GeneralInformation

Hostnames	ec2-18-158-47-14.eu-central-1.compute.amazonaws.com app.kudkoreni.rs
Domains	amazonaws.com kudkoreni.rs
Cloud Provider	Amazon
Cloud Region	eu-central-1
Cloud Service	EC2
Country	Germany
City	Frankfurt am Main
Organization	A100 ROW GmbH
ISP	Amazon.com, Inc.
ASN	AS16509
Operating System	Linux

WebTechnologies

JavaScript libraries

C3.js

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2023(1)

CVE-2023-44487

7.5The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

2021(2)

CVE-2021-23017

7.7A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

CVE-2021-3618

7.4ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.

OpenPorts

22 80 443

22 / tcp

-664425122 | 2025-03-24T13:48:10.540383

SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.11
Key type: ecdsa-sha2-nistp256
Key: AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBBEht5avj7g67kCX+oSxL3M3
x+fh+NOUUH7rQUGU5coP3G/0ySWWfJ4h8BRqiFCWvvlHBOxQkNSUUiEF3jtr3Bo=
Fingerprint: db:79:9b:a0:29:93:4b:2b:f1:1c:8f:c0:f3:72:1a:b3

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	sntrup761x25519-sha512@openssh.com
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

80 / tcp

677579724 | 2025-03-21T03:54:46.709388

Hashes

hash

1723509491

http.dom_hash

1239617585

http.html_hash

677579724

http.server_hash

967792298

http.title_hash

-1207101977

404 Not Found

HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 21 Mar 2025 03:54:46 GMT
Content-Type: text/html
Content-Length: 564
Connection: keep-alive

Vulnerabilities

443 / tcp

-2107595891 | 2025-03-18T16:05:03.321767

Hashes

hash

-383664250

http.dom_hash

1429618296

http.favicon.hash

-260424994

http.html_hash

-2107595891

http.robots_hash

1431501923

http.server_hash

967792298

http.title_hash

-2125614175

Koreni

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
Date: Tue, 18 Mar 2025 16:05:03 GMT
Set-Cookie: XSRF-TOKEN=eyJpdiI6IkdkTEVIejBDZFArUG1LK3JEc2xqQ3c9PSIsInZhbHVlIjoiUXB1OVdqbmI3bEZkdGZxQ0YyblZuVnE0MTZWN1QwVm5UaU4xU1RZM0t3NVVTWWFrUEhwT0xONStVYS9uNFk4SUs0dzhzNCtNU040dm1ac2JQZ1NhV285cDROV3RTVXpaci83Q0pYMVZFZUowOUlEeFpqYXphaUsxc0l4NjdEZDciLCJtYWMiOiI3YWM2NDQzMWE4MDcyZDAwOGRjYTdhM2JlMzZkNjFiZDIwM2M2NTZlNzhhN2VkM2ZlYzEwMjc2MmU3MWUwMWFjIiwidGFnIjoiIn0%3D; expires=Tue, 18 Mar 2025 18:05:03 GMT; Max-Age=7200; path=/; samesite=lax
Set-Cookie: koreni_session=eyJpdiI6ImRXQVJQcU9xV3E1SlQ2RTBRcWF0RGc9PSIsInZhbHVlIjoiOWJTakF0VE1VY1FydWJqbDJBZkhHSU9sbXBrbGxHQ0hHNVI0Zi9zbHBBUU1hWUtIS1NDcDNNTUpYZHRGakt3RGdkalp4VXNOczJGU2NpZTl1TXJrK2M0bGxaZjRBaUFDa01CckxYeldIa3BZSGhZMHZZQWRuZTF6bWc0aklHbEIiLCJtYWMiOiJjMmQyZjY1OWM1MzI5YjI4Zjk3MjExNzk3MjcyNjk5YWVmODMwNmZhZDVmMWRmZjczNzIwYjMzOTUzODk5ZmRiIiwidGFnIjoiIn0%3D; expires=Tue, 18 Mar 2025 18:05:03 GMT; Max-Age=7200; path=/; httponly; samesite=lax
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Service-Worker-Allowed: /

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:44:d5:8b:c7:d6:55:eb:c9:7a:bd:08:fe:f3:a7:26:6b:e6
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R10
        Validity
            Not Before: Mar  3 20:26:13 2025 GMT
            Not After : Jun  1 20:26:12 2025 GMT
        Subject: CN=app.kudkoreni.rs
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:cc:dd:fb:19:15:aa:50:bc:08:79:ea:4e:ef:32:
                    08:75:de:66:16:7b:a7:67:af:56:19:2f:1f:43:ff:
                    3e:dd:5a:e1:17:15:d3:3d:c9:d8:c0:08:80:36:16:
                    ae:5c:aa:4c:0b:5f:14:02:d2:1e:5a:b3:9c:93:96:
                    cf:cd:29:09:d0:13:d2:ff:fe:d6:f5:00:7e:41:e9:
                    75:2b:b6:43:6e:88:3c:1c:a8:f7:e3:0b:26:0d:cc:
                    42:51:68:f4:37:b8:39:a8:0e:83:4f:32:0f:00:49:
                    c9:39:94:34:e6:42:38:fe:32:a2:f7:9d:09:4b:28:
                    e1:54:7a:6a:3b:a6:ce:be:e3:a4:ef:a0:c8:aa:ba:
                    53:f7:d7:88:a8:4e:09:2e:b3:45:6b:6b:c5:79:cc:
                    b7:93:4d:32:4d:3f:ca:dc:bf:ce:02:61:1a:88:7a:
                    56:0f:db:5d:96:bf:1c:c5:e9:a4:11:18:33:54:ac:
                    35:25:60:32:5e:a6:f3:e2:f1:9d:39:d9:d3:33:4a:
                    09:91:fc:bf:4b:92:0b:66:0b:72:9d:a4:05:83:df:
                    5d:69:e9:a0:15:2a:5a:d7:fa:4e:76:39:22:97:51:
                    40:e0:24:43:e0:74:29:25:4a:28:87:a4:e1:a1:cc:
                    5d:84:be:f0:00:e8:41:55:01:86:61:3d:ca:30:a1:
                    61:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                17:B7:C9:6E:C0:DF:C8:E9:B9:7F:7A:F7:5B:51:52:F9:18:42:83:84
            X509v3 Authority Key Identifier: 
                BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8
            Authority Information Access: 
                OCSP - URI:http://r10.o.lencr.org
                CA Issuers - URI:http://r10.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:app.kudkoreni.rs
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
                                1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
                    Timestamp : Mar  3 21:24:43.475 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:21:29:48:7F:54:8B:E9:CB:21:97:8C:DE:
                                9E:91:95:53:40:28:79:E4:61:CD:D9:03:DC:D6:1A:CE:
                                56:52:3E:AD:02:21:00:86:BA:96:4F:04:DB:0B:82:B5:
                                C0:7F:66:D1:BB:27:FD:A3:34:CF:C2:0D:FB:DF:3A:A7:
                                D8:48:0B:BE:6A:F4:BC
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
                                22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
                    Timestamp : Mar  3 21:24:43.521 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:5B:26:98:84:17:DA:51:B2:12:A0:53:D7:
                                22:77:FA:21:77:3F:80:15:58:0B:54:2F:13:B3:DF:C1:
                                D0:3D:A2:73:02:21:00:ED:1C:1E:95:FF:63:29:93:4A:
                                EA:0E:AD:E9:62:42:E2:51:F5:A2:4D:A1:7E:F9:62:72:
                                25:4D:DB:5F:41:3D:C9
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        77:d0:27:a8:27:2f:8a:9c:f4:15:28:ca:6c:d9:39:27:2b:0a:
        fa:15:d8:b0:64:51:4d:be:d4:15:8d:cf:f0:75:d8:94:8d:b1:
        7e:25:df:fa:df:e8:9c:c4:04:29:e6:33:16:e6:b0:f6:b0:d0:
        47:71:a5:d6:d7:fc:08:df:3d:c5:29:24:8b:b7:ef:32:74:f0:
        2e:b2:72:6e:51:3c:66:af:a7:75:33:fe:e6:5a:90:d3:9f:37:
        81:5b:00:61:7f:b4:03:26:53:a7:b9:49:34:94:5a:8f:90:f9:
        36:a2:d5:0a:d4:6d:eb:bd:64:0b:30:ff:c1:ff:9c:c4:33:43:
        86:70:5a:58:c4:d7:04:c5:80:c5:07:e9:74:22:90:7a:42:40:
        fb:e9:17:09:76:d8:9b:16:c0:de:89:4c:dd:6a:66:2f:9b:05:
        6e:cc:1f:60:37:19:98:e4:e4:7c:a5:b9:f8:49:31:ca:db:fc:
        e2:34:b9:10:21:f7:1b:f8:41:8d:94:d7:dc:c3:cb:5b:c4:d0:
        ef:1a:06:3d:68:a0:32:a1:20:02:bd:e9:ae:42:f2:f7:db:f1:
        cd:ad:4c:38:ec:5b:1d:fb:23:cf:f7:11:69:f7:87:43:d8:cf:
        f6:25:55:6f:40:bc:ec:53:1c:8c:6e:20:05:3c:ef:5e:02:3e:
        76:26:a2:09

Vulnerabilities

18.158.47.14

Last Seen: 2025-03-24

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

22 / tcp

-664425122 | 2025-03-24T13:48:10.540383

OpenSSH8.9p1 Ubuntu 3ubuntu0.11

80 / tcp

677579724 | 2025-03-21T03:54:46.709388

Hashes

nginx1.18.0

443 / tcp

-2107595891 | 2025-03-18T16:05:03.321767

Hashes

nginx1.18.0

Products

Pricing

Contact Us

18.158.47.14

Last Seen: 2025-03-24

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities All ports Port 80 Port 443 Latest CVSS

OpenPorts

22 / tcp -664425122 | 2025-03-24T13:48:10.540383

OpenSSH8.9p1 Ubuntu 3ubuntu0.11

80 / tcp 677579724 | 2025-03-21T03:54:46.709388

Hashes

nginx1.18.0

443 / tcp -2107595891 | 2025-03-18T16:05:03.321767

Hashes

nginx1.18.0

Products

Pricing

Contact Us

Vulnerabilities

22 / tcp

-664425122 | 2025-03-24T13:48:10.540383

80 / tcp

677579724 | 2025-03-21T03:54:46.709388

443 / tcp

-2107595891 | 2025-03-18T16:05:03.321767