GeneralInformation

Hostnames	carbadminpanel.com vmi1734938.contaboserver.net
Domains	carbadminpanel.com contaboserver.net
Country	Germany
City	Munich
Organization	Contabo GmbH
ISP	Contabo GmbH
ASN	AS51167

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	7.5The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	7.4ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	7.7A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

22 80 443 3306 3333 4000

-856106058 | 2024-04-26T06:41:49.398610

22 / tcp

SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.6
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAACAQCTfhOfR7BGj/jQmgIU0FUIpFFE9hTyCfdIcmv+wp/5RjCj
x3wfl0MowALsAJqAz45zNHNSklRy0J0Pmt+4PUkHM3fwnDr0fBF6DTBI3cLOJ3Mpmn2nwxcZ4CkC
rfAGnNeqgkAu3iV3A+BwWVGazzj+GAWKDWQB+hgnyWX6EnGE8WsKTIzc+6SUk+by2R/iVrHBqF4u
fhXwGs7HFYMOWZTY+CV994RU+Td5Zg6ZyJ7zvHUiz2CvJzcNKU7W5My+EZdAeSNW0t3TLqv29Emt
iCky2dB4JL/sPbIg6skv03m2Vi8/6Xvfbl+Hl4ibkAO7jXeDyBn45Cl0HCnnAEF26OyMovBxqhYo
K+XY+X9kmoiwc3HQ9xLy7fFgcVCBTPpv1ACTMDvU5ls8lbTnX2nE2ezdYNZ4Y4ilxAVM4zpfYNnH
+0KURUvGnpbMU/FN5NFP0eg1fYbUKMCAzpwRDoo/74/AhO7R0IbOjO/R0wLChl60wkjidn9OFjFd
hojjpPOsTJJhCDqTusaiqm/AIJgnygwI6Cm+aW939VzaPbu/fdEUmdh2R1DxIGa/siVgTjRukzn6
shtc5j+17BKeOtIEMwBSfe20yGNorSEDYgvRmihwhiJI6T3IWfh2/T/AcQrQmatmHsfTPsXJOIcN
xvW0Wc2xEl9mw0HK3/PQMG/hXzO8EQ==
Fingerprint: 1a:b9:2b:3a:b9:17:9d:36:27:79:3c:59:5f:48:7c:2d

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	sntrup761x25519-sha512@openssh.com
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

677579724 | 2024-04-13T09:32:21.266844

80 / tcp

HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 13 Apr 2024 09:32:21 GMT
Content-Type: text/html
Content-Length: 564
Connection: keep-alive

742655084 | 2024-04-24T01:43:40.510074

443 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 24 Apr 2024 01:43:40 GMT
Content-Type: text/html
Content-Length: 4550
Connection: keep-alive
Last-Modified: Mon, 18 Mar 2024 06:53:27 GMT
ETag: "65f7e4e7-11c6"
Accept-Ranges: bytes

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:eb:c5:f6:5b:ee:c8:f9:a0:e9:86:07:da:a4:8f:c2:b6:99
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Mar 26 14:53:06 2024 GMT
            Not After : Jun 24 14:53:05 2024 GMT
        Subject: CN=carbadminpanel.com
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:70:2e:ac:72:d6:8d:9a:84:fd:8a:4b:5f:e0:49:
                    0f:b8:68:a2:96:f3:30:93:81:2b:38:8a:db:83:84:
                    7a:d1:c5:ef:ab:ae:b1:c5:c7:62:b3:c7:04:a0:0d:
                    85:74:90:ee:60:3e:a1:65:1e:37:e3:ad:d6:be:21:
                    13:33:5d:eb:0a
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                89:F6:03:8E:A6:FE:61:BF:B8:DF:6C:AD:FA:BA:A6:25:96:89:3C:7B
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:carbadminpanel.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
                                ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
                    Timestamp : Mar 26 15:53:06.907 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:81:2A:81:36:16:B7:81:30:0B:BF:AB:
                                96:34:EA:9D:C5:E7:BA:ED:DA:60:E6:AF:4F:D7:79:46:
                                9B:72:C2:2C:CB:02:20:05:0E:FB:00:04:10:EC:0F:AC:
                                AF:0C:E6:32:FD:36:84:9F:4A:B3:AB:6C:48:77:6F:D0:
                                C3:35:93:52:B2:63:D8
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
                                B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
                    Timestamp : Mar 26 15:53:06.970 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:56:DB:4F:2B:C5:5E:88:48:9B:16:81:22:
                                1A:48:11:56:23:A7:80:AB:E9:D6:8A:8D:7B:83:6E:54:
                                36:C7:77:E8:02:20:03:C4:4D:E4:29:25:84:A2:E4:43:
                                2B:81:7D:E5:C6:68:FC:9D:4F:B9:ED:AE:49:A9:3D:42:
                                C9:D7:72:FA:6E:3B
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        b4:f6:6a:1b:88:4b:a7:03:0f:23:52:c7:cf:67:88:23:53:2c:
        1a:10:7a:1d:48:83:81:b5:ea:7d:52:99:dc:03:d3:50:a0:9a:
        73:09:22:8e:92:b0:3b:6a:51:68:02:1a:22:89:b3:d6:d8:f8:
        58:c4:a0:5d:fe:cf:fe:69:a2:c3:2d:3d:58:7b:65:bc:6d:9a:
        b3:b3:c3:fb:bf:d7:28:91:19:2b:8f:aa:c2:11:de:31:99:32:
        21:ee:45:e6:32:e7:63:55:78:6f:d7:85:28:62:e7:24:dc:16:
        47:73:98:5f:3d:7b:b7:94:69:d0:09:22:7a:7b:75:4b:e5:ba:
        f9:1b:27:58:b5:41:85:d0:60:fd:84:2c:9e:fd:8b:3a:b0:37:
        46:30:1b:4c:4f:7c:e2:59:44:23:65:2e:15:af:33:e3:2a:8d:
        67:fd:47:13:5d:32:8f:93:87:63:53:6a:c7:26:15:49:b1:0a:
        bc:36:ab:c7:45:c9:1e:ea:c9:d2:ce:37:ad:b9:ca:fe:2d:6b:
        3d:56:75:48:2c:e7:0e:b2:fe:dc:d2:6f:cd:03:44:32:2d:89:
        a5:aa:d1:49:4b:ba:24:d5:22:a2:b0:5a:9e:a4:24:37:ab:eb:
        c6:53:e8:3a:e0:b8:be:3c:b4:cd:53:30:de:e9:86:e0:00:aa:
        e2:33:1b:4f

-415724923 | 2024-04-03T15:20:21.702695

3306 / tcp

MySQL:
  Protocol Version: 10
  Version: 8.0.22
  Capabilities: 65535
  Server Language: 255
  Server Status: 2
  Extended Server Capabilities: 51199
  Authentication Plugin: mysql_native_password

974105634 | 2024-04-16T14:07:05.494860

3333 / tcp

HTTP/1.1 200 OK
vary: Origin
access-control-allow-origin: *
content-type: text/plain; charset=utf-8
content-length: 57
Date: Tue, 16 Apr 2024 14:07:05 GMT
Connection: keep-alive
Keep-Alive: timeout=72

641364871 | 2024-04-23T17:26:47.587466

4000 / tcp

HTTP/1.1 400 Bad Request
Content-Length: 65
Content-Type: application/json

{"error":"Bad Request","message":"Client Error","statusCode":400}

173.249.57.20

Last Seen: 2024-04-26

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-856106058 | 2024-04-26T06:41:49.398610
22 / tcp

OpenSSH8.9p1 Ubuntu-3ubuntu0.6

677579724 | 2024-04-13T09:32:21.266844
80 / tcp

nginx1.18.0

742655084 | 2024-04-24T01:43:40.510074
443 / tcp

nginx1.18.0

-415724923 | 2024-04-03T15:20:21.702695
3306 / tcp

MySQL8.0.22

974105634 | 2024-04-16T14:07:05.494860
3333 / tcp

641364871 | 2024-04-23T17:26:47.587466
4000 / tcp

Products

Pricing

Contact Us

173.249.57.20

Last Seen: 2024-04-26

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-856106058 | 2024-04-26T06:41:49.398610 22 / tcp

OpenSSH8.9p1 Ubuntu-3ubuntu0.6

677579724 | 2024-04-13T09:32:21.266844 80 / tcp

nginx1.18.0

742655084 | 2024-04-24T01:43:40.510074 443 / tcp

nginx1.18.0

-415724923 | 2024-04-03T15:20:21.702695 3306 / tcp

MySQL8.0.22

974105634 | 2024-04-16T14:07:05.494860 3333 / tcp

641364871 | 2024-04-23T17:26:47.587466 4000 / tcp

Products

Pricing

Contact Us

-856106058 | 2024-04-26T06:41:49.398610
22 / tcp

677579724 | 2024-04-13T09:32:21.266844
80 / tcp

742655084 | 2024-04-24T01:43:40.510074
443 / tcp

-415724923 | 2024-04-03T15:20:21.702695
3306 / tcp

974105634 | 2024-04-16T14:07:05.494860
3333 / tcp

641364871 | 2024-04-23T17:26:47.587466
4000 / tcp