GeneralInformation

Cloud Provider	DigitalOcean
Cloud Region	us-nj
Country	United States
City	Clifton
Organization	DigitalOcean, LLC
ISP	DigitalOcean, LLC
ASN	AS14061
Operating System	Windows Server 2012 R2 (build 6.3.9600)

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

MS15-034	10.0HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka "HTTP.sys Remote Code Execution Vulnerability."
CVE-2015-1635	10.0HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka "HTTP.sys Remote Code Execution Vulnerability."
CVE-2014-4078	5.1The IP Security feature in Microsoft Internet Information Services (IIS) 8.0 and 8.5 does not properly process wildcard allow and deny rules for domains within the "IP Address and Domain Restrictions" list, which makes it easier for remote attackers to bypass an intended rule set via an HTTP request, aka "IIS Security Feature Bypass Vulnerability."

OpenPorts

21 53 80 88 123 135 137 139 389 593 636 3268 3269 5357 5985

-370734890 | 2024-05-09T10:28:55.934544

21 / tcp

220 Microsoft FTP Service
530 User cannot log in.
214-The following commands are recognized (* ==>'s unimplemented).
    ABOR 
    ACCT 
    ADAT *
    ALLO 
    APPE 
    AUTH 
    CCC 
    CDUP 
    CWD 
    DELE 
    ENC *
    EPRT 
    EPSV 
    FEAT 
    HELP 
    HOST 
    LANG 
    LIST 
    MDTM 
    MIC *
    MKD 
    MODE 
    NLST 
    NOOP 
    OPTS 
    PASS 
    PASV 
    PBSZ 
    PORT 
    PROT 
    PWD 
    QUIT 
    REIN 
    REST 
    RETR 
    RMD 
    RNFR 
    RNTO 
    SITE 
    SIZE 
    SMNT 
    STAT 
    STOR 
    STOU 
    STRU 
    SYST 
    TYPE 
    USER 
    XCUP 
    XCWD 
    XMKD 
    XPWD 
    XRMD 
214 HELP command successful.
211-Extended features supported:
 LANG EN*
 UTF8
 AUTH TLS;TLS-C;SSL;TLS-P;
 PBSZ
 PROT C;P;
 CCC
 HOST
 SIZE
 MDTM
 REST STREAM
211 END

-553166942 | 2024-05-11T23:11:59.621534

53 / tcp

Recursion: enabled

-553166942 | 2024-05-06T18:07:05.362559

53 / udp

Recursion: enabled

1138219898 | 2024-05-12T01:01:42.281869

80 / tcp

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Thu, 01 Feb 2024 02:07:16 GMT
Accept-Ranges: bytes
ETag: "a518f660b354da1:0"
Server: Microsoft-IIS/8.5
Date: Sun, 12 May 2024 07:01:41 GMT
Content-Length: 701

-894550076 | 2024-04-26T08:51:31.600335

88 / udp

Microsoft Windows Kerberos
Server Time: 2024-04-26 14:26:24Z

-587874105 | 2024-05-07T16:02:52.383213

123 / udp

NTP
protocolversion: 3
stratum: 1
leap: 0
precision: -6
rootdelay: 0.0
rootdisp: 10.7252960205
refid: 1280262988
reftime: 3924046855.03
poll: 0

216853373 | 2024-05-09T08:40:09.776643

135 / tcp

Microsoft RPC Endpoint Mapper

d95afe70-a6d5-4259-822e-2c84da1ddb0d
  version: v1.0
  protocol: [MS-RSP]: Remote Shutdown Protocol
  provider: wininit.exe
  ncacn_ip_tcp: 165.227.123.87:49152
  ncalrpc: WindowsShutdown
  ncacn_np: \\SERVER\PIPE\InitShutdown
  ncalrpc: WMsgKRpc05EF60

76f226c3-ec14-4325-8a99-6a46348418af
  version: v1.0
  provider: winlogon.exe
  ncalrpc: WindowsShutdown
  ncacn_np: \\SERVER\PIPE\InitShutdown
  ncalrpc: WMsgKRpc05EF60
  ncalrpc: WMsgKRpc05FF21
  ncalrpc: WMsgKRpc060E1082

9b008953-f195-4bf9-bde0-4471971e58ed
  version: v1.0
  ncalrpc: dabrpc
  ncalrpc: LRPC-b8a5e06ce8c13d947c
  ncacn_np: \\SERVER\pipe\LSM_API_service
  ncalrpc: LSMApi
  ncalrpc: LRPC-8999851fffbfb7f250
  ncalrpc: actkernel
  ncalrpc: umpo

697dcda9-3ba9-4eb2-9247-e11f1901b0d2
  version: v1.0
  ncalrpc: LRPC-b8a5e06ce8c13d947c
  ncacn_np: \\SERVER\pipe\LSM_API_service
  ncalrpc: LSMApi
  ncalrpc: LRPC-8999851fffbfb7f250
  ncalrpc: actkernel
  ncalrpc: umpo

c9ac6db5-82b7-4e55-ae8a-e464ed7b4277
  version: v1.0
  annotation: Impl friendly name
  provider: sysntfy.dll
  ncalrpc: LRPC-8999851fffbfb7f250
  ncalrpc: actkernel
  ncalrpc: umpo
  ncalrpc: DeviceSetupManager
  ncacn_np: \\SERVER\PIPE\srvsvc
  ncacn_ip_tcp: 165.227.123.87:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\SERVER\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE682B12947910CF7B106E8068363B
  ncalrpc: IUserProfile2
  ncalrpc: senssvc
  ncalrpc: OLE682B12947910CF7B106E8068363B
  ncalrpc: IUserProfile2
  ncalrpc: OLE682B12947910CF7B106E8068363B
  ncalrpc: IUserProfile2
  ncalrpc: IUserProfile2
  ncalrpc: OLEEED4BDF4B54FEC5799C66AF533A7
  ncacn_ip_tcp: 165.227.123.87:49155
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\SERVER\pipe\lsass

0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

c605f9fb-f0a3-4e2a-a073-73560f8d9e3e
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

8bfc3be1-6def-4e2d-af74-7c47cd0ade4a
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

2d98a740-581d-41b9-aa0d-a88b9d5ce938
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

3b338d89-6cfa-44b8-847e-531531bc9992
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

8782d3b9-ebbd-4644-a3d8-e8725381919b
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

085b0334-e454-4d91-9b8c-4134f9e793f3
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5
  version: v1.0
  annotation: DHCP Client LRPC Endpoint
  provider: dhcpcsvc.dll
  ncalrpc: dhcpcsvc
  ncalrpc: dhcpcsvc6
  ncalrpc: LRPC-f99e7be65c9ebe903d
  ncacn_ip_tcp: 165.227.123.87:49153
  ncacn_np: \\SERVER\pipe\eventlog
  ncalrpc: eventlog

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6
  version: v1.0
  annotation: DHCPv6 Client LRPC Endpoint
  provider: dhcpcsvc6.dll
  ncalrpc: dhcpcsvc6
  ncalrpc: LRPC-f99e7be65c9ebe903d
  ncacn_ip_tcp: 165.227.123.87:49153
  ncacn_np: \\SERVER\pipe\eventlog
  ncalrpc: eventlog

abfb6ca3-0c5e-4734-9285-0aee72fe8d1c
  version: v1.0
  annotation: Wcm Service
  ncalrpc: LRPC-f99e7be65c9ebe903d
  ncacn_ip_tcp: 165.227.123.87:49153
  ncacn_np: \\SERVER\pipe\eventlog
  ncalrpc: eventlog

30adc50c-5cbc-46ce-9a0e-91914789e23c
  version: v1.0
  annotation: NRP server endpoint
  provider: nrpsrv.dll
  ncalrpc: LRPC-f99e7be65c9ebe903d
  ncacn_ip_tcp: 165.227.123.87:49153
  ncacn_np: \\SERVER\pipe\eventlog
  ncalrpc: eventlog

f6beaff7-1e19-4fbb-9f8f-b89e2018337c
  version: v1.0
  annotation: Event log TCPIP
  protocol: [MS-EVEN6]: EventLog Remoting Protocol
  provider: wevtsvc.dll
  ncacn_ip_tcp: 165.227.123.87:49153
  ncacn_np: \\SERVER\pipe\eventlog
  ncalrpc: eventlog

30b044a5-a225-43f0-b3a4-e060df91f9c1
  version: v1.0
  provider: certprop.dll
  ncalrpc: LRPC-203a0596e33d735ee5
  ncalrpc: DeviceSetupManager
  ncacn_np: \\SERVER\PIPE\srvsvc
  ncacn_ip_tcp: 165.227.123.87:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\SERVER\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE682B12947910CF7B106E8068363B
  ncalrpc: IUserProfile2

c36be077-e14b-4fe9-8abc-e856ef4f048b
  version: v1.0
  annotation: Proxy Manager client server endpoint
  ncacn_np: \\SERVER\PIPE\srvsvc
  ncacn_ip_tcp: 165.227.123.87:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\SERVER\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE682B12947910CF7B106E8068363B
  ncalrpc: IUserProfile2

c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1
  version: v1.0
  annotation: Adh APIs
  ncacn_np: \\SERVER\PIPE\srvsvc
  ncacn_ip_tcp: 165.227.123.87:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\SERVER\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE682B12947910CF7B106E8068363B
  ncalrpc: IUserProfile2

2e6035b2-e8f1-41a7-a044-656b439c4c34
  version: v1.0
  annotation: Proxy Manager provider server endpoint
  ncacn_np: \\SERVER\PIPE\srvsvc
  ncacn_ip_tcp: 165.227.123.87:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\SERVER\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE682B12947910CF7B106E8068363B
  ncalrpc: IUserProfile2

552d076a-cb29-4e44-8b6a-d15e59e2c0af
  version: v1.0
  annotation: IP Transition Configuration endpoint
  provider: iphlpsvc.dll
  ncacn_np: \\SERVER\PIPE\srvsvc
  ncacn_ip_tcp: 165.227.123.87:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\SERVER\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE682B12947910CF7B106E8068363B
  ncalrpc: IUserProfile2

a398e520-d59a-4bdd-aa7a-3c1e0303a511
  version: v1.0
  annotation: IKE/Authip API
  provider: IKEEXT.DLL
  ncacn_np: \\SERVER\PIPE\srvsvc
  ncacn_ip_tcp: 165.227.123.87:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\SERVER\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE682B12947910CF7B106E8068363B
  ncalrpc: IUserProfile2

1a0d010f-1c33-432c-b0f5-8cf4e8053099
  version: v1.0
  annotation: IdSegSrv service
  ncacn_ip_tcp: 165.227.123.87:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\SERVER\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE682B12947910CF7B106E8068363B
  ncalrpc: IUserProfile2

98716d03-89ac-44c7-bb8c-285824e51c4a
  version: v1.0
  annotation: XactSrv service
  provider: srvsvc.dll
  ncacn_ip_tcp: 165.227.123.87:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\SERVER\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE682B12947910CF7B106E8068363B
  ncalrpc: IUserProfile2

3a9ef155-691d-4449-8d05-09ad57031823
  version: v1.0
  ncacn_ip_tcp: 165.227.123.87:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\SERVER\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE682B12947910CF7B106E8068363B
  ncalrpc: IUserProfile2

86d35949-83c9-4044-b424-db363231fd0c
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: schedsvc.dll
  ncacn_ip_tcp: 165.227.123.87:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\SERVER\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE682B12947910CF7B106E8068363B
  ncalrpc: IUserProfile2

378e52b0-c0a9-11cf-822d-00aa0051e40f
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\SERVER\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE682B12947910CF7B106E8068363B
  ncalrpc: IUserProfile2

1ff70682-0a51-30e8-076d-740be8cee98b
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\SERVER\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE682B12947910CF7B106E8068363B
  ncalrpc: IUserProfile2

0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53
  version: v1.0
  provider: schedsvc.dll
  ncalrpc: senssvc
  ncalrpc: OLE682B12947910CF7B106E8068363B
  ncalrpc: IUserProfile2

2eb08e3e-639f-4fba-97b1-14f878961076
  version: v1.0
  annotation: Group Policy RPC Interface
  provider: gpsvc.dll
  ncalrpc: LRPC-bd091d724c2629a037

3473dd4d-2e88-4006-9cba-22570909dd10
  version: v5.256
  annotation: WinHttp Auto-Proxy Service
  ncacn_np: \\SERVER\PIPE\W32TIME_ALT
  ncalrpc: W32TIME_ALT
  ncalrpc: LRPC-7258d495653d5654ef
  ncalrpc: OLE8EEB24DCF8EA936ED59E87BDB336

7ea70bcf-48af-4f6a-8968-6a440754d5fa
  version: v1.0
  annotation: NSI server endpoint
  provider: nsisvc.dll
  ncalrpc: LRPC-7258d495653d5654ef
  ncalrpc: OLE8EEB24DCF8EA936ED59E87BDB336

2fb92682-6599-42dc-ae13-bd2ca89bd11c
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-1a90113148077994b8
  ncalrpc: LRPC-409523de867ff7694d

f47433c3-3e9d-4157-aad4-83aa1f5c2d4c
  version: v1.0
  annotation: Fw APIs
  ncalrpc: LRPC-1a90113148077994b8
  ncalrpc: LRPC-409523de867ff7694d

7f9d11bf-7fb9-436b-a812-b2d50c5d4c03
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-1a90113148077994b8
  ncalrpc: LRPC-409523de867ff7694d

dd490425-5325-4565-b774-7e27d6c09c24
  version: v1.0
  annotation: Base Firewall Engine API
  provider: BFE.DLL
  ncalrpc: LRPC-409523de867ff7694d

7f1343fe-50a9-4927-a778-0c5859517bac
  version: v1.0
  annotation: DfsDs service
  ncacn_np: \\SERVER\PIPE\wkssvc
  ncalrpc: LRPC-f25193b88896816fd4
  ncalrpc: DNSResolver

eb081a0d-10ee-478a-a1dd-50995283e7a8
  version: v3.0
  annotation: Witness Client Test Interface
  ncalrpc: LRPC-f25193b88896816fd4
  ncalrpc: DNSResolver

f2c9b409-c1c9-4100-8639-d8ab1486694a
  version: v1.0
  annotation: Witness Client Upcall Server
  ncalrpc: LRPC-f25193b88896816fd4
  ncalrpc: DNSResolver

12345678-1234-abcd-ef00-01234567cffb
  version: v1.0
  protocol: [MS-NRPC]: Netlogon Remote Protocol
  provider: netlogon.dll
  ncalrpc: NETLOGON_LRPC
  ncacn_ip_tcp: 165.227.123.87:49158
  ncacn_np: \\SERVER\pipe\351fc1b1f79c9ebb
  ncacn_ip_http: 165.227.123.87:49157
  ncalrpc: NTDS_LPC
  ncalrpc: OLEEED4BDF4B54FEC5799C66AF533A7
  ncacn_ip_tcp: 165.227.123.87:49155
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\SERVER\pipe\lsass

0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7
  version: v0.0
  annotation: RemoteAccessCheck
  protocol: [MS-RAA]: Remote Authorization API Protocol
  ncalrpc: NETLOGON_LRPC
  ncacn_ip_tcp: 165.227.123.87:49158
  ncacn_np: \\SERVER\pipe\351fc1b1f79c9ebb
  ncacn_ip_http: 165.227.123.87:49157
  ncalrpc: NTDS_LPC
  ncalrpc: OLEEED4BDF4B54FEC5799C66AF533A7
  ncacn_ip_tcp: 165.227.123.87:49155
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\SERVER\pipe\lsass
  ncalrpc: NETLOGON_LRPC
  ncacn_ip_tcp: 165.227.123.87:49158
  ncacn_np: \\SERVER\pipe\351fc1b1f79c9ebb
  ncacn_ip_http: 165.227.123.87:49157
  ncalrpc: NTDS_LPC
  ncalrpc: OLEEED4BDF4B54FEC5799C66AF533A7
  ncacn_ip_tcp: 165.227.123.87:49155
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\SERVER\pipe\lsass

12345778-1234-abcd-ef00-0123456789ac
  version: v1.0
  protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
  provider: samsrv.dll
  ncacn_ip_tcp: 165.227.123.87:49158
  ncacn_np: \\SERVER\pipe\351fc1b1f79c9ebb
  ncacn_ip_http: 165.227.123.87:49157
  ncalrpc: NTDS_LPC
  ncalrpc: OLEEED4BDF4B54FEC5799C66AF533A7
  ncacn_ip_tcp: 165.227.123.87:49155
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\SERVER\pipe\lsass

12345778-1234-abcd-ef00-0123456789ab
  version: v0.0
  protocol: [MS-LSAT]: Local Security Authority (Translation Methods) Remote
  provider: lsasrv.dll
  ncacn_np: \\SERVER\pipe\351fc1b1f79c9ebb
  ncacn_ip_http: 165.227.123.87:49157
  ncalrpc: NTDS_LPC
  ncalrpc: OLEEED4BDF4B54FEC5799C66AF533A7
  ncacn_ip_tcp: 165.227.123.87:49155
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\SERVER\pipe\lsass

e3514235-4b06-11d1-ab04-00c04fc2dcd2
  version: v4.0
  annotation: MS NT Directory DRS Interface
  protocol: [MS-DRSR]: Directory Replication Service (DRS) Remote Protocol
  provider: ntdsai.dll
  ncacn_np: \\SERVER\pipe\351fc1b1f79c9ebb
  ncacn_ip_http: 165.227.123.87:49157
  ncalrpc: NTDS_LPC
  ncalrpc: OLEEED4BDF4B54FEC5799C66AF533A7
  ncacn_ip_tcp: 165.227.123.87:49155
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\SERVER\pipe\lsass

76f03f96-cdfd-44fc-a22c-64950a001209
  version: v1.0
  protocol: [MS-PAR]: Print System Asynchronous Remote Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 165.227.123.87:49159
  ncalrpc: LRPC-ffd53514b156a40c8d

4a452661-8290-4b36-8fbe-7f4093a94978
  version: v1.0
  provider: spoolsv.exe
  ncacn_ip_tcp: 165.227.123.87:49159
  ncalrpc: LRPC-ffd53514b156a40c8d

ae33069b-a2a8-46ee-a235-ddfd339be281
  version: v1.0
  protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 165.227.123.87:49159
  ncalrpc: LRPC-ffd53514b156a40c8d

0b6edbfa-4a24-4fc6-8a23-942b1eca65d1
  version: v1.0
  protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 165.227.123.87:49159
  ncalrpc: LRPC-ffd53514b156a40c8d

12345678-1234-abcd-ef00-0123456789ab
  version: v1.0
  protocol: [MS-RPRN]: Print System Remote Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 165.227.123.87:49159
  ncalrpc: LRPC-ffd53514b156a40c8d

4b112204-0e19-11d3-b42b-0000f81feb9f
  version: v1.0
  provider: ssdpsrv.dll
  ncalrpc: LRPC-9e20b1fce54578cc66

5b821720-f63b-11d0-aad2-00c04fc324db
  version: v1.0
  protocol: [MS-DHCPM]: Microsoft Dynamic Host Configuration Protocol (DHCP)
  provider: dhcpssvc.dll
  ncacn_ip_tcp: 165.227.123.87:49172
  ncalrpc: OLEFD23EC297C6A831A90DE752C411D

6bffd098-a112-3610-9833-46c3f874532d
  version: v1.0
  protocol: [MS-DHCPM]: Microsoft Dynamic Host Configuration Protocol (DHCP)
  provider: dhcpssvc.dll
  ncacn_ip_tcp: 165.227.123.87:49172
  ncalrpc: OLEFD23EC297C6A831A90DE752C411D

367abb81-9844-35f1-ad32-98f038001003
  version: v2.0
  protocol: [MS-SCMR]: Service Control Manager Remote Protocol
  provider: services.exe
  ncacn_ip_tcp: 165.227.123.87:49173

b2507c30-b126-494a-92ac-ee32b6eeb039
  version: v1.0
  ncalrpc: LRPC-8c71e5dfbeb4a17466
  ncalrpc: OLE5BB81B5B8CF68246877008729FC7

50abc2a4-574d-40b3-9d66-ee4fd5fba076
  version: v5.0
  protocol: [MS-DNSP]: Domain Name Service (DNS) Server Management
  provider: dns.exe
  ncacn_ip_tcp: 165.227.123.87:63040

906b0ce0-c70b-1067-b317-00dd010662da
  version: v1.0
  protocol: [MS-CMPO]: MSDTC Connection Manager:
  provider: msdtcprx.dll
  ncalrpc: LRPC-7e6b12aa348ce65c9e
  ncalrpc: LRPC-7e6b12aa348ce65c9e
  ncalrpc: LRPC-7e6b12aa348ce65c9e

12e65dd8-887f-41ef-91bf-8d816c42c2e7
  version: v1.0
  annotation: Secure Desktop LRPC interface
  provider: winlogon.exe
  ncalrpc: WMsgKRpc060E1082

897e2e5f-93f3-4376-9c9c-fd2277495c27
  version: v1.0
  annotation: Frs2 Service
  protocol: [MS-FRS2]: Distributed File System Replication Protocol
  provider: dfsrmig.exe
  ncacn_ip_tcp: 165.227.123.87:51768
  ncalrpc: OLE7C49D46C7199FE2D2A83CD69BB37

-1871332851 | 2024-05-12T17:46:44.333681

137 / udp

NetBIOS Response:
  Server Name: SERVER
  MAC Address: F2:76:CD:44:6A:DF
  Names:
    SERVER <0x0>
    AMLCC <0x1c>
    AMLCC <0x0>
    SERVER <0x20>
    AMLCC <0x1b>
  Additional Interfaces:
    26.55.101.146
    32.108.0.2

MAC Addresses

F2:76:CD:44:6A:DF
    Unknown

-757264002 | 2024-05-08T21:27:51.611679

139 / tcp

\x83\x00\x00\x01\x8f

348779539 | 2024-05-04T22:05:04.422800

389 / tcp

LDAP:
  CurrentTime: 20240505040503.0Z
  SubschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=amlcc,DC=mx
  DsServiceName: CN=NTDS Settings,CN=SERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=amlcc,DC=mx
  NamingContexts:
    CN=Configuration,DC=amlcc,DC=mx
    CN=Schema,CN=Configuration,DC=amlcc,DC=mx
    DC=DomainDnsZones,DC=amlcc,DC=mx
    DC=ForestDnsZones,DC=amlcc,DC=mx
    DC=amlcc,DC=mx
  DefaultNamingContext: DC=amlcc,DC=mx
  SchemaNamingContext: CN=Schema,CN=Configuration,DC=amlcc,DC=mx
  ConfigurationNamingContext: CN=Configuration,DC=amlcc,DC=mx
  RootDomainNamingContext: DC=amlcc,DC=mx
  SupportedControl:
    1.2.840.113556.1.4.1338
    1.2.840.113556.1.4.1339
    1.2.840.113556.1.4.1340
    1.2.840.113556.1.4.1341
    1.2.840.113556.1.4.1413
    1.2.840.113556.1.4.1504
    1.2.840.113556.1.4.1852
    1.2.840.113556.1.4.1907
    1.2.840.113556.1.4.1948
    1.2.840.113556.1.4.1974
    1.2.840.113556.1.4.2026
    1.2.840.113556.1.4.2064
    1.2.840.113556.1.4.2065
    1.2.840.113556.1.4.2066
    1.2.840.113556.1.4.2090
    1.2.840.113556.1.4.2204
    1.2.840.113556.1.4.2205
    1.2.840.113556.1.4.2206
    1.2.840.113556.1.4.2211
    1.2.840.113556.1.4.2239
    1.2.840.113556.1.4.2255
    1.2.840.113556.1.4.2256
    1.2.840.113556.1.4.319
    1.2.840.113556.1.4.417
    1.2.840.113556.1.4.473
    1.2.840.113556.1.4.474
    1.2.840.113556.1.4.521
    1.2.840.113556.1.4.528
    1.2.840.113556.1.4.529
    1.2.840.113556.1.4.619
    1.2.840.113556.1.4.801
    1.2.840.113556.1.4.802
    1.2.840.113556.1.4.805
    1.2.840.113556.1.4.841
    1.2.840.113556.1.4.970
    2.16.840.1.113730.3.4.10
    2.16.840.1.113730.3.4.9
  SupportedLDAPVersion:
    2
    3
  SupportedLDAPPolicies:
    InitRecvTimeout
    MaxBatchReturnMessages
    MaxConnIdleTime
    MaxConnections
    MaxDatagramRecv
    MaxNotificationPerConn
    MaxPageSize
    MaxPercentDirSyncRequests
    MaxPoolThreads
    MaxQueryDuration
    MaxReceiveBuffer
    MaxResultSetSize
    MaxResultSetsPerConn
    MaxTempTableSize
    MaxValRange
    MaxValRangeTransitive
    MinResultSets
    SystemMemoryLimitPercent
    ThreadMemoryLimit
  HighestCommittedUSN: 5374742
  SupportedSASLMechanisms:
    DIGEST-MD5
    EXTERNAL
    GSS-SPNEGO
    GSSAPI
  DnsHostName: server.amlcc.mx
  LdapServiceName: amlcc.mx:server$@AMLCC.MX
  ServerName: CN=SERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=amlcc,DC=mx
  SupportedCapabilities:
    1.2.840.113556.1.4.1670
    1.2.840.113556.1.4.1791
    1.2.840.113556.1.4.1935
    1.2.840.113556.1.4.2080
    1.2.840.113556.1.4.2237
    1.2.840.113556.1.4.800
  IsSynchronized: TRUE
  IsGlobalCatalogReady: TRUE
  SupportedExtension:
    1.2.840.113556.1.4.1781
    1.2.840.113556.1.4.2212
    1.3.6.1.4.1.1466.101.119.1
    1.3.6.1.4.1.1466.20037
    1.3.6.1.4.1.4203.1.11.3
  DomainFunctionality: 6
  ForestFunctionality: 6

981561316 | 2024-05-07T00:19:03.030309

389 / udp

0\x84\x00\x00\n\xfa\x02\x01\x07d\x84\x00\x00\n\xf1\x04\x000\x84\x00\x00\n\xe90\x84\x00\x00\x00&\x04\x0bcurrentTime1\x84\x00\x00\x00\x13\x04\x1120240507061902.0Z0\x84\x00\x00\x00Q\x04\x11subschemaSubentry1\x84\x00\x00\x008\x046CN=Aggregate,CN=Schema,CN=Configuration,DC=amlcc,DC=mx0\x84\x00\x00\x00\x80\x04\rdsServiceName1\x84\x00\x00\x00k\x04iCN=NTDS Settings,CN=SERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=amlcc,DC=mx0\x84\x00\x00\x00\xb6\x04\x0enamingContexts1\x84\x00\x00\x00\xa0\x04\x0eDC=amlcc,DC=mx\x04\x1fCN=Configuration,DC=amlcc,DC=mx\x04)CN=Schema,CN=Configuration,DC=amlcc,DC=mx\x04 DC=DomainDnsZones,DC=amlcc,DC=mx\x04 DC=ForestDnsZones,DC=amlcc,DC=mx0\x84\x00\x00\x00,\x04\x14defaultNamingContext1\x84\x00\x00\x00\x10\x04\x0eDC=amlcc,DC=mx0\x84\x00\x00\x00F\x04\x13schemaNamingContext1\x84\x00\x00\x00+\x04)CN=Schema,CN=Configuration,DC=amlcc,DC=mx0\x84\x00\x00\x00C\x04\x1aconfigurationNamingContext1\x84\x00\x00\x00!\x04\x1fCN=Configuration,DC=amlcc,DC=mx0\x84\x00\x00\x00/\x04\x17rootDomainNamingContext1\x84\x00\x00\x00\x10\x04\x0eDC=amlcc,DC=mx0\x84\x00\x00\x03\xa9\x04\x10supportedControl1\x84\x00\x00\x03\x91\x04\x161.2.840.113556.1.4.319\x04\x161.2.840.113556.1.4.801\x04\x161.2.840.113556.1.4.473\x04\x161.2.840.113556.1.4.528\x04\x161.2.840.113556.1.4.417\x04\x161.2.840.113556.1.4.619\x04\x161.2.840.113556.1.4.841\x04\x161.2.840.113556.1.4.529\x04\x161.2.840.113556.1.4.805\x04\x161.2.840.113556.1.4.521\x04\x161.2.840.113556.1.4.970\x04\x171.2.840.113556.1.4.1338\x04\x161.2.840.113556.1.4.474\x04\x171.2.840.113556.1.4.1339\x04\x171.2.840.113556.1.4.1340\x04\x171.2.840.113556.1.4.1413\x04\x172.16.840.1.113730.3.4.9\x04\x182.16.840.1.113730.3.4.10\x04\x171.2.840.113556.1.4.1504\x04\x171.2.840.113556.1.4.1852\x04\x161.2.840.113556.1.4.802\x04\x171.2.840.113556.1.4.1907\x04\x171.2.840.113556.1.4.1948\x04\x171.2.840.113556.1.4.1974\x04\x171.2.840.113556.1.4.1341\x04\x171.2.840.113556.1.4.2026\x04\x171.2.840.113556.1.4.2064\x04\x171.2.840.113556.1.4.2065\x04\x171.2.840.113556.1.4.2066\x04\x00\x00\x00\x00vs9f\x92Lr8x\x05\x00\x00x\x05\x00\x00\x01\x00\x00 V\x00d\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x11\x00\x08\x00\x02\x00\x00\x00\x01\x00\x00\x06\x1c4\xda\xff\x95\x1ct\x03com\x00\xa0\x00\x00\x00vs9f`\xb4\x87\'J\x00\xac\x1fk\x13V\xca\x1c4\xda\xff\x95\x1c\x08\x00E\x00\x05jb\xc0\x00\xb9v\x11\xac\xb1\xa5\xe3{WG\x06\xc7\x17\x171.2.840.113556.1.4.2090\x04\x171.2.840.113556.1.4.2205\x04\x171.2.840.113556.1.4.2204\x04\x171.2.840.113556.1.4.2206\x04\x171.2.840.113556.1.4.2211\x04\x171.2.840.113556.1.4.2239\x04\x171.2.840.113556.1.4.2255\x04\x171.2.840.113556.1.4.22560\x84\x00\x00\x00"\x04\x14supportedLDAPVersion1\x84\x00\x00\x00\x06\x04\x013\x04\x0120\x84\x00\x00\x01\x86\x04\x15supportedLDAPPolicies1\x84\x00\x00\x01i\x04\x0eMaxPoolThreads\x04\x19MaxPercentDirSyncRequests\x04\x0fMaxDatagramRecv\x04\x10MaxReceiveBuffer\x04\x0fInitRecvTimeout\x04\x0eMaxConnections\x04\x0fMaxConnIdleTime\x04\x0bMaxPageSize\x04\x16MaxBatchReturnMessages\x04\x10MaxQueryDuration\x04\x10MaxTempTableSize\x04\x10MaxResultSetSize\x04\rMinResultSets\x04\x14MaxResultSetsPerConn\x04\x16MaxNotificationPerConn\x04\x0bMaxValRange\x04\x15MaxValRangeTransitive\x04\x11ThreadMemoryLimit\x04\x18SystemMemoryLimitPercent0\x84\x00\x00\x00$\x04\x13highestCommittedUSN1\x84\x00\x00\x00\t\x04\x0755068100\x84\x00\x00\x00I\x04\x17supportedSASLMechanisms1\x84\x00\x00\x00*\x04\x06GSSAPI\x04\nGSS-SPNEGO\x04\x08EXTERNAL\x04\nDIGEST-MD50\x84\x00\x00\x00$\x04\x0bdnsHostName1\x84\x00\x00\x00\x11\x04\x0fserver.amlcc.mx0\x84\x00\x00\x002\x04\x0fldapServiceName1\x84\x00\x00\x00\x1b\x04\x19amlcc.mx:server$@AMLCC.MX0\x84\x00\x00\x00l\x04\nserverName1\x84\x00\x00\x00Z\x04XCN=SERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=amlcc,DC=mx0\x84\x00\x00\x00\xb2\x04\x15supportedCapabilities1\x84\x00\x00\x00\x95\x04\x161.2.840.113556.1.4.800\x04\x171.2.840.113556.1.4.1670\x04\x171.2.840.113556.1.4.1791\x04\x171.2.840.113556.1.4.1935\x04\x171.2.840.113556.1.4.2080\x04\x171.2.840.113556.1.4.22370\x84\x00\x00\x00\x1c\x04\x0eisSynchronized1\x84\x00\x00\x00\x06\x04\x04TRUE0\x84\x00\x00\x00"\x04\x14isGlobalCatalogReady1\x84\x00\x00\x00\x06\x04\x04TRUE0\x84\x00\x00\x00\x1e\x04\x13domainFuncti

1378256888 | 2024-05-12T21:54:00.667504

593 / tcp

ncacn_http/1.0

Microsoft RPC Endpoint Mapper over HTTP

d95afe70-a6d5-4259-822e-2c84da1ddb0d
  version: v1.0
  protocol: [MS-RSP]: Remote Shutdown Protocol
  provider: wininit.exe
  ncacn_ip_tcp: 165.227.123.87:49152
  ncalrpc: WindowsShutdown
  ncacn_np: \\SERVER\PIPE\InitShutdown
  ncalrpc: WMsgKRpc05EF60

76f226c3-ec14-4325-8a99-6a46348418af
  version: v1.0
  provider: winlogon.exe
  ncalrpc: WindowsShutdown
  ncacn_np: \\SERVER\PIPE\InitShutdown
  ncalrpc: WMsgKRpc05EF60
  ncalrpc: WMsgKRpc05FF21
  ncalrpc: WMsgKRpc060E1082

9b008953-f195-4bf9-bde0-4471971e58ed
  version: v1.0
  ncalrpc: dabrpc
  ncalrpc: LRPC-b8a5e06ce8c13d947c
  ncacn_np: \\SERVER\pipe\LSM_API_service
  ncalrpc: LSMApi
  ncalrpc: LRPC-8999851fffbfb7f250
  ncalrpc: actkernel
  ncalrpc: umpo

697dcda9-3ba9-4eb2-9247-e11f1901b0d2
  version: v1.0
  ncalrpc: LRPC-b8a5e06ce8c13d947c
  ncacn_np: \\SERVER\pipe\LSM_API_service
  ncalrpc: LSMApi
  ncalrpc: LRPC-8999851fffbfb7f250
  ncalrpc: actkernel
  ncalrpc: umpo

c9ac6db5-82b7-4e55-ae8a-e464ed7b4277
  version: v1.0
  annotation: Impl friendly name
  provider: sysntfy.dll
  ncalrpc: LRPC-8999851fffbfb7f250
  ncalrpc: actkernel
  ncalrpc: umpo
  ncalrpc: DeviceSetupManager
  ncacn_np: \\SERVER\PIPE\srvsvc
  ncacn_ip_tcp: 165.227.123.87:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\SERVER\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE682B12947910CF7B106E8068363B
  ncalrpc: IUserProfile2
  ncalrpc: senssvc
  ncalrpc: OLE682B12947910CF7B106E8068363B
  ncalrpc: IUserProfile2
  ncalrpc: OLE682B12947910CF7B106E8068363B
  ncalrpc: IUserProfile2
  ncalrpc: IUserProfile2
  ncalrpc: OLEEED4BDF4B54FEC5799C66AF533A7
  ncacn_ip_tcp: 165.227.123.87:49155
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\SERVER\pipe\lsass

0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

c605f9fb-f0a3-4e2a-a073-73560f8d9e3e
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

8bfc3be1-6def-4e2d-af74-7c47cd0ade4a
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

2d98a740-581d-41b9-aa0d-a88b9d5ce938
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

3b338d89-6cfa-44b8-847e-531531bc9992
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

8782d3b9-ebbd-4644-a3d8-e8725381919b
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

085b0334-e454-4d91-9b8c-4134f9e793f3
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5
  version: v1.0
  annotation: DHCP Client LRPC Endpoint
  provider: dhcpcsvc.dll
  ncalrpc: dhcpcsvc
  ncalrpc: dhcpcsvc6
  ncalrpc: LRPC-f99e7be65c9ebe903d
  ncacn_ip_tcp: 165.227.123.87:49153
  ncacn_np: \\SERVER\pipe\eventlog
  ncalrpc: eventlog

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6
  version: v1.0
  annotation: DHCPv6 Client LRPC Endpoint
  provider: dhcpcsvc6.dll
  ncalrpc: dhcpcsvc6
  ncalrpc: LRPC-f99e7be65c9ebe903d
  ncacn_ip_tcp: 165.227.123.87:49153
  ncacn_np: \\SERVER\pipe\eventlog
  ncalrpc: eventlog

abfb6ca3-0c5e-4734-9285-0aee72fe8d1c
  version: v1.0
  annotation: Wcm Service
  ncalrpc: LRPC-f99e7be65c9ebe903d
  ncacn_ip_tcp: 165.227.123.87:49153
  ncacn_np: \\SERVER\pipe\eventlog
  ncalrpc: eventlog

30adc50c-5cbc-46ce-9a0e-91914789e23c
  version: v1.0
  annotation: NRP server endpoint
  provider: nrpsrv.dll
  ncalrpc: LRPC-f99e7be65c9ebe903d
  ncacn_ip_tcp: 165.227.123.87:49153
  ncacn_np: \\SERVER\pipe\eventlog
  ncalrpc: eventlog

f6beaff7-1e19-4fbb-9f8f-b89e2018337c
  version: v1.0
  annotation: Event log TCPIP
  protocol: [MS-EVEN6]: EventLog Remoting Protocol
  provider: wevtsvc.dll
  ncacn_ip_tcp: 165.227.123.87:49153
  ncacn_np: \\SERVER\pipe\eventlog
  ncalrpc: eventlog

30b044a5-a225-43f0-b3a4-e060df91f9c1
  version: v1.0
  provider: certprop.dll
  ncalrpc: LRPC-203a0596e33d735ee5
  ncalrpc: DeviceSetupManager
  ncacn_np: \\SERVER\PIPE\srvsvc
  ncacn_ip_tcp: 165.227.123.87:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\SERVER\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE682B12947910CF7B106E8068363B
  ncalrpc: IUserProfile2

c36be077-e14b-4fe9-8abc-e856ef4f048b
  version: v1.0
  annotation: Proxy Manager client server endpoint
  ncacn_np: \\SERVER\PIPE\srvsvc
  ncacn_ip_tcp: 165.227.123.87:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\SERVER\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE682B12947910CF7B106E8068363B
  ncalrpc: IUserProfile2

c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1
  version: v1.0
  annotation: Adh APIs
  ncacn_np: \\SERVER\PIPE\srvsvc
  ncacn_ip_tcp: 165.227.123.87:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\SERVER\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE682B12947910CF7B106E8068363B
  ncalrpc: IUserProfile2

2e6035b2-e8f1-41a7-a044-656b439c4c34
  version: v1.0
  annotation: Proxy Manager provider server endpoint
  ncacn_np: \\SERVER\PIPE\srvsvc
  ncacn_ip_tcp: 165.227.123.87:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\SERVER\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE682B12947910CF7B106E8068363B
  ncalrpc: IUserProfile2

552d076a-cb29-4e44-8b6a-d15e59e2c0af
  version: v1.0
  annotation: IP Transition Configuration endpoint
  provider: iphlpsvc.dll
  ncacn_np: \\SERVER\PIPE\srvsvc
  ncacn_ip_tcp: 165.227.123.87:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\SERVER\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE682B12947910CF7B106E8068363B
  ncalrpc: IUserProfile2

a398e520-d59a-4bdd-aa7a-3c1e0303a511
  version: v1.0
  annotation: IKE/Authip API
  provider: IKEEXT.DLL
  ncacn_np: \\SERVER\PIPE\srvsvc
  ncacn_ip_tcp: 165.227.123.87:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\SERVER\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE682B12947910CF7B106E8068363B
  ncalrpc: IUserProfile2

1a0d010f-1c33-432c-b0f5-8cf4e8053099
  version: v1.0
  annotation: IdSegSrv service
  ncacn_ip_tcp: 165.227.123.87:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\SERVER\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE682B12947910CF7B106E8068363B
  ncalrpc: IUserProfile2

98716d03-89ac-44c7-bb8c-285824e51c4a
  version: v1.0
  annotation: XactSrv service
  provider: srvsvc.dll
  ncacn_ip_tcp: 165.227.123.87:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\SERVER\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE682B12947910CF7B106E8068363B
  ncalrpc: IUserProfile2

3a9ef155-691d-4449-8d05-09ad57031823
  version: v1.0
  ncacn_ip_tcp: 165.227.123.87:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\SERVER\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE682B12947910CF7B106E8068363B
  ncalrpc: IUserProfile2

86d35949-83c9-4044-b424-db363231fd0c
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: schedsvc.dll
  ncacn_ip_tcp: 165.227.123.87:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\SERVER\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE682B12947910CF7B106E8068363B
  ncalrpc: IUserProfile2

378e52b0-c0a9-11cf-822d-00aa0051e40f
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\SERVER\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE682B12947910CF7B106E8068363B
  ncalrpc: IUserProfile2

1ff70682-0a51-30e8-076d-740be8cee98b
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\SERVER\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE682B12947910CF7B106E8068363B
  ncalrpc: IUserProfile2

0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53
  version: v1.0
  provider: schedsvc.dll
  ncalrpc: senssvc
  ncalrpc: OLE682B12947910CF7B106E8068363B
  ncalrpc: IUserProfile2

2eb08e3e-639f-4fba-97b1-14f878961076
  version: v1.0
  annotation: Group Policy RPC Interface
  provider: gpsvc.dll
  ncalrpc: LRPC-bd091d724c2629a037

3473dd4d-2e88-4006-9cba-22570909dd10
  version: v5.256
  annotation: WinHttp Auto-Proxy Service
  ncacn_np: \\SERVER\PIPE\W32TIME_ALT
  ncalrpc: W32TIME_ALT
  ncalrpc: LRPC-7258d495653d5654ef
  ncalrpc: OLE8EEB24DCF8EA936ED59E87BDB336

7ea70bcf-48af-4f6a-8968-6a440754d5fa
  version: v1.0
  annotation: NSI server endpoint
  provider: nsisvc.dll
  ncalrpc: LRPC-7258d495653d5654ef
  ncalrpc: OLE8EEB24DCF8EA936ED59E87BDB336

2fb92682-6599-42dc-ae13-bd2ca89bd11c
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-1a90113148077994b8
  ncalrpc: LRPC-409523de867ff7694d

f47433c3-3e9d-4157-aad4-83aa1f5c2d4c
  version: v1.0
  annotation: Fw APIs
  ncalrpc: LRPC-1a90113148077994b8
  ncalrpc: LRPC-409523de867ff7694d

7f9d11bf-7fb9-436b-a812-b2d50c5d4c03
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-1a90113148077994b8
  ncalrpc: LRPC-409523de867ff7694d

dd490425-5325-4565-b774-7e27d6c09c24
  version: v1.0
  annotation: Base Firewall Engine API
  provider: BFE.DLL
  ncalrpc: LRPC-409523de867ff7694d

7f1343fe-50a9-4927-a778-0c5859517bac
  version: v1.0
  annotation: DfsDs service
  ncacn_np: \\SERVER\PIPE\wkssvc
  ncalrpc: LRPC-f25193b88896816fd4
  ncalrpc: DNSResolver

eb081a0d-10ee-478a-a1dd-50995283e7a8
  version: v3.0
  annotation: Witness Client Test Interface
  ncalrpc: LRPC-f25193b88896816fd4
  ncalrpc: DNSResolver

f2c9b409-c1c9-4100-8639-d8ab1486694a
  version: v1.0
  annotation: Witness Client Upcall Server
  ncalrpc: LRPC-f25193b88896816fd4
  ncalrpc: DNSResolver

12345678-1234-abcd-ef00-01234567cffb
  version: v1.0
  protocol: [MS-NRPC]: Netlogon Remote Protocol
  provider: netlogon.dll
  ncalrpc: NETLOGON_LRPC
  ncacn_ip_tcp: 165.227.123.87:49158
  ncacn_np: \\SERVER\pipe\351fc1b1f79c9ebb
  ncacn_ip_http: 165.227.123.87:49157
  ncalrpc: NTDS_LPC
  ncalrpc: OLEEED4BDF4B54FEC5799C66AF533A7
  ncacn_ip_tcp: 165.227.123.87:49155
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\SERVER\pipe\lsass

0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7
  version: v0.0
  annotation: RemoteAccessCheck
  protocol: [MS-RAA]: Remote Authorization API Protocol
  ncalrpc: NETLOGON_LRPC
  ncacn_ip_tcp: 165.227.123.87:49158
  ncacn_np: \\SERVER\pipe\351fc1b1f79c9ebb
  ncacn_ip_http: 165.227.123.87:49157
  ncalrpc: NTDS_LPC
  ncalrpc: OLEEED4BDF4B54FEC5799C66AF533A7
  ncacn_ip_tcp: 165.227.123.87:49155
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\SERVER\pipe\lsass
  ncalrpc: NETLOGON_LRPC
  ncacn_ip_tcp: 165.227.123.87:49158
  ncacn_np: \\SERVER\pipe\351fc1b1f79c9ebb
  ncacn_ip_http: 165.227.123.87:49157
  ncalrpc: NTDS_LPC
  ncalrpc: OLEEED4BDF4B54FEC5799C66AF533A7
  ncacn_ip_tcp: 165.227.123.87:49155
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\SERVER\pipe\lsass

12345778-1234-abcd-ef00-0123456789ac
  version: v1.0
  protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
  provider: samsrv.dll
  ncacn_ip_tcp: 165.227.123.87:49158
  ncacn_np: \\SERVER\pipe\351fc1b1f79c9ebb
  ncacn_ip_http: 165.227.123.87:49157
  ncalrpc: NTDS_LPC
  ncalrpc: OLEEED4BDF4B54FEC5799C66AF533A7
  ncacn_ip_tcp: 165.227.123.87:49155
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\SERVER\pipe\lsass

12345778-1234-abcd-ef00-0123456789ab
  version: v0.0
  protocol: [MS-LSAT]: Local Security Authority (Translation Methods) Remote
  provider: lsasrv.dll
  ncacn_np: \\SERVER\pipe\351fc1b1f79c9ebb
  ncacn_ip_http: 165.227.123.87:49157
  ncalrpc: NTDS_LPC
  ncalrpc: OLEEED4BDF4B54FEC5799C66AF533A7
  ncacn_ip_tcp: 165.227.123.87:49155
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\SERVER\pipe\lsass

e3514235-4b06-11d1-ab04-00c04fc2dcd2
  version: v4.0
  annotation: MS NT Directory DRS Interface
  protocol: [MS-DRSR]: Directory Replication Service (DRS) Remote Protocol
  provider: ntdsai.dll
  ncacn_np: \\SERVER\pipe\351fc1b1f79c9ebb
  ncacn_ip_http: 165.227.123.87:49157
  ncalrpc: NTDS_LPC
  ncalrpc: OLEEED4BDF4B54FEC5799C66AF533A7
  ncacn_ip_tcp: 165.227.123.87:49155
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\SERVER\pipe\lsass

76f03f96-cdfd-44fc-a22c-64950a001209
  version: v1.0
  protocol: [MS-PAR]: Print System Asynchronous Remote Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 165.227.123.87:49159
  ncalrpc: LRPC-ffd53514b156a40c8d

4a452661-8290-4b36-8fbe-7f4093a94978
  version: v1.0
  provider: spoolsv.exe
  ncacn_ip_tcp: 165.227.123.87:49159
  ncalrpc: LRPC-ffd53514b156a40c8d

ae33069b-a2a8-46ee-a235-ddfd339be281
  version: v1.0
  protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 165.227.123.87:49159
  ncalrpc: LRPC-ffd53514b156a40c8d

0b6edbfa-4a24-4fc6-8a23-942b1eca65d1
  version: v1.0
  protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 165.227.123.87:49159
  ncalrpc: LRPC-ffd53514b156a40c8d

12345678-1234-abcd-ef00-0123456789ab
  version: v1.0
  protocol: [MS-RPRN]: Print System Remote Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 165.227.123.87:49159
  ncalrpc: LRPC-ffd53514b156a40c8d

4b112204-0e19-11d3-b42b-0000f81feb9f
  version: v1.0
  provider: ssdpsrv.dll
  ncalrpc: LRPC-9e20b1fce54578cc66

5b821720-f63b-11d0-aad2-00c04fc324db
  version: v1.0
  protocol: [MS-DHCPM]: Microsoft Dynamic Host Configuration Protocol (DHCP)
  provider: dhcpssvc.dll
  ncacn_ip_tcp: 165.227.123.87:49172
  ncalrpc: OLEFD23EC297C6A831A90DE752C411D

6bffd098-a112-3610-9833-46c3f874532d
  version: v1.0
  protocol: [MS-DHCPM]: Microsoft Dynamic Host Configuration Protocol (DHCP)
  provider: dhcpssvc.dll
  ncacn_ip_tcp: 165.227.123.87:49172
  ncalrpc: OLEFD23EC297C6A831A90DE752C411D

367abb81-9844-35f1-ad32-98f038001003
  version: v2.0
  protocol: [MS-SCMR]: Service Control Manager Remote Protocol
  provider: services.exe
  ncacn_ip_tcp: 165.227.123.87:49173

b2507c30-b126-494a-92ac-ee32b6eeb039
  version: v1.0
  ncalrpc: LRPC-8c71e5dfbeb4a17466
  ncalrpc: OLE5BB81B5B8CF68246877008729FC7

50abc2a4-574d-40b3-9d66-ee4fd5fba076
  version: v5.0
  protocol: [MS-DNSP]: Domain Name Service (DNS) Server Management
  provider: dns.exe
  ncacn_ip_tcp: 165.227.123.87:63040

906b0ce0-c70b-1067-b317-00dd010662da
  version: v1.0
  protocol: [MS-CMPO]: MSDTC Connection Manager:
  provider: msdtcprx.dll
  ncalrpc: LRPC-7e6b12aa348ce65c9e
  ncalrpc: LRPC-7e6b12aa348ce65c9e
  ncalrpc: LRPC-7e6b12aa348ce65c9e

12e65dd8-887f-41ef-91bf-8d816c42c2e7
  version: v1.0
  annotation: Secure Desktop LRPC interface
  provider: winlogon.exe
  ncalrpc: WMsgKRpc060E1082

897e2e5f-93f3-4376-9c9c-fd2277495c27
  version: v1.0
  annotation: Frs2 Service
  protocol: [MS-FRS2]: Distributed File System Replication Protocol
  provider: dfsrmig.exe
  ncacn_ip_tcp: 165.227.123.87:51768
  ncalrpc: OLE7C49D46C7199FE2D2A83CD69BB37

-2065532404 | 2024-05-05T22:29:09.798465

636 / tcp

LDAP:
  CurrentTime: 20240506042852.0Z
  SubschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=amlcc,DC=mx
  DsServiceName: CN=NTDS Settings,CN=SERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=amlcc,DC=mx
  NamingContexts:
    CN=Configuration,DC=amlcc,DC=mx
    CN=Schema,CN=Configuration,DC=amlcc,DC=mx
    DC=DomainDnsZones,DC=amlcc,DC=mx
    DC=ForestDnsZones,DC=amlcc,DC=mx
    DC=amlcc,DC=mx
  DefaultNamingContext: DC=amlcc,DC=mx
  SchemaNamingContext: CN=Schema,CN=Configuration,DC=amlcc,DC=mx
  ConfigurationNamingContext: CN=Configuration,DC=amlcc,DC=mx
  RootDomainNamingContext: DC=amlcc,DC=mx
  SupportedControl:
    1.2.840.113556.1.4.1338
    1.2.840.113556.1.4.1339
    1.2.840.113556.1.4.1340
    1.2.840.113556.1.4.1341
    1.2.840.113556.1.4.1413
    1.2.840.113556.1.4.1504
    1.2.840.113556.1.4.1852
    1.2.840.113556.1.4.1907
    1.2.840.113556.1.4.1948
    1.2.840.113556.1.4.1974
    1.2.840.113556.1.4.2026
    1.2.840.113556.1.4.2064
    1.2.840.113556.1.4.2065
    1.2.840.113556.1.4.2066
    1.2.840.113556.1.4.2090
    1.2.840.113556.1.4.2204
    1.2.840.113556.1.4.2205
    1.2.840.113556.1.4.2206
    1.2.840.113556.1.4.2211
    1.2.840.113556.1.4.2239
    1.2.840.113556.1.4.2255
    1.2.840.113556.1.4.2256
    1.2.840.113556.1.4.319
    1.2.840.113556.1.4.417
    1.2.840.113556.1.4.473
    1.2.840.113556.1.4.474
    1.2.840.113556.1.4.521
    1.2.840.113556.1.4.528
    1.2.840.113556.1.4.529
    1.2.840.113556.1.4.619
    1.2.840.113556.1.4.801
    1.2.840.113556.1.4.802
    1.2.840.113556.1.4.805
    1.2.840.113556.1.4.841
    1.2.840.113556.1.4.970
    2.16.840.1.113730.3.4.10
    2.16.840.1.113730.3.4.9
  SupportedLDAPVersion:
    2
    3
  SupportedLDAPPolicies:
    InitRecvTimeout
    MaxBatchReturnMessages
    MaxConnIdleTime
    MaxConnections
    MaxDatagramRecv
    MaxNotificationPerConn
    MaxPageSize
    MaxPercentDirSyncRequests
    MaxPoolThreads
    MaxQueryDuration
    MaxReceiveBuffer
    MaxResultSetSize
    MaxResultSetsPerConn
    MaxTempTableSize
    MaxValRange
    MaxValRangeTransitive
    MinResultSets
    SystemMemoryLimitPercent
    ThreadMemoryLimit
  HighestCommittedUSN: 5438099
  SupportedSASLMechanisms:
    DIGEST-MD5
    EXTERNAL
    GSS-SPNEGO
    GSSAPI
  DnsHostName: server.amlcc.mx
  LdapServiceName: amlcc.mx:server$@AMLCC.MX
  ServerName: CN=SERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=amlcc,DC=mx
  SupportedCapabilities:
    1.2.840.113556.1.4.1670
    1.2.840.113556.1.4.1791
    1.2.840.113556.1.4.1935
    1.2.840.113556.1.4.2080
    1.2.840.113556.1.4.2237
    1.2.840.113556.1.4.800
  IsSynchronized: TRUE
  IsGlobalCatalogReady: TRUE
  SupportedExtension:
    1.2.840.113556.1.4.1781
    1.2.840.113556.1.4.2212
    1.3.6.1.4.1.1466.101.119.1
    1.3.6.1.4.1.1466.20037
    1.3.6.1.4.1.4203.1.11.3
  DomainFunctionality: 6
  ForestFunctionality: 6

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4a:3a:40:c5:86:e2:9a:bf:44:4c:2f:c4:ce:b9:0c:df
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: CN=server.amlcc.mx
        Validity
            Not Before: Mar  7 03:00:51 2024 GMT
            Not After : Mar  6 00:00:00 2025 GMT
        Subject: CN=server.amlcc.mx
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b1:90:4a:e0:26:93:19:b3:22:c8:1e:1b:d3:bd:
                    78:57:ca:0c:89:f5:1d:97:37:76:7b:27:f2:20:0e:
                    3c:0f:32:94:db:3e:8f:62:e4:aa:cc:7d:66:8c:9e:
                    be:14:7a:d1:52:55:3f:74:4e:cd:48:7e:e0:97:29:
                    fe:e4:a5:e6:4f:99:56:3e:74:3e:eb:77:7a:c0:4b:
                    77:d1:d5:18:dc:a9:00:7c:54:0e:d3:5c:bc:77:fc:
                    c1:f5:cc:de:5d:94:0f:33:b5:c7:7e:52:d7:9a:73:
                    14:96:79:2f:55:6a:7b:3b:17:95:3c:ed:ec:22:b5:
                    e0:1e:62:04:63:03:3c:05:8c:bf:f6:50:26:02:88:
                    c7:30:c6:ef:d7:04:0e:5e:93:9c:92:f9:0c:0f:a9:
                    3f:6a:2a:cc:87:a3:03:20:38:e2:8e:0c:80:b5:7d:
                    68:22:ff:c8:75:03:63:0e:3a:fc:59:8a:30:1a:00:
                    cf:a2:51:9f:5b:8c:d0:78:dd:de:e4:87:1b:da:c5:
                    38:fb:f9:7d:a8:6c:24:8b:3a:53:c0:0c:eb:d2:0f:
                    7e:e9:cd:95:ba:86:d8:36:93:cb:13:5c:79:d8:6d:
                    ab:23:5b:d7:6c:cd:21:7d:2e:72:27:5b:b3:35:29:
                    9f:37:4c:fe:8e:84:6f:55:1b:bc:84:1e:3d:1a:36:
                    4e:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: 
                Key Encipherment, Data Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
    Signature Algorithm: sha1WithRSAEncryption
    Signature Value:
        98:40:4d:e0:08:64:76:d8:f7:5a:15:e4:12:aa:1b:24:9b:94:
        f2:80:db:a2:ba:5a:3a:82:75:f3:8d:68:3d:27:0d:c2:e6:51:
        10:49:fb:49:96:10:30:b7:42:2f:09:2a:bc:8c:40:8a:de:5e:
        87:2f:b7:b3:e0:0d:e7:ae:f3:85:c1:10:c3:fb:c3:ad:4d:7d:
        20:9a:60:1c:ce:11:1d:cf:6e:30:80:bf:ef:a6:40:0a:ac:fb:
        7b:90:87:b6:f0:be:63:54:c3:43:a9:c2:08:07:cf:3e:93:d1:
        57:82:4d:49:05:c4:98:53:80:49:ef:20:31:47:f0:77:d0:48:
        1a:90:62:88:d1:19:23:6d:c8:c5:50:e5:de:4f:74:89:78:41:
        c3:be:02:63:69:b0:3b:2d:e2:10:59:ac:a5:41:6d:69:66:8e:
        29:6f:a3:20:2c:38:7f:31:a1:d4:53:a2:32:aa:36:11:09:71:
        1b:aa:48:a5:12:80:87:90:ee:36:63:f5:e2:20:a7:c9:6a:47:
        90:54:a3:10:db:ce:26:3b:43:72:64:a1:61:37:e3:ff:b8:d8:
        79:46:7d:e6:34:25:bf:bf:63:aa:56:ea:2c:7d:b8:60:b7:f9:
        87:07:92:b1:04:3b:47:ca:c6:60:7a:99:46:02:c9:4c:15:93:
        4d:fe:e4:83

2043145116 | 2024-05-08T14:34:52.400128

3268 / tcp

LDAP:
  CurrentTime: 20240508203451.0Z
  SubschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=amlcc,DC=mx
  DsServiceName: CN=NTDS Settings,CN=SERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=amlcc,DC=mx
  NamingContexts:
    CN=Configuration,DC=amlcc,DC=mx
    CN=Schema,CN=Configuration,DC=amlcc,DC=mx
    DC=DomainDnsZones,DC=amlcc,DC=mx
    DC=ForestDnsZones,DC=amlcc,DC=mx
    DC=amlcc,DC=mx
  DefaultNamingContext: DC=amlcc,DC=mx
  SchemaNamingContext: CN=Schema,CN=Configuration,DC=amlcc,DC=mx
  ConfigurationNamingContext: CN=Configuration,DC=amlcc,DC=mx
  RootDomainNamingContext: DC=amlcc,DC=mx
  SupportedControl:
    1.2.840.113556.1.4.1338
    1.2.840.113556.1.4.1339
    1.2.840.113556.1.4.1340
    1.2.840.113556.1.4.1341
    1.2.840.113556.1.4.1413
    1.2.840.113556.1.4.1504
    1.2.840.113556.1.4.1852
    1.2.840.113556.1.4.1907
    1.2.840.113556.1.4.1948
    1.2.840.113556.1.4.1974
    1.2.840.113556.1.4.2026
    1.2.840.113556.1.4.2064
    1.2.840.113556.1.4.2065
    1.2.840.113556.1.4.2066
    1.2.840.113556.1.4.2090
    1.2.840.113556.1.4.2204
    1.2.840.113556.1.4.2205
    1.2.840.113556.1.4.2206
    1.2.840.113556.1.4.2211
    1.2.840.113556.1.4.2239
    1.2.840.113556.1.4.2255
    1.2.840.113556.1.4.2256
    1.2.840.113556.1.4.319
    1.2.840.113556.1.4.417
    1.2.840.113556.1.4.473
    1.2.840.113556.1.4.474
    1.2.840.113556.1.4.521
    1.2.840.113556.1.4.528
    1.2.840.113556.1.4.529
    1.2.840.113556.1.4.619
    1.2.840.113556.1.4.801
    1.2.840.113556.1.4.802
    1.2.840.113556.1.4.805
    1.2.840.113556.1.4.841
    1.2.840.113556.1.4.970
    2.16.840.1.113730.3.4.10
    2.16.840.1.113730.3.4.9
  SupportedLDAPVersion:
    2
    3
  SupportedLDAPPolicies:
    InitRecvTimeout
    MaxBatchReturnMessages
    MaxConnIdleTime
    MaxConnections
    MaxDatagramRecv
    MaxNotificationPerConn
    MaxPageSize
    MaxPercentDirSyncRequests
    MaxPoolThreads
    MaxQueryDuration
    MaxReceiveBuffer
    MaxResultSetSize
    MaxResultSetsPerConn
    MaxTempTableSize
    MaxValRange
    MaxValRangeTransitive
    MinResultSets
    SystemMemoryLimitPercent
    ThreadMemoryLimit
  HighestCommittedUSN: 5603888
  SupportedSASLMechanisms:
    DIGEST-MD5
    EXTERNAL
    GSS-SPNEGO
    GSSAPI
  DnsHostName: server.amlcc.mx
  LdapServiceName: amlcc.mx:server$@AMLCC.MX
  ServerName: CN=SERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=amlcc,DC=mx
  SupportedCapabilities:
    1.2.840.113556.1.4.1670
    1.2.840.113556.1.4.1791
    1.2.840.113556.1.4.1935
    1.2.840.113556.1.4.2080
    1.2.840.113556.1.4.2237
    1.2.840.113556.1.4.800
  IsSynchronized: TRUE
  IsGlobalCatalogReady: TRUE
  SupportedExtension:
    1.2.840.113556.1.4.1781
    1.2.840.113556.1.4.2212
    1.3.6.1.4.1.1466.101.119.1
    1.3.6.1.4.1.1466.20037
    1.3.6.1.4.1.4203.1.11.3
  DomainFunctionality: 6
  ForestFunctionality: 6

1821609603 | 2024-05-11T04:28:58.158825

3269 / tcp

LDAP:
  CurrentTime: 20240511102847.0Z
  SubschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=amlcc,DC=mx
  DsServiceName: CN=NTDS Settings,CN=SERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=amlcc,DC=mx
  NamingContexts:
    CN=Configuration,DC=amlcc,DC=mx
    CN=Schema,CN=Configuration,DC=amlcc,DC=mx
    DC=DomainDnsZones,DC=amlcc,DC=mx
    DC=ForestDnsZones,DC=amlcc,DC=mx
    DC=amlcc,DC=mx
  DefaultNamingContext: DC=amlcc,DC=mx
  SchemaNamingContext: CN=Schema,CN=Configuration,DC=amlcc,DC=mx
  ConfigurationNamingContext: CN=Configuration,DC=amlcc,DC=mx
  RootDomainNamingContext: DC=amlcc,DC=mx
  SupportedControl:
    1.2.840.113556.1.4.1338
    1.2.840.113556.1.4.1339
    1.2.840.113556.1.4.1340
    1.2.840.113556.1.4.1341
    1.2.840.113556.1.4.1413
    1.2.840.113556.1.4.1504
    1.2.840.113556.1.4.1852
    1.2.840.113556.1.4.1907
    1.2.840.113556.1.4.1948
    1.2.840.113556.1.4.1974
    1.2.840.113556.1.4.2026
    1.2.840.113556.1.4.2064
    1.2.840.113556.1.4.2065
    1.2.840.113556.1.4.2066
    1.2.840.113556.1.4.2090
    1.2.840.113556.1.4.2204
    1.2.840.113556.1.4.2205
    1.2.840.113556.1.4.2206
    1.2.840.113556.1.4.2211
    1.2.840.113556.1.4.2239
    1.2.840.113556.1.4.2255
    1.2.840.113556.1.4.2256
    1.2.840.113556.1.4.319
    1.2.840.113556.1.4.417
    1.2.840.113556.1.4.473
    1.2.840.113556.1.4.474
    1.2.840.113556.1.4.521
    1.2.840.113556.1.4.528
    1.2.840.113556.1.4.529
    1.2.840.113556.1.4.619
    1.2.840.113556.1.4.801
    1.2.840.113556.1.4.802
    1.2.840.113556.1.4.805
    1.2.840.113556.1.4.841
    1.2.840.113556.1.4.970
    2.16.840.1.113730.3.4.10
    2.16.840.1.113730.3.4.9
  SupportedLDAPVersion:
    2
    3
  SupportedLDAPPolicies:
    InitRecvTimeout
    MaxBatchReturnMessages
    MaxConnIdleTime
    MaxConnections
    MaxDatagramRecv
    MaxNotificationPerConn
    MaxPageSize
    MaxPercentDirSyncRequests
    MaxPoolThreads
    MaxQueryDuration
    MaxReceiveBuffer
    MaxResultSetSize
    MaxResultSetsPerConn
    MaxTempTableSize
    MaxValRange
    MaxValRangeTransitive
    MinResultSets
    SystemMemoryLimitPercent
    ThreadMemoryLimit
  HighestCommittedUSN: 5831350
  SupportedSASLMechanisms:
    DIGEST-MD5
    EXTERNAL
    GSS-SPNEGO
    GSSAPI
  DnsHostName: server.amlcc.mx
  LdapServiceName: amlcc.mx:server$@AMLCC.MX
  ServerName: CN=SERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=amlcc,DC=mx
  SupportedCapabilities:
    1.2.840.113556.1.4.1670
    1.2.840.113556.1.4.1791
    1.2.840.113556.1.4.1935
    1.2.840.113556.1.4.2080
    1.2.840.113556.1.4.2237
    1.2.840.113556.1.4.800
  IsSynchronized: TRUE
  IsGlobalCatalogReady: TRUE
  SupportedExtension:
    1.2.840.113556.1.4.1781
    1.2.840.113556.1.4.2212
    1.3.6.1.4.1.1466.101.119.1
    1.3.6.1.4.1.1466.20037
    1.3.6.1.4.1.4203.1.11.3
  DomainFunctionality: 6
  ForestFunctionality: 6

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4a:3a:40:c5:86:e2:9a:bf:44:4c:2f:c4:ce:b9:0c:df
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: CN=server.amlcc.mx
        Validity
            Not Before: Mar  7 03:00:51 2024 GMT
            Not After : Mar  6 00:00:00 2025 GMT
        Subject: CN=server.amlcc.mx
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b1:90:4a:e0:26:93:19:b3:22:c8:1e:1b:d3:bd:
                    78:57:ca:0c:89:f5:1d:97:37:76:7b:27:f2:20:0e:
                    3c:0f:32:94:db:3e:8f:62:e4:aa:cc:7d:66:8c:9e:
                    be:14:7a:d1:52:55:3f:74:4e:cd:48:7e:e0:97:29:
                    fe:e4:a5:e6:4f:99:56:3e:74:3e:eb:77:7a:c0:4b:
                    77:d1:d5:18:dc:a9:00:7c:54:0e:d3:5c:bc:77:fc:
                    c1:f5:cc:de:5d:94:0f:33:b5:c7:7e:52:d7:9a:73:
                    14:96:79:2f:55:6a:7b:3b:17:95:3c:ed:ec:22:b5:
                    e0:1e:62:04:63:03:3c:05:8c:bf:f6:50:26:02:88:
                    c7:30:c6:ef:d7:04:0e:5e:93:9c:92:f9:0c:0f:a9:
                    3f:6a:2a:cc:87:a3:03:20:38:e2:8e:0c:80:b5:7d:
                    68:22:ff:c8:75:03:63:0e:3a:fc:59:8a:30:1a:00:
                    cf:a2:51:9f:5b:8c:d0:78:dd:de:e4:87:1b:da:c5:
                    38:fb:f9:7d:a8:6c:24:8b:3a:53:c0:0c:eb:d2:0f:
                    7e:e9:cd:95:ba:86:d8:36:93:cb:13:5c:79:d8:6d:
                    ab:23:5b:d7:6c:cd:21:7d:2e:72:27:5b:b3:35:29:
                    9f:37:4c:fe:8e:84:6f:55:1b:bc:84:1e:3d:1a:36:
                    4e:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: 
                Key Encipherment, Data Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
    Signature Algorithm: sha1WithRSAEncryption
    Signature Value:
        98:40:4d:e0:08:64:76:d8:f7:5a:15:e4:12:aa:1b:24:9b:94:
        f2:80:db:a2:ba:5a:3a:82:75:f3:8d:68:3d:27:0d:c2:e6:51:
        10:49:fb:49:96:10:30:b7:42:2f:09:2a:bc:8c:40:8a:de:5e:
        87:2f:b7:b3:e0:0d:e7:ae:f3:85:c1:10:c3:fb:c3:ad:4d:7d:
        20:9a:60:1c:ce:11:1d:cf:6e:30:80:bf:ef:a6:40:0a:ac:fb:
        7b:90:87:b6:f0:be:63:54:c3:43:a9:c2:08:07:cf:3e:93:d1:
        57:82:4d:49:05:c4:98:53:80:49:ef:20:31:47:f0:77:d0:48:
        1a:90:62:88:d1:19:23:6d:c8:c5:50:e5:de:4f:74:89:78:41:
        c3:be:02:63:69:b0:3b:2d:e2:10:59:ac:a5:41:6d:69:66:8e:
        29:6f:a3:20:2c:38:7f:31:a1:d4:53:a2:32:aa:36:11:09:71:
        1b:aa:48:a5:12:80:87:90:ee:36:63:f5:e2:20:a7:c9:6a:47:
        90:54:a3:10:db:ce:26:3b:43:72:64:a1:61:37:e3:ff:b8:d8:
        79:46:7d:e6:34:25:bf:bf:63:aa:56:ea:2c:7d:b8:60:b7:f9:
        87:07:92:b1:04:3b:47:ca:c6:60:7a:99:46:02:c9:4c:15:93:
        4d:fe:e4:83

-1684583448 | 2024-05-08T17:49:46.933339

5357 / tcp

HTTP/1.1 503 Service Unavailable
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Wed, 08 May 2024 23:49:46 GMT
Connection: close
Content-Length: 326

1489525118 | 2024-05-14T01:14:44.154276

5985 / tcp

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Tue, 14 May 2024 07:14:43 GMT
Connection: close
Content-Length: 315


WinRM NTLM Info:
  OS: Windows Server 2012 R2
  OS Build: 6.3.9600
  Target Name: AMLCC
  NetBIOS Domain Name: AMLCC
  NetBIOS Computer Name: SERVER
  DNS Domain Name: amlcc.mx
  DNS Tree Name: amlcc.mx
  FQDN: server.amlcc.mx

165.227.123.87

Last Seen: 2024-05-14

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-370734890 | 2024-05-09T10:28:55.934544
21 / tcp

Microsoft ftpd

-553166942 | 2024-05-11T23:11:59.621534
53 / tcp

-553166942 | 2024-05-06T18:07:05.362559
53 / udp

1138219898 | 2024-05-12T01:01:42.281869
80 / tcp

Microsoft IIS httpd8.5

-894550076 | 2024-04-26T08:51:31.600335
88 / udp

Windows 2003 Kerberos

-587874105 | 2024-05-07T16:02:52.383213
123 / udp

216853373 | 2024-05-09T08:40:09.776643
135 / tcp

Microsoft RPC Endpoint Mapper

-1871332851 | 2024-05-12T17:46:44.333681
137 / udp

-757264002 | 2024-05-08T21:27:51.611679
139 / tcp

348779539 | 2024-05-04T22:05:04.422800
389 / tcp

981561316 | 2024-05-07T00:19:03.030309
389 / udp

1378256888 | 2024-05-12T21:54:00.667504
593 / tcp

Microsoft RPC Endpoint Mapper over HTTP

-2065532404 | 2024-05-05T22:29:09.798465
636 / tcp

2043145116 | 2024-05-08T14:34:52.400128
3268 / tcp

1821609603 | 2024-05-11T04:28:58.158825
3269 / tcp

-1684583448 | 2024-05-08T17:49:46.933339
5357 / tcp

1489525118 | 2024-05-14T01:14:44.154276
5985 / tcp

WinRM

Products

Pricing

Contact Us

165.227.123.87

Last Seen: 2024-05-14

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-370734890 | 2024-05-09T10:28:55.934544 21 / tcp

Microsoft ftpd

-553166942 | 2024-05-11T23:11:59.621534 53 / tcp

-553166942 | 2024-05-06T18:07:05.362559 53 / udp

1138219898 | 2024-05-12T01:01:42.281869 80 / tcp

Microsoft IIS httpd8.5

-894550076 | 2024-04-26T08:51:31.600335 88 / udp

Windows 2003 Kerberos

-587874105 | 2024-05-07T16:02:52.383213 123 / udp

216853373 | 2024-05-09T08:40:09.776643 135 / tcp

Microsoft RPC Endpoint Mapper

-1871332851 | 2024-05-12T17:46:44.333681 137 / udp

-757264002 | 2024-05-08T21:27:51.611679 139 / tcp

348779539 | 2024-05-04T22:05:04.422800 389 / tcp

981561316 | 2024-05-07T00:19:03.030309 389 / udp

1378256888 | 2024-05-12T21:54:00.667504 593 / tcp

Microsoft RPC Endpoint Mapper over HTTP

-2065532404 | 2024-05-05T22:29:09.798465 636 / tcp

2043145116 | 2024-05-08T14:34:52.400128 3268 / tcp

1821609603 | 2024-05-11T04:28:58.158825 3269 / tcp

-1684583448 | 2024-05-08T17:49:46.933339 5357 / tcp

1489525118 | 2024-05-14T01:14:44.154276 5985 / tcp

WinRM

Products

Pricing

Contact Us

-370734890 | 2024-05-09T10:28:55.934544
21 / tcp

-553166942 | 2024-05-11T23:11:59.621534
53 / tcp

-553166942 | 2024-05-06T18:07:05.362559
53 / udp

1138219898 | 2024-05-12T01:01:42.281869
80 / tcp

-894550076 | 2024-04-26T08:51:31.600335
88 / udp

-587874105 | 2024-05-07T16:02:52.383213
123 / udp

216853373 | 2024-05-09T08:40:09.776643
135 / tcp

-1871332851 | 2024-05-12T17:46:44.333681
137 / udp

-757264002 | 2024-05-08T21:27:51.611679
139 / tcp

348779539 | 2024-05-04T22:05:04.422800
389 / tcp

981561316 | 2024-05-07T00:19:03.030309
389 / udp

1378256888 | 2024-05-12T21:54:00.667504
593 / tcp

-2065532404 | 2024-05-05T22:29:09.798465
636 / tcp

2043145116 | 2024-05-08T14:34:52.400128
3268 / tcp

1821609603 | 2024-05-11T04:28:58.158825
3269 / tcp

-1684583448 | 2024-05-08T17:49:46.933339
5357 / tcp

1489525118 | 2024-05-14T01:14:44.154276
5985 / tcp