GeneralInformation

Hostnames	static.106.44.251.148.clients.your-server.de
Domains	your-server.de
Country	Germany
City	Falkenstein
Organization	Hetzner Online GmbH
ISP	Hetzner Online GmbH
ASN	AS24940
Operating System	Windows Server 2022 (build 10.0.20348)

Vulnerabilities

CVE-2020-0796

10.0A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target server or client.

OpenPorts

80 135 445 3306 3389 5357 5985

1489525118 | 2024-05-04T14:42:56.144985

80 / tcp

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Sat, 04 May 2024 14:42:56 GMT
Connection: close
Content-Length: 315

-18591631 | 2024-05-06T03:20:01.582238

135 / tcp

Microsoft RPC Endpoint Mapper

51a227ae-825b-41f2-b4a9-1ac9557a1018
  version: v1.0
  annotation: Ngc Pop Key Service
  ncacn_ip_tcp: 148.251.44.106:49664
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: LSA_IDPEXT_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\US\pipe\lsass

8fb74744-b2ff-4c00-be0d-9ef9a191fe1b
  version: v1.0
  annotation: Ngc Pop Key Service
  ncacn_ip_tcp: 148.251.44.106:49664
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: LSA_IDPEXT_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\US\pipe\lsass

b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86
  version: v2.0
  annotation: KeyIso
  ncacn_ip_tcp: 148.251.44.106:49664
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: LSA_IDPEXT_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\US\pipe\lsass

12345778-1234-abcd-ef00-0123456789ac
  version: v1.0
  protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
  provider: samsrv.dll
  ncacn_ip_tcp: 148.251.44.106:49664
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: LSA_IDPEXT_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\US\pipe\lsass

d95afe70-a6d5-4259-822e-2c84da1ddb0d
  version: v1.0
  protocol: [MS-RSP]: Remote Shutdown Protocol
  provider: wininit.exe
  ncacn_ip_tcp: 148.251.44.106:49665
  ncalrpc: WindowsShutdown
  ncacn_np: \\US\PIPE\InitShutdown
  ncalrpc: WMsgKRpc0BDD00

76f226c3-ec14-4325-8a99-6a46348418af
  version: v1.0
  provider: winlogon.exe
  ncalrpc: WindowsShutdown
  ncacn_np: \\US\PIPE\InitShutdown
  ncalrpc: WMsgKRpc0BDD00
  ncalrpc: WMsgKRpc0C0E81
  ncalrpc: WMsgKRpc06C29EC412

fc48cd89-98d6-4628-9839-86f7a3e4161a
  version: v1.0
  ncalrpc: dabrpc
  ncalrpc: csebpub
  ncalrpc: LRPC-310ab4791051fa5e02
  ncalrpc: LRPC-cdbe1d1d5af3e912d1
  ncalrpc: LRPC-1952e8e74047bcc4ee
  ncalrpc: LRPC-ec291b8d62d8cc20f6
  ncalrpc: OLE4A67A717967D272DC7CDAC1EF13A
  ncalrpc: LRPC-a3c8f6844631883af2
  ncalrpc: actkernel
  ncalrpc: umpo

d09bdeb5-6171-4a34-bfe2-06fa82652568
  version: v1.0
  ncalrpc: csebpub
  ncalrpc: LRPC-310ab4791051fa5e02
  ncalrpc: LRPC-cdbe1d1d5af3e912d1
  ncalrpc: LRPC-1952e8e74047bcc4ee
  ncalrpc: LRPC-ec291b8d62d8cc20f6
  ncalrpc: OLE4A67A717967D272DC7CDAC1EF13A
  ncalrpc: LRPC-a3c8f6844631883af2
  ncalrpc: actkernel
  ncalrpc: umpo
  ncalrpc: LRPC-cdbe1d1d5af3e912d1
  ncalrpc: LRPC-1952e8e74047bcc4ee
  ncalrpc: LRPC-ec291b8d62d8cc20f6
  ncalrpc: OLE4A67A717967D272DC7CDAC1EF13A
  ncalrpc: LRPC-a3c8f6844631883af2
  ncalrpc: actkernel
  ncalrpc: umpo
  ncalrpc: LRPC-1952e8e74047bcc4ee
  ncalrpc: LRPC-ec291b8d62d8cc20f6
  ncalrpc: OLE4A67A717967D272DC7CDAC1EF13A
  ncalrpc: LRPC-a3c8f6844631883af2
  ncalrpc: actkernel
  ncalrpc: umpo
  ncalrpc: LRPC-278a25b0671ac16931
  ncalrpc: LRPC-783554c5ff74bff689

697dcda9-3ba9-4eb2-9247-e11f1901b0d2
  version: v1.0
  ncalrpc: LRPC-310ab4791051fa5e02
  ncalrpc: LRPC-cdbe1d1d5af3e912d1
  ncalrpc: LRPC-1952e8e74047bcc4ee
  ncalrpc: LRPC-ec291b8d62d8cc20f6
  ncalrpc: OLE4A67A717967D272DC7CDAC1EF13A
  ncalrpc: LRPC-a3c8f6844631883af2
  ncalrpc: actkernel
  ncalrpc: umpo

9b008953-f195-4bf9-bde0-4471971e58ed
  version: v1.0
  ncalrpc: LRPC-cdbe1d1d5af3e912d1
  ncalrpc: LRPC-1952e8e74047bcc4ee
  ncalrpc: LRPC-ec291b8d62d8cc20f6
  ncalrpc: OLE4A67A717967D272DC7CDAC1EF13A
  ncalrpc: LRPC-a3c8f6844631883af2
  ncalrpc: actkernel
  ncalrpc: umpo

0d47017b-b33b-46ad-9e18-fe96456c5078
  version: v1.0
  ncalrpc: umpo

95406f0b-b239-4318-91bb-cea3a46ff0dc
  version: v1.0
  ncalrpc: umpo

4ed8abcc-f1e2-438b-981f-bb0e8abc010c
  version: v1.0
  ncalrpc: umpo

0ff1f646-13bb-400a-ab50-9a78f2b7a85a
  version: v1.0
  ncalrpc: umpo

6982a06e-5fe2-46b1-b39c-a2c545bfa069
  version: v1.0
  ncalrpc: umpo

082a3471-31b6-422a-b931-a54401960c62
  version: v1.0
  ncalrpc: umpo

fae436b0-b864-4a87-9eda-298547cd82f2
  version: v1.0
  ncalrpc: umpo

e53d94ca-7464-4839-b044-09a2fb8b3ae5
  version: v1.0
  ncalrpc: umpo

178d84be-9291-4994-82c6-3f909aca5a03
  version: v1.0
  ncalrpc: umpo

4dace966-a243-4450-ae3f-9b7bcb5315b8
  version: v2.0
  ncalrpc: umpo

1832bcf6-cab8-41d4-85d2-c9410764f75a
  version: v1.0
  ncalrpc: umpo

c521facf-09a9-42c5-b155-72388595cbf0
  version: v0.0
  ncalrpc: umpo

2c7fd9ce-e706-4b40-b412-953107ef9bb0
  version: v0.0
  ncalrpc: umpo

88abcbc3-34ea-76ae-8215-767520655a23
  version: v0.0
  ncalrpc: LRPC-ec291b8d62d8cc20f6
  ncalrpc: OLE4A67A717967D272DC7CDAC1EF13A
  ncalrpc: LRPC-a3c8f6844631883af2
  ncalrpc: actkernel
  ncalrpc: umpo

76c217bc-c8b4-4201-a745-373ad9032b1a
  version: v1.0
  ncalrpc: LRPC-ec291b8d62d8cc20f6
  ncalrpc: OLE4A67A717967D272DC7CDAC1EF13A
  ncalrpc: LRPC-a3c8f6844631883af2
  ncalrpc: actkernel
  ncalrpc: umpo

55e6b932-1979-45d6-90c5-7f6270724112
  version: v1.0
  ncalrpc: LRPC-ec291b8d62d8cc20f6
  ncalrpc: OLE4A67A717967D272DC7CDAC1EF13A
  ncalrpc: LRPC-a3c8f6844631883af2
  ncalrpc: actkernel
  ncalrpc: umpo

857fb1be-084f-4fb5-b59c-4b2c4be5f0cf
  version: v1.0
  ncalrpc: OLE4A67A717967D272DC7CDAC1EF13A
  ncalrpc: LRPC-a3c8f6844631883af2
  ncalrpc: actkernel
  ncalrpc: umpo

20c40295-8dba-48e6-aebf-3e78ef3bb144
  version: v2.0
  ncalrpc: OLE4A67A717967D272DC7CDAC1EF13A
  ncalrpc: LRPC-a3c8f6844631883af2
  ncalrpc: actkernel
  ncalrpc: umpo

2513bcbe-6cd4-4348-855e-7efb3c336dd3
  version: v2.0
  ncalrpc: OLE4A67A717967D272DC7CDAC1EF13A
  ncalrpc: LRPC-a3c8f6844631883af2
  ncalrpc: actkernel
  ncalrpc: umpo

0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e
  version: v1.0
  ncalrpc: LRPC-a3c8f6844631883af2
  ncalrpc: actkernel
  ncalrpc: umpo

c605f9fb-f0a3-4e2a-a073-73560f8d9e3e
  version: v1.0
  ncalrpc: LRPC-a3c8f6844631883af2
  ncalrpc: actkernel
  ncalrpc: umpo

1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0
  version: v1.0
  ncalrpc: LRPC-a3c8f6844631883af2
  ncalrpc: actkernel
  ncalrpc: umpo

8bfc3be1-6def-4e2d-af74-7c47cd0ade4a
  version: v1.0
  ncalrpc: LRPC-a3c8f6844631883af2
  ncalrpc: actkernel
  ncalrpc: umpo

2d98a740-581d-41b9-aa0d-a88b9d5ce938
  version: v1.0
  ncalrpc: LRPC-a3c8f6844631883af2
  ncalrpc: actkernel
  ncalrpc: umpo

dd59071b-3215-4c59-8481-972edadc0f6a
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

0361ae94-0316-4c6c-8ad8-c594375800e2
  version: v1.0
  ncalrpc: umpo

5824833b-3c1a-4ad2-bdfd-c31d19e23ed2
  version: v1.0
  ncalrpc: umpo

bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760
  version: v1.0
  ncalrpc: umpo

3b338d89-6cfa-44b8-847e-531531bc9992
  version: v1.0
  ncalrpc: umpo

8782d3b9-ebbd-4644-a3d8-e8725381919b
  version: v1.0
  ncalrpc: umpo

085b0334-e454-4d91-9b8c-4134f9e793f3
  version: v1.0
  ncalrpc: umpo

4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9
  version: v1.0
  ncalrpc: umpo

c9ac6db5-82b7-4e55-ae8a-e464ed7b4277
  version: v1.0
  annotation: Impl friendly name
  provider: sysntfy.dll
  ncalrpc: LRPC-5e0c913d7539a5f542
  ncalrpc: LRPC-a969b9488c287064f4
  ncalrpc: LRPC-35030483446a26a1e3
  ncalrpc: IUserProfile2
  ncalrpc: LRPC-3a8c88c1eb0be7c855
  ncalrpc: senssvc

f3f09ffd-fbcf-4291-944d-70ad6e0e73bb
  version: v1.0
  ncalrpc: LRPC-54860ed6634b2ddd7d
  ncalrpc: LRPC-c1dca736051c56c02f

e40f7b57-7a25-4cd3-a135-7f7d3df9d16b
  version: v1.0
  ncalrpc: LRPC-7bdc82958c98e04cf7

880fd55e-43b9-11e0-b1a8-cf4edfd72085
  version: v1.0
  annotation: KAPI Service endpoint
  ncalrpc: LRPC-0348c6151ffe4872f0
  ncalrpc: OLE6D2B80216E0A7B0A6E3E120A65D2
  ncalrpc: LRPC-278a25b0671ac16931

5222821f-d5e2-4885-84f1-5f6185a0ec41
  version: v1.0
  ncalrpc: LRPC-c622a950952942f211

a500d4c6-0dd1-4543-bc0c-d5f93486eaf8
  version: v1.0
  ncalrpc: LRPC-de956a4f7558386897
  ncalrpc: LRPC-783554c5ff74bff689

f6beaff7-1e19-4fbb-9f8f-b89e2018337c
  version: v1.0
  annotation: Event log TCPIP
  protocol: [MS-EVEN6]: EventLog Remoting Protocol
  provider: wevtsvc.dll
  ncacn_ip_tcp: 148.251.44.106:49666
  ncacn_np: \\US\pipe\eventlog
  ncalrpc: eventlog

7ea70bcf-48af-4f6a-8968-6a440754d5fa
  version: v1.0
  annotation: NSI server endpoint
  provider: nsisvc.dll
  ncalrpc: LRPC-771aac13751a2fab6e

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6
  version: v1.0
  annotation: DHCPv6 Client LRPC Endpoint
  provider: dhcpcsvc6.dll
  ncalrpc: dhcpcsvc6
  ncalrpc: dhcpcsvc

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5
  version: v1.0
  annotation: DHCP Client LRPC Endpoint
  provider: dhcpcsvc.dll
  ncalrpc: dhcpcsvc

2eb08e3e-639f-4fba-97b1-14f878961076
  version: v1.0
  annotation: Group Policy RPC Interface
  provider: gpsvc.dll
  ncalrpc: LRPC-65075cbdd986a04d92

3a9ef155-691d-4449-8d05-09ad57031823
  version: v1.0
  ncacn_ip_tcp: 148.251.44.106:49667
  ncalrpc: LRPC-22b5652c689800f878
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\US\PIPE\atsvc
  ncalrpc: LRPC-f8ff28afd68632c36d

86d35949-83c9-4044-b424-db363231fd0c
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: schedsvc.dll
  ncacn_ip_tcp: 148.251.44.106:49667
  ncalrpc: LRPC-22b5652c689800f878
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\US\PIPE\atsvc
  ncalrpc: LRPC-f8ff28afd68632c36d

33d84484-3626-47ee-8c6f-e7e98b113be1
  version: v2.0
  ncalrpc: LRPC-22b5652c689800f878
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\US\PIPE\atsvc
  ncalrpc: LRPC-f8ff28afd68632c36d

378e52b0-c0a9-11cf-822d-00aa0051e40f
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\US\PIPE\atsvc
  ncalrpc: LRPC-f8ff28afd68632c36d

1ff70682-0a51-30e8-076d-740be8cee98b
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\US\PIPE\atsvc
  ncalrpc: LRPC-f8ff28afd68632c36d

0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53
  version: v1.0
  provider: schedsvc.dll
  ncalrpc: LRPC-f8ff28afd68632c36d

30b044a5-a225-43f0-b3a4-e060df91f9c1
  version: v1.0
  provider: certprop.dll
  ncalrpc: LRPC-56e4e6e93c0c1e6166

3f787932-3452-4363-8651-6ea97bb373bb
  version: v1.0
  annotation: NSP Rpc Interface
  ncalrpc: LRPC-fd3219fa26b290441a
  ncalrpc: OLE6CB488096ADF0190D2086C04ED4A

7f1343fe-50a9-4927-a778-0c5859517bac
  version: v1.0
  annotation: DfsDs service
  ncacn_np: \\US\PIPE\wkssvc
  ncalrpc: LRPC-ca1cf0dc94915ae0c2

eb081a0d-10ee-478a-a1dd-50995283e7a8
  version: v3.0
  annotation: Witness Client Test Interface
  ncalrpc: LRPC-ca1cf0dc94915ae0c2

f2c9b409-c1c9-4100-8639-d8ab1486694a
  version: v1.0
  annotation: Witness Client Upcall Server
  ncalrpc: LRPC-ca1cf0dc94915ae0c2

29770a8f-829b-4158-90a2-78cd488501f7
  version: v1.0
  ncacn_ip_tcp: 148.251.44.106:49668
  ncacn_np: \\US\pipe\SessEnvPublicRpc
  ncalrpc: SessEnvPrivateRpc
  ncalrpc: LRPC-35030483446a26a1e3

3473dd4d-2e88-4006-9cba-22570909dd10
  version: v5.256
  annotation: WinHttp Auto-Proxy Service
  ncalrpc: 2abef979-049b-4bc4-9b14-1d6c9dc57779
  ncalrpc: LRPC-e7625a4511e91381a1

509bc7ae-77be-4ee8-b07c-0d096bb44345
  version: v1.0
  ncalrpc: LRPC-7f3a90d50fc6bbc9d4
  ncalrpc: OLEF3503493AE408FD6446E85063392

30adc50c-5cbc-46ce-9a0e-91914789e23c
  version: v1.0
  annotation: NRP server endpoint
  provider: nrpsrv.dll
  ncalrpc: LRPC-7ef09048f5962b5cde
  ncalrpc: DNSResolver

0d3c7f20-1c8d-4654-a1b3-51563b298bda
  version: v1.0
  annotation: UserMgrCli
  ncalrpc: LRPC-8e1f5b0221ca682b37
  ncalrpc: OLEAB6EA8A7E659E92953CD5C9EA9FF

b18fbab6-56f8-4702-84e0-41053293a869
  version: v1.0
  annotation: UserMgrCli
  ncalrpc: LRPC-8e1f5b0221ca682b37
  ncalrpc: OLEAB6EA8A7E659E92953CD5C9EA9FF

13560fa9-8c09-4b56-a1fd-04d083b9b2a1
  version: v1.0
  ncalrpc: LRPC-aad7a9dd923eb88024
  ncalrpc: OLED42184E5B4AA4148897A41860977

c2d1b5dd-fa81-4460-9dd6-e7658b85454b
  version: v1.0
  ncalrpc: LRPC-aad7a9dd923eb88024
  ncalrpc: OLED42184E5B4AA4148897A41860977

f44e62af-dab1-44c2-8013-049a9de417d6
  version: v1.0
  ncalrpc: LRPC-aad7a9dd923eb88024
  ncalrpc: OLED42184E5B4AA4148897A41860977

b37f900a-eae4-4304-a2ab-12bb668c0188
  version: v1.0
  ncalrpc: LRPC-aad7a9dd923eb88024
  ncalrpc: OLED42184E5B4AA4148897A41860977

abfb6ca3-0c5e-4734-9285-0aee72fe8d1c
  version: v1.0
  ncalrpc: LRPC-aad7a9dd923eb88024
  ncalrpc: OLED42184E5B4AA4148897A41860977

2fb92682-6599-42dc-ae13-bd2ca89bd11c
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-bc45bc3051e949f6d1
  ncalrpc: LRPC-8d68ac5c38e4156909
  ncalrpc: LRPC-9a74449ea092210a1b
  ncalrpc: LRPC-f7003548485cb8bc96

f47433c3-3e9d-4157-aad4-83aa1f5c2d4c
  version: v1.0
  annotation: Fw APIs
  ncalrpc: LRPC-8d68ac5c38e4156909
  ncalrpc: LRPC-9a74449ea092210a1b
  ncalrpc: LRPC-f7003548485cb8bc96

7f9d11bf-7fb9-436b-a812-b2d50c5d4c03
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-9a74449ea092210a1b
  ncalrpc: LRPC-f7003548485cb8bc96

dd490425-5325-4565-b774-7e27d6c09c24
  version: v1.0
  annotation: Base Firewall Engine API
  provider: BFE.DLL
  ncalrpc: LRPC-f7003548485cb8bc96

76f03f96-cdfd-44fc-a22c-64950a001209
  version: v1.0
  protocol: [MS-PAR]: Print System Asynchronous Remote Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 148.251.44.106:49669
  ncalrpc: LRPC-f5f1fb55c5ba62b5c9

4a452661-8290-4b36-8fbe-7f4093a94978
  version: v1.0
  provider: spoolsv.exe
  ncacn_ip_tcp: 148.251.44.106:49669
  ncalrpc: LRPC-f5f1fb55c5ba62b5c9

ae33069b-a2a8-46ee-a235-ddfd339be281
  version: v1.0
  protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 148.251.44.106:49669
  ncalrpc: LRPC-f5f1fb55c5ba62b5c9

0b6edbfa-4a24-4fc6-8a23-942b1eca65d1
  version: v1.0
  protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 148.251.44.106:49669
  ncalrpc: LRPC-f5f1fb55c5ba62b5c9

12345678-1234-abcd-ef00-0123456789ab
  version: v1.0
  protocol: [MS-RPRN]: Print System Remote Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 148.251.44.106:49669
  ncalrpc: LRPC-f5f1fb55c5ba62b5c9

c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1
  version: v1.0
  annotation: Adh APIs
  ncalrpc: OLE02877503542FA8C6E6B057AC57D7
  ncalrpc: TeredoControl
  ncalrpc: TeredoDiagnostics
  ncalrpc: LRPC-34eef29fbf597d3beb

c36be077-e14b-4fe9-8abc-e856ef4f048b
  version: v1.0
  annotation: Proxy Manager client server endpoint
  ncalrpc: TeredoControl
  ncalrpc: TeredoDiagnostics
  ncalrpc: LRPC-34eef29fbf597d3beb

2e6035b2-e8f1-41a7-a044-656b439c4c34
  version: v1.0
  annotation: Proxy Manager provider server endpoint
  ncalrpc: TeredoControl
  ncalrpc: TeredoDiagnostics
  ncalrpc: LRPC-34eef29fbf597d3beb

552d076a-cb29-4e44-8b6a-d15e59e2c0af
  version: v1.0
  annotation: IP Transition Configuration endpoint
  provider: iphlpsvc.dll
  ncalrpc: LRPC-34eef29fbf597d3beb

b58aa02e-2884-4e97-8176-4ee06d794184
  version: v1.0
  provider: sysmain.dll
  ncalrpc: LRPC-83785b9a8e219216d1

a398e520-d59a-4bdd-aa7a-3c1e0303a511
  version: v1.0
  annotation: IKE/Authip API
  provider: IKEEXT.DLL
  ncalrpc: LRPC-978a2977aa345349c9

1a0d010f-1c33-432c-b0f5-8cf4e8053099
  version: v1.0
  annotation: IdSegSrv service
  ncalrpc: LRPC-2eca27a76abc37e1d4

98716d03-89ac-44c7-bb8c-285824e51c4a
  version: v1.0
  annotation: XactSrv service
  provider: srvsvc.dll
  ncalrpc: LRPC-2eca27a76abc37e1d4

650a7e26-eab8-5533-ce43-9c1dfce11511
  version: v1.0
  annotation: Vpn APIs
  ncalrpc: LRPC-1ad27d67748f04d37e
  ncalrpc: VpnikeRpc
  ncalrpc: RasmanLrpc
  ncacn_np: \\US\PIPE\ROUTER

1d45e083-478f-437c-9618-3594ced8c235
  version: v1.0
  ncalrpc: LRPC-653493ca3a328a2b9f
  ncalrpc: OLE8AC2AC7EDEA12FCB75639CB58081

98cd761e-e77d-41c8-a3c0-0fb756d90ec2
  version: v1.0
  ncalrpc: LRPC-653493ca3a328a2b9f
  ncalrpc: OLE8AC2AC7EDEA12FCB75639CB58081

d22895ef-aff4-42c5-a5b2-b14466d34ab4
  version: v1.0
  ncalrpc: LRPC-653493ca3a328a2b9f
  ncalrpc: OLE8AC2AC7EDEA12FCB75639CB58081

e38f5360-8572-473e-b696-1b46873beeab
  version: v1.0
  ncalrpc: LRPC-653493ca3a328a2b9f
  ncalrpc: OLE8AC2AC7EDEA12FCB75639CB58081

95095ec8-32ea-4eb0-a3e2-041f97b36168
  version: v1.0
  ncalrpc: LRPC-653493ca3a328a2b9f
  ncalrpc: OLE8AC2AC7EDEA12FCB75639CB58081

fd8be72b-a9cd-4b2c-a9ca-4ded242fbe4d
  version: v1.0
  ncalrpc: LRPC-653493ca3a328a2b9f
  ncalrpc: OLE8AC2AC7EDEA12FCB75639CB58081

4c9dbf19-d39e-4bb9-90ee-8f7179b20283
  version: v1.0
  ncalrpc: LRPC-653493ca3a328a2b9f
  ncalrpc: OLE8AC2AC7EDEA12FCB75639CB58081

d4051bde-9cdd-4910-b393-4aa85ec3c482
  version: v1.0
  ncalrpc: LRPC-653493ca3a328a2b9f
  ncalrpc: OLE8AC2AC7EDEA12FCB75639CB58081

7df1ceae-de4e-4e6f-ab14-49636e7c2052
  version: v1.0
  ncalrpc: LRPC-5254b70b60d4148c7f

367abb81-9844-35f1-ad32-98f038001003
  version: v2.0
  protocol: [MS-SCMR]: Service Control Manager Remote Protocol
  provider: services.exe
  ncacn_ip_tcp: 148.251.44.106:49706

76209fe5-9049-4336-ba84-632d907cb154
  version: v1.0
  annotation: Interprocess Logon Service
  ncalrpc: ReportingServices$MSRS12.SQLEXPRESS
  ncalrpc: OLE95263EE95241E2A14F5F4BAF0072

e7a216af-1ec1-447f-8d3f-a87278db564d
  version: v1.0
  ncalrpc: LRPC-400b062cb559cb6fce

0767a036-0d22-48aa-ba69-b619480f38cb
  version: v1.0
  annotation: PcaSvc
  provider: pcasvc.dll
  ncalrpc: LRPC-f30aeec49c9f9865b3

906b0ce0-c70b-1067-b317-00dd010662da
  version: v1.0
  protocol: [MS-CMPO]: MSDTC Connection Manager:
  provider: msdtcprx.dll
  ncalrpc: LRPC-b18ae673fd8823b249
  ncalrpc: LRPC-b18ae673fd8823b249
  ncalrpc: LRPC-b18ae673fd8823b249

d249bd56-4cc0-4fd3-8ce6-6fe050d590cb
  version: v0.0
  ncalrpc: LRPC-a8ac98505114be1bf2

d8140e00-5c46-4ae6-80ac-2f9a76df224c
  version: v0.0
  ncalrpc: LRPC-a8ac98505114be1bf2

bf4dc912-e52f-4904-8ebe-9317c1bdd497
  version: v1.0
  ncalrpc: LRPC-9b4395f7120e787eb4
  ncalrpc: OLE5E8A55D769C3F0021718C5D4975A

c503f532-443a-4c69-8300-ccd1fbdb3839
  version: v2.0
  ncalrpc: LRPC-e71ab6f6f59fabac32
  ncalrpc: OLE386CFF0CC9A7F8B810B07A6A10E3

12e65dd8-887f-41ef-91bf-8d816c42c2e7
  version: v1.0
  annotation: Secure Desktop LRPC interface
  provider: winlogon.exe
  ncalrpc: WMsgKRpc06C29EC412

b1ef227e-dfa5-421e-82bb-67a6a129c496
  version: v0.0
  ncalrpc: LRPC-9d14fafa1be596a918
  ncalrpc: OLE09A1D4B30405FFA5207D058D1ED8

0fc77b1a-95d8-4a2e-a0c0-cff54237462b
  version: v0.0
  ncalrpc: LRPC-9d14fafa1be596a918
  ncalrpc: OLE09A1D4B30405FFA5207D058D1ED8

8ec21e98-b5ce-4916-a3d6-449fa428a007
  version: v0.0
  ncalrpc: LRPC-9d14fafa1be596a918
  ncalrpc: OLE09A1D4B30405FFA5207D058D1ED8

a4b8d482-80ce-40d6-934d-b22a01a44fe7
  version: v1.0
  annotation: LicenseManager
  ncalrpc: LicenseServiceEndpoint

-1166656618 | 2024-05-13T19:46:12.195144

445 / tcp

SMB Status:
  Authentication: enabled
  SMB Version: 2
  Capabilities: raw-mode

-1230795794 | 2024-05-12T23:25:33.776951

3306 / tcp

MariaDB:
  Error Message: Host '224.229.27.133' is not allowed to connect to this MariaDB server
  Error Code: 1130

-490913610 | 2024-04-18T07:51:50.265060

3389 / tcp

Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x1f\x08\x00\x02\x00\x00\x00
Remote Desktop Protocol NTLM Info:
  OS: Windows Server 2022
  OS Build: 10.0.20348
  Target Name: US
  NetBIOS Domain Name: US
  NetBIOS Computer Name: US
  DNS Domain Name: US.immapiraq.org
  FQDN: US.immapiraq.org

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            20:18:50:3f:39:51:a7:9d:47:5b:e1:b3:7b:4a:91:c5
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=US.immapiraq.org
        Validity
            Not Before: Apr  8 09:10:28 2024 GMT
            Not After : Oct  8 09:10:28 2024 GMT
        Subject: CN=US.immapiraq.org
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b7:a8:33:9d:8e:58:0d:99:79:ac:56:8b:8b:e3:
                    38:62:e9:fa:55:a8:bd:65:92:8b:91:e0:69:4c:f2:
                    93:72:70:08:d6:5e:59:4d:12:0d:03:15:a3:8c:0e:
                    39:8f:e6:b2:e4:f7:b4:ca:c5:bc:53:6a:6a:6a:65:
                    f4:3e:43:22:54:78:63:7b:ad:75:fb:12:ff:b4:dc:
                    e6:47:06:a0:80:a1:b0:ce:55:17:dc:a5:7c:01:1c:
                    d2:1e:6d:d0:63:3d:be:e2:23:98:1b:46:a6:84:d8:
                    83:4e:14:ed:3b:2a:3c:ad:64:3a:ea:b6:9c:ed:f5:
                    11:37:b8:a0:43:d8:06:9b:1b:d4:4f:92:a0:e9:66:
                    a5:0e:37:d6:b5:3b:c4:af:b6:ec:13:7b:7c:c8:d5:
                    76:4e:24:a2:53:11:a0:9a:a2:b2:d8:6d:b0:8f:df:
                    dc:0d:6b:f7:0c:f0:81:a8:c8:ec:50:73:00:63:a4:
                    cc:6f:37:60:69:e4:a7:50:1f:4f:e2:26:f7:67:43:
                    e9:37:68:b5:9f:6e:17:fe:97:17:0a:8b:a3:4b:06:
                    90:d8:b2:94:59:6f:42:4f:5d:a1:6c:22:bc:cb:4b:
                    52:8e:ce:a0:f7:d2:ee:2d:4e:87:2a:b3:b4:86:55:
                    da:45:3e:9d:54:48:90:33:c8:c6:71:94:b5:5a:87:
                    78:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Key Usage: 
                Key Encipherment, Data Encipherment
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        16:3d:26:5d:ed:de:9a:d3:05:ce:2a:2d:a1:35:5d:ea:cc:22:
        bd:58:34:70:0c:5f:44:ea:5a:be:d3:e4:a7:e9:ac:d3:64:71:
        bf:6f:83:97:bb:49:73:bd:0f:ef:fe:cd:d5:4f:ba:54:3c:ff:
        d3:02:0d:fb:b6:4d:17:19:f5:29:dc:98:cc:7d:87:01:95:d0:
        c7:32:61:f8:61:34:85:f9:30:63:59:54:1e:b5:e3:62:2b:a3:
        ab:5c:b2:ff:d7:2e:75:c5:67:2a:6d:f4:f5:0f:df:52:17:06:
        73:35:76:4a:f6:29:0e:aa:a0:c6:58:0c:2b:12:de:4f:a5:6b:
        5d:a7:a9:b5:cb:36:bc:ef:23:80:be:db:d4:ca:f7:28:f1:63:
        3e:ef:6c:01:d8:81:49:9d:68:db:a2:37:79:fe:8d:62:c4:7c:
        b4:67:bc:52:71:b9:e3:0e:d5:6f:0d:5a:99:c7:d0:22:83:0d:
        86:6d:9a:1d:0e:d9:32:15:88:f7:6f:a3:c1:3b:b5:66:e9:7b:
        e2:f1:cb:ab:ee:cb:5e:22:64:84:cf:21:09:6d:69:63:ea:59:
        a6:5f:41:4d:f7:bf:99:40:e2:d2:4a:cb:8d:15:28:d4:2b:35:
        3f:ae:f2:34:ff:96:37:e4:0b:61:95:8e:16:8d:a1:8a:40:35:
        22:ca:66:77

-1684583448 | 2024-05-14T06:28:29.579132

5357 / tcp

HTTP/1.1 503 Service Unavailable
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Tue, 14 May 2024 06:28:29 GMT
Connection: close
Content-Length: 326

1489525118 | 2024-05-14T14:38:56.390477

5985 / tcp

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Tue, 14 May 2024 14:38:56 GMT
Connection: close
Content-Length: 315


WinRM NTLM Info:
  OS: Windows Server 2022
  OS Build: 10.0.20348
  Target Name: US
  NetBIOS Domain Name: US
  NetBIOS Computer Name: US
  DNS Domain Name: US.immapiraq.org
  FQDN: US.immapiraq.org

148.251.44.106

Last Seen: 2024-05-14

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1489525118 | 2024-05-04T14:42:56.144985
80 / tcp

Microsoft HTTPAPI httpd2.0

-18591631 | 2024-05-06T03:20:01.582238
135 / tcp

Microsoft RPC Endpoint Mapper

-1166656618 | 2024-05-13T19:46:12.195144
445 / tcp

-1230795794 | 2024-05-12T23:25:33.776951
3306 / tcp

MariaDB

-490913610 | 2024-04-18T07:51:50.265060
3389 / tcp

Remote Desktop Protocol

-1684583448 | 2024-05-14T06:28:29.579132
5357 / tcp

1489525118 | 2024-05-14T14:38:56.390477
5985 / tcp

WinRM

Products

Pricing

Contact Us

148.251.44.106

Last Seen: 2024-05-14

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1489525118 | 2024-05-04T14:42:56.144985 80 / tcp

Microsoft HTTPAPI httpd2.0

-18591631 | 2024-05-06T03:20:01.582238 135 / tcp

Microsoft RPC Endpoint Mapper

-1166656618 | 2024-05-13T19:46:12.195144 445 / tcp

-1230795794 | 2024-05-12T23:25:33.776951 3306 / tcp

MariaDB

-490913610 | 2024-04-18T07:51:50.265060 3389 / tcp

Remote Desktop Protocol

-1684583448 | 2024-05-14T06:28:29.579132 5357 / tcp

1489525118 | 2024-05-14T14:38:56.390477 5985 / tcp

WinRM

Products

Pricing

Contact Us

1489525118 | 2024-05-04T14:42:56.144985
80 / tcp

-18591631 | 2024-05-06T03:20:01.582238
135 / tcp

-1166656618 | 2024-05-13T19:46:12.195144
445 / tcp

-1230795794 | 2024-05-12T23:25:33.776951
3306 / tcp

-490913610 | 2024-04-18T07:51:50.265060
3389 / tcp

-1684583448 | 2024-05-14T06:28:29.579132
5357 / tcp

1489525118 | 2024-05-14T14:38:56.390477
5985 / tcp