GeneralInformation

Hostnames	vmi713866.contaboserver.net gitlab.twinsdigitallabs.tech
Domains	contaboserver.net twinsdigitallabs.tech
Country	Germany
City	Düsseldorf
Organization	Contabo GmbH
ISP	Contabo GmbH
ASN	AS51167

WebTechnologies

Programming languages

Ruby

Web frameworks

Ruby on Rails

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

CVE-2021-3618

5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.

OpenPorts

22 80 443 8060

-103390413 | 2024-06-01T19:20:40.293022

22 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQDVmt9ZhlEC7tMIF7LkXgTruyNg2X8V26rzsCq9dmA8zEtl
2kHpoo5FzmDVNHWefG5zGw/cpj2w0BKTqjqhz3XGVTuqj4dmJQzvpt0nQ91duYuKdYMVgC0K1e4v
AGqh37HBFcX7PJiXl6r+au7927kQKMWuWOKeUnm/xEAzq9IUISXaoxBhwg8R+q73dIe20H0urypr
IoqWqh3dcNEuJipqavSCrytCzI1hTTmKPcSmo7rbUb/yPSbguUpESzdfnlv+MRqJ0DoDBgpoQh48
4/5mHavNaydqf16QsGhNuwzr0+MtRiXiXkXYfNrzuYatRhaHV7VXxNEmVqc72vfT34mzEIHThnt6
snz+pbn7bgxe15oN2cR4ebnjNIBSsSA7kvIo0whRH9U7O7lmrKAURcbLvwPyHgYtDDMLl0amdOqa
0xNLaYgmm876Xhssx2ZozPyxvuYreiuasoPp0C4Ycb9d9TwKhgojfgSX76XBoVJZUSJnZ9GkCpo+
cKmL7SVQIqk=
Fingerprint: 8d:da:44:81:11:29:ee:37:b2:16:74:16:36:2b:e4:01

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

-2100514759 | 2024-05-27T12:14:01.639326

80 / tcp

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 27 May 2024 12:14:01 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://gitlab.twinsdigitallabs.tech:443/

-278063769 | 2024-06-02T11:04:20.960505

443 / tcp

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Jun 2024 11:03:46 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=0, private, must-revalidate
Content-Security-Policy: 
Etag: W/"d53bb62109074faea5f15482fc98f491"
Link: </assets/application_utilities-bc405f753d3fc57a7c9cf1aafc04c07ef4c758eced90f0d06275492f20f8fcbf.css>; rel=preload; as=style; type=text/css,</assets/application-8dcb2fd4b99a99a1c96d54c852feb9a10d712cdd32aec422cfdf03b4ee83e371.css>; rel=preload; as=style; type=text/css,</assets/highlight/themes/white-69223daaf028b2b7665d7b9256b5d2f2703ce7f83cb2b7c86479acaf55a59001.css>; rel=preload; as=style; type=text/css
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Set-Cookie: _gitlab_session=da4f6a15ba4974adcbffbe03d7f9e627; path=/; expires=Sun, 02 Jun 2024 13:03:46 GMT; secure; HttpOnly; SameSite=None
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 01HZC9X8F7NRYY8T9QYZEGR163
X-Runtime: 0.932535
X-Ua-Compatible: IE=edge
X-Xss-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000
Referrer-Policy: strict-origin-when-cross-origin

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:43:d9:6e:78:ab:f0:9a:42:a9:8b:42:50:89:f1:47:74:57
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Apr 12 21:30:32 2024 GMT
            Not After : Jul 11 21:30:31 2024 GMT
        Subject: CN=gitlab.twinsdigitallabs.tech
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:c0:ef:43:93:79:35:69:2f:d3:24:05:d4:d9:fe:
                    af:3d:8b:6c:23:53:45:aa:02:93:dd:34:31:28:fd:
                    10:0a:67:fe:63:8c:dc:0a:d4:55:8e:15:dc:6c:94:
                    21:18:52:e7:78:91:d6:72:aa:e2:75:64:83:07:36:
                    b3:a7:a2:d9:66:84:81:92:f2:78:34:4e:a8:d2:80:
                    b4:73:1b:da:85:50:94:b1:68:3e:1e:b6:3d:8a:37:
                    94:7a:85:2e:66:08:91:7a:c9:ef:7f:17:3d:53:63:
                    94:e8:70:8b:67:05:25:e7:61:cb:35:d5:f6:78:4c:
                    9a:6a:bf:54:b2:c1:31:91:52:07:61:87:d1:56:12:
                    c0:7d:60:19:7f:18:8d:a0:af:6d:41:68:b8:f9:da:
                    5b:35:c9:01:45:b2:f7:52:0e:20:31:da:8b:45:84:
                    cb:fc:fe:99:33:e7:20:1e:50:53:62:0e:4a:cb:69:
                    d9:02:e9:0f:a3:a3:7c:92:f3:fc:8b:22:0e:46:0c:
                    c7:98:20:7e:09:d2:50:12:7a:c6:38:a9:33:d6:a7:
                    6e:38:ac:36:27:9d:96:c6:77:9f:64:5f:e3:7f:0d:
                    9f:91:3f:2d:f1:da:ec:0e:2c:e6:0b:f1:80:df:d7:
                    66:42:53:23:98:f3:b6:bd:dd:69:27:76:6a:0d:8c:
                    e4:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                9F:41:51:B7:76:E9:F5:AA:FA:69:5A:BA:8D:5F:02:0B:CC:13:85:BC
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:gitlab.twinsdigitallabs.tech
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Apr 12 22:30:32.706 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:48:84:E7:D9:5C:66:CB:12:01:6A:B5:75:
                                A8:41:D1:B9:20:5C:77:EF:2D:20:93:08:5A:38:69:FC:
                                FD:2C:4F:05:02:21:00:B5:7F:68:6B:9E:4B:43:50:6A:
                                CD:6A:04:40:87:93:10:7F:1E:AC:49:75:FE:AC:08:18:
                                80:40:01:CF:18:C9:87
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DF:E1:56:EB:AA:05:AF:B5:9C:0F:86:71:8D:A8:C0:32:
                                4E:AE:56:D9:6E:A7:F5:A5:6A:01:D1:C1:3B:BE:52:5C
                    Timestamp : Apr 12 22:30:32.908 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:6E:72:92:9F:B0:78:BF:4C:72:87:F3:6D:
                                51:B7:8E:83:F8:A0:CC:0B:BF:12:7E:12:DF:6A:0D:F6:
                                A4:62:ED:5B:02:21:00:C9:08:46:62:9B:1B:0E:41:F1:
                                D4:31:9A:63:D5:9C:70:C6:52:B6:76:41:5A:AB:9E:FF:
                                0E:F0:B0:9F:69:44:2E
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        7a:2b:d3:ae:c2:4b:f9:ee:be:e8:fe:4e:f3:f0:69:14:17:4f:
        da:b8:a0:fa:c5:c3:4a:f2:49:ad:ea:28:65:58:ea:ae:01:51:
        91:1b:e0:26:bb:80:4a:e8:e7:20:81:fa:a3:91:34:bf:b5:40:
        49:a7:e7:cd:05:06:12:57:ad:5c:ac:11:c9:56:b0:6a:cf:bd:
        28:c9:01:fc:19:40:70:ab:8e:c8:c7:da:00:4a:6f:f4:02:b4:
        b6:1e:58:6c:13:04:7d:77:e4:e6:5b:1b:f4:2e:53:7f:0e:4f:
        70:f6:49:57:16:72:59:62:9a:5d:ed:ad:56:46:c1:be:fd:c7:
        ef:ff:d0:be:ba:21:8b:30:78:1e:5f:d1:66:6d:06:61:ba:94:
        87:01:4a:fc:16:db:aa:20:a5:44:13:25:85:bc:be:aa:f3:c9:
        e9:bc:2f:d8:25:e7:85:d0:70:61:04:65:05:ea:76:e3:2e:8b:
        80:e7:76:44:ca:f5:84:2c:48:f6:71:b7:66:eb:a5:8a:04:51:
        f5:71:d6:92:17:a4:2b:b3:f3:10:36:ef:67:0c:fb:a5:4a:dc:
        bf:0f:aa:01:32:a1:a7:7a:b5:08:2e:f8:48:d4:e8:4b:61:5c:
        fa:d8:2c:94:00:d8:7d:ed:8c:31:a8:af:9d:1e:00:b9:56:e1:
        c1:62:67:cf

-1836475360 | 2024-05-29T02:47:05.509914

8060 / tcp

HTTP/1.1 404 Not Found
Server: nginx/1.20.1
Date: Wed, 29 May 2024 02:47:05 GMT
Content-Type: text/html
Content-Length: 555
Connection: keep-alive

194.163.141.243

Last Seen: 2024-06-02

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-103390413 | 2024-06-01T19:20:40.293022
22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.3

-2100514759 | 2024-05-27T12:14:01.639326
80 / tcp

nginx

-278063769 | 2024-06-02T11:04:20.960505
443 / tcp

nginx

-1836475360 | 2024-05-29T02:47:05.509914
8060 / tcp

nginx1.20.1

Products

Pricing

Contact Us

194.163.141.243

Last Seen: 2024-06-02

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-103390413 | 2024-06-01T19:20:40.293022 22 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.3

-2100514759 | 2024-05-27T12:14:01.639326 80 / tcp

nginx

-278063769 | 2024-06-02T11:04:20.960505 443 / tcp

nginx

-1836475360 | 2024-05-29T02:47:05.509914 8060 / tcp

nginx1.20.1

Products

Pricing

Contact Us

-103390413 | 2024-06-01T19:20:40.293022
22 / tcp

-2100514759 | 2024-05-27T12:14:01.639326
80 / tcp

-278063769 | 2024-06-02T11:04:20.960505
443 / tcp

-1836475360 | 2024-05-29T02:47:05.509914
8060 / tcp