GeneralInformation

Hostnames	forum.bootstrapstudio.io li879-73.members.linode.com
Domains	bootstrapstudio.io linode.com
Cloud Provider	Linode
Cloud Region	us-nj
Country	United States
City	Cedar Knolls
Organization	Linode
ISP	Akamai Connected Cloud
ASN	AS63949
Operating System	Linux

WebTechnologies

Ecommerce

Abicart

Message boards

Discourse3.4.0

Programming languages

Ruby

Web frameworks

Ruby on Rails

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2024(4)

CVE-2024-47772

6.5Discourse is an open source platform for community discussion. An attacker can execute arbitrary JavaScript on users' browsers by sending a maliciously crafted chat message and replying to it. This issue only affects sites with CSP disabled. This problem is patched in the latest version of Discourse. All users are advised to upgrade. Users unable to upgrade should ensure CSP is enabled on the forum. Users who do upgrade should also consider enabling a CSP as well as a proactive measure.

CVE-2024-45297

5.3Discourse is an open source platform for community discussion. Users can see topics with a hidden tag if they know the label/name of that tag. This issue has been patched in the latest stable, beta and tests-passed version of Discourse. All users area are advised to upgrade. There are no known workarounds for this vulnerability.

CVE-2024-45051

8.2Discourse is an open source platform for community discussion. A maliciously crafted email address could allow an attacker to bypass domain-based restrictions and gain access to private sites, categories and/or groups. This issue has been patched in the latest stable, beta and tests-passed version of Discourse. All users area are advised to upgrade. There are no known workarounds for this vulnerability.

CVE-2024-43789

7.5Discourse is an open source platform for community discussion. A user can create a post with many replies, and then attempt to fetch them all at once. This can potentially reduce the availability of a Discourse instance. This problem has been patched in the latest version of Discourse. All users area are advised to upgrade. There are no known workarounds for this vulnerability.

OpenPorts

22 80 443

22 / tcp

-1009396959 | 2025-04-11T01:04:39.158844

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.12
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQC19MUrsYTJefrKz/ss4yz5uO0FJU6578rW+umGyRAJC2Is
cXyLh1SqaShEGZJLPxf+JMyEVhK9zBGc7gDMNePCIJ6ZNdIdygNwmpUZxBdRTdor7Gchq9oC/m+/
EebRLf10af3VyMs+gV032d1nmo5gKJB47Gy3SnvX7kcuNtd7lqB/5+Evp71j4dZb0MAiV9hNp7yc
qsRE9X2PVcC5avBOZZwZKtExyCKG3HY1Bn6tHzpTvccYAGz+PtBeEybCBB6YgOFxELUwWiEeRS7w
hOk4/Dg3hYDNz38GmJtArPsaZA0cQgQHI744zw1qIT+fnJjMS1cAbxp/5yxIrpGLXzx9InO0MiQ4
AVYayZ+Xo5xgefcG1Dkn/D6NTVsCQTBgyT29UVDHYVTB/iqkjqLweU1e0qYHnSoBSiuQIDZiaRsm
l77L7Si8xLpu8amwnR80cLREMvyK88E8k67O38RvCerQz55G1oKdvkt/v1gHlxkvrzZyexT31KYb
ea5db7Voi+8=
Fingerprint: 41:41:b1:69:46:d9:d1:56:46:a5:75:3f:0f:cb:73:d3

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

80 / tcp

-1121567685 | 2025-04-05T05:20:30.531361

Hashes

hash

-894691291

http.dom_hash

1239617585

http.html_hash

-1121567685

http.server_hash

1006625099

http.title_hash

1522695184

301 Moved Permanently

HTTP/1.1 301 Moved Permanently
Server: nginx/1.26.2
Date: Sat, 05 Apr 2025 05:20:30 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://forum.bootstrapstudio.io/

443 / tcp

771737307 | 2025-04-05T07:23:17.079382

Hashes

hash

627522747

http.dom_hash

-1334355160

http.favicon.hash

-819355550

http.html_hash

771737307

http.robots_hash

148562471

http.server_hash

-1340961475

http.sitemap_hash

767704286

http.title_hash

657282942

Bootstrap Studio Forum - The revolutionary design tool

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Apr 2025 07:23:15 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
X-Discourse-Route: list/latest
Cross-Origin-Opener-Policy: same-origin-allow-popups
Vary: Accept
Cache-Control: no-cache, no-store
Content-Security-Policy: upgrade-insecure-requests; base-uri 'self'; object-src 'none'; script-src 'nonce-NOoMD2Ni4Ju7w0uASb9T3gjGN' 'strict-dynamic'; frame-ancestors 'self'; manifest-src 'self'
X-Discourse-Cached: skip
X-Request-Id: 11425924-67e2-4bdb-9997-c3807f8123c1
X-Runtime: 0.162089
X-Discourse-TrackView: 1
Strict-Transport-Security: max-age=31536000

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:4c:6b:e1:71:f8:08:f1:73:f6:7d:14:d0:e0:13:71:e3:ab
        Signature Algorithm: ecdsa-with-SHA384
        Issuer: C=US, O=Let's Encrypt, CN=E5
        Validity
            Not Before: Mar 31 23:45:40 2025 GMT
            Not After : Jun 29 23:45:39 2025 GMT
        Subject: CN=forum.bootstrapstudio.io
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:ea:bc:fb:0e:b1:33:87:fa:58:07:a3:73:10:cc:
                    88:7d:62:7b:bd:f0:a7:3c:c0:b5:27:bc:1e:5e:9c:
                    46:68:d5:1e:c5:a4:6b:8a:0d:3f:26:ce:a4:4a:79:
                    49:8a:6c:74:9c:e2:d5:fc:1f:05:3b:96:5c:63:a8:
                    71:cd:dc:68:4a
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                D6:01:E9:9E:24:E5:36:48:CE:AA:73:2C:58:9F:9B:6B:0E:54:DC:7F
            X509v3 Authority Key Identifier: 
                9F:2B:5F:CF:3C:21:4F:9D:04:B7:ED:2B:2C:C4:C6:70:8B:D2:D7:0D
            Authority Information Access: 
                OCSP - URI:http://e5.o.lencr.org
                CA Issuers - URI:http://e5.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:forum.bootstrapstudio.io
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://e5.c.lencr.org/44.crl
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
                                22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
                    Timestamp : Apr  1 00:44:10.976 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:40:90:73:21:03:E5:40:C8:6E:4E:73:DF:
                                05:5A:23:24:34:97:62:B1:2C:45:E5:92:0C:B9:AF:04:
                                2B:66:05:9B:02:20:16:9B:5B:B9:EA:C0:55:59:E4:E4:
                                5A:70:B6:B0:72:87:D3:4E:D3:7B:6A:74:E7:09:4F:1B:
                                99:97:C8:EA:86:24
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 13:4A:DF:1A:B5:98:42:09:78:0C:6F:EF:4C:7A:91:A4:
                                16:B7:23:49:CE:58:57:6A:DF:AE:DA:A7:C2:AB:E0:22
                    Timestamp : Apr  1 00:44:11.318 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:15:0C:5A:03:4A:56:7A:30:9E:60:E6:D2:
                                0F:62:56:4C:06:C7:53:FC:2B:94:EC:51:9F:60:9F:3E:
                                59:A2:AD:93:02:20:6D:34:D0:26:45:94:56:88:2F:FF:
                                C1:55:EA:4D:E4:D8:14:54:87:F3:70:64:5B:32:10:AF:
                                27:2E:55:3A:47:EA
    Signature Algorithm: ecdsa-with-SHA384
    Signature Value:
        30:65:02:31:00:ff:31:76:34:ec:8b:9c:68:d4:f6:f1:a5:42:
        cc:2a:e3:32:c7:bf:85:28:71:ee:19:30:c9:ba:11:7b:3b:56:
        74:20:af:cf:af:1c:b8:83:b2:1c:96:33:8b:82:11:8d:3c:02:
        30:1d:32:9d:4a:c6:7e:17:98:33:ca:fa:0f:7d:f9:1b:f3:2a:
        09:45:e9:01:1a:21:e6:81:ff:9b:d4:4e:fc:b3:d4:85:95:01:
        62:4f:69:ff:d1:8d:ab:3f:22:1e:6f:f9:d5

Vulnerabilities

2 2

104.237.149.73

Last Seen: 2025-04-11

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

22 / tcp

-1009396959 | 2025-04-11T01:04:39.158844

OpenSSH8.2p1 Ubuntu 4ubuntu0.12

80 / tcp

-1121567685 | 2025-04-05T05:20:30.531361

Hashes

nginx1.26.2

443 / tcp

771737307 | 2025-04-05T07:23:17.079382

Hashes

nginx

Products

Pricing

Contact Us

104.237.149.73

Last Seen: 2025-04-11

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities All ports Port 443 Latest CVSS

OpenPorts

22 / tcp -1009396959 | 2025-04-11T01:04:39.158844

OpenSSH8.2p1 Ubuntu 4ubuntu0.12

80 / tcp -1121567685 | 2025-04-05T05:20:30.531361

Hashes

nginx1.26.2

443 / tcp 771737307 | 2025-04-05T07:23:17.079382

Hashes

nginx

Products

Pricing

Contact Us

Vulnerabilities

22 / tcp

-1009396959 | 2025-04-11T01:04:39.158844

80 / tcp

-1121567685 | 2025-04-05T05:20:30.531361

443 / tcp

771737307 | 2025-04-05T07:23:17.079382