GeneralInformation

Hostnames	vmi1926333.contaboserver.net api.holybot.com.br painel.holybot.com.br
Domains	contaboserver.net holybot.com.br
Country	United States
City	New York City
Organization	Contabo Inc.
ISP	Nubes, LLC
ASN	AS40021

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2023(1)

CVE-2023-44487

7.5The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

2021(2)

CVE-2021-23017

7.7A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

CVE-2021-3618

7.4ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.

OpenPorts

22 80 443 3000 4000 5000

22 / tcp

702817656 | 2025-03-13T06:34:27.588489

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.11
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAACAQCoswi3L9ZiAa3yEzPRwva8XYhPVMHTToJ+Qund8QhzSsts
S9bxtSjyGqb1MxpLfvoVr+gpL4xzodjbAmTTAqWIs4Tn09j5dnPmz3EblPAKuk0Rz+BF2piLfoSO
wkju2KEm+eMocncF41tOXizces4569ZJeC4rh+gury/CSZa5wfoWQ67DJ7fU01RBmNcotHSJp3sC
CpqqXgfJgn3vGnuRRoptvL2wZkT5ikLTcQPpPrLxMLHw/29Ow4xgluGbR9aEpKnDr6OEP8y37SEz
IjrLSzgeKAAkGOjXo+0sgcHP3oHB/3ghIXjX7Uy1PJHfQStCOpH8ut10ld/25M31MU0bq575V7Jd
gJRFOBmvbJTMmPsot2lapG0rqn79CptGWqlJXKd/DibiKribzxJJ8JKV4cf1CwtuZwvRLhq7e26F
Hw/hjguSYzcO1N2c1aD4sWd+7Qu+VhwdRLxIAr56N0Yk2NogfhDyiLr+NIYL0IzVLqa+qYeGtSS7
jpkatA2g82hrReLZYjtXkkKKSNXu9pM5X/5CBXajdrtSN6ymPkgDTFAae73U07rqWszODoX2SL5N
Hm1IChEgjjdiJLMkq5TcX3nKeieUUbcyfJRrBKkvvuuLWiSpU1aTUaRzL5lkKxxdBgAGc2dxHztT
Djtl3FbvRNAVepbvWpu1tB5blVQ0ZQ==
Fingerprint: f6:4d:bb:00:3d:03:86:64:28:74:eb:b5:e3:a4:3b:ba

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

80 / tcp

677579724 | 2025-03-19T03:31:29.745291

Hashes

hash

1784100794

http.dom_hash

1239617585

http.html_hash

677579724

http.server_hash

967792298

http.title_hash

-1207101977

404 Not Found

HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 19 Mar 2025 03:31:29 GMT
Content-Type: text/html
Content-Length: 564
Connection: keep-alive

Vulnerabilities

443 / tcp

-1060095501 | 2025-02-23T22:08:17.383240

Hashes

hash

-430110312

http.dom_hash

1231516973

http.html_hash

-1060095501

http.server_hash

967792298

http.title_hash

-1449824703

Error

HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 23 Feb 2025 22:08:17 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 139
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: https://painel.holybot.com.br
Vary: Origin
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src 'none'
X-Content-Type-Options: nosniff

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:f5:51:42:09:97:fd:ba:ef:d6:75:43:3d:ae:f9:8f:c4:24
        Signature Algorithm: ecdsa-with-SHA384
        Issuer: C=US, O=Let's Encrypt, CN=E5
        Validity
            Not Before: Feb  7 13:05:19 2025 GMT
            Not After : May  8 13:05:18 2025 GMT
        Subject: CN=api.holybot.com.br
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:34:0c:41:c1:0f:17:4e:1a:15:a6:0e:b7:a7:f4:
                    c3:e5:15:c3:39:8d:f4:b2:26:81:b9:48:16:62:83:
                    e6:e7:b2:74:27:01:49:61:f4:a1:51:91:ec:49:7b:
                    a8:a1:a3:da:3b:18:89:fe:5a:76:5b:fd:34:91:b2:
                    6b:46:60:25:c7
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                12:5D:FA:6E:85:A8:ED:68:27:B9:74:F8:17:13:78:87:C6:66:54:C9
            X509v3 Authority Key Identifier: 
                9F:2B:5F:CF:3C:21:4F:9D:04:B7:ED:2B:2C:C4:C6:70:8B:D2:D7:0D
            Authority Information Access: 
                OCSP - URI:http://e5.o.lencr.org
                CA Issuers - URI:http://e5.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:api.holybot.com.br, DNS:painel.holybot.com.br
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
                                22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
                    Timestamp : Feb  7 14:03:49.630 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:C8:DA:19:D7:21:53:9B:6D:32:41:7F:
                                15:A1:23:64:4A:61:CC:43:ED:22:6F:FF:39:07:39:41:
                                55:EA:17:1A:2F:02:20:77:EC:02:75:FD:CF:FF:84:2D:
                                55:BA:B4:5D:18:F0:A1:E8:0A:3E:A3:74:42:3A:6A:CB:
                                87:3F:94:EF:9D:75:51
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : Feb  7 14:03:49.619 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:D1:5E:7B:1E:C9:02:94:13:7D:44:05:
                                43:EE:58:98:C4:97:C6:7C:E3:3D:0C:FC:38:D2:67:D9:
                                9F:70:0C:78:B3:02:21:00:F1:BD:2E:52:D5:3C:FD:5C:
                                C9:5E:25:31:FC:78:31:5F:85:2A:AB:B6:A3:5B:2D:18:
                                8F:35:14:DD:69:06:99:6C
    Signature Algorithm: ecdsa-with-SHA384
    Signature Value:
        30:65:02:30:1e:d6:49:c6:4a:ed:62:6f:73:fe:ac:fd:0b:30:
        b3:06:f4:28:34:75:78:8c:5c:39:ec:ec:b1:5a:99:9b:42:52:
        03:ce:d4:be:7e:d5:13:89:1d:19:4f:1d:ef:14:3e:19:02:31:
        00:b9:99:11:51:db:ef:36:28:6b:8e:c4:d1:d9:7f:79:bb:c3:
        35:02:84:66:04:6a:df:39:6e:57:0d:e8:77:74:6e:f3:f2:0b:
        d8:e6:26:9a:b3:ef:be:aa:1d:ed:ce:c5:ce

Vulnerabilities

3000 / tcp

-1180533801 | 2025-03-23T01:23:08.070246

Hashes

hash

638012644

http.dom_hash

-1719941940

http.favicon.hash

-824511804

http.html_hash

-1180533801

http.title_hash

-346260101

holybot | chat

HTTP/1.1 200 OK
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 18 Jun 2024 16:18:10 GMT
ETag: W/"cae-1902c243b14"
Content-Type: text/html; charset=UTF-8
Content-Length: 3246
Date: Sun, 23 Mar 2025 01:23:07 GMT
Connection: keep-alive
Keep-Alive: timeout=5

4000 / tcp

-1246004407 | 2025-03-17T09:02:15.424517

HTTP/1.1 400 Bad Request
Connection: close

66.94.104.144

Last Seen: 2025-03-23

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

22 / tcp

702817656 | 2025-03-13T06:34:27.588489

OpenSSH8.2p1 Ubuntu 4ubuntu0.11

80 / tcp

677579724 | 2025-03-19T03:31:29.745291

Hashes

nginx1.18.0

443 / tcp

-1060095501 | 2025-02-23T22:08:17.383240

Hashes

nginx1.18.0

3000 / tcp

-1180533801 | 2025-03-23T01:23:08.070246

Hashes

4000 / tcp

-1246004407 | 2025-03-17T09:02:15.424517

Products

Pricing

Contact Us

66.94.104.144

Last Seen: 2025-03-23

Tags:

GeneralInformation

Vulnerabilities All ports Port 80 Port 443 Latest CVSS

OpenPorts

22 / tcp 702817656 | 2025-03-13T06:34:27.588489

OpenSSH8.2p1 Ubuntu 4ubuntu0.11

80 / tcp 677579724 | 2025-03-19T03:31:29.745291

Hashes

nginx1.18.0

443 / tcp -1060095501 | 2025-02-23T22:08:17.383240

Hashes

nginx1.18.0

3000 / tcp -1180533801 | 2025-03-23T01:23:08.070246

Hashes

4000 / tcp -1246004407 | 2025-03-17T09:02:15.424517

Products

Pricing

Contact Us

Vulnerabilities

22 / tcp

702817656 | 2025-03-13T06:34:27.588489

80 / tcp

677579724 | 2025-03-19T03:31:29.745291

443 / tcp

-1060095501 | 2025-02-23T22:08:17.383240

3000 / tcp

-1180533801 | 2025-03-23T01:23:08.070246

4000 / tcp

-1246004407 | 2025-03-17T09:02:15.424517