Hostnames |
marshruty.ru mail.marshruty.ru |
Domains | marshruty.ru |
Country | Russian Federation |
City | Moscow |
Organization | Colocation Services |
ISP | Fiord Networks, UAB |
ASN | AS28917 |
Operating System | Windows |
511566707 | 2024-03-29T13:40:41.09956025 / tcp
220 VOLGA ESMTP 250-VOLGA 250-SIZE 20480000 250-AUTH LOGIN 250 HELP
1489525118 | 2024-04-25T18:19:40.89914380 / tcp
HTTP/1.1 404 Not Found Content-Type: text/html; charset=us-ascii Server: Microsoft-HTTPAPI/2.0 Date: Thu, 25 Apr 2024 18:19:48 GMT Connection: close Content-Length: 315
-1911588818 | 2024-04-13T00:11:00.495582135 / tcp
Microsoft RPC Endpoint Mapper d95afe70-a6d5-4259-822e-2c84da1ddb0d version: v1.0 protocol: [MS-RSP]: Remote Shutdown Protocol provider: wininit.exe ncacn_ip_tcp: 93.191.13.122:49152 ncalrpc: WindowsShutdown ncacn_np: \\VOLGA\PIPE\InitShutdown ncalrpc: WMsgKRpc090F20 76f226c3-ec14-4325-8a99-6a46348418af version: v1.0 provider: winlogon.exe ncalrpc: WindowsShutdown ncacn_np: \\VOLGA\PIPE\InitShutdown ncalrpc: WMsgKRpc090F20 ncalrpc: WMsgKRpc0929D1 ncalrpc: WMsgKRpc06C0EC08E2 c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 version: v1.0 annotation: Impl friendly name provider: sysntfy.dll ncalrpc: LRPC-60885e2e30677e16ac ncacn_np: \\VOLGA\PIPE\srvsvc ncacn_ip_tcp: 93.191.13.122:49154 ncacn_np: \\VOLGA\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE2BBA901EF9C148FF9D05884219D1 ncalrpc: IUserProfile2 ncalrpc: senssvc ncalrpc: OLE2BBA901EF9C148FF9D05884219D1 ncalrpc: IUserProfile2 ncalrpc: OLE2BBA901EF9C148FF9D05884219D1 ncalrpc: IUserProfile2 ncalrpc: IUserProfile2 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6 version: v1.0 annotation: DHCPv6 Client LRPC Endpoint provider: dhcpcsvc6.dll ncalrpc: dhcpcsvc6 ncalrpc: dhcpcsvc ncacn_ip_tcp: 93.191.13.122:49153 ncacn_np: \\VOLGA\pipe\eventlog ncalrpc: eventlog 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5 version: v1.0 annotation: DHCP Client LRPC Endpoint provider: dhcpcsvc.dll ncalrpc: dhcpcsvc ncacn_ip_tcp: 93.191.13.122:49153 ncacn_np: \\VOLGA\pipe\eventlog ncalrpc: eventlog 30adc50c-5cbc-46ce-9a0e-91914789e23c version: v1.0 annotation: NRP server endpoint provider: nrpsrv.dll ncacn_ip_tcp: 93.191.13.122:49153 ncacn_np: \\VOLGA\pipe\eventlog ncalrpc: eventlog f6beaff7-1e19-4fbb-9f8f-b89e2018337c version: v1.0 annotation: Event log TCPIP protocol: [MS-EVEN6]: EventLog Remoting Protocol provider: wevtsvc.dll ncacn_ip_tcp: 93.191.13.122:49153 ncacn_np: \\VOLGA\pipe\eventlog ncalrpc: eventlog 30b044a5-a225-43f0-b3a4-e060df91f9c1 version: v1.0 provider: certprop.dll ncacn_np: \\VOLGA\PIPE\srvsvc ncacn_ip_tcp: 93.191.13.122:49154 ncacn_np: \\VOLGA\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE2BBA901EF9C148FF9D05884219D1 ncalrpc: IUserProfile2 98716d03-89ac-44c7-bb8c-285824e51c4a version: v1.0 annotation: XactSrv service provider: srvsvc.dll ncacn_ip_tcp: 93.191.13.122:49154 ncacn_np: \\VOLGA\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE2BBA901EF9C148FF9D05884219D1 ncalrpc: IUserProfile2 552d076a-cb29-4e44-8b6a-d15e59e2c0af version: v1.0 annotation: IP Transition Configuration endpoint provider: iphlpsvc.dll ncacn_ip_tcp: 93.191.13.122:49154 ncacn_np: \\VOLGA\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE2BBA901EF9C148FF9D05884219D1 ncalrpc: IUserProfile2 a398e520-d59a-4bdd-aa7a-3c1e0303a511 version: v1.0 annotation: IKE/Authip API provider: IKEEXT.DLL ncacn_ip_tcp: 93.191.13.122:49154 ncacn_np: \\VOLGA\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE2BBA901EF9C148FF9D05884219D1 ncalrpc: IUserProfile2 86d35949-83c9-4044-b424-db363231fd0c version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: schedsvc.dll ncacn_ip_tcp: 93.191.13.122:49154 ncacn_np: \\VOLGA\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE2BBA901EF9C148FF9D05884219D1 ncalrpc: IUserProfile2 378e52b0-c0a9-11cf-822d-00aa0051e40f version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: taskcomp.dll ncacn_np: \\VOLGA\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE2BBA901EF9C148FF9D05884219D1 ncalrpc: IUserProfile2 1ff70682-0a51-30e8-076d-740be8cee98b version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: taskcomp.dll ncacn_np: \\VOLGA\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE2BBA901EF9C148FF9D05884219D1 ncalrpc: IUserProfile2 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53 version: v1.0 provider: schedsvc.dll ncalrpc: senssvc ncalrpc: OLE2BBA901EF9C148FF9D05884219D1 ncalrpc: IUserProfile2 2eb08e3e-639f-4fba-97b1-14f878961076 version: v1.0 provider: gpsvc.dll ncalrpc: OLE2BBA901EF9C148FF9D05884219D1 ncalrpc: IUserProfile2 3473dd4d-2e88-4006-9cba-22570909dd10 version: v5.256 annotation: WinHttp Auto-Proxy Service ncacn_np: \\VOLGA\PIPE\W32TIME_ALT ncalrpc: W32TIME_ALT ncalrpc: LRPC-9006b936b15e02f966 ncalrpc: OLE6CB736F7394B459E99CF66269080 7ea70bcf-48af-4f6a-8968-6a440754d5fa version: v1.0 annotation: NSI server endpoint provider: nsisvc.dll ncalrpc: LRPC-9006b936b15e02f966 ncalrpc: OLE6CB736F7394B459E99CF66269080 12345778-1234-abcd-ef00-0123456789ac version: v1.0 protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol provider: samsrv.dll ncacn_ip_tcp: 93.191.13.122:49155 ncalrpc: samss lpc ncalrpc: dsrole ncacn_np: \\VOLGA\PIPE\protected_storage ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncalrpc: LRPC-8ec3dba4bba743da05 ncacn_np: \\VOLGA\pipe\lsass 24019106-a203-4642-b88d-82dae9158929 version: v1.0 provider: authui.dll ncalrpc: LRPC-beed206dc60ab46575 2fb92682-6599-42dc-ae13-bd2ca89bd11c version: v1.0 annotation: Fw APIs provider: MPSSVC.dll ncalrpc: LRPC-67d8e8afd18c4e2fd1 7f9d11bf-7fb9-436b-a812-b2d50c5d4c03 version: v1.0 annotation: Fw APIs provider: MPSSVC.dll ncalrpc: LRPC-67d8e8afd18c4e2fd1 dd490425-5325-4565-b774-7e27d6c09c24 version: v1.0 annotation: Base Firewall Engine API provider: BFE.DLL ncalrpc: LRPC-67d8e8afd18c4e2fd1 7f1343fe-50a9-4927-a778-0c5859517bac version: v1.0 annotation: DfsDs service ncacn_np: \\VOLGA\PIPE\wkssvc ncalrpc: DNSResolver 4a452661-8290-4b36-8fbe-7f4093a94978 version: v1.0 annotation: Spooler function endpoint provider: spoolsv.exe ncalrpc: spoolss ae33069b-a2a8-46ee-a235-ddfd339be281 version: v1.0 annotation: Spooler base remote object endpoint protocol: [MS-PAN]: Print System Asynchronous Notification Protocol provider: spoolsv.exe ncalrpc: spoolss 0b6edbfa-4a24-4fc6-8a23-942b1eca65d1 version: v1.0 annotation: Spooler function endpoint protocol: [MS-PAN]: Print System Asynchronous Notification Protocol provider: spoolsv.exe ncalrpc: spoolss 367abb81-9844-35f1-ad32-98f038001003 version: v2.0 protocol: [MS-SCMR]: Service Control Manager Remote Protocol provider: services.exe ncacn_ip_tcp: 93.191.13.122:49161 12345678-1234-abcd-ef00-0123456789ab version: v1.0 annotation: IPSec Policy agent endpoint protocol: [MS-RPRN]: Print System Remote Protocol provider: spoolsv.exe ncalrpc: LRPC-42fdd977995657b382 906b0ce0-c70b-1067-b317-00dd010662da version: v1.0 protocol: [MS-CMPO]: MSDTC Connection Manager: provider: msdtcprx.dll ncalrpc: LRPC-67c2c09d8f75386409 ncalrpc: OLEB337247B27484B739EE226A06CAF ncalrpc: LRPC-797bd6e492cfd6f2be ncalrpc: LRPC-797bd6e492cfd6f2be ncalrpc: LRPC-797bd6e492cfd6f2be ncalrpc: LRPC-797bd6e492cfd6f2be 12e65dd8-887f-41ef-91bf-8d816c42c2e7 version: v1.0 annotation: Secure Desktop LRPC interface provider: winlogon.exe ncalrpc: WMsgKRpc06C0EC08E2
-1553554691 | 2024-04-21T23:03:00.919792137 / udp
NetBIOS Response: Server Name: VOLGA MAC Address: 00:30:48:B8:D4:EC Names: VOLGA <0x0> MARSHRUTY <0x0> VOLGA <0x20> Additional Interfaces: 93.191.32.122
00:30:48:B8:D4:EC OUI: 00:30:48 Organization: Super Micro Computer, Inc. Assignment: MA-L Registration Date: 2000-09-08
1489525118 | 2024-04-20T05:10:37.307721443 / tcp
HTTP/1.1 404 Not Found Content-Type: text/html; charset=us-ascii Server: Microsoft-HTTPAPI/2.0 Date: Sat, 20 Apr 2024 05:10:47 GMT Connection: close Content-Length: 315
Certificate: Data: Version: 3 (0x2) Serial Number: 1d:7e:ba:30:f9:5b:7c:8e:28:5e:66:92 Signature Algorithm: sha256WithRSAEncryption Issuer: C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G2 Validity Not Before: Aug 20 16:37:02 2022 GMT Not After : Sep 16 08:21:55 2023 GMT Subject: CN=*.marshruty.ru Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (4096 bit) Modulus: 00:b5:98:57:ef:f4:d5:b3:b0:c4:90:11:df:d6:3f: 6d:e2:78:79:ed:1c:41:4d:48:19:13:84:42:cb:d0: 16:9b:b6:13:58:c0:a1:ce:9e:c5:f0:41:3e:36:8d: 39:ef:dd:c1:59:ea:12:fb:b2:75:80:8b:4b:b2:49: 51:63:9a:07:cf:37:fe:89:85:63:27:b9:96:47:51: 6a:7a:fc:33:8c:39:68:4f:9d:8c:33:1a:08:32:89: d7:e1:70:b2:d8:93:96:2e:ce:4a:1b:4e:a7:ab:99: 29:03:9a:4d:6c:4d:97:b8:3b:2c:45:cd:fc:b6:7b: bc:90:2d:83:79:36:b6:3f:ff:e1:51:0b:b4:cf:35: af:de:67:4c:11:93:e7:84:04:08:b3:9d:2f:e6:dd: e6:04:3e:cb:d2:07:5f:d5:4d:f2:18:8f:50:77:5e: 5c:db:a3:f9:9f:e0:0e:ce:6e:27:c1:71:c6:cb:af: 6c:da:51:c9:52:77:94:33:fc:03:af:a2:5f:56:04: da:ba:09:f0:2c:ea:9c:5c:3f:ef:53:e2:4a:14:bc: c8:6a:14:0b:de:36:b9:6a:37:17:3b:e5:65:14:87: f0:80:0c:2a:4b:90:2c:a9:66:d7:2d:29:b1:6d:05: ea:92:06:2b:fd:2f:d1:a5:b3:3f:1c:22:e4:60:c7: f1:e8:90:5d:b6:80:28:84:11:c1:f4:e8:d9:6f:dd: 04:ef:1d:cd:23:c5:e3:ef:d1:5d:be:9c:15:34:c3: 78:db:ab:5b:a5:2d:15:36:c7:7e:3f:ff:97:ee:c2: b3:8d:4e:e2:6f:5d:62:31:3d:a9:4e:e8:76:45:a1: 8e:a2:17:21:47:07:51:31:1f:30:5d:f9:b6:48:ce: 8b:c5:05:7a:a1:9f:92:c7:e7:6a:97:66:39:8c:69: 6d:81:dc:62:da:2e:62:7f:c8:c4:5b:d8:ac:a0:a8: a9:22:ac:a7:60:07:80:8c:24:fa:7f:a8:8b:18:8e: 6c:8e:db:b7:5b:8c:1e:64:5f:3e:d2:0b:df:fc:09: ce:b8:cd:7b:4d:25:3c:ae:6d:4e:bb:12:a5:3e:8b: 7c:8f:42:fe:54:15:a6:d5:cf:ba:8b:0f:0f:4a:55: 5a:53:3e:a4:74:6e:c8:82:67:d4:d0:4a:45:2e:fc: ac:a6:9e:70:1d:54:97:63:ec:05:90:f4:fe:6c:d6: ca:ca:f9:39:b5:80:24:c9:04:28:46:98:62:04:9d: ca:a9:4e:18:42:2d:62:62:63:74:5c:ec:01:9b:99: 7a:ae:91:ea:b4:f8:a8:aa:26:b5:43:8c:e7:bc:4c: 06:1e:69:41:ea:76:b4:b6:ce:11:11:10:3f:ed:cd: 52:dc:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment Authority Information Access: CA Issuers - URI:http://secure.globalsign.com/cacert/gsalphasha2g2r1.crt OCSP - URI:http://ocsp2.globalsign.com/gsalphasha2g2 X509v3 Certificate Policies: Policy: 1.3.6.1.4.1.4146.1.10.10 CPS: https://www.globalsign.com/repository/ Policy: 2.23.140.1.2.1 X509v3 Basic Constraints: CA:FALSE X509v3 CRL Distribution Points: Full Name: URI:http://crl.globalsign.com/gs/gsalphasha2g2.crl X509v3 Subject Alternative Name: DNS:*.marshruty.ru, DNS:marshruty.ru X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Authority Key Identifier: F5:CD:D5:3C:08:50:F9:6A:4F:3A:B7:97:DA:56:83:E6:69:D2:68:F7 X509v3 Subject Key Identifier: 07:AC:3B:94:C2:D4:3B:A1:88:B4:E6:9F:DD:6B:77:BE:C4:CF:FD:91 CT Precertificate SCTs: Signed Certificate Timestamp: Version : v1 (0x0) Log ID : E8:3E:D0:DA:3E:F5:06:35:32:E7:57:28:BC:89:6B:C9: 03:D3:CB:D1:11:6B:EC:EB:69:E1:77:7D:6D:06:BD:6E Timestamp : Aug 20 16:37:05.123 2022 GMT Extensions: none Signature : ecdsa-with-SHA256 30:44:02:20:7B:5B:BD:52:0B:E4:A4:89:73:8D:A9:9B: FA:8F:B8:02:D3:B9:AA:8D:53:04:8E:35:FC:85:8C:79: 43:7E:91:D1:02:20:49:C5:3D:D8:E2:41:B6:53:5F:FD: 68:8B:D1:6E:E1:7D:B3:F9:0D:35:8B:F5:F2:66:1D:12: E8:2D:6A:47:19:8C Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 6F:53:76:AC:31:F0:31:19:D8:99:00:A4:51:15:FF:77: 15:1C:11:D9:02:C1:00:29:06:8D:B2:08:9A:37:D9:13 Timestamp : Aug 20 16:37:04.084 2022 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:21:00:A9:05:D9:82:94:76:78:AF:C1:E3:8D: C5:17:9F:42:E8:92:A4:E3:0F:53:F0:09:74:DF:28:BD: A2:E0:17:86:66:02:20:0E:3C:A0:DE:2D:C2:D8:62:8F: 99:BF:FE:B6:BA:DD:39:1C:A8:52:20:77:5A:EF:0C:73: 37:51:13:02:7F:8B:56 Signed Certificate Timestamp: Version : v1 (0x0) Log ID : B3:73:77:07:E1:84:50:F8:63:86:D6:05:A9:DC:11:09: 4A:79:2D:B1:67:0C:0B:87:DC:F0:03:0E:79:36:A5:9A Timestamp : Aug 20 16:37:04.128 2022 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:21:00:D6:D2:2A:BE:6F:A9:DF:37:4E:83:D8: 57:39:8B:4D:79:43:67:2F:6B:AA:51:23:46:24:45:B9: 2F:F4:2F:2E:87:02:20:09:9D:B5:40:CE:56:0E:3F:A8: 96:7B:EF:AF:58:8F:BA:83:E8:09:C5:9B:16:AE:F3:C3: 7E:E3:E3:87:CC:5E:2A Signature Algorithm: sha256WithRSAEncryption Signature Value: 33:ef:b9:28:bb:53:b3:c5:d7:9e:c3:ea:ca:d9:af:91:e9:d2: a3:c3:82:29:0b:75:35:7e:4a:07:92:e5:fe:87:06:6a:0e:71: d0:4b:c0:4d:e3:4c:ab:30:2d:18:bd:00:cf:f0:15:d4:99:c2: ae:00:6c:f0:b9:ed:b7:2f:6b:8b:7c:ca:34:19:8c:fc:87:c8: 2d:0e:8f:25:f9:3c:25:0d:e9:02:21:1f:fb:ef:b9:b5:fd:0c: 6b:ca:d9:ed:75:f7:48:ab:0d:64:00:e9:bb:57:58:36:7c:20: c3:14:14:0f:65:ed:4c:43:7e:46:ed:36:1d:dc:dc:dd:cd:4b: bb:a2:59:f1:22:49:d8:df:83:e2:30:02:a5:a5:be:45:ec:76: f0:af:d6:5c:ff:6c:e8:6c:c1:df:cd:9b:65:ff:1c:e9:43:6b: 05:e4:2a:19:24:21:69:11:91:66:53:11:c9:d3:72:4a:28:8a: 78:8a:ec:e7:a0:c3:de:fe:63:4f:3c:71:a4:c7:15:4e:ec:21: f6:8c:ec:d1:00:c8:41:8d:fd:5c:d7:1e:eb:f1:57:2e:9d:5d: 6e:5a:9f:3a:23:cc:49:7b:5a:15:05:db:22:c7:c1:84:a2:c0: c4:a7:5f:10:e7:55:74:cd:58:20:a0:68:98:2e:01:6d:b5:33: e0:bf:8e:6b
1641389631 | 2024-04-25T02:34:58.572303445 / tcp
SMB Status: Authentication: enabled SMB Version: 1 OS: Windows Server 2008 R2 Standard 7601 Service Pack 1 Software: Windows Server 2008 R2 Standard 6.1 Capabilities: extended-security, infolevel-passthru, large-files, large-readx, large-writex, level2-oplocks, lock-and-read, lwio, nt-find, nt-smb, nt-status, rpc-remote-api, unicode
511566707 | 2024-04-18T03:12:56.850173587 / tcp
220 VOLGA ESMTP 250-VOLGA 250-SIZE 20480000 250-AUTH LOGIN 250 HELP