-1362809680 | 2024-09-09T05:14:26.962287
80 /
tcp
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html
Server: Microsoft-IIS/8.5
Set-Cookie: ASPSESSIONIDCCATTCRA=JEPJBCKCHLNOLKPNJNDOPDFE; path=/
X-Powered-By: ASP.NET
Date: Mon, 09 Sep 2024 05:14:25 GMT
Content-Length: 9167
-169900935 | 2024-09-08T02:15:03.602009
135 /
tcp
Microsoft RPC Endpoint Mapper
d95afe70-a6d5-4259-822e-2c84da1ddb0d
version: v1.0
protocol: [MS-RSP]: Remote Shutdown Protocol
provider: wininit.exe
ncacn_ip_tcp: 172.99.67.245:49152
ncalrpc: WindowsShutdown
ncacn_np: \\SW-WEB-200\PIPE\InitShutdown
ncalrpc: WMsgKRpc0816C0
76f226c3-ec14-4325-8a99-6a46348418af
version: v1.0
provider: winlogon.exe
ncalrpc: WindowsShutdown
ncacn_np: \\SW-WEB-200\PIPE\InitShutdown
ncalrpc: WMsgKRpc0816C0
ncalrpc: WMsgKRpc083791
9b008953-f195-4bf9-bde0-4471971e58ed
version: v1.0
ncalrpc: LRPC-9c2a05edb48182863e
ncacn_np: \\SW-WEB-200\pipe\LSM_API_service
ncalrpc: LSMApi
ncalrpc: LRPC-cb8f6e443bf6e5a32d
ncalrpc: actkernel
ncalrpc: umpo
697dcda9-3ba9-4eb2-9247-e11f1901b0d2
version: v1.0
ncalrpc: LRPC-9c2a05edb48182863e
ncacn_np: \\SW-WEB-200\pipe\LSM_API_service
ncalrpc: LSMApi
ncalrpc: LRPC-cb8f6e443bf6e5a32d
ncalrpc: actkernel
ncalrpc: umpo
c9ac6db5-82b7-4e55-ae8a-e464ed7b4277
version: v1.0
annotation: Impl friendly name
provider: sysntfy.dll
ncalrpc: LRPC-cb8f6e443bf6e5a32d
ncalrpc: actkernel
ncalrpc: umpo
ncacn_np: \\SW-WEB-200\PIPE\srvsvc
ncacn_ip_tcp: 172.99.67.245:49154
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\SW-WEB-200\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE24CC1D55D0BD4FB48E55ADEA05B3
ncalrpc: IUserProfile2
ncalrpc: senssvc
ncalrpc: OLE24CC1D55D0BD4FB48E55ADEA05B3
ncalrpc: IUserProfile2
ncalrpc: OLE24CC1D55D0BD4FB48E55ADEA05B3
ncalrpc: IUserProfile2
ncalrpc: IUserProfile2
0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
c605f9fb-f0a3-4e2a-a073-73560f8d9e3e
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
8bfc3be1-6def-4e2d-af74-7c47cd0ade4a
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
2d98a740-581d-41b9-aa0d-a88b9d5ce938
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
3b338d89-6cfa-44b8-847e-531531bc9992
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
8782d3b9-ebbd-4644-a3d8-e8725381919b
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
085b0334-e454-4d91-9b8c-4134f9e793f3
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5
version: v1.0
annotation: DHCP Client LRPC Endpoint
provider: dhcpcsvc.dll
ncalrpc: dhcpcsvc
ncalrpc: dhcpcsvc6
ncalrpc: LRPC-8471a9f65cf1bf0765
ncacn_ip_tcp: 172.99.67.245:49153
ncacn_np: \\SW-WEB-200\pipe\eventlog
ncalrpc: eventlog
3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6
version: v1.0
annotation: DHCPv6 Client LRPC Endpoint
provider: dhcpcsvc6.dll
ncalrpc: dhcpcsvc6
ncalrpc: LRPC-8471a9f65cf1bf0765
ncacn_ip_tcp: 172.99.67.245:49153
ncacn_np: \\SW-WEB-200\pipe\eventlog
ncalrpc: eventlog
abfb6ca3-0c5e-4734-9285-0aee72fe8d1c
version: v1.0
annotation: Wcm Service
ncalrpc: LRPC-8471a9f65cf1bf0765
ncacn_ip_tcp: 172.99.67.245:49153
ncacn_np: \\SW-WEB-200\pipe\eventlog
ncalrpc: eventlog
30adc50c-5cbc-46ce-9a0e-91914789e23c
version: v1.0
annotation: NRP server endpoint
provider: nrpsrv.dll
ncalrpc: LRPC-8471a9f65cf1bf0765
ncacn_ip_tcp: 172.99.67.245:49153
ncacn_np: \\SW-WEB-200\pipe\eventlog
ncalrpc: eventlog
f6beaff7-1e19-4fbb-9f8f-b89e2018337c
version: v1.0
annotation: Event log TCPIP
protocol: [MS-EVEN6]: EventLog Remoting Protocol
provider: wevtsvc.dll
ncacn_ip_tcp: 172.99.67.245:49153
ncacn_np: \\SW-WEB-200\pipe\eventlog
ncalrpc: eventlog
30b044a5-a225-43f0-b3a4-e060df91f9c1
version: v1.0
provider: certprop.dll
ncalrpc: LRPC-d66d529be9578ee8e8
ncacn_np: \\SW-WEB-200\PIPE\srvsvc
ncacn_ip_tcp: 172.99.67.245:49154
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\SW-WEB-200\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE24CC1D55D0BD4FB48E55ADEA05B3
ncalrpc: IUserProfile2
1a0d010f-1c33-432c-b0f5-8cf4e8053099
version: v1.0
annotation: IdSegSrv service
ncacn_ip_tcp: 172.99.67.245:49154
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\SW-WEB-200\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE24CC1D55D0BD4FB48E55ADEA05B3
ncalrpc: IUserProfile2
98716d03-89ac-44c7-bb8c-285824e51c4a
version: v1.0
annotation: XactSrv service
provider: srvsvc.dll
ncacn_ip_tcp: 172.99.67.245:49154
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\SW-WEB-200\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE24CC1D55D0BD4FB48E55ADEA05B3
ncalrpc: IUserProfile2
c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1
version: v1.0
annotation: Adh APIs
ncacn_ip_tcp: 172.99.67.245:49154
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\SW-WEB-200\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE24CC1D55D0BD4FB48E55ADEA05B3
ncalrpc: IUserProfile2
c36be077-e14b-4fe9-8abc-e856ef4f048b
version: v1.0
annotation: Proxy Manager client server endpoint
ncacn_ip_tcp: 172.99.67.245:49154
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\SW-WEB-200\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE24CC1D55D0BD4FB48E55ADEA05B3
ncalrpc: IUserProfile2
2e6035b2-e8f1-41a7-a044-656b439c4c34
version: v1.0
annotation: Proxy Manager provider server endpoint
ncacn_ip_tcp: 172.99.67.245:49154
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\SW-WEB-200\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE24CC1D55D0BD4FB48E55ADEA05B3
ncalrpc: IUserProfile2
552d076a-cb29-4e44-8b6a-d15e59e2c0af
version: v1.0
annotation: IP Transition Configuration endpoint
provider: iphlpsvc.dll
ncacn_ip_tcp: 172.99.67.245:49154
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\SW-WEB-200\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE24CC1D55D0BD4FB48E55ADEA05B3
ncalrpc: IUserProfile2
3a9ef155-691d-4449-8d05-09ad57031823
version: v1.0
ncacn_ip_tcp: 172.99.67.245:49154
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\SW-WEB-200\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE24CC1D55D0BD4FB48E55ADEA05B3
ncalrpc: IUserProfile2
86d35949-83c9-4044-b424-db363231fd0c
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: schedsvc.dll
ncacn_ip_tcp: 172.99.67.245:49154
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\SW-WEB-200\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE24CC1D55D0BD4FB48E55ADEA05B3
ncalrpc: IUserProfile2
378e52b0-c0a9-11cf-822d-00aa0051e40f
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: taskcomp.dll
ncacn_np: \\SW-WEB-200\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE24CC1D55D0BD4FB48E55ADEA05B3
ncalrpc: IUserProfile2
1ff70682-0a51-30e8-076d-740be8cee98b
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: taskcomp.dll
ncacn_np: \\SW-WEB-200\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE24CC1D55D0BD4FB48E55ADEA05B3
ncalrpc: IUserProfile2
0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53
version: v1.0
provider: schedsvc.dll
ncalrpc: senssvc
ncalrpc: OLE24CC1D55D0BD4FB48E55ADEA05B3
ncalrpc: IUserProfile2
2eb08e3e-639f-4fba-97b1-14f878961076
version: v1.0
annotation: Group Policy RPC Interface
provider: gpsvc.dll
ncalrpc: LRPC-86caca704c5e07d0a8
3473dd4d-2e88-4006-9cba-22570909dd10
version: v5.256
annotation: WinHttp Auto-Proxy Service
ncacn_np: \\SW-WEB-200\PIPE\W32TIME_ALT
ncalrpc: W32TIME_ALT
ncalrpc: LRPC-9f97820bcebf033079
ncalrpc: OLE72D0F90A4715786D8BA2C6C5C029
7ea70bcf-48af-4f6a-8968-6a440754d5fa
version: v1.0
annotation: NSI server endpoint
provider: nsisvc.dll
ncalrpc: LRPC-9f97820bcebf033079
ncalrpc: OLE72D0F90A4715786D8BA2C6C5C029
b2507c30-b126-494a-92ac-ee32b6eeb039
version: v1.0
ncalrpc: LRPC-8c9b30970d0c474bc9
2fb92682-6599-42dc-ae13-bd2ca89bd11c
version: v1.0
annotation: Fw APIs
provider: MPSSVC.dll
ncalrpc: LRPC-94c7b8c63ae00618c8
ncalrpc: LRPC-713c09bfe7704a2835
f47433c3-3e9d-4157-aad4-83aa1f5c2d4c
version: v1.0
annotation: Fw APIs
ncalrpc: LRPC-94c7b8c63ae00618c8
ncalrpc: LRPC-713c09bfe7704a2835
7f9d11bf-7fb9-436b-a812-b2d50c5d4c03
version: v1.0
annotation: Fw APIs
provider: MPSSVC.dll
ncalrpc: LRPC-94c7b8c63ae00618c8
ncalrpc: LRPC-713c09bfe7704a2835
dd490425-5325-4565-b774-7e27d6c09c24
version: v1.0
annotation: Base Firewall Engine API
provider: BFE.DLL
ncalrpc: LRPC-713c09bfe7704a2835
7f1343fe-50a9-4927-a778-0c5859517bac
version: v1.0
annotation: DfsDs service
ncacn_np: \\SW-WEB-200\PIPE\wkssvc
ncalrpc: LRPC-f67928de14cf4422b9
ncalrpc: DNSResolver
eb081a0d-10ee-478a-a1dd-50995283e7a8
version: v3.0
annotation: Witness Client Test Interface
ncalrpc: LRPC-f67928de14cf4422b9
ncalrpc: DNSResolver
f2c9b409-c1c9-4100-8639-d8ab1486694a
version: v1.0
annotation: Witness Client Upcall Server
ncalrpc: LRPC-f67928de14cf4422b9
ncalrpc: DNSResolver
76f03f96-cdfd-44fc-a22c-64950a001209
version: v1.0
protocol: [MS-PAR]: Print System Asynchronous Remote Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 172.99.67.245:49155
ncalrpc: LRPC-13f452328ffd7b66d0
4a452661-8290-4b36-8fbe-7f4093a94978
version: v1.0
provider: spoolsv.exe
ncacn_ip_tcp: 172.99.67.245:49155
ncalrpc: LRPC-13f452328ffd7b66d0
ae33069b-a2a8-46ee-a235-ddfd339be281
version: v1.0
protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 172.99.67.245:49155
ncalrpc: LRPC-13f452328ffd7b66d0
0b6edbfa-4a24-4fc6-8a23-942b1eca65d1
version: v1.0
protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 172.99.67.245:49155
ncalrpc: LRPC-13f452328ffd7b66d0
12345678-1234-abcd-ef00-0123456789ab
version: v1.0
protocol: [MS-RPRN]: Print System Remote Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 172.99.67.245:49155
ncalrpc: LRPC-13f452328ffd7b66d0
367abb81-9844-35f1-ad32-98f038001003
version: v2.0
protocol: [MS-SCMR]: Service Control Manager Remote Protocol
provider: services.exe
ncacn_ip_tcp: 172.99.67.245:49165
b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86
version: v2.0
annotation: KeyIso
ncacn_ip_tcp: 172.99.67.245:49167
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\SW-WEB-200\pipe\lsass
12345778-1234-abcd-ef00-0123456789ac
version: v1.0
protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
provider: samsrv.dll
ncacn_ip_tcp: 172.99.67.245:49167
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\SW-WEB-200\pipe\lsass
906b0ce0-c70b-1067-b317-00dd010662da
version: v1.0
protocol: [MS-CMPO]: MSDTC Connection Manager:
provider: msdtcprx.dll
ncalrpc: LRPC-a28788b9c30377cf74
ncalrpc: LRPC-a28788b9c30377cf74
ncalrpc: LRPC-a28788b9c30377cf74
1489525118 | 2024-08-28T18:47:07.637686
443 /
tcp
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Wed, 28 Aug 2024 18:47:03 GMT
Connection: close
Content-Length: 315
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
f4:d2:ec:d2:64:03:10:eb:75:71:f7:8d:5c:f7:6a:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
Validity
Not Before: Feb 4 00:00:00 2024 GMT
Not After : Feb 6 23:59:59 2025 GMT
Subject: CN=*.400hitter.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ab:b5:f6:07:54:39:56:6b:48:9f:e3:71:0b:7f:
6f:26:34:eb:31:cf:d7:84:bc:37:8f:a5:1b:70:35:
60:39:26:98:7a:18:53:ed:17:67:0e:b5:3d:38:21:
82:01:6c:8b:cd:24:23:94:6d:db:fd:42:37:90:fc:
70:68:4a:4f:05:c9:f1:22:8a:8f:6c:0a:96:f7:84:
9e:51:38:ff:4a:8b:98:62:fe:88:12:c1:d0:fb:87:
ce:88:6a:26:5a:a0:04:71:c3:7b:bf:17:fb:ac:f5:
c9:01:c2:aa:3a:eb:2e:14:82:52:a4:92:a9:38:cf:
57:11:2c:c7:20:9e:55:34:ad:93:3f:09:80:d4:f9:
e6:58:c4:cd:df:38:f3:e4:f3:6f:66:f5:bc:e4:a9:
e3:31:11:55:9c:5d:9d:81:e2:4b:05:9a:de:42:42:
64:54:00:d5:7a:f7:cd:5b:53:59:87:56:20:70:a8:
e6:8c:eb:bd:46:60:11:e3:3c:c7:bc:58:5d:e3:e2:
4a:f8:f7:b3:1e:e7:42:e2:0e:69:e6:31:b1:8c:84:
eb:39:dc:5d:ed:f8:a0:5c:89:ce:7d:fc:67:c4:34:
c8:50:9f:77:22:61:5a:6a:0f:88:cf:a7:6b:5c:5e:
6a:13:c7:a7:4f:52:73:93:67:2a:d7:fe:72:56:a5:
af:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Authority Key Identifier:
8D:8C:5E:C4:54:AD:8A:E1:77:E9:9B:F9:9B:05:E1:B8:01:8D:61:E1
X509v3 Subject Key Identifier:
CA:DC:D5:88:84:89:66:97:81:17:B8:16:8F:32:E7:02:11:DF:C2:95
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Certificate Policies:
Policy: 1.3.6.1.4.1.6449.1.2.2.7
CPS: https://sectigo.com/CPS
Policy: 2.23.140.1.2.1
Authority Information Access:
CA Issuers - URI:http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt
OCSP - URI:http://ocsp.sectigo.com
X509v3 Subject Alternative Name:
DNS:*.400hitter.com, DNS:400hitter.com
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
Timestamp : Feb 4 14:15:14.940 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:2F:E1:A1:E8:27:7C:56:B2:28:7A:46:16:
37:DF:1E:87:37:00:16:C2:97:CD:97:6E:35:52:C4:40:
A8:62:72:2C:02:20:5D:4E:2B:C9:39:21:6A:64:A7:33:
13:E5:6F:57:D7:43:5B:24:16:4D:97:59:BF:F9:C6:F4:
99:85:6A:72:0F:51
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
Timestamp : Feb 4 14:15:14.980 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:4D:F8:B1:9A:D9:AF:80:00:20:4E:AE:4D:
D6:3C:74:5C:3D:69:95:7E:4E:C9:EE:98:3E:B2:A8:24:
5E:E0:43:B7:02:20:0C:7D:B2:BC:61:BB:7A:47:A6:77:
7F:DF:B0:98:D6:57:5C:BA:18:C9:0B:B4:80:60:5B:A7:
4B:0E:87:9A:CF:84
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
Timestamp : Feb 4 14:15:14.988 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:1E:FC:86:07:60:B1:51:D8:C3:9E:E9:80:
0C:F8:31:A7:1D:E7:F8:9E:96:50:CA:E1:FB:DF:C5:22:
37:D0:ED:2D:02:20:17:23:07:19:41:1A:2B:E3:54:83:
6F:1F:93:4A:42:9B:7E:B2:B7:EB:57:BD:D0:D4:ED:62:
4B:1D:5E:96:AC:04
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
b1:b0:00:9a:c0:e4:67:3f:f6:c0:80:f7:3d:66:d5:bd:47:d9:
32:b1:9b:71:bf:9e:6f:db:b4:75:d1:6e:32:0b:60:55:97:38:
08:15:da:92:40:51:68:6a:54:0d:e0:a4:09:00:e1:9a:4a:ad:
7b:f4:0a:d3:55:98:21:01:af:3f:82:f7:9d:dd:0f:c6:fe:e2:
56:2e:88:2f:5e:58:45:56:43:d3:e1:82:6a:78:20:fb:6d:34:
0f:27:8b:d9:b2:ba:f7:31:5e:63:5d:9c:15:cd:11:44:f7:e8:
43:d2:37:57:41:3f:59:33:76:9a:6d:a0:e9:09:a2:1e:b3:92:
6d:22:a2:a5:3e:dc:7c:65:2b:46:70:6f:71:4c:6f:32:49:d4:
90:5d:d0:0d:04:47:c4:0e:96:cc:2f:8d:81:2f:33:b8:bb:df:
18:b9:b3:a1:79:d5:40:f4:26:49:27:57:68:59:71:52:8e:fd:
a6:5a:39:de:16:e6:12:55:88:57:1c:37:e7:95:ed:83:d5:d6:
a6:c2:44:48:47:64:3e:cc:f6:20:51:3e:ac:4c:a4:d2:b1:1a:
89:45:d5:87:60:c2:20:5b:a3:ed:48:0e:2e:4f:2b:16:10:79:
d4:a1:2e:6e:4e:4d:9d:2f:89:67:8c:1e:93:b1:51:7f:8d:f8:
1b:99:df:81
1688663994 | 2024-08-25T01:10:32.323645
445 /
tcp
SMB Status:
Authentication: enabled
SMB Version: 1
OS: Windows Server 2012 R2 Standard 9600
Software: Windows Server 2012 R2 Standard 6.3
Capabilities: extended-security, infolevel-passthru, large-files, large-readx, large-writex, level2-oplocks, lock-and-read, lwio, nt-find, nt-smb, nt-status, rpc-remote-api, unicode
1417637770 | 2024-09-05T03:44:08.279572
3389 /
tcp
Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x0f\x08\x00\x02\x00\x00\x00
Remote Desktop Protocol NTLM Info:
OS: Windows 8.1/Windows Server 2012 R2
OS Build: 6.3.9600
Target Name: SW-WEB-200
NetBIOS Domain Name: SW-WEB-200
NetBIOS Computer Name: SW-WEB-200
DNS Domain Name: sw-web-200
FQDN: sw-web-200
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:0d:b6:92:2d:59:d1:ae:4e:29:0c:80:48:1c:89:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=sw-web-200
Validity
Not Before: May 1 08:00:37 2024 GMT
Not After : Oct 31 08:00:37 2024 GMT
Subject: CN=sw-web-200
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:d7:46:57:ec:b8:3b:c6:3e:e5:9c:44:56:23:a0:
5b:7d:81:30:51:a3:e7:79:5a:14:da:56:6f:63:15:
d6:80:5d:1b:d5:0c:ce:70:37:cc:e6:94:8c:ec:8a:
ee:69:f9:4b:9a:67:cf:05:88:b4:6d:61:c0:06:a7:
d5:5e:29:bc:23:d3:c3:70:7c:22:4f:0d:3e:60:65:
8d:31:6d:89:cd:cf:fe:e5:88:13:7b:84:03:06:44:
c0:b1:7b:96:d5:90:92:82:ce:3c:48:6d:e3:b2:ca:
34:5d:33:b2:a0:6a:29:dc:d6:d2:79:a8:fa:13:93:
14:c9:1f:1d:68:b1:20:94:20:f5:c4:a8:61:8f:84:
79:de:93:de:44:70:92:15:4e:6d:99:8d:40:d4:4e:
ce:a4:b3:d3:65:23:81:9e:d4:21:7b:98:28:c4:2c:
69:06:f2:a9:54:2a:46:8f:2a:7f:a7:33:b1:0a:ff:
8b:28:bb:60:f5:28:03:65:0b:48:ce:fd:77:e9:5d:
05:cc:07:a8:9c:f9:29:f0:ee:07:6a:b8:1e:f4:f8:
6a:47:f8:33:a6:ab:25:07:cb:2e:be:9e:e0:ff:74:
f4:73:34:74:a7:f8:b9:32:73:38:9b:34:44:df:b2:
2c:2f:36:c4:eb:44:34:bb:e9:30:6a:13:7b:62:3a:
01:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Extended Key Usage:
TLS Web Server Authentication
X509v3 Key Usage:
Key Encipherment, Data Encipherment
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
6b:4b:15:cd:61:47:1e:e9:42:5f:aa:32:5b:89:6e:81:aa:c7:
94:70:96:69:2b:e0:a6:2e:58:9c:03:10:5d:91:3c:10:66:9b:
7d:a7:40:ea:f1:52:17:7d:d3:15:fd:d8:7d:c5:b0:07:ab:43:
ea:ea:c6:f5:9d:77:ba:63:41:77:85:a9:66:69:e8:76:10:12:
b0:0c:b7:af:6c:c0:42:aa:71:3e:f1:46:b4:21:85:98:92:48:
55:24:40:80:a5:4b:aa:48:f6:a9:00:96:bd:9b:a7:20:b0:6a:
ce:db:92:f5:0b:09:58:f6:0e:2f:55:7a:1f:d3:61:f6:e9:68:
da:c5:8c:a6:33:55:df:e8:3d:64:3f:70:ec:95:89:c6:73:b1:
ce:76:4b:ad:c1:b3:48:f4:cd:ad:f2:be:6b:e1:6a:7b:8e:de:
3d:df:e1:e5:03:88:13:0b:c6:72:84:e8:8d:2e:f0:93:a2:72:
1d:d0:e2:24:6e:78:40:d4:6c:ff:83:67:c7:0f:2e:ba:20:0d:
40:62:35:9b:cd:e8:66:ad:9e:a6:3e:2f:0f:7c:e2:d7:f6:e4:
3c:b3:f8:76:09:4d:a6:97:c0:42:74:ad:ab:37:e9:74:13:82:
57:2a:81:6a:0c:c1:4d:e1:16:33:7c:73:57:98:09:94:52:da:
f2:93:74:c2
1489525118 | 2024-08-15T00:17:22.111422
5986 /
tcp
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 15 Aug 2024 00:17:18 GMT
Connection: close
Content-Length: 315
WinRM NTLM Info:
OS: Windows Server 2012 R2
OS Build: 6.3.9600
Target Name: SW-WEB-200
NetBIOS Domain Name: SW-WEB-200
NetBIOS Computer Name: SW-WEB-200
DNS Domain Name: sw-web-200
FQDN: sw-web-200
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:bc:a1:dd:b4:04:be:a4:4a:21:4c:e7:99:da:05:d4
Signature Algorithm: sha1WithRSAEncryption
Issuer: CN=SW-WEB-200
Validity
Not Before: Apr 18 03:39:08 2017 GMT
Not After : Apr 16 03:39:08 2027 GMT
Subject: CN=SW-WEB-200
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (4096 bit)
Modulus:
00:e6:7b:e1:3b:d8:d8:1e:52:d1:9a:0c:81:47:6b:
8a:83:c0:8d:a8:6d:84:91:8d:ff:7a:ee:cc:5f:a9:
86:65:32:49:04:e6:9e:fa:50:a5:85:35:3e:27:90:
2d:4b:d2:34:98:03:32:ad:82:fc:88:1c:c7:04:85:
43:4c:92:ca:6c:49:37:ea:d0:ad:8b:8f:c6:e6:59:
4a:1e:f9:7d:49:9f:44:3f:d7:a0:13:07:79:57:b9:
99:59:81:8a:e6:6c:80:e2:3f:37:ff:2e:f9:d9:48:
a5:8c:24:50:ea:04:29:78:47:12:e1:71:99:b8:09:
91:eb:fd:34:3c:1f:10:ec:ca:13:18:81:98:8e:8e:
83:5b:40:b7:73:3a:eb:55:09:f8:9c:b6:29:13:a2:
40:36:eb:79:74:32:6c:0f:5e:14:bf:69:82:d3:2b:
b3:76:5b:3d:c4:60:c4:34:09:55:3d:30:bc:94:8d:
20:83:e5:07:96:10:72:3f:3b:ed:ec:2f:38:ba:89:
05:a3:89:aa:30:ea:32:f0:af:d8:41:5d:7d:d4:9d:
84:30:81:0e:b6:00:a9:db:e5:0c:78:de:04:d5:88:
f1:bf:65:72:c0:4d:ff:09:f9:cb:b0:67:df:68:46:
b4:d3:67:bb:84:2d:ed:24:8f:d4:48:34:75:cf:42:
ab:b1:62:9f:2e:7c:11:cb:ce:cf:71:d8:19:37:44:
02:58:c2:7c:20:43:a2:da:6d:94:75:19:7c:03:6f:
6a:d6:6e:c4:27:76:3e:2e:46:17:fe:4c:d0:fe:c5:
a6:13:07:e8:4b:df:30:f0:c6:89:4c:1b:3e:d3:7d:
ff:f3:5d:f3:e0:47:5d:3a:ce:48:4f:32:67:a8:f2:
6e:7b:39:0f:0d:02:e7:d7:4c:41:13:4e:18:8f:f0:
30:58:99:a4:f6:28:18:3e:8b:1d:05:0f:3f:c1:18:
99:21:9e:cc:53:ce:c3:ab:37:a0:5e:4f:0a:64:c9:
6f:e8:4f:33:0e:2f:75:fd:06:8c:b6:13:0b:dc:87:
f1:c7:1c:de:1d:59:e5:45:4f:cc:ca:a0:53:19:3f:
35:1d:47:04:7b:fb:6b:74:1a:96:d3:38:83:a2:ac:
37:c5:62:ca:d6:5c:ea:8f:38:0e:bc:e4:7f:bc:2e:
14:b5:11:1f:4f:5f:50:f1:a8:ee:00:ef:c5:e6:45:
cd:79:6d:01:84:ca:9c:59:20:57:43:c9:09:c2:61:
06:7d:21:e4:97:44:23:7f:57:bb:91:a3:f4:08:0d:
4f:a0:a4:15:86:b2:27:12:2e:95:7f:e9:d4:0d:45:
1e:28:79:c7:3d:ec:df:bd:6b:9a:c2:37:91:b9:6f:
98:2b:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Extended Key Usage:
TLS Web Server Authentication
X509v3 Subject Key Identifier:
55:A8:BA:CB:1B:72:92:7C:06:88:FE:8C:5B:0A:E7:E7:A9:FD:17:5D
X509v3 Key Usage: critical
Key Encipherment
Signature Algorithm: sha1WithRSAEncryption
Signature Value:
1c:7e:32:b7:65:6c:58:4e:35:bb:21:aa:fe:e5:07:3f:a9:a3:
87:be:b2:4c:24:23:46:1c:d6:2d:72:74:39:7d:24:48:fe:62:
8f:24:c5:91:39:af:7d:31:c0:2a:d3:98:6b:6c:ad:ef:a3:3d:
cd:13:b5:0c:f9:f9:97:a7:70:9d:00:dc:9a:22:27:74:4b:8a:
19:c6:5a:f9:35:10:83:0a:19:c4:fa:ad:56:cc:3d:82:d3:a1:
fd:f2:2a:b5:4f:d3:62:1f:6a:07:5d:84:e8:6b:bd:d4:5c:ba:
9d:5f:86:0a:11:8c:71:89:9a:66:34:10:94:a4:e8:e8:85:81:
41:bc:ae:c9:20:78:ec:6a:5f:88:e6:67:4a:17:75:c2:89:bc:
0b:12:95:b5:40:aa:de:bb:cd:5d:bc:35:44:54:4b:5c:c7:3d:
70:b3:fd:4e:5f:fe:f1:cc:b6:ee:f5:ed:b3:48:da:fd:45:bf:
c2:f6:89:3d:88:8a:4a:ec:63:bd:4a:a8:42:8c:37:27:ab:b2:
9b:f2:53:68:c1:60:6c:43:4f:b5:97:7c:54:b2:76:49:18:27:
c1:35:c8:c1:e6:a3:1a:a0:a4:61:78:bf:89:09:d9:3d:ee:b3:
8f:63:ad:98:84:e5:62:fe:b9:b4:98:80:26:a5:2a:05:b1:bb:
b6:8d:ff:e8:fd:b3:fd:6c:74:7a:9b:8e:53:da:16:df:e9:35:
1b:3a:7d:1f:8c:79:5e:5d:9e:5c:84:9f:b6:dc:2c:ca:05:fd:
2e:e4:5e:eb:cf:9b:a7:30:ca:fe:c2:40:34:8d:39:89:05:8f:
2a:d1:e4:57:f2:3b:24:c1:2a:45:31:e2:02:19:3e:95:7a:88:
74:b4:97:c0:e8:4e:44:d6:0a:de:86:a8:18:5b:99:a8:f2:ec:
fa:3a:10:6d:96:fa:c4:d1:f4:c5:43:fd:52:29:7f:53:97:92:
81:2e:b2:4b:14:7c:dd:13:98:24:83:37:e4:95:6c:2f:53:b6:
07:59:8b:29:d2:b3:bb:8c:8d:17:62:db:81:72:ca:13:85:b4:
71:50:bf:7c:28:69:b0:4d:2d:d3:a7:80:ed:8f:13:c5:88:be:
d2:b3:e6:40:4d:52:bc:8b:48:80:0e:63:78:37:a4:75:ba:f3:
e1:0c:70:cf:4f:07:1c:34:d3:88:b4:6d:af:89:96:b5:40:c8:
f4:15:f4:aa:12:1b:a3:e8:b1:75:0e:28:15:c7:5a:2d:b0:8a:
be:f6:73:df:0d:2a:15:ba:c3:b3:f8:b1:12:7e:2e:7b:5f:fe:
0b:a1:dc:8a:47:ab:cd:91:6a:46:63:4d:b8:a9:a1:3d:4a:3b:
22:ac:e2:7c:c7:1a:a9:c0
