GeneralInformation

Hostnames	li1082-201.members.linode.com feedback.sweet.io
Domains	linode.com sweet.io
Cloud Provider	Linode
Cloud Region	us-ca
Country	United States
City	Fremont
Organization	Linode
ISP	Akamai Connected Cloud
ASN	AS63949
Operating System	Ubuntu

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
CVE-2019-9516	6.8Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. The attacker sends a stream of headers with a 0-length header name and 0-length header value, optionally Huffman encoded into 1-byte or greater headers. Some implementations allocate memory for these headers and keep the allocation alive until the session dies. This can consume excess memory.
CVE-2019-9513	7.8Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU.
CVE-2019-9511	7.8Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.
CVE-2019-20372	4.3NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.

OpenPorts

80 81 443 8000 8001 8888

367035927 | 2024-04-26T17:18:23.231340

80 / tcp

HTTP/1.1 200 OK
Server: nginx/1.15.9 (Ubuntu)
Date: Fri, 26 Apr 2024 17:18:23 GMT
Content-Type: text/html
Content-Length: 5459
Connection: keep-alive
Last-Modified: Fri, 07 Jan 2022 09:17:09 GMT
ETag: "61d80515-1553"
Accept-Ranges: bytes
Access-Control-Allow-Origin: https://custom.getacute.io
Access-Control-Allow-Credentials: true
Origin: https://custom.getacute.io

-1232306054 | 2024-05-18T18:19:34.481370

81 / tcp

HTTP/1.1 404 Not Found
Server: nginx/1.15.9 (Ubuntu)
Date: Sat, 18 May 2024 18:19:34 GMT
Content-Type: text/html
Content-Length: 564
Connection: keep-alive

367035927 | 2024-05-19T05:17:18.528403

443 / tcp

HTTP/1.1 200 OK
Server: nginx/1.15.9 (Ubuntu)
Date: Sun, 19 May 2024 05:17:18 GMT
Content-Type: text/html
Content-Length: 5459
Connection: keep-alive
Last-Modified: Fri, 07 Jan 2022 09:17:09 GMT
ETag: "61d80515-1553"
Accept-Ranges: bytes
Access-Control-Allow-Origin: https://custom.getacute.io
Access-Control-Allow-Credentials: true
Origin: https://custom.getacute.io

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:45:59:5d:a7:f2:1d:f5:a8:86:d9:66:9a:96:bc:28:9e:13
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Apr  2 15:08:42 2024 GMT
            Not After : Jul  1 15:08:41 2024 GMT
        Subject: CN=feedback.sweet.io
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:be:5f:d8:d8:d0:84:f4:2d:4c:02:ac:42:6b:cc:
                    7e:b9:9a:62:57:61:e2:fa:6b:05:79:69:06:25:cc:
                    10:65:fe:62:0a:70:71:81:30:e1:d8:ca:75:b2:43:
                    fa:13:6e:57:e7:86:51:7f:49:85:61:43:05:26:35:
                    43:d3:19:1b:6a:6a:95:d8:f1:89:96:1b:94:5d:41:
                    a2:80:7b:5d:a3:60:ef:97:08:47:eb:a3:a2:1c:cc:
                    3e:61:e7:df:d3:20:14:2f:b1:26:01:d1:31:e9:1a:
                    e8:6b:e2:b6:8d:fc:98:06:60:6e:6a:4b:b4:f8:ee:
                    f2:87:c2:98:0d:58:e3:e6:92:8a:1b:49:ff:95:3f:
                    63:1f:29:f9:10:d4:36:4f:62:53:7c:92:9e:f0:db:
                    07:6c:6e:69:5a:b7:c2:d3:ca:10:3c:7c:8f:4b:da:
                    50:ca:df:06:1d:5d:c6:e3:1a:8b:94:bd:80:17:77:
                    b2:fd:39:ff:f0:79:79:e4:d5:36:b3:74:79:b4:92:
                    f7:4a:68:95:5f:eb:3b:7b:d9:97:20:47:9e:e9:4f:
                    2d:d5:db:fa:f3:63:c5:aa:7c:d7:4d:d8:15:9c:40:
                    a3:58:8c:d4:6e:ad:e4:41:96:fa:90:e1:9c:af:f2:
                    05:b9:bf:97:cc:83:cb:02:b5:c2:5d:06:f1:af:ea:
                    b1:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                73:83:62:3A:A1:19:86:1D:21:69:91:BA:62:7E:B8:57:B0:35:7B:AD
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:feedback.sweet.io
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 19:98:10:71:09:F0:D6:52:2E:30:80:D2:9E:3F:64:BB:
                                83:6E:28:CC:F9:0F:52:8E:EE:DF:CE:4A:3F:16:B4:CA
                    Timestamp : Apr  2 16:08:42.984 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:BC:21:99:FE:08:51:C8:42:27:F6:93:
                                2B:F3:37:85:BD:6C:60:6C:49:D0:DE:77:40:5E:D2:2F:
                                78:33:3E:6E:95:02:20:70:6F:D6:92:51:F9:7B:9C:47:
                                80:6F:54:42:C3:04:BE:CC:FB:97:E4:B5:64:2E:85:F2:
                                CC:FC:0E:30:97:56:79
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
                                B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
                    Timestamp : Apr  2 16:08:42.982 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:E4:79:35:C2:7D:61:84:63:07:C2:55:
                                FD:25:89:04:A3:60:1E:3F:68:90:0C:8D:3B:20:D1:96:
                                8C:4D:E4:97:EC:02:20:23:11:D6:12:49:76:9F:2F:98:
                                CD:C5:B0:A9:11:5D:FB:43:46:03:C4:F5:D8:BA:1B:70:
                                F1:60:FD:5A:35:CB:2D
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        09:61:6a:fe:b9:8f:31:36:44:e2:af:48:1c:13:77:35:7c:fa:
        59:e8:e7:f8:02:a3:5b:f0:02:ea:76:4c:c5:ab:aa:49:9c:a0:
        5a:5a:0c:0f:f9:4d:46:b6:6c:a3:9b:dd:26:15:33:5c:53:63:
        18:a3:1f:93:8e:ba:ae:ff:65:24:6e:bb:6d:21:8e:ad:9f:d0:
        a5:e9:01:12:40:12:b4:b6:6c:7f:c2:c4:6d:97:bb:67:02:c8:
        28:c0:8f:66:14:d8:46:fd:89:22:22:e3:ee:7d:65:0e:51:ce:
        86:ca:7a:95:84:90:3c:5a:dd:27:2b:f9:65:84:d4:32:0f:03:
        f8:72:59:c1:8f:5b:2a:32:ef:19:54:c4:64:d2:fd:eb:5b:73:
        8e:49:bd:43:8d:21:89:ca:ff:a8:b5:3f:6a:53:e8:7b:e2:a5:
        e1:b6:c8:93:13:a7:08:28:c0:e0:5d:05:a5:23:d5:ce:ba:ad:
        06:ed:b2:ef:f1:41:af:06:cd:96:7d:d4:fb:d0:eb:2e:59:02:
        3b:36:50:75:2d:24:8e:33:29:53:6e:ed:23:f2:e5:b7:6c:e7:
        27:5c:1a:fc:1e:75:af:58:a0:1f:03:6b:46:6e:89:4f:16:43:
        a4:3d:61:e6:c4:43:f8:08:d5:e1:de:ae:d1:81:27:60:40:f2:
        02:85:84:0d

-1790471025 | 2024-05-16T17:53:10.503644

8000 / tcp

HTTP/1.1 200 OK
X-Powered-By: Express
Content-Type: application/json; charset=utf-8
Content-Length: 815
ETag: W/"32f-M+LJMrDjguEpKIP4rXzngpPuRiQ"
Vary: Accept-Encoding
Date: Thu, 16 May 2024 17:53:10 GMT
Connection: keep-alive

-723936098 | 2024-05-04T08:16:36.342138

8001 / tcp

HTTP/1.1 200 OK
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 31 Mar 2020 09:40:09 GMT
ETag: W/"130-1712ff667e2"
Content-Type: text/html; charset=UTF-8
Content-Length: 304
Date: Sat, 04 May 2024 08:16:36 GMT
Connection: keep-alive

-1080725621 | 2024-05-13T23:34:30.876614

8888 / tcp

HTTP/1.1 500 Internal Server Error
X-Powered-By: Express
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
Content-Length: 148
Date: Mon, 13 May 2024 23:34:30 GMT
Connection: keep-alive

45.33.63.201

Last Seen: 2024-05-19

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

367035927 | 2024-04-26T17:18:23.231340
80 / tcp

nginx1.15.9

-1232306054 | 2024-05-18T18:19:34.481370
81 / tcp

nginx1.15.9

367035927 | 2024-05-19T05:17:18.528403
443 / tcp

nginx1.15.9

-1790471025 | 2024-05-16T17:53:10.503644
8000 / tcp

-723936098 | 2024-05-04T08:16:36.342138
8001 / tcp

-1080725621 | 2024-05-13T23:34:30.876614
8888 / tcp

Products

Pricing

Contact Us

45.33.63.201

Last Seen: 2024-05-19

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

367035927 | 2024-04-26T17:18:23.231340 80 / tcp

nginx1.15.9

-1232306054 | 2024-05-18T18:19:34.481370 81 / tcp

nginx1.15.9

367035927 | 2024-05-19T05:17:18.528403 443 / tcp

nginx1.15.9

-1790471025 | 2024-05-16T17:53:10.503644 8000 / tcp

-723936098 | 2024-05-04T08:16:36.342138 8001 / tcp

-1080725621 | 2024-05-13T23:34:30.876614 8888 / tcp

Products

Pricing

Contact Us

367035927 | 2024-04-26T17:18:23.231340
80 / tcp

-1232306054 | 2024-05-18T18:19:34.481370
81 / tcp

367035927 | 2024-05-19T05:17:18.528403
443 / tcp

-1790471025 | 2024-05-16T17:53:10.503644
8000 / tcp

-723936098 | 2024-05-04T08:16:36.342138
8001 / tcp

-1080725621 | 2024-05-13T23:34:30.876614
8888 / tcp