| Hostnames |
ftp.gfsw.ch ftp6.gfsw.ch mx.mail.gfsw.ch |
| Domains | gfsw.ch |
| Country | Switzerland |
| City | Wädenswil |
| Organization | hosttech GmbH |
| ISP | BSE Software GmbH |
| ASN | AS9044 |
-1981384578 | 2024-12-23T00:24:27.49720021 / tcp
220 Microsoft FTP Service
534 Policy requires SSL.
214-The following commands are recognized (* ==>'s unimplemented).
ABOR
ACCT
ADAT *
ALLO
APPE
AUTH
CCC
CDUP
CWD
DELE
ENC *
EPRT
EPSV
FEAT
HELP
HOST
LANG
LIST
MDTM
MIC *
MKD
MODE
NLST
NOOP
OPTS
PASS
PASV
PBSZ
PORT
PROT
PWD
QUIT
REIN
REST
RETR
RMD
RNFR
RNTO
SITE
SIZE
SMNT
STAT
STOR
STOU
STRU
SYST
TYPE
USER
XCUP
XCWD
XMKD
XPWD
XRMD
214 HELP command successful.
211-Extended features supported:
LANG EN*
UTF8
AUTH TLS;TLS-C;SSL;TLS-P;
PBSZ
PROT C;P;
CCC
HOST
SIZE
MDTM
REST STREAM
211 END
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:1d:90:9f:e1:67:be:2f:ee:88:6c:64:56:d8:d5:3b:13:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, O=Let's Encrypt, CN=R11
Validity
Not Before: Sep 20 07:03:41 2024 GMT
Not After : Dec 19 07:03:40 2024 GMT
Subject: CN=ftp.gfsw.ch
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (3072 bit)
Modulus:
00:9d:ad:89:eb:03:79:5f:51:5b:8f:fb:09:c9:9a:
c4:68:b1:54:7d:15:c3:80:9b:b1:16:6e:4d:f6:05:
1b:2b:66:81:c3:fa:27:87:33:ad:1a:b6:7d:54:ba:
95:cc:67:fd:cf:6e:0c:5a:69:b8:9a:04:5f:2d:ee:
ff:1b:20:ba:65:12:fd:8f:4b:f8:34:0a:2c:ef:7a:
fd:5c:41:6b:5a:ad:2e:c6:25:65:45:89:60:28:e0:
5a:42:a0:e8:8c:0c:db:23:5a:b4:54:34:7c:74:10:
74:f5:41:4b:d9:a7:b9:7f:8b:ea:cb:5c:eb:bc:c0:
f4:ae:74:be:cf:34:fe:e5:81:dd:b0:d0:36:6d:7b:
90:1e:fc:95:1e:a4:07:5e:08:66:eb:0a:09:93:51:
86:90:af:53:c0:e9:e7:cb:e5:30:5b:cc:58:f7:30:
3a:50:64:1b:c6:00:53:f2:7b:19:de:89:97:75:05:
67:14:72:ee:55:2a:c9:b0:fd:d5:9c:a9:61:a6:41:
99:30:0e:da:c5:f2:fe:74:cf:5c:79:37:79:64:1a:
a2:7e:40:d8:ed:4b:8f:12:43:f6:97:82:79:fb:5f:
39:f3:03:85:4c:43:a6:0f:57:0d:eb:14:cd:6d:ba:
fe:31:35:00:7b:91:c3:6a:2d:31:21:8b:2b:e0:81:
ce:0f:c9:46:8e:23:61:82:b4:e8:ee:50:7a:d5:fa:
dd:8b:ec:19:14:02:46:74:81:16:43:55:9e:2a:0f:
13:3f:d3:d6:e2:21:c5:33:da:c4:c9:86:98:5f:83:
15:93:95:b3:44:03:06:c5:9c:86:f2:1f:7d:ab:6f:
b3:49:ab:49:45:c4:6d:f3:32:1b:19:42:56:3b:86:
43:ab:ff:77:10:66:84:b3:b5:aa:83:49:6e:16:3f:
7d:2b:2d:ab:53:d7:b7:8f:4b:f6:7b:04:7d:51:6e:
99:ec:13:5c:84:74:bc:d6:2b:fc:4b:06:31:9c:75:
5a:31:60:4b:16:3e:fc:a9:f1:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Subject Key Identifier:
39:7E:E3:9F:2F:C6:76:62:62:9B:65:9E:F3:0A:58:81:3A:16:96:79
X509v3 Authority Key Identifier:
C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9
Authority Information Access:
OCSP - URI:http://r11.o.lencr.org
CA Issuers - URI:http://r11.i.lencr.org/
X509v3 Subject Alternative Name:
DNS:ftp.gfsw.ch, DNS:ftp6.gfsw.ch
X509v3 Certificate Policies:
Policy: 2.23.140.1.2.1
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
Timestamp : Sep 20 08:02:11.328 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:3A:99:DC:5B:4A:96:D9:D1:98:E8:EB:89:
35:AB:7C:75:0F:C3:A1:1A:98:06:C5:8A:AD:52:81:4E:
2C:55:23:B7:02:20:23:E2:0F:EF:8F:C1:1C:39:3B:AA:
A7:1F:4D:52:99:19:35:D3:38:25:8E:DF:81:0E:61:3D:
33:40:B4:BD:7E:00
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
Timestamp : Sep 20 08:02:11.336 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:0B:99:2F:FC:B3:BF:02:1E:4C:A5:F3:FE:
4A:EA:CB:A8:AD:BC:39:9B:A9:A9:0C:F3:55:AE:BF:9F:
FF:60:D6:33:02:21:00:FB:73:D3:18:4C:18:B2:27:76:
A7:B2:68:48:CD:49:55:15:7F:E3:12:50:98:9F:50:F9:
F0:E8:22:86:D3:7A:0F
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
37:48:d7:a1:10:e2:07:02:b4:52:aa:ad:67:59:4f:95:73:5b:
90:ba:b9:d2:9e:40:d0:7c:9c:32:1c:0a:05:6b:2f:33:f0:45:
fb:67:28:c1:32:98:07:07:3c:57:0f:b2:fd:8a:bc:3c:76:77:
88:10:f6:5b:40:4d:93:f7:9a:90:56:4f:42:65:97:b0:ce:b5:
c9:3e:16:2a:b5:c7:a1:60:eb:5d:69:6d:8a:37:ee:98:06:cb:
eb:68:af:d6:6c:20:46:2d:43:af:09:3f:01:df:a2:64:b1:a6:
e1:42:77:33:9a:e8:f9:d9:c7:97:11:27:af:51:98:c1:c7:49:
58:6b:2f:1b:0b:39:7e:a1:69:45:85:13:38:7c:3f:d6:27:12:
2a:05:65:08:80:83:84:53:e0:69:f8:8a:85:38:57:fa:07:4b:
a7:69:d5:2c:b6:20:27:39:e0:78:07:e6:9e:59:be:13:59:da:
89:26:43:15:7b:bf:c5:43:93:7b:99:7a:4c:cc:9d:81:4a:c5:
b2:b9:dd:6b:b3:c4:ee:5b:af:c0:b3:91:94:6a:7b:7c:92:6e:
48:25:8d:b1:03:24:f4:93:88:6d:83:b7:6f:cd:25:2b:8c:4c:
2e:d1:43:ce:88:eb:df:89:c7:ee:34:47:5b:18:f8:b4:1b:1a:
6e:04:d3:e8
233833641 | 2024-12-28T08:32:17.28255822 / tcp
SSH-2.0-OpenSSH_for_Windows_8.9 Key type: ecdsa-sha2-nistp256 Key: AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFKB1LvbxvmIPJcWD3vzswLb 2PUddcm/JBIu9++eolw64lckA9KRX2XKww9GmLV51dTbSu/gPdN8+Oo15ivs/ZI= Fingerprint: 3a:b5:b1:91:2b:76:14:eb:57:c9:ed:57:6d:a4:ff:f4 Kex Algorithms: curve25519-sha256 curve25519-sha256@libssh.org ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 diffie-hellman-group-exchange-sha256 diffie-hellman-group16-sha512 diffie-hellman-group18-sha512 diffie-hellman-group14-sha256 Server Host Key Algorithms: rsa-sha2-512 rsa-sha2-256 ecdsa-sha2-nistp256 ssh-ed25519 Encryption Algorithms: chacha20-poly1305@openssh.com aes128-ctr aes192-ctr aes256-ctr aes128-gcm@openssh.com aes256-gcm@openssh.com MAC Algorithms: umac-64-etm@openssh.com umac-128-etm@openssh.com hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com hmac-sha1-etm@openssh.com umac-64@openssh.com umac-128@openssh.com hmac-sha2-256 hmac-sha2-512 hmac-sha1 Compression Algorithms: none zlib@openssh.com
1489525118 | 2024-12-25T10:07:05.68332180 / tcp
HTTP/1.1 404 Not Found Content-Type: text/html; charset=us-ascii Server: Microsoft-HTTPAPI/2.0 Date: Wed, 25 Dec 2024 10:07:05 GMT Connection: close Content-Length: 315
-1303990792 | 2024-12-28T04:08:21.299727135 / tcp
Microsoft RPC Endpoint Mapper 51a227ae-825b-41f2-b4a9-1ac9557a1018 version: v1.0 annotation: Ngc Pop Key Service ncacn_ip_tcp: 82.220.34.146:49664 ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: LSA_IDPEXT_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\22800HOSTSERVEU\pipe\lsass 8fb74744-b2ff-4c00-be0d-9ef9a191fe1b version: v1.0 annotation: Ngc Pop Key Service ncacn_ip_tcp: 82.220.34.146:49664 ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: LSA_IDPEXT_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\22800HOSTSERVEU\pipe\lsass b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86 version: v2.0 annotation: KeyIso ncacn_ip_tcp: 82.220.34.146:49664 ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: LSA_IDPEXT_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\22800HOSTSERVEU\pipe\lsass 12345778-1234-abcd-ef00-0123456789ac version: v1.0 protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol provider: samsrv.dll ncacn_ip_tcp: 82.220.34.146:49664 ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: LSA_IDPEXT_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\22800HOSTSERVEU\pipe\lsass d95afe70-a6d5-4259-822e-2c84da1ddb0d version: v1.0 protocol: [MS-RSP]: Remote Shutdown Protocol provider: wininit.exe ncacn_ip_tcp: 82.220.34.146:49665 ncalrpc: WindowsShutdown ncacn_np: \\22800HOSTSERVEU\PIPE\InitShutdown ncalrpc: WMsgKRpc08B8B0 76f226c3-ec14-4325-8a99-6a46348418af version: v1.0 provider: winlogon.exe ncalrpc: WindowsShutdown ncacn_np: \\22800HOSTSERVEU\PIPE\InitShutdown ncalrpc: WMsgKRpc08B8B0 ncalrpc: WMsgKRpc096DA1 d09bdeb5-6171-4a34-bfe2-06fa82652568 version: v1.0 ncalrpc: csebpub ncalrpc: LRPC-5abdae27e4e86ce957 ncalrpc: LRPC-8b0873fced9d44469f ncalrpc: LRPC-46658765de36f417f6 ncalrpc: LRPC-21f96c3a73a15c3c9b ncalrpc: OLEA41AFD01B3CE88E9A42941C32665 ncalrpc: LRPC-e6ccb499f1d1db2f77 ncalrpc: actkernel ncalrpc: umpo ncalrpc: LRPC-8b0873fced9d44469f ncalrpc: LRPC-46658765de36f417f6 ncalrpc: LRPC-21f96c3a73a15c3c9b ncalrpc: OLEA41AFD01B3CE88E9A42941C32665 ncalrpc: LRPC-e6ccb499f1d1db2f77 ncalrpc: actkernel ncalrpc: umpo ncalrpc: LRPC-46658765de36f417f6 ncalrpc: LRPC-21f96c3a73a15c3c9b ncalrpc: OLEA41AFD01B3CE88E9A42941C32665 ncalrpc: LRPC-e6ccb499f1d1db2f77 ncalrpc: actkernel ncalrpc: umpo ncalrpc: LRPC-f45b5e4f0bbfde6361 ncalrpc: LRPC-def6a693ff91f78c05 697dcda9-3ba9-4eb2-9247-e11f1901b0d2 version: v1.0 ncalrpc: LRPC-5abdae27e4e86ce957 ncalrpc: LRPC-8b0873fced9d44469f ncalrpc: LRPC-46658765de36f417f6 ncalrpc: LRPC-21f96c3a73a15c3c9b ncalrpc: OLEA41AFD01B3CE88E9A42941C32665 ncalrpc: LRPC-e6ccb499f1d1db2f77 ncalrpc: actkernel ncalrpc: umpo 9b008953-f195-4bf9-bde0-4471971e58ed version: v1.0 ncalrpc: LRPC-8b0873fced9d44469f ncalrpc: LRPC-46658765de36f417f6 ncalrpc: LRPC-21f96c3a73a15c3c9b ncalrpc: OLEA41AFD01B3CE88E9A42941C32665 ncalrpc: LRPC-e6ccb499f1d1db2f77 ncalrpc: actkernel ncalrpc: umpo 0d47017b-b33b-46ad-9e18-fe96456c5078 version: v1.0 ncalrpc: umpo 95406f0b-b239-4318-91bb-cea3a46ff0dc version: v1.0 ncalrpc: umpo 4ed8abcc-f1e2-438b-981f-bb0e8abc010c version: v1.0 ncalrpc: umpo 0ff1f646-13bb-400a-ab50-9a78f2b7a85a version: v1.0 ncalrpc: umpo 6982a06e-5fe2-46b1-b39c-a2c545bfa069 version: v1.0 ncalrpc: umpo 082a3471-31b6-422a-b931-a54401960c62 version: v1.0 ncalrpc: umpo fae436b0-b864-4a87-9eda-298547cd82f2 version: v1.0 ncalrpc: umpo e53d94ca-7464-4839-b044-09a2fb8b3ae5 version: v1.0 ncalrpc: umpo 178d84be-9291-4994-82c6-3f909aca5a03 version: v1.0 ncalrpc: umpo 4dace966-a243-4450-ae3f-9b7bcb5315b8 version: v2.0 ncalrpc: umpo 1832bcf6-cab8-41d4-85d2-c9410764f75a version: v1.0 ncalrpc: umpo c521facf-09a9-42c5-b155-72388595cbf0 version: v0.0 ncalrpc: umpo 2c7fd9ce-e706-4b40-b412-953107ef9bb0 version: v0.0 ncalrpc: umpo 88abcbc3-34ea-76ae-8215-767520655a23 version: v0.0 ncalrpc: LRPC-21f96c3a73a15c3c9b ncalrpc: OLEA41AFD01B3CE88E9A42941C32665 ncalrpc: LRPC-e6ccb499f1d1db2f77 ncalrpc: actkernel ncalrpc: umpo 76c217bc-c8b4-4201-a745-373ad9032b1a version: v1.0 ncalrpc: LRPC-21f96c3a73a15c3c9b ncalrpc: OLEA41AFD01B3CE88E9A42941C32665 ncalrpc: LRPC-e6ccb499f1d1db2f77 ncalrpc: actkernel ncalrpc: umpo 55e6b932-1979-45d6-90c5-7f6270724112 version: v1.0 ncalrpc: LRPC-21f96c3a73a15c3c9b ncalrpc: OLEA41AFD01B3CE88E9A42941C32665 ncalrpc: LRPC-e6ccb499f1d1db2f77 ncalrpc: actkernel ncalrpc: umpo 857fb1be-084f-4fb5-b59c-4b2c4be5f0cf version: v1.0 ncalrpc: OLEA41AFD01B3CE88E9A42941C32665 ncalrpc: LRPC-e6ccb499f1d1db2f77 ncalrpc: actkernel ncalrpc: umpo 20c40295-8dba-48e6-aebf-3e78ef3bb144 version: v2.0 ncalrpc: OLEA41AFD01B3CE88E9A42941C32665 ncalrpc: LRPC-e6ccb499f1d1db2f77 ncalrpc: actkernel ncalrpc: umpo 2513bcbe-6cd4-4348-855e-7efb3c336dd3 version: v2.0 ncalrpc: OLEA41AFD01B3CE88E9A42941C32665 ncalrpc: LRPC-e6ccb499f1d1db2f77 ncalrpc: actkernel ncalrpc: umpo 0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e version: v1.0 ncalrpc: LRPC-e6ccb499f1d1db2f77 ncalrpc: actkernel ncalrpc: umpo c605f9fb-f0a3-4e2a-a073-73560f8d9e3e version: v1.0 ncalrpc: LRPC-e6ccb499f1d1db2f77 ncalrpc: actkernel ncalrpc: umpo 1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0 version: v1.0 ncalrpc: LRPC-e6ccb499f1d1db2f77 ncalrpc: actkernel ncalrpc: umpo 8bfc3be1-6def-4e2d-af74-7c47cd0ade4a version: v1.0 ncalrpc: LRPC-e6ccb499f1d1db2f77 ncalrpc: actkernel ncalrpc: umpo 2d98a740-581d-41b9-aa0d-a88b9d5ce938 version: v1.0 ncalrpc: LRPC-e6ccb499f1d1db2f77 ncalrpc: actkernel ncalrpc: umpo dd59071b-3215-4c59-8481-972edadc0f6a version: v1.0 ncalrpc: actkernel ncalrpc: umpo 0361ae94-0316-4c6c-8ad8-c594375800e2 version: v1.0 ncalrpc: umpo 5824833b-3c1a-4ad2-bdfd-c31d19e23ed2 version: v1.0 ncalrpc: umpo bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760 version: v1.0 ncalrpc: umpo 3b338d89-6cfa-44b8-847e-531531bc9992 version: v1.0 ncalrpc: umpo 8782d3b9-ebbd-4644-a3d8-e8725381919b version: v1.0 ncalrpc: umpo 085b0334-e454-4d91-9b8c-4134f9e793f3 version: v1.0 ncalrpc: umpo 4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9 version: v1.0 ncalrpc: umpo c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 version: v1.0 annotation: Impl friendly name provider: sysntfy.dll ncalrpc: LRPC-0588bc6dad1ab5f69d ncalrpc: LRPC-4ab377142e98ed3a48 ncalrpc: IUserProfile2 ncalrpc: LRPC-223b5de28adb88c104 ncalrpc: senssvc ncalrpc: LRPC-5fa6d25ed553f50118 e40f7b57-7a25-4cd3-a135-7f7d3df9d16b version: v1.0 ncalrpc: LRPC-dc9894174592b555f0 880fd55e-43b9-11e0-b1a8-cf4edfd72085 version: v1.0 annotation: KAPI Service endpoint ncalrpc: LRPC-7be46849a7c24bf1c9 ncalrpc: OLE16581C0FAB9F63D459998F72BDD6 ncalrpc: LRPC-f45b5e4f0bbfde6361 5222821f-d5e2-4885-84f1-5f6185a0ec41 version: v1.0 ncalrpc: LRPC-7eb381db92560267cb f6beaff7-1e19-4fbb-9f8f-b89e2018337c version: v1.0 annotation: Event log TCPIP protocol: [MS-EVEN6]: EventLog Remoting Protocol provider: wevtsvc.dll ncacn_ip_tcp: 82.220.34.146:49666 ncacn_np: \\22800HOSTSERVEU\pipe\eventlog ncalrpc: eventlog a500d4c6-0dd1-4543-bc0c-d5f93486eaf8 version: v1.0 ncalrpc: LRPC-480629e9cd0c6ed75f ncalrpc: LRPC-def6a693ff91f78c05 7ea70bcf-48af-4f6a-8968-6a440754d5fa version: v1.0 annotation: NSI server endpoint provider: nsisvc.dll ncalrpc: LRPC-bd8cc655e8571fd03c 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6 version: v1.0 annotation: DHCPv6 Client LRPC Endpoint provider: dhcpcsvc6.dll ncalrpc: dhcpcsvc6 ncalrpc: dhcpcsvc 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5 version: v1.0 annotation: DHCP Client LRPC Endpoint provider: dhcpcsvc.dll ncalrpc: dhcpcsvc 2eb08e3e-639f-4fba-97b1-14f878961076 version: v1.0 annotation: Group Policy RPC Interface provider: gpsvc.dll ncalrpc: LRPC-404585b40206b2161a 3a9ef155-691d-4449-8d05-09ad57031823 version: v1.0 ncacn_ip_tcp: 82.220.34.146:49667 ncalrpc: LRPC-3f860f1a10954438e3 ncalrpc: ubpmtaskhostchannel ncacn_np: \\22800HOSTSERVEU\PIPE\atsvc ncalrpc: LRPC-770a1d128b53ade3fa 86d35949-83c9-4044-b424-db363231fd0c version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: schedsvc.dll ncacn_ip_tcp: 82.220.34.146:49667 ncalrpc: LRPC-3f860f1a10954438e3 ncalrpc: ubpmtaskhostchannel ncacn_np: \\22800HOSTSERVEU\PIPE\atsvc ncalrpc: LRPC-770a1d128b53ade3fa 33d84484-3626-47ee-8c6f-e7e98b113be1 version: v2.0 ncalrpc: LRPC-3f860f1a10954438e3 ncalrpc: ubpmtaskhostchannel ncacn_np: \\22800HOSTSERVEU\PIPE\atsvc ncalrpc: LRPC-770a1d128b53ade3fa 378e52b0-c0a9-11cf-822d-00aa0051e40f version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: taskcomp.dll ncacn_np: \\22800HOSTSERVEU\PIPE\atsvc ncalrpc: LRPC-770a1d128b53ade3fa 1ff70682-0a51-30e8-076d-740be8cee98b version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: taskcomp.dll ncacn_np: \\22800HOSTSERVEU\PIPE\atsvc ncalrpc: LRPC-770a1d128b53ade3fa 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53 version: v1.0 provider: schedsvc.dll ncalrpc: LRPC-770a1d128b53ade3fa 3f787932-3452-4363-8651-6ea97bb373bb version: v1.0 annotation: NSP Rpc Interface ncalrpc: LRPC-1b81d6e57505ae5167 ncalrpc: OLE318535AB2924146F6C70D61B28B4 30adc50c-5cbc-46ce-9a0e-91914789e23c version: v1.0 annotation: NRP server endpoint provider: nrpsrv.dll ncalrpc: LRPC-27ab87fb5c99138897 ncalrpc: DNSResolver 30b044a5-a225-43f0-b3a4-e060df91f9c1 version: v1.0 provider: certprop.dll ncalrpc: LRPC-f04175d8fb1a4991e1 3473dd4d-2e88-4006-9cba-22570909dd10 version: v5.256 annotation: WinHttp Auto-Proxy Service ncalrpc: 51512246-8dec-483a-bcac-b372ed1bc2aa ncalrpc: LRPC-b4a776593b708548e8 7f1343fe-50a9-4927-a778-0c5859517bac version: v1.0 annotation: DfsDs service ncacn_np: \\22800HOSTSERVEU\PIPE\wkssvc ncalrpc: LRPC-13a74820a861494d24 eb081a0d-10ee-478a-a1dd-50995283e7a8 version: v3.0 annotation: Witness Client Test Interface ncalrpc: LRPC-13a74820a861494d24 f2c9b409-c1c9-4100-8639-d8ab1486694a version: v1.0 annotation: Witness Client Upcall Server ncalrpc: LRPC-13a74820a861494d24 13560fa9-8c09-4b56-a1fd-04d083b9b2a1 version: v1.0 ncalrpc: LRPC-bcd4080e62a04e2f5c ncalrpc: OLEE9CDED9B03AE2DA88BDFEF5F74ED c2d1b5dd-fa81-4460-9dd6-e7658b85454b version: v1.0 ncalrpc: LRPC-bcd4080e62a04e2f5c ncalrpc: OLEE9CDED9B03AE2DA88BDFEF5F74ED f44e62af-dab1-44c2-8013-049a9de417d6 version: v1.0 ncalrpc: LRPC-bcd4080e62a04e2f5c ncalrpc: OLEE9CDED9B03AE2DA88BDFEF5F74ED b37f900a-eae4-4304-a2ab-12bb668c0188 version: v1.0 ncalrpc: LRPC-bcd4080e62a04e2f5c ncalrpc: OLEE9CDED9B03AE2DA88BDFEF5F74ED abfb6ca3-0c5e-4734-9285-0aee72fe8d1c version: v1.0 ncalrpc: LRPC-bcd4080e62a04e2f5c ncalrpc: OLEE9CDED9B03AE2DA88BDFEF5F74ED 29770a8f-829b-4158-90a2-78cd488501f7 version: v1.0 ncacn_ip_tcp: 82.220.34.146:49668 ncacn_np: \\22800HOSTSERVEU\pipe\SessEnvPublicRpc ncalrpc: SessEnvPrivateRpc ncalrpc: LRPC-5fa6d25ed553f50118 0d3c7f20-1c8d-4654-a1b3-51563b298bda version: v1.0 annotation: UserMgrCli ncalrpc: LRPC-7bdfcb208fa7686087 ncalrpc: OLE8109613085CF9CADDA94C87A6E5E b18fbab6-56f8-4702-84e0-41053293a869 version: v1.0 annotation: UserMgrCli ncalrpc: LRPC-7bdfcb208fa7686087 ncalrpc: OLE8109613085CF9CADDA94C87A6E5E 2fb92682-6599-42dc-ae13-bd2ca89bd11c version: v1.0 annotation: Fw APIs provider: MPSSVC.dll ncalrpc: LRPC-6a8c903d7ecc33c891 ncalrpc: LRPC-a18308dc9960260800 ncalrpc: LRPC-aef0ca6a0f8e96b4e2 ncalrpc: LRPC-27a4819677d3235a68 f47433c3-3e9d-4157-aad4-83aa1f5c2d4c version: v1.0 annotation: Fw APIs ncalrpc: LRPC-a18308dc9960260800 ncalrpc: LRPC-aef0ca6a0f8e96b4e2 ncalrpc: LRPC-27a4819677d3235a68 7f9d11bf-7fb9-436b-a812-b2d50c5d4c03 version: v1.0 annotation: Fw APIs provider: MPSSVC.dll ncalrpc: LRPC-aef0ca6a0f8e96b4e2 ncalrpc: LRPC-27a4819677d3235a68 dd490425-5325-4565-b774-7e27d6c09c24 version: v1.0 annotation: Base Firewall Engine API provider: BFE.DLL ncalrpc: LRPC-27a4819677d3235a68 26268c86-e770-433e-86ef-5f3ba6731fba version: v1.0 ncalrpc: LRPC-ea337f600a307902ff ncalrpc: OLEF76635CC648C5E636D2FA0A9B4CE 76f03f96-cdfd-44fc-a22c-64950a001209 version: v1.0 protocol: [MS-PAR]: Print System Asynchronous Remote Protocol provider: spoolsv.exe ncacn_ip_tcp: 82.220.34.146:49669 ncalrpc: LRPC-4064c2124aa46bd754 4a452661-8290-4b36-8fbe-7f4093a94978 version: v1.0 provider: spoolsv.exe ncacn_ip_tcp: 82.220.34.146:49669 ncalrpc: LRPC-4064c2124aa46bd754 ae33069b-a2a8-46ee-a235-ddfd339be281 version: v1.0 protocol: [MS-PAN]: Print System Asynchronous Notification Protocol provider: spoolsv.exe ncacn_ip_tcp: 82.220.34.146:49669 ncalrpc: LRPC-4064c2124aa46bd754 0b6edbfa-4a24-4fc6-8a23-942b1eca65d1 version: v1.0 protocol: [MS-PAN]: Print System Asynchronous Notification Protocol provider: spoolsv.exe ncacn_ip_tcp: 82.220.34.146:49669 ncalrpc: LRPC-4064c2124aa46bd754 12345678-1234-abcd-ef00-0123456789ab version: v1.0 protocol: [MS-RPRN]: Print System Remote Protocol provider: spoolsv.exe ncacn_ip_tcp: 82.220.34.146:49669 ncalrpc: LRPC-4064c2124aa46bd754 c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1 version: v1.0 annotation: Adh APIs ncalrpc: TeredoControl ncalrpc: TeredoDiagnostics ncalrpc: LRPC-2b7f2c9ff682a4afc9 c36be077-e14b-4fe9-8abc-e856ef4f048b version: v1.0 annotation: Proxy Manager client server endpoint ncalrpc: TeredoControl ncalrpc: TeredoDiagnostics ncalrpc: LRPC-2b7f2c9ff682a4afc9 2e6035b2-e8f1-41a7-a044-656b439c4c34 version: v1.0 annotation: Proxy Manager provider server endpoint ncalrpc: TeredoControl ncalrpc: TeredoDiagnostics ncalrpc: LRPC-2b7f2c9ff682a4afc9 552d076a-cb29-4e44-8b6a-d15e59e2c0af version: v1.0 annotation: IP Transition Configuration endpoint provider: iphlpsvc.dll ncalrpc: LRPC-2b7f2c9ff682a4afc9 b58aa02e-2884-4e97-8176-4ee06d794184 version: v1.0 provider: sysmain.dll ncalrpc: LRPC-cd5fd3c356461d9c79 a398e520-d59a-4bdd-aa7a-3c1e0303a511 version: v1.0 annotation: IKE/Authip API provider: IKEEXT.DLL ncalrpc: LRPC-5483b4a1564cf18c65 1a0d010f-1c33-432c-b0f5-8cf4e8053099 version: v1.0 annotation: IdSegSrv service ncalrpc: LRPC-ff4a8c68294e9edf0a 98716d03-89ac-44c7-bb8c-285824e51c4a version: v1.0 annotation: XactSrv service provider: srvsvc.dll ncalrpc: LRPC-ff4a8c68294e9edf0a 650a7e26-eab8-5533-ce43-9c1dfce11511 version: v1.0 annotation: Vpn APIs ncalrpc: LRPC-86e62c091b9e435477 ncalrpc: VpnikeRpc ncalrpc: RasmanLrpc ncacn_np: \\22800HOSTSERVEU\PIPE\ROUTER bfa951d1-2f0e-11d3-bfd1-00c04fa3490a version: v1.0 provider: aqueue.dll ncacn_ip_tcp: 82.220.34.146:49671 ncacn_np: \\22800HOSTSERVEU\PIPE\SMTPSVC ncacn_ip_tcp: 82.220.34.146:49670 ncalrpc: SMTPSVC_LPC ncalrpc: OLEE158EF85A39AAE258345C3D00060 8cfb5d70-31a4-11cf-a7d8-00805f48a135 version: v3.0 provider: smtpsvc.dll ncacn_np: \\22800HOSTSERVEU\PIPE\SMTPSVC ncacn_ip_tcp: 82.220.34.146:49670 ncalrpc: SMTPSVC_LPC ncalrpc: OLEE158EF85A39AAE258345C3D00060 1d45e083-478f-437c-9618-3594ced8c235 version: v1.0 ncalrpc: LRPC-a3387be5a7cba9133e ncalrpc: OLEDAA9602C75431BCFD1B96D73AC19 98cd761e-e77d-41c8-a3c0-0fb756d90ec2 version: v1.0 ncalrpc: LRPC-a3387be5a7cba9133e ncalrpc: OLEDAA9602C75431BCFD1B96D73AC19 d22895ef-aff4-42c5-a5b2-b14466d34ab4 version: v1.0 ncalrpc: LRPC-a3387be5a7cba9133e ncalrpc: OLEDAA9602C75431BCFD1B96D73AC19 e38f5360-8572-473e-b696-1b46873beeab version: v1.0 ncalrpc: LRPC-a3387be5a7cba9133e ncalrpc: OLEDAA9602C75431BCFD1B96D73AC19 95095ec8-32ea-4eb0-a3e2-041f97b36168 version: v1.0 ncalrpc: LRPC-a3387be5a7cba9133e ncalrpc: OLEDAA9602C75431BCFD1B96D73AC19 fd8be72b-a9cd-4b2c-a9ca-4ded242fbe4d version: v1.0 ncalrpc: LRPC-a3387be5a7cba9133e ncalrpc: OLEDAA9602C75431BCFD1B96D73AC19 4c9dbf19-d39e-4bb9-90ee-8f7179b20283 version: v1.0 ncalrpc: LRPC-a3387be5a7cba9133e ncalrpc: OLEDAA9602C75431BCFD1B96D73AC19 d4051bde-9cdd-4910-b393-4aa85ec3c482 version: v1.0 ncalrpc: LRPC-a3387be5a7cba9133e ncalrpc: OLEDAA9602C75431BCFD1B96D73AC19 7df1ceae-de4e-4e6f-ab14-49636e7c2052 version: v1.0 ncalrpc: LRPC-a0798b1d8f6257989b f3f09ffd-fbcf-4291-944d-70ad6e0e73bb version: v1.0 ncalrpc: LRPC-52556891f3b365fe22 509bc7ae-77be-4ee8-b07c-0d096bb44345 version: v1.0 ncalrpc: LRPC-36b20a6a8cf8e3125a ncalrpc: OLEE5E5161ABA65EEE12CFBF81D56F9 367abb81-9844-35f1-ad32-98f038001003 version: v2.0 protocol: [MS-SCMR]: Service Control Manager Remote Protocol provider: services.exe ncacn_ip_tcp: 82.220.34.146:49673 c503f532-443a-4c69-8300-ccd1fbdb3839 version: v2.0 ncalrpc: LRPC-0051e34312ce1054b9 ncalrpc: OLEAD17E9DB40BAE1E991FD6BD230B0 7d814569-35b3-4850-bb32-83035fcebf6e version: v1.0 annotation: IAS RPC server provider: ias.dll ncalrpc: LRPC-8ee8625ff54bca48a6 ncalrpc: OLE8C572186D9A5171B77E9959E7BB5 906b0ce0-c70b-1067-b317-00dd010662da version: v1.0 protocol: [MS-CMPO]: MSDTC Connection Manager: provider: msdtcprx.dll ncalrpc: LRPC-2596eafc805c79f810 ncalrpc: LRPC-2596eafc805c79f810 ncalrpc: LRPC-2596eafc805c79f810 0767a036-0d22-48aa-ba69-b619480f38cb version: v1.0 annotation: PcaSvc provider: pcasvc.dll ncalrpc: LRPC-ae72f9ce1c83ca90a1 d249bd56-4cc0-4fd3-8ce6-6fe050d590cb version: v0.0 ncalrpc: LRPC-baafc5566907e5d92c d8140e00-5c46-4ae6-80ac-2f9a76df224c version: v0.0 ncalrpc: LRPC-baafc5566907e5d92c bf4dc912-e52f-4904-8ebe-9317c1bdd497 version: v1.0 ncalrpc: LRPC-c7fa017712e2d43abf ncalrpc: OLE723E6E1081C4A60F1D6E8827104C
710518021 | 2024-12-24T15:29:57.448435137 / udp
NetBIOS Response:
Server Name: 22800HOSTSERVEU
MAC Address: 00:1B:21:3B:21:5C
Names:
22800HOSTSERVEU <0x20>
22800HOSTSERVEU <0x0>
WORKGROUP <0x0>00:1B:21:3B:21:5C
OUI: 00:1B:21
Organization: Intel Corporate
Assignment: MA-L
Registration Date: 2007-01-16
-253568434 | 2024-12-26T07:26:45.6486863389 / tcp
Remote Desktop Protocol \x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x1f\x08\x00\x02\x00\x00\x00 Remote Desktop Protocol NTLM Info: OS: Windows Server 2022 OS Build: 10.0.20348 Target Name: 22800HOSTSERVEU NetBIOS Domain Name: 22800HOSTSERVEU NetBIOS Computer Name: 22800HOSTSERVEU DNS Domain Name: 22800hostserveu FQDN: 22800hostserveu
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:7d:e9:dd:17:94:0f:b9:48:57:ef:e2:d7:b8:91:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22800hostserveu
Validity
Not Before: Oct 2 12:32:08 2024 GMT
Not After : Apr 3 12:32:08 2025 GMT
Subject: CN=22800hostserveu
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c1:83:7b:12:67:20:ca:3e:56:b1:eb:95:07:cb:
78:12:f6:70:2c:c7:c0:be:a5:79:c8:1f:e1:8e:b8:
d3:3d:43:78:5a:11:19:f2:1b:65:14:5c:72:89:1c:
8d:c5:76:43:90:3b:0c:b1:b3:43:16:eb:5c:43:31:
a6:69:49:c4:7e:cf:4e:11:69:cb:05:01:f8:8c:18:
d7:27:ac:6f:bf:62:46:dc:83:4a:17:36:cb:bd:56:
f8:ac:ff:7f:ff:92:65:ee:54:9e:d4:a4:c0:50:88:
fe:41:6e:27:7c:7e:a0:98:68:2f:fd:6e:8f:60:a2:
2b:01:ee:d9:3f:c2:28:35:67:3e:87:fd:f3:23:2c:
a9:00:73:aa:95:3f:66:71:04:7e:78:d5:c0:b4:a9:
17:6c:9e:2d:2a:b1:c6:e9:81:c5:fa:38:5b:df:42:
00:45:fe:a6:6c:e3:c8:6d:da:5f:7e:2d:79:0e:ea:
08:40:46:b6:7d:a5:ad:b3:cb:52:62:bf:07:13:8e:
ac:5a:a1:c6:9d:e8:01:e2:a3:0a:f1:22:ce:9c:86:
b1:02:63:e9:e1:83:9e:d1:f6:f9:67:db:f2:65:db:
aa:f8:ad:61:06:1e:e0:ec:e2:d5:7a:c1:e7:41:3b:
06:c1:c0:8b:24:66:88:3d:d3:5c:16:3e:2b:2c:e4:
d5:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Extended Key Usage:
TLS Web Server Authentication
X509v3 Key Usage:
Key Encipherment, Data Encipherment
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
0a:31:aa:89:35:b4:43:43:7f:9e:6f:08:d4:27:a0:7e:53:48:
03:42:ca:e5:d3:2b:79:b0:8d:10:12:ca:87:33:f9:95:d7:3d:
d2:4c:a3:d8:e7:00:27:8f:c4:77:71:7f:a2:a0:73:7b:8b:09:
72:f2:59:e3:88:85:7c:fa:93:d8:5a:9f:e8:d7:e2:78:f0:fc:
c4:04:1a:a4:24:6d:92:b7:7a:ff:f6:d8:5e:c4:ed:e9:35:bc:
08:39:0d:d9:dc:f3:48:36:e7:51:a5:1b:83:06:a0:63:f7:49:
d8:43:f5:e5:03:dc:50:f1:96:68:fa:86:27:a0:d0:b2:41:37:
0b:f7:b7:1e:cc:17:8e:47:45:85:b0:2b:41:dd:8c:56:80:f5:
d2:d4:be:6c:c5:fa:b0:2c:9a:fa:0d:2f:08:8c:a1:fc:c9:f6:
73:4f:ce:2a:7d:f0:06:6b:7a:fd:bc:be:d1:bd:e6:a3:ca:56:
a7:64:62:0f:90:a2:c8:46:26:82:c3:64:e7:ee:ce:1a:95:55:
b6:40:cc:ca:d2:20:00:72:28:fa:22:b6:43:69:9f:56:fd:84:
1d:d6:6b:fe:53:74:5f:63:7b:ab:03:81:e0:d9:09:51:c4:97:
b7:38:3e:dc:de:b3:ce:39:3f:2a:5c:c1:a8:6c:4d:d9:f9:b4:
be:46:da:b5
-1684583448 | 2024-12-24T11:34:07.4784825357 / tcp
HTTP/1.1 503 Service Unavailable Content-Type: text/html; charset=us-ascii Server: Microsoft-HTTPAPI/2.0 Date: Tue, 24 Dec 2024 11:34:07 GMT Connection: close Content-Length: 326
1489525118 | 2024-12-27T23:49:58.7105455985 / tcp
HTTP/1.1 404 Not Found Content-Type: text/html; charset=us-ascii Server: Microsoft-HTTPAPI/2.0 Date: Fri, 27 Dec 2024 23:49:58 GMT Connection: close Content-Length: 315 WinRM NTLM Info: OS: Windows Server 2022 OS Build: 10.0.20348 Target Name: 22800HOSTSERVEU NetBIOS Domain Name: 22800HOSTSERVEU NetBIOS Computer Name: 22800HOSTSERVEU DNS Domain Name: 22800hostserveu FQDN: 22800hostserveu