Service Login - Skills Assessment

Hi guys,

I’m stuck whit the enumeration of the services , if I perform a -p- scan with nmap I will find a lot of services. After that I try to bruteforce the web pages with a login page, but usually, when I find a valid user/password, I will get a HTB{flag} not information about users/employees.

I leave the link to the exercize:

What am I doing wrong?
I’m following the right path?