185.78.165.219

Basic Information

OS
Windows
Network
CAT-CLOUD-AP CAT Telecom Public Company Limited (TH)
Routing
185.78.165.0/24 via AS6939 , AS4651 , AS9931 , AS9335
Protocols
80/HTTP, 445/SMB, 1433/MSSQL, 443/HTTPS, 22/SSH, 3389/RDP, 9182/BANNER
Tags
smb http rdp https remote_display database mssql ssh

80/HTTP


Details Go

GET /

Server
Microsoft IIS 10.0
Status Line
200 OK
Page Title
IIS Windows Server
GET /
[view page]

443/HTTPS


Details Go

GET /

Server
Microsoft IIS 10.0
Status Line
200 OK
Page Title
IIS Windows Server
GET /
[view page]

Chrome TLS Handshake

Version
TLSv1.2
Cipher Suite
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02F)
Browser Trusted
True

Heartbleed

Heartbleed
Heartbeat Disabled (OK)

Cryptographic Configuration

Export DHE
False
Export RSA
False
DHE Support
True

Certificate Chain

34febb4530450ab9eeef588a993e09f7113f3468c64caa265045ea8fd69e28be
CN=*.cliniclive.com
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G2
ee793643199474ed60efdc8ccde4d37445921683593aa751bbf8ee491a391e97
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G2
C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA

445/SMB


Details

SMB Server

Version
SMB 2.1
SMBv1
False

Capability Flags

Distributed File System
True
Leasing
True
Multi-credit Operations
True
Multi-channel Sessions
false
Persistent Handles
false
Directory Leasing
false
Encryption
false

Negotiation Log

Security Mode
1
Authentication Types
1.3.6.1.4.1.311.2.2.30
1.3.6.1.4.1.311.2.2.10

Session

Target Name
demo-cliniclive

22/SSH


Details

SSHv2 Handshake

Server
OpenSSH 8.5
Banner
SSH-2.0-OpenSSH_8.5

Host Key

Algorithm
ecdsa-sha2-nistp256
Fingerprint
faf1d98673a3f3c22f6c8e524c2e776c0ed3c1f9d406da785a65d71730ddf983

Negotiated Algorithm

Key Exchange
[email protected]
Symmetric Cipher
aes128-ctr [] | aes128-ctr []
MAC
hmac-sha2-256 [] | hmac-sha2-256 []

1433/MSSQL


Details

Banner Grab

Version
15.0.2000
Encrypt Mode
ENCRYPT_ON

TLS Handshake

Version
TLSv1.2
Cipher Suite
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xC02F)

Certificate Chain

3389/RDP


Details

Banner Grab

Server
Remote Desktop
Major/Minor Version
(Unknown) / (Unknown)
Security Protocol
RDSTLS (4)

Support

dynvc_graphics_pipeline
True
neg_resp_reserved
True
restricted_admin_mode
True
extended_client_data_supported
True

9182/BANNER View Only


Details

Banner Info

Port
9182
Protocol
TCP
Decoded Banner
HTTP/1.1 400 Bad Request
Content-Type: text/plain; charset=utf-8
Connection: close

400 Bad Request

Geographic Location

Country
Netherlands (NL)
Lat/Long
52.3824, 4.8995
Timezone
Europe/Amsterdam