152.89.198.42

As of: Jul 19, 2024 11:42am UTC | Latest

Basic Information

Routing
152.89.198.0/24  via CHANGWAY-AS, HK (AS57523)
OS
Microsoft Windows
Services (7)
135/DCERPC, 137/NETBIOS, 139/NETBIOS, 445/SMB, 3389/RDP, 5985/WINRM, 47001/HTTP
Labels
File Sharing Network Administration Remote Access

DCERPC 135/TCP
07/19/2024 03:54 UTC


Software

microsoft windows

Details

Could Bind
True
Could Query Epm
True

NETBIOS 137/UDP
07/19/2024 10:46 UTC


Details

Banner (Hex)
  
00000000
00000010
00000020
00000030
00000040
00000050
00000060
00000070
00000080
00000090
e5 d8 84 00 00 00 00 01 00 00 00 00 20 43 4b 41
41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
41 41 41 41 41 41 41 41 41 41 41 41 41 00 00 21
00 01 00 00 00 00 00 65 03 57 49 4e 2d 42 53 4e
39 56 56 41 45 53 55 49 00 04 00 57 4f 52 4b 47
52 4f 55 50 20 20 20 20 20 20 00 84 00 57 49 4e
2d 42 53 4e 39 56 56 41 45 53 55 49 20 04 00 0c
c4 7a 01 52 32 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00
............ CKA
AAAAAAAAAAAAAAAA
AAAAAAAAAAAAA..!
.......e.WIN-BSN
9VVAESUI...WORKG
ROUP ...WIN
-BSN9VVAESUI ...
.z.R2...........
................
.............

NETBIOS 139/TCP
07/18/2024 21:54 UTC


Details

Banner (Hex)
  
00000000
83 00 00 01 82
.....

SMB 445/TCP
07/19/2024 11:42 UTC

File Sharing

Software

microsoft windows

Details

Server
SMBv1 Support
False
Capabilities
Dfs Support
True
Leasing Support
True
Multicredit Support
True
NTLM Support
True
Negotation Log
Security Mode
1
Dialect Revision
528
Server GUID
00000000000000000000000000000000898a6de18d1f0a4e8662ad9d907cba1d
Capabilities
7
System Time
1721389379
Server Start Time
1720633837
Auth Types
1.3.6.1.4.1.311.2.2.30
1.3.6.1.4.1.311.2.2.10
Session
Target Name
WIN-BSN9VVAESUI
Negotiate Flags
2726953477

RDP 3389/TCP
07/19/2024 07:49 UTC

Network Administration Remote Access

Details

Version
10.2
Support
Extended Client Data Supported
True
Dynvc Graphics Pipeline
True
Neg Resp Reserved
True
Restricted Admin Mode
True
Restricted Auth Mode
True

TLS

Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Certificate
Fingerprint
46d036104ab846d14cbe9648367bd1f0d57834df9775f7655e06c688e74eeee0
Subject
CN=WIN-BSN9VVAESUI
Issuer
CN=WIN-BSN9VVAESUI
Fingerprint
JARM
2ad2ad16d2ad2ad22c2ad2ad2ad2adfd9c9d14e4f4f67f94f0359f8b28f532
JA3S
364ff14b04ef93c3b4cfa429d729c0d9
JA4S
t120100_c030_bc98f8e001b5

WINRM 5985/TCP
07/19/2024 05:01 UTC


Details

HTTP 47001/TCP
07/19/2024 07:59 UTC


Software

Microsoft Windows
Microsoft HTTP API 2.0

Details

http://152.89.198.42:47001/
Status
404  Not Found
Body Hash
sha1:a66898b36c94c53766e66c1a7aaeb149447ec083
HTML Title
Not Found
Response Body
      ## Not Found

* * *

HTTP Error 404. The requested resource is not found.
    

Geographic Location

City
Moscow
Province
Moscow
Country
Russia (RU)
Coordinates
55.75222, 37.61556
Timezone
Europe/Moscow