GeneralInformation

Hostnames	li1535-149.members.linode.com payments.orderwise.co.uk
Domains	linode.com orderwise.co.uk
Cloud Provider	Linode
Cloud Region	gb-eng
Country	United Kingdom
City	London
Organization	139.162.0.0/16
ISP	Akamai Connected Cloud
ASN	AS63949
Operating System	Ubuntu

WebTechnologies

CDN

JavaScript libraries

UI frameworks

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	7.5The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	7.4ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	7.7A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
CVE-2019-9516	7.5Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. The attacker sends a stream of headers with a 0-length header name and 0-length header value, optionally Huffman encoded into 1-byte or greater headers. Some implementations allocate memory for these headers and keep the allocation alive until the session dies. This can consume excess memory.
CVE-2019-9513	7.5Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU.
CVE-2019-9511	7.5Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.
CVE-2019-20372	5.3NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.

OpenPorts

21 22 80 443

906388357 | 2024-04-13T13:48:12.532632

21 / tcp

220 (vsFTPd 3.0.3)
530 Login incorrect.
530 Please login with USER and PASS.
211-Features:
 EPRT
 EPSV
 MDTM
 PASV
 REST STREAM
 SIZE
 TVFS
211 End

-1617602182 | 2024-04-21T08:25:31.930481

22 / tcp

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.5
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABAQCt2G84kYxEcxaofxS0gdNho0703Tv0OBTQ4xUSywCZEO6T
geM9MuKohf7cITh/HpI2V9CUVw411W/AZ6ht7shH8+Ik397IHcwz5PfpvlEn1SacB17jA3KV5R92
1e/wHGHLn0QsPqARMRXAQfl+kM58LbFsNfj5YIaCaaoSTfD5D1gS5xweagq0se+Q1IAp0npZELAw
39eAJ/lTmvvVPYeXvw+apK/EtuD5x6/3sBqL3x5pzYQmyNldgKHQH2zFtLHYPzrsnckd+6LV2c5r
0kcVssxP/Myq/3ZSLyw2FRZ3m0tEh2AD+j3jD9fsh7DHZZ7aGY+foB3BUx6RVeDze5dz
Fingerprint: a7:ae:f2:d5:56:e7:4a:5a:bd:bb:8e:2a:6d:27:c9:38

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	diffie-hellman-group14-sha1

Server Host Key Algorithms:
	ssh-rsa
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

-1267269502 | 2024-04-17T01:03:10.604412

80 / tcp

HTTP/1.1 404 Not Found
Server: nginx/1.15.6
Date: Wed, 17 Apr 2024 01:03:10 GMT
Content-Type: text/html
Content-Length: 555
Connection: keep-alive
Vary: Accept-Encoding

-1402379673 | 2024-04-19T04:31:13.941128

443 / tcp

HTTP/1.1 404 Not Found
Server: nginx/1.15.6
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
date: Fri, 19 Apr 2024 04:31:04 GMT

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:4a:4f:40:17:e2:9d:85:91:78:a0:08:48:15:30:fd:f0:32
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Mar  8 00:59:13 2024 GMT
            Not After : Jun  6 00:59:12 2024 GMT
        Subject: CN=payments.orderwise.co.uk
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (384 bit)
                pub:
                    04:61:74:8f:f4:ff:f3:15:7a:e4:78:28:a7:fe:89:
                    32:f8:54:4f:83:f0:d1:2b:8c:4f:0f:64:75:40:51:
                    91:2e:cb:08:16:f0:e3:a8:b5:e9:1b:43:0e:c0:6e:
                    78:b6:f7:75:d6:64:27:55:5d:79:8a:3b:1a:62:74:
                    c3:89:40:bf:49:1d:b4:b5:59:e0:3b:15:d0:6f:87:
                    41:6e:52:0b:47:13:85:b5:a3:60:b4:8c:29:d4:01:
                    01:91:b2:33:52:14:1d
                ASN1 OID: secp384r1
                NIST CURVE: P-384
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                E1:74:0C:25:2F:8E:52:71:43:59:3C:AE:94:DE:B5:5E:45:4A:F3:84
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:payments.orderwise.co.uk
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
                                67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
                    Timestamp : Mar  8 01:59:13.671 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:83:19:C9:28:4A:30:1D:42:AA:68:1C:
                                5A:A7:7C:24:D1:1A:78:C0:13:80:E5:7F:24:31:1D:E4:
                                31:CF:AB:2F:E7:02:21:00:DE:64:65:ED:34:9E:B6:90:
                                59:DE:EA:D5:39:4F:0A:96:33:97:A5:DE:B7:19:5E:E0:
                                6D:3C:84:B5:8C:33:10:E8
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Mar  8 01:59:13.690 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:DF:2D:D9:DE:7B:D6:6F:47:C8:04:2B:
                                E3:59:14:10:44:1F:ED:D8:23:AC:C5:FD:1A:FE:33:AC:
                                29:78:DF:F1:C7:02:20:71:F3:E6:CE:F8:43:54:9A:18:
                                84:58:5B:9F:15:45:71:5B:0C:4D:79:E4:69:36:B5:81:
                                D4:0C:CC:18:9A:23:CE
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        ae:05:6b:27:25:84:51:c2:5c:21:f1:c6:67:1d:f2:76:19:63:
        c5:f9:b9:f0:58:6c:5a:4a:22:2a:42:89:15:c8:03:ad:34:31:
        03:2a:f2:47:d6:c8:f8:c7:bc:00:7c:f6:f0:78:04:26:3e:da:
        fa:93:c8:5c:e0:0b:d0:f3:ed:58:b8:89:e6:21:ed:7c:52:14:
        46:58:24:da:9e:75:36:f8:51:fe:f5:d4:0e:ef:9e:fe:a2:43:
        8d:81:b6:ba:e1:eb:d8:88:d8:3a:16:23:fa:27:d7:56:41:09:
        23:84:ee:04:15:7a:70:8d:30:18:98:53:b1:00:72:d8:62:59:
        2d:17:a1:55:b4:24:f6:ba:1d:d9:3b:75:a4:c9:0c:8b:7f:6d:
        0e:eb:d3:de:55:6e:95:ca:51:d9:20:96:b1:d5:a1:e4:6c:dc:
        50:a4:e5:1d:57:1c:d3:e7:8d:39:d6:c6:3e:dd:ba:fc:d1:a7:
        9d:9d:0f:f2:80:64:15:dc:53:d8:2a:60:cc:fa:c1:d6:a6:b6:
        b3:38:ca:ce:fe:ff:9f:d0:da:6e:8d:05:76:d6:65:bc:02:3d:
        44:6b:67:40:67:ea:70:0a:c2:6a:1a:bb:ad:a7:0b:3a:09:7d:
        74:9a:3d:e0:f1:c7:94:77:0c:9c:44:00:b5:e2:ca:6e:94:88:
        aa:4f:dd:08

139.162.250.149

Last Seen: 2024-04-21

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

906388357 | 2024-04-13T13:48:12.532632
21 / tcp

-1617602182 | 2024-04-21T08:25:31.930481
22 / tcp

OpenSSH7.6p1 Ubuntu-4ubuntu0.5

-1267269502 | 2024-04-17T01:03:10.604412
80 / tcp

nginx1.15.6

-1402379673 | 2024-04-19T04:31:13.941128
443 / tcp

nginx1.15.6

Products

Pricing

Contact Us

139.162.250.149

Last Seen: 2024-04-21

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

906388357 | 2024-04-13T13:48:12.532632 21 / tcp

-1617602182 | 2024-04-21T08:25:31.930481 22 / tcp

OpenSSH7.6p1 Ubuntu-4ubuntu0.5

-1267269502 | 2024-04-17T01:03:10.604412 80 / tcp

nginx1.15.6

-1402379673 | 2024-04-19T04:31:13.941128 443 / tcp

nginx1.15.6

Products

Pricing

Contact Us

906388357 | 2024-04-13T13:48:12.532632
21 / tcp

-1617602182 | 2024-04-21T08:25:31.930481
22 / tcp

-1267269502 | 2024-04-17T01:03:10.604412
80 / tcp

-1402379673 | 2024-04-19T04:31:13.941128
443 / tcp