-370734890 | 2024-09-14T12:05:22.860014
21 /
tcp
220 Microsoft FTP Service
530 User cannot log in.
214-The following commands are recognized (* ==>'s unimplemented).
ABOR
ACCT
ADAT *
ALLO
APPE
AUTH
CCC
CDUP
CWD
DELE
ENC *
EPRT
EPSV
FEAT
HELP
HOST
LANG
LIST
MDTM
MIC *
MKD
MODE
NLST
NOOP
OPTS
PASS
PASV
PBSZ
PORT
PROT
PWD
QUIT
REIN
REST
RETR
RMD
RNFR
RNTO
SITE
SIZE
SMNT
STAT
STOR
STOU
STRU
SYST
TYPE
USER
XCUP
XCWD
XMKD
XPWD
XRMD
214 HELP command successful.
211-Extended features supported:
LANG EN*
UTF8
AUTH TLS;TLS-C;SSL;TLS-P;
PBSZ
PROT C;P;
CCC
HOST
SIZE
MDTM
REST STREAM
211 END
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:ae:be:2c:87:57:13:a8:4a:35:b3:83:10:44:ea:a3
Signature Algorithm: sha1WithRSAEncryption
Issuer: CN=\x001\x000\x00_\x005\x003\x00_\x006\x009\x00_\x001\x001\x003
Validity
Not Before: Jul 3 06:59:41 2020 GMT
Not After : Jul 3 00:00:00 2021 GMT
Subject: CN=\x001\x000\x00_\x005\x003\x00_\x006\x009\x00_\x001\x001\x003
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ab:b0:7a:b6:35:a7:b9:01:23:72:b0:2f:b2:fd:
d2:7d:16:48:cc:c5:16:c0:55:3a:fc:e4:19:cf:bb:
42:bd:48:5f:b4:ac:6b:60:77:67:9c:f2:59:54:54:
35:9f:dd:1f:cf:11:06:bf:f3:c0:8c:47:9f:ed:0b:
fb:c9:3f:77:92:99:b2:00:4e:70:1f:cf:e5:fc:98:
ff:5d:14:0a:b8:0e:3e:b9:f3:3a:c0:e1:ce:a3:b3:
3b:54:95:c9:c6:74:9c:43:11:f5:f2:dd:67:bb:34:
29:4c:f2:69:72:e1:37:2a:d6:d8:2f:7c:9e:cc:d9:
aa:e8:96:e6:05:57:2d:b8:85:dc:80:f7:39:91:6c:
ab:bc:40:bc:0b:30:65:c5:2c:8c:50:b0:84:8a:f0:
58:3e:9f:ac:6a:51:ca:42:0b:f8:1b:c7:9f:c4:78:
7f:44:37:c0:cb:33:27:0c:df:f0:e3:7e:be:5c:fb:
35:57:99:2c:fb:47:26:fd:90:ae:98:b4:84:da:7c:
65:ef:38:1d:d2:70:c4:b2:5b:2b:a0:85:72:d7:a2:
a4:9e:95:15:cb:0e:f3:8e:50:9c:f9:0c:0a:53:94:
65:f6:31:1a:60:c9:16:a2:e7:f9:0c:0e:18:35:3c:
5f:42:33:25:23:91:10:ec:ef:7e:ff:98:af:5f:10:
95:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Key Usage:
Key Encipherment, Data Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication
Signature Algorithm: sha1WithRSAEncryption
Signature Value:
0d:db:48:32:23:da:0c:3a:fd:45:0a:c2:b1:62:47:a1:e0:24:
e5:58:2c:b4:73:6e:e4:30:f6:d2:a8:c0:e3:b0:65:df:5d:53:
c5:4a:a8:d7:76:d0:40:a5:b1:f4:3d:4c:09:35:ad:6c:f4:06:
1d:4a:d6:9a:52:bc:dd:fb:8a:40:c2:2b:be:3b:9d:3a:36:dd:
13:f4:53:12:85:e0:eb:bc:8b:89:02:88:6e:7c:b0:d5:f1:7d:
7d:07:eb:c8:f8:0b:c1:73:7d:e2:2e:e9:ff:b0:1a:6e:cb:bf:
91:98:59:0b:3c:44:91:66:66:cd:90:d4:c6:d2:da:50:b5:ca:
0f:2e:0b:81:9c:89:b2:28:6b:2d:2a:77:6b:03:f1:b9:24:73:
03:4e:9c:b0:ab:ea:d9:03:ef:69:a1:4c:d7:87:a5:0f:a4:a8:
de:c0:f0:c7:7f:8f:fc:9b:a8:ec:b1:d4:a1:7f:80:5a:03:05:
94:fa:b4:5b:3a:6d:74:a0:03:0a:bc:32:90:95:38:b5:f3:27:
ec:6b:78:b2:22:da:f9:32:96:52:31:4d:ba:86:09:46:e2:8b:
8d:c7:3a:64:46:5b:d2:9d:e3:44:f2:c1:e8:bd:a4:c0:62:bc:
91:a7:16:bc:69:2d:17:d3:93:16:b7:88:23:90:32:47:71:99:
cd:ab:35:50
1489525118 | 2024-09-14T19:31:26.936941
80 /
tcp
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Sat, 14 Sep 2024 19:31:26 GMT
Connection: close
Content-Length: 315
-1735233605 | 2024-09-10T18:46:56.053878
135 /
tcp
Microsoft RPC Endpoint Mapper
d95afe70-a6d5-4259-822e-2c84da1ddb0d
version: v1.0
protocol: [MS-RSP]: Remote Shutdown Protocol
provider: wininit.exe
ncacn_ip_tcp: 172.19.0.13:49152
ncalrpc: WindowsShutdown
ncacn_np: \\172_19_0_13\PIPE\InitShutdown
ncalrpc: WMsgKRpc048120
76f226c3-ec14-4325-8a99-6a46348418af
version: v1.0
provider: winlogon.exe
ncalrpc: WindowsShutdown
ncacn_np: \\172_19_0_13\PIPE\InitShutdown
ncalrpc: WMsgKRpc048120
ncalrpc: WMsgKRpc04B621
ncalrpc: WMsgKRpc0A7673A2
9b008953-f195-4bf9-bde0-4471971e58ed
version: v1.0
ncalrpc: LRPC-85e3e1ed0779361ca7
ncacn_np: \\172_19_0_13\pipe\LSM_API_service
ncalrpc: LSMApi
ncalrpc: LRPC-59b96c6fe42d4197ae
ncalrpc: actkernel
ncalrpc: umpo
697dcda9-3ba9-4eb2-9247-e11f1901b0d2
version: v1.0
ncalrpc: LRPC-85e3e1ed0779361ca7
ncacn_np: \\172_19_0_13\pipe\LSM_API_service
ncalrpc: LSMApi
ncalrpc: LRPC-59b96c6fe42d4197ae
ncalrpc: actkernel
ncalrpc: umpo
c9ac6db5-82b7-4e55-ae8a-e464ed7b4277
version: v1.0
annotation: Impl friendly name
provider: sysntfy.dll
ncalrpc: LRPC-59b96c6fe42d4197ae
ncalrpc: actkernel
ncalrpc: umpo
ncacn_np: \\172_19_0_13\PIPE\srvsvc
ncacn_ip_tcp: 172.19.0.13:49154
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\172_19_0_13\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEB3B2090E0ED26DECB93971173B46
ncalrpc: IUserProfile2
ncalrpc: senssvc
ncalrpc: OLEB3B2090E0ED26DECB93971173B46
ncalrpc: IUserProfile2
ncalrpc: OLEB3B2090E0ED26DECB93971173B46
ncalrpc: IUserProfile2
ncalrpc: IUserProfile2
0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
c605f9fb-f0a3-4e2a-a073-73560f8d9e3e
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
8bfc3be1-6def-4e2d-af74-7c47cd0ade4a
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
2d98a740-581d-41b9-aa0d-a88b9d5ce938
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
3b338d89-6cfa-44b8-847e-531531bc9992
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
8782d3b9-ebbd-4644-a3d8-e8725381919b
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
085b0334-e454-4d91-9b8c-4134f9e793f3
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5
version: v1.0
annotation: DHCP Client LRPC Endpoint
provider: dhcpcsvc.dll
ncalrpc: dhcpcsvc
ncalrpc: dhcpcsvc6
ncalrpc: LRPC-b28d2648633a5d8d26
ncacn_ip_tcp: 172.19.0.13:49153
ncacn_np: \\172_19_0_13\pipe\eventlog
ncalrpc: eventlog
3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6
version: v1.0
annotation: DHCPv6 Client LRPC Endpoint
provider: dhcpcsvc6.dll
ncalrpc: dhcpcsvc6
ncalrpc: LRPC-b28d2648633a5d8d26
ncacn_ip_tcp: 172.19.0.13:49153
ncacn_np: \\172_19_0_13\pipe\eventlog
ncalrpc: eventlog
abfb6ca3-0c5e-4734-9285-0aee72fe8d1c
version: v1.0
annotation: Wcm Service
ncalrpc: LRPC-b28d2648633a5d8d26
ncacn_ip_tcp: 172.19.0.13:49153
ncacn_np: \\172_19_0_13\pipe\eventlog
ncalrpc: eventlog
30adc50c-5cbc-46ce-9a0e-91914789e23c
version: v1.0
annotation: NRP server endpoint
provider: nrpsrv.dll
ncalrpc: LRPC-b28d2648633a5d8d26
ncacn_ip_tcp: 172.19.0.13:49153
ncacn_np: \\172_19_0_13\pipe\eventlog
ncalrpc: eventlog
f6beaff7-1e19-4fbb-9f8f-b89e2018337c
version: v1.0
annotation: Event log TCPIP
protocol: [MS-EVEN6]: EventLog Remoting Protocol
provider: wevtsvc.dll
ncacn_ip_tcp: 172.19.0.13:49153
ncacn_np: \\172_19_0_13\pipe\eventlog
ncalrpc: eventlog
58e604e8-9adb-4d2e-a464-3b0683fb1480
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncacn_np: \\172_19_0_13\pipe\SessEnvPublicRpc
ncalrpc: SessEnvPrivateRpc
ncalrpc: LRPC-7e9458f7738ba3540d
ncacn_np: \\172_19_0_13\PIPE\srvsvc
ncacn_ip_tcp: 172.19.0.13:49154
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\172_19_0_13\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEB3B2090E0ED26DECB93971173B46
ncalrpc: IUserProfile2
fd7a0523-dc70-43dd-9b2e-9c5ed48225b1
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncacn_np: \\172_19_0_13\pipe\SessEnvPublicRpc
ncalrpc: SessEnvPrivateRpc
ncalrpc: LRPC-7e9458f7738ba3540d
ncacn_np: \\172_19_0_13\PIPE\srvsvc
ncacn_ip_tcp: 172.19.0.13:49154
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\172_19_0_13\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEB3B2090E0ED26DECB93971173B46
ncalrpc: IUserProfile2
5f54ce7d-5b79-4175-8584-cb65313a0e98
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncacn_np: \\172_19_0_13\pipe\SessEnvPublicRpc
ncalrpc: SessEnvPrivateRpc
ncalrpc: LRPC-7e9458f7738ba3540d
ncacn_np: \\172_19_0_13\PIPE\srvsvc
ncacn_ip_tcp: 172.19.0.13:49154
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\172_19_0_13\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEB3B2090E0ED26DECB93971173B46
ncalrpc: IUserProfile2
201ef99a-7fa0-444c-9399-19ba84f12a1a
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncacn_np: \\172_19_0_13\pipe\SessEnvPublicRpc
ncalrpc: SessEnvPrivateRpc
ncalrpc: LRPC-7e9458f7738ba3540d
ncacn_np: \\172_19_0_13\PIPE\srvsvc
ncacn_ip_tcp: 172.19.0.13:49154
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\172_19_0_13\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEB3B2090E0ED26DECB93971173B46
ncalrpc: IUserProfile2
30b044a5-a225-43f0-b3a4-e060df91f9c1
version: v1.0
provider: certprop.dll
ncalrpc: LRPC-7e9458f7738ba3540d
ncacn_np: \\172_19_0_13\PIPE\srvsvc
ncacn_ip_tcp: 172.19.0.13:49154
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\172_19_0_13\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEB3B2090E0ED26DECB93971173B46
ncalrpc: IUserProfile2
1a0d010f-1c33-432c-b0f5-8cf4e8053099
version: v1.0
annotation: IdSegSrv service
ncacn_ip_tcp: 172.19.0.13:49154
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\172_19_0_13\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEB3B2090E0ED26DECB93971173B46
ncalrpc: IUserProfile2
98716d03-89ac-44c7-bb8c-285824e51c4a
version: v1.0
annotation: XactSrv service
provider: srvsvc.dll
ncacn_ip_tcp: 172.19.0.13:49154
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\172_19_0_13\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEB3B2090E0ED26DECB93971173B46
ncalrpc: IUserProfile2
c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1
version: v1.0
annotation: Adh APIs
ncacn_ip_tcp: 172.19.0.13:49154
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\172_19_0_13\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEB3B2090E0ED26DECB93971173B46
ncalrpc: IUserProfile2
c36be077-e14b-4fe9-8abc-e856ef4f048b
version: v1.0
annotation: Proxy Manager client server endpoint
ncacn_ip_tcp: 172.19.0.13:49154
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\172_19_0_13\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEB3B2090E0ED26DECB93971173B46
ncalrpc: IUserProfile2
2e6035b2-e8f1-41a7-a044-656b439c4c34
version: v1.0
annotation: Proxy Manager provider server endpoint
ncacn_ip_tcp: 172.19.0.13:49154
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\172_19_0_13\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEB3B2090E0ED26DECB93971173B46
ncalrpc: IUserProfile2
552d076a-cb29-4e44-8b6a-d15e59e2c0af
version: v1.0
annotation: IP Transition Configuration endpoint
provider: iphlpsvc.dll
ncacn_ip_tcp: 172.19.0.13:49154
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\172_19_0_13\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEB3B2090E0ED26DECB93971173B46
ncalrpc: IUserProfile2
a398e520-d59a-4bdd-aa7a-3c1e0303a511
version: v1.0
annotation: IKE/Authip API
provider: IKEEXT.DLL
ncacn_ip_tcp: 172.19.0.13:49154
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\172_19_0_13\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEB3B2090E0ED26DECB93971173B46
ncalrpc: IUserProfile2
3a9ef155-691d-4449-8d05-09ad57031823
version: v1.0
ncacn_ip_tcp: 172.19.0.13:49154
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\172_19_0_13\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEB3B2090E0ED26DECB93971173B46
ncalrpc: IUserProfile2
86d35949-83c9-4044-b424-db363231fd0c
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: schedsvc.dll
ncacn_ip_tcp: 172.19.0.13:49154
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\172_19_0_13\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEB3B2090E0ED26DECB93971173B46
ncalrpc: IUserProfile2
378e52b0-c0a9-11cf-822d-00aa0051e40f
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: taskcomp.dll
ncacn_np: \\172_19_0_13\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEB3B2090E0ED26DECB93971173B46
ncalrpc: IUserProfile2
1ff70682-0a51-30e8-076d-740be8cee98b
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: taskcomp.dll
ncacn_np: \\172_19_0_13\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEB3B2090E0ED26DECB93971173B46
ncalrpc: IUserProfile2
0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53
version: v1.0
provider: schedsvc.dll
ncalrpc: senssvc
ncalrpc: OLEB3B2090E0ED26DECB93971173B46
ncalrpc: IUserProfile2
2eb08e3e-639f-4fba-97b1-14f878961076
version: v1.0
annotation: Group Policy RPC Interface
provider: gpsvc.dll
ncalrpc: LRPC-40c37f6a73e51861f9
3473dd4d-2e88-4006-9cba-22570909dd10
version: v5.256
annotation: WinHttp Auto-Proxy Service
ncacn_np: \\172_19_0_13\PIPE\W32TIME_ALT
ncalrpc: W32TIME_ALT
ncalrpc: LRPC-e770f0e3892ad12154
ncalrpc: OLEFB96FA1F704BB4CC2EA7BBC9EBC9
7ea70bcf-48af-4f6a-8968-6a440754d5fa
version: v1.0
annotation: NSI server endpoint
provider: nsisvc.dll
ncalrpc: LRPC-e770f0e3892ad12154
ncalrpc: OLEFB96FA1F704BB4CC2EA7BBC9EBC9
b2507c30-b126-494a-92ac-ee32b6eeb039
version: v1.0
ncalrpc: LRPC-280bbbc4ecbe22a138
2fb92682-6599-42dc-ae13-bd2ca89bd11c
version: v1.0
annotation: Fw APIs
provider: MPSSVC.dll
ncalrpc: LRPC-aab89892cffbb9584e
ncalrpc: LRPC-dc98a67ebf98e0c7e0
f47433c3-3e9d-4157-aad4-83aa1f5c2d4c
version: v1.0
annotation: Fw APIs
ncalrpc: LRPC-aab89892cffbb9584e
ncalrpc: LRPC-dc98a67ebf98e0c7e0
7f9d11bf-7fb9-436b-a812-b2d50c5d4c03
version: v1.0
annotation: Fw APIs
provider: MPSSVC.dll
ncalrpc: LRPC-aab89892cffbb9584e
ncalrpc: LRPC-dc98a67ebf98e0c7e0
dd490425-5325-4565-b774-7e27d6c09c24
version: v1.0
annotation: Base Firewall Engine API
provider: BFE.DLL
ncalrpc: LRPC-dc98a67ebf98e0c7e0
7f1343fe-50a9-4927-a778-0c5859517bac
version: v1.0
annotation: DfsDs service
ncacn_np: \\172_19_0_13\PIPE\wkssvc
ncalrpc: LRPC-3ea9dcc18d3edd1653
ncalrpc: DNSResolver
eb081a0d-10ee-478a-a1dd-50995283e7a8
version: v3.0
annotation: Witness Client Test Interface
ncalrpc: LRPC-3ea9dcc18d3edd1653
ncalrpc: DNSResolver
f2c9b409-c1c9-4100-8639-d8ab1486694a
version: v1.0
annotation: Witness Client Upcall Server
ncalrpc: LRPC-3ea9dcc18d3edd1653
ncalrpc: DNSResolver
76f03f96-cdfd-44fc-a22c-64950a001209
version: v1.0
protocol: [MS-PAR]: Print System Asynchronous Remote Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 172.19.0.13:49155
ncalrpc: LRPC-d68610eecf2ae0bdda
4a452661-8290-4b36-8fbe-7f4093a94978
version: v1.0
provider: spoolsv.exe
ncacn_ip_tcp: 172.19.0.13:49155
ncalrpc: LRPC-d68610eecf2ae0bdda
ae33069b-a2a8-46ee-a235-ddfd339be281
version: v1.0
protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 172.19.0.13:49155
ncalrpc: LRPC-d68610eecf2ae0bdda
0b6edbfa-4a24-4fc6-8a23-942b1eca65d1
version: v1.0
protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 172.19.0.13:49155
ncalrpc: LRPC-d68610eecf2ae0bdda
12345678-1234-abcd-ef00-0123456789ab
version: v1.0
protocol: [MS-RPRN]: Print System Remote Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 172.19.0.13:49155
ncalrpc: LRPC-d68610eecf2ae0bdda
1a9134dd-7b39-45ba-ad88-44d01ca47f28
version: v1.0
annotation: Message Queuing - RemoteRead V1
protocol: [MS-MQRR]: Message Queuing (MSMQ):
provider: mqqm.dll
ncacn_ip_tcp: 172.19.0.13:2105
ncacn_ip_tcp: 172.19.0.13:2103
ncacn_ip_tcp: 172.19.0.13:2107
ncacn_ip_tcp: 172.19.0.13:49156
ncalrpc: QMMgmtFacility$172_19_0_13
ncalrpc: QMsvc$172_19_0_13
1088a980-eae5-11d0-8d9b-00a02453c337
version: v1.0
annotation: Message Queuing - QM2QM V1
protocol: [MS-MQQP]: Message Queuing (MSMQ):
provider: mqqm.dll
ncacn_ip_tcp: 172.19.0.13:2105
ncacn_ip_tcp: 172.19.0.13:2103
ncacn_ip_tcp: 172.19.0.13:2107
ncacn_ip_tcp: 172.19.0.13:49156
ncalrpc: QMMgmtFacility$172_19_0_13
ncalrpc: QMsvc$172_19_0_13
76d12b80-3467-11d3-91ff-0090272f9ea3
version: v1.0
annotation: Message Queuing - QMRT V2
protocol: [MS-MQMP]: Message Queuing (MSMQ):
provider: mqqm.dll
ncacn_ip_tcp: 172.19.0.13:2105
ncacn_ip_tcp: 172.19.0.13:2103
ncacn_ip_tcp: 172.19.0.13:2107
ncacn_ip_tcp: 172.19.0.13:49156
ncalrpc: QMMgmtFacility$172_19_0_13
ncalrpc: QMsvc$172_19_0_13
fdb3a030-065f-11d1-bb9b-00a024ea5525
version: v1.0
annotation: Message Queuing - QMRT V1
protocol: [MS-MQMP]: Message Queuing (MSMQ):
provider: mqqm.dll
ncacn_ip_tcp: 172.19.0.13:2105
ncacn_ip_tcp: 172.19.0.13:2103
ncacn_ip_tcp: 172.19.0.13:2107
ncacn_ip_tcp: 172.19.0.13:49156
ncalrpc: QMMgmtFacility$172_19_0_13
ncalrpc: QMsvc$172_19_0_13
367abb81-9844-35f1-ad32-98f038001003
version: v2.0
protocol: [MS-SCMR]: Service Control Manager Remote Protocol
provider: services.exe
ncacn_ip_tcp: 172.19.0.13:49170
6b5bdd1e-528c-422c-af8c-a4079be4fe48
version: v1.0
annotation: Remote Fw APIs
protocol: [MS-FASP]: Firewall and Advanced Security Protocol
provider: FwRemoteSvr.dll
ncacn_ip_tcp: 172.19.0.13:49171
12345778-1234-abcd-ef00-0123456789ac
version: v1.0
protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
provider: samsrv.dll
ncacn_ip_tcp: 172.19.0.13:49175
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\172_19_0_13\pipe\lsass
906b0ce0-c70b-1067-b317-00dd010662da
version: v1.0
protocol: [MS-CMPO]: MSDTC Connection Manager:
provider: msdtcprx.dll
ncalrpc: LRPC-9e3bf70872fd3cad40
ncalrpc: LRPC-9e3bf70872fd3cad40
ncalrpc: LRPC-9e3bf70872fd3cad40
12e65dd8-887f-41ef-91bf-8d816c42c2e7
version: v1.0
annotation: Secure Desktop LRPC interface
provider: winlogon.exe
ncalrpc: WMsgKRpc0A7673A2
-423911384 | 2024-09-15T09:50:25.040445
443 /
tcp
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html
Server: Microsoft-IIS/8.5
Set-Cookie: ASPSESSIONIDSSFTBCQB=BGPIHBDDOGENKNMNDAEPDHPG; secure; path=/
X-Powered-By: ASP.NET
Date: Sun, 15 Sep 2024 09:50:22 GMT
Content-Length: 59016
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:37:98:c1:fb:92:54:97:2f:75:cc:0f:60:48:d4:97
Signature Algorithm: sha384WithRSAEncryption
Issuer: C=CN, O=TrustAsia Technologies, Inc., CN=TrustAsia RSA DV TLS CA G2
Validity
Not Before: Sep 3 00:00:00 2024 GMT
Not After : Dec 2 23:59:59 2024 GMT
Subject: CN=hongdibrakes.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b7:c4:78:1a:d5:a8:52:c4:fd:a6:9c:63:b2:49:
19:da:97:fe:86:c4:cc:93:d3:b7:fb:4f:20:97:97:
90:73:b3:ce:8a:be:85:8e:bc:e8:56:70:7b:22:59:
5b:b0:38:d3:68:c4:4e:8f:12:55:f6:9b:b0:89:04:
62:02:45:6d:f5:06:12:be:c3:6a:06:bf:52:c7:7f:
91:0b:b6:5e:ec:a1:bb:51:df:0b:7f:09:59:f2:24:
ff:85:89:82:37:fb:17:e2:5f:34:74:51:be:24:84:
8e:97:b8:9a:f7:e8:f7:41:23:3b:b2:53:22:af:80:
75:ce:78:fa:68:30:14:43:a3:74:4e:3c:94:8b:12:
83:0d:18:89:96:53:e6:c9:99:41:5a:85:b9:69:d0:
f7:78:18:ee:f6:5c:01:f5:ea:ae:06:2b:a6:3e:ea:
ba:94:35:36:fd:2e:be:0b:34:20:b3:c7:d6:7f:89:
6a:05:8f:75:18:64:a1:dd:bb:d3:af:c4:8c:e7:30:
74:56:66:ca:60:62:8c:44:a4:2d:e7:28:e6:bf:e3:
bf:e9:de:1f:f1:80:3a:9f:46:9b:03:9c:4f:14:6c:
7f:6d:e7:10:d6:5b:85:4a:c5:e7:ff:64:7f:71:bb:
81:3f:7c:cc:c3:d2:04:f3:83:15:a3:ba:50:6d:93:
3e:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Authority Key Identifier:
5F:3A:7C:11:10:7E:0C:67:71:61:DC:8B:A3:B5:00:03:67:F5:57:1C
X509v3 Subject Key Identifier:
62:34:A9:92:7D:38:3D:AB:6E:F0:C1:A5:AD:09:84:32:F2:CB:20:DC
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Certificate Policies:
Policy: 1.3.6.1.4.1.6449.1.2.2.49
CPS: https://sectigo.com/CPS
Policy: 2.23.140.1.2.1
Authority Information Access:
CA Issuers - URI:http://crt.trust-provider.cn/TrustAsiaRSADVTLSCAG2.crt
OCSP - URI:http://ocsp.trust-provider.cn
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
Timestamp : Sep 3 05:59:15.020 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:92:11:8A:EA:1F:C6:59:50:D4:D7:AE:
3C:D8:C8:41:E9:17:90:FB:42:3F:8C:A2:0A:FC:34:2F:
8E:0E:AD:24:7E:02:21:00:B0:9C:13:54:3B:B0:D5:D3:
7D:82:01:80:26:D9:16:12:E4:50:AA:3F:23:B9:31:56:
78:BE:A0:EB:23:9E:E9:40
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
Timestamp : Sep 3 05:59:14.989 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:6A:89:86:5D:8E:73:17:9B:40:33:6C:96:
FF:82:66:AA:92:EB:B1:B3:96:E0:42:13:A8:25:43:78:
20:72:D3:2B:02:21:00:B0:1F:CC:A0:DF:61:15:05:0D:
BF:77:41:D8:BC:A5:61:22:0A:37:14:EF:E0:AE:16:E0:
30:D7:3B:47:44:82:75
X509v3 Subject Alternative Name:
DNS:hongdibrakes.com, DNS:www.hongdibrakes.com
Signature Algorithm: sha384WithRSAEncryption
Signature Value:
93:56:8e:40:33:bd:68:31:ed:d6:24:84:f4:6b:6a:db:d9:a0:
de:66:da:67:ad:49:13:e8:5e:9d:3f:84:eb:34:0d:d8:1d:67:
2b:6e:43:6b:f7:62:27:c3:a4:4b:48:fa:35:52:4a:72:b5:8e:
87:d9:ea:43:11:ce:e3:52:16:14:70:c8:fa:3e:80:2e:b9:6e:
9d:73:eb:c0:a9:96:8d:7d:10:e0:b3:11:fc:15:e0:18:8d:ef:
d2:9c:ee:bc:94:39:62:64:b1:ac:d5:ad:de:df:13:7a:b4:dc:
23:70:ae:09:7d:5c:74:4a:50:c8:77:a7:35:57:b6:00:71:50:
61:8b:9a:5c:8a:87:c8:00:f2:10:52:5d:8e:fc:3b:7e:1c:7f:
55:50:66:ea:b0:07:3f:a7:39:b4:45:be:5f:4b:c3:05:89:80:
c6:11:78:21:35:7c:3b:fc:ff:99:b3:ae:0c:1d:86:5e:91:a5:
95:01:96:1c:d0:24:23:6d:a1:f9:b3:03:b2:f6:39:ad:07:3e:
4d:f1:fd:43:39:aa:a1:25:7e:9e:4f:30:72:e2:4d:a1:46:3f:
b6:ec:8e:89:88:96:d4:ac:71:ad:f1:1e:e8:26:70:a2:96:d0:
dc:16:25:44:2f:c1:59:53:36:99:e0:6e:aa:5b:c0:11:6a:64:
8f:c3:42:13:16:61:32:f9:29:cf:89:c2:5d:e4:84:f9:ef:8c:
45:20:e2:c4:1e:45:fd:6f:f3:dd:8a:6d:12:12:43:df:eb:1b:
9a:ed:b9:eb:6a:54:98:aa:19:ff:c6:a7:61:c1:eb:38:44:10:
5f:0c:c7:6d:94:f5:05:ff:ab:ae:76:44:6a:31:49:0a:32:f9:
8b:2f:a2:2d:64:ea:4f:52:4d:f5:96:ca:2e:8c:39:94:ec:e9:
50:fd:06:05:89:c0:1b:8f:ca:16:35:01:5c:e6:af:e9:0a:d4:
1b:b8:53:da:52:39:35:3d:6e:56:db:2c:18:c0:d6:da:a0:3d:
3a:8b:f5:f0:a8:c0
-1242801143 | 2024-09-01T13:36:23.766707
445 /
tcp
SMB Status:
Authentication: enabled
SMB Version: 1
OS: Windows Server 2012 R2 Datacenter 9600
Software: Windows Server 2012 R2 Datacenter 6.3
Capabilities: extended-security, infolevel-passthru, large-files, large-readx, large-writex, level2-oplocks, lock-and-read, lwio, nt-find, nt-smb, nt-status, rpc-remote-api, unicode
93015169 | 2024-09-12T16:25:17.602635
1801 /
tcp
\x10Z\x0b\x00LIOR<\x02\x00\x00\xff\xff\xff\xff\x00\x00\x12\x00\x06U=Q6\xdf\xc7@\x96C\x17\\<\xe7l\xaa\x84\xde\x85\xdc\xdb\x05\xc3B\xa4*(\x86\x91H\xfa\xaa\x00\x00\x00\x00\x10\x02\x00\x00ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ
