703707298 | 2024-04-16T05:44:49.322385
80 /
tcp
HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Sat, 20 May 2023 19:31:43 GMT
Accept-Ranges: bytes
ETag: "bb4f39b5518bd91:0"
Server: Microsoft-IIS/10.0
Date: Tue, 16 Apr 2024 05:44:47 GMT
Content-Length: 703
1966431999 | 2024-04-15T20:26:39.062909
135 /
tcp
Microsoft RPC Endpoint Mapper
51a227ae-825b-41f2-b4a9-1ac9557a1018
version: v1.0
annotation: Ngc Pop Key Service
ncacn_ip_tcp: 136.243.77.82:49669
ncalrpc: NETLOGON_LRPC
ncacn_ip_tcp: 136.243.77.82:49664
ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: LSA_IDPEXT_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\SV04\pipe\lsass
8fb74744-b2ff-4c00-be0d-9ef9a191fe1b
version: v1.0
annotation: Ngc Pop Key Service
ncacn_ip_tcp: 136.243.77.82:49669
ncalrpc: NETLOGON_LRPC
ncacn_ip_tcp: 136.243.77.82:49664
ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: LSA_IDPEXT_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\SV04\pipe\lsass
b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86
version: v2.0
annotation: KeyIso
ncacn_ip_tcp: 136.243.77.82:49669
ncalrpc: NETLOGON_LRPC
ncacn_ip_tcp: 136.243.77.82:49664
ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: LSA_IDPEXT_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\SV04\pipe\lsass
0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7
version: v0.0
annotation: RemoteAccessCheck
protocol: [MS-RAA]: Remote Authorization API Protocol
ncacn_ip_tcp: 136.243.77.82:49669
ncalrpc: NETLOGON_LRPC
ncacn_ip_tcp: 136.243.77.82:49664
ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: LSA_IDPEXT_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\SV04\pipe\lsass
ncacn_ip_tcp: 136.243.77.82:49669
ncalrpc: NETLOGON_LRPC
ncacn_ip_tcp: 136.243.77.82:49664
ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: LSA_IDPEXT_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\SV04\pipe\lsass
12345778-1234-abcd-ef00-0123456789ac
version: v1.0
protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
provider: samsrv.dll
ncacn_ip_tcp: 136.243.77.82:49664
ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: LSA_IDPEXT_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\SV04\pipe\lsass
d95afe70-a6d5-4259-822e-2c84da1ddb0d
version: v1.0
protocol: [MS-RSP]: Remote Shutdown Protocol
provider: wininit.exe
ncacn_ip_tcp: 136.243.77.82:49665
ncalrpc: WindowsShutdown
ncacn_np: \\SV04\PIPE\InitShutdown
ncalrpc: WMsgKRpc0B3890
76f226c3-ec14-4325-8a99-6a46348418af
version: v1.0
provider: winlogon.exe
ncalrpc: WindowsShutdown
ncacn_np: \\SV04\PIPE\InitShutdown
ncalrpc: WMsgKRpc0B3890
ncalrpc: WMsgKRpc0B5F21
ncalrpc: WMsgKRpc37ED440D815
ncalrpc: WMsgKRpcBA6F78EF31C
fc48cd89-98d6-4628-9839-86f7a3e4161a
version: v1.0
ncalrpc: dabrpc
ncalrpc: csebpub
ncalrpc: LRPC-4aeb1b70a08cc58fcb
ncalrpc: LRPC-01aae1f3b9f09563e4
ncalrpc: LRPC-b63d28fd0d788a6303
ncalrpc: LRPC-eb841bf136be38b94d
ncalrpc: OLE2212874F19460BF228DBCF8FF5C1
ncalrpc: LRPC-5f9a9740a9e15a5ce5
ncalrpc: actkernel
ncalrpc: umpo
d09bdeb5-6171-4a34-bfe2-06fa82652568
version: v1.0
ncalrpc: csebpub
ncalrpc: LRPC-4aeb1b70a08cc58fcb
ncalrpc: LRPC-01aae1f3b9f09563e4
ncalrpc: LRPC-b63d28fd0d788a6303
ncalrpc: LRPC-eb841bf136be38b94d
ncalrpc: OLE2212874F19460BF228DBCF8FF5C1
ncalrpc: LRPC-5f9a9740a9e15a5ce5
ncalrpc: actkernel
ncalrpc: umpo
ncalrpc: LRPC-01aae1f3b9f09563e4
ncalrpc: LRPC-b63d28fd0d788a6303
ncalrpc: LRPC-eb841bf136be38b94d
ncalrpc: OLE2212874F19460BF228DBCF8FF5C1
ncalrpc: LRPC-5f9a9740a9e15a5ce5
ncalrpc: actkernel
ncalrpc: umpo
ncalrpc: LRPC-b63d28fd0d788a6303
ncalrpc: LRPC-eb841bf136be38b94d
ncalrpc: OLE2212874F19460BF228DBCF8FF5C1
ncalrpc: LRPC-5f9a9740a9e15a5ce5
ncalrpc: actkernel
ncalrpc: umpo
ncalrpc: LRPC-0cf03a4b00d5d5c53b
ncalrpc: LRPC-16b54516aaa3370dbd
ncalrpc: LRPC-65a58314613847a39a
697dcda9-3ba9-4eb2-9247-e11f1901b0d2
version: v1.0
ncalrpc: LRPC-4aeb1b70a08cc58fcb
ncalrpc: LRPC-01aae1f3b9f09563e4
ncalrpc: LRPC-b63d28fd0d788a6303
ncalrpc: LRPC-eb841bf136be38b94d
ncalrpc: OLE2212874F19460BF228DBCF8FF5C1
ncalrpc: LRPC-5f9a9740a9e15a5ce5
ncalrpc: actkernel
ncalrpc: umpo
9b008953-f195-4bf9-bde0-4471971e58ed
version: v1.0
ncalrpc: LRPC-01aae1f3b9f09563e4
ncalrpc: LRPC-b63d28fd0d788a6303
ncalrpc: LRPC-eb841bf136be38b94d
ncalrpc: OLE2212874F19460BF228DBCF8FF5C1
ncalrpc: LRPC-5f9a9740a9e15a5ce5
ncalrpc: actkernel
ncalrpc: umpo
0d47017b-b33b-46ad-9e18-fe96456c5078
version: v1.0
ncalrpc: umpo
95406f0b-b239-4318-91bb-cea3a46ff0dc
version: v1.0
ncalrpc: umpo
4ed8abcc-f1e2-438b-981f-bb0e8abc010c
version: v1.0
ncalrpc: umpo
0ff1f646-13bb-400a-ab50-9a78f2b7a85a
version: v1.0
ncalrpc: umpo
6982a06e-5fe2-46b1-b39c-a2c545bfa069
version: v1.0
ncalrpc: umpo
082a3471-31b6-422a-b931-a54401960c62
version: v1.0
ncalrpc: umpo
fae436b0-b864-4a87-9eda-298547cd82f2
version: v1.0
ncalrpc: umpo
e53d94ca-7464-4839-b044-09a2fb8b3ae5
version: v1.0
ncalrpc: umpo
178d84be-9291-4994-82c6-3f909aca5a03
version: v1.0
ncalrpc: umpo
4dace966-a243-4450-ae3f-9b7bcb5315b8
version: v2.0
ncalrpc: umpo
1832bcf6-cab8-41d4-85d2-c9410764f75a
version: v1.0
ncalrpc: umpo
c521facf-09a9-42c5-b155-72388595cbf0
version: v0.0
ncalrpc: umpo
2c7fd9ce-e706-4b40-b412-953107ef9bb0
version: v0.0
ncalrpc: umpo
88abcbc3-34ea-76ae-8215-767520655a23
version: v0.0
ncalrpc: LRPC-eb841bf136be38b94d
ncalrpc: OLE2212874F19460BF228DBCF8FF5C1
ncalrpc: LRPC-5f9a9740a9e15a5ce5
ncalrpc: actkernel
ncalrpc: umpo
76c217bc-c8b4-4201-a745-373ad9032b1a
version: v1.0
ncalrpc: LRPC-eb841bf136be38b94d
ncalrpc: OLE2212874F19460BF228DBCF8FF5C1
ncalrpc: LRPC-5f9a9740a9e15a5ce5
ncalrpc: actkernel
ncalrpc: umpo
55e6b932-1979-45d6-90c5-7f6270724112
version: v1.0
ncalrpc: LRPC-eb841bf136be38b94d
ncalrpc: OLE2212874F19460BF228DBCF8FF5C1
ncalrpc: LRPC-5f9a9740a9e15a5ce5
ncalrpc: actkernel
ncalrpc: umpo
857fb1be-084f-4fb5-b59c-4b2c4be5f0cf
version: v1.0
ncalrpc: OLE2212874F19460BF228DBCF8FF5C1
ncalrpc: LRPC-5f9a9740a9e15a5ce5
ncalrpc: actkernel
ncalrpc: umpo
20c40295-8dba-48e6-aebf-3e78ef3bb144
version: v2.0
ncalrpc: OLE2212874F19460BF228DBCF8FF5C1
ncalrpc: LRPC-5f9a9740a9e15a5ce5
ncalrpc: actkernel
ncalrpc: umpo
2513bcbe-6cd4-4348-855e-7efb3c336dd3
version: v2.0
ncalrpc: OLE2212874F19460BF228DBCF8FF5C1
ncalrpc: LRPC-5f9a9740a9e15a5ce5
ncalrpc: actkernel
ncalrpc: umpo
0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e
version: v1.0
ncalrpc: LRPC-5f9a9740a9e15a5ce5
ncalrpc: actkernel
ncalrpc: umpo
c605f9fb-f0a3-4e2a-a073-73560f8d9e3e
version: v1.0
ncalrpc: LRPC-5f9a9740a9e15a5ce5
ncalrpc: actkernel
ncalrpc: umpo
1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0
version: v1.0
ncalrpc: LRPC-5f9a9740a9e15a5ce5
ncalrpc: actkernel
ncalrpc: umpo
8bfc3be1-6def-4e2d-af74-7c47cd0ade4a
version: v1.0
ncalrpc: LRPC-5f9a9740a9e15a5ce5
ncalrpc: actkernel
ncalrpc: umpo
2d98a740-581d-41b9-aa0d-a88b9d5ce938
version: v1.0
ncalrpc: LRPC-5f9a9740a9e15a5ce5
ncalrpc: actkernel
ncalrpc: umpo
dd59071b-3215-4c59-8481-972edadc0f6a
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
0361ae94-0316-4c6c-8ad8-c594375800e2
version: v1.0
ncalrpc: umpo
5824833b-3c1a-4ad2-bdfd-c31d19e23ed2
version: v1.0
ncalrpc: umpo
bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760
version: v1.0
ncalrpc: umpo
3b338d89-6cfa-44b8-847e-531531bc9992
version: v1.0
ncalrpc: umpo
8782d3b9-ebbd-4644-a3d8-e8725381919b
version: v1.0
ncalrpc: umpo
085b0334-e454-4d91-9b8c-4134f9e793f3
version: v1.0
ncalrpc: umpo
4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9
version: v1.0
ncalrpc: umpo
c9ac6db5-82b7-4e55-ae8a-e464ed7b4277
version: v1.0
annotation: Impl friendly name
provider: sysntfy.dll
ncalrpc: LRPC-e22630153a9065c185
ncalrpc: LRPC-45c368e9c7c48e1a8a
ncalrpc: IUserProfile2
ncalrpc: LRPC-7534b42043d8da2ec9
ncalrpc: senssvc
ncalrpc: LRPC-f8e04e80db28f2e6f4
7ea70bcf-48af-4f6a-8968-6a440754d5fa
version: v1.0
annotation: NSI server endpoint
provider: nsisvc.dll
ncalrpc: LRPC-3a9c1aa957f56425d3
3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5
version: v1.0
annotation: DHCP Client LRPC Endpoint
provider: dhcpcsvc.dll
ncalrpc: dhcpcsvc
ncalrpc: dhcpcsvc6
3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6
version: v1.0
annotation: DHCPv6 Client LRPC Endpoint
provider: dhcpcsvc6.dll
ncalrpc: dhcpcsvc
ncalrpc: dhcpcsvc6
f6beaff7-1e19-4fbb-9f8f-b89e2018337c
version: v1.0
annotation: Event log TCPIP
protocol: [MS-EVEN6]: EventLog Remoting Protocol
provider: wevtsvc.dll
ncacn_ip_tcp: 136.243.77.82:49666
ncacn_np: \\SV04\pipe\eventlog
ncalrpc: eventlog
30adc50c-5cbc-46ce-9a0e-91914789e23c
version: v1.0
annotation: NRP server endpoint
provider: nrpsrv.dll
ncalrpc: LRPC-ea20d791b7db2e2cfc
ncalrpc: DNSResolver
e40f7b57-7a25-4cd3-a135-7f7d3df9d16b
version: v1.0
ncalrpc: LRPC-eff19059454ddf3820
880fd55e-43b9-11e0-b1a8-cf4edfd72085
version: v1.0
annotation: KAPI Service endpoint
ncalrpc: LRPC-86d8365098693c16a7
ncalrpc: OLE3DD527E3086937563EF7044D34DE
ncalrpc: LRPC-0cf03a4b00d5d5c53b
5222821f-d5e2-4885-84f1-5f6185a0ec41
version: v1.0
ncalrpc: LRPC-cc72d263bac23b7f3c
a500d4c6-0dd1-4543-bc0c-d5f93486eaf8
version: v1.0
ncalrpc: LRPC-f32f1ceee65b6e8e11
ncalrpc: LRPC-16b54516aaa3370dbd
8833d1d0-965f-4216-b3e9-fbe58cad3100
version: v1.0
provider: SCardSvr.dll
ncalrpc: LRPC-c86dface9e4ad28202
ncalrpc: LRPC-65a58314613847a39a
c6b5235a-e413-481d-9ac8-31681b1faaf5
version: v1.256
ncalrpc: LRPC-c86dface9e4ad28202
ncalrpc: LRPC-65a58314613847a39a
3f787932-3452-4363-8651-6ea97bb373bb
version: v1.0
annotation: NSP Rpc Interface
ncalrpc: LRPC-5f4643b6a2e6994667
ncalrpc: OLEDBA2514B8133D2AB6D01F0935FAA
2eb08e3e-639f-4fba-97b1-14f878961076
version: v1.0
annotation: Group Policy RPC Interface
provider: gpsvc.dll
ncalrpc: LRPC-829286a8f1c27b605e
3a9ef155-691d-4449-8d05-09ad57031823
version: v1.0
ncacn_ip_tcp: 136.243.77.82:49667
ncalrpc: LRPC-3d659f6f76fb70a272
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\SV04\PIPE\atsvc
ncalrpc: LRPC-1c82d262d29e5b2768
86d35949-83c9-4044-b424-db363231fd0c
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: schedsvc.dll
ncacn_ip_tcp: 136.243.77.82:49667
ncalrpc: LRPC-3d659f6f76fb70a272
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\SV04\PIPE\atsvc
ncalrpc: LRPC-1c82d262d29e5b2768
33d84484-3626-47ee-8c6f-e7e98b113be1
version: v2.0
ncalrpc: LRPC-3d659f6f76fb70a272
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\SV04\PIPE\atsvc
ncalrpc: LRPC-1c82d262d29e5b2768
378e52b0-c0a9-11cf-822d-00aa0051e40f
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: taskcomp.dll
ncacn_np: \\SV04\PIPE\atsvc
ncalrpc: LRPC-1c82d262d29e5b2768
1ff70682-0a51-30e8-076d-740be8cee98b
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: taskcomp.dll
ncacn_np: \\SV04\PIPE\atsvc
ncalrpc: LRPC-1c82d262d29e5b2768
0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53
version: v1.0
provider: schedsvc.dll
ncalrpc: LRPC-1c82d262d29e5b2768
2fb92682-6599-42dc-ae13-bd2ca89bd11c
version: v1.0
annotation: Fw APIs
provider: MPSSVC.dll
ncalrpc: LRPC-b225a732c765c3086d
ncalrpc: LRPC-1b401b6184b9cd03ba
ncalrpc: LRPC-244e78f831c4e3d9cd
ncalrpc: LRPC-42e4986fcdca5f7bab
f47433c3-3e9d-4157-aad4-83aa1f5c2d4c
version: v1.0
annotation: Fw APIs
ncalrpc: LRPC-1b401b6184b9cd03ba
ncalrpc: LRPC-244e78f831c4e3d9cd
ncalrpc: LRPC-42e4986fcdca5f7bab
7f9d11bf-7fb9-436b-a812-b2d50c5d4c03
version: v1.0
annotation: Fw APIs
provider: MPSSVC.dll
ncalrpc: LRPC-244e78f831c4e3d9cd
ncalrpc: LRPC-42e4986fcdca5f7bab
dd490425-5325-4565-b774-7e27d6c09c24
version: v1.0
annotation: Base Firewall Engine API
provider: BFE.DLL
ncalrpc: LRPC-42e4986fcdca5f7bab
3473dd4d-2e88-4006-9cba-22570909dd10
version: v5.256
annotation: WinHttp Auto-Proxy Service
ncalrpc: 3f61b501-1d21-45de-9cc0-3c574eb66de7
ncalrpc: LRPC-bddec0066aa4ba78fe
c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1
version: v1.0
annotation: Adh APIs
ncalrpc: OLE1BD211813877E4E553A37575C89C
ncalrpc: TeredoControl
ncalrpc: TeredoDiagnostics
ncalrpc: LRPC-1764f79a2e5e8ffb7c
c36be077-e14b-4fe9-8abc-e856ef4f048b
version: v1.0
annotation: Proxy Manager client server endpoint
ncalrpc: TeredoControl
ncalrpc: TeredoDiagnostics
ncalrpc: LRPC-1764f79a2e5e8ffb7c
2e6035b2-e8f1-41a7-a044-656b439c4c34
version: v1.0
annotation: Proxy Manager provider server endpoint
ncalrpc: TeredoControl
ncalrpc: TeredoDiagnostics
ncalrpc: LRPC-1764f79a2e5e8ffb7c
552d076a-cb29-4e44-8b6a-d15e59e2c0af
version: v1.0
annotation: IP Transition Configuration endpoint
provider: iphlpsvc.dll
ncalrpc: LRPC-1764f79a2e5e8ffb7c
7f1343fe-50a9-4927-a778-0c5859517bac
version: v1.0
annotation: DfsDs service
ncacn_np: \\SV04\PIPE\wkssvc
ncalrpc: LRPC-f2fbcfd7329c153bee
eb081a0d-10ee-478a-a1dd-50995283e7a8
version: v3.0
annotation: Witness Client Test Interface
ncalrpc: LRPC-f2fbcfd7329c153bee
f2c9b409-c1c9-4100-8639-d8ab1486694a
version: v1.0
annotation: Witness Client Upcall Server
ncalrpc: LRPC-f2fbcfd7329c153bee
29770a8f-829b-4158-90a2-78cd488501f7
version: v1.0
ncacn_ip_tcp: 136.243.77.82:49668
ncacn_np: \\SV04\pipe\SessEnvPublicRpc
ncalrpc: SessEnvPrivateRpc
ncalrpc: OLE81813EC8E1A62C70E2C79BA5257A
ncalrpc: LRPC-f8e04e80db28f2e6f4
0d3c7f20-1c8d-4654-a1b3-51563b298bda
version: v1.0
annotation: UserMgrCli
ncalrpc: LRPC-cd6487db6d017e0d73
ncalrpc: OLE2070EC4F95BB681D78132A41A44D
b18fbab6-56f8-4702-84e0-41053293a869
version: v1.0
annotation: UserMgrCli
ncalrpc: LRPC-cd6487db6d017e0d73
ncalrpc: OLE2070EC4F95BB681D78132A41A44D
509bc7ae-77be-4ee8-b07c-0d096bb44345
version: v1.0
ncalrpc: LRPC-a517ad9cc532cc844b
ncalrpc: OLE8CE84466707E0E86741B7BCDC0F5
13560fa9-8c09-4b56-a1fd-04d083b9b2a1
version: v1.0
ncalrpc: LRPC-d8cc2f83a2106f9a20
ncalrpc: OLE8799ECA3D648C0A9FC6043935C1F
c2d1b5dd-fa81-4460-9dd6-e7658b85454b
version: v1.0
ncalrpc: LRPC-d8cc2f83a2106f9a20
ncalrpc: OLE8799ECA3D648C0A9FC6043935C1F
f44e62af-dab1-44c2-8013-049a9de417d6
version: v1.0
ncalrpc: LRPC-d8cc2f83a2106f9a20
ncalrpc: OLE8799ECA3D648C0A9FC6043935C1F
b37f900a-eae4-4304-a2ab-12bb668c0188
version: v1.0
ncalrpc: LRPC-d8cc2f83a2106f9a20
ncalrpc: OLE8799ECA3D648C0A9FC6043935C1F
abfb6ca3-0c5e-4734-9285-0aee72fe8d1c
version: v1.0
ncalrpc: LRPC-d8cc2f83a2106f9a20
ncalrpc: OLE8799ECA3D648C0A9FC6043935C1F
76f03f96-cdfd-44fc-a22c-64950a001209
version: v1.0
protocol: [MS-PAR]: Print System Asynchronous Remote Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 136.243.77.82:49670
ncalrpc: LRPC-5345e2396b9352dba6
4a452661-8290-4b36-8fbe-7f4093a94978
version: v1.0
provider: spoolsv.exe
ncacn_ip_tcp: 136.243.77.82:49670
ncalrpc: LRPC-5345e2396b9352dba6
ae33069b-a2a8-46ee-a235-ddfd339be281
version: v1.0
protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 136.243.77.82:49670
ncalrpc: LRPC-5345e2396b9352dba6
0b6edbfa-4a24-4fc6-8a23-942b1eca65d1
version: v1.0
protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 136.243.77.82:49670
ncalrpc: LRPC-5345e2396b9352dba6
12345678-1234-abcd-ef00-0123456789ab
version: v1.0
protocol: [MS-RPRN]: Print System Remote Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 136.243.77.82:49670
ncalrpc: LRPC-5345e2396b9352dba6
b58aa02e-2884-4e97-8176-4ee06d794184
version: v1.0
provider: sysmain.dll
ncalrpc: LRPC-6fd4e9a28d1dab55d0
a398e520-d59a-4bdd-aa7a-3c1e0303a511
version: v1.0
annotation: IKE/Authip API
provider: IKEEXT.DLL
ncalrpc: LRPC-001f534b4d25871cce
1a0d010f-1c33-432c-b0f5-8cf4e8053099
version: v1.0
annotation: IdSegSrv service
ncalrpc: LRPC-c6e3b3692f7a9ab1df
98716d03-89ac-44c7-bb8c-285824e51c4a
version: v1.0
annotation: XactSrv service
provider: srvsvc.dll
ncalrpc: LRPC-c6e3b3692f7a9ab1df
367abb81-9844-35f1-ad32-98f038001003
version: v2.0
protocol: [MS-SCMR]: Service Control Manager Remote Protocol
provider: services.exe
ncacn_ip_tcp: 136.243.77.82:49671
650a7e26-eab8-5533-ce43-9c1dfce11511
version: v1.0
annotation: Vpn APIs
ncalrpc: LRPC-7e7aba612fb9de0031
ncalrpc: VpnikeRpc
ncalrpc: RasmanLrpc
ncacn_np: \\SV04\PIPE\ROUTER
e7a216af-1ec1-447f-8d3f-a87278db564d
version: v1.0
ncalrpc: LRPC-f50c6d91fc1c3708c0
3d267954-eeb7-11d1-b94e-00c04fa3080d
version: v1.0
provider: lserver.dll
ncacn_ip_tcp: 136.243.77.82:49672
ncacn_np: \\SV04\pipe\HydraLsPipe
ncalrpc: LRPC-941fdb1b5f6970f77d
d249bd56-4cc0-4fd3-8ce6-6fe050d590cb
version: v0.0
ncalrpc: LRPC-dd08f39d0e85116a45
d8140e00-5c46-4ae6-80ac-2f9a76df224c
version: v0.0
ncalrpc: LRPC-dd08f39d0e85116a45
906b0ce0-c70b-1067-b317-00dd010662da
version: v1.0
protocol: [MS-CMPO]: MSDTC Connection Manager:
provider: msdtcprx.dll
ncalrpc: LRPC-c757fa990ce8030007
ncalrpc: LRPC-c757fa990ce8030007
ncalrpc: LRPC-c757fa990ce8030007
0767a036-0d22-48aa-ba69-b619480f38cb
version: v1.0
annotation: PcaSvc
provider: pcasvc.dll
ncalrpc: LRPC-4f16ab2a868e06d176
58e604e8-9adb-4d2e-a464-3b0683fb1480
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncalrpc: LRPC-8cc1f1c2f7f34f4e82
fd7a0523-dc70-43dd-9b2e-9c5ed48225b1
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncalrpc: LRPC-8cc1f1c2f7f34f4e82
5f54ce7d-5b79-4175-8584-cb65313a0e98
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncalrpc: LRPC-8cc1f1c2f7f34f4e82
201ef99a-7fa0-444c-9399-19ba84f12a1a
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncalrpc: LRPC-8cc1f1c2f7f34f4e82
0497b57d-2e66-424f-a0c6-157cd5d41700
version: v1.0
annotation: AppInfo
ncalrpc: LRPC-8cc1f1c2f7f34f4e82
a4b8d482-80ce-40d6-934d-b22a01a44fe7
version: v1.0
annotation: LicenseManager
ncalrpc: LicenseServiceEndpoint
bf4dc912-e52f-4904-8ebe-9317c1bdd497
version: v1.0
ncalrpc: LRPC-f45889d3c0dd1cd49f
ncalrpc: OLEE97A3FD6F955C479E9D4BCA99859
8c7daf44-b6dc-11d1-9a4c-0020af6e7c57
version: v1.0
annotation: Group Policy RPC Interface
provider: appmgmts.dll
ncalrpc: LRPC-173128138f1bf52374
12e65dd8-887f-41ef-91bf-8d816c42c2e7
version: v1.0
annotation: Secure Desktop LRPC interface
provider: winlogon.exe
ncalrpc: WMsgKRpc37ED440D815
ncalrpc: WMsgKRpcBA6F78EF31C
b1ef227e-dfa5-421e-82bb-67a6a129c496
version: v0.0
ncalrpc: LRPC-b6ddb9df557fc61cc5
ncalrpc: OLE40C6235391402D181A84CCDA7C0C
ncalrpc: LRPC-c3006c77e2dc8b6325
ncalrpc: OLE25793E45B9E9802958CE5980888A
0fc77b1a-95d8-4a2e-a0c0-cff54237462b
version: v0.0
ncalrpc: LRPC-b6ddb9df557fc61cc5
ncalrpc: OLE40C6235391402D181A84CCDA7C0C
ncalrpc: LRPC-c3006c77e2dc8b6325
ncalrpc: OLE25793E45B9E9802958CE5980888A
8ec21e98-b5ce-4916-a3d6-449fa428a007
version: v0.0
ncalrpc: LRPC-b6ddb9df557fc61cc5
ncalrpc: OLE40C6235391402D181A84CCDA7C0C
ncalrpc: LRPC-c3006c77e2dc8b6325
ncalrpc: OLE25793E45B9E9802958CE5980888A
30b044a5-a225-43f0-b3a4-e060df91f9c1
version: v1.0
provider: certprop.dll
ncalrpc: LRPC-57b8816f8fe6e5ad42
ff9fd3c4-742e-45e0-91dd-2f5bc632a1df
version: v1.0
annotation: appxsvc
ncalrpc: LRPC-d874787f5a607f60c1
ae2dc901-312d-41df-8b79-e835e63db874
version: v1.0
annotation: appxsvc
ncalrpc: LRPC-d874787f5a607f60c1
-757264002 | 2024-04-02T00:06:33.824876
139 /
tcp
-1166656618 | 2024-04-18T04:48:18.570455
445 /
tcp
SMB Status:
Authentication: enabled
SMB Version: 2
Capabilities: raw-mode
1439393078 | 2024-04-19T23:24:35.138525
3389 /
tcp
Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x1f\x08\x00\x02\x00\x00\x00
Remote Desktop Protocol NTLM Info:
OS: Windows Server 2022
OS Build: 10.0.20348
Target Name: OFF
NetBIOS Domain Name: OFF
NetBIOS Computer Name: SV04
DNS Domain Name: off.com
DNS Tree Name: off.com
FQDN: SV04.off.com
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:59:c5:64:5e:70:03:bc:4a:f7:9a:dc:74:51:f6:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=SV04.off.com
Validity
Not Before: Mar 21 21:00:39 2024 GMT
Not After : Sep 20 21:00:39 2024 GMT
Subject: CN=SV04.off.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c8:41:55:70:23:9f:ae:2d:ca:d4:ff:83:c1:c9:
66:a7:df:9a:3c:6e:18:8a:71:7d:27:c2:15:cc:25:
9d:ed:13:36:f5:25:b0:f5:b7:c4:77:57:3b:29:b0:
28:8a:f2:f5:24:e9:be:9c:ce:7b:a7:66:8d:38:c7:
b7:d1:d0:06:6f:fd:9e:2e:e2:36:9a:2f:75:27:5d:
be:5d:25:a9:2a:f9:0d:5f:a5:ea:43:49:4c:5d:23:
64:0d:18:80:4d:9b:6a:58:8b:83:97:03:cf:d9:6f:
3d:0d:c7:4e:e8:51:e5:23:02:b3:66:aa:2a:d0:d9:
03:e2:11:e8:1f:92:c9:1b:58:22:0b:f7:1a:b9:78:
a7:53:67:ab:95:92:6d:07:8b:97:8a:d2:85:33:51:
4e:df:b6:6b:f3:17:07:52:0a:fa:b2:98:09:89:35:
f2:5d:06:e4:4d:57:92:95:cc:1d:08:b4:e0:2c:78:
6b:42:3f:a2:b2:ac:47:52:5b:d9:17:8a:81:f1:c9:
b7:03:99:60:4b:d2:51:2d:99:30:67:c3:5e:fe:b8:
a4:b1:25:a2:de:be:d5:94:26:80:70:eb:16:8a:75:
50:05:e5:5a:01:da:f2:b1:d2:a2:7c:1a:27:94:1a:
b4:b7:1e:33:c8:3b:c2:47:5b:3a:61:5d:49:20:80:
fb:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Extended Key Usage:
TLS Web Server Authentication
X509v3 Key Usage:
Key Encipherment, Data Encipherment
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
89:7e:96:2d:4a:e1:ff:85:7c:07:f5:4d:98:55:b9:21:f6:0c:
d2:59:58:0b:55:b0:93:ac:93:b7:bf:47:c2:cd:ce:f6:55:5f:
6e:9f:cc:45:58:67:85:e0:26:ef:8a:4d:79:f9:a1:a0:d2:69:
bf:57:fd:7c:05:03:45:3d:ac:fa:fc:d6:a4:76:28:40:3b:7a:
d5:bd:84:8a:b1:2b:9c:62:d9:39:b0:cd:38:22:cf:14:dc:5e:
0c:f6:d9:83:21:f1:96:59:1d:bc:84:b5:f9:c1:ff:ff:cf:a8:
84:dd:d0:03:41:8c:89:ea:8d:29:b4:45:e5:79:20:21:f7:ce:
83:a1:ce:ad:a2:0d:7c:bb:fa:ff:7d:7b:9c:b7:bb:5d:b6:20:
d7:10:c4:9a:0c:84:83:d2:cf:41:02:e6:05:ff:88:7a:14:65:
3a:8a:65:8b:e2:6a:b3:e0:d7:99:2e:d3:8c:2b:02:61:b4:7f:
20:d2:0d:9a:8a:90:16:1c:40:63:8a:65:b2:0a:a8:82:97:35:
a4:61:ff:fd:ca:d2:16:e6:b4:97:fa:50:99:9e:3e:70:01:2c:
05:fc:46:75:47:35:d7:df:03:0f:ff:23:d9:f4:83:be:e4:fc:
29:3c:58:cb:a1:b4:85:b9:b8:2a:95:53:f9:6e:02:68:6e:90:
f7:2b:e3:1f
-1684583448 | 2024-04-19T05:40:08.684792
5357 /
tcp
HTTP/1.1 503 Service Unavailable
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Fri, 19 Apr 2024 05:40:04 GMT
Connection: close
Content-Length: 326
1489525118 | 2024-04-04T14:33:27.655242
5985 /
tcp
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 04 Apr 2024 14:33:19 GMT
Connection: close
Content-Length: 315
WinRM NTLM Info:
OS: Windows Server 2022
OS Build: 10.0.20348
Target Name: OFF
NetBIOS Domain Name: OFF
NetBIOS Computer Name: SV04
DNS Domain Name: off.com
DNS Tree Name: off.com
FQDN: SV04.off.com
