GeneralInformation

Hostnames	ec2-18-211-56-117.compute-1.amazonaws.com insight-qa.kanerai.com
Domains	amazonaws.com kanerai.com
Cloud Provider	Amazon
Cloud Region	us-east-1
Cloud Service	EC2
Country	United States
City	Ashburn
Organization	Amazon Technologies Inc.
ISP	Amazon.com, Inc.
ASN	AS14618

WebTechnologies

UI frameworks

Bootstrap3.3.7

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2024(1)

CVE-2024-6484

6.4A vulnerability has been identified in Bootstrap that exposes users to Cross-Site Scripting (XSS) attacks. The issue is present in the carousel component, where the data-slide and data-slide-to attributes can be exploited through the href attribute of an <a> tag due to inadequate sanitization. This vulnerability could potentially enable attackers to execute arbitrary JavaScript within the victim's browser.

2019(1)

CVE-2019-8331

6.1In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.

2018(4)

CVE-2018-20677

6.1In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.

CVE-2018-20676

6.1In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.

CVE-2018-14042

6.1In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.

CVE-2018-14040

6.1In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.

2016(1)

CVE-2016-10735

6.1In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.

OpenPorts

80 443

80 / tcp

-115752667 | 2025-03-11T12:45:51.424393

Hashes

hash

-1957596405

http.dom_hash

-1489588275

http.favicon.hash

-2009722838

http.html_hash

-115752667

http.title_hash

479417315

React App

HTTP/1.1 200 OK
Date: Tue, 11 Mar 2025 12:45:51 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 2035
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: *
Access-Control-Allow-Headers: *
Accept-Ranges: bytes
ETag: W/"7f3-BY5D0gLA/At2TXdGHSqou1qZT0I"
Vary: Accept-Encoding

Vulnerabilities

443 / tcp

0 | 2025-02-28T20:12:48.716385

Hashes

hash

796671821

http.dom_hash

http.html_hash

HTTP/1.1 307 Temporary Redirect
Date: Fri, 28 Feb 2025 20:12:48 GMT
Content-Length: 0
Connection: keep-alive
location: https://accounts-qa.kanerai.com/?continue=https%3A//insight-qa.kanerai.com/

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:8c:b7:20:14:cd:6c:81:dc:bd:4f:b4:34:6a:8e:b1
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Amazon, CN=Amazon RSA 2048 M03
        Validity
            Not Before: Oct  4 00:00:00 2024 GMT
            Not After : Nov  2 23:59:59 2025 GMT
        Subject: CN=*.qa.web.kanerai.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:a6:e4:c2:f6:a5:a5:ac:93:8b:76:12:be:39:a7:
                    98:22:6e:6e:37:e5:78:e1:a5:df:5c:33:c3:be:89:
                    0f:7c:0f:77:41:45:ef:fd:08:2d:bf:1c:78:bd:29:
                    af:ff:3a:3b:d6:8b:49:dd:bc:86:de:88:9d:16:10:
                    2d:d2:91:6d:1c:9d:07:d0:99:4c:17:eb:8d:ae:bd:
                    29:c3:22:77:71:c1:57:4a:48:44:bf:08:31:17:f5:
                    c6:4c:63:a9:c1:3a:f4:69:7d:11:ec:1b:d2:ae:a1:
                    26:2e:04:92:de:51:e9:9c:d1:cc:df:2a:71:cc:35:
                    c9:f7:45:19:bc:3a:c2:b5:94:f6:cb:d0:6f:85:67:
                    7d:08:7e:50:3b:fd:d4:36:5f:2c:3c:3d:da:39:c3:
                    7d:9a:e8:87:7b:a4:56:c7:63:f0:af:70:e0:0e:c5:
                    c4:b5:f0:d7:c1:76:a4:ca:82:ca:56:7a:99:fe:f5:
                    f7:93:66:1c:f3:a3:a9:ae:81:5a:c5:74:70:d3:93:
                    d4:37:77:6c:cd:3f:06:4a:70:db:22:3a:ef:f1:e7:
                    cc:22:bd:d3:a7:0b:30:1d:a0:4c:42:fc:09:1c:13:
                    e7:85:25:f1:de:93:e6:25:aa:a2:7c:85:f3:0f:fa:
                    8f:84:91:68:0d:31:5a:8b:29:ee:cf:17:59:f2:5a:
                    85:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                55:D9:18:5F:D2:1C:CC:01:E1:58:B4:BE:AB:D9:55:42:01:D7:2E:02
            X509v3 Subject Key Identifier: 
                0D:1D:2E:DE:88:DA:9A:2F:A3:0E:E2:36:5E:E0:A5:46:DF:6F:14:0E
            X509v3 Subject Alternative Name: 
                DNS:*.qa.web.kanerai.com, DNS:insight-qa.kanerai.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.r2m03.amazontrust.com/r2m03.crl
            Authority Information Access: 
                OCSP - URI:http://ocsp.r2m03.amazontrust.com
                CA Issuers - URI:http://crt.r2m03.amazontrust.com/r2m03.cer
            X509v3 Basic Constraints: critical
                CA:FALSE
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 12:F1:4E:34:BD:53:72:4C:84:06:19:C3:8F:3F:7A:13:
                                F8:E7:B5:62:87:88:9C:6D:30:05:84:EB:E5:86:26:3A
                    Timestamp : Oct  4 07:37:47.974 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:67:09:8C:98:B9:41:6B:24:77:59:20:DB:
                                BC:B0:D4:AD:29:48:30:E5:37:93:71:DB:0B:65:35:EE:
                                C6:6C:F1:91:02:20:15:BA:F2:F4:74:FE:03:9D:46:AD:
                                22:8E:09:6E:28:D3:48:2D:95:6B:7C:FB:9F:CE:16:D0:
                                8C:D8:DB:3D:67:B0
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 7D:59:1E:12:E1:78:2A:7B:1C:61:67:7C:5E:FD:F8:D0:
                                87:5C:14:A0:4E:95:9E:B9:03:2F:D9:0E:8C:2E:79:B8
                    Timestamp : Oct  4 07:37:48.033 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:86:5C:2E:05:1F:FC:68:07:6D:45:9E:
                                1B:D7:9F:A9:D4:D7:33:A0:FD:F2:0A:50:BA:DF:B9:5E:
                                D1:85:FE:98:58:02:20:47:B1:89:AD:FF:23:C6:17:A3:
                                82:C2:C9:A4:CC:D5:B8:84:C2:49:A0:F9:19:71:F7:B2:
                                C7:5E:90:F9:07:8F:64
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
                                22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
                    Timestamp : Oct  4 07:37:48.029 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:CE:8D:69:E7:94:B4:D6:74:D0:B3:E6:
                                AC:05:4B:B1:EA:2F:67:2B:30:60:7A:78:E8:68:4C:7B:
                                98:85:B6:38:FD:02:20:2F:FF:B2:85:9D:D8:2A:D1:9A:
                                65:31:7A:7B:6F:BD:A6:61:A9:1E:1A:E9:57:43:72:9D:
                                38:7C:7B:42:B1:D2:67
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        50:8a:5d:de:88:b7:47:e3:39:d3:18:da:b3:16:bc:0c:d1:c4:
        59:9d:b9:71:47:8b:7f:e0:bd:32:8d:e3:9b:79:bf:ef:11:d3:
        8b:de:ec:ec:e7:c5:c2:77:eb:b2:c9:8a:b2:85:de:a6:7e:e0:
        bd:dc:63:4a:40:38:ac:c9:9b:10:44:02:6f:7f:c9:61:59:9f:
        6a:f3:d1:78:6d:74:31:34:fc:22:99:cf:53:71:a8:fb:a4:93:
        a2:04:f9:ee:b4:ed:05:58:d1:1e:38:1f:47:00:a0:86:6d:5e:
        63:ca:35:41:43:49:56:38:46:78:ee:00:d0:1a:5c:71:f5:be:
        ad:1f:77:9c:86:31:e9:e1:9f:d0:fb:d5:4e:86:c2:87:7f:76:
        1a:ce:bb:f6:91:47:a4:01:6f:47:c2:7f:6e:17:20:bb:ed:35:
        f0:56:62:49:61:0e:66:0d:c8:5d:0b:13:aa:19:f1:f4:21:e5:
        89:6d:07:da:00:a1:12:69:ac:15:c7:4e:16:a5:3a:3a:1d:f3:
        88:a6:ee:2d:4f:bd:d4:40:c0:37:91:40:34:bc:2b:9a:3a:2c:
        6c:81:c4:55:7b:56:c9:a3:31:7d:e1:a7:cb:cd:75:49:c8:3d:
        f9:f7:12:63:38:da:2f:f5:bd:79:30:96:ca:d1:fa:a3:a0:e5:
        94:e4:9b:fa

18.211.56.117

Last Seen: 2025-03-11

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

80 / tcp

-115752667 | 2025-03-11T12:45:51.424393

Hashes

443 / tcp

0 | 2025-02-28T20:12:48.716385

Hashes

Products

Pricing

Contact Us

18.211.56.117

Last Seen: 2025-03-11

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities All ports Port 80 Latest CVSS

OpenPorts

80 / tcp -115752667 | 2025-03-11T12:45:51.424393

Hashes

443 / tcp 0 | 2025-02-28T20:12:48.716385

Hashes

Products

Pricing

Contact Us

Vulnerabilities

80 / tcp

-115752667 | 2025-03-11T12:45:51.424393

443 / tcp

0 | 2025-02-28T20:12:48.716385