GeneralInformation

Hostnames	vmi1496730.contaboserver.net
Domains	contaboserver.net
Country	Germany
City	Frankfurt am Main
Organization	Contabo GmbH
ISP	Contabo GmbH
ASN	AS51167

Vulnerabilities

CVE-2020-0796

10.0A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target server or client.

OpenPorts

80 135 139 445 1947 3389 5357 5985

703707298 | 2024-04-20T18:45:51.689827

80 / tcp

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Tue, 05 Dec 2023 04:32:05 GMT
Accept-Ranges: bytes
ETag: "b058d9ff3327da1:0"
Server: Microsoft-IIS/10.0
Date: Sat, 20 Apr 2024 18:45:51 GMT
Content-Length: 703

437555209 | 2024-04-18T09:45:50.282781

135 / tcp

Microsoft RPC Endpoint Mapper

51a227ae-825b-41f2-b4a9-1ac9557a1018
  version: v1.0
  annotation: Ngc Pop Key Service
  ncacn_ip_tcp: 95.111.253.158:49664
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: LSA_IDPEXT_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\VMI1496730\pipe\lsass

8fb74744-b2ff-4c00-be0d-9ef9a191fe1b
  version: v1.0
  annotation: Ngc Pop Key Service
  ncacn_ip_tcp: 95.111.253.158:49664
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: LSA_IDPEXT_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\VMI1496730\pipe\lsass

b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86
  version: v2.0
  annotation: KeyIso
  ncacn_ip_tcp: 95.111.253.158:49664
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: LSA_IDPEXT_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\VMI1496730\pipe\lsass

12345778-1234-abcd-ef00-0123456789ac
  version: v1.0
  protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
  provider: samsrv.dll
  ncacn_ip_tcp: 95.111.253.158:49664
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: LSA_IDPEXT_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\VMI1496730\pipe\lsass

d95afe70-a6d5-4259-822e-2c84da1ddb0d
  version: v1.0
  protocol: [MS-RSP]: Remote Shutdown Protocol
  provider: wininit.exe
  ncacn_ip_tcp: 95.111.253.158:49665
  ncalrpc: WindowsShutdown
  ncacn_np: \\VMI1496730\PIPE\InitShutdown
  ncalrpc: WMsgKRpc042FC0

76f226c3-ec14-4325-8a99-6a46348418af
  version: v1.0
  provider: winlogon.exe
  ncalrpc: WindowsShutdown
  ncacn_np: \\VMI1496730\PIPE\InitShutdown
  ncalrpc: WMsgKRpc042FC0
  ncalrpc: WMsgKRpc045D21
  ncalrpc: WMsgKRpc0E8B8B7D2
  ncalrpc: WMsgKRpc010ECA2AE3
  ncalrpc: WMsgKRpc04CFE4BEC4
  ncalrpc: WMsgKRpc04D0FA52C5

fc48cd89-98d6-4628-9839-86f7a3e4161a
  version: v1.0
  ncalrpc: dabrpc
  ncalrpc: csebpub
  ncalrpc: LRPC-c7ac8d1a1547744628
  ncalrpc: LRPC-d4bbe9ca93a3e02224
  ncalrpc: LRPC-ebdb1c05796a1a8972
  ncalrpc: LRPC-8cd3bcc314846507f2
  ncalrpc: OLED55DA0A1FAB32EA47691DF17FF64
  ncalrpc: LRPC-515dac1ada27accbac
  ncalrpc: actkernel
  ncalrpc: umpo

d09bdeb5-6171-4a34-bfe2-06fa82652568
  version: v1.0
  ncalrpc: csebpub
  ncalrpc: LRPC-c7ac8d1a1547744628
  ncalrpc: LRPC-d4bbe9ca93a3e02224
  ncalrpc: LRPC-ebdb1c05796a1a8972
  ncalrpc: LRPC-8cd3bcc314846507f2
  ncalrpc: OLED55DA0A1FAB32EA47691DF17FF64
  ncalrpc: LRPC-515dac1ada27accbac
  ncalrpc: actkernel
  ncalrpc: umpo
  ncalrpc: LRPC-d4bbe9ca93a3e02224
  ncalrpc: LRPC-ebdb1c05796a1a8972
  ncalrpc: LRPC-8cd3bcc314846507f2
  ncalrpc: OLED55DA0A1FAB32EA47691DF17FF64
  ncalrpc: LRPC-515dac1ada27accbac
  ncalrpc: actkernel
  ncalrpc: umpo
  ncalrpc: LRPC-ebdb1c05796a1a8972
  ncalrpc: LRPC-8cd3bcc314846507f2
  ncalrpc: OLED55DA0A1FAB32EA47691DF17FF64
  ncalrpc: LRPC-515dac1ada27accbac
  ncalrpc: actkernel
  ncalrpc: umpo
  ncalrpc: LRPC-934ca13068718bf6c2
  ncalrpc: LRPC-36a75c681a8f634726
  ncalrpc: LRPC-dbfb7be714d80d32a7
  ncalrpc: LRPC-0181272faf776a1d75
  ncalrpc: LRPC-5929b2dbb9cec9d8b2
  ncalrpc: OLE36548C0949A3DD199C18A54C4811

697dcda9-3ba9-4eb2-9247-e11f1901b0d2
  version: v1.0
  ncalrpc: LRPC-c7ac8d1a1547744628
  ncalrpc: LRPC-d4bbe9ca93a3e02224
  ncalrpc: LRPC-ebdb1c05796a1a8972
  ncalrpc: LRPC-8cd3bcc314846507f2
  ncalrpc: OLED55DA0A1FAB32EA47691DF17FF64
  ncalrpc: LRPC-515dac1ada27accbac
  ncalrpc: actkernel
  ncalrpc: umpo

9b008953-f195-4bf9-bde0-4471971e58ed
  version: v1.0
  ncalrpc: LRPC-d4bbe9ca93a3e02224
  ncalrpc: LRPC-ebdb1c05796a1a8972
  ncalrpc: LRPC-8cd3bcc314846507f2
  ncalrpc: OLED55DA0A1FAB32EA47691DF17FF64
  ncalrpc: LRPC-515dac1ada27accbac
  ncalrpc: actkernel
  ncalrpc: umpo

0d47017b-b33b-46ad-9e18-fe96456c5078
  version: v1.0
  ncalrpc: umpo

95406f0b-b239-4318-91bb-cea3a46ff0dc
  version: v1.0
  ncalrpc: umpo

4ed8abcc-f1e2-438b-981f-bb0e8abc010c
  version: v1.0
  ncalrpc: umpo

0ff1f646-13bb-400a-ab50-9a78f2b7a85a
  version: v1.0
  ncalrpc: umpo

6982a06e-5fe2-46b1-b39c-a2c545bfa069
  version: v1.0
  ncalrpc: umpo

082a3471-31b6-422a-b931-a54401960c62
  version: v1.0
  ncalrpc: umpo

fae436b0-b864-4a87-9eda-298547cd82f2
  version: v1.0
  ncalrpc: umpo

e53d94ca-7464-4839-b044-09a2fb8b3ae5
  version: v1.0
  ncalrpc: umpo

178d84be-9291-4994-82c6-3f909aca5a03
  version: v1.0
  ncalrpc: umpo

4dace966-a243-4450-ae3f-9b7bcb5315b8
  version: v2.0
  ncalrpc: umpo

1832bcf6-cab8-41d4-85d2-c9410764f75a
  version: v1.0
  ncalrpc: umpo

c521facf-09a9-42c5-b155-72388595cbf0
  version: v0.0
  ncalrpc: umpo

2c7fd9ce-e706-4b40-b412-953107ef9bb0
  version: v0.0
  ncalrpc: umpo

88abcbc3-34ea-76ae-8215-767520655a23
  version: v0.0
  ncalrpc: LRPC-8cd3bcc314846507f2
  ncalrpc: OLED55DA0A1FAB32EA47691DF17FF64
  ncalrpc: LRPC-515dac1ada27accbac
  ncalrpc: actkernel
  ncalrpc: umpo

76c217bc-c8b4-4201-a745-373ad9032b1a
  version: v1.0
  ncalrpc: LRPC-8cd3bcc314846507f2
  ncalrpc: OLED55DA0A1FAB32EA47691DF17FF64
  ncalrpc: LRPC-515dac1ada27accbac
  ncalrpc: actkernel
  ncalrpc: umpo

55e6b932-1979-45d6-90c5-7f6270724112
  version: v1.0
  ncalrpc: LRPC-8cd3bcc314846507f2
  ncalrpc: OLED55DA0A1FAB32EA47691DF17FF64
  ncalrpc: LRPC-515dac1ada27accbac
  ncalrpc: actkernel
  ncalrpc: umpo

857fb1be-084f-4fb5-b59c-4b2c4be5f0cf
  version: v1.0
  ncalrpc: OLED55DA0A1FAB32EA47691DF17FF64
  ncalrpc: LRPC-515dac1ada27accbac
  ncalrpc: actkernel
  ncalrpc: umpo

20c40295-8dba-48e6-aebf-3e78ef3bb144
  version: v2.0
  ncalrpc: OLED55DA0A1FAB32EA47691DF17FF64
  ncalrpc: LRPC-515dac1ada27accbac
  ncalrpc: actkernel
  ncalrpc: umpo

2513bcbe-6cd4-4348-855e-7efb3c336dd3
  version: v2.0
  ncalrpc: OLED55DA0A1FAB32EA47691DF17FF64
  ncalrpc: LRPC-515dac1ada27accbac
  ncalrpc: actkernel
  ncalrpc: umpo

0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e
  version: v1.0
  ncalrpc: LRPC-515dac1ada27accbac
  ncalrpc: actkernel
  ncalrpc: umpo

c605f9fb-f0a3-4e2a-a073-73560f8d9e3e
  version: v1.0
  ncalrpc: LRPC-515dac1ada27accbac
  ncalrpc: actkernel
  ncalrpc: umpo

1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0
  version: v1.0
  ncalrpc: LRPC-515dac1ada27accbac
  ncalrpc: actkernel
  ncalrpc: umpo

8bfc3be1-6def-4e2d-af74-7c47cd0ade4a
  version: v1.0
  ncalrpc: LRPC-515dac1ada27accbac
  ncalrpc: actkernel
  ncalrpc: umpo

2d98a740-581d-41b9-aa0d-a88b9d5ce938
  version: v1.0
  ncalrpc: LRPC-515dac1ada27accbac
  ncalrpc: actkernel
  ncalrpc: umpo

dd59071b-3215-4c59-8481-972edadc0f6a
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

0361ae94-0316-4c6c-8ad8-c594375800e2
  version: v1.0
  ncalrpc: umpo

5824833b-3c1a-4ad2-bdfd-c31d19e23ed2
  version: v1.0
  ncalrpc: umpo

bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760
  version: v1.0
  ncalrpc: umpo

3b338d89-6cfa-44b8-847e-531531bc9992
  version: v1.0
  ncalrpc: umpo

8782d3b9-ebbd-4644-a3d8-e8725381919b
  version: v1.0
  ncalrpc: umpo

085b0334-e454-4d91-9b8c-4134f9e793f3
  version: v1.0
  ncalrpc: umpo

4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9
  version: v1.0
  ncalrpc: umpo

c9ac6db5-82b7-4e55-ae8a-e464ed7b4277
  version: v1.0
  annotation: Impl friendly name
  provider: sysntfy.dll
  ncalrpc: LRPC-c2b442fd1941a7ddde
  ncalrpc: IUserProfile2
  ncalrpc: LRPC-2dade13adf33387593
  ncalrpc: LRPC-971499499931cf111d
  ncalrpc: senssvc
  ncalrpc: LRPC-f3d90a8da73e81bf56

f3f09ffd-fbcf-4291-944d-70ad6e0e73bb
  version: v1.0
  ncalrpc: LRPC-e82ac0f9b63623aff1
  ncalrpc: LRPC-8f1a3c58defd1758aa
  ncalrpc: LRPC-1192061f7b788e65fe

e40f7b57-7a25-4cd3-a135-7f7d3df9d16b
  version: v1.0
  ncalrpc: LRPC-804d35efd06518d928

880fd55e-43b9-11e0-b1a8-cf4edfd72085
  version: v1.0
  annotation: KAPI Service endpoint
  ncalrpc: LRPC-7f72064b513f54b6ab
  ncalrpc: OLE3B4E39AD4088E1B9105137609245
  ncalrpc: LRPC-934ca13068718bf6c2

5222821f-d5e2-4885-84f1-5f6185a0ec41
  version: v1.0
  ncalrpc: LRPC-45552624ab4410bd9e

a500d4c6-0dd1-4543-bc0c-d5f93486eaf8
  version: v1.0
  ncalrpc: LRPC-7f60d3b5c37b810858
  ncalrpc: LRPC-36a75c681a8f634726

7ea70bcf-48af-4f6a-8968-6a440754d5fa
  version: v1.0
  annotation: NSI server endpoint
  provider: nsisvc.dll
  ncalrpc: LRPC-d59b1f3c6f21d8d81a

2eb08e3e-639f-4fba-97b1-14f878961076
  version: v1.0
  annotation: Group Policy RPC Interface
  provider: gpsvc.dll
  ncalrpc: LRPC-aadcf519d9d1ac343c

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5
  version: v1.0
  annotation: DHCP Client LRPC Endpoint
  provider: dhcpcsvc.dll
  ncalrpc: dhcpcsvc
  ncalrpc: dhcpcsvc6

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6
  version: v1.0
  annotation: DHCPv6 Client LRPC Endpoint
  provider: dhcpcsvc6.dll
  ncalrpc: dhcpcsvc6

3a9ef155-691d-4449-8d05-09ad57031823
  version: v1.0
  ncacn_ip_tcp: 95.111.253.158:49667
  ncalrpc: LRPC-1d5761c7a0ad78a31d
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\VMI1496730\PIPE\atsvc
  ncalrpc: LRPC-4be5fefa52f062aacd

86d35949-83c9-4044-b424-db363231fd0c
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: schedsvc.dll
  ncacn_ip_tcp: 95.111.253.158:49667
  ncalrpc: LRPC-1d5761c7a0ad78a31d
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\VMI1496730\PIPE\atsvc
  ncalrpc: LRPC-4be5fefa52f062aacd

33d84484-3626-47ee-8c6f-e7e98b113be1
  version: v2.0
  ncalrpc: LRPC-1d5761c7a0ad78a31d
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\VMI1496730\PIPE\atsvc
  ncalrpc: LRPC-4be5fefa52f062aacd

378e52b0-c0a9-11cf-822d-00aa0051e40f
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\VMI1496730\PIPE\atsvc
  ncalrpc: LRPC-4be5fefa52f062aacd

1ff70682-0a51-30e8-076d-740be8cee98b
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\VMI1496730\PIPE\atsvc
  ncalrpc: LRPC-4be5fefa52f062aacd

0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53
  version: v1.0
  provider: schedsvc.dll
  ncalrpc: LRPC-4be5fefa52f062aacd

509bc7ae-77be-4ee8-b07c-0d096bb44345
  version: v1.0
  ncalrpc: LRPC-38d33248604ee26a18
  ncalrpc: OLE198D19733BC98651C9D639BB4404

30adc50c-5cbc-46ce-9a0e-91914789e23c
  version: v1.0
  annotation: NRP server endpoint
  provider: nrpsrv.dll
  ncalrpc: LRPC-259646016b13f4e499
  ncalrpc: DNSResolver

30b044a5-a225-43f0-b3a4-e060df91f9c1
  version: v1.0
  provider: certprop.dll
  ncalrpc: LRPC-4295b3c7d007b98281

3473dd4d-2e88-4006-9cba-22570909dd10
  version: v5.256
  annotation: WinHttp Auto-Proxy Service
  ncalrpc: 59d98d1d-d6cb-4a87-aae9-a441cf0eaed7
  ncalrpc: LRPC-601bcaa9c7a1f472d3

7f1343fe-50a9-4927-a778-0c5859517bac
  version: v1.0
  annotation: DfsDs service
  ncacn_np: \\VMI1496730\PIPE\wkssvc
  ncalrpc: LRPC-cd4fb94956293f112f

eb081a0d-10ee-478a-a1dd-50995283e7a8
  version: v3.0
  annotation: Witness Client Test Interface
  ncalrpc: LRPC-cd4fb94956293f112f

f2c9b409-c1c9-4100-8639-d8ab1486694a
  version: v1.0
  annotation: Witness Client Upcall Server
  ncalrpc: LRPC-cd4fb94956293f112f

13560fa9-8c09-4b56-a1fd-04d083b9b2a1
  version: v1.0
  ncalrpc: LRPC-9ca273d2e1a0a11b7d

c2d1b5dd-fa81-4460-9dd6-e7658b85454b
  version: v1.0
  ncalrpc: LRPC-9ca273d2e1a0a11b7d

f44e62af-dab1-44c2-8013-049a9de417d6
  version: v1.0
  ncalrpc: LRPC-9ca273d2e1a0a11b7d

b37f900a-eae4-4304-a2ab-12bb668c0188
  version: v1.0
  ncalrpc: LRPC-9ca273d2e1a0a11b7d

abfb6ca3-0c5e-4734-9285-0aee72fe8d1c
  version: v1.0
  ncalrpc: LRPC-9ca273d2e1a0a11b7d

3f787932-3452-4363-8651-6ea97bb373bb
  version: v1.0
  annotation: NSP Rpc Interface
  ncalrpc: LRPC-a0ca346347b2164de1
  ncalrpc: OLE1D2E99D84B99A8020435DCDECD25

29770a8f-829b-4158-90a2-78cd488501f7
  version: v1.0
  ncacn_ip_tcp: 95.111.253.158:49668
  ncacn_np: \\VMI1496730\pipe\SessEnvPublicRpc
  ncalrpc: SessEnvPrivateRpc
  ncalrpc: LRPC-f3d90a8da73e81bf56

2fb92682-6599-42dc-ae13-bd2ca89bd11c
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-a65abec306659f29e4
  ncalrpc: LRPC-663c9ed68a6c0bea77
  ncalrpc: LRPC-88d9deb01cb876900e
  ncalrpc: LRPC-7df9bf6af8a9d42f6f

f47433c3-3e9d-4157-aad4-83aa1f5c2d4c
  version: v1.0
  annotation: Fw APIs
  ncalrpc: LRPC-663c9ed68a6c0bea77
  ncalrpc: LRPC-88d9deb01cb876900e
  ncalrpc: LRPC-7df9bf6af8a9d42f6f

7f9d11bf-7fb9-436b-a812-b2d50c5d4c03
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-88d9deb01cb876900e
  ncalrpc: LRPC-7df9bf6af8a9d42f6f

dd490425-5325-4565-b774-7e27d6c09c24
  version: v1.0
  annotation: Base Firewall Engine API
  provider: BFE.DLL
  ncalrpc: LRPC-7df9bf6af8a9d42f6f

0d3c7f20-1c8d-4654-a1b3-51563b298bda
  version: v1.0
  annotation: UserMgrCli
  ncalrpc: LRPC-a29a72dde97a24840d
  ncalrpc: OLED2A91D2D63731C007030D0CE30A4

b18fbab6-56f8-4702-84e0-41053293a869
  version: v1.0
  annotation: UserMgrCli
  ncalrpc: LRPC-a29a72dde97a24840d
  ncalrpc: OLED2A91D2D63731C007030D0CE30A4

76f03f96-cdfd-44fc-a22c-64950a001209
  version: v1.0
  protocol: [MS-PAR]: Print System Asynchronous Remote Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 95.111.253.158:49669
  ncalrpc: LRPC-4ff1fbd94b8c54a2c1

4a452661-8290-4b36-8fbe-7f4093a94978
  version: v1.0
  provider: spoolsv.exe
  ncacn_ip_tcp: 95.111.253.158:49669
  ncalrpc: LRPC-4ff1fbd94b8c54a2c1

ae33069b-a2a8-46ee-a235-ddfd339be281
  version: v1.0
  protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 95.111.253.158:49669
  ncalrpc: LRPC-4ff1fbd94b8c54a2c1

0b6edbfa-4a24-4fc6-8a23-942b1eca65d1
  version: v1.0
  protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 95.111.253.158:49669
  ncalrpc: LRPC-4ff1fbd94b8c54a2c1

12345678-1234-abcd-ef00-0123456789ab
  version: v1.0
  protocol: [MS-RPRN]: Print System Remote Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 95.111.253.158:49669
  ncalrpc: LRPC-4ff1fbd94b8c54a2c1

c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1
  version: v1.0
  annotation: Adh APIs
  ncalrpc: OLEB4237A6CE4CD082EF3B92314015F
  ncalrpc: TeredoControl
  ncalrpc: TeredoDiagnostics
  ncalrpc: LRPC-1b06025a8e6c6d5dc6

c36be077-e14b-4fe9-8abc-e856ef4f048b
  version: v1.0
  annotation: Proxy Manager client server endpoint
  ncalrpc: TeredoControl
  ncalrpc: TeredoDiagnostics
  ncalrpc: LRPC-1b06025a8e6c6d5dc6

2e6035b2-e8f1-41a7-a044-656b439c4c34
  version: v1.0
  annotation: Proxy Manager provider server endpoint
  ncalrpc: TeredoControl
  ncalrpc: TeredoDiagnostics
  ncalrpc: LRPC-1b06025a8e6c6d5dc6

552d076a-cb29-4e44-8b6a-d15e59e2c0af
  version: v1.0
  annotation: IP Transition Configuration endpoint
  provider: iphlpsvc.dll
  ncalrpc: LRPC-1b06025a8e6c6d5dc6

1a0d010f-1c33-432c-b0f5-8cf4e8053099
  version: v1.0
  annotation: IdSegSrv service
  ncalrpc: LRPC-627c6faf6ddd4f1433

98716d03-89ac-44c7-bb8c-285824e51c4a
  version: v1.0
  annotation: XactSrv service
  provider: srvsvc.dll
  ncalrpc: LRPC-627c6faf6ddd4f1433

b58aa02e-2884-4e97-8176-4ee06d794184
  version: v1.0
  provider: sysmain.dll
  ncalrpc: LRPC-0e9e0a1da45459f7b0

367abb81-9844-35f1-ad32-98f038001003
  version: v2.0
  protocol: [MS-SCMR]: Service Control Manager Remote Protocol
  provider: services.exe
  ncacn_ip_tcp: 95.111.253.158:49670

98cd761e-e77d-41c8-a3c0-0fb756d90ec2
  version: v1.0
  ncalrpc: LRPC-c00a506346aa2decba
  ncalrpc: OLE9D2C59C165682B48EE6A32C6A34D

d22895ef-aff4-42c5-a5b2-b14466d34ab4
  version: v1.0
  ncalrpc: LRPC-c00a506346aa2decba
  ncalrpc: OLE9D2C59C165682B48EE6A32C6A34D

e38f5360-8572-473e-b696-1b46873beeab
  version: v1.0
  ncalrpc: LRPC-c00a506346aa2decba
  ncalrpc: OLE9D2C59C165682B48EE6A32C6A34D

95095ec8-32ea-4eb0-a3e2-041f97b36168
  version: v1.0
  ncalrpc: LRPC-c00a506346aa2decba
  ncalrpc: OLE9D2C59C165682B48EE6A32C6A34D

fd8be72b-a9cd-4b2c-a9ca-4ded242fbe4d
  version: v1.0
  ncalrpc: LRPC-c00a506346aa2decba
  ncalrpc: OLE9D2C59C165682B48EE6A32C6A34D

4c9dbf19-d39e-4bb9-90ee-8f7179b20283
  version: v1.0
  ncalrpc: LRPC-c00a506346aa2decba
  ncalrpc: OLE9D2C59C165682B48EE6A32C6A34D

d4051bde-9cdd-4910-b393-4aa85ec3c482
  version: v1.0
  ncalrpc: LRPC-c00a506346aa2decba
  ncalrpc: OLE9D2C59C165682B48EE6A32C6A34D

7df1ceae-de4e-4e6f-ab14-49636e7c2052
  version: v1.0
  ncalrpc: LRPC-4cf89f854574a4bc1c

0767a036-0d22-48aa-ba69-b619480f38cb
  version: v1.0
  annotation: PcaSvc
  provider: pcasvc.dll
  ncalrpc: LRPC-80b4d948749c9d5808

906b0ce0-c70b-1067-b317-00dd010662da
  version: v1.0
  protocol: [MS-CMPO]: MSDTC Connection Manager:
  provider: msdtcprx.dll
  ncalrpc: LRPC-17ed561bee9923d983
  ncalrpc: LRPC-17ed561bee9923d983
  ncalrpc: LRPC-17ed561bee9923d983

d249bd56-4cc0-4fd3-8ce6-6fe050d590cb
  version: v0.0
  ncalrpc: LRPC-47b940368df8d7672e

d8140e00-5c46-4ae6-80ac-2f9a76df224c
  version: v0.0
  ncalrpc: LRPC-47b940368df8d7672e

bf4dc912-e52f-4904-8ebe-9317c1bdd497
  version: v1.0
  ncalrpc: LRPC-942e068af5ec8bf431
  ncalrpc: OLE889685E5118BFCC6A2D5CC5D7A30

58e604e8-9adb-4d2e-a464-3b0683fb1480
  version: v1.0
  annotation: AppInfo
  provider: appinfo.dll
  ncalrpc: LRPC-7962496be24981ef57

fd7a0523-dc70-43dd-9b2e-9c5ed48225b1
  version: v1.0
  annotation: AppInfo
  provider: appinfo.dll
  ncalrpc: LRPC-7962496be24981ef57

5f54ce7d-5b79-4175-8584-cb65313a0e98
  version: v1.0
  annotation: AppInfo
  provider: appinfo.dll
  ncalrpc: LRPC-7962496be24981ef57

201ef99a-7fa0-444c-9399-19ba84f12a1a
  version: v1.0
  annotation: AppInfo
  provider: appinfo.dll
  ncalrpc: LRPC-7962496be24981ef57

0497b57d-2e66-424f-a0c6-157cd5d41700
  version: v1.0
  annotation: AppInfo
  ncalrpc: LRPC-7962496be24981ef57

12e65dd8-887f-41ef-91bf-8d816c42c2e7
  version: v1.0
  annotation: Secure Desktop LRPC interface
  provider: winlogon.exe
  ncalrpc: WMsgKRpc0E8B8B7D2
  ncalrpc: WMsgKRpc010ECA2AE3
  ncalrpc: WMsgKRpc04CFE4BEC4
  ncalrpc: WMsgKRpc04D0FA52C5

b1ef227e-dfa5-421e-82bb-67a6a129c496
  version: v0.0
  ncalrpc: LRPC-3eec1cb52a9ae3813a
  ncalrpc: OLEA8D6AE88226768749A5570F143AA
  ncalrpc: LRPC-b5c61c0d18810a02bd
  ncalrpc: OLEFCE6B37582010BF5AAFC1866AAA6
  ncalrpc: LRPC-73fe2ada5d7672e40d
  ncalrpc: OLEB23AB9CDEAD58ECF8090293A8F0D
  ncalrpc: LRPC-be0e0daa7caed06c14
  ncalrpc: OLE905A25FA1E2FFD1DAB2A668F31E1

0fc77b1a-95d8-4a2e-a0c0-cff54237462b
  version: v0.0
  ncalrpc: LRPC-3eec1cb52a9ae3813a
  ncalrpc: OLEA8D6AE88226768749A5570F143AA
  ncalrpc: LRPC-b5c61c0d18810a02bd
  ncalrpc: OLEFCE6B37582010BF5AAFC1866AAA6
  ncalrpc: LRPC-73fe2ada5d7672e40d
  ncalrpc: OLEB23AB9CDEAD58ECF8090293A8F0D
  ncalrpc: LRPC-be0e0daa7caed06c14
  ncalrpc: OLE905A25FA1E2FFD1DAB2A668F31E1

8ec21e98-b5ce-4916-a3d6-449fa428a007
  version: v0.0
  ncalrpc: LRPC-3eec1cb52a9ae3813a
  ncalrpc: OLEA8D6AE88226768749A5570F143AA
  ncalrpc: LRPC-b5c61c0d18810a02bd
  ncalrpc: OLEFCE6B37582010BF5AAFC1866AAA6
  ncalrpc: LRPC-73fe2ada5d7672e40d
  ncalrpc: OLEB23AB9CDEAD58ECF8090293A8F0D
  ncalrpc: LRPC-be0e0daa7caed06c14
  ncalrpc: OLE905A25FA1E2FFD1DAB2A668F31E1

a4b8d482-80ce-40d6-934d-b22a01a44fe7
  version: v1.0
  annotation: LicenseManager
  ncalrpc: LicenseServiceEndpoint

8c7daf44-b6dc-11d1-9a4c-0020af6e7c57
  version: v1.0
  annotation: Group Policy RPC Interface
  provider: appmgmts.dll
  ncalrpc: LRPC-e66d6cfa4dd8f8fcc7

43890c94-bfd7-4655-ad6a-b4a68397cdcb
  version: v0.0
  ncalrpc: LRPC-61798be8f8310fe830
  ncalrpc: LRPC-64f8316f55117c71bc

c8ba73d2-3d55-429c-8e9a-c44f006f69fc
  version: v0.0
  ncalrpc: LRPC-61798be8f8310fe830
  ncalrpc: LRPC-64f8316f55117c71bc

e8748f69-a2a4-40df-9366-62dbeb696e26
  version: v0.0
  ncalrpc: LRPC-61798be8f8310fe830
  ncalrpc: LRPC-64f8316f55117c71bc

650a7e26-eab8-5533-ce43-9c1dfce11511
  version: v1.0
  annotation: Vpn APIs
  ncalrpc: LRPC-e13363bf38c10e526a
  ncalrpc: VpnikeRpc
  ncalrpc: RasmanLrpc
  ncacn_np: \\VMI1496730\PIPE\ROUTER

2acb9d68-b434-4b3e-b966-e06b4b3a84cb
  version: v1.0
  provider: bthserv.dll
  ncalrpc: LRPC-973001ac1bd8c81a50
  ncalrpc: LRPC-dbfb7be714d80d32a7
  ncalrpc: LRPC-0181272faf776a1d75
  ncalrpc: LRPC-5929b2dbb9cec9d8b2
  ncalrpc: OLE36548C0949A3DD199C18A54C4811

5dea026d-f999-40b1-a234-2164fd086783
  version: v1.0
  ncalrpc: LRPC-0181272faf776a1d75
  ncalrpc: LRPC-5929b2dbb9cec9d8b2
  ncalrpc: OLE36548C0949A3DD199C18A54C4811

0a533b58-0ed9-4085-b6e8-95795e147972
  version: v1.0
  ncalrpc: LRPC-5929b2dbb9cec9d8b2
  ncalrpc: OLE36548C0949A3DD199C18A54C4811

f6beaff7-1e19-4fbb-9f8f-b89e2018337c
  version: v1.0
  annotation: Event log TCPIP
  protocol: [MS-EVEN6]: EventLog Remoting Protocol
  provider: wevtsvc.dll
  ncacn_ip_tcp: 95.111.253.158:61982
  ncacn_np: \\VMI1496730\pipe\eventlog
  ncalrpc: eventlog

9435cc56-1d9c-4924-ac7d-b60a2c3520e1
  version: v1.0
  annotation: SPPSVC Default RPC Interface
  provider: sppsvc.exe
  ncalrpc: SPPCTransportEndpoint-00001

c503f532-443a-4c69-8300-ccd1fbdb3839
  version: v2.0
  ncalrpc: LRPC-fffd631b43d7509234
  ncalrpc: OLE89322F1453F7F48C7E9086F1D647

-757264002 | 2024-04-21T18:45:32.639757

139 / tcp

\x83\x00\x00\x01\x8f

-1166656618 | 2024-04-21T03:04:51.939948

445 / tcp

SMB Status:
  Authentication: enabled
  SMB Version: 2
  Capabilities: raw-mode

1631664742 | 2024-04-16T16:16:27.713654

1947 / tcp

HTTP/1.1 403 Forbidden
Server: HASP LM/24.00
Date: Tue, 16 Apr 2024 16:16:27 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Content-Length: 137

1937539980 | 2024-03-31T02:12:34.051245

3389 / tcp

Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x1f\x08\x00\x02\x00\x00\x00
Remote Desktop Protocol NTLM Info:
  OS: Windows Server 2022
  OS Build: 10.0.20348
  Target Name: VMI1496730
  NetBIOS Domain Name: VMI1496730
  NetBIOS Computer Name: VMI1496730
  DNS Domain Name: vmi1496730
  FQDN: vmi1496730

- Administrator
7 es ae
Administrator
Aigul
Aina Sagenova
Tal

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:94:cd:d5:71:28:23:b9:43:0e:22:9c:8b:a3:a8:d4
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=vmi1496730
        Validity
            Not Before: Mar 25 10:57:11 2024 GMT
            Not After : Sep 24 10:57:11 2024 GMT
        Subject: CN=vmi1496730
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:ce:5b:a9:24:fc:7a:08:e4:11:69:d5:f2:d2:09:
                    72:4d:d6:82:8d:25:4c:4a:a0:8a:84:2a:30:09:f8:
                    9e:95:40:ae:f2:4b:e6:cb:3b:51:d9:2d:cb:e7:8a:
                    90:d0:60:4a:c2:1c:7e:10:b8:8e:f2:3a:bc:8b:07:
                    97:0d:a0:2b:c6:12:19:20:ee:21:a4:a6:57:14:c6:
                    43:36:dc:38:43:f0:6c:21:57:25:fc:a1:64:47:fe:
                    a4:d0:46:77:02:36:b3:f7:3b:45:a5:b9:27:fc:a9:
                    1c:ed:25:41:32:88:7f:3b:82:6e:9e:2a:63:39:31:
                    86:94:e6:d8:bc:7a:93:62:73:c8:0c:51:d7:27:74:
                    65:83:13:4c:96:80:00:27:7e:82:17:d5:60:55:f9:
                    02:76:a0:81:16:6c:47:9d:ec:f4:69:d0:2f:6c:79:
                    f3:da:78:7d:e1:5a:e5:9f:08:5a:ad:a7:97:cb:dd:
                    bc:88:23:f2:98:ec:16:f0:da:d0:7f:3e:ff:91:0b:
                    be:e2:e0:94:98:32:aa:bd:38:23:fa:02:4e:40:76:
                    21:ac:6e:1d:79:36:93:3a:a7:84:f8:70:3c:58:23:
                    e3:da:b5:7c:92:22:9f:69:e5:c0:47:8d:a2:fa:a2:
                    a5:b4:49:38:58:92:51:ed:cf:a2:84:e2:fd:ce:db:
                    e5:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Key Usage: 
                Key Encipherment, Data Encipherment
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        c1:da:77:c0:b0:9d:76:88:11:e7:ab:f8:8f:07:8f:e4:0f:ed:
        82:3a:f6:c4:76:bc:dd:a3:34:55:f8:de:3a:f9:3f:9a:71:a7:
        a9:ef:a5:81:cc:0f:27:3d:10:2b:1c:a0:df:aa:54:91:5c:3b:
        13:fd:13:2d:85:f1:3a:73:27:7e:61:cb:f1:5a:99:fb:c7:3f:
        4d:c2:7a:e5:00:30:53:c8:4f:f7:1f:56:3b:f8:f2:6e:c5:de:
        64:34:95:ce:b4:b5:a5:20:7a:6a:bf:3b:c7:c6:7d:67:bb:38:
        71:35:45:bd:d2:30:1c:c1:69:dd:aa:38:94:65:ad:90:39:7b:
        8d:6d:f4:5b:20:1e:fb:41:53:79:73:69:96:88:b6:37:ec:86:
        d8:9f:52:14:4f:81:13:7a:d1:fd:6e:0d:5a:f1:82:9d:d7:c7:
        87:8a:64:0f:bc:9a:e2:27:75:6e:54:25:dc:99:34:c2:50:cb:
        6c:42:9c:e0:70:dc:be:87:8b:c1:dd:df:ee:ba:bf:af:71:38:
        2c:40:5c:d3:c2:4d:05:dc:47:f6:67:0b:17:f4:5f:6f:05:8a:
        4d:e6:80:b3:09:3e:df:e5:95:6e:72:dd:f3:54:2c:57:d5:db:
        40:33:9b:ff:4d:bb:f1:26:ec:37:d9:b9:ef:7c:69:75:af:fa:
        59:52:fd:79

-1684583448 | 2024-04-12T20:20:59.148485

5357 / tcp

HTTP/1.1 503 Service Unavailable
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Fri, 12 Apr 2024 20:20:59 GMT
Connection: close
Content-Length: 326

1489525118 | 2024-04-20T23:38:07.912668

5985 / tcp

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Sat, 20 Apr 2024 23:38:07 GMT
Connection: close
Content-Length: 315


WinRM NTLM Info:
  OS: Windows Server 2022
  OS Build: 10.0.20348
  Target Name: VMI1496730
  NetBIOS Domain Name: VMI1496730
  NetBIOS Computer Name: VMI1496730
  DNS Domain Name: vmi1496730
  FQDN: vmi1496730

95.111.253.158

Last Seen: 2024-04-21

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

703707298 | 2024-04-20T18:45:51.689827
80 / tcp

Microsoft IIS httpd10.0

437555209 | 2024-04-18T09:45:50.282781
135 / tcp

Microsoft RPC Endpoint Mapper

-757264002 | 2024-04-21T18:45:32.639757
139 / tcp

-1166656618 | 2024-04-21T03:04:51.939948
445 / tcp

1631664742 | 2024-04-16T16:16:27.713654
1947 / tcp

1937539980 | 2024-03-31T02:12:34.051245
3389 / tcp

Remote Desktop Protocol

-1684583448 | 2024-04-12T20:20:59.148485
5357 / tcp

1489525118 | 2024-04-20T23:38:07.912668
5985 / tcp

WinRM

Products

Pricing

Contact Us

95.111.253.158

Last Seen: 2024-04-21

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

703707298 | 2024-04-20T18:45:51.689827 80 / tcp

Microsoft IIS httpd10.0

437555209 | 2024-04-18T09:45:50.282781 135 / tcp

Microsoft RPC Endpoint Mapper

-757264002 | 2024-04-21T18:45:32.639757 139 / tcp

-1166656618 | 2024-04-21T03:04:51.939948 445 / tcp

1631664742 | 2024-04-16T16:16:27.713654 1947 / tcp

1937539980 | 2024-03-31T02:12:34.051245 3389 / tcp

Remote Desktop Protocol

-1684583448 | 2024-04-12T20:20:59.148485 5357 / tcp

1489525118 | 2024-04-20T23:38:07.912668 5985 / tcp

WinRM

Products

Pricing

Contact Us

703707298 | 2024-04-20T18:45:51.689827
80 / tcp

437555209 | 2024-04-18T09:45:50.282781
135 / tcp

-757264002 | 2024-04-21T18:45:32.639757
139 / tcp

-1166656618 | 2024-04-21T03:04:51.939948
445 / tcp

1631664742 | 2024-04-16T16:16:27.713654
1947 / tcp

1937539980 | 2024-03-31T02:12:34.051245
3389 / tcp

-1684583448 | 2024-04-12T20:20:59.148485
5357 / tcp

1489525118 | 2024-04-20T23:38:07.912668
5985 / tcp