GeneralInformation

Hostnames	ghostdata.the-ghost-division.com static.150.52.202.116.clients.your-server.de
Domains	the-ghost-division.com your-server.de
Country	Germany
City	Falkenstein
Organization	Hetzner Online GmbH
ISP	Hetzner Online GmbH
ASN	AS24940

WebTechnologies

CDN

Cloudflare

cdnjs

JavaScript libraries

Moment.js

Vulnerabilities

CVE-2020-0796

10.0A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target server or client.

OpenPorts

135 139 443 445 3389 5357 5985 27016

1628352782 | 2024-04-02T02:47:32.279145

135 / tcp

Microsoft RPC Endpoint Mapper

51a227ae-825b-41f2-b4a9-1ac9557a1018
  version: v1.0
  annotation: Ngc Pop Key Service
  ncacn_ip_tcp: 116.202.52.150:49664
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: LSA_IDPEXT_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\WIN-H5F9OM2S03P\pipe\lsass

8fb74744-b2ff-4c00-be0d-9ef9a191fe1b
  version: v1.0
  annotation: Ngc Pop Key Service
  ncacn_ip_tcp: 116.202.52.150:49664
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: LSA_IDPEXT_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\WIN-H5F9OM2S03P\pipe\lsass

b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86
  version: v2.0
  annotation: KeyIso
  ncacn_ip_tcp: 116.202.52.150:49664
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: LSA_IDPEXT_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\WIN-H5F9OM2S03P\pipe\lsass

12345778-1234-abcd-ef00-0123456789ac
  version: v1.0
  protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
  provider: samsrv.dll
  ncacn_ip_tcp: 116.202.52.150:49664
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: LSA_IDPEXT_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\WIN-H5F9OM2S03P\pipe\lsass

d95afe70-a6d5-4259-822e-2c84da1ddb0d
  version: v1.0
  protocol: [MS-RSP]: Remote Shutdown Protocol
  provider: wininit.exe
  ncacn_ip_tcp: 116.202.52.150:49665
  ncalrpc: WindowsShutdown
  ncacn_np: \\WIN-H5F9OM2S03P\PIPE\InitShutdown
  ncalrpc: WMsgKRpc070830

76f226c3-ec14-4325-8a99-6a46348418af
  version: v1.0
  provider: winlogon.exe
  ncalrpc: WindowsShutdown
  ncacn_np: \\WIN-H5F9OM2S03P\PIPE\InitShutdown
  ncalrpc: WMsgKRpc070830
  ncalrpc: WMsgKRpc07CE51
  ncalrpc: WMsgKRpc012A55E2

fc48cd89-98d6-4628-9839-86f7a3e4161a
  version: v1.0
  ncalrpc: dabrpc
  ncalrpc: csebpub
  ncalrpc: LRPC-65eb9f4fa85acb87a5
  ncalrpc: LRPC-d687f3dc2fa73b21f4
  ncalrpc: LRPC-427040e68a333b682b
  ncalrpc: LRPC-d9b80840d534ac4e72
  ncalrpc: LRPC-9d2f0b43eee3c59288
  ncalrpc: OLED74CE041C911F9B56DEA30923643
  ncalrpc: actkernel
  ncalrpc: umpo

d09bdeb5-6171-4a34-bfe2-06fa82652568
  version: v1.0
  ncalrpc: csebpub
  ncalrpc: LRPC-65eb9f4fa85acb87a5
  ncalrpc: LRPC-d687f3dc2fa73b21f4
  ncalrpc: LRPC-427040e68a333b682b
  ncalrpc: LRPC-d9b80840d534ac4e72
  ncalrpc: LRPC-9d2f0b43eee3c59288
  ncalrpc: OLED74CE041C911F9B56DEA30923643
  ncalrpc: actkernel
  ncalrpc: umpo
  ncalrpc: LRPC-d687f3dc2fa73b21f4
  ncalrpc: LRPC-427040e68a333b682b
  ncalrpc: LRPC-d9b80840d534ac4e72
  ncalrpc: LRPC-9d2f0b43eee3c59288
  ncalrpc: OLED74CE041C911F9B56DEA30923643
  ncalrpc: actkernel
  ncalrpc: umpo
  ncalrpc: LRPC-427040e68a333b682b
  ncalrpc: LRPC-d9b80840d534ac4e72
  ncalrpc: LRPC-9d2f0b43eee3c59288
  ncalrpc: OLED74CE041C911F9B56DEA30923643
  ncalrpc: actkernel
  ncalrpc: umpo
  ncalrpc: LRPC-a4847751273a116caf
  ncalrpc: LRPC-0e69efb3eb45fef593

697dcda9-3ba9-4eb2-9247-e11f1901b0d2
  version: v1.0
  ncalrpc: LRPC-65eb9f4fa85acb87a5
  ncalrpc: LRPC-d687f3dc2fa73b21f4
  ncalrpc: LRPC-427040e68a333b682b
  ncalrpc: LRPC-d9b80840d534ac4e72
  ncalrpc: LRPC-9d2f0b43eee3c59288
  ncalrpc: OLED74CE041C911F9B56DEA30923643
  ncalrpc: actkernel
  ncalrpc: umpo

9b008953-f195-4bf9-bde0-4471971e58ed
  version: v1.0
  ncalrpc: LRPC-d687f3dc2fa73b21f4
  ncalrpc: LRPC-427040e68a333b682b
  ncalrpc: LRPC-d9b80840d534ac4e72
  ncalrpc: LRPC-9d2f0b43eee3c59288
  ncalrpc: OLED74CE041C911F9B56DEA30923643
  ncalrpc: actkernel
  ncalrpc: umpo

0d47017b-b33b-46ad-9e18-fe96456c5078
  version: v1.0
  ncalrpc: umpo

95406f0b-b239-4318-91bb-cea3a46ff0dc
  version: v1.0
  ncalrpc: umpo

4ed8abcc-f1e2-438b-981f-bb0e8abc010c
  version: v1.0
  ncalrpc: umpo

0ff1f646-13bb-400a-ab50-9a78f2b7a85a
  version: v1.0
  ncalrpc: umpo

6982a06e-5fe2-46b1-b39c-a2c545bfa069
  version: v1.0
  ncalrpc: umpo

082a3471-31b6-422a-b931-a54401960c62
  version: v1.0
  ncalrpc: umpo

fae436b0-b864-4a87-9eda-298547cd82f2
  version: v1.0
  ncalrpc: umpo

e53d94ca-7464-4839-b044-09a2fb8b3ae5
  version: v1.0
  ncalrpc: umpo

178d84be-9291-4994-82c6-3f909aca5a03
  version: v1.0
  ncalrpc: umpo

4dace966-a243-4450-ae3f-9b7bcb5315b8
  version: v2.0
  ncalrpc: umpo

1832bcf6-cab8-41d4-85d2-c9410764f75a
  version: v1.0
  ncalrpc: umpo

c521facf-09a9-42c5-b155-72388595cbf0
  version: v0.0
  ncalrpc: umpo

2c7fd9ce-e706-4b40-b412-953107ef9bb0
  version: v0.0
  ncalrpc: umpo

88abcbc3-34ea-76ae-8215-767520655a23
  version: v0.0
  ncalrpc: LRPC-d9b80840d534ac4e72
  ncalrpc: LRPC-9d2f0b43eee3c59288
  ncalrpc: OLED74CE041C911F9B56DEA30923643
  ncalrpc: actkernel
  ncalrpc: umpo

76c217bc-c8b4-4201-a745-373ad9032b1a
  version: v1.0
  ncalrpc: LRPC-d9b80840d534ac4e72
  ncalrpc: LRPC-9d2f0b43eee3c59288
  ncalrpc: OLED74CE041C911F9B56DEA30923643
  ncalrpc: actkernel
  ncalrpc: umpo

55e6b932-1979-45d6-90c5-7f6270724112
  version: v1.0
  ncalrpc: LRPC-d9b80840d534ac4e72
  ncalrpc: LRPC-9d2f0b43eee3c59288
  ncalrpc: OLED74CE041C911F9B56DEA30923643
  ncalrpc: actkernel
  ncalrpc: umpo

857fb1be-084f-4fb5-b59c-4b2c4be5f0cf
  version: v1.0
  ncalrpc: LRPC-9d2f0b43eee3c59288
  ncalrpc: OLED74CE041C911F9B56DEA30923643
  ncalrpc: actkernel
  ncalrpc: umpo

20c40295-8dba-48e6-aebf-3e78ef3bb144
  version: v2.0
  ncalrpc: LRPC-9d2f0b43eee3c59288
  ncalrpc: OLED74CE041C911F9B56DEA30923643
  ncalrpc: actkernel
  ncalrpc: umpo

2513bcbe-6cd4-4348-855e-7efb3c336dd3
  version: v2.0
  ncalrpc: LRPC-9d2f0b43eee3c59288
  ncalrpc: OLED74CE041C911F9B56DEA30923643
  ncalrpc: actkernel
  ncalrpc: umpo

0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e
  version: v1.0
  ncalrpc: LRPC-9d2f0b43eee3c59288
  ncalrpc: OLED74CE041C911F9B56DEA30923643
  ncalrpc: actkernel
  ncalrpc: umpo

c605f9fb-f0a3-4e2a-a073-73560f8d9e3e
  version: v1.0
  ncalrpc: LRPC-9d2f0b43eee3c59288
  ncalrpc: OLED74CE041C911F9B56DEA30923643
  ncalrpc: actkernel
  ncalrpc: umpo

1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0
  version: v1.0
  ncalrpc: LRPC-9d2f0b43eee3c59288
  ncalrpc: OLED74CE041C911F9B56DEA30923643
  ncalrpc: actkernel
  ncalrpc: umpo

8bfc3be1-6def-4e2d-af74-7c47cd0ade4a
  version: v1.0
  ncalrpc: LRPC-9d2f0b43eee3c59288
  ncalrpc: OLED74CE041C911F9B56DEA30923643
  ncalrpc: actkernel
  ncalrpc: umpo

2d98a740-581d-41b9-aa0d-a88b9d5ce938
  version: v1.0
  ncalrpc: LRPC-9d2f0b43eee3c59288
  ncalrpc: OLED74CE041C911F9B56DEA30923643
  ncalrpc: actkernel
  ncalrpc: umpo

dd59071b-3215-4c59-8481-972edadc0f6a
  version: v1.0
  ncalrpc: OLED74CE041C911F9B56DEA30923643
  ncalrpc: actkernel
  ncalrpc: umpo

0361ae94-0316-4c6c-8ad8-c594375800e2
  version: v1.0
  ncalrpc: umpo

5824833b-3c1a-4ad2-bdfd-c31d19e23ed2
  version: v1.0
  ncalrpc: umpo

bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760
  version: v1.0
  ncalrpc: umpo

3b338d89-6cfa-44b8-847e-531531bc9992
  version: v1.0
  ncalrpc: umpo

8782d3b9-ebbd-4644-a3d8-e8725381919b
  version: v1.0
  ncalrpc: umpo

085b0334-e454-4d91-9b8c-4134f9e793f3
  version: v1.0
  ncalrpc: umpo

4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9
  version: v1.0
  ncalrpc: umpo

c9ac6db5-82b7-4e55-ae8a-e464ed7b4277
  version: v1.0
  annotation: Impl friendly name
  provider: sysntfy.dll
  ncalrpc: LRPC-4341ef40b9eddb48bd
  ncalrpc: LRPC-22e8c20ce80ebed188
  ncalrpc: IUserProfile2
  ncalrpc: LRPC-71f44fc0e095d32025
  ncalrpc: senssvc
  ncalrpc: LRPC-a6f94a43b735070b52

e40f7b57-7a25-4cd3-a135-7f7d3df9d16b
  version: v1.0
  ncalrpc: LRPC-701e16e78612c96d4a

880fd55e-43b9-11e0-b1a8-cf4edfd72085
  version: v1.0
  annotation: KAPI Service endpoint
  ncalrpc: LRPC-8b08023af615c428d4
  ncalrpc: OLE8326E1BD872998E949474AC96E0B
  ncalrpc: LRPC-a4847751273a116caf

5222821f-d5e2-4885-84f1-5f6185a0ec41
  version: v1.0
  ncalrpc: LRPC-b0d706fe0dda4c80eb

a500d4c6-0dd1-4543-bc0c-d5f93486eaf8
  version: v1.0
  ncalrpc: LRPC-252e3c5edb4b007682
  ncalrpc: LRPC-0e69efb3eb45fef593

f6beaff7-1e19-4fbb-9f8f-b89e2018337c
  version: v1.0
  annotation: Event log TCPIP
  protocol: [MS-EVEN6]: EventLog Remoting Protocol
  provider: wevtsvc.dll
  ncacn_ip_tcp: 116.202.52.150:49666
  ncacn_np: \\WIN-H5F9OM2S03P\pipe\eventlog
  ncalrpc: eventlog

7ea70bcf-48af-4f6a-8968-6a440754d5fa
  version: v1.0
  annotation: NSI server endpoint
  provider: nsisvc.dll
  ncalrpc: LRPC-15f5d8046196bf997b

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5
  version: v1.0
  annotation: DHCP Client LRPC Endpoint
  provider: dhcpcsvc.dll
  ncalrpc: dhcpcsvc
  ncalrpc: dhcpcsvc6

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6
  version: v1.0
  annotation: DHCPv6 Client LRPC Endpoint
  provider: dhcpcsvc6.dll
  ncalrpc: dhcpcsvc6

2eb08e3e-639f-4fba-97b1-14f878961076
  version: v1.0
  annotation: Group Policy RPC Interface
  provider: gpsvc.dll
  ncalrpc: LRPC-5a3ff2903e6763f092

3a9ef155-691d-4449-8d05-09ad57031823
  version: v1.0
  ncacn_ip_tcp: 116.202.52.150:49667
  ncalrpc: LRPC-499eba094968543f3b
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\WIN-H5F9OM2S03P\PIPE\atsvc
  ncalrpc: LRPC-9e3a45e8955b74ff2d

86d35949-83c9-4044-b424-db363231fd0c
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: schedsvc.dll
  ncacn_ip_tcp: 116.202.52.150:49667
  ncalrpc: LRPC-499eba094968543f3b
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\WIN-H5F9OM2S03P\PIPE\atsvc
  ncalrpc: LRPC-9e3a45e8955b74ff2d

33d84484-3626-47ee-8c6f-e7e98b113be1
  version: v2.0
  ncalrpc: LRPC-499eba094968543f3b
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\WIN-H5F9OM2S03P\PIPE\atsvc
  ncalrpc: LRPC-9e3a45e8955b74ff2d

378e52b0-c0a9-11cf-822d-00aa0051e40f
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\WIN-H5F9OM2S03P\PIPE\atsvc
  ncalrpc: LRPC-9e3a45e8955b74ff2d

1ff70682-0a51-30e8-076d-740be8cee98b
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\WIN-H5F9OM2S03P\PIPE\atsvc
  ncalrpc: LRPC-9e3a45e8955b74ff2d

0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53
  version: v1.0
  provider: schedsvc.dll
  ncalrpc: LRPC-9e3a45e8955b74ff2d

30b044a5-a225-43f0-b3a4-e060df91f9c1
  version: v1.0
  provider: certprop.dll
  ncalrpc: LRPC-13d8801fbb7b57bc23

3f787932-3452-4363-8651-6ea97bb373bb
  version: v1.0
  annotation: NSP Rpc Interface
  ncalrpc: LRPC-708d92c7278c517052
  ncalrpc: OLEB1710F7A3223AA5B015FE1F66A9D

30adc50c-5cbc-46ce-9a0e-91914789e23c
  version: v1.0
  annotation: NRP server endpoint
  provider: nrpsrv.dll
  ncalrpc: LRPC-cdaaea0ab9d6e723e8
  ncalrpc: DNSResolver

7f1343fe-50a9-4927-a778-0c5859517bac
  version: v1.0
  annotation: DfsDs service
  ncacn_np: \\WIN-H5F9OM2S03P\PIPE\wkssvc
  ncalrpc: LRPC-0e0e2c732bae44f553

eb081a0d-10ee-478a-a1dd-50995283e7a8
  version: v3.0
  annotation: Witness Client Test Interface
  ncalrpc: LRPC-0e0e2c732bae44f553

f2c9b409-c1c9-4100-8639-d8ab1486694a
  version: v1.0
  annotation: Witness Client Upcall Server
  ncalrpc: LRPC-0e0e2c732bae44f553

3473dd4d-2e88-4006-9cba-22570909dd10
  version: v5.256
  annotation: WinHttp Auto-Proxy Service
  ncalrpc: 6241f5d9-803d-4a78-b7a8-c02e617372f3
  ncalrpc: LRPC-8d8395c190245317cf

29770a8f-829b-4158-90a2-78cd488501f7
  version: v1.0
  ncacn_ip_tcp: 116.202.52.150:49668
  ncacn_np: \\WIN-H5F9OM2S03P\pipe\SessEnvPublicRpc
  ncalrpc: SessEnvPrivateRpc
  ncalrpc: LRPC-a6f94a43b735070b52

13560fa9-8c09-4b56-a1fd-04d083b9b2a1
  version: v1.0
  ncalrpc: LRPC-c457e7d016e1d4acac
  ncalrpc: OLE5CB42576173EF3DE99E6A95A4E71

c2d1b5dd-fa81-4460-9dd6-e7658b85454b
  version: v1.0
  ncalrpc: LRPC-c457e7d016e1d4acac
  ncalrpc: OLE5CB42576173EF3DE99E6A95A4E71

f44e62af-dab1-44c2-8013-049a9de417d6
  version: v1.0
  ncalrpc: LRPC-c457e7d016e1d4acac
  ncalrpc: OLE5CB42576173EF3DE99E6A95A4E71

b37f900a-eae4-4304-a2ab-12bb668c0188
  version: v1.0
  ncalrpc: LRPC-c457e7d016e1d4acac
  ncalrpc: OLE5CB42576173EF3DE99E6A95A4E71

abfb6ca3-0c5e-4734-9285-0aee72fe8d1c
  version: v1.0
  ncalrpc: LRPC-c457e7d016e1d4acac
  ncalrpc: OLE5CB42576173EF3DE99E6A95A4E71

0d3c7f20-1c8d-4654-a1b3-51563b298bda
  version: v1.0
  annotation: UserMgrCli
  ncalrpc: LRPC-c0eca99a9553a668dd
  ncalrpc: OLE832F98BC0171B5935F3D61255138

b18fbab6-56f8-4702-84e0-41053293a869
  version: v1.0
  annotation: UserMgrCli
  ncalrpc: LRPC-c0eca99a9553a668dd
  ncalrpc: OLE832F98BC0171B5935F3D61255138

2fb92682-6599-42dc-ae13-bd2ca89bd11c
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-443b0251c5ee6d0180
  ncalrpc: LRPC-69d29646407e43660f
  ncalrpc: LRPC-37622bae0b76253fef
  ncalrpc: LRPC-2044a33a2da75d8534

f47433c3-3e9d-4157-aad4-83aa1f5c2d4c
  version: v1.0
  annotation: Fw APIs
  ncalrpc: LRPC-69d29646407e43660f
  ncalrpc: LRPC-37622bae0b76253fef
  ncalrpc: LRPC-2044a33a2da75d8534

7f9d11bf-7fb9-436b-a812-b2d50c5d4c03
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-37622bae0b76253fef
  ncalrpc: LRPC-2044a33a2da75d8534

dd490425-5325-4565-b774-7e27d6c09c24
  version: v1.0
  annotation: Base Firewall Engine API
  provider: BFE.DLL
  ncalrpc: LRPC-2044a33a2da75d8534

76f03f96-cdfd-44fc-a22c-64950a001209
  version: v1.0
  protocol: [MS-PAR]: Print System Asynchronous Remote Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 116.202.52.150:49669
  ncalrpc: LRPC-41680358148f45fa93

4a452661-8290-4b36-8fbe-7f4093a94978
  version: v1.0
  provider: spoolsv.exe
  ncacn_ip_tcp: 116.202.52.150:49669
  ncalrpc: LRPC-41680358148f45fa93

ae33069b-a2a8-46ee-a235-ddfd339be281
  version: v1.0
  protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 116.202.52.150:49669
  ncalrpc: LRPC-41680358148f45fa93

0b6edbfa-4a24-4fc6-8a23-942b1eca65d1
  version: v1.0
  protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 116.202.52.150:49669
  ncalrpc: LRPC-41680358148f45fa93

12345678-1234-abcd-ef00-0123456789ab
  version: v1.0
  protocol: [MS-RPRN]: Print System Remote Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 116.202.52.150:49669
  ncalrpc: LRPC-41680358148f45fa93

b58aa02e-2884-4e97-8176-4ee06d794184
  version: v1.0
  provider: sysmain.dll
  ncalrpc: LRPC-4932e7535a8dee09b9

c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1
  version: v1.0
  annotation: Adh APIs
  ncalrpc: TeredoControl
  ncalrpc: TeredoDiagnostics
  ncalrpc: LRPC-4609109535f6c4634b

c36be077-e14b-4fe9-8abc-e856ef4f048b
  version: v1.0
  annotation: Proxy Manager client server endpoint
  ncalrpc: TeredoControl
  ncalrpc: TeredoDiagnostics
  ncalrpc: LRPC-4609109535f6c4634b

2e6035b2-e8f1-41a7-a044-656b439c4c34
  version: v1.0
  annotation: Proxy Manager provider server endpoint
  ncalrpc: TeredoControl
  ncalrpc: TeredoDiagnostics
  ncalrpc: LRPC-4609109535f6c4634b

552d076a-cb29-4e44-8b6a-d15e59e2c0af
  version: v1.0
  annotation: IP Transition Configuration endpoint
  provider: iphlpsvc.dll
  ncalrpc: LRPC-4609109535f6c4634b

367abb81-9844-35f1-ad32-98f038001003
  version: v2.0
  protocol: [MS-SCMR]: Service Control Manager Remote Protocol
  provider: services.exe
  ncacn_ip_tcp: 116.202.52.150:49670

1a0d010f-1c33-432c-b0f5-8cf4e8053099
  version: v1.0
  annotation: IdSegSrv service
  ncalrpc: LRPC-1b8069ea19b363d996

98716d03-89ac-44c7-bb8c-285824e51c4a
  version: v1.0
  annotation: XactSrv service
  provider: srvsvc.dll
  ncalrpc: LRPC-1b8069ea19b363d996

1d45e083-478f-437c-9618-3594ced8c235
  version: v1.0
  ncalrpc: LRPC-666c035698f2b10a86
  ncalrpc: OLEC597F8762F61D9E574906808F48E

98cd761e-e77d-41c8-a3c0-0fb756d90ec2
  version: v1.0
  ncalrpc: LRPC-666c035698f2b10a86
  ncalrpc: OLEC597F8762F61D9E574906808F48E

d22895ef-aff4-42c5-a5b2-b14466d34ab4
  version: v1.0
  ncalrpc: LRPC-666c035698f2b10a86
  ncalrpc: OLEC597F8762F61D9E574906808F48E

e38f5360-8572-473e-b696-1b46873beeab
  version: v1.0
  ncalrpc: LRPC-666c035698f2b10a86
  ncalrpc: OLEC597F8762F61D9E574906808F48E

95095ec8-32ea-4eb0-a3e2-041f97b36168
  version: v1.0
  ncalrpc: LRPC-666c035698f2b10a86
  ncalrpc: OLEC597F8762F61D9E574906808F48E

fd8be72b-a9cd-4b2c-a9ca-4ded242fbe4d
  version: v1.0
  ncalrpc: LRPC-666c035698f2b10a86
  ncalrpc: OLEC597F8762F61D9E574906808F48E

4c9dbf19-d39e-4bb9-90ee-8f7179b20283
  version: v1.0
  ncalrpc: LRPC-666c035698f2b10a86
  ncalrpc: OLEC597F8762F61D9E574906808F48E

d4051bde-9cdd-4910-b393-4aa85ec3c482
  version: v1.0
  ncalrpc: LRPC-666c035698f2b10a86
  ncalrpc: OLEC597F8762F61D9E574906808F48E

7df1ceae-de4e-4e6f-ab14-49636e7c2052
  version: v1.0
  ncalrpc: LRPC-ee341514d05b808d62

f3f09ffd-fbcf-4291-944d-70ad6e0e73bb
  version: v1.0
  ncalrpc: LRPC-0387a8580634013f1a
  ncalrpc: LRPC-594004675acae6de02

509bc7ae-77be-4ee8-b07c-0d096bb44345
  version: v1.0
  ncalrpc: LRPC-cbd122e04f924c836d
  ncalrpc: OLE8A1B0EC602D80BC647E920EC46E1

0767a036-0d22-48aa-ba69-b619480f38cb
  version: v1.0
  annotation: PcaSvc
  provider: pcasvc.dll
  ncalrpc: LRPC-d2225656b60f3e1557

906b0ce0-c70b-1067-b317-00dd010662da
  version: v1.0
  protocol: [MS-CMPO]: MSDTC Connection Manager:
  provider: msdtcprx.dll
  ncalrpc: LRPC-d362c40bc84a755da8
  ncalrpc: LRPC-d362c40bc84a755da8
  ncalrpc: LRPC-d362c40bc84a755da8

d249bd56-4cc0-4fd3-8ce6-6fe050d590cb
  version: v0.0
  ncalrpc: LRPC-97ac0c9747d105a810

d8140e00-5c46-4ae6-80ac-2f9a76df224c
  version: v0.0
  ncalrpc: LRPC-97ac0c9747d105a810

12e65dd8-887f-41ef-91bf-8d816c42c2e7
  version: v1.0
  annotation: Secure Desktop LRPC interface
  provider: winlogon.exe
  ncalrpc: WMsgKRpc012A55E2

b1ef227e-dfa5-421e-82bb-67a6a129c496
  version: v0.0
  ncalrpc: LRPC-e9010e61db67b0d359
  ncalrpc: OLEACB8FF024A497D0AD004AA3EA4D8

0fc77b1a-95d8-4a2e-a0c0-cff54237462b
  version: v0.0
  ncalrpc: LRPC-e9010e61db67b0d359
  ncalrpc: OLEACB8FF024A497D0AD004AA3EA4D8

8ec21e98-b5ce-4916-a3d6-449fa428a007
  version: v0.0
  ncalrpc: LRPC-e9010e61db67b0d359
  ncalrpc: OLEACB8FF024A497D0AD004AA3EA4D8

a4b8d482-80ce-40d6-934d-b22a01a44fe7
  version: v1.0
  annotation: LicenseManager
  ncalrpc: LicenseServiceEndpoint

bf4dc912-e52f-4904-8ebe-9317c1bdd497
  version: v1.0
  ncalrpc: LRPC-73be4fd47681001427
  ncalrpc: OLEAED8E87863B2B6830A067AD94434

c503f532-443a-4c69-8300-ccd1fbdb3839
  version: v2.0
  ncalrpc: LRPC-953ecc86bb7f1e06f9
  ncalrpc: OLE045811046FAF888A7E1F7CA87F5F

-757264002 | 2024-04-11T18:06:48.417816

139 / tcp

\x83\x00\x00\x01\x8f

829679636 | 2024-04-18T09:58:15.612857

443 / tcp

HTTP/1.1 200 OK
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 18 Apr 2024 09:58:15 GMT

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:0e:15:d1:02:a3:6f:69:b2:d8:05:bd:34:02:3c:66:a1:ac
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Feb  8 11:47:26 2024 GMT
            Not After : May  8 11:47:25 2024 GMT
        Subject: CN=ghostdata.the-ghost-division.com
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:75:83:ca:69:8f:48:e2:9c:d3:3e:89:e2:cc:d1:
                    c8:ce:f6:f1:e9:8a:2f:73:53:c5:51:84:d9:58:5b:
                    e9:44:eb:d5:67:05:93:45:e5:d8:5a:e9:42:46:c0:
                    97:fd:5e:d0:ec:7b:d5:a4:47:5a:f9:df:b2:2d:a1:
                    c6:24:e5:25:a9
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                54:CB:0A:46:FF:DA:11:46:AF:C5:FF:5F:C4:F7:A4:EE:1B:C5:F6:54
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:ghostdata.the-ghost-division.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
                                67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
                    Timestamp : Feb  8 12:47:26.562 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:1E:37:93:47:36:FF:08:99:F6:9C:17:1E:
                                C5:0D:D1:FC:9C:D4:9E:94:0C:19:97:FE:AC:18:A6:92:
                                87:66:2C:E8:02:20:7D:9E:7A:A6:CA:A1:B4:01:1B:9F:
                                7F:CB:8E:02:FA:3B:A4:0B:C6:BC:6F:75:9B:F7:64:15:
                                78:72:2D:C1:0F:B4
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E2:BF:D6:1E:DE:2F:2F:07:A0:D6:4E:6D:37:A7:DC:
                                65:43:B0:C6:B5:2E:A2:DA:B7:8A:F8:9A:6D:F5:17:D8
                    Timestamp : Feb  8 12:47:26.614 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:6A:A0:81:E3:83:BA:38:78:AF:43:75:80:
                                ED:F6:81:AE:6E:71:36:75:2B:96:65:34:45:1D:EB:7A:
                                7D:DE:D7:11:02:21:00:93:C3:0C:A5:0D:93:F3:8F:08:
                                EA:42:D5:50:7B:98:FD:C6:25:C4:1E:99:62:96:62:C3:
                                D9:C4:89:1E:70:19:67
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        a5:d3:39:57:b2:f9:be:88:fc:5c:d3:f5:4b:92:28:3c:d4:3c:
        6e:fd:4d:cd:a9:d9:ac:3b:73:e7:52:24:e1:c6:b6:61:94:c8:
        df:76:11:e6:dc:02:49:f7:e6:ec:fc:a9:f5:e0:6a:5f:4d:1b:
        04:87:1c:fa:70:39:e6:51:c5:69:22:25:29:dd:0c:59:c9:7d:
        20:f2:44:b9:b8:6a:3c:dc:58:30:dd:dc:33:3f:53:f5:b8:56:
        8d:cc:fd:7b:e6:2f:22:1b:29:f4:1f:1e:7e:2d:2a:90:dc:a1:
        09:e3:ee:c6:c2:12:c3:8e:2e:64:be:38:48:56:12:7d:72:a2:
        56:80:45:18:45:85:9a:cb:4b:13:db:c1:30:43:bd:09:b1:51:
        e7:5d:6d:e3:17:83:66:19:3c:06:ce:9c:ce:ba:f3:d2:ae:bb:
        56:69:ef:10:c7:b1:e3:3e:14:c5:43:12:a5:7e:ca:cc:e1:af:
        b3:c3:72:41:28:74:4e:16:bf:27:68:03:58:ed:c6:de:a9:cf:
        e1:a0:9c:71:af:0e:6a:04:9e:a6:dc:19:d8:9f:e3:72:e4:2e:
        5e:fe:59:e3:2e:5a:27:4b:da:0d:70:9c:36:51:d6:4f:b9:87:
        d4:b6:46:bf:03:58:ae:a2:15:d9:a6:c3:63:22:92:89:6f:50:
        ed:91:6a:0a

-1166656618 | 2024-04-18T20:21:45.280345

445 / tcp

SMB Status:
  Authentication: enabled
  SMB Version: 2
  Capabilities: raw-mode

1057203183 | 2024-04-11T08:03:12.490010

3389 / tcp

Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x1f\x08\x00\x02\x00\x00\x00
Remote Desktop Protocol NTLM Info:
  OS: Windows Server 2022
  OS Build: 10.0.20348
  Target Name: WIN-H5F9OM2S03P
  NetBIOS Domain Name: WIN-H5F9OM2S03P
  NetBIOS Computer Name: WIN-H5F9OM2S03P
  DNS Domain Name: WIN-H5F9OM2S03P
  FQDN: WIN-H5F9OM2S03P

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3e:87:f1:49:b9:74:3b:8e:4b:77:a6:ea:44:36:6f:96
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=WIN-H5F9OM2S03P
        Validity
            Not Before: Mar 31 01:00:04 2024 GMT
            Not After : Sep 30 01:00:04 2024 GMT
        Subject: CN=WIN-H5F9OM2S03P
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:cb:e8:bf:4b:5f:dc:f1:e9:f1:80:8d:bd:38:ee:
                    84:82:25:3e:a4:eb:a5:9f:e0:b0:50:a8:69:67:37:
                    c2:1f:67:be:94:8f:fb:75:c9:33:4b:89:16:73:ce:
                    31:92:96:37:14:3b:c3:bc:59:a5:bd:68:17:aa:1d:
                    3c:d7:c0:2b:7f:de:40:e7:39:61:7b:1f:bf:ed:2c:
                    04:8c:72:d9:2a:90:5e:0a:dd:f8:48:b0:c3:44:07:
                    b5:1c:70:27:8a:81:33:57:04:0f:7c:22:8e:5f:db:
                    49:bb:5a:75:a9:20:0e:ea:34:b3:f1:80:1f:66:43:
                    d6:02:cc:14:ae:41:49:ac:8a:8b:b0:54:8d:4a:6c:
                    73:5c:44:e4:4b:1c:48:4f:ad:ca:61:de:7b:7d:fb:
                    c5:31:bb:ec:38:92:09:23:c0:87:6d:73:55:19:44:
                    03:3a:18:c0:ba:aa:39:2b:aa:6b:93:7b:0f:eb:85:
                    83:ea:24:ee:7a:c5:f2:d0:6d:2f:c2:57:82:d3:be:
                    a9:6d:da:49:36:ef:7c:d5:c8:52:44:b8:1b:d1:d5:
                    13:8b:08:ec:d6:17:3d:e4:c5:e1:6c:00:e4:d9:4e:
                    15:ff:bb:59:ba:b6:ef:2b:97:d7:96:83:d8:e1:e5:
                    e4:2f:ba:02:92:58:e8:dc:c9:cd:75:5e:0d:7e:31:
                    67:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Key Usage: 
                Key Encipherment, Data Encipherment
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        7b:4d:ec:f6:45:e3:c2:c4:9c:71:c4:c5:af:db:a0:1e:32:00:
        f4:8a:3f:ea:59:af:38:ac:1b:6f:20:19:52:b9:e8:fe:92:f1:
        f3:31:12:40:84:c6:2c:05:9f:ab:87:83:45:66:4e:60:2d:17:
        94:84:f0:17:0c:fd:94:80:a4:84:e3:07:36:78:af:42:a3:36:
        ca:df:70:e7:3a:9c:f2:86:b5:d3:7e:19:7d:0c:f5:65:9a:9d:
        ad:68:aa:97:b8:21:1c:27:d2:f7:d3:60:d4:a2:1c:c0:ec:dc:
        83:c4:5d:c8:ba:42:c1:78:df:92:f2:29:e6:26:3b:8e:f8:f2:
        74:e4:18:97:f2:e6:65:4b:45:af:22:54:02:95:0a:96:8b:fd:
        d6:36:9b:a0:99:79:fc:eb:ea:ef:b2:67:ed:22:45:59:72:a6:
        25:f9:d4:d1:98:1e:63:c6:96:d0:3b:c6:c1:33:b0:f2:60:a3:
        cf:ed:c6:a0:ee:c1:29:1e:5b:b5:c6:df:a3:58:25:e6:a7:b1:
        8f:48:0c:a5:19:ca:2b:70:ef:57:03:75:e2:99:57:a9:96:e4:
        d2:d2:bb:45:f5:ca:42:7d:36:30:3e:1b:48:30:18:0c:c8:0a:
        5c:57:85:02:91:43:43:d8:55:ed:57:db:d9:1b:8f:08:09:48:
        52:ae:f3:c6

-1684583448 | 2024-04-11T21:31:19.305417

5357 / tcp

HTTP/1.1 503 Service Unavailable
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 11 Apr 2024 21:31:19 GMT
Connection: close
Content-Length: 326

1489525118 | 2024-04-02T08:41:19.244415

5985 / tcp

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Tue, 02 Apr 2024 08:41:19 GMT
Connection: close
Content-Length: 315


WinRM NTLM Info:
  OS: Windows Server 2022
  OS Build: 10.0.20348
  Target Name: WIN-H5F9OM2S03P
  NetBIOS Domain Name: WIN-H5F9OM2S03P
  NetBIOS Computer Name: WIN-H5F9OM2S03P
  DNS Domain Name: WIN-H5F9OM2S03P
  FQDN: WIN-H5F9OM2S03P

1946316259 | 2024-03-28T23:57:51.097376

27016 / udp

ARK: Survival Evolved Server
Name: Ghost Division - Aberration - H/XPx2 Tx3 Bx10 - (v358.24)
Players: 0/70
Operating System: Windows
Map: Aberration
Version: 1.0.0.0

116.202.52.150

Last Seen: 2024-04-18

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1628352782 | 2024-04-02T02:47:32.279145
135 / tcp

Microsoft RPC Endpoint Mapper

-757264002 | 2024-04-11T18:06:48.417816
139 / tcp

829679636 | 2024-04-18T09:58:15.612857
443 / tcp

-1166656618 | 2024-04-18T20:21:45.280345
445 / tcp

1057203183 | 2024-04-11T08:03:12.490010
3389 / tcp

Remote Desktop Protocol

-1684583448 | 2024-04-11T21:31:19.305417
5357 / tcp

1489525118 | 2024-04-02T08:41:19.244415
5985 / tcp

WinRM

1946316259 | 2024-03-28T23:57:51.097376
27016 / udp

ARK: Survival Evolved1.0.0.0

Products

Pricing

Contact Us

116.202.52.150

Last Seen: 2024-04-18

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1628352782 | 2024-04-02T02:47:32.279145 135 / tcp

Microsoft RPC Endpoint Mapper

-757264002 | 2024-04-11T18:06:48.417816 139 / tcp

829679636 | 2024-04-18T09:58:15.612857 443 / tcp

-1166656618 | 2024-04-18T20:21:45.280345 445 / tcp

1057203183 | 2024-04-11T08:03:12.490010 3389 / tcp

Remote Desktop Protocol

-1684583448 | 2024-04-11T21:31:19.305417 5357 / tcp

1489525118 | 2024-04-02T08:41:19.244415 5985 / tcp

WinRM

1946316259 | 2024-03-28T23:57:51.097376 27016 / udp

ARK: Survival Evolved1.0.0.0

Products

Pricing

Contact Us

1628352782 | 2024-04-02T02:47:32.279145
135 / tcp

-757264002 | 2024-04-11T18:06:48.417816
139 / tcp

829679636 | 2024-04-18T09:58:15.612857
443 / tcp

-1166656618 | 2024-04-18T20:21:45.280345
445 / tcp

1057203183 | 2024-04-11T08:03:12.490010
3389 / tcp

-1684583448 | 2024-04-11T21:31:19.305417
5357 / tcp

1489525118 | 2024-04-02T08:41:19.244415
5985 / tcp

1946316259 | 2024-03-28T23:57:51.097376
27016 / udp