| Hostnames |
dancepartner.com www.dancepartner.com dancesoft.www.dancesoft.com 8e.66.3ea9.ip4.static.sl-reverse.com |
| Domains | dancepartner.com dancesoft.com sl-reverse.com |
| Country | United States |
| City | San Jose |
| Organization | SoftLayer Technologies, Inc. |
| ISP | SoftLayer Technologies Inc. |
| ASN | AS36351 |
| CVE-2020-0796 | 10.0A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target server or client. |
-370734890 | 2024-04-28T03:10:46.74352421 / tcp
220 Microsoft FTP Service
530 User cannot log in.
214-The following commands are recognized (* ==>'s unimplemented).
ABOR
ACCT
ADAT *
ALLO
APPE
AUTH
CCC
CDUP
CWD
DELE
ENC *
EPRT
EPSV
FEAT
HELP
HOST
LANG
LIST
MDTM
MIC *
MKD
MODE
NLST
NOOP
OPTS
PASS
PASV
PBSZ
PORT
PROT
PWD
QUIT
REIN
REST
RETR
RMD
RNFR
RNTO
SITE
SIZE
SMNT
STAT
STOR
STOU
STRU
SYST
TYPE
USER
XCUP
XCWD
XMKD
XPWD
XRMD
214 HELP command successful.
211-Extended features supported:
LANG EN*
UTF8
AUTH TLS;TLS-C;SSL;TLS-P;
PBSZ
PROT C;P;
CCC
HOST
SIZE
MDTM
REST STREAM
211 END
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:a1:9c:71:9b:27:53:9f:41:02:e3:34:7b:dd:9f:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dancesoft.www.dancesoft.com
Validity
Not Before: Jun 10 16:38:45 2022 GMT
Not After : Jun 10 00:00:00 2023 GMT
Subject: CN=dancesoft.www.dancesoft.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:d7:6a:ef:81:2e:ca:b7:19:a5:9b:90:8a:86:c0:
00:d3:e5:3e:1f:1c:a5:bf:4c:a6:88:c8:e8:17:ba:
f4:be:32:d9:f3:ec:37:9a:37:ce:20:24:18:0a:24:
83:b0:94:65:3c:32:cb:d5:29:1e:16:59:a0:38:c3:
fb:ac:01:30:d5:de:6e:86:d1:87:ce:91:8e:09:eb:
15:aa:63:51:c5:99:16:60:15:b7:28:ac:3f:10:f4:
00:d4:1f:8c:30:f2:b0:1f:a8:eb:a2:e5:b6:8d:8a:
d0:04:44:d0:6a:4b:21:75:38:7f:3e:38:ee:55:b4:
20:c9:2b:73:33:54:c8:52:b6:b2:d7:73:f3:bf:db:
ad:ca:ad:41:ff:3e:06:ba:a5:51:e2:af:cc:37:0c:
4d:3d:1e:fe:4d:ee:78:f9:c0:13:72:04:8b:ac:3b:
b9:82:6f:34:09:88:24:fc:d3:52:d3:53:d5:43:da:
05:39:18:8c:6b:df:37:14:26:27:24:a4:02:db:2e:
7a:ff:84:2c:2c:fc:31:36:c0:ab:a1:04:51:cc:0a:
56:48:5e:b1:db:c3:0e:d5:ce:cb:84:36:04:45:a8:
3a:cf:f3:66:65:75:09:b9:9e:a6:ef:43:0f:08:96:
1b:bb:12:c8:6a:c8:48:9b:06:1b:b5:c8:60:e1:71:
84:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Key Usage:
Digital Signature, Key Encipherment, Data Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication
X509v3 Subject Alternative Name:
DNS:dancesoft.www.dancesoft.com
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
c4:3d:26:a5:b7:a2:34:f1:ff:11:58:b7:15:c9:79:ff:f5:a2:
9b:d1:d8:68:97:8f:66:a8:78:90:d2:f0:c5:45:be:b5:1c:c7:
6a:91:03:d4:29:39:97:e7:45:78:b0:01:38:b9:82:68:3b:ea:
f5:75:1c:10:08:01:53:48:10:04:53:07:fc:b6:7e:65:09:00:
2b:9b:11:7c:1d:db:ea:bc:3b:ef:f4:9c:90:6b:e7:61:68:1f:
5d:12:9f:2d:cf:12:ad:b9:cf:1b:b5:5b:8b:7b:a3:67:80:ec:
16:d0:a8:8d:e1:77:44:9c:2f:1b:a9:4b:f4:1d:9c:8e:62:e3:
f5:5b:37:42:c2:14:70:8a:0b:73:c2:6e:25:37:38:ac:c8:a8:
7c:14:ac:2c:67:8a:1d:12:e7:3e:b2:f0:0c:08:97:a1:42:9e:
bb:0e:86:c6:d0:4b:18:3d:50:92:24:e1:7c:2f:cd:04:58:8a:
6a:fa:79:7d:e4:69:ba:71:cd:c4:d3:6b:6f:3a:8b:f3:58:66:
e9:e4:09:72:d3:81:98:4b:8c:41:ff:eb:d7:77:71:e1:c8:ba:
e9:06:27:e1:00:36:72:08:46:73:9c:20:47:4c:7a:5b:b3:43:
6b:c2:9d:e7:f6:fa:44:21:0a:76:5c:bd:ab:7c:4a:6b:db:1d:
ee:83:0a:fd
1041995518 | 2024-04-19T22:09:35.31625280 / tcp
HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html Server: Microsoft-IIS/10.0 Set-Cookie: ASPSESSIONIDAACSCBDD=PEIBOFMAPEFCNMAGBFHDIONJ; path=/ Date: Fri, 19 Apr 2024 22:09:33 GMT Content-Length: 185
475962910 | 2024-05-01T21:52:42.783864135 / tcp
Microsoft RPC Endpoint Mapper 51a227ae-825b-41f2-b4a9-1ac9557a1018 version: v1.0 annotation: Ngc Pop Key Service ncacn_ip_tcp: 169.62.102.142:49664 ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: LSA_IDPEXT_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\DANCESOFT\pipe\lsass 8fb74744-b2ff-4c00-be0d-9ef9a191fe1b version: v1.0 annotation: Ngc Pop Key Service ncacn_ip_tcp: 169.62.102.142:49664 ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: LSA_IDPEXT_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\DANCESOFT\pipe\lsass b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86 version: v2.0 annotation: KeyIso ncacn_ip_tcp: 169.62.102.142:49664 ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: LSA_IDPEXT_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\DANCESOFT\pipe\lsass 12345778-1234-abcd-ef00-0123456789ac version: v1.0 protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol provider: samsrv.dll ncacn_ip_tcp: 169.62.102.142:49664 ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: LSA_IDPEXT_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\DANCESOFT\pipe\lsass d95afe70-a6d5-4259-822e-2c84da1ddb0d version: v1.0 protocol: [MS-RSP]: Remote Shutdown Protocol provider: wininit.exe ncacn_ip_tcp: 169.62.102.142:49665 ncalrpc: WindowsShutdown ncacn_np: \\DANCESOFT\PIPE\InitShutdown ncalrpc: WMsgKRpc01B2E60 76f226c3-ec14-4325-8a99-6a46348418af version: v1.0 provider: winlogon.exe ncalrpc: WindowsShutdown ncacn_np: \\DANCESOFT\PIPE\InitShutdown ncalrpc: WMsgKRpc01B2E60 ncalrpc: WMsgKRpc01B64F1 fc48cd89-98d6-4628-9839-86f7a3e4161a version: v1.0 ncalrpc: dabrpc ncalrpc: csebpub ncalrpc: LRPC-5dbf89f6621550d972 ncalrpc: LRPC-2776e8fccba726c328 ncalrpc: LRPC-532b96f82a265f2e29 ncalrpc: LRPC-a0f1eaaca838e16291 ncalrpc: OLE9F5F31784C213C0ACC2D92DB1AFD ncalrpc: LRPC-32a49cd91f181e288c ncalrpc: actkernel ncalrpc: umpo d09bdeb5-6171-4a34-bfe2-06fa82652568 version: v1.0 ncalrpc: csebpub ncalrpc: LRPC-5dbf89f6621550d972 ncalrpc: LRPC-2776e8fccba726c328 ncalrpc: LRPC-532b96f82a265f2e29 ncalrpc: LRPC-a0f1eaaca838e16291 ncalrpc: OLE9F5F31784C213C0ACC2D92DB1AFD ncalrpc: LRPC-32a49cd91f181e288c ncalrpc: actkernel ncalrpc: umpo ncalrpc: LRPC-2776e8fccba726c328 ncalrpc: LRPC-532b96f82a265f2e29 ncalrpc: LRPC-a0f1eaaca838e16291 ncalrpc: OLE9F5F31784C213C0ACC2D92DB1AFD ncalrpc: LRPC-32a49cd91f181e288c ncalrpc: actkernel ncalrpc: umpo ncalrpc: LRPC-532b96f82a265f2e29 ncalrpc: LRPC-a0f1eaaca838e16291 ncalrpc: OLE9F5F31784C213C0ACC2D92DB1AFD ncalrpc: LRPC-32a49cd91f181e288c ncalrpc: actkernel ncalrpc: umpo ncalrpc: LRPC-58589f89be48b9c408 ncalrpc: LRPC-c48bf18213101bac0b 697dcda9-3ba9-4eb2-9247-e11f1901b0d2 version: v1.0 ncalrpc: LRPC-5dbf89f6621550d972 ncalrpc: LRPC-2776e8fccba726c328 ncalrpc: LRPC-532b96f82a265f2e29 ncalrpc: LRPC-a0f1eaaca838e16291 ncalrpc: OLE9F5F31784C213C0ACC2D92DB1AFD ncalrpc: LRPC-32a49cd91f181e288c ncalrpc: actkernel ncalrpc: umpo 9b008953-f195-4bf9-bde0-4471971e58ed version: v1.0 ncalrpc: LRPC-2776e8fccba726c328 ncalrpc: LRPC-532b96f82a265f2e29 ncalrpc: LRPC-a0f1eaaca838e16291 ncalrpc: OLE9F5F31784C213C0ACC2D92DB1AFD ncalrpc: LRPC-32a49cd91f181e288c ncalrpc: actkernel ncalrpc: umpo 0d47017b-b33b-46ad-9e18-fe96456c5078 version: v1.0 ncalrpc: umpo 95406f0b-b239-4318-91bb-cea3a46ff0dc version: v1.0 ncalrpc: umpo 4ed8abcc-f1e2-438b-981f-bb0e8abc010c version: v1.0 ncalrpc: umpo 0ff1f646-13bb-400a-ab50-9a78f2b7a85a version: v1.0 ncalrpc: umpo 6982a06e-5fe2-46b1-b39c-a2c545bfa069 version: v1.0 ncalrpc: umpo 082a3471-31b6-422a-b931-a54401960c62 version: v1.0 ncalrpc: umpo fae436b0-b864-4a87-9eda-298547cd82f2 version: v1.0 ncalrpc: umpo e53d94ca-7464-4839-b044-09a2fb8b3ae5 version: v1.0 ncalrpc: umpo 178d84be-9291-4994-82c6-3f909aca5a03 version: v1.0 ncalrpc: umpo 4dace966-a243-4450-ae3f-9b7bcb5315b8 version: v2.0 ncalrpc: umpo 1832bcf6-cab8-41d4-85d2-c9410764f75a version: v1.0 ncalrpc: umpo c521facf-09a9-42c5-b155-72388595cbf0 version: v0.0 ncalrpc: umpo 2c7fd9ce-e706-4b40-b412-953107ef9bb0 version: v0.0 ncalrpc: umpo 88abcbc3-34ea-76ae-8215-767520655a23 version: v0.0 ncalrpc: LRPC-a0f1eaaca838e16291 ncalrpc: OLE9F5F31784C213C0ACC2D92DB1AFD ncalrpc: LRPC-32a49cd91f181e288c ncalrpc: actkernel ncalrpc: umpo 76c217bc-c8b4-4201-a745-373ad9032b1a version: v1.0 ncalrpc: LRPC-a0f1eaaca838e16291 ncalrpc: OLE9F5F31784C213C0ACC2D92DB1AFD ncalrpc: LRPC-32a49cd91f181e288c ncalrpc: actkernel ncalrpc: umpo 55e6b932-1979-45d6-90c5-7f6270724112 version: v1.0 ncalrpc: LRPC-a0f1eaaca838e16291 ncalrpc: OLE9F5F31784C213C0ACC2D92DB1AFD ncalrpc: LRPC-32a49cd91f181e288c ncalrpc: actkernel ncalrpc: umpo 857fb1be-084f-4fb5-b59c-4b2c4be5f0cf version: v1.0 ncalrpc: OLE9F5F31784C213C0ACC2D92DB1AFD ncalrpc: LRPC-32a49cd91f181e288c ncalrpc: actkernel ncalrpc: umpo 20c40295-8dba-48e6-aebf-3e78ef3bb144 version: v2.0 ncalrpc: OLE9F5F31784C213C0ACC2D92DB1AFD ncalrpc: LRPC-32a49cd91f181e288c ncalrpc: actkernel ncalrpc: umpo 2513bcbe-6cd4-4348-855e-7efb3c336dd3 version: v2.0 ncalrpc: OLE9F5F31784C213C0ACC2D92DB1AFD ncalrpc: LRPC-32a49cd91f181e288c ncalrpc: actkernel ncalrpc: umpo 0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e version: v1.0 ncalrpc: LRPC-32a49cd91f181e288c ncalrpc: actkernel ncalrpc: umpo c605f9fb-f0a3-4e2a-a073-73560f8d9e3e version: v1.0 ncalrpc: LRPC-32a49cd91f181e288c ncalrpc: actkernel ncalrpc: umpo 1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0 version: v1.0 ncalrpc: LRPC-32a49cd91f181e288c ncalrpc: actkernel ncalrpc: umpo 8bfc3be1-6def-4e2d-af74-7c47cd0ade4a version: v1.0 ncalrpc: LRPC-32a49cd91f181e288c ncalrpc: actkernel ncalrpc: umpo 2d98a740-581d-41b9-aa0d-a88b9d5ce938 version: v1.0 ncalrpc: LRPC-32a49cd91f181e288c ncalrpc: actkernel ncalrpc: umpo dd59071b-3215-4c59-8481-972edadc0f6a version: v1.0 ncalrpc: actkernel ncalrpc: umpo 0361ae94-0316-4c6c-8ad8-c594375800e2 version: v1.0 ncalrpc: umpo 5824833b-3c1a-4ad2-bdfd-c31d19e23ed2 version: v1.0 ncalrpc: umpo bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760 version: v1.0 ncalrpc: umpo 3b338d89-6cfa-44b8-847e-531531bc9992 version: v1.0 ncalrpc: umpo 8782d3b9-ebbd-4644-a3d8-e8725381919b version: v1.0 ncalrpc: umpo 085b0334-e454-4d91-9b8c-4134f9e793f3 version: v1.0 ncalrpc: umpo 4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9 version: v1.0 ncalrpc: umpo c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 version: v1.0 annotation: Impl friendly name provider: sysntfy.dll ncalrpc: LRPC-86e6796c0b2a427f23 ncalrpc: LRPC-fd0e15c33d15f89b35 ncalrpc: IUserProfile2 ncalrpc: LRPC-b01a452a3395b826c1 ncalrpc: senssvc ncalrpc: LRPC-ddd2e9e79614af799c e40f7b57-7a25-4cd3-a135-7f7d3df9d16b version: v1.0 ncalrpc: LRPC-698adfee60c077c7ab 880fd55e-43b9-11e0-b1a8-cf4edfd72085 version: v1.0 annotation: KAPI Service endpoint ncalrpc: LRPC-83b661f72f2f89be05 ncalrpc: OLE28251674BD4509B78B89030802D3 ncalrpc: LRPC-58589f89be48b9c408 5222821f-d5e2-4885-84f1-5f6185a0ec41 version: v1.0 ncalrpc: LRPC-9f875150dd8ec755dd a500d4c6-0dd1-4543-bc0c-d5f93486eaf8 version: v1.0 ncalrpc: LRPC-3ebd2c34f2bec9b026 ncalrpc: LRPC-c48bf18213101bac0b f6beaff7-1e19-4fbb-9f8f-b89e2018337c version: v1.0 annotation: Event log TCPIP protocol: [MS-EVEN6]: EventLog Remoting Protocol provider: wevtsvc.dll ncacn_ip_tcp: 169.62.102.142:49666 ncacn_np: \\DANCESOFT\pipe\eventlog ncalrpc: eventlog 7ea70bcf-48af-4f6a-8968-6a440754d5fa version: v1.0 annotation: NSI server endpoint provider: nsisvc.dll ncalrpc: LRPC-cd67bc4ae672472434 2eb08e3e-639f-4fba-97b1-14f878961076 version: v1.0 annotation: Group Policy RPC Interface provider: gpsvc.dll ncalrpc: LRPC-349567daa9667f60b4 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6 version: v1.0 annotation: DHCPv6 Client LRPC Endpoint provider: dhcpcsvc6.dll ncalrpc: dhcpcsvc6 ncalrpc: dhcpcsvc 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5 version: v1.0 annotation: DHCP Client LRPC Endpoint provider: dhcpcsvc.dll ncalrpc: dhcpcsvc 3a9ef155-691d-4449-8d05-09ad57031823 version: v1.0 ncacn_ip_tcp: 169.62.102.142:49667 ncalrpc: LRPC-fa5b4297cea7aaa54d ncalrpc: ubpmtaskhostchannel ncacn_np: \\DANCESOFT\PIPE\atsvc ncalrpc: LRPC-25825380cf24e03621 86d35949-83c9-4044-b424-db363231fd0c version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: schedsvc.dll ncacn_ip_tcp: 169.62.102.142:49667 ncalrpc: LRPC-fa5b4297cea7aaa54d ncalrpc: ubpmtaskhostchannel ncacn_np: \\DANCESOFT\PIPE\atsvc ncalrpc: LRPC-25825380cf24e03621 33d84484-3626-47ee-8c6f-e7e98b113be1 version: v2.0 ncalrpc: LRPC-fa5b4297cea7aaa54d ncalrpc: ubpmtaskhostchannel ncacn_np: \\DANCESOFT\PIPE\atsvc ncalrpc: LRPC-25825380cf24e03621 378e52b0-c0a9-11cf-822d-00aa0051e40f version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: taskcomp.dll ncacn_np: \\DANCESOFT\PIPE\atsvc ncalrpc: LRPC-25825380cf24e03621 1ff70682-0a51-30e8-076d-740be8cee98b version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: taskcomp.dll ncacn_np: \\DANCESOFT\PIPE\atsvc ncalrpc: LRPC-25825380cf24e03621 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53 version: v1.0 provider: schedsvc.dll ncalrpc: LRPC-25825380cf24e03621 30b044a5-a225-43f0-b3a4-e060df91f9c1 version: v1.0 provider: certprop.dll ncalrpc: LRPC-7e8d9929056eae48f7 3f787932-3452-4363-8651-6ea97bb373bb version: v1.0 annotation: NSP Rpc Interface ncalrpc: LRPC-094cd6bbc7f0089e65 ncalrpc: OLE8845DBA8783C7DD76DC8D84D609B 30adc50c-5cbc-46ce-9a0e-91914789e23c version: v1.0 annotation: NRP server endpoint provider: nrpsrv.dll ncalrpc: LRPC-9dc09588a90146a310 ncalrpc: DNSResolver 3473dd4d-2e88-4006-9cba-22570909dd10 version: v5.256 annotation: WinHttp Auto-Proxy Service ncalrpc: 607488f1-665d-4b87-a2a1-c190972300f5 ncalrpc: LRPC-e38522f46db2fe5013 13560fa9-8c09-4b56-a1fd-04d083b9b2a1 version: v1.0 ncalrpc: LRPC-66964f29bc24fa3657 ncalrpc: OLE0AC2FC81F6E9FBA7EFAAF3BCDEF7 c2d1b5dd-fa81-4460-9dd6-e7658b85454b version: v1.0 ncalrpc: LRPC-66964f29bc24fa3657 ncalrpc: OLE0AC2FC81F6E9FBA7EFAAF3BCDEF7 f44e62af-dab1-44c2-8013-049a9de417d6 version: v1.0 ncalrpc: LRPC-66964f29bc24fa3657 ncalrpc: OLE0AC2FC81F6E9FBA7EFAAF3BCDEF7 b37f900a-eae4-4304-a2ab-12bb668c0188 version: v1.0 ncalrpc: LRPC-66964f29bc24fa3657 ncalrpc: OLE0AC2FC81F6E9FBA7EFAAF3BCDEF7 abfb6ca3-0c5e-4734-9285-0aee72fe8d1c version: v1.0 ncalrpc: LRPC-66964f29bc24fa3657 ncalrpc: OLE0AC2FC81F6E9FBA7EFAAF3BCDEF7 7f1343fe-50a9-4927-a778-0c5859517bac version: v1.0 annotation: DfsDs service ncacn_np: \\DANCESOFT\PIPE\wkssvc ncalrpc: LRPC-fec30753cac5f6e239 eb081a0d-10ee-478a-a1dd-50995283e7a8 version: v3.0 annotation: Witness Client Test Interface ncalrpc: LRPC-fec30753cac5f6e239 f2c9b409-c1c9-4100-8639-d8ab1486694a version: v1.0 annotation: Witness Client Upcall Server ncalrpc: LRPC-fec30753cac5f6e239 0d3c7f20-1c8d-4654-a1b3-51563b298bda version: v1.0 annotation: UserMgrCli ncalrpc: LRPC-4bfd26c4c8b8e0f970 ncalrpc: OLE176D27834DF0175B89AD87E848E3 b18fbab6-56f8-4702-84e0-41053293a869 version: v1.0 annotation: UserMgrCli ncalrpc: LRPC-4bfd26c4c8b8e0f970 ncalrpc: OLE176D27834DF0175B89AD87E848E3 29770a8f-829b-4158-90a2-78cd488501f7 version: v1.0 ncacn_ip_tcp: 169.62.102.142:49668 ncacn_np: \\DANCESOFT\pipe\SessEnvPublicRpc ncalrpc: SessEnvPrivateRpc ncalrpc: LRPC-ddd2e9e79614af799c 2fb92682-6599-42dc-ae13-bd2ca89bd11c version: v1.0 annotation: Fw APIs provider: MPSSVC.dll ncalrpc: LRPC-6c7fbcf0690329ab12 ncalrpc: LRPC-d4b2ad12b614d19c31 ncalrpc: LRPC-c885cf5b4ba050773c ncalrpc: LRPC-9af47ba339b6faa914 f47433c3-3e9d-4157-aad4-83aa1f5c2d4c version: v1.0 annotation: Fw APIs ncalrpc: LRPC-d4b2ad12b614d19c31 ncalrpc: LRPC-c885cf5b4ba050773c ncalrpc: LRPC-9af47ba339b6faa914 7f9d11bf-7fb9-436b-a812-b2d50c5d4c03 version: v1.0 annotation: Fw APIs provider: MPSSVC.dll ncalrpc: LRPC-c885cf5b4ba050773c ncalrpc: LRPC-9af47ba339b6faa914 dd490425-5325-4565-b774-7e27d6c09c24 version: v1.0 annotation: Base Firewall Engine API provider: BFE.DLL ncalrpc: LRPC-9af47ba339b6faa914 a398e520-d59a-4bdd-aa7a-3c1e0303a511 version: v1.0 annotation: IKE/Authip API provider: IKEEXT.DLL ncalrpc: LRPC-b7fbd214c451e19033 c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1 version: v1.0 annotation: Adh APIs ncalrpc: TeredoControl ncalrpc: TeredoDiagnostics ncalrpc: LRPC-78c92abe4ed005e250 c36be077-e14b-4fe9-8abc-e856ef4f048b version: v1.0 annotation: Proxy Manager client server endpoint ncalrpc: TeredoControl ncalrpc: TeredoDiagnostics ncalrpc: LRPC-78c92abe4ed005e250 2e6035b2-e8f1-41a7-a044-656b439c4c34 version: v1.0 annotation: Proxy Manager provider server endpoint ncalrpc: TeredoControl ncalrpc: TeredoDiagnostics ncalrpc: LRPC-78c92abe4ed005e250 552d076a-cb29-4e44-8b6a-d15e59e2c0af version: v1.0 annotation: IP Transition Configuration endpoint provider: iphlpsvc.dll ncalrpc: LRPC-78c92abe4ed005e250 76f03f96-cdfd-44fc-a22c-64950a001209 version: v1.0 protocol: [MS-PAR]: Print System Asynchronous Remote Protocol provider: spoolsv.exe ncacn_ip_tcp: 169.62.102.142:49669 ncalrpc: LRPC-dc0b09d1f7ea18f61c 4a452661-8290-4b36-8fbe-7f4093a94978 version: v1.0 provider: spoolsv.exe ncacn_ip_tcp: 169.62.102.142:49669 ncalrpc: LRPC-dc0b09d1f7ea18f61c ae33069b-a2a8-46ee-a235-ddfd339be281 version: v1.0 protocol: [MS-PAN]: Print System Asynchronous Notification Protocol provider: spoolsv.exe ncacn_ip_tcp: 169.62.102.142:49669 ncalrpc: LRPC-dc0b09d1f7ea18f61c 0b6edbfa-4a24-4fc6-8a23-942b1eca65d1 version: v1.0 protocol: [MS-PAN]: Print System Asynchronous Notification Protocol provider: spoolsv.exe ncacn_ip_tcp: 169.62.102.142:49669 ncalrpc: LRPC-dc0b09d1f7ea18f61c 12345678-1234-abcd-ef00-0123456789ab version: v1.0 protocol: [MS-RPRN]: Print System Remote Protocol provider: spoolsv.exe ncacn_ip_tcp: 169.62.102.142:49669 ncalrpc: LRPC-dc0b09d1f7ea18f61c b58aa02e-2884-4e97-8176-4ee06d794184 version: v1.0 provider: sysmain.dll ncalrpc: LRPC-bdb531657535a01704 1a0d010f-1c33-432c-b0f5-8cf4e8053099 version: v1.0 annotation: IdSegSrv service ncalrpc: LRPC-04ad93aeb3dfd5466f 98716d03-89ac-44c7-bb8c-285824e51c4a version: v1.0 annotation: XactSrv service provider: srvsvc.dll ncalrpc: LRPC-04ad93aeb3dfd5466f 650a7e26-eab8-5533-ce43-9c1dfce11511 version: v1.0 annotation: Vpn APIs ncalrpc: LRPC-b75c222dd2c2c50dad ncalrpc: VpnikeRpc ncalrpc: RasmanLrpc ncacn_np: \\DANCESOFT\PIPE\ROUTER 1d45e083-478f-437c-9618-3594ced8c235 version: v1.0 ncalrpc: LRPC-1a913ebadd8700f600 ncalrpc: OLEEAD4A4CBEA8EC28683E381FB054A 98cd761e-e77d-41c8-a3c0-0fb756d90ec2 version: v1.0 ncalrpc: LRPC-1a913ebadd8700f600 ncalrpc: OLEEAD4A4CBEA8EC28683E381FB054A d22895ef-aff4-42c5-a5b2-b14466d34ab4 version: v1.0 ncalrpc: LRPC-1a913ebadd8700f600 ncalrpc: OLEEAD4A4CBEA8EC28683E381FB054A e38f5360-8572-473e-b696-1b46873beeab version: v1.0 ncalrpc: LRPC-1a913ebadd8700f600 ncalrpc: OLEEAD4A4CBEA8EC28683E381FB054A 95095ec8-32ea-4eb0-a3e2-041f97b36168 version: v1.0 ncalrpc: LRPC-1a913ebadd8700f600 ncalrpc: OLEEAD4A4CBEA8EC28683E381FB054A fd8be72b-a9cd-4b2c-a9ca-4ded242fbe4d version: v1.0 ncalrpc: LRPC-1a913ebadd8700f600 ncalrpc: OLEEAD4A4CBEA8EC28683E381FB054A 4c9dbf19-d39e-4bb9-90ee-8f7179b20283 version: v1.0 ncalrpc: LRPC-1a913ebadd8700f600 ncalrpc: OLEEAD4A4CBEA8EC28683E381FB054A d4051bde-9cdd-4910-b393-4aa85ec3c482 version: v1.0 ncalrpc: LRPC-1a913ebadd8700f600 ncalrpc: OLEEAD4A4CBEA8EC28683E381FB054A 6b5bdd1e-528c-422c-af8c-a4079be4fe48 version: v1.0 annotation: Remote Fw APIs protocol: [MS-FASP]: Firewall and Advanced Security Protocol provider: FwRemoteSvr.dll ncacn_ip_tcp: 169.62.102.142:49670 ncalrpc: ipsec 7df1ceae-de4e-4e6f-ab14-49636e7c2052 version: v1.0 ncalrpc: LRPC-232ebe99f32e874946 f3f09ffd-fbcf-4291-944d-70ad6e0e73bb version: v1.0 ncalrpc: LRPC-80c4f2d6fea53d6b2c 509bc7ae-77be-4ee8-b07c-0d096bb44345 version: v1.0 ncalrpc: LRPC-5d15f83da87b9581b3 ncalrpc: OLE2A6B05DC061B57904C4424FBCFA6 367abb81-9844-35f1-ad32-98f038001003 version: v2.0 protocol: [MS-SCMR]: Service Control Manager Remote Protocol provider: services.exe ncacn_ip_tcp: 169.62.102.142:49671 c503f532-443a-4c69-8300-ccd1fbdb3839 version: v2.0 ncalrpc: LRPC-8425b04aeee3b2de27 ncalrpc: OLEEE31FFC37C3B5254F177BACB014B 0767a036-0d22-48aa-ba69-b619480f38cb version: v1.0 annotation: PcaSvc provider: pcasvc.dll ncalrpc: LRPC-152193db726152cee2 906b0ce0-c70b-1067-b317-00dd010662da version: v1.0 protocol: [MS-CMPO]: MSDTC Connection Manager: provider: msdtcprx.dll ncalrpc: LRPC-3f18ae8d7a3b1ce0b0 ncalrpc: LRPC-3f18ae8d7a3b1ce0b0 ncalrpc: LRPC-3f18ae8d7a3b1ce0b0 d249bd56-4cc0-4fd3-8ce6-6fe050d590cb version: v0.0 ncalrpc: LRPC-9342705e396f7b646a d8140e00-5c46-4ae6-80ac-2f9a76df224c version: v0.0 ncalrpc: LRPC-9342705e396f7b646a bf4dc912-e52f-4904-8ebe-9317c1bdd497 version: v1.0 ncalrpc: LRPC-c857f35500d960542d ncalrpc: OLE3B1F75FC80ABA63E1B569C2EDAB1
1489525118 | 2024-04-30T12:04:26.114905443 / tcp
HTTP/1.1 404 Not Found Content-Type: text/html; charset=us-ascii Server: Microsoft-HTTPAPI/2.0 Date: Tue, 30 Apr 2024 12:04:25 GMT Connection: close Content-Length: 315
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:e1:9b:73:48:49:97:36:00:1b:da:95:fc:2b:45:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
Validity
Not Before: Jan 22 00:00:00 2024 GMT
Not After : Feb 4 23:59:59 2025 GMT
Subject: CN=dancepartner.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c8:02:a1:10:69:83:c6:18:0f:14:df:a4:10:83:
23:dc:1f:87:8a:cc:38:9d:ff:aa:5d:9f:4a:dd:01:
45:66:ab:71:2c:05:0d:28:6c:d5:8d:fc:aa:7d:5f:
e9:23:93:43:4b:32:15:e4:7e:78:e0:00:ae:3c:81:
98:07:4e:ef:2e:3c:a5:f3:93:01:c9:ec:34:70:51:
90:f1:e1:0b:a2:19:bd:dd:32:fb:28:38:8b:16:b2:
b3:d0:eb:73:11:62:2a:82:81:81:07:9e:4a:45:7d:
e2:cb:bd:0d:de:a5:af:40:38:71:17:a8:db:e1:d4:
43:7b:d8:c5:bc:c0:ac:17:f8:09:8c:fd:53:4d:2f:
02:5a:63:d2:72:09:13:35:13:9d:cc:37:46:3f:13:
b2:ad:75:61:ac:85:61:f7:76:83:02:32:bd:45:5b:
45:f5:32:87:ec:f2:b0:9e:b8:e1:1d:98:51:4f:00:
ef:2f:f0:0e:c8:2d:a3:e2:53:d9:2f:bb:36:76:14:
fd:1a:9a:67:30:41:a9:09:e6:f2:19:19:d2:00:7f:
a5:9d:f9:bb:a5:b5:cb:02:97:02:3a:14:2c:42:38:
4f:6f:d7:b7:05:fa:05:cc:f3:fb:0f:1f:ec:92:f3:
1f:dc:b6:c2:96:58:81:cc:5d:be:de:de:2a:28:51:
b4:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Authority Key Identifier:
8D:8C:5E:C4:54:AD:8A:E1:77:E9:9B:F9:9B:05:E1:B8:01:8D:61:E1
X509v3 Subject Key Identifier:
41:C0:A2:1E:81:AD:26:42:D8:68:D1:F4:E6:B8:88:66:34:16:00:73
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Certificate Policies:
Policy: 1.3.6.1.4.1.6449.1.2.2.7
CPS: https://sectigo.com/CPS
Policy: 2.23.140.1.2.1
Authority Information Access:
CA Issuers - URI:http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt
OCSP - URI:http://ocsp.sectigo.com
X509v3 Subject Alternative Name:
DNS:dancepartner.com, DNS:www.dancepartner.com
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
Timestamp : Jan 22 17:51:49.584 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:86:B3:E2:54:16:B9:C7:41:CA:EE:09:
33:06:69:EE:F0:EC:92:E1:1E:1B:2F:F5:EE:FC:E8:C3:
B3:26:99:A9:3C:02:21:00:D5:97:E6:DD:9A:A1:DD:CF:
A3:45:A6:36:85:87:9B:B4:BF:6D:55:3C:60:A7:2D:05:
D9:A4:39:89:C6:27:0D:61
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
Timestamp : Jan 22 17:51:49.535 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:80:B2:D6:EB:4F:19:3E:74:35:98:D5:
EB:AF:7D:ED:CB:9C:41:63:92:25:19:FF:03:1B:51:FA:
3F:04:64:DA:F5:02:21:00:EC:F1:8D:72:E3:D9:18:B7:
62:74:30:E4:35:1C:13:39:0C:D5:83:DF:8B:26:FD:57:
FF:68:75:06:8A:55:F7:29
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
Timestamp : Jan 22 17:51:49.552 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:12:C3:6F:F1:E0:50:AC:80:FB:F6:EC:5E:
43:9D:8C:D4:0F:AC:F5:A4:6C:2B:78:43:6C:EB:42:60:
BA:C6:55:D1:02:21:00:9A:91:01:94:D4:CD:C8:44:29:
5B:2C:0A:9F:DB:7E:4A:2F:39:F9:88:8D:EA:34:AB:5E:
11:56:67:75:39:F2:1B
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
68:c0:6a:78:5b:d1:61:90:83:7c:14:25:2b:62:f0:c9:0e:49:
45:49:4f:01:35:77:85:97:91:91:e1:c0:67:c3:31:74:fc:39:
cd:7d:3a:8c:b5:09:0f:74:89:fb:08:37:b5:56:0b:13:7b:13:
f2:01:dc:a2:80:5c:1d:04:4d:a6:42:36:7e:96:1e:5c:1d:de:
21:26:a5:6e:e1:d4:94:c9:02:16:75:cf:ad:c7:fa:61:ac:7c:
fd:59:eb:85:bb:db:ac:fd:26:07:7f:46:55:11:0a:1d:5a:8b:
d8:ad:06:b4:3f:96:cb:09:94:f8:89:0f:2f:d5:01:ee:bb:91:
bd:a4:a3:d9:5b:15:7c:7a:5a:95:50:1b:dd:f1:86:ba:d8:02:
94:f9:34:82:bd:1d:a5:27:e8:25:ee:61:70:38:2b:39:52:1e:
85:b5:ba:cf:c3:a2:e7:96:d6:e3:a3:7d:8e:59:a4:94:68:85:
3f:b3:4c:84:5b:6d:38:99:7c:69:0b:80:e8:5c:e8:e1:e8:71:
97:c1:2a:41:00:34:0b:3d:99:30:66:1d:ff:d8:a4:3b:2f:7d:
58:f9:35:af:1b:14:b8:bd:cf:c8:f4:90:b3:bd:7d:55:2f:9f:
f9:9b:e0:ed:b7:d3:48:b7:c8:cd:e8:b3:d4:49:b4:4e:56:3a:
80:42:c8:32
-1166656618 | 2024-04-27T03:04:25.309517445 / tcp
SMB Status: Authentication: enabled SMB Version: 2 Capabilities: raw-mode
923442282 | 2024-05-01T15:03:40.7486823306 / tcp
MySQL: Error Message: Host '224.171.82.149' is not allowed to connect to this MySQL server Error Code: 1130
1489525118 | 2024-05-01T20:37:48.1827375985 / tcp
HTTP/1.1 404 Not Found Content-Type: text/html; charset=us-ascii Server: Microsoft-HTTPAPI/2.0 Date: Wed, 01 May 2024 20:37:48 GMT Connection: close Content-Length: 315 WinRM NTLM Info: OS: Windows Server 2022 OS Build: 10.0.20348 Target Name: DANCESOFT NetBIOS Domain Name: DANCESOFT NetBIOS Computer Name: DANCESOFT DNS Domain Name: dancesoft.www.dancesoft.com FQDN: dancesoft.www.dancesoft.com
-795948505 | 2024-04-16T17:37:07.52227533060 / tcp
MySQL X Protocol:
tls: False
authentication.mechanisms:
MYSQL41
SHA256_MEMORY
doc.formats: text
client.interactive: False
compression:
algorithm:
deflate_stream
lz4_message
zstd_stream
node_type: mysql
client.pwd_expire_ok: False