www.shodan.io
Open in
urlscan Pro
104.18.13.238
Public Scan
URL:
https://www.shodan.io/host/163.5.215.125
Submission: On May 29 via api from LU — Scanned from DE
Submission: On May 29 via api from LU — Scanned from DE
Form analysis 1 forms found in the DOM
GET /search
<form action="/search" method="GET">
<div class="searchbox">
<div class="input-wrapper">
<label for="search-query" value="Enter search query" class="visually-hidden"></label>
<input type="text" name="query" placeholder="Search..." autofocus="autofocus" autocapitalize="none" spellcheck="false" id="search-query">
</div>
<button type="submit" aria-label="Submit search querxy" data-balloon-disable="data-balloon-disable" class="button-red"><svg class="svg-inline--fa fa-search fa-w-16 fa-fw" aria-hidden="true" focusable="false" data-prefix="fas" data-icon="search"
role="img" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512" data-fa-i2svg="">
<path fill="currentColor"
d="M505 442.7L405.3 343c-4.5-4.5-10.6-7-17-7H372c27.6-35.3 44-79.7 44-128C416 93.1 322.9 0 208 0S0 93.1 0 208s93.1 208 208 208c48.3 0 92.7-16.4 128-44v16.3c0 6.4 2.5 12.5 7 17l99.7 99.7c9.4 9.4 24.6 9.4 33.9 0l28.3-28.3c9.4-9.4 9.4-24.6.1-34zM208 336c-70.7 0-128-57.2-128-128 0-70.7 57.2-128 128-128 70.7 0 128 57.2 128 128 0 70.7-57.2 128-128 128z">
</path>
</svg><!-- <i class="fas fa-search fa-fw "></i> Font Awesome fontawesome.com -->
</button>
</div>
</form>Text Content
* Shodan
* Maps
* Images
* Monitor
* Developer
* More...
© OpenMapTiles Satellite | © MapTiler © OpenStreetMap contributors
* Explore
* Pricing
* Login
163.5.215.125
Regular View Raw Data
LAST SEEN: 2024-05-05
TAGS:
self-signed
GENERALINFORMATION
Country France City Paris Organization Association Rocket-Host.FR ISP Dyjix SAS
ASN AS212815 Operating System Windows Server 2019 (version 1809) (build
10.0.17763)
VULNERABILITIES
Note: the device may not be impacted by all of these issues. The vulnerabilities
are implied based on the software and version.
CVE-2024-0727 Issue summary: Processing a maliciously formatted PKCS12 file may
lead OpenSSL to crash leading to a potential Denial of Service attack Impact
summary: Applications loading files in the PKCS12 format from untrusted sources
might terminate abruptly. A file in PKCS12 format can contain certificates and
keys and may come from an untrusted source. The PKCS12 specification allows
certain fields to be NULL, but OpenSSL does not correctly check for this case.
This can lead to a NULL pointer dereference that results in OpenSSL crashing. If
an application processes PKCS12 files from an untrusted source using the OpenSSL
APIs then that application will be vulnerable to this issue. OpenSSL APIs that
are vulnerable to this are: PKCS12_parse(), PKCS12_unpack_p7data(),
PKCS12_unpack_p7encdata(), PKCS12_unpack_authsafes() and PKCS12_newpass(). We
have also fixed a similar issue in SMIME_write_PKCS7(). However since this
function is related to writing data we do not consider it security significant.
The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue.
CVE-2023-6129 Issue summary: The POLY1305 MAC (message authentication code)
implementation contains a bug that might corrupt the internal state of
applications running on PowerPC CPU based platforms if the CPU provides vector
instructions. Impact summary: If an attacker can influence whether the POLY1305
MAC algorithm is used, the application state might be corrupted with various
application dependent consequences. The POLY1305 MAC (message authentication
code) implementation in OpenSSL for PowerPC CPUs restores the contents of vector
registers in a different order than they are saved. Thus the contents of some of
these vector registers are corrupted when returning to the caller. The
vulnerable code is used only on newer PowerPC processors supporting the PowerISA
2.07 instructions. The consequences of this kind of internal application state
corruption can be various - from no consequences, if the calling application
does not depend on the contents of non-volatile XMM registers at all, to the
worst consequences, where the attacker could get complete control of the
application process. However unless the compiler uses the vector registers for
storing pointers, the most likely consequence, if any, would be an incorrect
result of some application dependent calculations or a crash leading to a denial
of service. The POLY1305 MAC algorithm is most frequently used as part of the
CHACHA20-POLY1305 AEAD (authenticated encryption with associated data)
algorithm. The most common usage of this AEAD cipher is with TLS protocol
versions 1.2 and 1.3. If this cipher is enabled on the server a malicious client
can influence whether this AEAD cipher is used. This implies that TLS server
applications using OpenSSL can be potentially impacted. However we are currently
not aware of any concrete application that would be affected by this issue
therefore we consider this a Low severity security issue. CVE-2023-5678 Issue
summary: Generating excessively long X9.42 DH keys or checking excessively long
X9.42 DH keys or parameters may be very slow. Impact summary: Applications that
use the functions DH_generate_key() to generate an X9.42 DH key may experience
long delays. Likewise, applications that use DH_check_pub_key(),
DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or
X9.42 DH parameters may experience long delays. Where the key or parameters that
are being checked have been obtained from an untrusted source this may lead to a
Denial of Service. While DH_check() performs all the necessary checks (as of
CVE-2023-3817), DH_check_pub_key() doesn't make any of these checks, and is
therefore vulnerable for excessively large P and Q parameters. Likewise, while
DH_generate_key() performs a check for an excessively large P, it doesn't check
for an excessively large Q. An application that calls DH_generate_key() or
DH_check_pub_key() and supplies a key or parameters obtained from an untrusted
source could be vulnerable to a Denial of Service attack. DH_generate_key() and
DH_check_pub_key() are also called by a number of other OpenSSL functions. An
application calling any of those other functions may similarly be affected. The
other functions affected by this are DH_check_pub_key_ex(),
EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the
OpenSSL pkey command line application when using the "-pubcheck" option, as well
as the OpenSSL genpkey command line application. The OpenSSL SSL/TLS
implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS
providers are not affected by this issue. CVE-2023-5363 Issue summary: A bug has
been identified in the processing of key and initialisation vector (IV) lengths.
This can lead to potential truncation or overruns during the initialisation of
some symmetric ciphers. Impact summary: A truncation in the IV can result in
non-uniqueness, which could result in loss of confidentiality for some cipher
modes. When calling EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2() or
EVP_CipherInit_ex2() the provided OSSL_PARAM array is processed after the key
and IV have been established. Any alterations to the key length, via the
"keylen" parameter or the IV length, via the "ivlen" parameter, within the
OSSL_PARAM array will not take effect as intended, potentially causing
truncation or overreading of these values. The following ciphers and cipher
modes are impacted: RC2, RC4, RC5, CCM, GCM and OCB. For the CCM, GCM and OCB
cipher modes, truncation of the IV can result in loss of confidentiality. For
example, when following NIST's SP 800-38D section 8.2.1 guidance for
constructing a deterministic IV for AES in GCM mode, truncation of the counter
portion could lead to IV reuse. Both truncations and overruns of the key and
overruns of the IV will produce incorrect results and could, in some cases,
trigger a memory exception. However, these issues are not currently assessed as
security critical. Changing the key and/or IV lengths is not considered to be a
common operation and the vulnerable API was recently introduced. Furthermore it
is likely that application developers will have spotted this problem during
testing since decryption would fail unless both peers in the communication were
similarly vulnerable. For these reasons we expect the probability of an
application being vulnerable to this to be quite low. However if an application
is vulnerable then this issue is considered very serious. For these reasons we
have assessed this issue as Moderate severity overall. The OpenSSL SSL/TLS
implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS
providers are not affected by this because the issue lies outside of the FIPS
provider boundary. OpenSSL 3.1 and 3.0 are vulnerable to this issue.
CVE-2019-0190 5.0A bug exists in the way mod_ssl handled client renegotiations.
A remote attacker could send a carefully crafted request that would cause
mod_ssl to enter a loop leading to a denial of service. This bug can be only
triggered with Apache HTTP Server version 2.4.37 when using OpenSSL version
1.1.1 or later, due to an interaction in changes to handling of renegotiation
attempts. CVE-2009-3767 4.3libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4,
and possibly other versions, when OpenSSL is used, does not properly handle a
'\0' character in a domain name in the subject's Common Name (CN) field of an
X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary
SSL servers via a crafted certificate issued by a legitimate Certification
Authority, a related issue to CVE-2009-2408. CVE-2009-3766 6.8mutt_ssl.c in mutt
1.5.16 and other versions before 1.5.19, when OpenSSL is used, does not verify
the domain name in the subject's Common Name (CN) field of an X.509 certificate,
which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary
valid certificate. CVE-2009-3765 6.8mutt_ssl.c in mutt 1.5.19 and 1.5.20, when
OpenSSL is used, does not properly handle a '\0' character in a domain name in
the subject's Common Name (CN) field of an X.509 certificate, which allows
man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted
certificate issued by a legitimate Certification Authority, a related issue to
CVE-2009-2408. CVE-2009-1390 6.8Mutt 1.5.19, when linked against (1) OpenSSL
(mutt_ssl.c) or (2) GnuTLS (mutt_ssl_gnutls.c), allows connections when only one
TLS certificate in the chain is accepted instead of verifying the entire chain,
which allows remote attackers to spoof trusted servers via a man-in-the-middle
attack.
OPENPORTS
8013544533895985
1089219958 | 2024-05-04T17:27:43.316435
80 / TCP
APACHE HTTPD2.4.58
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 17:27:43 GMT
Server: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Last-Modified: Mon, 18 Mar 2024 10:54:02 GMT
ETag: "0-613ed2cf6f1d1"
Accept-Ranges: bytes
Content-Length: 0
Content-Type: text/html
-873988807 | 2024-04-30T16:58:01.186446
135 / TCP
MICROSOFT RPC ENDPOINT MAPPER
Microsoft RPC Endpoint Mapper
d95afe70-a6d5-4259-822e-2c84da1ddb0d
version: v1.0
protocol: [MS-RSP]: Remote Shutdown Protocol
provider: wininit.exe
ncacn_ip_tcp: 163.5.215.125:49664
ncalrpc: WindowsShutdown
ncacn_np: \\WIN-JG1E0O7FSBS\PIPE\InitShutdown
ncalrpc: WMsgKRpc04A410
76f226c3-ec14-4325-8a99-6a46348418af
version: v1.0
provider: winlogon.exe
ncalrpc: WindowsShutdown
ncacn_np: \\WIN-JG1E0O7FSBS\PIPE\InitShutdown
ncalrpc: WMsgKRpc04A410
ncalrpc: WMsgKRpc04CDB1
ncalrpc: WMsgKRpc0785832
fc48cd89-98d6-4628-9839-86f7a3e4161a
version: v1.0
ncalrpc: dabrpc
ncalrpc: csebpub
ncalrpc: LRPC-a0fcbaeb96125737dc
ncalrpc: LRPC-5007dc7cac066e53af
ncalrpc: LRPC-592ff31565203c8338
ncalrpc: LRPC-546094001dff4c1e78
ncalrpc: LRPC-c2f13d82cd0e537500
ncalrpc: OLE53BFFB6FC7263935FEA3EB7513B9
ncalrpc: LRPC-fd18bed658ca4dfd8a
ncalrpc: actkernel
ncalrpc: umpo
d09bdeb5-6171-4a34-bfe2-06fa82652568
version: v1.0
ncalrpc: csebpub
ncalrpc: LRPC-a0fcbaeb96125737dc
ncalrpc: LRPC-5007dc7cac066e53af
ncalrpc: LRPC-592ff31565203c8338
ncalrpc: LRPC-546094001dff4c1e78
ncalrpc: LRPC-c2f13d82cd0e537500
ncalrpc: OLE53BFFB6FC7263935FEA3EB7513B9
ncalrpc: LRPC-fd18bed658ca4dfd8a
ncalrpc: actkernel
ncalrpc: umpo
ncalrpc: LRPC-5007dc7cac066e53af
ncalrpc: LRPC-592ff31565203c8338
ncalrpc: LRPC-546094001dff4c1e78
ncalrpc: LRPC-c2f13d82cd0e537500
ncalrpc: OLE53BFFB6FC7263935FEA3EB7513B9
ncalrpc: LRPC-fd18bed658ca4dfd8a
ncalrpc: actkernel
ncalrpc: umpo
ncalrpc: LRPC-592ff31565203c8338
ncalrpc: LRPC-546094001dff4c1e78
ncalrpc: LRPC-c2f13d82cd0e537500
ncalrpc: OLE53BFFB6FC7263935FEA3EB7513B9
ncalrpc: LRPC-fd18bed658ca4dfd8a
ncalrpc: actkernel
ncalrpc: umpo
ncalrpc: LRPC-95274949d93fc9fa91
ncalrpc: LRPC-85c5f5e5cbf8e2bde4
697dcda9-3ba9-4eb2-9247-e11f1901b0d2
version: v1.0
ncalrpc: LRPC-a0fcbaeb96125737dc
ncalrpc: LRPC-5007dc7cac066e53af
ncalrpc: LRPC-592ff31565203c8338
ncalrpc: LRPC-546094001dff4c1e78
ncalrpc: LRPC-c2f13d82cd0e537500
ncalrpc: OLE53BFFB6FC7263935FEA3EB7513B9
ncalrpc: LRPC-fd18bed658ca4dfd8a
ncalrpc: actkernel
ncalrpc: umpo
9b008953-f195-4bf9-bde0-4471971e58ed
version: v1.0
ncalrpc: LRPC-5007dc7cac066e53af
ncalrpc: LRPC-592ff31565203c8338
ncalrpc: LRPC-546094001dff4c1e78
ncalrpc: LRPC-c2f13d82cd0e537500
ncalrpc: OLE53BFFB6FC7263935FEA3EB7513B9
ncalrpc: LRPC-fd18bed658ca4dfd8a
ncalrpc: actkernel
ncalrpc: umpo
dd59071b-3215-4c59-8481-972edadc0f6a
version: v1.0
ncalrpc: umpo
0d47017b-b33b-46ad-9e18-fe96456c5078
version: v1.0
ncalrpc: umpo
95406f0b-b239-4318-91bb-cea3a46ff0dc
version: v1.0
ncalrpc: umpo
4ed8abcc-f1e2-438b-981f-bb0e8abc010c
version: v1.0
ncalrpc: umpo
0ff1f646-13bb-400a-ab50-9a78f2b7a85a
version: v1.0
ncalrpc: umpo
6982a06e-5fe2-46b1-b39c-a2c545bfa069
version: v1.0
ncalrpc: umpo
082a3471-31b6-422a-b931-a54401960c62
version: v1.0
ncalrpc: umpo
fae436b0-b864-4a87-9eda-298547cd82f2
version: v1.0
ncalrpc: umpo
e53d94ca-7464-4839-b044-09a2fb8b3ae5
version: v1.0
ncalrpc: umpo
178d84be-9291-4994-82c6-3f909aca5a03
version: v1.0
ncalrpc: umpo
4dace966-a243-4450-ae3f-9b7bcb5315b8
version: v2.0
ncalrpc: umpo
1832bcf6-cab8-41d4-85d2-c9410764f75a
version: v1.0
ncalrpc: umpo
c521facf-09a9-42c5-b155-72388595cbf0
version: v0.0
ncalrpc: umpo
2c7fd9ce-e706-4b40-b412-953107ef9bb0
version: v0.0
ncalrpc: umpo
88abcbc3-34ea-76ae-8215-767520655a23
version: v0.0
ncalrpc: LRPC-546094001dff4c1e78
ncalrpc: LRPC-c2f13d82cd0e537500
ncalrpc: OLE53BFFB6FC7263935FEA3EB7513B9
ncalrpc: LRPC-fd18bed658ca4dfd8a
ncalrpc: actkernel
ncalrpc: umpo
76c217bc-c8b4-4201-a745-373ad9032b1a
version: v1.0
ncalrpc: LRPC-546094001dff4c1e78
ncalrpc: LRPC-c2f13d82cd0e537500
ncalrpc: OLE53BFFB6FC7263935FEA3EB7513B9
ncalrpc: LRPC-fd18bed658ca4dfd8a
ncalrpc: actkernel
ncalrpc: umpo
55e6b932-1979-45d6-90c5-7f6270724112
version: v1.0
ncalrpc: LRPC-546094001dff4c1e78
ncalrpc: LRPC-c2f13d82cd0e537500
ncalrpc: OLE53BFFB6FC7263935FEA3EB7513B9
ncalrpc: LRPC-fd18bed658ca4dfd8a
ncalrpc: actkernel
ncalrpc: umpo
857fb1be-084f-4fb5-b59c-4b2c4be5f0cf
version: v1.0
ncalrpc: LRPC-c2f13d82cd0e537500
ncalrpc: OLE53BFFB6FC7263935FEA3EB7513B9
ncalrpc: LRPC-fd18bed658ca4dfd8a
ncalrpc: actkernel
ncalrpc: umpo
b8cadbaf-e84b-46b9-84f2-6f71c03f9e55
version: v1.0
ncalrpc: LRPC-c2f13d82cd0e537500
ncalrpc: OLE53BFFB6FC7263935FEA3EB7513B9
ncalrpc: LRPC-fd18bed658ca4dfd8a
ncalrpc: actkernel
ncalrpc: umpo
20c40295-8dba-48e6-aebf-3e78ef3bb144
version: v1.0
ncalrpc: LRPC-c2f13d82cd0e537500
ncalrpc: OLE53BFFB6FC7263935FEA3EB7513B9
ncalrpc: LRPC-fd18bed658ca4dfd8a
ncalrpc: actkernel
ncalrpc: umpo
2513bcbe-6cd4-4348-855e-7efb3c336dd3
version: v1.0
ncalrpc: LRPC-c2f13d82cd0e537500
ncalrpc: OLE53BFFB6FC7263935FEA3EB7513B9
ncalrpc: LRPC-fd18bed658ca4dfd8a
ncalrpc: actkernel
ncalrpc: umpo
0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e
version: v1.0
ncalrpc: LRPC-fd18bed658ca4dfd8a
ncalrpc: actkernel
ncalrpc: umpo
c605f9fb-f0a3-4e2a-a073-73560f8d9e3e
version: v1.0
ncalrpc: LRPC-fd18bed658ca4dfd8a
ncalrpc: actkernel
ncalrpc: umpo
1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0
version: v1.0
ncalrpc: LRPC-fd18bed658ca4dfd8a
ncalrpc: actkernel
ncalrpc: umpo
8bfc3be1-6def-4e2d-af74-7c47cd0ade4a
version: v1.0
ncalrpc: LRPC-fd18bed658ca4dfd8a
ncalrpc: actkernel
ncalrpc: umpo
2d98a740-581d-41b9-aa0d-a88b9d5ce938
version: v1.0
ncalrpc: LRPC-fd18bed658ca4dfd8a
ncalrpc: actkernel
ncalrpc: umpo
0361ae94-0316-4c6c-8ad8-c594375800e2
version: v1.0
ncalrpc: umpo
5824833b-3c1a-4ad2-bdfd-c31d19e23ed2
version: v1.0
ncalrpc: umpo
bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760
version: v1.0
ncalrpc: umpo
3b338d89-6cfa-44b8-847e-531531bc9992
version: v1.0
ncalrpc: umpo
8782d3b9-ebbd-4644-a3d8-e8725381919b
version: v1.0
ncalrpc: umpo
085b0334-e454-4d91-9b8c-4134f9e793f3
version: v1.0
ncalrpc: umpo
4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9
version: v1.0
ncalrpc: umpo
c9ac6db5-82b7-4e55-ae8a-e464ed7b4277
version: v1.0
annotation: Impl friendly name
provider: sysntfy.dll
ncalrpc: LRPC-595371d32ac02d5993
ncalrpc: IUserProfile2
ncalrpc: LRPC-20495e5bf1697a140e
ncalrpc: LRPC-455ce52f6b71662218
ncalrpc: senssvc
ncalrpc: LRPC-49a2abc4bf7c040490
f3f09ffd-fbcf-4291-944d-70ad6e0e73bb
version: v1.0
ncalrpc: LRPC-a41742a6932fc5b13c
e40f7b57-7a25-4cd3-a135-7f7d3df9d16b
version: v1.0
annotation: Network Connection Broker server endpoint
ncalrpc: LRPC-7814fb7bbeaf74ea90
ncalrpc: OLE50723508576B7E14812266BA5A4A
ncalrpc: LRPC-9f01e0546b50339053
ncalrpc: LRPC-95274949d93fc9fa91
880fd55e-43b9-11e0-b1a8-cf4edfd72085
version: v1.0
annotation: KAPI Service endpoint
ncalrpc: LRPC-7814fb7bbeaf74ea90
ncalrpc: OLE50723508576B7E14812266BA5A4A
ncalrpc: LRPC-9f01e0546b50339053
ncalrpc: LRPC-95274949d93fc9fa91
5222821f-d5e2-4885-84f1-5f6185a0ec41
version: v1.0
annotation: Network Connection Broker server endpoint for NCB Reset module
ncalrpc: LRPC-9f01e0546b50339053
ncalrpc: LRPC-95274949d93fc9fa91
30adc50c-5cbc-46ce-9a0e-91914789e23c
version: v1.0
annotation: NRP server endpoint
provider: nrpsrv.dll
ncalrpc: LRPC-c47655b974fca5eebe
a500d4c6-0dd1-4543-bc0c-d5f93486eaf8
version: v1.0
ncalrpc: LRPC-b2c2e415583ae97f6f
ncalrpc: LRPC-85c5f5e5cbf8e2bde4
df4df73a-c52d-4e3a-8003-8437fdf8302a
version: v0.0
annotation: WM_WindowManagerRPC\Server
ncalrpc: LRPC-234813992568c02f36
f6beaff7-1e19-4fbb-9f8f-b89e2018337c
version: v1.0
annotation: Event log TCPIP
protocol: [MS-EVEN6]: EventLog Remoting Protocol
provider: wevtsvc.dll
ncacn_ip_tcp: 163.5.215.125:49665
ncacn_np: \\WIN-JG1E0O7FSBS\pipe\eventlog
ncalrpc: eventlog
7ea70bcf-48af-4f6a-8968-6a440754d5fa
version: v1.0
annotation: NSI server endpoint
provider: nsisvc.dll
ncalrpc: LRPC-aadb9710524f4f3596
2eb08e3e-639f-4fba-97b1-14f878961076
version: v1.0
annotation: Group Policy RPC Interface
provider: gpsvc.dll
ncalrpc: LRPC-177202a056198747e1
3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5
version: v1.0
annotation: DHCP Client LRPC Endpoint
provider: dhcpcsvc.dll
ncalrpc: dhcpcsvc
ncalrpc: dhcpcsvc6
3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6
version: v1.0
annotation: DHCPv6 Client LRPC Endpoint
provider: dhcpcsvc6.dll
ncalrpc: dhcpcsvc6
3a9ef155-691d-4449-8d05-09ad57031823
version: v1.0
ncacn_ip_tcp: 163.5.215.125:49666
ncalrpc: LRPC-40c6454a5b67a0d386
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\WIN-JG1E0O7FSBS\PIPE\atsvc
ncalrpc: LRPC-baa9fdaab0880531a1
86d35949-83c9-4044-b424-db363231fd0c
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: schedsvc.dll
ncacn_ip_tcp: 163.5.215.125:49666
ncalrpc: LRPC-40c6454a5b67a0d386
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\WIN-JG1E0O7FSBS\PIPE\atsvc
ncalrpc: LRPC-baa9fdaab0880531a1
33d84484-3626-47ee-8c6f-e7e98b113be1
version: v2.0
ncalrpc: LRPC-40c6454a5b67a0d386
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\WIN-JG1E0O7FSBS\PIPE\atsvc
ncalrpc: LRPC-baa9fdaab0880531a1
378e52b0-c0a9-11cf-822d-00aa0051e40f
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: taskcomp.dll
ncacn_np: \\WIN-JG1E0O7FSBS\PIPE\atsvc
ncalrpc: LRPC-baa9fdaab0880531a1
1ff70682-0a51-30e8-076d-740be8cee98b
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: taskcomp.dll
ncacn_np: \\WIN-JG1E0O7FSBS\PIPE\atsvc
ncalrpc: LRPC-baa9fdaab0880531a1
0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53
version: v1.0
provider: schedsvc.dll
ncalrpc: LRPC-baa9fdaab0880531a1
30b044a5-a225-43f0-b3a4-e060df91f9c1
version: v1.0
provider: certprop.dll
ncalrpc: LRPC-c2c3bb1e8683004a5c
7f1343fe-50a9-4927-a778-0c5859517bac
version: v1.0
annotation: DfsDs service
ncacn_np: \\WIN-JG1E0O7FSBS\PIPE\wkssvc
ncalrpc: LRPC-908028c60293293f14
eb081a0d-10ee-478a-a1dd-50995283e7a8
version: v3.0
annotation: Witness Client Test Interface
ncalrpc: LRPC-908028c60293293f14
f2c9b409-c1c9-4100-8639-d8ab1486694a
version: v1.0
annotation: Witness Client Upcall Server
ncalrpc: LRPC-908028c60293293f14
29770a8f-829b-4158-90a2-78cd488501f7
version: v1.0
ncacn_ip_tcp: 163.5.215.125:49667
ncacn_np: \\WIN-JG1E0O7FSBS\pipe\SessEnvPublicRpc
ncalrpc: SessEnvPrivateRpc
ncalrpc: LRPC-49a2abc4bf7c040490
c2d1b5dd-fa81-4460-9dd6-e7658b85454b
version: v1.0
ncalrpc: LRPC-61c9a97b4aa8485327
ncalrpc: OLEBC393914BDE0AF6EFEEEC644D991
f44e62af-dab1-44c2-8013-049a9de417d6
version: v1.0
ncalrpc: LRPC-61c9a97b4aa8485327
ncalrpc: OLEBC393914BDE0AF6EFEEEC644D991
7aeb6705-3ae6-471a-882d-f39c109edc12
version: v1.0
ncalrpc: LRPC-61c9a97b4aa8485327
ncalrpc: OLEBC393914BDE0AF6EFEEEC644D991
e7f76134-9ef5-4949-a2d6-3368cc0988f3
version: v1.0
ncalrpc: LRPC-61c9a97b4aa8485327
ncalrpc: OLEBC393914BDE0AF6EFEEEC644D991
b37f900a-eae4-4304-a2ab-12bb668c0188
version: v1.0
ncalrpc: LRPC-61c9a97b4aa8485327
ncalrpc: OLEBC393914BDE0AF6EFEEEC644D991
abfb6ca3-0c5e-4734-9285-0aee72fe8d1c
version: v1.0
ncalrpc: LRPC-61c9a97b4aa8485327
ncalrpc: OLEBC393914BDE0AF6EFEEEC644D991
0d3c7f20-1c8d-4654-a1b3-51563b298bda
version: v1.0
annotation: UserMgrCli
ncalrpc: LRPC-de16e15010409d3c1d
ncalrpc: OLE45FC2205BD400B1FABB0870F19A8
b18fbab6-56f8-4702-84e0-41053293a869
version: v1.0
annotation: UserMgrCli
ncalrpc: LRPC-de16e15010409d3c1d
ncalrpc: OLE45FC2205BD400B1FABB0870F19A8
2fb92682-6599-42dc-ae13-bd2ca89bd11c
version: v1.0
annotation: Fw APIs
provider: MPSSVC.dll
ncalrpc: LRPC-421e8ee028f51f6fc7
ncalrpc: LRPC-c5ea128298165bdc26
ncalrpc: LRPC-199c3157ae935d085c
ncalrpc: LRPC-eff5e82eb656fd7dfa
f47433c3-3e9d-4157-aad4-83aa1f5c2d4c
version: v1.0
annotation: Fw APIs
ncalrpc: LRPC-c5ea128298165bdc26
ncalrpc: LRPC-199c3157ae935d085c
ncalrpc: LRPC-eff5e82eb656fd7dfa
7f9d11bf-7fb9-436b-a812-b2d50c5d4c03
version: v1.0
annotation: Fw APIs
provider: MPSSVC.dll
ncalrpc: LRPC-199c3157ae935d085c
ncalrpc: LRPC-eff5e82eb656fd7dfa
dd490425-5325-4565-b774-7e27d6c09c24
version: v1.0
annotation: Base Firewall Engine API
provider: BFE.DLL
ncalrpc: LRPC-eff5e82eb656fd7dfa
a398e520-d59a-4bdd-aa7a-3c1e0303a511
version: v1.0
annotation: IKE/Authip API
provider: IKEEXT.DLL
ncalrpc: LRPC-af899952acc1fb0fba
76f03f96-cdfd-44fc-a22c-64950a001209
version: v1.0
protocol: [MS-PAR]: Print System Asynchronous Remote Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 163.5.215.125:49668
ncalrpc: LRPC-92b831e93bb526aced
4a452661-8290-4b36-8fbe-7f4093a94978
version: v1.0
provider: spoolsv.exe
ncacn_ip_tcp: 163.5.215.125:49668
ncalrpc: LRPC-92b831e93bb526aced
ae33069b-a2a8-46ee-a235-ddfd339be281
version: v1.0
protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 163.5.215.125:49668
ncalrpc: LRPC-92b831e93bb526aced
0b6edbfa-4a24-4fc6-8a23-942b1eca65d1
version: v1.0
protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 163.5.215.125:49668
ncalrpc: LRPC-92b831e93bb526aced
12345678-1234-abcd-ef00-0123456789ab
version: v1.0
protocol: [MS-RPRN]: Print System Remote Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 163.5.215.125:49668
ncalrpc: LRPC-92b831e93bb526aced
b58aa02e-2884-4e97-8176-4ee06d794184
version: v1.0
provider: sysmain.dll
ncalrpc: LRPC-80733c2e25e25f0063
1a0d010f-1c33-432c-b0f5-8cf4e8053099
version: v1.0
annotation: IdSegSrv service
ncalrpc: LRPC-a2528ce0cdb6c6d170
98716d03-89ac-44c7-bb8c-285824e51c4a
version: v1.0
annotation: XactSrv service
provider: srvsvc.dll
ncalrpc: LRPC-a2528ce0cdb6c6d170
c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1
version: v1.0
annotation: Adh APIs
ncalrpc: OLEAF283BEB97446D5A9DBA81ADBB36
ncalrpc: TeredoControl
ncalrpc: TeredoDiagnostics
ncalrpc: LRPC-d3ed8636b793c1a5b9
c36be077-e14b-4fe9-8abc-e856ef4f048b
version: v1.0
annotation: Proxy Manager client server endpoint
ncalrpc: TeredoControl
ncalrpc: TeredoDiagnostics
ncalrpc: LRPC-d3ed8636b793c1a5b9
2e6035b2-e8f1-41a7-a044-656b439c4c34
version: v1.0
annotation: Proxy Manager provider server endpoint
ncalrpc: TeredoControl
ncalrpc: TeredoDiagnostics
ncalrpc: LRPC-d3ed8636b793c1a5b9
552d076a-cb29-4e44-8b6a-d15e59e2c0af
version: v1.0
annotation: IP Transition Configuration endpoint
provider: iphlpsvc.dll
ncalrpc: LRPC-d3ed8636b793c1a5b9
6b5bdd1e-528c-422c-af8c-a4079be4fe48
version: v1.0
annotation: Remote Fw APIs
protocol: [MS-FASP]: Firewall and Advanced Security Protocol
provider: FwRemoteSvr.dll
ncacn_ip_tcp: 163.5.215.125:49669
ncalrpc: ipsec
98cd761e-e77d-41c8-a3c0-0fb756d90ec2
version: v1.0
ncalrpc: LRPC-edc927b22f3cc9bd1c
d22895ef-aff4-42c5-a5b2-b14466d34ab4
version: v1.0
ncalrpc: LRPC-edc927b22f3cc9bd1c
e38f5360-8572-473e-b696-1b46873beeab
version: v1.0
ncalrpc: LRPC-edc927b22f3cc9bd1c
95095ec8-32ea-4eb0-a3e2-041f97b36168
version: v1.0
ncalrpc: LRPC-edc927b22f3cc9bd1c
fd8be72b-a9cd-4b2c-a9ca-4ded242fbe4d
version: v1.0
ncalrpc: LRPC-edc927b22f3cc9bd1c
4c9dbf19-d39e-4bb9-90ee-8f7179b20283
version: v1.0
ncalrpc: LRPC-edc927b22f3cc9bd1c
367abb81-9844-35f1-ad32-98f038001003
version: v2.0
protocol: [MS-SCMR]: Service Control Manager Remote Protocol
provider: services.exe
ncacn_ip_tcp: 163.5.215.125:49670
c503f532-443a-4c69-8300-ccd1fbdb3839
version: v2.0
ncalrpc: LRPC-d224bb039d19d5b643
ncalrpc: OLE8C8D6AAE40377B43FCCD19129564
51a227ae-825b-41f2-b4a9-1ac9557a1018
version: v1.0
annotation: Ngc Pop Key Service
ncacn_ip_tcp: 163.5.215.125:49671
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: LSA_IDPEXT_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\WIN-JG1E0O7FSBS\pipe\lsass
8fb74744-b2ff-4c00-be0d-9ef9a191fe1b
version: v1.0
annotation: Ngc Pop Key Service
ncacn_ip_tcp: 163.5.215.125:49671
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: LSA_IDPEXT_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\WIN-JG1E0O7FSBS\pipe\lsass
b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86
version: v2.0
annotation: KeyIso
ncacn_ip_tcp: 163.5.215.125:49671
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: LSA_IDPEXT_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\WIN-JG1E0O7FSBS\pipe\lsass
12345778-1234-abcd-ef00-0123456789ac
version: v1.0
protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
provider: samsrv.dll
ncacn_ip_tcp: 163.5.215.125:49671
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: LSA_IDPEXT_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\WIN-JG1E0O7FSBS\pipe\lsass
906b0ce0-c70b-1067-b317-00dd010662da
version: v1.0
protocol: [MS-CMPO]: MSDTC Connection Manager:
provider: msdtcprx.dll
ncalrpc: LRPC-db94e52e46178563a4
ncalrpc: LRPC-db94e52e46178563a4
ncalrpc: LRPC-db94e52e46178563a4
54b4c689-969a-476f-8dc2-990885e9f562
version: v0.0
ncalrpc: LRPC-478dfdccafb7709229
be7f785e-0e3a-4ab7-91de-7e46e443be29
version: v0.0
ncalrpc: LRPC-478dfdccafb7709229
12e65dd8-887f-41ef-91bf-8d816c42c2e7
version: v1.0
annotation: Secure Desktop LRPC interface
provider: winlogon.exe
ncalrpc: WMsgKRpc0785832
b1ef227e-dfa5-421e-82bb-67a6a129c496
version: v0.0
ncalrpc: LRPC-efdc93da7658ca1b6b
ncalrpc: OLE197966634EC4E0414BEBA8A939AF
0fc77b1a-95d8-4a2e-a0c0-cff54237462b
version: v0.0
ncalrpc: LRPC-efdc93da7658ca1b6b
ncalrpc: OLE197966634EC4E0414BEBA8A939AF
8ec21e98-b5ce-4916-a3d6-449fa428a007
version: v0.0
ncalrpc: LRPC-efdc93da7658ca1b6b
ncalrpc: OLE197966634EC4E0414BEBA8A939AF
58e604e8-9adb-4d2e-a464-3b0683fb1480
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncalrpc: LRPC-e2a59f7bc8e0b21315
fd7a0523-dc70-43dd-9b2e-9c5ed48225b1
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncalrpc: LRPC-e2a59f7bc8e0b21315
5f54ce7d-5b79-4175-8584-cb65313a0e98
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncalrpc: LRPC-e2a59f7bc8e0b21315
201ef99a-7fa0-444c-9399-19ba84f12a1a
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncalrpc: LRPC-e2a59f7bc8e0b21315
0497b57d-2e66-424f-a0c6-157cd5d41700
version: v1.0
annotation: AppInfo
ncalrpc: LRPC-e2a59f7bc8e0b21315
572e35b4-1344-4565-96a1-f5df3bfa89bb
version: v1.0
annotation: LiveIdSvcNotify RPC Interface
ncalrpc: liveidsvcnotify
faf2447b-b348-4feb-8dbe-beee5b7f7778
version: v1.0
annotation: OnlineProviderCert RPC Interface
ncalrpc: LRPC-3cfe884f3850ef1ac4
cc105610-da03-467e-bc73-5b9e2937458d
version: v1.0
annotation: LiveIdSvc RPC Interface
ncalrpc: LRPC-3cfe884f3850ef1ac4
0767a036-0d22-48aa-ba69-b619480f38cb
version: v1.0
annotation: PcaSvc
provider: pcasvc.dll
ncalrpc: LRPC-68c2add54078b3cab2
a4b8d482-80ce-40d6-934d-b22a01a44fe7
version: v1.0
annotation: LicenseManager
ncalrpc: LicenseServiceEndpoint
bf4dc912-e52f-4904-8ebe-9317c1bdd497
version: v1.0
ncalrpc: LRPC-cd974e24990c9cea02
ncalrpc: OLEABFAD482FF6335C87879A937972F
3473dd4d-2e88-4006-9cba-22570909dd10
version: v5.256
annotation: WinHttp Auto-Proxy Service
ncalrpc: 72522a2c-c531-4655-9842-4223fe2646c3
ncalrpc: LRPC-1734124b2b3247106a
-1166656618 | 2024-05-01T11:09:35.718875
445 / TCP
SMB Status:
Authentication: enabled
SMB Version: 2
Capabilities: raw-mode
-1179660036 | 2024-05-05T00:11:11.675784
3389 / TCP
REMOTE DESKTOP PROTOCOL
Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x1f\x08\x00\x02\x00\x00\x00
Remote Desktop Protocol NTLM Info:
OS: Windows 10 (version 1809)/Windows Server 2019 (version 1809)
OS Build: 10.0.17763
Target Name: WIN-JG1E0O7FSBS
NetBIOS Domain Name: WIN-JG1E0O7FSBS
NetBIOS Computer Name: WIN-JG1E0O7FSBS
DNS Domain Name: WIN-JG1E0O7FSBS
FQDN: WIN-JG1E0O7FSBS
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:63:35:1e:dd:39:fd:80:49:32:ba:39:1c:c7:d3:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=WIN-JG1E0O7FSBS
Validity
Not Before: Jan 1 04:08:57 2024 GMT
Not After : Jul 2 04:08:57 2024 GMT
Subject: CN=WIN-JG1E0O7FSBS
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:be:f8:15:db:1e:08:d9:3e:fb:2c:3b:33:78:58:
a3:9e:23:af:a3:e8:f1:34:cb:1c:19:df:f0:64:1f:
bc:76:88:eb:7b:80:5a:ae:26:6b:c2:3a:93:37:be:
cb:0e:3c:99:e4:76:8d:f0:13:d1:a7:d1:51:74:6c:
cb:c7:3c:ee:70:13:6c:75:b0:c8:cf:94:fc:f8:63:
f2:ab:36:1d:9b:f3:dd:b1:9c:ce:95:22:da:cb:a4:
d6:ee:2a:85:d7:50:8f:54:b6:29:5e:de:2f:aa:57:
74:7a:13:14:ab:da:15:fd:be:66:b9:e6:07:8f:8c:
f0:5c:97:76:00:e4:83:b0:16:64:49:cd:aa:e1:47:
c8:1d:7a:77:28:74:57:a0:ed:e0:0f:a3:ba:4c:b4:
9c:9f:71:f5:46:fe:36:02:80:40:cf:08:78:03:7f:
53:92:ac:e3:34:25:97:6c:75:04:95:f5:99:30:c0:
de:e4:16:49:59:f1:a6:93:60:5f:f3:4f:f1:3a:42:
ff:22:18:75:a2:8c:ca:f0:3c:0a:42:a8:14:7b:ed:
94:05:45:8f:55:62:a3:25:05:38:2a:6b:6d:a0:38:
f9:31:46:7c:48:ea:8c:48:38:02:9e:44:60:39:18:
f5:2d:42:bd:a1:55:84:51:90:da:bd:70:cb:c8:f3:
90:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Extended Key Usage:
TLS Web Server Authentication
X509v3 Key Usage:
Key Encipherment, Data Encipherment
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
38:3e:7d:cc:84:93:fb:4a:5c:ef:4e:43:9a:8c:ff:eb:21:4d:
b3:48:5a:52:21:e1:a6:ee:8b:52:24:c3:e2:db:56:29:a5:24:
2b:09:2b:83:99:96:fb:f8:22:ee:9d:8e:fe:b6:73:ca:a0:bb:
a4:e9:20:bd:e1:b9:87:f8:c2:da:15:5b:ea:cd:fd:b5:ea:7d:
52:44:7c:da:99:d5:e6:68:84:1f:70:5f:1e:92:1f:7b:c0:e3:
04:3d:32:a4:5c:14:24:a0:87:1f:be:7e:55:67:45:46:d6:d8:
94:6e:a5:b6:11:f2:24:4d:b2:e3:d3:eb:45:08:69:53:b1:f4:
aa:8d:f4:d3:01:26:9d:5d:43:e0:2c:5f:3f:5e:6e:0a:0b:6f:
ca:ef:ea:e9:f0:5b:94:2f:14:0a:e9:17:cb:4d:28:26:e1:35:
f2:76:6d:38:fe:cc:ee:21:65:76:84:bd:4d:5c:0b:bf:74:74:
8a:81:ea:af:df:ec:82:10:6b:2a:dd:e6:69:c2:28:fa:1c:9a:
4f:2b:45:84:4c:62:a6:78:ea:c5:9b:50:b5:e1:a1:a0:19:50:
d0:e4:70:1e:ca:f2:ad:e8:d3:39:9a:57:cd:9e:b4:a9:b7:a5:
ec:dc:80:2b:28:1d:e1:bb:f8:1e:40:ff:1a:fe:1e:55:c0:54:
e7:b6:99:1e
1489525118 | 2024-05-05T16:48:40.725845
5985 / TCP
WINRM
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Sun, 05 May 2024 16:48:40 GMT
Connection: close
Content-Length: 315
WinRM NTLM Info:
OS: Windows Server 2019 (version 1809)
OS Build: 10.0.17763
Target Name: WIN-JG1E0O7FSBS
NetBIOS Domain Name: WIN-JG1E0O7FSBS
NetBIOS Computer Name: WIN-JG1E0O7FSBS
DNS Domain Name: WIN-JG1E0O7FSBS
FQDN: WIN-JG1E0O7FSBS
PRODUCTS
* Monitor
* Search Engine
* Developer API
* Maps
* Bulk Data
* Images
* Snippets
PRICING
* Membership
* API Subscriptions
* Enterprise
CONTACT US
* support@shodan.io
*
Shodan ® - All rights reserved