931329 | 2024-03-28T06:04:16.715690
135 /
tcp
Microsoft RPC Endpoint Mapper
d95afe70-a6d5-4259-822e-2c84da1ddb0d
version: v1.0
protocol: [MS-RSP]: Remote Shutdown Protocol
provider: wininit.exe
ncacn_ip_tcp: 176.111.174.85:1025
ncalrpc: WindowsShutdown
ncacn_np: \\WIN-FBCI67NR9ME\PIPE\InitShutdown
ncalrpc: WMsgKRpc0DF800
76f226c3-ec14-4325-8a99-6a46348418af
version: v1.0
provider: winlogon.exe
ncalrpc: WindowsShutdown
ncacn_np: \\WIN-FBCI67NR9ME\PIPE\InitShutdown
ncalrpc: WMsgKRpc0DF800
ncalrpc: WMsgKRpc0E55C1
ncalrpc: WMsgKRpc0948E0E2
9b008953-f195-4bf9-bde0-4471971e58ed
version: v1.0
ncalrpc: LRPC-cec092909e84e1306a
ncacn_np: \\WIN-FBCI67NR9ME\pipe\LSM_API_service
ncalrpc: LSMApi
ncalrpc: LRPC-69aea551c09116acbf
ncalrpc: actkernel
ncalrpc: umpo
697dcda9-3ba9-4eb2-9247-e11f1901b0d2
version: v1.0
ncalrpc: LRPC-cec092909e84e1306a
ncacn_np: \\WIN-FBCI67NR9ME\pipe\LSM_API_service
ncalrpc: LSMApi
ncalrpc: LRPC-69aea551c09116acbf
ncalrpc: actkernel
ncalrpc: umpo
c9ac6db5-82b7-4e55-ae8a-e464ed7b4277
version: v1.0
annotation: Impl friendly name
provider: sysntfy.dll
ncalrpc: LRPC-69aea551c09116acbf
ncalrpc: actkernel
ncalrpc: umpo
ncacn_np: \\WIN-FBCI67NR9ME\PIPE\srvsvc
ncacn_ip_tcp: 176.111.174.85:1027
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\WIN-FBCI67NR9ME\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE564854E2AB16F8D6674CD77D70F9
ncalrpc: IUserProfile2
ncalrpc: senssvc
ncalrpc: OLE564854E2AB16F8D6674CD77D70F9
ncalrpc: IUserProfile2
ncalrpc: IUserProfile2
ncalrpc: IUserProfile2
0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
c605f9fb-f0a3-4e2a-a073-73560f8d9e3e
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
8bfc3be1-6def-4e2d-af74-7c47cd0ade4a
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
2d98a740-581d-41b9-aa0d-a88b9d5ce938
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
3b338d89-6cfa-44b8-847e-531531bc9992
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
8782d3b9-ebbd-4644-a3d8-e8725381919b
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
085b0334-e454-4d91-9b8c-4134f9e793f3
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5
version: v1.0
annotation: DHCP Client LRPC Endpoint
provider: dhcpcsvc.dll
ncalrpc: dhcpcsvc
ncalrpc: dhcpcsvc6
ncalrpc: LRPC-79dc406ea4e235e544
ncacn_ip_tcp: 176.111.174.85:1026
ncacn_np: \\WIN-FBCI67NR9ME\pipe\eventlog
ncalrpc: eventlog
3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6
version: v1.0
annotation: DHCPv6 Client LRPC Endpoint
provider: dhcpcsvc6.dll
ncalrpc: dhcpcsvc6
ncalrpc: LRPC-79dc406ea4e235e544
ncacn_ip_tcp: 176.111.174.85:1026
ncacn_np: \\WIN-FBCI67NR9ME\pipe\eventlog
ncalrpc: eventlog
abfb6ca3-0c5e-4734-9285-0aee72fe8d1c
version: v1.0
annotation: Wcm Service
ncalrpc: LRPC-79dc406ea4e235e544
ncacn_ip_tcp: 176.111.174.85:1026
ncacn_np: \\WIN-FBCI67NR9ME\pipe\eventlog
ncalrpc: eventlog
30adc50c-5cbc-46ce-9a0e-91914789e23c
version: v1.0
annotation: NRP server endpoint
provider: nrpsrv.dll
ncalrpc: LRPC-79dc406ea4e235e544
ncacn_ip_tcp: 176.111.174.85:1026
ncacn_np: \\WIN-FBCI67NR9ME\pipe\eventlog
ncalrpc: eventlog
f6beaff7-1e19-4fbb-9f8f-b89e2018337c
version: v1.0
annotation: Event log TCPIP
protocol: [MS-EVEN6]: EventLog Remoting Protocol
provider: wevtsvc.dll
ncacn_ip_tcp: 176.111.174.85:1026
ncacn_np: \\WIN-FBCI67NR9ME\pipe\eventlog
ncalrpc: eventlog
58e604e8-9adb-4d2e-a464-3b0683fb1480
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncalrpc: DeviceSetupManager
ncacn_np: \\WIN-FBCI67NR9ME\pipe\SessEnvPublicRpc
ncalrpc: SessEnvPrivateRpc
ncalrpc: LRPC-d1daecec0f7201b210
ncacn_np: \\WIN-FBCI67NR9ME\PIPE\srvsvc
ncacn_ip_tcp: 176.111.174.85:1027
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\WIN-FBCI67NR9ME\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE564854E2AB16F8D6674CD77D70F9
ncalrpc: IUserProfile2
fd7a0523-dc70-43dd-9b2e-9c5ed48225b1
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncalrpc: DeviceSetupManager
ncacn_np: \\WIN-FBCI67NR9ME\pipe\SessEnvPublicRpc
ncalrpc: SessEnvPrivateRpc
ncalrpc: LRPC-d1daecec0f7201b210
ncacn_np: \\WIN-FBCI67NR9ME\PIPE\srvsvc
ncacn_ip_tcp: 176.111.174.85:1027
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\WIN-FBCI67NR9ME\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE564854E2AB16F8D6674CD77D70F9
ncalrpc: IUserProfile2
5f54ce7d-5b79-4175-8584-cb65313a0e98
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncalrpc: DeviceSetupManager
ncacn_np: \\WIN-FBCI67NR9ME\pipe\SessEnvPublicRpc
ncalrpc: SessEnvPrivateRpc
ncalrpc: LRPC-d1daecec0f7201b210
ncacn_np: \\WIN-FBCI67NR9ME\PIPE\srvsvc
ncacn_ip_tcp: 176.111.174.85:1027
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\WIN-FBCI67NR9ME\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE564854E2AB16F8D6674CD77D70F9
ncalrpc: IUserProfile2
201ef99a-7fa0-444c-9399-19ba84f12a1a
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncalrpc: DeviceSetupManager
ncacn_np: \\WIN-FBCI67NR9ME\pipe\SessEnvPublicRpc
ncalrpc: SessEnvPrivateRpc
ncalrpc: LRPC-d1daecec0f7201b210
ncacn_np: \\WIN-FBCI67NR9ME\PIPE\srvsvc
ncacn_ip_tcp: 176.111.174.85:1027
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\WIN-FBCI67NR9ME\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE564854E2AB16F8D6674CD77D70F9
ncalrpc: IUserProfile2
30b044a5-a225-43f0-b3a4-e060df91f9c1
version: v1.0
provider: certprop.dll
ncalrpc: LRPC-d1daecec0f7201b210
ncacn_np: \\WIN-FBCI67NR9ME\PIPE\srvsvc
ncacn_ip_tcp: 176.111.174.85:1027
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\WIN-FBCI67NR9ME\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE564854E2AB16F8D6674CD77D70F9
ncalrpc: IUserProfile2
1a0d010f-1c33-432c-b0f5-8cf4e8053099
version: v1.0
annotation: IdSegSrv service
ncacn_ip_tcp: 176.111.174.85:1027
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\WIN-FBCI67NR9ME\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE564854E2AB16F8D6674CD77D70F9
ncalrpc: IUserProfile2
98716d03-89ac-44c7-bb8c-285824e51c4a
version: v1.0
annotation: XactSrv service
provider: srvsvc.dll
ncacn_ip_tcp: 176.111.174.85:1027
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\WIN-FBCI67NR9ME\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE564854E2AB16F8D6674CD77D70F9
ncalrpc: IUserProfile2
c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1
version: v1.0
annotation: Adh APIs
ncacn_ip_tcp: 176.111.174.85:1027
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\WIN-FBCI67NR9ME\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE564854E2AB16F8D6674CD77D70F9
ncalrpc: IUserProfile2
c36be077-e14b-4fe9-8abc-e856ef4f048b
version: v1.0
annotation: Proxy Manager client server endpoint
ncacn_ip_tcp: 176.111.174.85:1027
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\WIN-FBCI67NR9ME\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE564854E2AB16F8D6674CD77D70F9
ncalrpc: IUserProfile2
2e6035b2-e8f1-41a7-a044-656b439c4c34
version: v1.0
annotation: Proxy Manager provider server endpoint
ncacn_ip_tcp: 176.111.174.85:1027
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\WIN-FBCI67NR9ME\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE564854E2AB16F8D6674CD77D70F9
ncalrpc: IUserProfile2
552d076a-cb29-4e44-8b6a-d15e59e2c0af
version: v1.0
annotation: IP Transition Configuration endpoint
provider: iphlpsvc.dll
ncacn_ip_tcp: 176.111.174.85:1027
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\WIN-FBCI67NR9ME\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE564854E2AB16F8D6674CD77D70F9
ncalrpc: IUserProfile2
a398e520-d59a-4bdd-aa7a-3c1e0303a511
version: v1.0
annotation: IKE/Authip API
provider: IKEEXT.DLL
ncacn_ip_tcp: 176.111.174.85:1027
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\WIN-FBCI67NR9ME\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE564854E2AB16F8D6674CD77D70F9
ncalrpc: IUserProfile2
3a9ef155-691d-4449-8d05-09ad57031823
version: v1.0
ncacn_ip_tcp: 176.111.174.85:1027
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\WIN-FBCI67NR9ME\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE564854E2AB16F8D6674CD77D70F9
ncalrpc: IUserProfile2
86d35949-83c9-4044-b424-db363231fd0c
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: schedsvc.dll
ncacn_ip_tcp: 176.111.174.85:1027
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\WIN-FBCI67NR9ME\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE564854E2AB16F8D6674CD77D70F9
ncalrpc: IUserProfile2
378e52b0-c0a9-11cf-822d-00aa0051e40f
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: taskcomp.dll
ncacn_np: \\WIN-FBCI67NR9ME\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE564854E2AB16F8D6674CD77D70F9
ncalrpc: IUserProfile2
1ff70682-0a51-30e8-076d-740be8cee98b
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: taskcomp.dll
ncacn_np: \\WIN-FBCI67NR9ME\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE564854E2AB16F8D6674CD77D70F9
ncalrpc: IUserProfile2
0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53
version: v1.0
provider: schedsvc.dll
ncalrpc: senssvc
ncalrpc: OLE564854E2AB16F8D6674CD77D70F9
ncalrpc: IUserProfile2
2eb08e3e-639f-4fba-97b1-14f878961076
version: v1.0
annotation: Group Policy RPC Interface
provider: gpsvc.dll
ncalrpc: LRPC-f3524284909ed884ce
3473dd4d-2e88-4006-9cba-22570909dd10
version: v5.256
annotation: WinHttp Auto-Proxy Service
ncacn_np: \\WIN-FBCI67NR9ME\PIPE\W32TIME_ALT
ncalrpc: W32TIME_ALT
ncalrpc: LRPC-2311290b4966c3bd29
ncalrpc: OLE8496F2C384E4530B89A2A336AA94
7ea70bcf-48af-4f6a-8968-6a440754d5fa
version: v1.0
annotation: NSI server endpoint
provider: nsisvc.dll
ncalrpc: LRPC-2311290b4966c3bd29
ncalrpc: OLE8496F2C384E4530B89A2A336AA94
2fb92682-6599-42dc-ae13-bd2ca89bd11c
version: v1.0
annotation: Fw APIs
provider: MPSSVC.dll
ncalrpc: LRPC-046b4df7b78283884d
ncalrpc: LRPC-9f847dab59ad87ea13
f47433c3-3e9d-4157-aad4-83aa1f5c2d4c
version: v1.0
annotation: Fw APIs
ncalrpc: LRPC-046b4df7b78283884d
ncalrpc: LRPC-9f847dab59ad87ea13
7f9d11bf-7fb9-436b-a812-b2d50c5d4c03
version: v1.0
annotation: Fw APIs
provider: MPSSVC.dll
ncalrpc: LRPC-046b4df7b78283884d
ncalrpc: LRPC-9f847dab59ad87ea13
dd490425-5325-4565-b774-7e27d6c09c24
version: v1.0
annotation: Base Firewall Engine API
provider: BFE.DLL
ncalrpc: LRPC-9f847dab59ad87ea13
b2507c30-b126-494a-92ac-ee32b6eeb039
version: v1.0
ncalrpc: LRPC-9fc6c74c2feb457602
7f1343fe-50a9-4927-a778-0c5859517bac
version: v1.0
annotation: DfsDs service
ncacn_np: \\WIN-FBCI67NR9ME\PIPE\wkssvc
ncalrpc: LRPC-08b085d78def2f8e80
ncalrpc: DNSResolver
eb081a0d-10ee-478a-a1dd-50995283e7a8
version: v3.0
annotation: Witness Client Test Interface
ncalrpc: LRPC-08b085d78def2f8e80
ncalrpc: DNSResolver
f2c9b409-c1c9-4100-8639-d8ab1486694a
version: v1.0
annotation: Witness Client Upcall Server
ncalrpc: LRPC-08b085d78def2f8e80
ncalrpc: DNSResolver
76f03f96-cdfd-44fc-a22c-64950a001209
version: v1.0
protocol: [MS-PAR]: Print System Asynchronous Remote Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 176.111.174.85:1028
ncalrpc: LRPC-344eed13d976e767de
4a452661-8290-4b36-8fbe-7f4093a94978
version: v1.0
provider: spoolsv.exe
ncacn_ip_tcp: 176.111.174.85:1028
ncalrpc: LRPC-344eed13d976e767de
ae33069b-a2a8-46ee-a235-ddfd339be281
version: v1.0
protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 176.111.174.85:1028
ncalrpc: LRPC-344eed13d976e767de
0b6edbfa-4a24-4fc6-8a23-942b1eca65d1
version: v1.0
protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 176.111.174.85:1028
ncalrpc: LRPC-344eed13d976e767de
12345678-1234-abcd-ef00-0123456789ab
version: v1.0
protocol: [MS-RPRN]: Print System Remote Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 176.111.174.85:1028
ncalrpc: LRPC-344eed13d976e767de
367abb81-9844-35f1-ad32-98f038001003
version: v2.0
protocol: [MS-SCMR]: Service Control Manager Remote Protocol
provider: services.exe
ncacn_ip_tcp: 176.111.174.85:1030
6b5bdd1e-528c-422c-af8c-a4079be4fe48
version: v1.0
annotation: Remote Fw APIs
protocol: [MS-FASP]: Firewall and Advanced Security Protocol
provider: FwRemoteSvr.dll
ncacn_ip_tcp: 176.111.174.85:1031
12345778-1234-abcd-ef00-0123456789ac
version: v1.0
protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
provider: samsrv.dll
ncacn_ip_tcp: 176.111.174.85:1038
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\WIN-FBCI67NR9ME\pipe\lsass
906b0ce0-c70b-1067-b317-00dd010662da
version: v1.0
protocol: [MS-CMPO]: MSDTC Connection Manager:
provider: msdtcprx.dll
ncalrpc: LRPC-11184c69dfdc53b6fd
ncalrpc: LRPC-11184c69dfdc53b6fd
ncalrpc: LRPC-11184c69dfdc53b6fd
12e65dd8-887f-41ef-91bf-8d816c42c2e7
version: v1.0
annotation: Secure Desktop LRPC interface
provider: winlogon.exe
ncalrpc: WMsgKRpc0948E0E2
1472128121 | 2024-04-13T02:16:44.692087
137 /
udp
NetBIOS Response:
Server Name: WIN-FBCI67NR9ME
MAC Address: 0C:C4:7A:77:97:BE
Names:
WIN-FBCI67NR9ME <0x0>
WORKGROUP <0x0>
WIN-FBCI67NR9ME <0x20>MAC Addresses
0C:C4:7A:77:97:BE
OUI: 0C:C4:7A
Organization: Super Micro Computer, Inc.
Assignment: MA-L
Registration Date: 2013-10-24
1688663994 | 2024-04-12T12:25:23.457675
445 /
tcp
SMB Status:
Authentication: enabled
SMB Version: 1
OS: Windows Server 2012 R2 Standard 9600
Software: Windows Server 2012 R2 Standard 6.3
Capabilities: extended-security, infolevel-passthru, large-files, large-readx, large-writex, level2-oplocks, lock-and-read, lwio, nt-find, nt-smb, nt-status, rpc-remote-api, unicode
592852057 | 2024-03-26T16:52:16.991053
3389 /
tcp
Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x0f\x08\x00\x02\x00\x00\x00
Remote Desktop Protocol NTLM Info:
OS: Windows 8.1/Windows Server 2012 R2
OS Build: 6.3.9600
Target Name: WIN-FBCI67NR9ME
NetBIOS Domain Name: WIN-FBCI67NR9ME
NetBIOS Computer Name: WIN-FBCI67NR9ME
DNS Domain Name: WIN-FBCI67NR9ME
FQDN: WIN-FBCI67NR9ME
am Windows Server 2012R2
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:90:d9:b2:fa:2a:a8:a9:42:a4:4b:81:ff:7e:1d:09
Signature Algorithm: sha1WithRSAEncryption
Issuer: CN=WIN-FBCI67NR9ME
Validity
Not Before: Feb 19 09:58:33 2024 GMT
Not After : Aug 20 09:58:33 2024 GMT
Subject: CN=WIN-FBCI67NR9ME
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:a1:aa:41:44:44:29:b4:87:47:35:e8:d5:08:30:
0b:97:7f:87:2e:09:a0:4d:2e:ed:66:94:51:04:ef:
45:9c:38:e7:ea:85:2d:cf:1b:de:d5:73:e0:f2:10:
18:03:38:f9:62:3e:a7:55:5d:ec:03:94:fa:16:9c:
ba:3a:22:70:b8:52:b4:15:5b:6e:e2:f6:d5:3d:d2:
bb:52:f7:05:25:09:f8:c6:36:f0:0d:56:b3:e0:e4:
18:6d:88:05:d6:27:93:59:a5:fe:cf:fe:c3:a4:3e:
5d:8a:e9:c7:5d:7d:86:ed:9d:01:21:09:51:33:20:
ef:cd:8c:a6:e2:a1:5c:6d:6a:5d:53:6c:2c:a5:09:
19:97:a9:b3:e3:af:68:97:aa:e6:f7:c2:3e:0a:5c:
0d:21:91:a4:6b:a4:6d:ae:3c:a4:19:23:c5:6e:dd:
74:29:17:d9:75:e3:dc:6e:be:87:19:85:be:4a:10:
b8:16:8d:65:cc:52:53:85:ea:8a:56:5a:97:e2:cd:
bc:b5:dc:01:ff:fb:87:2e:95:ca:e4:be:5e:df:e7:
21:17:9e:88:a4:b4:f8:d4:75:6e:10:bc:0a:78:3f:
80:a4:9e:aa:91:87:1c:41:e4:3c:57:9b:cb:25:59:
9e:1d:8d:f3:77:77:6e:0f:bf:51:0e:e2:fb:63:9b:
4c:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Extended Key Usage:
TLS Web Server Authentication
X509v3 Key Usage:
Key Encipherment, Data Encipherment
Signature Algorithm: sha1WithRSAEncryption
Signature Value:
80:6c:05:c6:05:2c:d2:49:31:7d:56:86:83:c5:5d:0f:8b:c8:
01:72:20:dd:48:e8:3f:1d:ee:61:16:4d:05:00:88:59:82:57:
3b:31:fb:52:c3:7f:03:f0:49:17:0f:2c:73:8b:5b:69:73:17:
b3:05:51:ba:cc:25:b6:fa:85:1b:51:8b:e5:c6:25:60:22:ae:
97:f7:98:1c:b0:34:22:ec:76:13:67:82:9a:de:5a:fd:c2:ef:
14:1b:0a:17:99:08:a2:da:a9:35:0d:14:76:ab:9e:63:81:3c:
05:2f:5b:93:af:a3:31:14:64:36:24:d0:fa:53:3b:c1:f4:78:
2c:92:c2:fb:a3:08:6e:79:11:52:69:42:eb:e9:25:4c:d5:13:
ca:51:49:9c:bf:c8:ec:31:df:36:99:1a:06:5d:ef:95:97:0b:
ad:29:fe:22:94:d6:f7:29:ea:f6:aa:b2:62:22:28:b0:38:9f:
01:40:80:a7:c8:8c:1e:bd:fa:a5:d7:fe:37:ed:e8:9f:02:91:
10:cc:68:70:24:cd:38:63:ef:a2:fd:bc:8a:1d:47:b1:d2:b4:
43:d9:ff:ab:40:72:70:e1:0f:d0:57:36:fc:68:60:ad:5e:1b:
f5:5d:a6:14:c1:ff:7d:5f:f8:a8:b1:cb:77:9b:d0:7a:c0:ac:
d7:aa:c0:65
1489525118 | 2024-04-17T01:26:22.952414
5985 /
tcp
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Wed, 17 Apr 2024 01:26:17 GMT
Connection: close
Content-Length: 315
WinRM NTLM Info:
OS: Windows Server 2012 R2
OS Build: 6.3.9600
Target Name: WIN-FBCI67NR9ME
NetBIOS Domain Name: WIN-FBCI67NR9ME
NetBIOS Computer Name: WIN-FBCI67NR9ME
DNS Domain Name: WIN-FBCI67NR9ME
FQDN: WIN-FBCI67NR9ME
