1509372378 | 2025-02-02T22:11:08.486671
HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Fri, 18 Dec 2015 04:58:11 GMT
Accept-Ranges: bytes
ETag: "1dccccb15039d11:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sun, 02 Feb 2025 22:11:08 GMT
Content-Length: 4015
135 /
tcp
1299721539 | 2025-01-08T13:06:49.812387
Microsoft RPC Endpoint Mapper
d95afe70-a6d5-4259-822e-2c84da1ddb0d
version: v1.0
protocol: [MS-RSP]: Remote Shutdown Protocol
provider: wininit.exe
ncacn_ip_tcp: 185.87.121.5:49152
ncalrpc: WindowsShutdown
ncacn_np: \\WIN-E4KBDRM0DL0\PIPE\InitShutdown
ncalrpc: WMsgKRpc091EC0
76f226c3-ec14-4325-8a99-6a46348418af
version: v1.0
provider: winlogon.exe
ncalrpc: WindowsShutdown
ncacn_np: \\WIN-E4KBDRM0DL0\PIPE\InitShutdown
ncalrpc: WMsgKRpc091EC0
ncalrpc: WMsgKRpc092401
c9ac6db5-82b7-4e55-ae8a-e464ed7b4277
version: v1.0
annotation: Impl friendly name
provider: sysntfy.dll
ncalrpc: LRPC-7010bdeba2abb24aa8
ncacn_np: \\WIN-E4KBDRM0DL0\PIPE\srvsvc
ncacn_ip_tcp: 185.87.121.5:49154
ncacn_np: \\WIN-E4KBDRM0DL0\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE08FC2F853B3D437E8482174B5071
ncalrpc: IUserProfile2
ncalrpc: senssvc
ncalrpc: OLE08FC2F853B3D437E8482174B5071
ncalrpc: IUserProfile2
ncalrpc: OLE08FC2F853B3D437E8482174B5071
ncalrpc: IUserProfile2
ncalrpc: IUserProfile2
24019106-a203-4642-b88d-82dae9158929
version: v1.0
provider: authui.dll
ncalrpc: LRPC-8d1cbc305494f531c5
3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5
version: v1.0
annotation: DHCP Client LRPC Endpoint
provider: dhcpcsvc.dll
ncalrpc: dhcpcsvc
ncalrpc: dhcpcsvc6
ncacn_ip_tcp: 185.87.121.5:49153
ncacn_np: \\WIN-E4KBDRM0DL0\pipe\eventlog
ncalrpc: eventlog
3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6
version: v1.0
annotation: DHCPv6 Client LRPC Endpoint
provider: dhcpcsvc6.dll
ncalrpc: dhcpcsvc6
ncacn_ip_tcp: 185.87.121.5:49153
ncacn_np: \\WIN-E4KBDRM0DL0\pipe\eventlog
ncalrpc: eventlog
30adc50c-5cbc-46ce-9a0e-91914789e23c
version: v1.0
annotation: NRP server endpoint
provider: nrpsrv.dll
ncacn_ip_tcp: 185.87.121.5:49153
ncacn_np: \\WIN-E4KBDRM0DL0\pipe\eventlog
ncalrpc: eventlog
f6beaff7-1e19-4fbb-9f8f-b89e2018337c
version: v1.0
annotation: Event log TCPIP
protocol: [MS-EVEN6]: EventLog Remoting Protocol
provider: wevtsvc.dll
ncacn_ip_tcp: 185.87.121.5:49153
ncacn_np: \\WIN-E4KBDRM0DL0\pipe\eventlog
ncalrpc: eventlog
30b044a5-a225-43f0-b3a4-e060df91f9c1
version: v1.0
provider: certprop.dll
ncacn_np: \\WIN-E4KBDRM0DL0\PIPE\srvsvc
ncacn_ip_tcp: 185.87.121.5:49154
ncacn_np: \\WIN-E4KBDRM0DL0\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE08FC2F853B3D437E8482174B5071
ncalrpc: IUserProfile2
98716d03-89ac-44c7-bb8c-285824e51c4a
version: v1.0
annotation: XactSrv service
provider: srvsvc.dll
ncacn_ip_tcp: 185.87.121.5:49154
ncacn_np: \\WIN-E4KBDRM0DL0\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE08FC2F853B3D437E8482174B5071
ncalrpc: IUserProfile2
552d076a-cb29-4e44-8b6a-d15e59e2c0af
version: v1.0
annotation: IP Transition Configuration endpoint
provider: iphlpsvc.dll
ncacn_ip_tcp: 185.87.121.5:49154
ncacn_np: \\WIN-E4KBDRM0DL0\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE08FC2F853B3D437E8482174B5071
ncalrpc: IUserProfile2
a398e520-d59a-4bdd-aa7a-3c1e0303a511
version: v1.0
annotation: IKE/Authip API
provider: IKEEXT.DLL
ncacn_ip_tcp: 185.87.121.5:49154
ncacn_np: \\WIN-E4KBDRM0DL0\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE08FC2F853B3D437E8482174B5071
ncalrpc: IUserProfile2
86d35949-83c9-4044-b424-db363231fd0c
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: schedsvc.dll
ncacn_ip_tcp: 185.87.121.5:49154
ncacn_np: \\WIN-E4KBDRM0DL0\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE08FC2F853B3D437E8482174B5071
ncalrpc: IUserProfile2
378e52b0-c0a9-11cf-822d-00aa0051e40f
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: taskcomp.dll
ncacn_np: \\WIN-E4KBDRM0DL0\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE08FC2F853B3D437E8482174B5071
ncalrpc: IUserProfile2
1ff70682-0a51-30e8-076d-740be8cee98b
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: taskcomp.dll
ncacn_np: \\WIN-E4KBDRM0DL0\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE08FC2F853B3D437E8482174B5071
ncalrpc: IUserProfile2
0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53
version: v1.0
provider: schedsvc.dll
ncalrpc: senssvc
ncalrpc: OLE08FC2F853B3D437E8482174B5071
ncalrpc: IUserProfile2
2eb08e3e-639f-4fba-97b1-14f878961076
version: v1.0
provider: gpsvc.dll
ncalrpc: OLE08FC2F853B3D437E8482174B5071
ncalrpc: IUserProfile2
3473dd4d-2e88-4006-9cba-22570909dd10
version: v5.256
annotation: WinHttp Auto-Proxy Service
ncacn_np: \\WIN-E4KBDRM0DL0\PIPE\W32TIME_ALT
ncalrpc: W32TIME_ALT
ncalrpc: LRPC-ae5446a0359b3b5ad6
ncalrpc: OLE51CFCE6BDBAF411D8AB265C9A263
7ea70bcf-48af-4f6a-8968-6a440754d5fa
version: v1.0
annotation: NSI server endpoint
provider: nsisvc.dll
ncalrpc: LRPC-ae5446a0359b3b5ad6
ncalrpc: OLE51CFCE6BDBAF411D8AB265C9A263
2fb92682-6599-42dc-ae13-bd2ca89bd11c
version: v1.0
annotation: Fw APIs
provider: MPSSVC.dll
ncalrpc: LRPC-757381dc1399200d37
7f9d11bf-7fb9-436b-a812-b2d50c5d4c03
version: v1.0
annotation: Fw APIs
provider: MPSSVC.dll
ncalrpc: LRPC-757381dc1399200d37
dd490425-5325-4565-b774-7e27d6c09c24
version: v1.0
annotation: Base Firewall Engine API
provider: BFE.DLL
ncalrpc: LRPC-757381dc1399200d37
7f1343fe-50a9-4927-a778-0c5859517bac
version: v1.0
annotation: DfsDs service
ncacn_np: \\WIN-E4KBDRM0DL0\PIPE\wkssvc
ncalrpc: DNSResolver
4a452661-8290-4b36-8fbe-7f4093a94978
version: v1.0
annotation: Spooler function endpoint
provider: spoolsv.exe
ncalrpc: spoolss
ae33069b-a2a8-46ee-a235-ddfd339be281
version: v1.0
annotation: Spooler base remote object endpoint
protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
provider: spoolsv.exe
ncalrpc: spoolss
0b6edbfa-4a24-4fc6-8a23-942b1eca65d1
version: v1.0
annotation: Spooler function endpoint
protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
provider: spoolsv.exe
ncalrpc: spoolss
12345778-1234-abcd-ef00-0123456789ac
version: v1.0
protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
provider: samsrv.dll
ncacn_ip_tcp: 185.87.121.5:49155
ncalrpc: samss lpc
ncalrpc: dsrole
ncacn_np: \\WIN-E4KBDRM0DL0\PIPE\protected_storage
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncalrpc: LRPC-0dd489aac3290bed4c
ncacn_np: \\WIN-E4KBDRM0DL0\pipe\lsass
50abc2a4-574d-40b3-9d66-ee4fd5fba076
version: v5.0
protocol: [MS-DNSP]: Domain Name Service (DNS) Server Management
provider: dns.exe
ncacn_ip_tcp: 185.87.121.5:49156
367abb81-9844-35f1-ad32-98f038001003
version: v2.0
protocol: [MS-SCMR]: Service Control Manager Remote Protocol
provider: services.exe
ncacn_ip_tcp: 185.87.121.5:51244
12345678-1234-abcd-ef00-0123456789ab
version: v1.0
annotation: IPSec Policy agent endpoint
protocol: [MS-RPRN]: Print System Remote Protocol
provider: spoolsv.exe
ncalrpc: LRPC-1be89322baf3271786
ncacn_ip_tcp: 185.87.121.5:51262
6b5bdd1e-528c-422c-af8c-a4079be4fe48
version: v1.0
annotation: Remote Fw APIs
protocol: [MS-FASP]: Firewall and Advanced Security Protocol
provider: FwRemoteSvr.dll
ncacn_ip_tcp: 185.87.121.5:51262
906b0ce0-c70b-1067-b317-00dd010662da
version: v1.0
protocol: [MS-CMPO]: MSDTC Connection Manager:
provider: msdtcprx.dll
ncalrpc: LRPC-8fc246717825e0ed38
ncalrpc: OLE012112C9BB9F439D8DB88A6AC46A
ncalrpc: LRPC-35bdabd26cc15e9c37
ncalrpc: LRPC-35bdabd26cc15e9c37
ncalrpc: LRPC-35bdabd26cc15e9c37
ncalrpc: LRPC-35bdabd26cc15e9c37
445 /
tcp
2074933174 | 2025-02-01T23:11:55.127679
SMB Status:
Authentication: enabled
SMB Version: 1
OS: Windows Server 2008 R2 Enterprise 7601 Service Pack 1
Software: Windows Server 2008 R2 Enterprise 6.1
Capabilities: extended-security, infolevel-passthru, large-files, large-readx, large-writex, level2-oplocks, lock-and-read, lwio, nt-find, nt-smb, nt-status, rpc-remote-api, unicode
1167 /
tcp
1856867044 | 2025-01-31T00:37:57.007257
\x00\x00\x012R\xaf\x02\n\x18\x08\xa3\x80\x04\x10\x02\x18\x00 \x01*\x0cVMwareVMware\x10\x00\x1a\x90\x02-----BEGIN PUBLIC KEY-----\nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDKtslQrs2gpQZxN2AZfdDzG6tn\naZlNTn3jApUc1F6sWEEAH8dmqDTVLBEGO3K/hQjS0GkbhpHR8oqepBR30ofeAQDy\n1+lB9uNkRYMH+ussnfUBJ3q+VTiR1g4YDBCmsbcmntcyqll1pdGNMzJi9U0m1F6F\n5NqYcTYMnF3I3UgBNQIDAQAB\n-----END PUBLIC KEY-----\n
1434 /
udp
1913455200 | 2025-01-27T00:25:05.399247
SQL Server Browser Service:
Instance #1:
Server Name: WIN-E4KBDRM0DL0
Instance Name: MSSQLSERVER2012
Is Clustered: False
Version: 11.0.5058.0
TCP Port: 51562
Named Pipe: \\WIN-E4KBDRM0DL0\pipe\MSSQL$MSSQLSERVER2012\sql\query
Version Name: MS-SQL Server 2012 SP2RTW/PCU2
3306 /
tcp
1735743251 | 2025-01-26T01:54:36.849387
MySQL:
Protocol Version: 10
Version: 5.7.21
Capabilities: 63487
Server Language: 8
Server Status: 2
Extended Server Capabilities: 33279
Authentication Plugin: mysql_native_password
-1397545738 | 2025-01-11T02:24:55.791259
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate,post-check=0, pre-check=0
Pragma: no-cache
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Expires: Fri, 28 May 1999 00:00:00 GMT
Last-Modified: Sat, 11 Jan 2025 02:24:47 GMT
Server: Microsoft-IIS/7.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Powered-By: ASP.NET
Date: Sat, 11 Jan 2025 02:24:47 GMT
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33415835 (0x1fde29b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=Odin, OU=Plesk, CN=Plesk/emailAddress=info@plesk.com
Validity
Not Before: Dec 18 03:09:16 2015 GMT
Not After : Dec 17 03:09:16 2016 GMT
Subject: C=US, ST=Washington, L=Seattle, O=Odin, OU=Plesk, CN=Plesk/emailAddress=info@plesk.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:d0:e9:20:5f:0e:ef:f6:a7:b6:1a:0e:de:76:c5:
c1:0f:f0:99:e8:81:04:95:3a:5d:07:9b:d5:aa:73:
15:f8:48:8c:09:40:7f:36:b4:15:be:fa:a8:16:dd:
bb:5d:58:d0:4d:0c:0e:15:53:e2:44:3f:bb:43:35:
b2:bd:dd:09:0c:e9:a4:42:78:29:ee:2a:8a:a3:b8:
7c:e8:53:8a:df:27:e2:42:a9:7f:35:fb:23:ee:86:
b5:22:b5:60:ff:9b:3e:eb:4a:14:7c:10:d8:06:e2:
4a:5b:aa:a9:d6:d5:9e:a5:c7:92:73:90:af:74:50:
0b:61:00:1f:94:67:64:b1:f4:f7:1b:c4:ad:03:c0:
46:21:6a:59:7d:69:fe:2f:67:53:a8:aa:4e:98:9c:
f7:a8:7d:38:a4:5f:d5:d5:4d:b2:5a:90:c5:42:00:
31:a2:ed:02:b6:d3:34:c6:4a:c3:45:e8:60:d9:78:
db:ec:73:9a:4e:cd:40:ba:4b:f9:0e:6d:60:71:ec:
fb:b9:7c:19:45:cf:48:d2:92:12:55:5b:8d:f9:28:
29:62:75:aa:a1:e1:fe:5a:a8:b5:38:40:c8:d6:dd:
2b:2a:45:c7:71:fd:21:27:e4:40:59:4f:f9:2f:1a:
4a:5a:64:31:09:f9:1d:c8:e1:6a:61:47:3d:66:a8:
e8:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:35:B9:90:08:3E:0C:66:2D:1B:8F:60:80:E6:9B:85:58:8C:FC:CA
X509v3 Authority Key Identifier:
keyid:27:35:B9:90:08:3E:0C:66:2D:1B:8F:60:80:E6:9B:85:58:8C:FC:CA
DirName:/C=US/ST=Washington/L=Seattle/O=Odin/OU=Plesk/CN=Plesk/emailAddress=info@plesk.com
serial:01:FD:E2:9B
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
4a:0a:75:f1:aa:1b:4d:42:b0:6e:7d:0a:7e:42:b1:20:0d:81:
c5:95:be:e2:fd:c5:4f:2b:9c:1c:8b:d7:6f:22:0d:45:4a:88:
48:ef:5b:ea:71:08:bc:dd:41:dd:fe:80:f2:71:48:69:93:f0:
c5:ae:df:de:f9:4f:0b:23:b5:52:ec:95:bd:c9:27:d2:72:11:
cc:e0:ec:d0:d5:60:ff:1a:47:26:46:75:96:91:01:6b:3a:17:
69:42:85:d4:09:7b:2e:5a:2b:89:fc:b0:b2:fa:71:f5:23:94:
af:a6:e6:da:55:52:fd:5a:9a:1c:53:04:18:5e:a3:a2:0d:36:
2f:cd:d9:71:32:f0:d5:0f:a7:e9:14:05:e9:af:2e:32:77:1b:
c7:1f:e1:9f:98:dd:fa:ec:63:9d:6a:81:70:b1:33:52:b3:15:
73:28:18:00:0c:5a:72:d5:8f:a7:42:ad:c3:3f:3b:28:fc:c0:
34:a3:dc:16:7c:ab:39:db:fa:4b:21:62:d8:b2:f5:35:8d:bc:
ae:4d:3e:ee:56:59:4f:2f:28:51:73:10:28:b6:29:82:4d:9e:
3b:50:03:be:73:14:eb:71:66:4f:1b:f5:c8:de:83:a0:f7:69:
10:86:5e:bb:b1:87:ac:90:d9:87:5c:fa:5a:42:38:34:90:60:
ef:72:46:95
54321 /
udp
1803589695 | 2025-02-04T18:09:00.238351
Xiaomi IoT:
Device ID: ffffffff
Token: ffffffffffffffffffffffffffffffff
