410639430 | 2024-06-13T07:22:18.545544
80 /
tcp
HTTP/1.1 503 Service Unavailable
Date: Thu, 13 Jun 2024 07:22:20 GMT
Server: Apache/2.4.16 (Win64) OpenSSL/1.0.1p
X-Frame-Options: SAMEORIGIN
Content-Length: 299
Connection: close
Content-Type: text/html; charset=iso-8859-1
370718683 | 2024-06-12T22:50:22.561188
135 /
tcp
Microsoft RPC Endpoint Mapper
d95afe70-a6d5-4259-822e-2c84da1ddb0d
version: v1.0
protocol: [MS-RSP]: Remote Shutdown Protocol
provider: wininit.exe
ncacn_ip_tcp: 172.18.91.241:1025
ncalrpc: WindowsShutdown
ncacn_np: \\ccrfid-hk\PIPE\InitShutdown
ncalrpc: WMsgKRpc046090
76f226c3-ec14-4325-8a99-6a46348418af
version: v1.0
provider: winlogon.exe
ncalrpc: WindowsShutdown
ncacn_np: \\ccrfid-hk\PIPE\InitShutdown
ncalrpc: WMsgKRpc046090
ncalrpc: WMsgKRpc0475A1
ncalrpc: WMsgKRpc032763E2
c9ac6db5-82b7-4e55-ae8a-e464ed7b4277
version: v1.0
annotation: Impl friendly name
provider: sysntfy.dll
ncalrpc: LRPC-e78334a63f0794cb14
ncacn_np: \\ccrfid-hk\PIPE\srvsvc
ncacn_ip_tcp: 172.18.91.241:1027
ncacn_np: \\ccrfid-hk\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEC698C6DF17C24EC79D9ED633DDA0
ncalrpc: IUserProfile2
ncalrpc: senssvc
ncalrpc: OLEC698C6DF17C24EC79D9ED633DDA0
ncalrpc: IUserProfile2
ncalrpc: IUserProfile2
ncalrpc: IUserProfile2
3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6
version: v1.0
annotation: DHCPv6 Client LRPC Endpoint
provider: dhcpcsvc6.dll
ncalrpc: dhcpcsvc6
ncalrpc: dhcpcsvc
ncacn_ip_tcp: 172.18.91.241:1026
ncacn_np: \\ccrfid-hk\pipe\eventlog
ncalrpc: eventlog
3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5
version: v1.0
annotation: DHCP Client LRPC Endpoint
provider: dhcpcsvc.dll
ncalrpc: dhcpcsvc
ncacn_ip_tcp: 172.18.91.241:1026
ncacn_np: \\ccrfid-hk\pipe\eventlog
ncalrpc: eventlog
30adc50c-5cbc-46ce-9a0e-91914789e23c
version: v1.0
annotation: NRP server endpoint
provider: nrpsrv.dll
ncacn_ip_tcp: 172.18.91.241:1026
ncacn_np: \\ccrfid-hk\pipe\eventlog
ncalrpc: eventlog
f6beaff7-1e19-4fbb-9f8f-b89e2018337c
version: v1.0
annotation: Event log TCPIP
protocol: [MS-EVEN6]: EventLog Remoting Protocol
provider: wevtsvc.dll
ncacn_ip_tcp: 172.18.91.241:1026
ncacn_np: \\ccrfid-hk\pipe\eventlog
ncalrpc: eventlog
30b044a5-a225-43f0-b3a4-e060df91f9c1
version: v1.0
provider: certprop.dll
ncacn_np: \\ccrfid-hk\PIPE\srvsvc
ncacn_ip_tcp: 172.18.91.241:1027
ncacn_np: \\ccrfid-hk\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEC698C6DF17C24EC79D9ED633DDA0
ncalrpc: IUserProfile2
98716d03-89ac-44c7-bb8c-285824e51c4a
version: v1.0
annotation: XactSrv service
provider: srvsvc.dll
ncacn_ip_tcp: 172.18.91.241:1027
ncacn_np: \\ccrfid-hk\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEC698C6DF17C24EC79D9ED633DDA0
ncalrpc: IUserProfile2
552d076a-cb29-4e44-8b6a-d15e59e2c0af
version: v1.0
annotation: IP Transition Configuration endpoint
provider: iphlpsvc.dll
ncacn_ip_tcp: 172.18.91.241:1027
ncacn_np: \\ccrfid-hk\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEC698C6DF17C24EC79D9ED633DDA0
ncalrpc: IUserProfile2
a398e520-d59a-4bdd-aa7a-3c1e0303a511
version: v1.0
annotation: IKE/Authip API
provider: IKEEXT.DLL
ncacn_ip_tcp: 172.18.91.241:1027
ncacn_np: \\ccrfid-hk\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEC698C6DF17C24EC79D9ED633DDA0
ncalrpc: IUserProfile2
86d35949-83c9-4044-b424-db363231fd0c
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: schedsvc.dll
ncacn_ip_tcp: 172.18.91.241:1027
ncacn_np: \\ccrfid-hk\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEC698C6DF17C24EC79D9ED633DDA0
ncalrpc: IUserProfile2
378e52b0-c0a9-11cf-822d-00aa0051e40f
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: taskcomp.dll
ncacn_np: \\ccrfid-hk\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEC698C6DF17C24EC79D9ED633DDA0
ncalrpc: IUserProfile2
1ff70682-0a51-30e8-076d-740be8cee98b
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: taskcomp.dll
ncacn_np: \\ccrfid-hk\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEC698C6DF17C24EC79D9ED633DDA0
ncalrpc: IUserProfile2
0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53
version: v1.0
provider: schedsvc.dll
ncalrpc: senssvc
ncalrpc: OLEC698C6DF17C24EC79D9ED633DDA0
ncalrpc: IUserProfile2
2eb08e3e-639f-4fba-97b1-14f878961076
version: v1.0
provider: gpsvc.dll
ncalrpc: IUserProfile2
3473dd4d-2e88-4006-9cba-22570909dd10
version: v5.256
annotation: WinHttp Auto-Proxy Service
ncacn_np: \\ccrfid-hk\PIPE\W32TIME_ALT
ncalrpc: W32TIME_ALT
ncalrpc: LRPC-131e82c47e536e5a4f
ncalrpc: OLE3353EBF724B646AC909BDE0E656D
7ea70bcf-48af-4f6a-8968-6a440754d5fa
version: v1.0
annotation: NSI server endpoint
provider: nsisvc.dll
ncalrpc: LRPC-131e82c47e536e5a4f
ncalrpc: OLE3353EBF724B646AC909BDE0E656D
24019106-a203-4642-b88d-82dae9158929
version: v1.0
provider: authui.dll
ncalrpc: LRPC-d0f9aca242371c22e8
2fb92682-6599-42dc-ae13-bd2ca89bd11c
version: v1.0
annotation: Fw APIs
provider: MPSSVC.dll
ncalrpc: LRPC-a71dc7e794bafcbe05
7f9d11bf-7fb9-436b-a812-b2d50c5d4c03
version: v1.0
annotation: Fw APIs
provider: MPSSVC.dll
ncalrpc: LRPC-a71dc7e794bafcbe05
dd490425-5325-4565-b774-7e27d6c09c24
version: v1.0
annotation: Base Firewall Engine API
provider: BFE.DLL
ncalrpc: LRPC-a71dc7e794bafcbe05
7f1343fe-50a9-4927-a778-0c5859517bac
version: v1.0
annotation: DfsDs service
ncacn_np: \\ccrfid-hk\PIPE\wkssvc
ncalrpc: DNSResolver
4a452661-8290-4b36-8fbe-7f4093a94978
version: v1.0
annotation: Spooler function endpoint
provider: spoolsv.exe
ncalrpc: spoolss
ae33069b-a2a8-46ee-a235-ddfd339be281
version: v1.0
annotation: Spooler base remote object endpoint
protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
provider: spoolsv.exe
ncalrpc: spoolss
0b6edbfa-4a24-4fc6-8a23-942b1eca65d1
version: v1.0
annotation: Spooler function endpoint
protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
provider: spoolsv.exe
ncalrpc: spoolss
12345778-1234-abcd-ef00-0123456789ac
version: v1.0
protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
provider: samsrv.dll
ncacn_ip_tcp: 172.18.91.241:1092
ncalrpc: samss lpc
ncalrpc: dsrole
ncacn_np: \\ccrfid-hk\PIPE\protected_storage
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncalrpc: LRPC-bc4fda1271445f5895
ncacn_np: \\ccrfid-hk\pipe\lsass
367abb81-9844-35f1-ad32-98f038001003
version: v2.0
protocol: [MS-SCMR]: Service Control Manager Remote Protocol
provider: services.exe
ncacn_ip_tcp: 172.18.91.241:20049
12345678-1234-abcd-ef00-0123456789ab
version: v1.0
annotation: IPSec Policy agent endpoint
protocol: [MS-RPRN]: Print System Remote Protocol
provider: spoolsv.exe
ncalrpc: LRPC-1c4578f6ef18441d14
ncacn_ip_tcp: 172.18.91.241:20078
6b5bdd1e-528c-422c-af8c-a4079be4fe48
version: v1.0
annotation: Remote Fw APIs
protocol: [MS-FASP]: Firewall and Advanced Security Protocol
provider: FwRemoteSvr.dll
ncacn_ip_tcp: 172.18.91.241:20078
12e65dd8-887f-41ef-91bf-8d816c42c2e7
version: v1.0
annotation: Secure Desktop LRPC interface
provider: winlogon.exe
ncalrpc: WMsgKRpc032763E2
906b0ce0-c70b-1067-b317-00dd010662da
version: v1.0
protocol: [MS-CMPO]: MSDTC Connection Manager:
provider: msdtcprx.dll
ncalrpc: LRPC-9f850b00c9d3f37591
ncalrpc: LRPC-9f850b00c9d3f37591
ncalrpc: LRPC-9f850b00c9d3f37591
ncalrpc: LRPC-9f850b00c9d3f37591
-325005983 | 2024-06-13T07:16:50.359885
161 /
udp
SNMP:
Versions:
3
Engine Boots: 163
Engineid Data: 80001f8880ac1d0000b26c8a5f00000000
Enterprise: 8072
Engine Time: 14 days, 19:41:42
410639430 | 2024-06-13T08:04:34.863159
443 /
tcp
HTTP/1.1 503 Service Unavailable
Date: Thu, 13 Jun 2024 08:04:36 GMT
Server: Apache/2.4.16 (Win64) OpenSSL/1.0.1p
X-Frame-Options: SAMEORIGIN
Content-Length: 299
Connection: close
Content-Type: text/html; charset=iso-8859-1
SSL Certificate
Certificate:
Data:
Version: 1 (0x0)
Serial Number:
83:af:39:3a:d6:d1:5a:3b
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=CN, ST=ZJ, L=HZ, O=BJ, OU=XX, CN=ROOT CA/emailAddress=sunyingjie@hikvision.com.cn
Validity
Not Before: Mar 26 12:50:09 2014 GMT
Not After : Mar 23 12:50:09 2024 GMT
Subject: C=CN, ST=ZJ, L=HZ, O=BJ, OU=XX, CN=pc-sunyingjie/emailAddress=dd@sina.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (1024 bit)
Modulus:
00:9b:ca:35:18:e1:24:21:97:ac:82:1d:43:07:6d:
e1:21:95:92:8b:17:a8:89:f4:e8:94:c9:50:88:da:
09:0a:a5:c6:28:f2:c7:85:0c:ce:0a:7b:51:55:91:
91:ff:68:90:17:d2:27:0a:6b:4e:be:00:5b:ca:bf:
50:ca:54:7b:41:c6:fb:fd:df:8e:d4:f3:68:8f:f7:
ec:b8:d2:ab:d5:33:8c:b5:34:a1:d8:11:98:cf:3d:
be:01:ed:a8:ff:9e:ef:b7:94:80:ca:24:ff:40:61:
79:62:88:98:5e:11:2e:3d:4b:20:04:a6:4a:5a:1a:
40:78:75:25:65:47:06:3a:0d
Exponent: 65537 (0x10001)
Signature Algorithm: sha1WithRSAEncryption
Signature Value:
11:26:bb:25:19:9b:ad:85:bb:c4:0e:a0:5e:a4:f5:a6:bf:cb:
d5:64:07:2d:8b:b2:49:c8:bf:92:7e:ea:27:96:9b:67:cd:ab:
d9:61:9e:b8:dc:13:53:ce:d3:27:16:57:ff:4d:62:ac:4a:03:
08:da:9a:4f:66:9c:fc:6d:1d:bd:e4:bc:de:00:b0:59:38:10:
ea:1f:ee:a7:d3:85:96:d5:59:39:c0:f9:35:f5:24:4c:81:94:
03:b5:09:1e:17:27:72:a7:98:29:fc:49:b8:a2:9c:64:f8:64:
2b:66:db:d6:92:25:a6:95:8e:de:33:1b:06:00:46:2c:1d:fc:
80:96
670720760 | 2024-06-08T05:26:28.419832
3389 /
tcp
Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\t\x08\x00\x02\x00\x00\x00
Remote Desktop Protocol NTLM Info:
OS: Windows 7/Windows Server 2008 R2
OS Build: 6.1.7601
Target Name: ccrfid-hk
NetBIOS Domain Name: ccrfid-hk
NetBIOS Computer Name: ccrfid-hk
DNS Domain Name: ccrfid-hk
FQDN: ccrfid-hk
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:90:18:40:89:4e:06:90:47:b5:73:16:0b:7e:22:15
Signature Algorithm: sha1WithRSAEncryption
Issuer: CN=ccrfid-hk
Validity
Not Before: Feb 14 18:00:10 2024 GMT
Not After : Aug 15 18:00:10 2024 GMT
Subject: CN=ccrfid-hk
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:e4:73:be:31:8a:3c:35:9e:4c:e5:a6:8e:3b:7b:
9a:96:7f:df:62:9f:ef:ab:04:34:3e:79:40:31:4f:
34:7a:4e:8c:e1:4f:ea:a0:ea:1c:28:ea:3f:6b:2a:
3f:a6:87:ff:d8:cb:d5:b7:46:f9:19:a3:70:1b:53:
38:e0:ad:ec:25:2c:86:7a:5d:a1:da:e2:12:61:06:
02:bd:78:9b:3a:8f:05:46:b6:62:ad:dd:7b:82:60:
b7:7c:82:ae:3a:45:ea:9a:20:b2:e5:28:d5:62:32:
68:ae:18:63:7a:b6:e6:96:aa:5d:40:c1:be:08:c4:
c4:97:44:18:2c:fb:9c:58:54:d7:6b:ec:30:6b:d0:
aa:ed:b3:cc:a5:3a:a8:cb:0d:3b:0c:25:be:1d:b6:
c0:05:4d:bc:cf:b4:57:52:b9:70:19:f9:66:9c:33:
af:33:63:e6:78:47:57:91:76:ed:f4:47:d4:41:60:
bd:67:0f:98:24:64:77:a1:30:79:82:72:4b:05:cd:
1b:8f:e0:1d:49:e7:d4:a8:c8:ab:52:9e:ac:0a:12:
0a:37:e7:84:ae:c0:3d:5e:ab:09:f5:f5:cc:d9:1c:
6b:0f:a8:68:50:5f:de:6e:35:36:dd:c1:4d:46:c6:
be:4b:27:81:96:22:67:18:91:70:09:6c:55:24:59:
16:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Extended Key Usage:
TLS Web Server Authentication
X509v3 Key Usage:
Key Encipherment, Data Encipherment
Signature Algorithm: sha1WithRSAEncryption
Signature Value:
c0:23:14:79:36:13:02:77:f1:c1:0d:d9:1c:66:30:71:ac:11:
df:d8:57:92:b6:4b:03:f5:24:a7:bd:55:17:39:c2:fa:3e:58:
99:c9:c4:ca:21:d4:48:a3:04:fb:15:a0:87:9a:5a:c8:4b:14:
1e:06:6b:93:52:f0:75:a1:51:95:97:f6:ba:e2:f7:63:a3:3e:
09:74:69:84:c2:05:c3:99:e4:f3:6f:47:70:61:d9:df:9f:32:
9a:e1:18:79:df:a1:a1:65:37:4c:b1:a5:5f:63:21:77:ad:64:
89:99:77:4a:b3:aa:3d:cd:21:ba:c1:b7:e7:18:e2:e9:ea:db:
c5:43:a2:e7:3c:1e:8c:72:99:48:b7:36:5a:36:27:36:60:4d:
c2:b2:2e:5f:75:5a:ce:1b:e1:81:8b:d1:e9:95:b6:99:61:e8:
5a:f3:f2:f5:2d:f9:5e:c7:99:5e:f4:4e:87:8c:13:9c:69:0d:
d4:f2:e8:d0:e8:cb:48:d3:d0:c6:93:da:ca:43:52:52:20:27:
0f:ae:ab:22:5a:f4:f0:73:c3:fa:a3:bb:c5:b9:35:fa:ac:1d:
ed:96:15:c5:36:0d:17:ab:18:d5:89:5b:a1:a4:44:fa:3e:14:
12:1d:7a:1b:6a:10:88:df:aa:13:6c:2a:6b:64:83:8e:91:65:
6c:85:9b:72
137360666 | 2024-05-14T14:25:01.459292
7788 /
tcp
HTTP/1.1 404 Not Found
Content-Length: 35
Connection: close
1344922296 | 2024-05-16T10:45:47.787964
8080 /
tcp
HTTP/1.1 404 Not Found
Server: Apache-Coyote/1.1
Content-Length: 0
Date: Thu, 16 May 2024 10:45:47 GMT
1809098331 | 2024-05-26T00:30:38.473995
27017 /
tcp
MongoDB Server Information
Authentication partially enabled
{
"ok": 1.0,
"bits": 64,
"version": "2.2.6",
"versionArray": [
2,
2,
6,
0
],
"debug": false,
"maxBsonObjectSize": 16777216,
"sysInfo": "windows sys.getwindowsversion(major=6, minor=1, build=7601, platform=2, service_pack='Service Pack 1') BOOST_LIB_VERSION=1_49",
"gitVersion": "d626379119a6de9f2fb390780cf2fc336dfd540d"
}
-585381084 | 2024-05-16T19:21:03.835855
28017 /
tcp
HTTP/1.0 401
WWW-Authenticate: Digest realm="mongo", nonce="abc", algorithm=MD5, qop="auth"
Content-Type: text/plain;charset=utf-8
Connection: close
Content-Length: 12
1379636754 | 2024-06-13T12:13:16.061056
49153 /
tcp
HTTP/1.1 404 Not Found
SERVER: 6.1.7601 2/Service Pack 1, UPnP/1.0, Portable SDK for UPnP devices/1.6.20
CONNECTION: close
CONTENT-LENGTH: 48
CONTENT-TYPE: text/html