21 /
tcp
-2061404956 | 2024-12-28T14:38:43.860846
220 ProFTPD Server (ProFTPD) [93.90.178.78]
550 SSL/TLS required on the control channel
550 SSL/TLS required on the control channel
211-Features:
AUTH TLS
CCC
CLNT
EPRT
EPSV
HOST
LANG C.UTF-8*
MDTM
MFF modify;UNIX.group;UNIX.mode;
MFMT
MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.groupname*;UNIX.mode*;UNIX.owner*;UNIX.ownername*;
PBSZ
PROT
RANG STREAM
REST STREAM
SIZE
SSCN
TVFS
UTF8
211 End
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:de:c3:a0:22:7a:72:4b:27:32:e1:5b:cb:ee:0e:9a:0a:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, O=Let's Encrypt, CN=R11
Validity
Not Before: Dec 15 06:55:41 2024 GMT
Not After : Mar 15 06:55:40 2025 GMT
Subject: CN=wintermute.we-are-at.work
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ac:ab:5f:16:2d:0b:88:72:12:d7:13:6b:f6:b3:
a4:43:1b:d2:c2:55:2e:9c:b8:45:bb:10:a5:9c:fe:
55:25:fd:c8:32:c3:24:eb:cb:68:9e:10:0a:29:bf:
8f:3a:c7:e0:be:c2:48:0c:68:9b:b8:36:12:0a:4c:
73:ce:e2:c4:92:73:c7:c3:01:e5:a8:6e:f9:d4:ac:
78:ae:8e:a1:d3:1b:7d:18:4c:dd:b5:7a:3d:7b:09:
9e:1c:0b:39:2d:9e:1c:52:2a:1f:56:0b:49:de:25:
f2:4d:e2:29:e6:58:24:71:02:e8:7b:e7:b1:93:20:
c8:1b:8d:69:1f:43:71:0f:83:16:01:52:ff:ed:d6:
22:45:5d:0d:d6:6d:50:36:8c:25:7f:39:85:a9:52:
8c:37:8e:75:69:2c:da:79:43:47:1a:e8:3e:67:ea:
b7:96:c6:4f:c0:cb:2a:e0:dc:fa:dd:40:17:25:88:
4c:41:37:94:59:e9:da:a6:90:a0:40:ff:80:84:a8:
93:b5:3f:ff:08:9d:5b:09:f3:94:e8:91:b2:7c:a5:
3c:8f:2a:61:52:71:c3:e5:f5:f7:03:f0:e5:5d:2e:
38:ef:37:d9:2a:a5:0a:45:f9:5f:d9:03:61:55:0d:
f5:a5:5e:4b:3c:ad:d0:86:d2:f3:3e:2c:44:18:5a:
1d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Subject Key Identifier:
49:6E:73:82:B1:2A:3D:CA:65:8B:4B:25:DA:37:E2:AC:E6:0A:29:C8
X509v3 Authority Key Identifier:
C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9
Authority Information Access:
OCSP - URI:http://r11.o.lencr.org
CA Issuers - URI:http://r11.i.lencr.org/
X509v3 Subject Alternative Name:
DNS:wintermute.we-are-at.work
X509v3 Certificate Policies:
Policy: 2.23.140.1.2.1
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
Timestamp : Dec 15 07:54:11.396 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:CB:0D:3E:A0:29:AA:4F:B5:75:C0:52:
A1:63:0E:F7:3A:13:1B:7B:2A:25:B4:3D:8C:4D:E9:9E:
28:49:B2:64:AA:02:20:11:EE:17:68:18:3E:75:29:81:
67:D7:0F:D3:46:8F:3C:25:A8:DA:C9:0B:DC:AF:66:00:
11:F4:19:49:6B:02:D6
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
Timestamp : Dec 15 07:54:11.393 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:1E:54:68:78:11:3A:6D:60:FB:8C:B3:5C:
95:8E:6C:50:1F:55:73:55:A7:14:BD:85:55:B4:35:01:
62:C9:24:9E:02:21:00:CE:97:DC:7C:FE:B4:8A:CE:DD:
A6:3B:40:C1:04:45:E1:12:62:29:85:D8:79:94:26:7B:
6B:AC:D4:DA:8C:91:02
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
53:5a:3d:09:8f:a8:a2:61:0c:c5:c2:02:39:0a:08:56:cd:c0:
c0:ea:03:91:c1:82:0e:57:cb:11:90:32:4f:3e:67:e3:13:94:
cb:f3:26:4a:5e:f1:fe:bd:b1:00:a7:90:01:d5:a2:a4:96:7d:
27:1d:7c:00:f6:bc:cf:a5:4f:cb:e3:72:59:8d:76:cc:11:a1:
40:a4:40:3a:46:16:a5:62:e5:a3:3a:47:bb:ad:11:09:8e:69:
82:17:e2:70:6a:60:3c:cb:95:48:12:fe:6a:d0:72:6f:ed:b3:
92:3e:46:35:86:ae:7c:ec:d7:6e:c0:3f:f8:7f:e3:86:48:9b:
3d:67:a0:e1:c6:69:df:b0:03:60:2c:ad:67:8d:19:11:12:37:
4f:f5:c9:dc:12:20:b5:88:b5:08:b6:23:be:6c:31:02:9d:90:
83:a4:d6:80:06:3b:90:b2:49:bb:7b:0e:0c:b1:46:58:5b:39:
9e:3b:63:cd:1f:d8:ea:2f:73:5c:fc:30:af:7e:b5:2e:c3:0e:
e7:83:cb:24:15:c5:fe:30:b5:a3:fc:2d:59:39:6d:78:fd:3b:
d4:c3:04:15:6c:a9:0c:f3:5d:ca:3c:fc:18:d3:84:27:8b:cd:
dc:21:98:0c:66:3d:14:32:bb:72:c6:2f:96:ae:af:92:9d:80:
51:b7:63:75
22 /
tcp
1865077079 | 2025-01-20T14:10:03.181520
SSH-2.0-OpenSSH_7.9p1 Debian-10+deb10u2
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABAQDey4rfJ7EKqsme+xkI9xwN6zxJVG5VKfyVQU9vU0/vaig0
VBYIaVfh2Lv6FmRkqYRRJYy5IpjIUt+stOktVHHBnj7G1+rWH62nLKINhjRSKH+luhUYTk5GYKJo
o0Atg2TPHagurB8Tj+JIUIG7AiHKVHKP2Fo+/KtR3/zvQJpVgH76v51wLAbdX62DIWHUoXqp12AM
jINzBQ/gpnSxBr9zFr+itHbwh36uGQwoothFRwJcN67BLlkpu2g3xo4AximKuT/G/tgcPTXmjnrw
LOkh7pMCwRT9m9cTrRj+mCt9tFxUVIwsY0j6yfXCnRdeL+bvs8cF7kwxAZBKe2LkaunR
Fingerprint: 9d:44:2e:fb:66:27:40:93:47:2f:16:cf:9e:e1:29:7a
Kex Algorithms:
curve25519-sha256
curve25519-sha256@libssh.org
ecdh-sha2-nistp256
ecdh-sha2-nistp384
ecdh-sha2-nistp521
diffie-hellman-group-exchange-sha256
diffie-hellman-group16-sha512
diffie-hellman-group18-sha512
diffie-hellman-group14-sha256
diffie-hellman-group14-sha1
Server Host Key Algorithms:
rsa-sha2-512
rsa-sha2-256
ssh-rsa
ecdsa-sha2-nistp256
ssh-ed25519
Encryption Algorithms:
chacha20-poly1305@openssh.com
aes128-ctr
aes192-ctr
aes256-ctr
aes128-gcm@openssh.com
aes256-gcm@openssh.com
MAC Algorithms:
umac-64-etm@openssh.com
umac-128-etm@openssh.com
hmac-sha2-256-etm@openssh.com
hmac-sha2-512-etm@openssh.com
hmac-sha1-etm@openssh.com
umac-64@openssh.com
umac-128@openssh.com
hmac-sha2-256
hmac-sha2-512
hmac-sha1
Compression Algorithms:
none
zlib@openssh.com
111 /
tcp
-1345205424 | 2025-01-17T23:54:50.003896
Portmap
Program Version Protocol Port
portmapper 4 tcp 111
portmapper 3 tcp 111
portmapper 2 tcp 111
portmapper 4 udp 111
portmapper 3 udp 111
portmapper 2 udp 111
111 /
udp
-1345205424 | 2025-01-21T13:29:51.357962
Portmap
Program Version Protocol Port
portmapper 4 tcp 111
portmapper 3 tcp 111
portmapper 2 tcp 111
portmapper 4 udp 111
portmapper 3 udp 111
portmapper 2 udp 111
137 /
udp
-2121954028 | 2025-01-16T19:09:44.637879
NetBIOS Response:
Server Name: WINTERMUTE
MAC Address: 00:00:00:00:00:00
Names:
WINTERMUTE <0x0>
WINTERMUTE <0x3>
WINTERMUTE <0x20>
\x01\x02__MSBROWSE__\x02 <0x1>
WORKGROUP <0x0>
WORKGROUP <0x1d>
WORKGROUP <0x1e>
445 /
tcp
38251980 | 2025-01-07T10:41:40.199428
SMB Status:
Authentication: disabled
SMB Version: 1
OS: Windows 6.1
Software: Samba 4.9.5-Debian
Capabilities: dfs, extended-security, infolevel-passthru, large-files, large-readx, large-writex, level2-oplocks, lock-and-read, nt-find, nt-smb, nt-status, raw-mode, rpc-remote-api, unicode, unix
Shares
Name Type Comments
------------------------------------------------------------------------
print$ Disk Printer Drivers
IPC$ IPC IPC Service (Samba 4.9.5-Debian)
-339577668 | 2025-01-19T20:47:28.521612
HTTP/1.1 303 See Other
Server: sw-cp-server
Date: Sun, 19 Jan 2025 20:47:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 28 May 1999 00:00:00 GMT
Last-Modified: Sun, 19 Jan 2025 20:47:28 GMT
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Location: http://93.90.178.78/login.php?success_redirect_url=%2F
0
