/r2m02.cer
            X509v3 Basic Constraints: critical
                CA:FALSE
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Nov 13 21:19:53.137 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:E6:A0:A0:CE:77:E4:C8:06:51:4E:52:
                                20:66:64:7C:EF:DF:69:54:E6:A7:27:25:CD:41:FB:BA:
                                C7:54:2F:E1:35:02:20:3E:F4:B2:36:78:F3:3E:D7:A4:
                                E5:D4:8C:9E:A1:D4:C2:95:76:A3:A0:8B:8D:08:6D:D8:
                                47:A8:5F:B2:A3:89:2F
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Nov 13 21:19:53.073 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:96:C4:E4:F9:44:BC:7C:61:C7:33:B5:
                                DE:94:BD:D7:D3:EE:35:33:14:77:6F:E3:C4:E6:32:B0:
                                AE:D2:84:76:EB:02:21:00:BC:5D:60:51:F7:C4:61:30:
                                FC:1A:17:6E:C4:FF:12:35:F6:20:93:9C:83:4D:C9:F6:
                                96:9A:5E:2C:0E:C7:28:43
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
                                ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
                    Timestamp : Nov 13 21:19:53.131 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:6E:86:12:04:76:CB:69:82:B5:9E:A6:51:
                                16:C5:7B:03:31:89:06:E7:CF:48:31:F2:B3:06:3F:5E:
                                61:7E:73:95:02:20:31:D1:F2:45:61:A6:4E:41:81:68:
                                C1:09:6C:EC:C6:34:FD:49:35:D8:AB:90:00:52:3E:B5:
                                9C:CA:E5:2B:AA:12
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        05:cb:e8:31:8a:2f:a1:e6:f1:78:77:b3:20:cc:94:26:c0:a2:
        f6:a1:2c:64:8c:5c:f0:04:a6:1d:bd:e3:92:d5:53:5c:fc:0f:
        1b:53:3b:1c:d9:7c:c7:25:93:2e:09:fb:f5:06:b1:b3:55:66:
        66:8e:52:14:73:91:82:aa:aa:4d:bf:c5:a7:bb:54:53:ae:20:
        ee:6a:c0:ad:24:3d:0f:05:5a:e9:f8:ee:36:6e:bb:a7:61:4a:
        c6:86:d8:51:75:c0:7e:89:30:a6:76:37:7d:6a:64:a4:cc:e5:
        21:d5:67:62:27:57:42:30:cc:bc:ce:42:02:39:62:e4:ed:ec:
        84:36:2a:95:e2:2b:32:ea:f5:be:bb:86:2e:e1:b9:dd:9e:12:
        95:c2:f7:a1:17:40:39:61:a1:ce:d8:42:c2:d2:e0:8b:cc:8f:
        c2:98:e8:bb:c8:ca:a5:92:02:a0:65:96:f2:13:cb:7a:85:f4:
        a1:ec:6d:66:2f:b3:89:f5:26:9d:c1:71:00:9b:61:3d:35:60:
        7e:dd:bc:b4:52:6c:f4:f2:1a:2b:cd:45:da:15:ba:fd:86:c5:
        a1:e4:8a:d6:90:11:46:5a:1c:73:31:82:70:d9:78:2e:71:e8:
        cc:6e:92:3a:5d:99:11:72:36:d3:0e:29:41:7e:4d:93:cb:7c:
        a1:49:ac:87

54.237.156.20

Last Seen: 2024-05-20

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1572777844 | 2024-05-09T05:53:02.843739
80 / tcp

Apache httpd2.4.58

-23674247 | 2024-05-20T11:18:58.785387
443 / tcp

nginx

Products

Pricing

Contact Us

54.237.156.20

Last Seen: 2024-05-20

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1572777844 | 2024-05-09T05:53:02.843739 80 / tcp

Apache httpd2.4.58

-23674247 | 2024-05-20T11:18:58.785387 443 / tcp

nginx

Products

Pricing

Contact Us

-1572777844 | 2024-05-09T05:53:02.843739
80 / tcp

-23674247 | 2024-05-20T11:18:58.785387
443 / tcp