703707298 | 2025-01-04T03:25:00.492441
80 /
tcp
HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Wed, 07 Aug 2024 11:47:58 GMT
Accept-Ranges: bytes
ETag: "adbb1ba6bfe8da1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Sat, 04 Jan 2025 03:25:00 GMT
Content-Length: 703
1489525118 | 2025-01-05T04:27:24.899610
443 /
tcp
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Sun, 05 Jan 2025 04:27:24 GMT
Connection: close
Content-Length: 315
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7453121324347182312 (0x676ece5b2d9a4ce8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., OU=http:\/\/certs.starfieldtech.com\/repository\/, CN=Starfield Secure Certificate Authority - G2
Validity
Not Before: Jul 25 08:13:50 2024 GMT
Not After : Aug 24 07:00:00 2025 GMT
Subject: CN=*.evidencehub.live
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:d2:cb:df:e2:f7:f3:b3:04:32:0d:89:d0:cb:96:
e3:2d:3b:a5:7e:e3:fa:27:e4:3b:66:53:4b:76:f3:
10:85:f9:e3:68:93:ce:07:7c:6a:81:e5:54:4a:e3:
9b:0c:aa:91:78:a6:57:82:b6:ae:0a:7a:71:4d:ed:
e5:2a:a1:94:f4:1f:fc:61:a5:bb:2b:d5:62:52:ab:
0e:6c:ca:91:ff:2a:f2:dc:2e:0b:7c:79:c5:76:5d:
84:88:d7:73:d4:e3:fb:5c:5a:d5:89:52:9c:eb:e5:
cd:80:fe:c9:f4:ec:52:1d:3d:ed:a8:43:19:d6:e5:
5b:f0:cc:92:52:01:99:56:fb:67:eb:36:03:80:ce:
ff:98:21:b2:7d:df:2d:5c:3d:c6:ce:b7:ae:63:35:
0a:ee:7d:6e:83:a5:a4:f6:00:29:e4:21:5b:9a:55:
86:fc:9e:7c:04:3a:4a:ec:c3:af:b1:d0:03:79:a5:
a3:5f:f0:75:91:64:b5:8b:f4:63:f1:5e:d3:91:b8:
5b:6f:c7:71:bc:21:d0:34:83:8b:18:31:a4:4f:84:
db:1f:50:64:49:31:21:ec:ab:62:5a:16:70:e6:51:
eb:71:cb:0f:52:d6:8f:aa:d2:3c:4b:66:3c:15:2c:
26:dc:1f:7c:55:b5:0d:9b:62:74:85:2d:fa:fa:f7:
cc:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 CRL Distribution Points:
Full Name:
URI:http://crl.starfieldtech.com/sfig2s1-740.crl
X509v3 Certificate Policies:
Policy: 2.16.840.1.114414.1.7.23.1
CPS: http://certificates.starfieldtech.com/repository/
Policy: 2.23.140.1.2.1
Authority Information Access:
OCSP - URI:http://ocsp.starfieldtech.com/
CA Issuers - URI:http://certificates.starfieldtech.com/repository/sfig2.crt
X509v3 Authority Key Identifier:
25:45:81:68:50:26:38:3D:3B:2D:2C:BE:CD:6A:D9:B6:3D:B3:66:63
X509v3 Subject Alternative Name:
DNS:*.evidencehub.live, DNS:evidencehub.live
X509v3 Subject Key Identifier:
4F:3D:E6:42:E8:19:F1:8A:61:49:8E:FE:68:90:DA:42:5F:CE:8E:43
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 12:F1:4E:34:BD:53:72:4C:84:06:19:C3:8F:3F:7A:13:
F8:E7:B5:62:87:88:9C:6D:30:05:84:EB:E5:86:26:3A
Timestamp : Jul 25 08:13:50.868 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:D4:82:2E:1F:D2:26:DF:14:96:E5:54:
01:0E:42:EB:E6:46:4D:FB:F6:FC:75:85:1E:CE:27:91:
4F:E8:FF:82:AF:02:21:00:D3:32:60:9C:7F:3E:55:67:
11:F5:FF:FB:D6:13:BF:FC:C5:2B:B4:E7:D5:5E:61:9C:
11:E3:BC:F2:F5:46:69:FF
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 7D:59:1E:12:E1:78:2A:7B:1C:61:67:7C:5E:FD:F8:D0:
87:5C:14:A0:4E:95:9E:B9:03:2F:D9:0E:8C:2E:79:B8
Timestamp : Jul 25 08:13:51.116 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:D5:8C:A5:D2:E9:60:35:75:C8:E2:63:
16:5B:9C:5E:68:33:2C:31:40:A5:EB:46:31:12:5F:75:
E6:80:5C:0D:F8:02:21:00:C5:D8:6A:3D:93:1E:F4:FC:
18:B1:7B:09:2C:21:F8:49:EC:5A:8D:09:FD:57:C4:BD:
61:25:C0:E8:90:AF:D6:5F
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
Timestamp : Jul 25 08:13:51.239 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:61:48:A7:BC:19:66:BE:EE:71:2B:80:2C:
52:CB:84:6E:4B:D8:8B:74:9A:5C:DD:FA:86:45:91:88:
17:9C:1A:E9:02:20:4A:B2:87:86:2C:CC:B4:8E:85:C1:
77:E4:E5:72:D9:29:08:13:9E:24:A1:FE:84:A2:71:33:
5F:78:2C:9A:54:38
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
32:7f:4d:23:dc:15:1e:27:35:45:4d:85:87:59:8a:85:f7:05:
47:64:b6:7e:94:f0:18:43:65:f5:11:d8:c8:94:c1:45:e5:06:
74:71:e5:06:23:97:83:14:b5:a0:34:b9:29:06:ab:c5:25:43:
7e:03:29:27:4c:02:0e:6f:2c:40:65:05:02:7a:01:4b:89:28:
45:6f:d3:c8:03:45:34:27:05:ec:d8:95:c1:83:ae:6a:0e:14:
53:f2:50:52:b9:47:96:af:ef:0c:24:6f:32:ab:fa:98:49:89:
8c:44:bf:36:89:dd:60:3a:39:12:c5:e7:6b:0a:d9:81:3c:be:
40:be:5d:03:b7:80:a0:86:51:91:97:be:12:d8:9b:4e:ad:83:
58:96:9c:5f:6b:07:16:19:d8:a5:0f:29:be:bb:77:14:a0:8e:
3b:89:45:d6:e8:6b:4a:98:02:29:ac:4a:76:3f:6f:88:e3:bf:
14:ff:f7:dc:90:3c:af:b9:da:13:b0:df:34:8f:43:dc:7d:aa:
4b:7e:2a:a4:d0:53:d4:e6:a5:28:95:23:a2:f9:74:8e:76:ff:
50:5d:27:71:8c:92:03:cc:8f:07:b7:f4:23:46:2a:f0:98:a5:
6d:79:c5:a6:d8:22:61:c1:be:d2:b3:15:98:14:00:69:24:f9:
80:83:6c:fe
-1388182571 | 2025-01-07T05:02:56.753229
3389 /
tcp
Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x1f\x08\x00\x02\x00\x00\x00
Remote Desktop Protocol NTLM Info:
OS: Windows Server 2022
OS Build: 10.0.20348
Target Name: EvidenceLibrary
NetBIOS Domain Name: EvidenceLibrary
NetBIOS Computer Name: EvidenceLibrary
DNS Domain Name: EvidenceLibrary
FQDN: EvidenceLibrary
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:98:80:3c:71:38:29:98:4a:ba:0b:e1:d7:e9:e7:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EvidenceLibrary
Validity
Not Before: Jan 4 12:03:08 2025 GMT
Not After : Jul 6 12:03:08 2025 GMT
Subject: CN=EvidenceLibrary
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ba:bd:a0:5a:5a:4a:59:9b:ee:56:91:61:59:9b:
00:da:a4:cf:39:63:2c:65:5f:df:6e:f2:0d:94:3c:
54:13:af:8f:db:dd:4e:e0:53:cc:f6:2b:53:80:42:
28:a5:56:df:50:47:32:4a:6c:7f:ae:75:a8:6b:d9:
d0:20:9e:43:64:d1:97:cb:cc:e2:4b:ce:fc:1f:ac:
8f:01:b1:4b:ee:a0:4c:44:66:fa:77:b5:b6:eb:43:
24:47:d4:b6:63:35:f3:91:5f:89:61:d4:53:1a:c9:
25:8a:c6:c9:1b:2e:71:c4:12:df:c1:08:de:9a:e4:
07:1f:7e:72:d2:54:6f:e3:6e:9a:4a:8c:8d:3e:e0:
1d:81:50:1d:14:57:fe:f8:ef:97:cf:bf:e6:6c:a5:
e6:fd:73:b8:ec:dd:c8:2f:2d:97:74:9b:f4:fd:2e:
c8:ec:07:68:36:da:2c:8f:d4:6c:33:00:fc:e5:bb:
9e:39:4d:72:c8:1a:5b:18:03:a3:c7:b2:91:7e:66:
8f:37:9a:ea:cf:8d:c5:3e:b2:3f:31:b6:67:e1:6e:
64:3e:fe:8e:9c:4b:be:f7:a3:56:07:d8:f4:ff:81:
72:f0:d3:49:6f:2d:a2:af:01:a4:ea:e3:ee:e2:35:
67:1c:b8:4a:b3:83:dd:51:0f:63:b7:f1:d9:73:ef:
22:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Extended Key Usage:
TLS Web Server Authentication
X509v3 Key Usage:
Key Encipherment, Data Encipherment
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
ab:60:0f:e0:2b:30:98:05:8d:66:27:43:bb:a6:a4:8a:b4:89:
98:ef:84:d9:33:02:1e:02:f8:a6:6e:3a:ba:7e:e1:02:f0:80:
e8:51:99:ad:fb:56:d9:ff:a4:ae:74:35:ef:8c:bc:83:11:29:
c5:69:e7:c6:a0:96:19:8e:a3:8d:fb:61:d0:33:6f:5f:77:d8:
d2:4b:21:64:7e:e6:e3:a2:e8:87:c1:4c:d7:f8:ac:30:d5:44:
6f:3e:7e:f6:5b:36:09:9c:50:74:a0:6f:6c:c1:d0:1b:95:fe:
22:c8:bf:8c:04:69:8c:b7:e4:15:0d:2b:0b:7e:3f:8e:6e:63:
2e:e1:f9:cd:0f:22:c1:5c:59:e5:89:d9:39:80:f9:44:23:91:
bd:28:bf:fa:b8:71:3b:ac:c5:5b:63:a7:84:be:18:0a:42:e6:
6c:3f:88:9f:b7:48:cc:fa:24:fb:71:22:59:97:ee:29:e9:86:
bd:8a:af:79:fe:6a:90:f6:ca:37:a2:0c:29:f0:a9:16:a0:a1:
e3:ea:cb:3e:9e:8b:16:7a:d5:7e:4c:1d:76:5e:68:a1:3f:ec:
f4:d5:df:1a:18:38:56:85:d4:f4:64:52:0a:5b:03:41:00:59:
76:b0:8f:62:19:70:2f:8f:52:bd:2a:e5:d0:93:1f:79:ff:2a:
4b:65:1a:27
