21 /
tcp
-2115356315 | 2025-01-19T20:13:37.238157
220-FileZilla Server 0.9.56 beta
220-written by Tim Kosse (tim.kosse@filezilla-project.org)
220 Please visit https://filezilla-project.org/
530 Login or password incorrect!
214-The following commands are recognized:
ABOR ADAT ALLO APPE AUTH CDUP CLNT CWD
DELE EPRT EPSV FEAT HASH HELP LIST MDTM
MFMT MKD MLSD MLST MODE NLST NOOP NOP
OPTS P@SW PASS PASV PBSZ PORT PROT PWD
QUIT REST RETR RMD RNFR RNTO SITE SIZE
STOR STRU SYST TYPE USER XCUP XCWD XMKD
XPWD XRMD
214 Have a nice day.
211-Features:
MDTM
REST STREAM
SIZE
MLST type*;size*;modify*;
MLSD
AUTH SSL
AUTH TLS
PROT
PBSZ
UTF8
CLNT
MFMT
EPSV
EPRT
211 End
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 0 (0x0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ftp.b-dry.com, C=US, ST=Pennsylvania, L=Pittston, O=CVI, OU=IT/emailAddress=scerra@computervisionaries.com
Validity
Not Before: Aug 9 14:44:38 2017 GMT
Not After : Aug 9 14:44:38 2018 GMT
Subject: CN=ftp.b-dry.com, C=US, ST=Pennsylvania, L=Pittston, O=CVI, OU=IT/emailAddress=scerra@computervisionaries.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:cd:76:46:69:6f:6f:96:a3:f0:d6:b3:9c:da:d0:
78:85:3a:4f:8a:40:84:1c:bb:30:f6:f1:19:3e:a8:
9c:2a:4b:84:51:a5:d3:e5:77:29:6d:de:b7:66:0b:
46:83:47:b0:3c:70:75:fe:27:77:b1:85:fd:cc:63:
b8:04:95:f8:14:f5:8e:c1:06:04:f3:44:96:da:97:
66:28:20:85:db:f2:e6:76:af:47:cb:9b:28:24:b9:
ac:65:9f:7b:20:50:ef:a4:a1:94:ea:8a:29:7f:09:
5c:b8:7f:7e:6d:65:04:aa:49:e2:fc:d3:18:5e:cb:
0d:38:35:8f:74:5a:2e:37:b7:3d:d1:c3:d8:93:9c:
56:e4:00:2c:37:b7:ab:07:01:c9:30:fa:c6:61:1d:
ef:4b:6c:36:31:58:31:e0:f7:97:be:bc:a4:09:82:
68:cf:86:82:bb:e4:07:2d:00:4a:6c:ea:ae:31:6c:
d8:13:be:f8:d5:a4:ee:69:b1:dd:d9:b6:a1:ba:c3:
9f:59:9b:c1:2a:23:0f:4c:44:fb:24:6d:4f:70:05:
7c:93:77:55:38:b8:4a:ff:65:ed:2e:9f:40:93:6d:
06:57:b4:ab:13:ae:0e:9a:bb:99:6d:eb:18:50:70:
a8:4e:d9:1f:24:ee:30:4c:63:fc:53:f7:db:f5:46:
0f:f7
Exponent: 65537 (0x10001)
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
05:75:76:ad:46:93:b7:e9:e6:56:d0:09:bc:e5:d0:90:20:34:
06:c3:02:be:83:03:e3:1b:49:21:b9:f9:85:8c:9c:71:f5:77:
a5:58:fc:97:94:c9:ea:1e:2a:e6:30:bd:49:4b:36:80:6e:65:
35:58:4c:5f:b1:d9:bf:f4:35:ab:96:cb:e4:ac:ee:da:6b:60:
a0:a2:74:cd:bc:dc:a9:60:c7:68:62:ee:66:7e:2e:5a:a8:25:
b9:d2:f5:fc:01:76:e6:5a:41:4e:6a:80:d0:27:81:71:bd:17:
56:c9:b5:04:28:24:29:e4:92:69:1b:a3:c8:ec:5e:9c:25:56:
78:71:49:8f:54:76:77:d5:18:ab:b2:e7:ef:ba:ea:4e:cc:d8:
44:3a:1a:62:f8:f9:14:b9:95:1d:1a:09:7b:a1:15:36:10:61:
26:bd:e1:72:f5:0f:9f:5a:3f:3c:1b:5c:52:c4:bb:3a:48:b6:
ab:19:c1:ed:92:51:bf:45:64:06:36:a9:f4:c0:12:c3:b2:7d:
54:cd:25:15:24:61:86:53:ab:76:9f:29:a7:5b:50:77:12:f5:
22:b8:a7:d2:12:de:fe:35:cf:4c:83:02:22:0d:1e:85:25:c7:
18:78:2b:9b:b5:8c:5f:ed:fb:3f:47:a4:f9:d3:4b:df:fe:e8:
38:c3:d0:9f
-985096807 | 2025-01-28T13:04:12.357236
HTTP/1.1 403 Forbidden
Content-Type: text/html
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Tue, 28 Jan 2025 13:04:12 GMT
Content-Length: 1233
135 /
tcp
409890613 | 2025-02-04T01:37:09.461748
Microsoft RPC Endpoint Mapper
d95afe70-a6d5-4259-822e-2c84da1ddb0d
version: v1.0
protocol: [MS-RSP]: Remote Shutdown Protocol
provider: wininit.exe
ncacn_ip_tcp: 199.195.250.182:49152
ncalrpc: WindowsShutdown
ncacn_np: \\WINWEB\PIPE\InitShutdown
ncalrpc: WMsgKRpc040FC0
76f226c3-ec14-4325-8a99-6a46348418af
version: v1.0
provider: winlogon.exe
ncalrpc: WindowsShutdown
ncacn_np: \\WINWEB\PIPE\InitShutdown
ncalrpc: WMsgKRpc040FC0
ncalrpc: WMsgKRpc045431
c9ac6db5-82b7-4e55-ae8a-e464ed7b4277
version: v1.0
annotation: Impl friendly name
provider: sysntfy.dll
ncalrpc: LRPC-24a1056292befd9302
ncacn_np: \\WINWEB\PIPE\srvsvc
ncacn_ip_tcp: 199.195.250.182:49154
ncacn_np: \\WINWEB\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE3FB3F5B032D84211A9660F7FDD39
ncalrpc: IUserProfile2
ncalrpc: senssvc
ncalrpc: OLE3FB3F5B032D84211A9660F7FDD39
ncalrpc: IUserProfile2
ncalrpc: IUserProfile2
ncalrpc: IUserProfile2
3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6
version: v1.0
annotation: DHCPv6 Client LRPC Endpoint
provider: dhcpcsvc6.dll
ncalrpc: dhcpcsvc6
ncalrpc: dhcpcsvc
ncacn_ip_tcp: 199.195.250.182:49153
ncacn_np: \\WINWEB\pipe\eventlog
ncalrpc: eventlog
3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5
version: v1.0
annotation: DHCP Client LRPC Endpoint
provider: dhcpcsvc.dll
ncalrpc: dhcpcsvc
ncacn_ip_tcp: 199.195.250.182:49153
ncacn_np: \\WINWEB\pipe\eventlog
ncalrpc: eventlog
30adc50c-5cbc-46ce-9a0e-91914789e23c
version: v1.0
annotation: NRP server endpoint
provider: nrpsrv.dll
ncacn_ip_tcp: 199.195.250.182:49153
ncacn_np: \\WINWEB\pipe\eventlog
ncalrpc: eventlog
f6beaff7-1e19-4fbb-9f8f-b89e2018337c
version: v1.0
annotation: Event log TCPIP
protocol: [MS-EVEN6]: EventLog Remoting Protocol
provider: wevtsvc.dll
ncacn_ip_tcp: 199.195.250.182:49153
ncacn_np: \\WINWEB\pipe\eventlog
ncalrpc: eventlog
30b044a5-a225-43f0-b3a4-e060df91f9c1
version: v1.0
provider: certprop.dll
ncacn_np: \\WINWEB\PIPE\srvsvc
ncacn_ip_tcp: 199.195.250.182:49154
ncacn_np: \\WINWEB\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE3FB3F5B032D84211A9660F7FDD39
ncalrpc: IUserProfile2
98716d03-89ac-44c7-bb8c-285824e51c4a
version: v1.0
annotation: XactSrv service
provider: srvsvc.dll
ncacn_ip_tcp: 199.195.250.182:49154
ncacn_np: \\WINWEB\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE3FB3F5B032D84211A9660F7FDD39
ncalrpc: IUserProfile2
552d076a-cb29-4e44-8b6a-d15e59e2c0af
version: v1.0
annotation: IP Transition Configuration endpoint
provider: iphlpsvc.dll
ncacn_ip_tcp: 199.195.250.182:49154
ncacn_np: \\WINWEB\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE3FB3F5B032D84211A9660F7FDD39
ncalrpc: IUserProfile2
a398e520-d59a-4bdd-aa7a-3c1e0303a511
version: v1.0
annotation: IKE/Authip API
provider: IKEEXT.DLL
ncacn_ip_tcp: 199.195.250.182:49154
ncacn_np: \\WINWEB\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE3FB3F5B032D84211A9660F7FDD39
ncalrpc: IUserProfile2
86d35949-83c9-4044-b424-db363231fd0c
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: schedsvc.dll
ncacn_ip_tcp: 199.195.250.182:49154
ncacn_np: \\WINWEB\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE3FB3F5B032D84211A9660F7FDD39
ncalrpc: IUserProfile2
378e52b0-c0a9-11cf-822d-00aa0051e40f
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: taskcomp.dll
ncacn_np: \\WINWEB\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE3FB3F5B032D84211A9660F7FDD39
ncalrpc: IUserProfile2
1ff70682-0a51-30e8-076d-740be8cee98b
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: taskcomp.dll
ncacn_np: \\WINWEB\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE3FB3F5B032D84211A9660F7FDD39
ncalrpc: IUserProfile2
0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53
version: v1.0
provider: schedsvc.dll
ncalrpc: senssvc
ncalrpc: OLE3FB3F5B032D84211A9660F7FDD39
ncalrpc: IUserProfile2
2eb08e3e-639f-4fba-97b1-14f878961076
version: v1.0
provider: gpsvc.dll
ncalrpc: IUserProfile2
3473dd4d-2e88-4006-9cba-22570909dd10
version: v5.256
annotation: WinHttp Auto-Proxy Service
ncacn_np: \\WINWEB\PIPE\W32TIME_ALT
ncalrpc: W32TIME_ALT
ncalrpc: LRPC-35ae5af6874919142f
ncalrpc: OLE71FCF22260BE4A9E84260CE6EF32
7ea70bcf-48af-4f6a-8968-6a440754d5fa
version: v1.0
annotation: NSI server endpoint
provider: nsisvc.dll
ncalrpc: LRPC-35ae5af6874919142f
ncalrpc: OLE71FCF22260BE4A9E84260CE6EF32
24019106-a203-4642-b88d-82dae9158929
version: v1.0
provider: authui.dll
ncalrpc: LRPC-d1cdee28a65a30ec86
2fb92682-6599-42dc-ae13-bd2ca89bd11c
version: v1.0
annotation: Fw APIs
provider: MPSSVC.dll
ncalrpc: LRPC-1d01bf715cb9e177b4
7f9d11bf-7fb9-436b-a812-b2d50c5d4c03
version: v1.0
annotation: Fw APIs
provider: MPSSVC.dll
ncalrpc: LRPC-1d01bf715cb9e177b4
dd490425-5325-4565-b774-7e27d6c09c24
version: v1.0
annotation: Base Firewall Engine API
provider: BFE.DLL
ncalrpc: LRPC-1d01bf715cb9e177b4
7f1343fe-50a9-4927-a778-0c5859517bac
version: v1.0
annotation: DfsDs service
ncacn_np: \\WINWEB\PIPE\wkssvc
ncalrpc: DNSResolver
4a452661-8290-4b36-8fbe-7f4093a94978
version: v1.0
annotation: Spooler function endpoint
provider: spoolsv.exe
ncalrpc: spoolss
ae33069b-a2a8-46ee-a235-ddfd339be281
version: v1.0
annotation: Spooler base remote object endpoint
protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
provider: spoolsv.exe
ncalrpc: spoolss
0b6edbfa-4a24-4fc6-8a23-942b1eca65d1
version: v1.0
annotation: Spooler function endpoint
protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
provider: spoolsv.exe
ncalrpc: spoolss
367abb81-9844-35f1-ad32-98f038001003
version: v2.0
protocol: [MS-SCMR]: Service Control Manager Remote Protocol
provider: services.exe
ncacn_ip_tcp: 199.195.250.182:49155
12345678-1234-abcd-ef00-0123456789ab
version: v1.0
annotation: IPSec Policy agent endpoint
protocol: [MS-RPRN]: Print System Remote Protocol
provider: spoolsv.exe
ncalrpc: LRPC-430db0e12b00d8cbc1
12345778-1234-abcd-ef00-0123456789ac
version: v1.0
protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
provider: samsrv.dll
ncacn_ip_tcp: 199.195.250.182:49157
ncalrpc: samss lpc
ncalrpc: dsrole
ncacn_np: \\WINWEB\PIPE\protected_storage
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncalrpc: LRPC-e335e13e35b8b13970
ncacn_np: \\WINWEB\pipe\lsass
906b0ce0-c70b-1067-b317-00dd010662da
version: v1.0
protocol: [MS-CMPO]: MSDTC Connection Manager:
provider: msdtcprx.dll
ncalrpc: LRPC-6d3272d3567b0c7a7e
ncalrpc: LRPC-6d3272d3567b0c7a7e
ncalrpc: LRPC-6d3272d3567b0c7a7e
ncalrpc: LRPC-6d3272d3567b0c7a7e
445 /
tcp
1641389631 | 2025-01-29T06:25:33.891692
SMB Status:
Authentication: enabled
SMB Version: 1
OS: Windows Server 2008 R2 Standard 7601 Service Pack 1
Software: Windows Server 2008 R2 Standard 6.1
Capabilities: extended-security, infolevel-passthru, large-files, large-readx, large-writex, level2-oplocks, lock-and-read, lwio, nt-find, nt-smb, nt-status, rpc-remote-api, unicode
3389 /
tcp
235469902 | 2025-02-04T11:13:35.257747
Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\t\x08\x00\x02\x00\x00\x00
Remote Desktop Protocol NTLM Info:
OS: Windows 7/Windows Server 2008 R2
OS Build: 6.1.7601
Target Name: WINWEB
NetBIOS Domain Name: WINWEB
NetBIOS Computer Name: WINWEB
DNS Domain Name: WINWEB
FQDN: WINWEB
Administrator
kK)
(A
4 Windows Server-2008rz
Standard
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:a9:4d:cd:75:8c:db:b6:41:e4:2d:54:c9:3d:20:bc
Signature Algorithm: sha1WithRSAEncryption
Issuer: CN=WINWEB
Validity
Not Before: Dec 9 06:00:17 2024 GMT
Not After : Jun 10 06:00:17 2025 GMT
Subject: CN=WINWEB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b4:cb:80:29:a8:06:c6:3a:ba:e7:37:96:a6:38:
6a:b3:29:73:02:9f:d3:eb:4e:c9:f9:d6:02:4a:03:
e4:23:15:e9:d3:10:1f:15:0f:ae:6f:16:ba:10:6c:
e3:0d:02:a9:b0:de:0f:16:cf:9f:1f:71:40:a3:84:
f8:ff:dc:b1:2c:a6:80:ed:5f:b3:ff:2e:f6:3b:a1:
ae:54:e3:0d:93:a6:ea:c1:58:c8:44:00:d2:1e:2e:
06:3f:c8:82:d3:76:a9:b7:7c:ab:19:35:e0:60:48:
ab:3d:6e:d9:ff:7d:22:e4:31:db:af:72:21:05:13:
38:c4:0b:9a:16:76:16:ec:9a:1f:37:45:79:06:c2:
b4:fa:f7:64:9a:58:e6:91:ee:b1:ee:7a:8a:f8:52:
a6:db:90:78:03:d9:35:cd:50:aa:d9:b7:08:ce:52:
78:2c:08:b6:74:5d:04:5c:92:5d:51:ae:3b:da:35:
6e:67:14:7a:18:b7:8c:94:bd:ec:f7:3c:f7:05:49:
40:1a:84:26:c1:63:98:a1:ce:38:96:d9:1d:26:93:
19:d1:10:8e:f4:c2:40:e3:5b:bc:d0:cb:16:1e:63:
bb:ad:c1:6e:47:91:94:e3:9a:ba:c7:fb:7e:98:2f:
4c:5d:99:1e:1b:7a:a1:67:48:a7:28:72:ea:e5:f5:
12:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Extended Key Usage:
TLS Web Server Authentication
X509v3 Key Usage:
Key Encipherment, Data Encipherment
Signature Algorithm: sha1WithRSAEncryption
Signature Value:
6c:3f:68:a6:92:91:7e:ec:d0:7a:f9:d2:a1:e5:92:0c:80:66:
29:1e:6e:0e:43:a7:92:41:0e:d4:df:f1:b8:ae:63:4d:f7:41:
ec:59:a2:cc:c9:a8:e7:37:50:2b:ff:1d:80:bb:2d:aa:f8:7b:
1f:57:ef:9a:68:94:ed:6a:9b:6b:cf:7c:e5:63:94:da:29:95:
51:5e:df:1f:23:96:24:b1:58:c7:90:14:31:82:86:63:1e:1b:
43:d6:8a:25:ad:16:51:a9:89:9c:b4:a2:64:58:2e:2b:16:f8:
6d:51:52:0e:45:59:c6:1e:97:63:56:3a:22:33:43:7d:b8:8a:
54:49:6a:e3:03:61:aa:d7:e3:2b:92:85:a3:ec:05:3f:d6:b7:
cb:95:17:0d:79:c5:6b:71:29:9e:60:45:64:f2:45:40:9d:d1:
cf:2c:7c:e7:5e:cd:a4:b1:e8:b6:1e:6f:d5:16:52:0c:11:bc:
27:c7:ad:4a:50:bb:ab:f7:39:81:e7:aa:2a:fb:0d:95:f0:ef:
4b:0e:e2:f9:dc:ee:b0:cc:f7:c2:a2:82:d4:d5:ee:66:b6:fb:
98:f3:78:1b:2e:1c:65:62:44:65:fb:c8:26:8d:b6:d7:d8:2f:
3f:f4:01:2d:f8:ca:40:0a:6f:92:cd:18:f1:7d:11:9d:06:d7:
d2:80:48:3c
