| Hostnames |
good11011.fvds.ru sobot.ru.net www.sobot.ru.net |
| Domains | fvds.ru ru.net |
| Country | Russian Federation |
| City | Moscow |
| Organization | JSC IOT |
| ISP | JSC IOT |
| ASN | AS29182 |
| Operating System | Windows (build 10.0.17763) |
-370734890 | 2024-03-20T21:38:34.27108921 / tcp
220 Microsoft FTP Service
530 User cannot log in.
214-The following commands are recognized (* ==>'s unimplemented).
ABOR
ACCT
ADAT *
ALLO
APPE
AUTH
CCC
CDUP
CWD
DELE
ENC *
EPRT
EPSV
FEAT
HELP
HOST
LANG
LIST
MDTM
MIC *
MKD
MODE
NLST
NOOP
OPTS
PASS
PASV
PBSZ
PORT
PROT
PWD
QUIT
REIN
REST
RETR
RMD
RNFR
RNTO
SITE
SIZE
SMNT
STAT
STOR
STOU
STRU
SYST
TYPE
USER
XCUP
XCWD
XMKD
XPWD
XRMD
214 HELP command successful.
211-Extended features supported:
LANG EN*
UTF8
AUTH TLS;TLS-C;SSL;TLS-P;
PBSZ
PROT C;P;
CCC
HOST
SIZE
MDTM
REST STREAM
211 END
-2122786610 | 2024-04-09T00:29:40.61994880 / tcp
HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=UTF-8 Location: https://62.109.2.176/ Server: Microsoft-IIS/10.0 X-Powered-By: ASP.NET Date: Tue, 09 Apr 2024 00:29:39 GMT Content-Length: 144
2144400463 | 2024-03-24T10:11:06.846286135 / tcp
Microsoft RPC Endpoint Mapper d95afe70-a6d5-4259-822e-2c84da1ddb0d version: v1.0 protocol: [MS-RSP]: Remote Shutdown Protocol provider: wininit.exe ncacn_ip_tcp: 62.109.2.176:49664 ncalrpc: WindowsShutdown ncacn_np: \\WIN-LIVFRVQFMKO\PIPE\InitShutdown ncalrpc: WMsgKRpc0591B0 76f226c3-ec14-4325-8a99-6a46348418af version: v1.0 provider: winlogon.exe ncalrpc: WindowsShutdown ncacn_np: \\WIN-LIVFRVQFMKO\PIPE\InitShutdown ncalrpc: WMsgKRpc0591B0 ncalrpc: WMsgKRpc05BBE1 ncalrpc: WMsgKRpc045E262 fc48cd89-98d6-4628-9839-86f7a3e4161a version: v1.0 ncalrpc: dabrpc ncalrpc: csebpub ncalrpc: LRPC-d8fd309b3b68dec7ca ncalrpc: LRPC-68b23a188dd544b6bb ncalrpc: LRPC-c42a0a614ce9388d2b ncalrpc: LRPC-d51ae000eea4a47e2d ncalrpc: LRPC-4699b2549150390ec7 ncalrpc: OLEBF561A66B6E162A2CDF23EDE1037 ncalrpc: LRPC-c52be633b4084eb4fe ncalrpc: actkernel ncalrpc: umpo d09bdeb5-6171-4a34-bfe2-06fa82652568 version: v1.0 ncalrpc: csebpub ncalrpc: LRPC-d8fd309b3b68dec7ca ncalrpc: LRPC-68b23a188dd544b6bb ncalrpc: LRPC-c42a0a614ce9388d2b ncalrpc: LRPC-d51ae000eea4a47e2d ncalrpc: LRPC-4699b2549150390ec7 ncalrpc: OLEBF561A66B6E162A2CDF23EDE1037 ncalrpc: LRPC-c52be633b4084eb4fe ncalrpc: actkernel ncalrpc: umpo ncalrpc: LRPC-68b23a188dd544b6bb ncalrpc: LRPC-c42a0a614ce9388d2b ncalrpc: LRPC-d51ae000eea4a47e2d ncalrpc: LRPC-4699b2549150390ec7 ncalrpc: OLEBF561A66B6E162A2CDF23EDE1037 ncalrpc: LRPC-c52be633b4084eb4fe ncalrpc: actkernel ncalrpc: umpo ncalrpc: LRPC-c42a0a614ce9388d2b ncalrpc: LRPC-d51ae000eea4a47e2d ncalrpc: LRPC-4699b2549150390ec7 ncalrpc: OLEBF561A66B6E162A2CDF23EDE1037 ncalrpc: LRPC-c52be633b4084eb4fe ncalrpc: actkernel ncalrpc: umpo ncalrpc: LRPC-1f204879d3204c6ee4 ncalrpc: LRPC-d6e1c04c729b34530d 697dcda9-3ba9-4eb2-9247-e11f1901b0d2 version: v1.0 ncalrpc: LRPC-d8fd309b3b68dec7ca ncalrpc: LRPC-68b23a188dd544b6bb ncalrpc: LRPC-c42a0a614ce9388d2b ncalrpc: LRPC-d51ae000eea4a47e2d ncalrpc: LRPC-4699b2549150390ec7 ncalrpc: OLEBF561A66B6E162A2CDF23EDE1037 ncalrpc: LRPC-c52be633b4084eb4fe ncalrpc: actkernel ncalrpc: umpo 9b008953-f195-4bf9-bde0-4471971e58ed version: v1.0 ncalrpc: LRPC-68b23a188dd544b6bb ncalrpc: LRPC-c42a0a614ce9388d2b ncalrpc: LRPC-d51ae000eea4a47e2d ncalrpc: LRPC-4699b2549150390ec7 ncalrpc: OLEBF561A66B6E162A2CDF23EDE1037 ncalrpc: LRPC-c52be633b4084eb4fe ncalrpc: actkernel ncalrpc: umpo dd59071b-3215-4c59-8481-972edadc0f6a version: v1.0 ncalrpc: umpo 0d47017b-b33b-46ad-9e18-fe96456c5078 version: v1.0 ncalrpc: umpo 95406f0b-b239-4318-91bb-cea3a46ff0dc version: v1.0 ncalrpc: umpo 4ed8abcc-f1e2-438b-981f-bb0e8abc010c version: v1.0 ncalrpc: umpo 0ff1f646-13bb-400a-ab50-9a78f2b7a85a version: v1.0 ncalrpc: umpo 6982a06e-5fe2-46b1-b39c-a2c545bfa069 version: v1.0 ncalrpc: umpo 082a3471-31b6-422a-b931-a54401960c62 version: v1.0 ncalrpc: umpo fae436b0-b864-4a87-9eda-298547cd82f2 version: v1.0 ncalrpc: umpo e53d94ca-7464-4839-b044-09a2fb8b3ae5 version: v1.0 ncalrpc: umpo 178d84be-9291-4994-82c6-3f909aca5a03 version: v1.0 ncalrpc: umpo 4dace966-a243-4450-ae3f-9b7bcb5315b8 version: v2.0 ncalrpc: umpo 1832bcf6-cab8-41d4-85d2-c9410764f75a version: v1.0 ncalrpc: umpo c521facf-09a9-42c5-b155-72388595cbf0 version: v0.0 ncalrpc: umpo 2c7fd9ce-e706-4b40-b412-953107ef9bb0 version: v0.0 ncalrpc: umpo 88abcbc3-34ea-76ae-8215-767520655a23 version: v0.0 ncalrpc: LRPC-d51ae000eea4a47e2d ncalrpc: LRPC-4699b2549150390ec7 ncalrpc: OLEBF561A66B6E162A2CDF23EDE1037 ncalrpc: LRPC-c52be633b4084eb4fe ncalrpc: actkernel ncalrpc: umpo 76c217bc-c8b4-4201-a745-373ad9032b1a version: v1.0 ncalrpc: LRPC-d51ae000eea4a47e2d ncalrpc: LRPC-4699b2549150390ec7 ncalrpc: OLEBF561A66B6E162A2CDF23EDE1037 ncalrpc: LRPC-c52be633b4084eb4fe ncalrpc: actkernel ncalrpc: umpo 55e6b932-1979-45d6-90c5-7f6270724112 version: v1.0 ncalrpc: LRPC-d51ae000eea4a47e2d ncalrpc: LRPC-4699b2549150390ec7 ncalrpc: OLEBF561A66B6E162A2CDF23EDE1037 ncalrpc: LRPC-c52be633b4084eb4fe ncalrpc: actkernel ncalrpc: umpo 857fb1be-084f-4fb5-b59c-4b2c4be5f0cf version: v1.0 ncalrpc: LRPC-4699b2549150390ec7 ncalrpc: OLEBF561A66B6E162A2CDF23EDE1037 ncalrpc: LRPC-c52be633b4084eb4fe ncalrpc: actkernel ncalrpc: umpo b8cadbaf-e84b-46b9-84f2-6f71c03f9e55 version: v1.0 ncalrpc: LRPC-4699b2549150390ec7 ncalrpc: OLEBF561A66B6E162A2CDF23EDE1037 ncalrpc: LRPC-c52be633b4084eb4fe ncalrpc: actkernel ncalrpc: umpo 20c40295-8dba-48e6-aebf-3e78ef3bb144 version: v1.0 ncalrpc: LRPC-4699b2549150390ec7 ncalrpc: OLEBF561A66B6E162A2CDF23EDE1037 ncalrpc: LRPC-c52be633b4084eb4fe ncalrpc: actkernel ncalrpc: umpo 2513bcbe-6cd4-4348-855e-7efb3c336dd3 version: v1.0 ncalrpc: LRPC-4699b2549150390ec7 ncalrpc: OLEBF561A66B6E162A2CDF23EDE1037 ncalrpc: LRPC-c52be633b4084eb4fe ncalrpc: actkernel ncalrpc: umpo 0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e version: v1.0 ncalrpc: LRPC-c52be633b4084eb4fe ncalrpc: actkernel ncalrpc: umpo c605f9fb-f0a3-4e2a-a073-73560f8d9e3e version: v1.0 ncalrpc: LRPC-c52be633b4084eb4fe ncalrpc: actkernel ncalrpc: umpo 1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0 version: v1.0 ncalrpc: LRPC-c52be633b4084eb4fe ncalrpc: actkernel ncalrpc: umpo 8bfc3be1-6def-4e2d-af74-7c47cd0ade4a version: v1.0 ncalrpc: LRPC-c52be633b4084eb4fe ncalrpc: actkernel ncalrpc: umpo 2d98a740-581d-41b9-aa0d-a88b9d5ce938 version: v1.0 ncalrpc: LRPC-c52be633b4084eb4fe ncalrpc: actkernel ncalrpc: umpo 0361ae94-0316-4c6c-8ad8-c594375800e2 version: v1.0 ncalrpc: umpo 5824833b-3c1a-4ad2-bdfd-c31d19e23ed2 version: v1.0 ncalrpc: umpo bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760 version: v1.0 ncalrpc: umpo 3b338d89-6cfa-44b8-847e-531531bc9992 version: v1.0 ncalrpc: umpo 8782d3b9-ebbd-4644-a3d8-e8725381919b version: v1.0 ncalrpc: umpo 085b0334-e454-4d91-9b8c-4134f9e793f3 version: v1.0 ncalrpc: umpo 4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9 version: v1.0 ncalrpc: umpo c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 version: v1.0 annotation: Impl friendly name provider: sysntfy.dll ncalrpc: LRPC-4f21e8bc600607bedb ncalrpc: LRPC-e59eb6078376efc6ef ncalrpc: IUserProfile2 ncalrpc: LRPC-6a1d1c5ccebffee3bc ncalrpc: senssvc ncalrpc: LRPC-4015e8f74a74f34a48 f3f09ffd-fbcf-4291-944d-70ad6e0e73bb version: v1.0 ncalrpc: LRPC-97aa969e1d010f352e ncalrpc: LRPC-a5917b79f634ca1850 e40f7b57-7a25-4cd3-a135-7f7d3df9d16b version: v1.0 annotation: Network Connection Broker server endpoint ncalrpc: LRPC-d24fb141d35d69897c ncalrpc: OLEECAD0DC6088A27EF97875B3903CC ncalrpc: LRPC-c08af79e157a8fe88d ncalrpc: LRPC-1f204879d3204c6ee4 880fd55e-43b9-11e0-b1a8-cf4edfd72085 version: v1.0 annotation: KAPI Service endpoint ncalrpc: LRPC-d24fb141d35d69897c ncalrpc: OLEECAD0DC6088A27EF97875B3903CC ncalrpc: LRPC-c08af79e157a8fe88d ncalrpc: LRPC-1f204879d3204c6ee4 5222821f-d5e2-4885-84f1-5f6185a0ec41 version: v1.0 annotation: Network Connection Broker server endpoint for NCB Reset module ncalrpc: LRPC-c08af79e157a8fe88d ncalrpc: LRPC-1f204879d3204c6ee4 df4df73a-c52d-4e3a-8003-8437fdf8302a version: v0.0 annotation: WM_WindowManagerRPC\Server ncalrpc: LRPC-3ea3b61cd6919f7bf7 30adc50c-5cbc-46ce-9a0e-91914789e23c version: v1.0 annotation: NRP server endpoint provider: nrpsrv.dll ncalrpc: LRPC-e20d6dcbd92395e149 a500d4c6-0dd1-4543-bc0c-d5f93486eaf8 version: v1.0 ncalrpc: LRPC-947b6ffe09245d7b44 ncalrpc: LRPC-d6e1c04c729b34530d f6beaff7-1e19-4fbb-9f8f-b89e2018337c version: v1.0 annotation: Event log TCPIP protocol: [MS-EVEN6]: EventLog Remoting Protocol provider: wevtsvc.dll ncacn_ip_tcp: 62.109.2.176:49665 ncacn_np: \\WIN-LIVFRVQFMKO\pipe\eventlog ncalrpc: eventlog 7ea70bcf-48af-4f6a-8968-6a440754d5fa version: v1.0 annotation: NSI server endpoint provider: nsisvc.dll ncalrpc: LRPC-1ed8cca018aecf340d 2eb08e3e-639f-4fba-97b1-14f878961076 version: v1.0 annotation: Group Policy RPC Interface provider: gpsvc.dll ncalrpc: LRPC-2e57006c8b449fe8ba 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6 version: v1.0 annotation: DHCPv6 Client LRPC Endpoint provider: dhcpcsvc6.dll ncalrpc: dhcpcsvc6 ncalrpc: dhcpcsvc 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5 version: v1.0 annotation: DHCP Client LRPC Endpoint provider: dhcpcsvc.dll ncalrpc: dhcpcsvc 3a9ef155-691d-4449-8d05-09ad57031823 version: v1.0 ncacn_ip_tcp: 62.109.2.176:49666 ncalrpc: LRPC-131a03a626529b15c5 ncalrpc: ubpmtaskhostchannel ncacn_np: \\WIN-LIVFRVQFMKO\PIPE\atsvc ncalrpc: LRPC-fecb1b05fb7e46f289 86d35949-83c9-4044-b424-db363231fd0c version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: schedsvc.dll ncacn_ip_tcp: 62.109.2.176:49666 ncalrpc: LRPC-131a03a626529b15c5 ncalrpc: ubpmtaskhostchannel ncacn_np: \\WIN-LIVFRVQFMKO\PIPE\atsvc ncalrpc: LRPC-fecb1b05fb7e46f289 33d84484-3626-47ee-8c6f-e7e98b113be1 version: v2.0 ncalrpc: LRPC-131a03a626529b15c5 ncalrpc: ubpmtaskhostchannel ncacn_np: \\WIN-LIVFRVQFMKO\PIPE\atsvc ncalrpc: LRPC-fecb1b05fb7e46f289 378e52b0-c0a9-11cf-822d-00aa0051e40f version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: taskcomp.dll ncacn_np: \\WIN-LIVFRVQFMKO\PIPE\atsvc ncalrpc: LRPC-fecb1b05fb7e46f289 1ff70682-0a51-30e8-076d-740be8cee98b version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: taskcomp.dll ncacn_np: \\WIN-LIVFRVQFMKO\PIPE\atsvc ncalrpc: LRPC-fecb1b05fb7e46f289 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53 version: v1.0 provider: schedsvc.dll ncalrpc: LRPC-fecb1b05fb7e46f289 30b044a5-a225-43f0-b3a4-e060df91f9c1 version: v1.0 provider: certprop.dll ncalrpc: LRPC-600ab93e2b48c3d4be 7f1343fe-50a9-4927-a778-0c5859517bac version: v1.0 annotation: DfsDs service ncacn_np: \\WIN-LIVFRVQFMKO\PIPE\wkssvc ncalrpc: LRPC-2345ff4dbd8d8330de eb081a0d-10ee-478a-a1dd-50995283e7a8 version: v3.0 annotation: Witness Client Test Interface ncalrpc: LRPC-2345ff4dbd8d8330de f2c9b409-c1c9-4100-8639-d8ab1486694a version: v1.0 annotation: Witness Client Upcall Server ncalrpc: LRPC-2345ff4dbd8d8330de 3473dd4d-2e88-4006-9cba-22570909dd10 version: v5.256 annotation: WinHttp Auto-Proxy Service ncalrpc: aaabb3db-cf34-43df-bd4f-eb532258e408 ncalrpc: LRPC-8cdfe30e40be290703 c2d1b5dd-fa81-4460-9dd6-e7658b85454b version: v1.0 ncalrpc: LRPC-01aebd365f3dac800b ncalrpc: OLEDA9E5F7D1940FBB9D4CE22FF1CB1 f44e62af-dab1-44c2-8013-049a9de417d6 version: v1.0 ncalrpc: LRPC-01aebd365f3dac800b ncalrpc: OLEDA9E5F7D1940FBB9D4CE22FF1CB1 7aeb6705-3ae6-471a-882d-f39c109edc12 version: v1.0 ncalrpc: LRPC-01aebd365f3dac800b ncalrpc: OLEDA9E5F7D1940FBB9D4CE22FF1CB1 e7f76134-9ef5-4949-a2d6-3368cc0988f3 version: v1.0 ncalrpc: LRPC-01aebd365f3dac800b ncalrpc: OLEDA9E5F7D1940FBB9D4CE22FF1CB1 b37f900a-eae4-4304-a2ab-12bb668c0188 version: v1.0 ncalrpc: LRPC-01aebd365f3dac800b ncalrpc: OLEDA9E5F7D1940FBB9D4CE22FF1CB1 abfb6ca3-0c5e-4734-9285-0aee72fe8d1c version: v1.0 ncalrpc: LRPC-01aebd365f3dac800b ncalrpc: OLEDA9E5F7D1940FBB9D4CE22FF1CB1 29770a8f-829b-4158-90a2-78cd488501f7 version: v1.0 ncacn_ip_tcp: 62.109.2.176:49667 ncacn_np: \\WIN-LIVFRVQFMKO\pipe\SessEnvPublicRpc ncalrpc: SessEnvPrivateRpc ncalrpc: LRPC-4015e8f74a74f34a48 0d3c7f20-1c8d-4654-a1b3-51563b298bda version: v1.0 annotation: UserMgrCli ncalrpc: LRPC-dc4d5e5f6c2938c4ad ncalrpc: OLEBA88AF5FC5043D6AD5460B94589E b18fbab6-56f8-4702-84e0-41053293a869 version: v1.0 annotation: UserMgrCli ncalrpc: LRPC-dc4d5e5f6c2938c4ad ncalrpc: OLEBA88AF5FC5043D6AD5460B94589E 2fb92682-6599-42dc-ae13-bd2ca89bd11c version: v1.0 annotation: Fw APIs provider: MPSSVC.dll ncalrpc: LRPC-0e05973ff32bd4e7c8 ncalrpc: LRPC-d027d7b63b001a7517 ncalrpc: LRPC-3e861b2ce1956a7fa9 ncalrpc: LRPC-8cc3685dd5e7577ac5 f47433c3-3e9d-4157-aad4-83aa1f5c2d4c version: v1.0 annotation: Fw APIs ncalrpc: LRPC-d027d7b63b001a7517 ncalrpc: LRPC-3e861b2ce1956a7fa9 ncalrpc: LRPC-8cc3685dd5e7577ac5 7f9d11bf-7fb9-436b-a812-b2d50c5d4c03 version: v1.0 annotation: Fw APIs provider: MPSSVC.dll ncalrpc: LRPC-3e861b2ce1956a7fa9 ncalrpc: LRPC-8cc3685dd5e7577ac5 dd490425-5325-4565-b774-7e27d6c09c24 version: v1.0 annotation: Base Firewall Engine API provider: BFE.DLL ncalrpc: LRPC-8cc3685dd5e7577ac5 76f03f96-cdfd-44fc-a22c-64950a001209 version: v1.0 protocol: [MS-PAR]: Print System Asynchronous Remote Protocol provider: spoolsv.exe ncacn_ip_tcp: 62.109.2.176:49668 ncalrpc: LRPC-1d4f355b764195382e 4a452661-8290-4b36-8fbe-7f4093a94978 version: v1.0 provider: spoolsv.exe ncacn_ip_tcp: 62.109.2.176:49668 ncalrpc: LRPC-1d4f355b764195382e ae33069b-a2a8-46ee-a235-ddfd339be281 version: v1.0 protocol: [MS-PAN]: Print System Asynchronous Notification Protocol provider: spoolsv.exe ncacn_ip_tcp: 62.109.2.176:49668 ncalrpc: LRPC-1d4f355b764195382e 0b6edbfa-4a24-4fc6-8a23-942b1eca65d1 version: v1.0 protocol: [MS-PAN]: Print System Asynchronous Notification Protocol provider: spoolsv.exe ncacn_ip_tcp: 62.109.2.176:49668 ncalrpc: LRPC-1d4f355b764195382e 12345678-1234-abcd-ef00-0123456789ab version: v1.0 protocol: [MS-RPRN]: Print System Remote Protocol provider: spoolsv.exe ncacn_ip_tcp: 62.109.2.176:49668 ncalrpc: LRPC-1d4f355b764195382e 12345778-1234-abcd-ef00-0123456789ac version: v1.0 protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol provider: samsrv.dll ncacn_ip_tcp: 62.109.2.176:49705 ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: LSA_IDPEXT_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\WIN-LIVFRVQFMKO\pipe\lsass 51a227ae-825b-41f2-b4a9-1ac9557a1018 version: v1.0 annotation: Ngc Pop Key Service ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: LSA_IDPEXT_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\WIN-LIVFRVQFMKO\pipe\lsass 8fb74744-b2ff-4c00-be0d-9ef9a191fe1b version: v1.0 annotation: Ngc Pop Key Service ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: LSA_IDPEXT_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\WIN-LIVFRVQFMKO\pipe\lsass b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86 version: v2.0 annotation: KeyIso ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: LSA_IDPEXT_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\WIN-LIVFRVQFMKO\pipe\lsass b58aa02e-2884-4e97-8176-4ee06d794184 version: v1.0 provider: sysmain.dll ncalrpc: LRPC-9022337d0ee7dae068 1a0d010f-1c33-432c-b0f5-8cf4e8053099 version: v1.0 annotation: IdSegSrv service ncalrpc: LRPC-e663a2cd97b3a953f7 98716d03-89ac-44c7-bb8c-285824e51c4a version: v1.0 annotation: XactSrv service provider: srvsvc.dll ncalrpc: LRPC-e663a2cd97b3a953f7 c36be077-e14b-4fe9-8abc-e856ef4f048b version: v1.0 annotation: Proxy Manager client server endpoint ncalrpc: OLEBFA3128EEE1B461CA68AD890E5D2 ncalrpc: TeredoControl ncalrpc: TeredoDiagnostics ncalrpc: LRPC-15c6c18b509b7cf203 2e6035b2-e8f1-41a7-a044-656b439c4c34 version: v1.0 annotation: Proxy Manager provider server endpoint ncalrpc: OLEBFA3128EEE1B461CA68AD890E5D2 ncalrpc: TeredoControl ncalrpc: TeredoDiagnostics ncalrpc: LRPC-15c6c18b509b7cf203 c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1 version: v1.0 annotation: Adh APIs ncalrpc: TeredoControl ncalrpc: TeredoDiagnostics ncalrpc: LRPC-15c6c18b509b7cf203 552d076a-cb29-4e44-8b6a-d15e59e2c0af version: v1.0 annotation: IP Transition Configuration endpoint provider: iphlpsvc.dll ncalrpc: LRPC-15c6c18b509b7cf203 650a7e26-eab8-5533-ce43-9c1dfce11511 version: v1.0 annotation: Vpn APIs ncalrpc: LRPC-f28c5c6bc41b8360ed ncalrpc: VpnikeRpc ncalrpc: RasmanLrpc ncacn_np: \\WIN-LIVFRVQFMKO\PIPE\ROUTER 98cd761e-e77d-41c8-a3c0-0fb756d90ec2 version: v1.0 ncalrpc: LRPC-603d59d308cb98a626 d22895ef-aff4-42c5-a5b2-b14466d34ab4 version: v1.0 ncalrpc: LRPC-603d59d308cb98a626 e38f5360-8572-473e-b696-1b46873beeab version: v1.0 ncalrpc: LRPC-603d59d308cb98a626 95095ec8-32ea-4eb0-a3e2-041f97b36168 version: v1.0 ncalrpc: LRPC-603d59d308cb98a626 fd8be72b-a9cd-4b2c-a9ca-4ded242fbe4d version: v1.0 ncalrpc: LRPC-603d59d308cb98a626 4c9dbf19-d39e-4bb9-90ee-8f7179b20283 version: v1.0 ncalrpc: LRPC-603d59d308cb98a626 367abb81-9844-35f1-ad32-98f038001003 version: v2.0 protocol: [MS-SCMR]: Service Control Manager Remote Protocol provider: services.exe ncacn_ip_tcp: 62.109.2.176:49695 12e65dd8-887f-41ef-91bf-8d816c42c2e7 version: v1.0 annotation: Secure Desktop LRPC interface provider: winlogon.exe ncalrpc: WMsgKRpc045E262 b1ef227e-dfa5-421e-82bb-67a6a129c496 version: v0.0 ncalrpc: LRPC-6d85574f1bdd86a97c ncalrpc: OLE0B1D7F733171D646B6A93F83C2FE 0fc77b1a-95d8-4a2e-a0c0-cff54237462b version: v0.0 ncalrpc: LRPC-6d85574f1bdd86a97c ncalrpc: OLE0B1D7F733171D646B6A93F83C2FE 8ec21e98-b5ce-4916-a3d6-449fa428a007 version: v0.0 ncalrpc: LRPC-6d85574f1bdd86a97c ncalrpc: OLE0B1D7F733171D646B6A93F83C2FE 58e604e8-9adb-4d2e-a464-3b0683fb1480 version: v1.0 annotation: AppInfo provider: appinfo.dll ncalrpc: LRPC-52647daeb447e04a8c fd7a0523-dc70-43dd-9b2e-9c5ed48225b1 version: v1.0 annotation: AppInfo provider: appinfo.dll ncalrpc: LRPC-52647daeb447e04a8c 5f54ce7d-5b79-4175-8584-cb65313a0e98 version: v1.0 annotation: AppInfo provider: appinfo.dll ncalrpc: LRPC-52647daeb447e04a8c 201ef99a-7fa0-444c-9399-19ba84f12a1a version: v1.0 annotation: AppInfo provider: appinfo.dll ncalrpc: LRPC-52647daeb447e04a8c 0497b57d-2e66-424f-a0c6-157cd5d41700 version: v1.0 annotation: AppInfo ncalrpc: LRPC-52647daeb447e04a8c 906b0ce0-c70b-1067-b317-00dd010662da version: v1.0 protocol: [MS-CMPO]: MSDTC Connection Manager: provider: msdtcprx.dll ncalrpc: LRPC-33464b514922d1b03a ncalrpc: LRPC-33464b514922d1b03a ncalrpc: LRPC-33464b514922d1b03a 0767a036-0d22-48aa-ba69-b619480f38cb version: v1.0 annotation: PcaSvc provider: pcasvc.dll ncalrpc: LRPC-adbaffb28ece516053 54b4c689-969a-476f-8dc2-990885e9f562 version: v0.0 ncalrpc: LRPC-d407103fad204813e2 be7f785e-0e3a-4ab7-91de-7e46e443be29 version: v0.0 ncalrpc: LRPC-d407103fad204813e2 a4b8d482-80ce-40d6-934d-b22a01a44fe7 version: v1.0 annotation: LicenseManager ncalrpc: LicenseServiceEndpoint bf4dc912-e52f-4904-8ebe-9317c1bdd497 version: v1.0 ncalrpc: LRPC-c479ad1bde7ee119e0 ncalrpc: OLEA0671467EF932E50DD92CA86B7E4 c503f532-443a-4c69-8300-ccd1fbdb3839 version: v2.0 ncalrpc: LRPC-d35c13b9b9b0d4be8a ncalrpc: OLEA3207B037FBA398DC23E39BFA41F
-16060474 | 2024-04-13T09:50:06.701059443 / tcp
HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/10.0 X-AspNet-Version: 4.0.30319 Set-Cookie: r=2400213; expires=Sun, 13-Apr-2025 09:50:06 GMT; path=/ X-Powered-By: ASP.NET Date: Sat, 13 Apr 2024 09:50:05 GMT Content-Length: 38014
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:03:1d:df:50:e7:b4:b1:a1:9c:15:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
Validity
Not Before: Sep 9 16:11:26 2023 GMT
Not After : Oct 10 16:11:25 2024 GMT
Subject: CN=www.sobot.ru.net
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (4096 bit)
Modulus:
00:c4:ca:dc:3a:6c:0c:d6:b2:7c:4f:71:db:56:7a:
57:23:65:18:12:9f:d1:d8:69:34:75:25:f9:e8:1d:
c5:52:3d:07:3a:ce:8c:fb:12:6e:3b:e5:04:ed:dd:
15:75:82:b5:f5:bb:a9:e6:ec:39:d9:75:13:01:96:
1d:70:ce:76:24:12:d1:74:fe:84:83:28:68:3b:8e:
ee:9b:cf:2a:e3:b3:16:31:99:f3:e2:29:91:54:23:
7a:d6:3d:ab:5b:e3:74:72:c9:7e:ef:1b:70:01:a6:
b7:5a:a2:2d:6a:47:18:fc:ed:19:fc:b4:a3:96:32:
bd:22:25:b6:7c:34:83:81:cf:c1:1d:eb:c8:ec:b2:
8d:fb:2d:8e:21:69:a6:d1:6a:05:11:6c:e3:da:eb:
0c:17:f4:b8:ca:86:94:1a:d4:10:e2:5c:69:dc:c2:
c4:ff:c9:5c:7b:4d:3b:33:8c:30:89:2f:cd:2d:3b:
78:f7:39:b0:eb:b9:63:83:d1:3e:b0:26:93:1f:03:
34:3d:0e:8e:c9:91:63:f0:e2:9c:eb:74:46:9a:f3:
63:d6:34:4f:1f:e8:1b:3f:d8:05:da:50:a5:17:ab:
57:81:60:d8:27:88:7b:cc:a6:d9:41:83:17:59:18:
05:97:8d:a3:46:cd:02:bb:3f:d0:e4:0a:0e:e6:70:
c4:32:b5:cb:a0:3c:c0:29:62:88:b5:de:96:68:df:
62:6d:ca:6e:6c:7a:94:ec:23:90:30:e4:a4:86:9a:
9a:a7:b6:7b:24:73:2c:63:f3:04:57:45:b0:35:23:
f2:3d:aa:45:e6:af:bc:db:14:e1:5d:91:cf:aa:97:
4d:73:cc:ab:3b:69:32:9a:ff:ee:c2:34:e0:c0:3d:
f8:51:26:84:16:98:40:ce:08:4d:b4:28:9c:ed:65:
a1:4c:e1:c7:98:c9:40:47:91:28:fa:c4:91:ea:46:
c1:af:31:69:b1:e3:4e:a3:35:2e:5d:28:27:34:bd:
50:23:97:76:55:1e:6e:1d:2b:0a:82:7f:50:f0:97:
c2:15:ee:5e:38:8a:f7:75:34:4b:05:90:03:fc:44:
18:23:81:eb:49:7c:e0:dc:5a:03:b9:a4:e9:cc:ff:
31:f3:58:75:fd:bf:81:1d:91:74:36:99:56:5c:b0:
91:d7:9b:99:1a:c7:43:b8:97:ed:42:e9:ea:e9:63:
d1:aa:70:ff:35:fc:30:4d:0e:f6:d4:1e:e3:2b:4a:
51:ed:69:c6:7b:97:41:54:a9:88:e0:27:af:a6:a1:
79:fc:dd:47:9e:31:e3:e5:80:ca:80:f6:89:d4:94:
b6:c0:3a:ac:3c:5a:9c:3b:ab:bb:f8:72:c0:ca:c9:
96:14:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Basic Constraints: critical
CA:FALSE
Authority Information Access:
CA Issuers - URI:http://secure.globalsign.com/cacert/alphasslcasha256g4.crt
OCSP - URI:http://ocsp.globalsign.com/alphasslcasha256g4
X509v3 Certificate Policies:
Policy: 2.23.140.1.2.1
Policy: 1.3.6.1.4.1.4146.10.1.3
CPS: https://www.globalsign.com/repository/
X509v3 CRL Distribution Points:
Full Name:
URI:http://crl.globalsign.com/alphasslcasha256g4.crl
X509v3 Subject Alternative Name:
DNS:www.sobot.ru.net, DNS:sobot.ru.net
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Authority Key Identifier:
4F:CB:AC:A8:C2:EF:AB:DD:83:6F:6B:BF:CE:98:3D:5C:58:25:76:15
X509v3 Subject Key Identifier:
B4:09:E4:0A:AB:B4:17:07:87:22:66:4C:88:A8:EE:A3:75:DC:77:9F
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
Timestamp : Sep 9 16:11:29.028 2023 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:EE:BD:BB:9E:37:F4:A2:B7:C9:33:B9:
36:81:D2:87:CA:B1:A6:E6:97:39:F5:73:24:36:E3:DC:
CF:F4:22:19:3B:02:20:62:DA:B5:2B:B3:EC:DD:AD:23:
C9:87:55:93:E0:6C:77:1A:0A:7E:4B:F7:7C:ED:E5:9F:
7F:2B:4E:C5:09:6F:D0
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
Timestamp : Sep 9 16:11:29.457 2023 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:E0:BD:B0:1B:6F:4F:64:AB:A6:03:21:
C3:8C:A6:09:DC:AD:21:03:76:68:5E:A8:02:E4:1B:22:
CD:84:BE:36:36:02:20:16:4D:BC:AF:BE:16:76:41:1D:
76:95:E0:ED:88:2D:19:AA:C7:C6:88:BE:E8:44:6E:2D:
FE:ED:09:55:1E:01:DE
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70:
91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB
Timestamp : Sep 9 16:11:28.707 2023 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:80:1A:DF:F1:7F:02:2B:37:08:CC:4C:
C6:F8:1C:B9:19:F4:98:9D:DB:45:5F:29:94:98:0D:7C:
85:16:C4:92:65:02:20:6A:8A:A5:60:A2:FE:32:AE:BB:
C5:53:C4:B6:84:9D:E8:F2:CF:D8:24:19:44:CE:CF:8A:
63:90:57:99:88:F3:EA
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
52:d6:df:94:12:3c:ad:f4:a1:2c:8e:62:6b:28:e5:df:e4:13:
03:5f:b5:d0:ba:1c:51:99:65:41:5d:68:f9:fc:7a:40:69:a9:
e2:55:1f:ec:5c:e2:d5:49:bf:75:47:1f:a6:d8:f4:08:e2:d2:
e0:54:a7:d0:ac:ee:58:ba:78:1b:5f:0a:9e:ac:bc:12:5d:50:
49:42:f0:a6:74:6a:e4:73:71:29:f7:8a:b7:5f:20:55:8d:61:
25:b6:7a:e4:cf:13:f1:d4:8f:25:4c:68:84:d4:12:83:19:f1:
25:42:04:0f:fa:12:46:df:eb:11:d1:f3:a7:ee:90:29:d4:6a:
6c:d1:80:14:f8:b9:48:55:5d:32:bf:40:25:27:06:fb:ce:f5:
85:46:4e:e3:8f:5f:9b:a4:b4:49:bd:ee:69:f0:39:29:e9:8b:
25:c6:94:17:fe:e4:7e:e7:d3:cf:68:d5:03:2f:fa:4a:2f:a6:
9d:39:83:81:2b:a9:8e:c2:af:b5:0c:91:f6:a3:71:52:4d:1c:
47:66:51:d1:a0:76:80:5d:5f:c4:0b:25:c3:f2:78:2d:b5:33:
7c:fe:b8:25:9a:8b:cb:06:55:1b:59:09:d6:3d:b2:9c:35:a7:
c0:56:a9:b1:4b:64:2c:02:c9:da:e7:40:35:ea:2f:b6:44:d4:
3d:0d:ba:1d
-1166656618 | 2024-04-09T14:38:17.226229445 / tcp
SMB Status: Authentication: enabled SMB Version: 2 Capabilities: raw-mode
336135524 | 2024-04-17T05:38:37.8794321434 / udp
SQL Server Browser Service:
Instance #1:
Server Name: WIN-LIVFRVQFMKO
Instance Name: SQLEXPRESS
Is Clustered: False
Version: 14.0.1000.169
TCP Port: 49874
Version Name: MS-SQL Server 2017 RTM
642323041 | 2024-03-29T05:40:47.8745993389 / tcp
Remote Desktop Protocol \x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x1f\x08\x00\x02\x00\x00\x00 Remote Desktop Protocol NTLM Info: OS: Windows 10 (version 1809)/Windows Server 2019 (version 1809) OS Build: 10.0.17763 Target Name: WIN-LIVFRVQFMKO NetBIOS Domain Name: WIN-LIVFRVQFMKO NetBIOS Computer Name: WIN-LIVFRVQFMKO DNS Domain Name: WIN-LIVFRVQFMKO FQDN: WIN-LIVFRVQFMKO
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:32:29:d5:53:9d:bf:80:4c:d2:f3:33:69:c5:26:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=WIN-LIVFRVQFMKO
Validity
Not Before: Jan 31 10:14:24 2024 GMT
Not After : Aug 1 10:14:24 2024 GMT
Subject: CN=WIN-LIVFRVQFMKO
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:d3:5a:38:46:92:e7:ea:34:ff:fc:68:a1:56:cb:
74:0b:a3:83:69:91:dc:9f:b7:57:f8:5f:e5:39:c8:
47:07:84:d6:f1:d0:3b:ec:4f:07:cb:51:0c:b9:60:
48:8c:44:5e:1e:af:21:90:7f:cb:62:1c:98:d8:97:
b4:1c:ad:fb:1b:58:7d:7c:f4:56:5c:d7:07:c4:c9:
1c:94:54:48:90:80:54:76:85:da:87:f4:ae:30:d9:
2b:36:27:9f:ba:c2:af:2c:87:b5:5b:a8:50:6b:a8:
d4:4c:15:87:c7:05:cf:39:6c:43:e4:0b:80:6b:ce:
8c:3e:b9:00:c1:11:18:dc:1d:9b:a0:af:e2:eb:41:
0e:26:c1:a9:8c:76:5f:d3:5b:df:ea:e4:02:23:bc:
b0:f6:78:e5:10:aa:8f:f7:a9:75:84:16:50:65:67:
2d:bf:46:3a:f1:f7:6b:9e:7e:11:32:1b:2b:5a:e6:
42:b1:73:54:fb:7f:c3:35:76:ce:fe:7f:6e:6b:98:
68:f6:02:38:fd:a2:b6:06:5d:88:a1:7c:4c:e8:97:
5f:82:5a:7c:f4:6f:9a:ea:6d:6a:2f:be:78:1d:ff:
78:02:f6:94:b6:62:5a:c0:38:c7:b0:f8:7e:4f:b8:
cb:8e:d2:c9:36:ae:31:74:bf:5b:52:af:52:e9:f7:
c7:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Extended Key Usage:
TLS Web Server Authentication
X509v3 Key Usage:
Key Encipherment, Data Encipherment
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
5c:5b:2a:95:59:a5:a3:48:93:26:96:99:91:b8:7a:53:4f:e4:
72:fb:e2:cf:53:9a:b5:ef:20:7f:95:e3:f4:59:c6:19:22:87:
ad:6d:46:70:05:ab:0b:77:92:0a:bb:01:7c:88:1a:fb:9b:4b:
29:97:cc:63:dc:33:d6:8b:81:41:63:7d:67:49:01:cc:56:25:
03:36:18:68:9f:2f:5c:af:e1:a3:56:67:71:aa:a4:73:22:71:
c9:4a:24:9b:e7:cf:41:51:66:2a:e3:13:b8:53:d2:77:c1:0b:
72:62:d6:cd:5b:ea:89:ab:d5:14:06:cf:95:ce:a1:fc:b9:0e:
c0:b2:fa:89:27:ba:87:14:d7:c9:b6:a8:23:b5:19:3e:74:e3:
5a:a7:b9:98:43:92:01:38:b7:b3:b7:96:d8:52:38:78:0a:12:
f8:5c:c1:73:80:22:95:d0:11:44:c1:bc:ac:c7:54:a4:6a:2b:
bd:14:79:ea:3d:4c:39:20:18:26:4f:65:99:c3:f4:3c:6f:80:
1d:df:62:56:a9:b2:9f:d7:ae:0a:d3:31:b3:18:b2:2b:9e:b3:
58:80:d6:69:a1:b6:06:d6:53:84:51:ab:0d:f8:70:e3:68:6f:
2f:c7:b9:2b:75:6f:82:13:8a:9e:72:2d:bd:af:b8:8c:aa:73:
fc:2c:f9:dd
-1684583448 | 2024-04-15T23:56:41.0894695357 / tcp
HTTP/1.1 503 Service Unavailable Content-Type: text/html; charset=us-ascii Server: Microsoft-HTTPAPI/2.0 Date: Mon, 15 Apr 2024 23:56:41 GMT Connection: close Content-Length: 326
1489525118 | 2024-04-09T19:03:45.9509565985 / tcp
HTTP/1.1 404 Not Found Content-Type: text/html; charset=us-ascii Server: Microsoft-HTTPAPI/2.0 Date: Tue, 09 Apr 2024 19:03:45 GMT Connection: close Content-Length: 315 WinRM NTLM Info: OS: Windows Server 2019 (version 1809) OS Build: 10.0.17763 Target Name: WIN-LIVFRVQFMKO NetBIOS Domain Name: WIN-LIVFRVQFMKO NetBIOS Computer Name: WIN-LIVFRVQFMKO DNS Domain Name: WIN-LIVFRVQFMKO FQDN: WIN-LIVFRVQFMKO
-1609676984 | 2024-04-17T05:38:41.91816549874 / tcp
MS-SQL NTLM Info: OS: Windows 10 (version 1809)/Windows Server 2019 (version 1809) OS Build: 10.0.17763 Target Name: WIN-LIVFRVQFMKO NetBIOS Domain Name: WIN-LIVFRVQFMKO NetBIOS Computer Name: WIN-LIVFRVQFMKO DNS Domain Name: WIN-LIVFRVQFMKO FQDN: WIN-LIVFRVQFMKO