GeneralInformation

Hostnames	ec2-18-140-122-173.ap-southeast-1.compute.amazonaws.com git.elixirtech.com
Domains	amazonaws.com elixirtech.com
Cloud Provider	Amazon
Cloud Region	ap-southeast-1
Cloud Service	EC2
Country	Singapore
City	Singapore
Organization	Amazon Technologies Inc.
ISP	Amazon.com, Inc.
ASN	AS16509

WebTechnologies

Programming languages

Ruby

Web frameworks

Ruby on Rails

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487

7.5The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

CVE-2021-3618

7.4ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.

OpenPorts

80 443

-1836475360 | 2024-04-11T22:21:52.640141

80 / tcp

HTTP/1.1 404 Not Found
Content-Type: text/html
Date: Thu, 11 Apr 2024 22:21:52 GMT
Server: nginx/1.20.1
Content-Length: 555
Connection: keep-alive

-1498473198 | 2024-04-25T14:13:06.462704

443 / tcp

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 14:13:06 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 11819
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
Cache-Control: max-age=0, private, must-revalidate
Content-Security-Policy: 
Etag: W/"c89c763208725cdca43220c78126c2d3"
Link: </assets/application_utilities-6e14369d68c173a17203053e264fd8034cea02c72b03d7d20c142f2e8b2ba2b8.css>; rel=preload; as=style; type=text/css,</assets/application-9723ad2290324a6ed951c5d4b011743f27afa0b6450cb147a63587b67b70985a.css>; rel=preload; as=style; type=text/css,</assets/highlight/themes/white-a6bcb4c616fa83a68bf0d7936411ba4d47fa78c1137817cc6ebdb97e656c6eb5.css>; rel=preload; as=style; type=text/css
Permissions-Policy: interest-cohort=()
Set-Cookie: preferred_language=en; path=/; Secure; SameSite=None
Set-Cookie: _gitlab_session=dc5adc77429b7ce8d3c5da581b53b3a5; path=/; expires=Thu, 25 Apr 2024 16:13:06 GMT; secure; HttpOnly; SameSite=None
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Gitlab-Meta: {"correlation_id":"01HWASMMJ0BFPB9ZSTHQRM7ANS","version":"1"}
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 01HWASMMJ0BFPB9ZSTHQRM7ANS
X-Runtime: 0.050053
X-Ua-Compatible: IE=edge
X-Xss-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000
Referrer-Policy: strict-origin-when-cross-origin

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:65:d4:f4:f2:28:46:92:70:21:d2:a7:dc:31:56:33
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Amazon, CN=Amazon RSA 2048 M03
        Validity
            Not Before: Oct  8 00:00:00 2023 GMT
            Not After : Nov  5 23:59:59 2024 GMT
        Subject: CN=git.elixirtech.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:ab:6d:8d:ec:a2:18:70:17:86:12:c7:9b:54:57:
                    49:02:05:41:62:cc:7f:ca:55:25:ce:8e:37:d4:2a:
                    f7:44:8f:b7:61:3b:e8:e8:fc:14:3d:17:a6:03:65:
                    c6:a1:84:37:0d:71:45:16:5b:42:dc:40:9a:c4:32:
                    f2:4c:7e:48:43:a4:97:c3:ad:14:8a:6e:e8:1e:5a:
                    97:87:23:0a:51:72:f2:b4:a7:31:98:5a:ad:8e:64:
                    38:2c:61:ad:07:ce:1f:be:ac:a5:b8:cc:07:ef:07:
                    22:43:8a:e2:3e:1f:8f:f9:ac:bf:39:c7:ee:3e:e0:
                    e9:c5:45:f1:ef:4a:b9:98:34:7d:67:f8:4d:92:9b:
                    aa:dd:18:49:46:11:04:99:14:22:5b:1b:ef:ff:88:
                    df:2a:b5:e3:25:01:35:bc:2f:c7:9d:db:84:df:9e:
                    bb:86:5a:ba:56:40:2f:e0:2a:dd:8a:c8:2b:ff:62:
                    48:88:4b:22:cd:d8:5a:cf:f9:ab:df:17:49:93:22:
                    d6:d3:1b:d5:22:04:e6:07:8b:2b:7a:4c:38:36:73:
                    7e:90:32:7b:c3:42:31:26:e0:0f:79:38:9c:1b:b8:
                    15:67:a6:67:ff:56:d4:4e:40:e0:3c:1c:b6:15:0c:
                    5f:05:d4:c1:05:ef:c4:40:e3:34:7b:33:5a:0d:90:
                    fd:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                55:D9:18:5F:D2:1C:CC:01:E1:58:B4:BE:AB:D9:55:42:01:D7:2E:02
            X509v3 Subject Key Identifier: 
                10:11:93:4B:C9:55:B0:D0:47:17:6D:15:B5:8C:D6:2E:2F:A8:24:15
            X509v3 Subject Alternative Name: 
                DNS:git.elixirtech.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.r2m03.amazontrust.com/r2m03.crl
            Authority Information Access: 
                OCSP - URI:http://ocsp.r2m03.amazontrust.com
                CA Issuers - URI:http://crt.r2m03.amazontrust.com/r2m03.cer
            X509v3 Basic Constraints: critical
                CA:FALSE
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Oct  8 00:25:55.547 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:C4:C9:61:F2:A4:72:08:3D:6C:CD:B2:
                                59:C6:36:C5:C5:F4:FB:D1:91:8F:E4:D1:BE:06:C5:5B:
                                8A:B5:14:1E:42:02:20:7C:12:4C:A6:66:7A:E3:BD:0F:
                                A2:93:E9:32:84:63:D9:09:45:1E:09:6B:6C:4C:35:48:
                                CF:AD:8C:E2:F4:42:76
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Oct  8 00:25:55.495 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:9F:BB:6D:B7:FC:EA:DE:91:38:84:A4:
                                6F:61:DE:9D:AF:CD:A0:65:08:D9:98:D7:EC:83:FF:9B:
                                15:22:5F:1D:29:02:20:65:D2:90:4A:BF:CD:B2:7F:0C:
                                04:78:75:02:67:29:3D:26:37:4E:9F:97:BA:2E:27:7B:
                                F1:48:D9:96:5E:24:BB
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70:
                                91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB
                    Timestamp : Oct  8 00:25:55.472 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:A5:6D:E8:20:F4:08:95:BC:71:81:CC:
                                9A:89:14:79:C8:47:DD:AA:B9:FE:DE:64:4F:77:98:00:
                                11:CB:67:AF:E4:02:21:00:98:A5:6D:90:73:57:E9:2D:
                                0B:FB:1E:5F:3B:5C:89:96:1E:5D:DB:8F:FF:B0:0E:F4:
                                1E:53:4D:3F:75:F3:19:70
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        a8:83:31:65:f3:e5:fa:47:1c:6f:e2:ad:a3:01:de:1b:ec:77:
        57:22:69:a5:2d:40:61:37:85:1b:d8:ee:e3:61:a7:9d:d7:c5:
        ed:63:67:da:0a:97:22:ed:87:94:7c:b7:e3:48:5a:07:54:e3:
        f3:c7:1c:e8:1f:12:7c:8a:35:67:6a:5e:0f:3c:4b:6d:0b:25:
        5e:ff:63:3e:20:8e:0a:38:21:a8:95:cc:25:f0:45:2f:ea:f1:
        74:16:f8:77:f8:20:3a:b4:59:7f:92:c2:fd:5b:83:88:b7:5e:
        1b:3e:b9:45:5a:1c:b4:bc:07:47:85:61:8e:27:ec:f1:f3:9f:
        43:59:69:6b:74:71:b7:c7:97:63:47:ec:5e:4f:98:93:aa:2b:
        b6:b5:15:74:cd:29:37:e1:d7:f9:78:55:2b:74:4d:50:af:c5:
        9b:24:f0:8a:fc:8c:e1:9c:13:31:c6:5a:7b:ec:01:e1:89:af:
        a1:20:18:c2:4e:20:e9:eb:a2:a8:76:f3:a9:81:e9:fc:77:ee:
        fe:6a:89:93:fe:3f:61:a3:15:b0:13:7d:9d:7d:49:83:0e:89:
        75:35:fe:86:02:4e:2b:85:bf:0c:47:0e:85:cc:45:a1:1b:fb:
        05:81:62:a0:3a:43:e2:56:5d:21:e5:fd:47:05:4a:7b:eb:b3:
        85:6e:96:7a

18.140.122.173

Last Seen: 2024-04-25

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-1836475360 | 2024-04-11T22:21:52.640141
80 / tcp

nginx1.20.1

-1498473198 | 2024-04-25T14:13:06.462704
443 / tcp

GitLab Self-Managed

Products

Pricing

Contact Us

18.140.122.173

Last Seen: 2024-04-25

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-1836475360 | 2024-04-11T22:21:52.640141 80 / tcp

nginx1.20.1

-1498473198 | 2024-04-25T14:13:06.462704 443 / tcp

GitLab Self-Managed

Products

Pricing

Contact Us

-1836475360 | 2024-04-11T22:21:52.640141
80 / tcp

-1498473198 | 2024-04-25T14:13:06.462704
443 / tcp