GeneralInformation

Hostnames	212-42-113-176.elcat.kg proxy.energo.kg
Domains	elcat.kg energo.kg
Country	Kyrgyzstan
City	Bishkek
Organization	ElCat, Ltd.
ISP	"ElCat" Ltd.
ASN	AS8449

WebTechnologies

JavaScript libraries

JSZip

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

OpenPorts

25 53 80 443 500 554 1701 3000 8089

411098709 | 2024-11-05T11:21:03.873468

25 / tcp

220 neutron.energo.kg Microsoft ESMTP MAIL Service ready at Tue, 5 Nov 2024 17:20:54 +0600
250-neutron.energo.kg Hello [224.129.170.12]
250-SIZE
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-X-ANONYMOUSTLS
250-AUTH NTLM
250-X-EXPS GSSAPI NTLM
250-8BITMIME
250-BINARYMIME
250-CHUNKING
250-XEXCH50
250-XRDST
250 XSHADOW

SMTP NTLM Info:
  OS: Windows 7/Windows Server 2008 R2
  OS Build: 6.1.7601
  Target Name: DOMAIN_NT
  NetBIOS Domain Name: DOMAIN_NT
  NetBIOS Computer Name: NEUTRON
  DNS Domain Name: energo.kg
  DNS Tree Name: energo.kg
  FQDN: neutron.energo.kg

-1198741653 | 2024-11-02T10:57:22.449414

53 / tcp

9.10.2

2063928432 | 2024-11-03T11:51:55.867421

53 / udp

9.10.2
Resolver name: ns1.energo.kg

402613138 | 2024-11-05T17:07:52.605299

80 / tcp

Forbidden

HTTP/1.0 403 Forbidden
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8

402613138 | 2024-11-03T06:42:56.757809

443 / tcp

Forbidden

HTTP/1.0 403 Forbidden
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7142784 (0x6cfd80)
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=proxy.energo.kg, OU=IT, O=OAO NESK, L=Bishkek, ST=Chui, C=KG
        Validity
            Not Before: Feb  1 18:00:00 2024 GMT
            Not After : Feb  2 17:59:00 2027 GMT
        Subject: CN=proxy.energo.kg, OU=IT, O=NESK, L=Bishkek, ST=Chu, C=KG
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:9a:33:4c:d3:98:6f:27:b7:90:e8:33:8d:5e:5c:
                    2c:4a:84:58:ca:35:67:48:55:31:48:43:47:7a:a9:
                    0e:d4:84:cb:73:25:8d:0e:a2:92:e8:cb:a6:c5:a9:
                    63:c2:30:51:05:74:26:41:29:94:b6:6a:4e:56:19:
                    83:3c:60:cf:b6:3b:71:b0:6e:7a:fd:da:b5:4e:3a:
                    03:61:14:c4:cb:8a:3b:e1:d6:6b:de:5a:4c:e0:44:
                    3d:41:f0:77:51:02:75:35:8d:b0:e4:3d:51:63:e9:
                    ac:71:53:f4:01:89:b9:73:06:c2:02:1f:35:80:08:
                    6b:35:b9:42:c7:a9:1f:d6:5e:c3:90:36:34:39:33:
                    05:1d:41:9a:31:62:2a:f8:15:8b:be:a5:0a:69:a8:
                    18:72:91:ea:7f:cc:92:45:69:4f:bb:d7:09:71:42:
                    8b:23:e4:12:34:3d:f9:cd:20:a5:93:a0:60:92:50:
                    04:67:89:ad:8a:23:4c:ef:b3:eb:61:97:2b:2c:d5:
                    d4:ec:74:66:08:4f:07:5a:7f:b2:27:3e:1d:60:11:
                    3f:42:4a:91:e5:fc:e3:12:ea:b4:8f:74:1e:54:44:
                    ac:3c:65:d7:ea:4e:6f:44:e1:a5:63:b2:cf:ff:9b:
                    a8:5c:7c:0c:30:36:d1:96:36:3d:65:dc:53:b1:1c:
                    0a:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, 1.3.6.1.5.5.8.2.2
            X509v3 Subject Alternative Name: 
                DNS:proxy.energo.kg
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        a3:68:45:df:27:c1:3e:24:10:94:c2:e0:5d:a3:98:00:31:2f:
        d1:86:c6:da:f5:6b:d7:33:8f:7f:66:b8:1b:a1:1c:ff:1e:5f:
        18:19:a3:5d:c0:78:97:e3:a4:b2:29:74:3f:f4:fd:91:77:4a:
        44:b0:e9:b5:98:3c:61:b9:af:e0:56:89:72:8e:a2:f7:03:09:
        d2:be:dc:90:90:cc:85:4f:27:d5:bf:50:b9:58:42:5b:b0:91:
        79:af:16:6f:00:8f:73:7b:ac:4c:76:b5:52:c3:6d:b4:09:b4:
        e5:a9:39:ea:89:05:4a:26:43:5f:ea:da:cd:4f:b5:f1:65:1e:
        3d:b4:17:b7:2f:aa:a2:48:f3:c4:6e:24:14:30:fa:6e:29:f3:
        10:5e:24:01:d8:2b:26:fc:66:37:ad:49:c6:25:a0:c7:6e:61:
        ef:64:b9:92:f7:2e:87:e8:c5:d3:4c:40:ab:30:d7:12:56:b4:
        16:98:52:94:74:bb:2e:67:b9:03:39:1c:4f:7b:22:0e:10:6a:
        84:51:73:0a:4e:ee:b1:17:04:19:71:fe:66:90:2d:33:af:f8:
        14:50:34:fb:37:d6:6f:16:79:3c:4a:93:a2:65:4c:8a:3d:92:
        ac:f0:56:bd:f2:24:00:74:e0:5a:2c:f1:59:56:01:f0:eb:9c:
        d5:b2:57:b6

603666032 | 2024-10-12T13:58:30.432064

500 / udp

VPN (IKE)

Initiator SPI: 7a6e6c3531766e73
Responder SPI: 3837363977787039
Next Payload: RESERVED
Version: 2.0
Exchange Type: DOI Specific Use
Flags:
    Encryption:     False
    Commit:         False
    Authentication: False
Message ID: 00000000
Length: 36

1164398073 | 2024-10-23T02:35:49.384365

554 / tcp

RTSP/1.0 200 OK
CSeq: 1
Public: OPTIONS, DESCRIBE, GET_PARAMETER, PAUSE, PLAY, SETUP, SET_PARAMETER, TEARDOWN
Date:  Wed, Oct 23 2024 08:35:47 GMT

-2129060956 | 2024-11-05T17:48:11.265295

1701 / udp

\xc8\x02\x00\x0c\x00\x00\x00\x00\x00\x00\x00\x01

1997720396 | 2024-10-27T09:58:57.332503

3000 / tcp

Grafana

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
X-Frame-Options: deny
X-Xss-Protection: 1; mode=block
Date: Sun, 27 Oct 2024 09:58:56 GMT
Transfer-Encoding: chunked

CVE-2023-6152 CVE-2023-4822 CVE-2023-4399

649845142 | 2024-11-08T18:54:34.641978

8089 / tcp

Wave

HTTP/1.1 200 OK
Set-Cookie: CookieName=CookieValue;HttpOnly;Secure;SameSite=Lax
Content-Type: text/html
ETag: "3076817158"
Last-Modified: Thu, 07 Dec 2023 04:17:22 GMT
Content-Length: 2284
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1
Content-Security-Policy: default-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-eval' 'unsafe-inline'; frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.gdms.work *.gdms.cloud; font-src 'self' https://at.alicdn.com;img-src 'self' blob:  data:;child-src 'self' *.grandstream.dev blob:  *.gdms.cloud data:; script-src 'self' *.grandstream.dev 'unsafe-eval' 'unsafe-inline'; media-src 'self' blob:; connect-src 'self' *.grandstream.dev  wss:
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Cache-Control: max-age=10
Accept-Ranges: bytes
Date: Fri, 08 Nov 2024 18:54:34 GMT
Server: nginx

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 15148505 (0xe725d9)
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, ST=California, L=City of Industry, O=Grandstream Networks, OU=Software Engineering, CN=VPN/emailAddress=xxu@grandstream.com
        Validity
            Not Before: Feb  4 03:54:30 2024 GMT
            Not After : Jan 28 03:54:30 2049 GMT
        Subject: C=US, ST=California, L=City of Industry, O=Grandstream Networks, Inc., OU=Software Engineering, CN=EC74D714E24C/emailAddress=support@grandstream.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b0:88:7f:70:31:ad:93:fa:0e:ae:d8:da:bd:6a:
                    5f:04:f3:ca:59:91:45:57:11:03:83:c4:ad:b7:67:
                    47:af:2f:db:52:03:f2:2a:7b:e9:a8:cf:96:71:6c:
                    2a:5c:1f:3a:87:35:ae:f9:29:e4:62:c3:5c:2a:fb:
                    3f:e6:df:c7:0b:11:d7:b0:50:86:5c:70:c3:f3:49:
                    07:7a:40:f7:a0:71:67:9c:25:9d:de:cd:5d:9b:b9:
                    1b:88:77:7d:8b:bb:bb:d4:cb:88:16:65:1c:79:1b:
                    af:3b:a1:4d:6b:67:31:07:bf:0e:33:58:19:31:9b:
                    63:d2:16:5c:7c:4d:35:eb:f1:8a:2f:d4:d0:7d:61:
                    12:af:2e:d2:11:d2:1a:1d:44:9f:d7:d9:b2:f5:c5:
                    b0:13:6b:ef:cf:f9:51:6b:0b:23:31:7f:96:e5:75:
                    40:1c:71:d3:88:e1:df:d1:4f:06:fa:76:73:fe:d9:
                    ad:16:12:97:0d:28:e9:28:9e:5b:c4:98:8d:83:2a:
                    d9:77:6f:ba:3e:14:2d:a7:71:54:ca:a6:db:11:a0:
                    9c:51:3d:da:eb:ed:74:fa:09:ee:de:3c:5e:a8:e5:
                    ba:30:b9:f4:f1:73:17:f2:2a:e1:19:7a:db:bd:2d:
                    58:ef:54:d3:03:3f:67:99:0b:27:ab:9c:16:26:92:
                    61:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
            X509v3 Key Usage: 
                Digital Signature, Key Encipherment
            X509v3 Subject Key Identifier: 
                D5:7A:51:26:83:12:25:2B:D6:2A:9D:0A:A9:5C:49:2D:3D:7F:08:FB
            X509v3 Authority Key Identifier: 
                keyid:16:D7:75:49:16:8C:93:1C:EC:4E:A9:F4:4F:43:1C:7B:00:B1:ED:95
                DirName:/C=US/ST=California/L=City of Industry/O=Grandstream Networks/OU=Software Engineering/CN=VPN/emailAddress=xxu@grandstream.com
                serial:00
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        1b:64:ed:7e:35:93:c1:32:82:c4:54:4e:ff:6b:9d:de:09:90:
        17:b9:14:f3:a5:88:03:8f:69:42:94:ac:71:a1:43:f4:e8:0c:
        63:c9:b3:53:28:f7:57:50:35:8d:a5:51:2c:03:43:c1:68:89:
        08:0a:fc:c8:11:9f:58:a8:b1:10:70:37:03:5f:d6:4c:ba:e7:
        53:d3:d2:00:80:1e:a9:8f:bb:b0:26:2f:07:4a:65:22:99:1d:
        bb:65:48:8c:94:17:5f:a8:e4:f5:05:a0:8c:48:10:b2:2f:8d:
        9c:59:ad:53:ee:52:c6:a0:85:ad:fc:bf:9d:38:ca:2d:90:39:
        50:59

MAC Addresses

EC:74:D7:14:E2:4C
    OUI: EC:74:D7
    Organization: Grandstream Networks Inc
    Assignment: MA-L
    Registration Date: 2022-04-27

212.42.113.176

Last Seen: 2024-11-08

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

411098709 | 2024-11-05T11:21:03.873468
25 / tcp

Microsoft Exchange smtpd

-1198741653 | 2024-11-02T10:57:22.449414
53 / tcp

2063928432 | 2024-11-03T11:51:55.867421
53 / udp

402613138 | 2024-11-05T17:07:52.605299
80 / tcp

402613138 | 2024-11-03T06:42:56.757809
443 / tcp

603666032 | 2024-10-12T13:58:30.432064
500 / udp

1164398073 | 2024-10-23T02:35:49.384365
554 / tcp

-2129060956 | 2024-11-05T17:48:11.265295
1701 / udp

1997720396 | 2024-10-27T09:58:57.332503
3000 / tcp

Grafana (Open Source)10.0.0

649845142 | 2024-11-08T18:54:34.641978
8089 / tcp

nginx

Products

Pricing

Contact Us

212.42.113.176

Last Seen: 2024-11-08

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities All ports Port 3000 Latest CVSS

OpenPorts

411098709 | 2024-11-05T11:21:03.873468 25 / tcp

Microsoft Exchange smtpd

-1198741653 | 2024-11-02T10:57:22.449414 53 / tcp

2063928432 | 2024-11-03T11:51:55.867421 53 / udp

402613138 | 2024-11-05T17:07:52.605299 80 / tcp

402613138 | 2024-11-03T06:42:56.757809 443 / tcp

603666032 | 2024-10-12T13:58:30.432064 500 / udp

1164398073 | 2024-10-23T02:35:49.384365 554 / tcp

-2129060956 | 2024-11-05T17:48:11.265295 1701 / udp

1997720396 | 2024-10-27T09:58:57.332503 3000 / tcp

Grafana (Open Source)10.0.0

649845142 | 2024-11-08T18:54:34.641978 8089 / tcp

nginx

Products

Pricing

Contact Us

Vulnerabilities

411098709 | 2024-11-05T11:21:03.873468
25 / tcp

-1198741653 | 2024-11-02T10:57:22.449414
53 / tcp

2063928432 | 2024-11-03T11:51:55.867421
53 / udp

402613138 | 2024-11-05T17:07:52.605299
80 / tcp

402613138 | 2024-11-03T06:42:56.757809
443 / tcp

603666032 | 2024-10-12T13:58:30.432064
500 / udp

1164398073 | 2024-10-23T02:35:49.384365
554 / tcp

-2129060956 | 2024-11-05T17:48:11.265295
1701 / udp

1997720396 | 2024-10-27T09:58:57.332503
3000 / tcp

649845142 | 2024-11-08T18:54:34.641978
8089 / tcp