GeneralInformation

Hostnames	ec2-52-23-40-199.compute-1.amazonaws.com train21apr.ed.gov www.train21apr.ed.gov
Domains	amazonaws.com ed.gov
Cloud Provider	Amazon
Cloud Region	us-east-1
Cloud Service	EC2
Country	United States
City	Ashburn
Organization	Amazon Technologies Inc.
ISP	Amazon.com, Inc.
ASN	AS14618

WebTechnologies

JavaScript libraries

jQuery

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

OpenPorts

80 443

474206066 | 2025-01-08T08:41:32.785801

80 / tcp

HTTP/1.1 307 Temporary Redirect
Date: Wed, 08 Jan 2025 08:41:32 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Server: Apache/2.4.41 (Ubuntu)
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Feature-Policy: autoplay 'none';camera 'none';microphone 'none';geolocation 'none'
X-Permitted-Cross-Domain-Policies: master-only
Expect-CT: max-age=2592000, enforce
Content-Security-Policy: frame-ancestors 'none'; default-src 'none'; font-src https: 'self' https://use.fontawesome.com https://fonts.googleapis.com https://fonts.gstatic.com; img-src https: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.google.com ; style-src https: 'self' 'unsafe-inline'; style-src-elem https: 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com; style-src-attr https: 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com; script-src-elem https: 'self' 'unsafe-inline' https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://www.bugherd.com; script-src-attr https: 'self' 'unsafe-inline' https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://www.bugherd.com; base-uri 'self'; form-action https: 'self'; connect-src https: 'self'; block-all-mixed-content;
Set-Cookie: ci_session=l0fse8ahkms7n8f8b453nmn1sokisvsq; expires=Wed, 08-Jan-2025 10:41:32 GMT; Max-Age=7200; path=/; HttpOnly; SameSite=Lax
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Cache-control: no-store, max-age=0, no-cache
Location: https://train21apr.ed.gov/login

867821598 | 2025-01-19T11:44:20.773042

443 / tcp

Welcome | 21APR

HTTP/1.1 200 OK
Date: Sun, 19 Jan 2025 11:44:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Apache/2.4.41 (Ubuntu)
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Feature-Policy: autoplay 'none';camera 'none';microphone 'none';geolocation 'none'
X-Permitted-Cross-Domain-Policies: master-only
Expect-CT: max-age=2592000, enforce
Content-Security-Policy: frame-ancestors 'none'; default-src 'none'; font-src https: 'self' https://use.fontawesome.com https://fonts.googleapis.com https://fonts.gstatic.com; img-src https: 'self' https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.google.com ; style-src https: 'self' 'unsafe-inline'; style-src-elem https: 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com; style-src-attr https: 'self' 'unsafe-inline' https://use.fontawesome.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com; script-src-elem https: 'self' 'unsafe-inline' https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://www.bugherd.com; script-src-attr https: 'self' 'unsafe-inline' https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://www.bugherd.com; base-uri 'self'; form-action https: 'self'; connect-src https: 'self'; block-all-mixed-content;
Set-Cookie: ci_session=p17et1ejfcfhlvh0304d8cmc34obe9iq; expires=Sun, 19-Jan-2025 13:44:20 GMT; Max-Age=7200; path=/; HttpOnly; SameSite=Lax
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Cache-control: no-store, max-age=0, no-cache
Vary: Accept-Encoding

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            e7:11:75:c0:8a:cb:06:42:02:03:46:03:90:2f:ff:03
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
        Validity
            Not Before: Apr 26 00:00:00 2024 GMT
            Not After : May 26 23:59:59 2025 GMT
        Subject: CN=train21apr.ed.gov
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:e3:1c:da:de:0b:81:58:36:4c:fa:5a:a4:d4:d2:
                    e7:4a:54:28:d0:66:ac:ca:77:1e:85:c5:04:98:af:
                    48:40:8a:04:19:52:fb:ee:48:ce:38:39:13:b1:e1:
                    1b:83:2c:08:86:61:e8:88:67:ac:7e:df:57:2b:30:
                    f3:d0:13:f9:04:d7:31:ec:04:86:0f:dd:c1:f6:26:
                    9a:e2:81:9a:b2:62:3b:90:ea:54:71:66:53:9e:a4:
                    50:32:fd:6c:25:09:fd:77:9c:89:63:6d:78:d0:0c:
                    e4:6d:e1:2f:fe:23:70:95:df:0a:4c:88:2a:67:9c:
                    95:86:0d:bc:d0:eb:d5:5d:4f:89:cc:60:00:8d:5f:
                    53:d4:a4:06:b2:ff:dc:38:ba:9b:93:74:26:04:0c:
                    61:22:cd:ab:0e:7b:be:d2:0e:2f:77:cc:9a:a0:b0:
                    f0:ee:ce:4b:0b:ff:96:74:a0:8c:53:0b:a7:49:52:
                    aa:3b:49:d6:61:1e:0a:3a:7c:e3:ae:2c:c7:4c:25:
                    f9:8a:9f:c9:c4:d2:07:ed:33:ad:82:36:c0:3e:af:
                    42:5a:a2:96:79:41:3d:29:70:33:7d:c1:31:a9:21:
                    f6:c1:f5:b8:65:e1:97:d9:50:c0:5a:65:cf:31:37:
                    ad:b0:5d:c7:3c:f5:9b:0c:aa:3c:92:55:db:fe:15:
                    88:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                8D:8C:5E:C4:54:AD:8A:E1:77:E9:9B:F9:9B:05:E1:B8:01:8D:61:E1
            X509v3 Subject Key Identifier: 
                ED:76:B9:3B:F9:C3:43:6B:20:6F:84:97:83:70:BA:94:05:02:31:CC
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.6449.1.2.2.7
                  CPS: https://sectigo.com/CPS
                Policy: 2.23.140.1.2.1
            Authority Information Access: 
                CA Issuers - URI:http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt
                OCSP - URI:http://ocsp.sectigo.com
            X509v3 Subject Alternative Name: 
                DNS:train21apr.ed.gov, DNS:www.train21apr.ed.gov
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
                                1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
                    Timestamp : Apr 26 17:15:05.017 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:4D:8A:BB:87:AA:D8:65:A5:31:17:AB:49:
                                9B:02:26:E1:68:03:A7:91:74:40:C5:75:E6:83:4E:9F:
                                C0:A5:52:9C:02:20:79:C8:17:42:7F:5E:B4:96:B9:59:
                                C1:D0:38:0C:04:7E:25:C6:D3:87:CB:CF:C6:51:76:63:
                                25:0F:74:36:E8:28
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Apr 26 17:15:04.983 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:DE:B4:23:09:51:8A:02:7D:17:A2:3F:
                                32:BB:6C:32:4B:92:9D:4A:91:3C:4E:4E:D8:B4:4A:DD:
                                E7:63:01:51:AA:02:20:66:DA:26:2A:BD:45:BC:67:49:
                                25:0B:A6:86:88:9B:B1:07:4F:17:5D:CD:09:D6:EA:33:
                                88:2B:51:E9:C6:E8:01
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : Apr 26 17:15:04.982 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:51:7E:DF:C0:3F:B0:A4:37:25:AF:17:60:
                                65:BE:82:02:02:3B:37:40:6D:99:81:D1:7B:0B:3C:DF:
                                C8:D9:1D:B6:02:20:35:50:19:D2:4E:3B:A0:1D:00:49:
                                75:9E:66:ED:43:4B:F4:57:10:84:05:D1:8C:F6:54:2C:
                                BF:52:B9:FE:CE:7B
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        20:bf:af:ab:1e:b1:3a:3b:ae:d5:fe:0a:5b:35:83:a3:3b:bc:
        10:a5:19:35:c6:0e:32:49:a3:96:48:c9:2a:66:f7:c6:6e:98:
        5a:58:5d:e2:58:83:f9:0f:82:56:4f:2f:ce:00:be:61:19:53:
        5f:45:84:78:95:c4:fd:4e:43:64:00:43:9b:87:51:98:c4:36:
        df:bc:9b:b8:7e:02:c5:42:6f:4e:4d:79:85:e3:0b:93:8e:a0:
        f7:b7:25:1b:87:a5:b5:21:d3:c4:7e:d9:80:25:2a:51:e0:3d:
        5c:7c:92:0f:de:a1:b5:32:a0:af:ea:04:8c:7c:cd:09:b7:87:
        9e:e8:53:09:a9:fc:5c:9a:90:19:b7:4a:77:10:74:67:04:27:
        a8:6c:67:76:f7:29:3d:2b:6d:b4:b0:56:97:02:e9:60:b4:51:
        62:4c:5a:99:04:4b:cf:28:fd:a3:de:33:bc:18:13:0f:4e:80:
        72:df:c7:ae:e8:91:a8:a6:7f:a9:6d:bf:42:45:52:f2:6e:93:
        14:74:f8:fe:ce:5d:f4:f6:10:e9:f3:d7:63:a0:e0:85:08:93:
        16:b6:d1:6d:69:05:39:64:fc:c7:56:b0:a6:8f:76:fb:f5:38:
        b6:6d:30:13:70:2b:a1:a6:51:dc:1a:4d:02:94:fd:a3:1d:32:
        1f:99:2d:43

52.23.40.199

Last Seen: 2025-01-19

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

474206066 | 2025-01-08T08:41:32.785801
80 / tcp

Apache httpd2.4.41

867821598 | 2025-01-19T11:44:20.773042
443 / tcp

Apache httpd2.4.41

Products

Pricing

Contact Us

52.23.40.199

Last Seen: 2025-01-19

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities All ports Port 80 Port 443 Latest CVSS

OpenPorts

474206066 | 2025-01-08T08:41:32.785801 80 / tcp

Apache httpd2.4.41

867821598 | 2025-01-19T11:44:20.773042 443 / tcp

Apache httpd2.4.41

Products

Pricing

Contact Us

Vulnerabilities

474206066 | 2025-01-08T08:41:32.785801
80 / tcp

867821598 | 2025-01-19T11:44:20.773042
443 / tcp