1489525118 | 2024-04-23T14:17:13.152962
80 /
tcp
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Tue, 23 Apr 2024 14:17:11 GMT
Connection: close
Content-Length: 315
-464742708 | 2024-04-23T07:16:21.415269
135 /
tcp
Microsoft RPC Endpoint Mapper
d95afe70-a6d5-4259-822e-2c84da1ddb0d
version: v1.0
protocol: [MS-RSP]: Remote Shutdown Protocol
provider: wininit.exe
ncacn_ip_tcp: 221.132.31.185:49152
ncalrpc: WindowsShutdown
ncacn_np: \\CFDE-PORTAL\PIPE\InitShutdown
ncalrpc: WMsgKRpc0CA7F0
76f226c3-ec14-4325-8a99-6a46348418af
version: v1.0
provider: winlogon.exe
ncalrpc: WindowsShutdown
ncacn_np: \\CFDE-PORTAL\PIPE\InitShutdown
ncalrpc: WMsgKRpc0CA7F0
ncalrpc: WMsgKRpc0D10D1
c9ac6db5-82b7-4e55-ae8a-e464ed7b4277
version: v1.0
annotation: Impl friendly name
provider: sysntfy.dll
ncalrpc: LRPC-1bca50e8937e8f2933
ncacn_np: \\CFDE-PORTAL\PIPE\srvsvc
ncacn_ip_tcp: 221.132.31.185:49154
ncacn_np: \\CFDE-PORTAL\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEF1AD6C0D8D8C46788C2AA37B954B
ncalrpc: IUserProfile2
ncalrpc: senssvc
ncalrpc: OLEF1AD6C0D8D8C46788C2AA37B954B
ncalrpc: IUserProfile2
ncalrpc: OLEF1AD6C0D8D8C46788C2AA37B954B
ncalrpc: IUserProfile2
ncalrpc: IUserProfile2
24019106-a203-4642-b88d-82dae9158929
version: v1.0
provider: authui.dll
ncalrpc: LRPC-341d04a5cb1b940abe
3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5
version: v1.0
annotation: DHCP Client LRPC Endpoint
provider: dhcpcsvc.dll
ncalrpc: dhcpcsvc
ncalrpc: dhcpcsvc6
ncacn_ip_tcp: 221.132.31.185:49153
ncacn_np: \\CFDE-PORTAL\pipe\eventlog
ncalrpc: eventlog
3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6
version: v1.0
annotation: DHCPv6 Client LRPC Endpoint
provider: dhcpcsvc6.dll
ncalrpc: dhcpcsvc6
ncacn_ip_tcp: 221.132.31.185:49153
ncacn_np: \\CFDE-PORTAL\pipe\eventlog
ncalrpc: eventlog
30adc50c-5cbc-46ce-9a0e-91914789e23c
version: v1.0
annotation: NRP server endpoint
provider: nrpsrv.dll
ncacn_ip_tcp: 221.132.31.185:49153
ncacn_np: \\CFDE-PORTAL\pipe\eventlog
ncalrpc: eventlog
f6beaff7-1e19-4fbb-9f8f-b89e2018337c
version: v1.0
annotation: Event log TCPIP
protocol: [MS-EVEN6]: EventLog Remoting Protocol
provider: wevtsvc.dll
ncacn_ip_tcp: 221.132.31.185:49153
ncacn_np: \\CFDE-PORTAL\pipe\eventlog
ncalrpc: eventlog
30b044a5-a225-43f0-b3a4-e060df91f9c1
version: v1.0
provider: certprop.dll
ncacn_np: \\CFDE-PORTAL\PIPE\srvsvc
ncacn_ip_tcp: 221.132.31.185:49154
ncacn_np: \\CFDE-PORTAL\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEF1AD6C0D8D8C46788C2AA37B954B
ncalrpc: IUserProfile2
98716d03-89ac-44c7-bb8c-285824e51c4a
version: v1.0
annotation: XactSrv service
provider: srvsvc.dll
ncacn_ip_tcp: 221.132.31.185:49154
ncacn_np: \\CFDE-PORTAL\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEF1AD6C0D8D8C46788C2AA37B954B
ncalrpc: IUserProfile2
552d076a-cb29-4e44-8b6a-d15e59e2c0af
version: v1.0
annotation: IP Transition Configuration endpoint
provider: iphlpsvc.dll
ncacn_ip_tcp: 221.132.31.185:49154
ncacn_np: \\CFDE-PORTAL\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEF1AD6C0D8D8C46788C2AA37B954B
ncalrpc: IUserProfile2
86d35949-83c9-4044-b424-db363231fd0c
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: schedsvc.dll
ncacn_ip_tcp: 221.132.31.185:49154
ncacn_np: \\CFDE-PORTAL\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEF1AD6C0D8D8C46788C2AA37B954B
ncalrpc: IUserProfile2
378e52b0-c0a9-11cf-822d-00aa0051e40f
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: taskcomp.dll
ncacn_np: \\CFDE-PORTAL\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEF1AD6C0D8D8C46788C2AA37B954B
ncalrpc: IUserProfile2
1ff70682-0a51-30e8-076d-740be8cee98b
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: taskcomp.dll
ncacn_np: \\CFDE-PORTAL\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEF1AD6C0D8D8C46788C2AA37B954B
ncalrpc: IUserProfile2
0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53
version: v1.0
provider: schedsvc.dll
ncalrpc: senssvc
ncalrpc: OLEF1AD6C0D8D8C46788C2AA37B954B
ncalrpc: IUserProfile2
2eb08e3e-639f-4fba-97b1-14f878961076
version: v1.0
provider: gpsvc.dll
ncalrpc: OLEF1AD6C0D8D8C46788C2AA37B954B
ncalrpc: IUserProfile2
3473dd4d-2e88-4006-9cba-22570909dd10
version: v5.256
annotation: WinHttp Auto-Proxy Service
ncacn_np: \\CFDE-PORTAL\PIPE\W32TIME_ALT
ncalrpc: W32TIME_ALT
ncalrpc: LRPC-266b79193871d1119a
ncalrpc: OLEF1793F991E7649C08E96D1E2B923
7ea70bcf-48af-4f6a-8968-6a440754d5fa
version: v1.0
annotation: NSI server endpoint
provider: nsisvc.dll
ncalrpc: LRPC-266b79193871d1119a
ncalrpc: OLEF1793F991E7649C08E96D1E2B923
2fb92682-6599-42dc-ae13-bd2ca89bd11c
version: v1.0
annotation: Fw APIs
provider: MPSSVC.dll
ncalrpc: LRPC-bb3c7270ee007635ef
7f9d11bf-7fb9-436b-a812-b2d50c5d4c03
version: v1.0
annotation: Fw APIs
provider: MPSSVC.dll
ncalrpc: LRPC-bb3c7270ee007635ef
dd490425-5325-4565-b774-7e27d6c09c24
version: v1.0
annotation: Base Firewall Engine API
provider: BFE.DLL
ncalrpc: LRPC-bb3c7270ee007635ef
7f1343fe-50a9-4927-a778-0c5859517bac
version: v1.0
annotation: DfsDs service
ncacn_np: \\CFDE-PORTAL\PIPE\wkssvc
ncalrpc: DNSResolver
4a452661-8290-4b36-8fbe-7f4093a94978
version: v1.0
annotation: Spooler function endpoint
provider: spoolsv.exe
ncalrpc: spoolss
ae33069b-a2a8-46ee-a235-ddfd339be281
version: v1.0
annotation: Spooler base remote object endpoint
protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
provider: spoolsv.exe
ncalrpc: spoolss
0b6edbfa-4a24-4fc6-8a23-942b1eca65d1
version: v1.0
annotation: Spooler function endpoint
protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
provider: spoolsv.exe
ncalrpc: spoolss
b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86
version: v1.0
annotation: KeyIso
provider: keyiso.dll
ncacn_ip_tcp: 221.132.31.185:49155
ncalrpc: samss lpc
ncalrpc: dsrole
ncacn_np: \\CFDE-PORTAL\PIPE\protected_storage
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncalrpc: LRPC-62df6e948ac67609e5
ncacn_np: \\CFDE-PORTAL\pipe\lsass
12345778-1234-abcd-ef00-0123456789ac
version: v1.0
protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
provider: samsrv.dll
ncacn_ip_tcp: 221.132.31.185:49155
ncalrpc: samss lpc
ncalrpc: dsrole
ncacn_np: \\CFDE-PORTAL\PIPE\protected_storage
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncalrpc: LRPC-62df6e948ac67609e5
ncacn_np: \\CFDE-PORTAL\pipe\lsass
d107c6e0-fc35-49ba-ba03-3e192de6797d
version: v1.0
annotation: Veeam Deployer
ncacn_ip_tcp: 221.132.31.185:6183
ncalrpc: OLE8B0AEB2604064351B6FD49FFFEC8
d1c2c07a-d989-48cc-a423-b73ecd518d40
version: v1.0
annotation: Veeam Invoker
ncacn_ip_tcp: 221.132.31.185:6183
ncalrpc: OLE8B0AEB2604064351B6FD49FFFEC8
367abb81-9844-35f1-ad32-98f038001003
version: v2.0
protocol: [MS-SCMR]: Service Control Manager Remote Protocol
provider: services.exe
ncacn_ip_tcp: 221.132.31.185:49167
12345678-1234-abcd-ef00-0123456789ab
version: v1.0
annotation: IPSec Policy agent endpoint
protocol: [MS-RPRN]: Print System Remote Protocol
provider: spoolsv.exe
ncalrpc: LRPC-13c76cccd4921eb855
906b0ce0-c70b-1067-b317-00dd010662da
version: v1.0
protocol: [MS-CMPO]: MSDTC Connection Manager:
provider: msdtcprx.dll
ncalrpc: LRPC-b27799f2204b2e6d2a
ncalrpc: LRPC-b27799f2204b2e6d2a
ncalrpc: LRPC-b27799f2204b2e6d2a
ncalrpc: LRPC-b27799f2204b2e6d2a
74103b90-29af-413f-b203-a3eb4f7e95b8
version: v4.0
ncalrpc: svc_pd_endpoint
1489525118 | 2024-04-21T11:12:23.337608
443 /
tcp
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Sun, 21 Apr 2024 11:12:22 GMT
Connection: close
Content-Length: 315
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:84:dd:f6:66:14:d1:c3:f6:43:3d:6a:9a:ac:27:85:e4:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, O=Let's Encrypt, CN=R3
Validity
Not Before: Mar 23 04:23:20 2024 GMT
Not After : Jun 21 04:23:19 2024 GMT
Subject: CN=www.oude.edu.vn
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (3072 bit)
Modulus:
00:87:b0:08:ad:b2:54:46:04:d4:2e:c0:82:23:d9:
10:8b:e1:72:55:80:3e:d1:82:28:17:e5:a0:08:20:
54:6d:1c:1e:c2:44:04:08:13:60:d4:6b:b7:9c:1b:
1b:59:01:91:f6:43:11:01:73:01:d5:59:0b:af:62:
49:07:3c:57:cc:80:a4:ed:f2:6a:65:e9:07:0b:0a:
a8:fb:92:4c:9a:85:4b:fe:ef:7d:4e:71:5f:6f:88:
60:c1:97:f1:36:b7:52:2a:06:08:7f:2b:dc:0c:43:
93:30:f6:cf:54:ad:11:32:f0:a8:05:03:7e:64:a3:
7f:22:0f:4d:7c:cf:70:2b:73:84:13:2a:6a:8e:63:
50:ff:de:2f:1b:70:54:d9:4f:f0:73:28:9c:64:9b:
12:79:a8:3a:93:70:ef:df:1e:e6:24:ae:7f:92:4d:
8e:96:2e:6b:99:9c:7a:0d:48:82:9d:b6:5a:2d:43:
f1:79:84:df:0a:a4:00:db:fa:39:e0:bc:bc:ce:2a:
4b:fd:b8:9b:9d:93:93:70:b2:01:eb:6e:a7:79:7b:
2e:6b:97:15:e3:35:3f:3c:73:d1:81:8d:55:97:79:
c9:07:d7:6a:fc:0c:aa:26:ae:bd:72:3d:b3:7d:68:
cc:e4:cd:61:b2:ce:64:4f:ea:4e:0d:df:f5:5c:87:
85:b0:6f:c8:d5:0e:80:c8:34:bc:5f:69:cd:1f:df:
60:42:0f:cd:b8:28:90:3b:96:6d:68:e5:b2:10:20:
24:a6:d1:0f:08:bd:80:8a:7f:c1:4a:2e:58:34:16:
d0:8d:59:6d:57:22:c7:9d:e1:a9:ad:bf:d6:d7:14:
ee:a5:61:23:95:9e:ba:82:cf:c3:d9:bc:3a:e2:83:
8a:95:16:86:5a:23:f5:16:66:b7:67:08:0f:04:00:
08:91:21:ab:4d:08:72:4c:7d:52:21:52:2a:d4:f4:
cb:30:b8:0c:f5:27:82:48:dc:f9:bb:e2:f5:57:87:
d9:2b:75:71:dd:58:1e:90:a3:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Subject Key Identifier:
9E:93:E6:DD:92:03:36:07:D2:F4:FE:16:B8:4A:29:98:BC:7A:3C:1A
X509v3 Authority Key Identifier:
14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
Authority Information Access:
OCSP - URI:http://r3.o.lencr.org
CA Issuers - URI:http://r3.i.lencr.org/
X509v3 Subject Alternative Name:
DNS:www.oude.edu.vn
X509v3 Certificate Policies:
Policy: 2.23.140.1.2.1
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
Timestamp : Mar 23 05:23:20.806 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:B8:C5:3A:53:F3:9D:DD:6F:32:78:F1:
F6:A4:FB:32:55:17:16:D6:E0:79:2F:01:0A:99:F9:16:
9D:30:EB:FF:7A:02:21:00:DB:9C:ED:65:EA:45:03:0D:
24:6B:BF:D2:99:33:0D:0B:E8:72:03:8B:54:AC:02:50:
6F:C8:7D:C2:C9:13:5F:C2
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
Timestamp : Mar 23 05:23:22.734 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:08:CD:D4:AA:9F:F5:63:A3:0D:01:0A:1A:
18:AF:98:65:3F:58:40:4A:BB:B0:0C:74:7D:1C:73:98:
C9:13:39:5D:02:21:00:A3:B4:61:31:72:7C:72:C7:9D:
97:D6:11:16:1B:A8:97:DD:02:C4:63:3E:0D:F9:A4:92:
F5:D2:A9:19:FC:B2:96
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
b3:e0:1c:c9:89:f2:74:bb:f9:8d:88:cb:97:04:0d:51:b2:d6:
b6:cb:36:ff:60:d0:aa:84:8d:76:d5:eb:32:35:48:ff:38:7f:
bd:2c:4e:8d:29:de:5a:47:b3:5f:aa:5b:9d:9e:ad:b9:b3:a1:
6c:b2:1f:18:4a:37:99:0d:8e:4a:37:d9:a3:d5:82:98:7d:95:
e7:a1:f7:10:80:6d:81:d7:58:c1:f3:1f:2c:4c:28:a7:c8:b4:
39:d1:97:4b:3c:2d:2a:ab:84:f7:34:65:19:cf:e2:0f:46:3c:
c5:e8:51:5d:3e:c5:5b:19:b5:19:13:c6:fd:f2:b4:9e:f0:20:
f6:dc:b6:ab:a5:f2:6a:06:92:20:1b:73:60:00:95:54:44:50:
5c:b9:07:9d:f0:4c:e6:c2:43:98:5c:49:93:07:e5:b5:8c:6c:
b6:77:fe:cd:08:6f:0d:d3:be:02:27:fd:83:22:fd:af:9b:64:
79:8b:23:2f:2f:ac:0b:f1:96:50:d7:7f:d8:1f:b6:b8:f8:2a:
bf:92:48:ae:0b:7b:83:45:e0:89:95:1c:37:a0:3c:6e:93:28:
38:76:35:ce:71:72:02:27:33:72:17:7d:e8:76:12:e1:a9:37:
cb:d4:04:2c:48:7e:35:8f:28:11:09:6e:5c:5f:f8:73:ab:2a:
4b:6f:49:bc
-364889819 | 2024-04-19T01:48:08.583653
3389 /
tcp
Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\t\x08\x00\x02\x00\x00\x00
Remote Desktop Protocol NTLM Info:
OS: Windows 7/Windows Server 2008 R2
OS Build: 6.1.7601
Target Name: CFDE-PORTAL
NetBIOS Domain Name: CFDE-PORTAL
NetBIOS Computer Name: CFDE-PORTAL
DNS Domain Name: cfde-portal
FQDN: cfde-portal
Administrator
Trung tam Bao tao tirxa eT Un un yg
(A
Lar
Enterprise
Remote User
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:e7:53:22:ae:54:c8:9a:49:44:7d:aa:06:17:e2:5a
Signature Algorithm: sha1WithRSAEncryption
Issuer: CN=cfde-portal
Validity
Not Before: Jan 11 10:29:04 2024 GMT
Not After : Jul 12 10:29:04 2024 GMT
Subject: CN=cfde-portal
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b1:24:94:f4:f0:f3:41:24:e9:15:03:65:a3:6a:
18:b1:06:8c:a3:7c:94:f1:a5:fe:70:af:c7:f8:40:
d0:7d:d7:45:9e:9a:f9:0e:6a:d0:04:b5:75:79:20:
cf:32:0c:65:9d:b7:99:a5:e5:8d:6a:be:38:d9:dc:
0d:65:42:09:6d:92:93:3f:59:aa:2e:6a:b2:fb:af:
64:18:45:d9:2a:d4:03:40:02:41:48:de:f4:ef:0b:
bd:5f:e0:1c:f4:44:82:e8:5c:7f:d5:d1:63:72:78:
23:ef:45:10:76:a9:32:b9:4b:d4:81:fe:f8:1e:aa:
d9:21:8f:8d:e7:65:6b:3d:d2:a7:95:6a:b1:87:20:
bc:59:08:b7:64:80:f7:6d:29:95:88:ae:7d:c2:5d:
d7:b4:f3:af:4b:c8:ef:6c:9b:cb:fc:5d:dd:54:26:
72:92:b7:ff:64:c0:95:fa:af:47:f5:0e:78:33:24:
07:d6:0b:54:2d:cc:e8:7c:2e:e2:53:2b:61:d3:59:
54:09:93:b2:81:92:be:7a:eb:ce:c9:84:88:f6:c5:
a0:0f:8c:a6:9c:30:45:5e:ef:01:a8:a4:b9:16:d9:
c1:bc:58:fd:bf:2c:12:1c:21:30:3f:82:8a:30:cd:
68:da:14:40:8e:3d:8a:f4:b2:50:9a:d8:eb:15:39:
97:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Extended Key Usage:
TLS Web Server Authentication
X509v3 Key Usage:
Key Encipherment, Data Encipherment
Signature Algorithm: sha1WithRSAEncryption
Signature Value:
9c:fd:93:e9:e0:3b:a8:02:32:b1:8a:fd:b7:4c:dc:f7:59:1d:
cd:9b:4f:00:99:f2:fa:4f:fd:f7:c8:31:27:6b:22:50:02:d4:
9a:f9:fb:94:39:f7:19:c4:d3:67:84:2d:64:17:e9:41:41:c9:
f1:9a:a4:32:c0:5d:fe:9a:55:a6:f0:38:ce:28:75:db:7b:45:
4c:fd:4d:99:0c:7e:ed:fc:a8:2c:0a:1f:43:2d:ce:ad:43:c0:
23:5b:c5:71:19:23:3d:2a:95:a3:1e:54:d4:d8:4f:be:ae:d8:
32:11:85:2a:75:b2:03:02:0e:3e:31:de:7b:b7:49:80:3d:07:
80:05:4a:d7:fa:4f:0e:2b:8a:a0:f5:59:5f:9b:23:4d:27:da:
31:ea:2f:6a:a2:ef:bb:c6:be:9d:ad:ad:7f:b3:6e:1c:c6:05:
08:dd:33:b1:4c:d0:27:da:54:b2:47:1e:0b:b9:6c:5f:fb:c4:
58:1a:99:cc:43:21:5a:65:3d:15:45:50:7c:3d:ba:11:25:d0:
1b:93:da:e4:7d:38:39:cc:4f:1c:00:6e:5a:0d:6c:02:5e:20:
11:9c:0c:80:48:b0:44:b6:7b:6b:7f:aa:90:a6:3b:86:f2:8b:
f0:c1:7e:ad:be:7b:4b:d0:cf:45:a4:f8:04:27:cf:31:fc:b7:
48:e3:65:3e
