1908505520 | 2024-12-08T10:53:21.028974
21 /
tcp
220-FileZilla Server 0.9.57 beta
220-written by Tim Kosse (tim.kosse@filezilla-project.org)
220 Please visit https://filezilla-project.org/
530 Login or password incorrect!
214-The following commands are recognized:
ABOR ADAT ALLO APPE AUTH CDUP CLNT CWD
DELE EPRT EPSV FEAT HASH HELP LIST MDTM
MFMT MKD MLSD MLST MODE NLST NOOP NOP
OPTS P@SW PASS PASV PBSZ PORT PROT PWD
QUIT REST RETR RMD RNFR RNTO SITE SIZE
STOR STRU SYST TYPE USER XCUP XCWD XMKD
XPWD XRMD
214 Have a nice day.
211-Features:
MDTM
REST STREAM
SIZE
MLST type*;size*;modify*;
MLSD
UTF8
CLNT
MFMT
EPSV
EPRT
211 End
1489525118 | 2024-12-04T23:45:09.929347
80 /
tcp
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Wed, 04 Dec 2024 23:45:07 GMT
Connection: close
Content-Length: 315
2035780763 | 2024-12-08T12:49:42.181647
135 /
tcp
Microsoft RPC Endpoint Mapper
d95afe70-a6d5-4259-822e-2c84da1ddb0d
version: v1.0
protocol: [MS-RSP]: Remote Shutdown Protocol
provider: wininit.exe
ncacn_ip_tcp: 63.141.227.68:49152
ncalrpc: WindowsShutdown
ncacn_np: \\WIN-C70GDMCD5FO\PIPE\InitShutdown
ncalrpc: WMsgKRpc06DD00
76f226c3-ec14-4325-8a99-6a46348418af
version: v1.0
provider: winlogon.exe
ncalrpc: WindowsShutdown
ncacn_np: \\WIN-C70GDMCD5FO\PIPE\InitShutdown
ncalrpc: WMsgKRpc06DD00
ncalrpc: WMsgKRpc06DCF1
ncalrpc: WMsgKRpc01067C74
c9ac6db5-82b7-4e55-ae8a-e464ed7b4277
version: v1.0
annotation: Impl friendly name
provider: sysntfy.dll
ncalrpc: LRPC-e7b69fb074c006d5ae
ncacn_np: \\WIN-C70GDMCD5FO\PIPE\srvsvc
ncacn_ip_tcp: 63.141.227.68:49154
ncacn_np: \\WIN-C70GDMCD5FO\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE0594369C7B0F4062A4712B232E6F
ncalrpc: IUserProfile2
ncalrpc: senssvc
ncalrpc: OLE0594369C7B0F4062A4712B232E6F
ncalrpc: IUserProfile2
ncalrpc: IUserProfile2
ncalrpc: IUserProfile2
3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5
version: v1.0
annotation: DHCP Client LRPC Endpoint
provider: dhcpcsvc.dll
ncalrpc: dhcpcsvc
ncalrpc: dhcpcsvc6
ncacn_ip_tcp: 63.141.227.68:49153
ncacn_np: \\WIN-C70GDMCD5FO\pipe\eventlog
ncalrpc: eventlog
3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6
version: v1.0
annotation: DHCPv6 Client LRPC Endpoint
provider: dhcpcsvc6.dll
ncalrpc: dhcpcsvc6
ncacn_ip_tcp: 63.141.227.68:49153
ncacn_np: \\WIN-C70GDMCD5FO\pipe\eventlog
ncalrpc: eventlog
30adc50c-5cbc-46ce-9a0e-91914789e23c
version: v1.0
annotation: NRP server endpoint
provider: nrpsrv.dll
ncacn_ip_tcp: 63.141.227.68:49153
ncacn_np: \\WIN-C70GDMCD5FO\pipe\eventlog
ncalrpc: eventlog
f6beaff7-1e19-4fbb-9f8f-b89e2018337c
version: v1.0
annotation: Event log TCPIP
protocol: [MS-EVEN6]: EventLog Remoting Protocol
provider: wevtsvc.dll
ncacn_ip_tcp: 63.141.227.68:49153
ncacn_np: \\WIN-C70GDMCD5FO\pipe\eventlog
ncalrpc: eventlog
30b044a5-a225-43f0-b3a4-e060df91f9c1
version: v1.0
provider: certprop.dll
ncacn_np: \\WIN-C70GDMCD5FO\PIPE\srvsvc
ncacn_ip_tcp: 63.141.227.68:49154
ncacn_np: \\WIN-C70GDMCD5FO\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE0594369C7B0F4062A4712B232E6F
ncalrpc: IUserProfile2
98716d03-89ac-44c7-bb8c-285824e51c4a
version: v1.0
annotation: XactSrv service
provider: srvsvc.dll
ncacn_ip_tcp: 63.141.227.68:49154
ncacn_np: \\WIN-C70GDMCD5FO\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE0594369C7B0F4062A4712B232E6F
ncalrpc: IUserProfile2
552d076a-cb29-4e44-8b6a-d15e59e2c0af
version: v1.0
annotation: IP Transition Configuration endpoint
provider: iphlpsvc.dll
ncacn_ip_tcp: 63.141.227.68:49154
ncacn_np: \\WIN-C70GDMCD5FO\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE0594369C7B0F4062A4712B232E6F
ncalrpc: IUserProfile2
a398e520-d59a-4bdd-aa7a-3c1e0303a511
version: v1.0
annotation: IKE/Authip API
provider: IKEEXT.DLL
ncacn_ip_tcp: 63.141.227.68:49154
ncacn_np: \\WIN-C70GDMCD5FO\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE0594369C7B0F4062A4712B232E6F
ncalrpc: IUserProfile2
86d35949-83c9-4044-b424-db363231fd0c
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: schedsvc.dll
ncacn_ip_tcp: 63.141.227.68:49154
ncacn_np: \\WIN-C70GDMCD5FO\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE0594369C7B0F4062A4712B232E6F
ncalrpc: IUserProfile2
378e52b0-c0a9-11cf-822d-00aa0051e40f
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: taskcomp.dll
ncacn_np: \\WIN-C70GDMCD5FO\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE0594369C7B0F4062A4712B232E6F
ncalrpc: IUserProfile2
1ff70682-0a51-30e8-076d-740be8cee98b
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: taskcomp.dll
ncacn_np: \\WIN-C70GDMCD5FO\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE0594369C7B0F4062A4712B232E6F
ncalrpc: IUserProfile2
0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53
version: v1.0
provider: schedsvc.dll
ncalrpc: senssvc
ncalrpc: OLE0594369C7B0F4062A4712B232E6F
ncalrpc: IUserProfile2
2eb08e3e-639f-4fba-97b1-14f878961076
version: v1.0
provider: gpsvc.dll
ncalrpc: OLE0594369C7B0F4062A4712B232E6F
ncalrpc: IUserProfile2
24019106-a203-4642-b88d-82dae9158929
version: v1.0
provider: authui.dll
ncalrpc: LRPC-070fc7c73653968cd1
3473dd4d-2e88-4006-9cba-22570909dd10
version: v5.256
annotation: WinHttp Auto-Proxy Service
ncacn_np: \\WIN-C70GDMCD5FO\PIPE\W32TIME_ALT
ncalrpc: W32TIME_ALT
ncalrpc: LRPC-2c70e726ee92ff37fb
ncalrpc: OLEA1B0676575AC43D6B16989F6D1A2
7ea70bcf-48af-4f6a-8968-6a440754d5fa
version: v1.0
annotation: NSI server endpoint
provider: nsisvc.dll
ncalrpc: LRPC-2c70e726ee92ff37fb
ncalrpc: OLEA1B0676575AC43D6B16989F6D1A2
2fb92682-6599-42dc-ae13-bd2ca89bd11c
version: v1.0
annotation: Fw APIs
provider: MPSSVC.dll
ncalrpc: LRPC-ca7376066ab68b8c3f
7f9d11bf-7fb9-436b-a812-b2d50c5d4c03
version: v1.0
annotation: Fw APIs
provider: MPSSVC.dll
ncalrpc: LRPC-ca7376066ab68b8c3f
dd490425-5325-4565-b774-7e27d6c09c24
version: v1.0
annotation: Base Firewall Engine API
provider: BFE.DLL
ncalrpc: LRPC-ca7376066ab68b8c3f
4a452661-8290-4b36-8fbe-7f4093a94978
version: v1.0
annotation: Spooler function endpoint
provider: spoolsv.exe
ncalrpc: spoolss
ae33069b-a2a8-46ee-a235-ddfd339be281
version: v1.0
annotation: Spooler base remote object endpoint
protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
provider: spoolsv.exe
ncalrpc: spoolss
0b6edbfa-4a24-4fc6-8a23-942b1eca65d1
version: v1.0
annotation: Spooler function endpoint
protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
provider: spoolsv.exe
ncalrpc: spoolss
12345778-1234-abcd-ef00-0123456789ac
version: v1.0
protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
provider: samsrv.dll
ncacn_ip_tcp: 63.141.227.68:49155
ncalrpc: samss lpc
ncalrpc: dsrole
ncacn_np: \\WIN-C70GDMCD5FO\PIPE\protected_storage
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncalrpc: LRPC-42b1225220cd0a4e8c
ncacn_np: \\WIN-C70GDMCD5FO\pipe\lsass
367abb81-9844-35f1-ad32-98f038001003
version: v2.0
protocol: [MS-SCMR]: Service Control Manager Remote Protocol
provider: services.exe
ncacn_ip_tcp: 63.141.227.68:49195
12345678-1234-abcd-ef00-0123456789ab
version: v1.0
annotation: IPSec Policy agent endpoint
protocol: [MS-RPRN]: Print System Remote Protocol
provider: spoolsv.exe
ncalrpc: LRPC-5a2cdf6079caa23b01
906b0ce0-c70b-1067-b317-00dd010662da
version: v1.0
protocol: [MS-CMPO]: MSDTC Connection Manager:
provider: msdtcprx.dll
ncalrpc: LRPC-9d6505f9e6aaa2f07a
ncalrpc: LRPC-9d6505f9e6aaa2f07a
ncalrpc: LRPC-9d6505f9e6aaa2f07a
ncalrpc: LRPC-9d6505f9e6aaa2f07a
12e65dd8-887f-41ef-91bf-8d816c42c2e7
version: v1.0
annotation: Secure Desktop LRPC interface
provider: winlogon.exe
ncalrpc: WMsgKRpc01067C74
bfa951d1-2f0e-11d3-bfd1-00c04fa3490a
version: v1.0
provider: aqueue.dll
ncacn_ip_tcp: 63.141.227.68:54550
ncacn_np: \\WIN-C70GDMCD5FO\PIPE\SMTPSVC
ncacn_ip_tcp: 63.141.227.68:54549
ncalrpc: SMTPSVC_LPC
ncacn_np: \\WIN-C70GDMCD5FO\PIPE\INETINFO
ncacn_ip_tcp: 63.141.227.68:54548
ncalrpc: INETINFO_LPC
ncalrpc: OLE8464FD9143F04D64BFAD56B450BC
8cfb5d70-31a4-11cf-a7d8-00805f48a135
version: v3.0
provider: smtpsvc.dll
ncacn_np: \\WIN-C70GDMCD5FO\PIPE\SMTPSVC
ncacn_ip_tcp: 63.141.227.68:54549
ncalrpc: SMTPSVC_LPC
ncacn_np: \\WIN-C70GDMCD5FO\PIPE\INETINFO
ncacn_ip_tcp: 63.141.227.68:54548
ncalrpc: INETINFO_LPC
ncalrpc: OLE8464FD9143F04D64BFAD56B450BC
82ad4280-036b-11cf-972c-00aa006887b0
version: v2.0
protocol: [MS-IRP]: Internet Information Services (IIS) Inetinfo Remote
provider: infocomm.dll
ncacn_np: \\WIN-C70GDMCD5FO\PIPE\INETINFO
ncacn_ip_tcp: 63.141.227.68:54548
ncalrpc: INETINFO_LPC
ncalrpc: OLE8464FD9143F04D64BFAD56B450BC
-1292976740 | 2024-12-27T10:24:24.494451
3389 /
tcp
Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\t\x08\x00\x02\x00\x00\x00
Remote Desktop Protocol NTLM Info:
OS: Windows 7/Windows Server 2008 R2
OS Build: 6.1.7601
Target Name: WIN-C70GDMCD5FO
NetBIOS Domain Name: WIN-C70GDMCD5FO
NetBIOS Computer Name: WIN-C70GDMCD5FO
DNS Domain Name: WIN-C70GDMCD5FO
FQDN: WIN-C70GDMCD5FO
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:2d:fd:ec:89:24:24:9c:4c:b8:86:a9:31:b4:c3:07
Signature Algorithm: sha1WithRSAEncryption
Issuer: CN=WIN-C70GDMCD5FO
Validity
Not Before: Jul 29 22:17:05 2024 GMT
Not After : Jan 28 22:17:05 2025 GMT
Subject: CN=WIN-C70GDMCD5FO
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:f3:aa:b0:4d:57:96:62:42:1e:10:3d:85:2b:61:
88:b9:01:2c:eb:10:d3:f8:6f:97:1e:ec:dd:1e:3d:
ff:d4:e0:f9:da:e1:a0:0f:81:d7:d0:56:95:39:61:
91:ef:30:35:aa:3c:5c:e4:65:73:85:a7:a0:71:a2:
93:3d:ca:eb:da:23:8f:17:ea:8e:57:cf:79:05:f1:
bb:06:15:b6:76:ba:69:6c:8b:21:22:c2:33:aa:38:
cd:a8:22:cd:08:17:60:0c:e2:76:2e:c5:9c:9f:bc:
bd:d2:51:7f:d4:33:b2:d9:25:29:32:4d:c8:86:b2:
e2:13:35:ed:ef:7f:ea:8f:9c:13:0d:10:cb:04:d7:
0b:8c:fa:4e:42:90:c4:3c:c7:6f:1f:83:a0:ef:30:
5a:37:cf:79:ca:1f:b7:26:fd:ea:f6:b8:2b:6e:ef:
d1:38:85:cb:b6:0a:aa:bd:3a:d4:ad:3d:ac:e8:c2:
e1:ed:52:39:ce:08:43:b8:17:c0:f6:b9:72:c5:35:
eb:24:96:60:44:94:44:a7:6a:2c:cb:41:4f:ce:5d:
4b:e4:45:59:3d:5d:5e:7e:8d:72:ab:fb:71:80:ab:
fe:f1:a4:9e:cf:7f:6f:27:45:cf:9f:3a:eb:3b:07:
dd:67:30:a0:65:b7:96:3a:96:1f:79:4f:82:cb:d5:
14:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Extended Key Usage:
TLS Web Server Authentication
X509v3 Key Usage:
Key Encipherment, Data Encipherment
Signature Algorithm: sha1WithRSAEncryption
Signature Value:
8e:6b:fb:23:93:22:54:5c:bd:d0:32:ab:33:b7:8d:8b:6d:e0:
28:92:47:d4:51:80:de:7a:12:93:0b:0f:f6:1b:a7:9b:83:fc:
fd:12:1b:dd:3d:33:6c:e5:01:13:1d:60:32:fb:23:4a:30:ab:
de:47:8e:8a:0c:d9:fe:7f:ac:74:74:79:70:68:6c:f2:5f:92:
9c:a7:e6:60:0f:81:41:75:19:83:95:93:3c:a3:a1:64:ba:50:
ec:d0:35:00:d6:06:41:b4:bc:ee:88:c8:f1:5c:f8:4f:35:95:
20:3b:34:c8:57:69:26:53:f1:9d:7f:c2:ea:e9:64:1d:47:a0:
98:05:2d:ac:00:93:91:d7:9d:16:4c:f4:08:a7:d5:45:2f:78:
ae:dc:d6:7a:f8:2a:f2:0d:c5:f9:ef:32:22:20:31:18:36:25:
11:4e:72:27:c4:b1:2d:83:68:af:31:c3:a6:f9:9f:b6:69:c8:
90:6c:ce:b7:b1:34:c5:7a:2e:e2:87:34:85:15:b9:99:f9:92:
97:e2:79:49:fb:b3:09:0f:a2:16:9c:52:41:3d:47:e1:e9:58:
65:de:34:ca:0a:96:21:02:01:75:d6:a2:b9:8f:61:61:33:57:
46:af:da:40:96:9b:72:04:bc:c4:0e:bb:64:bb:76:63:54:ea:
16:32:60:f2
