GeneralInformation

Hostnames	ec2-54-216-184-213.eu-west-1.compute.amazonaws.com efatt.ranocchi.it
Domains	amazonaws.com ranocchi.it
Cloud Provider	Amazon
Cloud Region	eu-west-1
Cloud Service	EC2
Country	Ireland
City	Dublin
Organization	Amazon.com, Inc.
ISP	Amazon.com, Inc.
ASN	AS16509

WebTechnologies

Editors

Summernote

JavaScript frameworks

AngularJS1.5.7

JavaScript graphics

JavaScript libraries

SweetAlert

UI frameworks

Bootstrap3

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2024

CVE-2024-21490

7.5This affects versions of the package angular from 1.3.0. A regular expression used to split the value of the ng-srcset directive is vulnerable to super-linear runtime due to backtracking. With large carefully-crafted input, this can result in catastrophic backtracking and cause a denial of service. **Note:** This package is EOL and will not receive any updates to address this issue. Users should migrate to [@angular/core](https://www.npmjs.com/package/@angular/core).

CVE-2024-8373

4.8Improper sanitization of the value of the [srcset] attribute in <source> HTML elements in AngularJS allows attackers to bypass common image source restrictions, which can also lead to a form of Content Spoofing https://owasp.org/www-community/attacks/Content_Spoofing . This issue affects all versions of AngularJS. Note: The AngularJS project is End-of-Life and will not receive any updates to address this issue. For more information see here https://docs.angularjs.org/misc/version-support-status .

CVE-2024-8372

4.8Improper sanitization of the value of the '[srcset]' attribute in AngularJS allows attackers to bypass common image source restrictions, which can also lead to a form of Content Spoofing https://owasp.org/www-community/attacks/Content_Spoofing . This issue affects AngularJS versions 1.3.0-rc.4 and greater. Note: The AngularJS project is End-of-Life and will not receive any updates to address this issue. For more information see here https://docs.angularjs.org/misc/version-support-status .

2020

CVE-2020-7676

5.4angular.js prior to 1.8.0 allows cross site scripting. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping "<option>" elements in "<select>" ones changes parsing behavior, leading to possibly unsanitizing code.

2019

CVE-2019-10768

7.5In AngularJS before 1.7.9 the function `merge()` could be tricked into adding or modifying properties of `Object.prototype` using a `__proto__` payload.

OpenPorts

80 443

80 / tcp

1949896279 | 2025-02-21T10:53:59.963097

Hashes

hash

-634597352

http.dom_hash

-2060582466

http.html_hash

1949896279

http.server_hash

-982608622

http.title_hash

1522695184

301 Moved Permanently

HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Fri, 21 Feb 2025 10:53:59 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://54.216.184.213:443/

443 / tcp

-1774995682 | 2025-02-28T06:08:44.922877

Hashes

hash

-1077740362

http.dom_hash

-893170740

http.html_hash

-1774995682

http.server_hash

869690771

http.title_hash

HTTP/1.1 200 OK
Date: Fri, 28 Feb 2025 06:08:44 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: AWSALB=o9Zm4PYB9eW1+CQe7kTJ/Lj5SbP6fNNsfiEUK+PXROQXEebgYyTM8+NdXlaXpPuBQtHUeKyI6gWgbZuEkl3BeHagijNrg4Q8iexBvx+G4XPxoiiXk8BZQPVdm+n9; Expires=Fri, 07 Mar 2025 06:08:44 GMT; Path=/
Set-Cookie: AWSALBCORS=o9Zm4PYB9eW1+CQe7kTJ/Lj5SbP6fNNsfiEUK+PXROQXEebgYyTM8+NdXlaXpPuBQtHUeKyI6gWgbZuEkl3BeHagijNrg4Q8iexBvx+G4XPxoiiXk8BZQPVdm+n9; Expires=Fri, 07 Mar 2025 06:08:44 GMT; Path=/; SameSite=None; Secure
Server: Apache
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
Vary: Accept-Encoding
Cache-Control: no-cache, no-store, must-revalidate,max-age=6
Pragma: no-cache
Expires: 0

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:86:42:07:85:81:c3:24:a1:1d:6b:38:5c:e3:cb:a9
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Amazon, CN=Amazon RSA 2048 M02
        Validity
            Not Before: Aug  1 00:00:00 2024 GMT
            Not After : Aug 29 23:59:59 2025 GMT
        Subject: CN=efatt.ranocchi.it
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:cd:15:52:5b:3d:69:01:d2:c2:45:9c:22:e4:e9:
                    ab:08:7c:da:8f:a3:3b:69:00:03:f2:08:58:4d:2e:
                    96:6e:2b:7e:95:cd:89:6d:ac:d1:92:6a:8a:30:a5:
                    c6:09:fd:15:85:ca:24:8e:7c:81:58:4c:38:30:c9:
                    7e:44:95:ed:0a:20:fd:03:9d:19:4f:6a:ec:e4:3d:
                    49:1b:a0:83:bd:d8:74:ed:24:98:d7:2c:c8:ee:e3:
                    0d:8c:f3:31:a0:08:94:96:b5:ed:44:bc:e6:41:68:
                    5b:95:5b:b4:93:c6:70:ce:bb:1f:9e:b1:96:19:c4:
                    e4:b4:c4:f3:54:07:cc:8f:bc:14:4e:c4:03:a8:45:
                    2a:f1:c0:0d:50:eb:80:ed:9d:1f:6f:6f:0e:5f:7e:
                    21:20:e0:8f:c1:54:65:ce:fa:07:b0:41:1b:94:48:
                    ab:db:f8:f8:b4:11:8d:74:bc:f8:ca:a5:02:19:61:
                    56:fd:76:5c:6a:28:99:f4:1a:0b:18:bd:43:4f:0a:
                    ab:57:f1:d4:00:d7:5a:a1:c9:7f:e3:38:b6:6e:47:
                    ec:65:f0:f3:9a:91:5f:d1:2f:bd:48:f3:aa:7b:51:
                    44:79:be:b0:b4:9e:87:b6:ca:1d:99:74:18:4f:63:
                    ef:85:18:38:45:6e:5d:6c:de:de:67:02:80:67:38:
                    2f:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                C0:31:52:CD:5A:50:C3:82:7C:74:71:CE:CB:E9:9C:F9:7A:EB:82:E2
            X509v3 Subject Key Identifier: 
                85:0A:BD:7D:9B:6D:99:84:78:9B:B3:E3:33:DF:60:DD:29:4F:CD:AE
            X509v3 Subject Alternative Name: 
                DNS:efatt.ranocchi.it
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.r2m02.amazontrust.com/r2m02.crl
            Authority Information Access: 
                OCSP - URI:http://ocsp.r2m02.amazontrust.com
                CA Issuers - URI:http://crt.r2m02.amazontrust.com/r2m02.cer
            X509v3 Basic Constraints: critical
                CA:FALSE
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DD:DC:CA:34:95:D7:E1:16:05:E7:95:32:FA:C7:9F:F8:
                                3D:1C:50:DF:DB:00:3A:14:12:76:0A:2C:AC:BB:C8:2A
                    Timestamp : Aug  1 01:35:01.715 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:AD:0A:70:2C:1A:BF:37:45:27:3C:E4:
                                D7:AB:1F:BF:64:8E:72:34:6C:E0:7B:F6:C7:71:47:39:
                                45:F7:66:3B:EE:02:21:00:BC:F9:C9:16:30:D2:41:71:
                                BD:2B:BB:CE:90:41:F6:14:93:9A:BE:8D:69:FE:C2:60:
                                C6:8C:82:1E:A5:88:BC:2E
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 7D:59:1E:12:E1:78:2A:7B:1C:61:67:7C:5E:FD:F8:D0:
                                87:5C:14:A0:4E:95:9E:B9:03:2F:D9:0E:8C:2E:79:B8
                    Timestamp : Aug  1 01:35:01.648 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:21:25:D8:2A:6C:77:65:78:48:DD:18:4D:
                                14:57:EB:B6:01:B5:29:88:1A:9A:9A:31:DB:F2:45:E6:
                                EF:D4:79:D4:02:20:56:2D:15:62:8C:6E:0A:6C:72:EF:
                                F0:9E:05:2F:E0:BC:2C:DB:94:E3:A7:12:A0:B7:AE:8F:
                                73:D6:B5:E2:CE:E7
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : E6:D2:31:63:40:77:8C:C1:10:41:06:D7:71:B9:CE:C1:
                                D2:40:F6:96:84:86:FB:BA:87:32:1D:FD:1E:37:8E:50
                    Timestamp : Aug  1 01:35:01.670 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:0B:8C:3D:43:1F:D7:FA:11:9F:0D:3C:08:
                                0C:78:51:BA:C3:EF:B0:48:79:ED:43:16:1C:DE:0E:F5:
                                53:71:BE:88:02:21:00:D9:4B:80:1A:EA:8A:7B:80:55:
                                33:67:8C:6F:98:E9:69:B9:0C:E0:92:81:83:60:22:EC:
                                91:C7:72:CE:47:EB:96
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        05:62:49:b3:f0:75:cb:93:d9:14:31:0f:c6:57:55:64:c3:ca:
        b0:28:4a:f7:58:51:8d:ba:f9:49:aa:94:25:db:cf:05:56:11:
        ca:18:e8:86:db:58:07:1c:5e:e6:52:a7:f8:3e:c6:00:2c:ab:
        01:74:9e:8d:72:7c:20:79:4c:a5:27:4c:15:30:ad:0a:ed:d8:
        94:58:5d:e5:29:32:32:13:33:1f:a6:cd:c4:fb:70:5d:8f:af:
        6a:8a:0e:99:d4:aa:09:b4:e1:f9:40:b3:44:1c:53:74:b5:86:
        86:7e:4e:bd:e7:1d:5b:3c:4d:f2:d9:3c:3b:5e:b3:ff:b6:d2:
        b1:dd:e4:0b:e8:21:05:46:98:8b:84:49:be:83:fe:f9:72:d4:
        1d:0d:d5:55:19:50:79:fb:63:17:fb:6c:1e:f5:c8:a6:0a:17:
        12:8e:9f:be:1a:92:29:2a:50:48:f6:65:4b:57:32:60:1e:76:
        94:97:24:74:dc:ff:de:af:25:b4:e7:f0:02:b2:db:95:31:9e:
        c1:2b:ac:37:75:22:38:37:77:c2:22:21:4a:e7:f0:fa:ef:8e:
        37:ef:0a:d1:f3:f8:5e:b7:1e:81:3f:6c:1f:85:9b:60:34:de:
        9d:20:a3:02:bb:0c:a2:a7:6d:e1:bb:7e:38:0e:1c:c7:4e:b7:
        09:13:45:33

CVE-2024-21490 CVE-2019-10768 CVE-2024-8373 CVE-2024-8372 CVE-2020-7676

54.216.184.213

Last Seen: 2025-02-28

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

80 / tcp

1949896279 | 2025-02-21T10:53:59.963097

Hashes

AWS ELB2.0

443 / tcp

-1774995682 | 2025-02-28T06:08:44.922877

Hashes

Products

Pricing

Contact Us

54.216.184.213

Last Seen: 2025-02-28

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities All ports Port 443 Latest CVSS

OpenPorts

80 / tcp 1949896279 | 2025-02-21T10:53:59.963097

Hashes

AWS ELB2.0

443 / tcp -1774995682 | 2025-02-28T06:08:44.922877

Hashes

Products

Pricing

Contact Us

Vulnerabilities

80 / tcp

1949896279 | 2025-02-21T10:53:59.963097

443 / tcp

-1774995682 | 2025-02-28T06:08:44.922877