GeneralInformation

Hostnames	ec2-54-156-149-142.compute-1.amazonaws.com search.qa.tenet.io
Domains	amazonaws.com tenet.io
Cloud Provider	Amazon
Cloud Region	us-east-1
Cloud Service	EC2
Country	United States
City	Ashburn
Organization	Amazon Technologies Inc.
ISP	Amazon.com, Inc.
ASN	AS14618

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2023(1)

CVE-2023-44487

7.5The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

2021(2)

CVE-2021-23017

7.7A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

CVE-2021-3618

7.4ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.

OpenPorts

80 443

80 / tcp

-323826074 | 2025-03-07T01:20:25.336087

Hashes

hash

1611797

http.dom_hash

-2119362489

http.favicon.hash

1148216173

http.html_hash

-323826074

http.server_hash

-1786963686

http.title_hash

-840246519

GsAng

HTTP/1.1 200 OK
Date: Fri, 07 Mar 2025 01:20:25 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 720
Connection: keep-alive
Server: nginx/1.18.0
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept,Authorization
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 29 Oct 2020 07:22:48 GMT
ETag: W/"2d0-175733cd540"

Vulnerabilities

443 / tcp

1658609525 | 2025-03-16T21:18:21.850604

Hashes

hash

-967722247

http.dom_hash

2002003367

http.favicon.hash

869787625

http.html_hash

1658609525

http.robots_hash

864332182

http.title_hash

-1326109835

Mini-dashboard | Meilisearch

HTTP/1.1 200 OK
Date: Sun, 16 Mar 2025 21:18:21 GMT
Content-Type: text/html
Content-Length: 612
Connection: keep-alive
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:68:5f:3e:dd:07:01:4c:87:7b:67:80:f2:42:1f:f2
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Amazon, CN=Amazon RSA 2048 M03
        Validity
            Not Before: Jan 12 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2026 GMT
        Subject: CN=search.qa.tenet.io
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:d4:93:a7:2b:97:6d:2f:b1:49:cf:ac:89:ca:c1:
                    0d:ca:62:9b:ef:a2:dc:7d:e6:0f:8a:3b:10:2f:b0:
                    89:a0:a7:4c:ca:d7:e1:5f:54:96:a7:8b:e8:0d:68:
                    46:f0:02:15:8f:6e:7f:8d:4f:8e:5b:f4:bf:28:c7:
                    58:c0:ec:3d:7a:de:37:5c:27:3f:98:ef:1a:54:b0:
                    85:6e:58:e0:0a:70:72:d2:50:9b:02:c3:46:15:ec:
                    37:3b:63:f6:80:b1:6e:d1:db:4c:18:f0:49:56:18:
                    cc:fc:68:0e:08:97:10:0b:e3:62:f7:0d:8b:46:76:
                    c8:63:dc:2e:94:cc:bf:a3:cb:ef:7d:fa:67:e5:85:
                    fa:9c:86:78:9a:fb:60:6e:a5:8a:b8:b4:c5:52:b8:
                    cf:06:e5:8d:ed:fb:9a:34:a2:2f:d6:a5:88:7d:1b:
                    93:2f:5c:19:f6:67:94:08:43:39:6c:f2:f5:2a:ee:
                    74:86:5a:2a:58:69:6a:fc:d0:d3:91:0e:13:62:ec:
                    3d:fe:74:6c:b1:39:19:85:b5:37:73:5c:75:78:de:
                    f0:c5:b3:1b:70:af:fc:58:67:b8:f0:1c:d4:be:e9:
                    e5:5d:52:47:33:1d:20:fe:80:58:be:ab:61:64:52:
                    75:99:3c:9a:27:91:38:3c:e2:03:27:61:40:20:2e:
                    3f:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                55:D9:18:5F:D2:1C:CC:01:E1:58:B4:BE:AB:D9:55:42:01:D7:2E:02
            X509v3 Subject Key Identifier: 
                B2:1B:B1:A0:AF:9E:3E:FB:EB:9E:84:D5:2D:AB:B8:59:D6:C9:5A:E0
            X509v3 Subject Alternative Name: 
                DNS:search.qa.tenet.io
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.r2m03.amazontrust.com/r2m03.crl
            Authority Information Access: 
                OCSP - URI:http://ocsp.r2m03.amazontrust.com
                CA Issuers - URI:http://crt.r2m03.amazontrust.com/r2m03.cer
            X509v3 Basic Constraints: critical
                CA:FALSE
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 0E:57:94:BC:F3:AE:A9:3E:33:1B:2C:99:07:B3:F7:90:
                                DF:9B:C2:3D:71:32:25:DD:21:A9:25:AC:61:C5:4E:21
                    Timestamp : Jan 12 04:09:51.049 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:DD:98:E5:5C:9B:98:04:B3:22:DB:56:
                                3E:E9:4D:B0:78:13:8C:2E:C3:C1:73:B9:FD:EF:99:2A:
                                43:80:2F:C1:6D:02:20:6A:30:12:66:77:FF:A3:20:47:
                                2D:39:35:C3:72:24:C2:F7:BD:9C:D1:9C:0E:34:FB:00:
                                F9:98:95:96:6E:88:A2
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 64:11:C4:6C:A4:12:EC:A7:89:1C:A2:02:2E:00:BC:AB:
                                4F:28:07:D4:1E:35:27:AB:EA:FE:D5:03:C9:7D:CD:F0
                    Timestamp : Jan 12 04:09:51.041 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:64:56:85:33:34:69:08:D0:BE:33:60:24:
                                57:D7:56:DB:1F:41:F8:C9:DF:EE:9B:0F:80:1E:9A:AE:
                                93:5F:18:15:02:21:00:CC:0D:E8:EB:B2:87:F3:CA:74:
                                40:92:32:D6:6D:FD:9E:E5:87:77:8C:61:4B:C9:BB:78:
                                E9:ED:0B:B3:51:AB:1B
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 49:9C:9B:69:DE:1D:7C:EC:FC:36:DE:CD:87:64:A6:B8:
                                5B:AF:0A:87:80:19:D1:55:52:FB:E9:EB:29:DD:F8:C3
                    Timestamp : Jan 12 04:09:51.060 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:6A:DD:09:5A:29:B3:FE:85:90:44:46:86:
                                B3:9B:9A:61:2E:10:AB:C1:8B:1D:99:2A:20:3C:65:66:
                                F0:3B:25:98:02:20:0A:A1:6A:03:DE:D8:81:0F:30:0A:
                                0C:CE:A3:56:4B:9B:0F:55:C7:7E:D1:5B:82:EA:98:E1:
                                02:09:ED:6E:6F:CE
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        0d:7c:e5:22:66:a7:04:b4:2d:48:ea:ef:8b:88:b7:5a:e7:0d:
        d0:d1:ab:20:92:2c:69:69:cc:27:4e:fd:08:31:a2:4b:23:f8:
        b6:c9:14:1e:41:8f:33:a2:96:49:a8:6b:02:3b:ec:aa:7b:8c:
        d2:fb:c3:cc:a4:8a:43:90:92:4d:8e:ec:c3:ca:72:6f:bf:95:
        af:f4:41:57:3a:38:01:60:21:bd:c3:ac:d7:39:2a:f8:4c:22:
        ae:27:ae:1a:9c:cb:37:47:ce:30:07:81:65:93:00:37:2e:c0:
        8d:b3:bf:e8:78:20:38:a5:de:20:05:9d:e9:0e:e8:be:a6:ec:
        92:52:c1:de:8a:d1:39:53:16:c5:9c:d5:e7:c8:92:31:70:66:
        ea:05:1d:9f:4c:69:b4:6a:5b:e4:8f:c6:1e:2e:2c:27:fc:7b:
        6e:af:f8:cf:d3:c7:2b:c8:9e:ea:db:07:be:fe:ba:ec:1a:36:
        e4:32:22:1a:4c:d9:38:4c:fc:59:3d:dd:54:86:bc:0f:ea:d1:
        76:33:b6:a3:ed:50:91:b3:3a:fb:21:16:6e:b2:81:32:94:a6:
        70:b6:10:aa:88:24:40:1b:04:28:4b:75:33:ca:5b:51:cc:8c:
        b9:2a:f2:d1:aa:76:97:ea:ac:56:79:61:b9:4c:0d:ee:6d:ce:
        d5:8c:94:14

54.156.149.142

Last Seen: 2025-03-16

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

80 / tcp

-323826074 | 2025-03-07T01:20:25.336087

Hashes

nginx1.18.0

443 / tcp

1658609525 | 2025-03-16T21:18:21.850604

Hashes

Products

Pricing

Contact Us

54.156.149.142

Last Seen: 2025-03-16

Tags:

GeneralInformation

Vulnerabilities All ports Port 80 Latest CVSS

OpenPorts

80 / tcp -323826074 | 2025-03-07T01:20:25.336087

Hashes

nginx1.18.0

443 / tcp 1658609525 | 2025-03-16T21:18:21.850604

Hashes

Products

Pricing

Contact Us

Vulnerabilities

80 / tcp

-323826074 | 2025-03-07T01:20:25.336087

443 / tcp

1658609525 | 2025-03-16T21:18:21.850604