GeneralInformation

Hostnames	139-162-201-80.ip.linodeusercontent.com addons.xxvdv.cc
Domains	linodeusercontent.com xxvdv.cc
Cloud Provider	Linode
Cloud Region	gb-eng
Country	United Kingdom
City	London
Organization	139.162.0.0/16
ISP	Akamai Connected Cloud
ASN	AS63949

WebTechnologies

JavaScript libraries

jQuery

jQuery Migrate

Security

reCAPTCHA

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-5824	Squid is vulnerable to Denial of Service attack against HTTP and HTTPS clients due to an Improper Handling of Structural Elements bug.
CVE-2023-50269	Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1 through 5.9, and versions 6.0.1 through 6.5, Squid may be vulnerable to a Denial of Service attack against HTTP Request parsing. This problem allows a remote client to perform Denial of Service attack by sending a large X-Forwarded-For header when the follow_x_forwarded_for feature is configured. This bug is fixed by Squid version 6.6. In addition, patches addressing this problem for the stable releases can be found in Squid's patch archives.
CVE-2023-49288	Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Affected versions of squid are subject to a a Use-After-Free bug which can lead to a Denial of Service attack via collapsed forwarding. All versions of Squid from 3.5 up to and including 5.9 configured with "collapsed_forwarding on" are vulnerable. Configurations with "collapsed_forwarding off" or without a "collapsed_forwarding" directive are not vulnerable. This bug is fixed by Squid version 6.0.1. Users are advised to upgrade. Users unable to upgrade should remove all collapsed_forwarding lines from their squid.conf.
CVE-2023-49286	Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a Denial of Service attack against its Helper process management. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2023-49285	Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack against Squid HTTP Message processing. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2023-46847	Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication.
CVE-2023-46846	SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems.
CVE-2023-46728	Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a NULL pointer dereference bug Squid is vulnerable to a Denial of Service attack against Squid's Gopher gateway. The gopher protocol is always available and enabled in Squid prior to Squid 6.0.1. Responses triggering this bug are possible to be received from any gopher server, even those without malicious intent. Gopher support has been removed in Squid version 6.0.1. Users are advised to upgrade. Users unable to upgrade should reject all gopher URL requests.
CVE-2023-46724	Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using `--with-openssl` are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a remote server to perform Denial of Service against Squid Proxy by initiating a TLS Handshake with a specially crafted SSL Certificate in a server certificate chain. This attack is limited to HTTPS and SSL-Bump. This bug is fixed in Squid version 6.4. In addition, patches addressing this problem for the stable releases can be found in Squid's patch archives. Those who you use a prepackaged version of Squid should refer to the package vendor for availability information on updated packages.
CVE-2023-3824	In PHP version 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE.
CVE-2023-3823	In PHP versions 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8 various XML functions rely on libxml global state to track configuration variables, like whether external entities are loaded. This state is assumed to be unchanged unless the user explicitly changes it by calling appropriate function. However, since the state is process-global, other modules - such as ImageMagick - may also use this library within the same process, and change that global state for their internal purposes, and leave it in a state where external entities loading is enabled. This can lead to the situation where external XML is parsed with external entities loaded, which can lead to disclosure of any local files accessible to PHP. This vulnerable state may persist in the same process across many requests, until the process is shut down.
CVE-2023-3247	In PHP versions 8.0.* before 8.0.29, 8.1.* before 8.1.20, 8.2.* before 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was not checked for failure, and was using narrower range of values than it should have. In case of random generator failure, it could lead to a disclosure of 31 bits of uninitialized memory from the client to the server, and it also made easier to a malicious server to guess the client's nonce.
CVE-2022-41318	A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication helpers are vulnerable to reading unintended memory locations. In some configurations, cleartext credentials from these locations are sent to a client. This is fixed in 5.7.
CVE-2022-41317	An issue was discovered in Squid 4.9 through 4.17 and 5.0.6 through 5.6. Due to inconsistent handling of internal URIs, there can be Exposure of Sensitive Information about clients using the proxy via an HTTPS request to an internal cache manager URL. This is fixed in 5.7.
CVE-2021-46784	In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses.
CVE-2021-33620	4.0Squid before 4.15 and 5.x before 5.0.6 allows remote servers to cause a denial of service (affecting availability to all clients) via an HTTP response. The issue trigger is a header that can be expected to exist in HTTP traffic without any malicious intent by the server.
CVE-2021-31808	4.0An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to an input-validation bug, it is vulnerable to a Denial of Service attack (against all clients using the proxy). A client sends an HTTP Range request to trigger this.
CVE-2021-31807	4.0An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. An integer overflow problem allows a remote server to achieve Denial of Service when delivering responses to HTTP Range requests. The issue trigger is a header that can be expected to exist in HTTP traffic without any malicious intent.
CVE-2021-31806	4.0An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a memory-management bug, it is vulnerable to a Denial of Service attack (against all clients using the proxy) via HTTP Range request processing.
CVE-2021-28662	4.3An issue was discovered in Squid 4.x before 4.15 and 5.x before 5.0.6. If a remote server sends a certain response header over HTTP or HTTPS, there is a denial of service. This header can plausibly occur in benign network traffic.
CVE-2021-28652	4.0An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to incorrect parser validation, it allows a Denial of Service attack against the Cache Manager API. This allows a trusted client to trigger memory leaks that. over time, lead to a Denial of Service via an unspecified short query string. This attack is limited to clients with Cache Manager API access privilege.
CVE-2021-28651	5.0An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a buffer-management bug, it allows a denial of service. When resolving a request with the urn: scheme, the parser leaks a small amount of memory. However, there is an unspecified attack methodology that can easily trigger a large amount of memory consumption.
CVE-2021-28116	4.3Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data. This can be leveraged as part of a chain for remote code execution as nobody.
CVE-2020-25097	5.0An issue was discovered in Squid through 4.13 and 5.x through 5.0.4. Due to improper input validation, it allows a trusted client to perform HTTP Request Smuggling and access services otherwise forbidden by the security controls. This occurs for certain uri_whitespace configuration settings.
CVE-2013-2220	7.5Buffer overflow in the radius_get_vendor_attr function in the Radius extension before 1.2.7 for PHP allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large Vendor Specific Attributes (VSA) length value.
CVE-2007-3205	5.0The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin.

OpenPorts

22 80 443 3128 3478 8008 8112

-1269889276 | 2024-05-14T22:14:21.235433

22 / tcp

SSH-2.0-OpenSSH_8.4p1 Debian-5+deb11u3
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQDgUcUfKOPaJ0UAs2+EVM5VDaDUSlK1tRjj4Jg7sbKhM7aU
2GlapE09rY9yNlnnmf2/a0AjG5/wNNyL95YKDfNP7IJHOPzF0nGMhJt2HYfsYkFPKtanj1vAuW3c
XGaA3mMnJmVInxfNhdg/Ga1je1RgMRQFx7eg6KdtYx/lP7rppQY9EpSkl5RQCJKhcG99+fz5FrJf
d2VM5cbdD04tDvXZUsV/h8rSHBaqNkjaXIqk9LRVfei/iu56c72QbVvhKHb/kku04R18hE0Wan8X
XCyZDBB1JSJfy0TwAPtw0drREn/w32XB245IFS9lAYaFE25phXTvg68X+BynmOSL+Q4WXKSSN4+0
jVavJpkyPJCHgNDYSOFSOG90M0w4H2UmDzLYhMuDYJUD9AkWEKISyjq7it/8uw6+av/sQ2z+8a9C
fSqCSvTitlt/SzgTa/4qzZpYaUbfcWJyStWNJS+FUJ7c3KqydMb74iLvMQFPUoZ9FW/01qLiWAL4
HAQ6PrHKbRs=
Fingerprint: 52:98:ef:16:4a:91:54:02:ee:53:62:54:f4:96:94:ed

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

-2090962452 | 2024-05-06T06:31:54.471414

80 / tcp

HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 06 May 2024 06:31:17 GMT
Content-Type: text/html
Content-Length: 548
Connection: keep-alive

-171534721 | 2024-05-13T14:25:13.094079

443 / tcp

HTTP/1.1 502 Bad Gateway
Server: nginx
Date: Mon, 13 May 2024 14:24:24 GMT
Content-Type: text/html
Content-Length: 552
Connection: keep-alive

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:61:e1:2b:2d:27:13:24:94:31:e1:f1:79:74:17:17:13:02
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Mar 24 20:58:25 2024 GMT
            Not After : Jun 22 20:58:24 2024 GMT
        Subject: CN=addons.xxvdv.cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:c5:c2:12:8d:60:77:e8:7c:7d:78:08:d3:37:ed:
                    99:f6:d2:51:bc:7f:89:c1:22:fb:98:c7:7e:f6:9a:
                    74:ff:76:b5:06:49:e8:6e:f1:64:5c:b5:20:ce:62:
                    a4:ba:0d:a0:22:db:b6:a2:ff:30:20:2b:c4:a0:8e:
                    6f:96:80:60:b3:d2:0f:f9:a3:05:dd:42:c2:a1:f5:
                    15:5f:5b:7b:1a:0b:9f:a9:da:22:af:57:7a:46:74:
                    2f:75:ca:e5:8c:c1:1c:1f:92:e3:73:a1:44:23:04:
                    1c:d2:f5:88:05:22:23:9f:1d:fb:55:7a:ef:6a:93:
                    f7:06:3f:09:84:6f:b6:62:aa:ee:10:47:20:44:55:
                    0d:f3:d2:ff:76:2f:dc:b7:2d:17:1b:27:d9:8a:06:
                    6e:70:89:e1:38:5c:23:dd:76:d6:4e:aa:5a:44:2c:
                    b9:65:99:d7:40:1c:0a:05:5a:eb:23:33:ef:5a:c1:
                    fc:d0:f5:09:0a:a8:05:b6:c5:21:3c:06:2c:23:a0:
                    4e:58:61:f2:aa:66:48:3c:61:d8:f2:25:3c:d0:c4:
                    91:ad:49:24:20:35:3d:b8:6a:55:81:2a:91:b1:17:
                    0c:ef:b9:b9:0a:3e:49:b8:ae:21:7d:c6:d6:d1:44:
                    af:d4:ee:5b:29:ce:d7:16:fc:f5:48:a4:60:dc:50:
                    08:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                3E:12:65:5D:5D:FB:30:F4:C4:55:17:56:68:13:5E:15:71:11:73:F6
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:addons.xxvdv.cc
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
                                67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
                    Timestamp : Mar 24 21:58:25.352 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:FC:8E:19:83:AE:D3:0F:AB:FD:7C:1B:
                                95:1D:46:A4:06:3C:43:38:1F:00:98:2D:34:C1:BF:85:
                                C7:2E:6F:08:7D:02:21:00:A6:7C:D2:84:E3:E4:C2:37:
                                06:7D:31:66:61:30:D5:2B:9D:CE:D6:1F:62:41:A1:9F:
                                B1:41:B8:EB:22:D1:C5:95
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E2:BF:D6:1E:DE:2F:2F:07:A0:D6:4E:6D:37:A7:DC:
                                65:43:B0:C6:B5:2E:A2:DA:B7:8A:F8:9A:6D:F5:17:D8
                    Timestamp : Mar 24 21:58:27.358 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:71:44:90:41:B9:6E:4C:C7:F8:24:F4:6A:
                                D5:89:83:71:1F:23:3D:50:CE:B9:95:03:36:2D:FF:62:
                                37:95:0F:1E:02:20:24:E6:54:7D:50:82:8E:E4:72:A0:
                                34:EE:DC:29:86:0A:D6:A9:63:21:23:E8:33:B4:06:E5:
                                FA:0E:2F:61:68:8C
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        35:90:f5:4a:fe:1d:6e:5e:45:ed:ff:eb:b0:a5:11:41:35:bd:
        c6:cc:4e:68:db:5a:ec:6f:b0:85:b2:01:53:85:3f:3a:09:9a:
        a4:00:77:0d:ec:f0:33:c1:bc:af:e9:41:8f:57:36:10:bb:c5:
        6d:41:9f:02:e5:d3:b5:85:c9:0f:0b:aa:c4:14:88:4e:fd:0e:
        a1:c0:7b:c5:c0:8d:69:a6:78:f0:54:f0:85:7a:29:3d:c0:9f:
        8c:a8:58:97:19:b8:32:03:d7:3e:f6:1c:8e:3d:10:e2:17:09:
        cf:5a:c6:f4:7c:43:d6:d4:d1:c1:d2:37:6d:b4:d9:95:da:7e:
        6a:23:15:eb:44:e6:c9:4b:10:9b:c3:92:40:1d:0f:76:44:29:
        1b:ed:fd:02:f8:56:5c:fe:9a:85:fd:f0:a2:a2:f6:81:f7:04:
        6f:1c:57:f7:da:7d:d3:01:97:e7:8b:b5:b5:a6:cc:49:d7:50:
        aa:d9:75:01:64:4e:1c:06:8d:52:63:ab:55:35:61:b9:82:c8:
        f4:93:09:ae:4c:7a:e4:95:97:55:5f:1f:73:91:f0:25:07:2d:
        3f:9f:95:da:a1:20:92:bb:0a:e7:c2:cc:4b:d1:01:a8:8a:2c:
        43:96:e5:b1:b1:51:b2:78:bc:b9:8b:82:87:72:43:36:40:e5:
        e2:33:05:59

1784394127 | 2024-05-15T16:29:01.555663

3128 / tcp

HTTP/1.1 400 Bad Request
Server: squid/4.13
Mime-Version: 1.0
Date: Wed, 15 May 2024 16:28:09 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 3507
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from localhost
X-Cache-Lookup: NONE from localhost:3128
Via: 1.1 localhost (squid/4.13)
Connection: close

2068607007 | 2024-05-12T00:37:57.954033

3478 / udp

STUN
Server IP: 139.162.201.80

-101123139 | 2024-05-13T07:26:15.372321

8008 / tcp

HTTP/1.1 200 OK
Server: Synapse/1.62.0
Date: Mon, 13 May 2024 07:25:27 GMT
X-Frame-Options: DENY
Content-Security-Policy: frame-ancestors 'none';
Accept-Ranges: bytes
Content-Length: 10168
Content-Type: text/html
Last-Modified: Tue, 05 Jul 2022 12:28:03 GMT

-914018184 | 2024-05-06T18:29:50.736302

8112 / tcp

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 May 2024 18:29:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.1.18
Set-Cookie: PHPSESSID=mv2tuojj9f6aquv1k40c50kvvi; path=/
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

139.162.201.80

Last Seen: 2024-05-15

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-1269889276 | 2024-05-14T22:14:21.235433
22 / tcp

OpenSSH8.4p1 Debian 5+deb11u3

-2090962452 | 2024-05-06T06:31:54.471414
80 / tcp

nginx

-171534721 | 2024-05-13T14:25:13.094079
443 / tcp

nginx

1784394127 | 2024-05-15T16:29:01.555663
3128 / tcp

Squid http proxy4.13

2068607007 | 2024-05-12T00:37:57.954033
3478 / udp

-101123139 | 2024-05-13T07:26:15.372321
8008 / tcp

-914018184 | 2024-05-06T18:29:50.736302
8112 / tcp

nginx

Products

Pricing

Contact Us

139.162.201.80

Last Seen: 2024-05-15

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-1269889276 | 2024-05-14T22:14:21.235433 22 / tcp

OpenSSH8.4p1 Debian 5+deb11u3

-2090962452 | 2024-05-06T06:31:54.471414 80 / tcp

nginx

-171534721 | 2024-05-13T14:25:13.094079 443 / tcp

nginx

1784394127 | 2024-05-15T16:29:01.555663 3128 / tcp

Squid http proxy4.13

2068607007 | 2024-05-12T00:37:57.954033 3478 / udp

-101123139 | 2024-05-13T07:26:15.372321 8008 / tcp

-914018184 | 2024-05-06T18:29:50.736302 8112 / tcp

nginx

Products

Pricing

Contact Us

-1269889276 | 2024-05-14T22:14:21.235433
22 / tcp

-2090962452 | 2024-05-06T06:31:54.471414
80 / tcp

-171534721 | 2024-05-13T14:25:13.094079
443 / tcp

1784394127 | 2024-05-15T16:29:01.555663
3128 / tcp

2068607007 | 2024-05-12T00:37:57.954033
3478 / udp

-101123139 | 2024-05-13T07:26:15.372321
8008 / tcp

-914018184 | 2024-05-06T18:29:50.736302
8112 / tcp