GeneralInformation

Country	Netherlands
City	Amsterdam
Organization	Kamatera Inc
ISP	Kamatera Inc
ASN	AS41436
Operating System	Windows

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2014-4078

The IP Security feature in Microsoft Internet Information Services (IIS) 8.0 and 8.5 does not properly process wildcard allow and deny rules for domains within the "IP Address and Domain Restrictions" list, which makes it easier for remote attackers to bypass an intended rule set via an HTTP request, aka "IIS Security Feature Bypass Vulnerability."

OpenPorts

53 80 88 123 135 389 445 593 3268 3389

-553166942 | 2024-04-10T17:35:10.805971

53 / tcp

Recursion: enabled

-553166942 | 2024-04-10T06:21:04.069407

53 / udp

Recursion: enabled

1138219898 | 2024-04-17T06:33:09.500263

80 / tcp

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Thu, 03 Nov 2022 10:46:57 GMT
Accept-Ranges: bytes
ETag: "2b917f9871efd81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 17 Apr 2024 06:33:08 GMT
Content-Length: 701

641825263 | 2024-04-23T12:14:01.857405

88 / udp

Microsoft Windows Kerberos
Server Time: 2024-04-23 12:14:02Z

2014741438 | 2024-04-20T22:39:29.547730

123 / udp

NTP
protocolversion: 3
stratum: 1
leap: 0
precision: -6
rootdelay: 0.0
rootdisp: 10.4658508301
refid: 1280262988
reftime: 3922602668.89
poll: 0

-730779271 | 2024-04-15T07:48:25.897062

135 / tcp

Microsoft RPC Endpoint Mapper

d95afe70-a6d5-4259-822e-2c84da1ddb0d
  version: v1.0
  protocol: [MS-RSP]: Remote Shutdown Protocol
  provider: wininit.exe
  ncacn_ip_tcp: 185.167.99.88:49152
  ncalrpc: WindowsShutdown
  ncacn_np: \\PALLDC\PIPE\InitShutdown
  ncalrpc: WMsgKRpc096300

76f226c3-ec14-4325-8a99-6a46348418af
  version: v1.0
  provider: winlogon.exe
  ncalrpc: WindowsShutdown
  ncacn_np: \\PALLDC\PIPE\InitShutdown
  ncalrpc: WMsgKRpc096300
  ncalrpc: WMsgKRpc097B01
  ncalrpc: WMsgKRpc0B52A24
  ncalrpc: WMsgKRpc03FA2A48
  ncalrpc: WMsgKRpc04F080D59
  ncalrpc: WMsgKRpc08325CF3B
  ncalrpc: WMsgKRpc0C2DF0C43
  ncalrpc: WMsgKRpc0C4085B07
  ncalrpc: WMsgKRpc0C4576D9C
  ncalrpc: WMsgKRpc0C4F6A71E

9b008953-f195-4bf9-bde0-4471971e58ed
  version: v1.0
  ncalrpc: LRPC-e0010b5214fc9968a2
  ncacn_np: \\PALLDC\pipe\LSM_API_service
  ncalrpc: LSMApi
  ncalrpc: LRPC-b0cfb8283f9463381a
  ncalrpc: actkernel
  ncalrpc: umpo

697dcda9-3ba9-4eb2-9247-e11f1901b0d2
  version: v1.0
  ncalrpc: LRPC-e0010b5214fc9968a2
  ncacn_np: \\PALLDC\pipe\LSM_API_service
  ncalrpc: LSMApi
  ncalrpc: LRPC-b0cfb8283f9463381a
  ncalrpc: actkernel
  ncalrpc: umpo

c9ac6db5-82b7-4e55-ae8a-e464ed7b4277
  version: v1.0
  annotation: Impl friendly name
  provider: sysntfy.dll
  ncalrpc: LRPC-b0cfb8283f9463381a
  ncalrpc: actkernel
  ncalrpc: umpo
  ncalrpc: DeviceSetupManager
  ncacn_np: \\PALLDC\PIPE\srvsvc
  ncacn_ip_tcp: 185.167.99.88:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\PALLDC\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2
  ncalrpc: senssvc
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2
  ncalrpc: IUserProfile2
  ncalrpc: OLE9F8BEEBECF679363E901365CD467
  ncacn_ip_tcp: 185.167.99.88:49155
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\PALLDC\pipe\lsass

0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

c605f9fb-f0a3-4e2a-a073-73560f8d9e3e
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

8bfc3be1-6def-4e2d-af74-7c47cd0ade4a
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

2d98a740-581d-41b9-aa0d-a88b9d5ce938
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

3b338d89-6cfa-44b8-847e-531531bc9992
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

8782d3b9-ebbd-4644-a3d8-e8725381919b
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

085b0334-e454-4d91-9b8c-4134f9e793f3
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

b2507c30-b126-494a-92ac-ee32b6eeb039
  version: v1.0
  ncalrpc: LRPC-1bde1bf3d26d7e46ff

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5
  version: v1.0
  annotation: DHCP Client LRPC Endpoint
  provider: dhcpcsvc.dll
  ncalrpc: dhcpcsvc
  ncalrpc: dhcpcsvc6
  ncalrpc: LRPC-c1193d8eebc0fd143c
  ncacn_ip_tcp: 185.167.99.88:49153
  ncacn_np: \\PALLDC\pipe\eventlog
  ncalrpc: eventlog

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6
  version: v1.0
  annotation: DHCPv6 Client LRPC Endpoint
  provider: dhcpcsvc6.dll
  ncalrpc: dhcpcsvc6
  ncalrpc: LRPC-c1193d8eebc0fd143c
  ncacn_ip_tcp: 185.167.99.88:49153
  ncacn_np: \\PALLDC\pipe\eventlog
  ncalrpc: eventlog

abfb6ca3-0c5e-4734-9285-0aee72fe8d1c
  version: v1.0
  annotation: Wcm Service
  ncalrpc: LRPC-c1193d8eebc0fd143c
  ncacn_ip_tcp: 185.167.99.88:49153
  ncacn_np: \\PALLDC\pipe\eventlog
  ncalrpc: eventlog

30adc50c-5cbc-46ce-9a0e-91914789e23c
  version: v1.0
  annotation: NRP server endpoint
  provider: nrpsrv.dll
  ncalrpc: LRPC-c1193d8eebc0fd143c
  ncacn_ip_tcp: 185.167.99.88:49153
  ncacn_np: \\PALLDC\pipe\eventlog
  ncalrpc: eventlog

f6beaff7-1e19-4fbb-9f8f-b89e2018337c
  version: v1.0
  annotation: Event log TCPIP
  protocol: [MS-EVEN6]: EventLog Remoting Protocol
  provider: wevtsvc.dll
  ncacn_ip_tcp: 185.167.99.88:49153
  ncacn_np: \\PALLDC\pipe\eventlog
  ncalrpc: eventlog

7d814569-35b3-4850-bb32-83035fcebf6e
  version: v1.0
  annotation: IAS RPC server
  provider: ias.dll
  ncacn_np: \\PALLDC\pipe\SessEnvPublicRpc
  ncalrpc: SessEnvPrivateRpc
  ncalrpc: LRPC-fcaeed9c279ace1fd4
  ncalrpc: DeviceSetupManager
  ncacn_np: \\PALLDC\PIPE\srvsvc
  ncacn_ip_tcp: 185.167.99.88:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\PALLDC\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2

58e604e8-9adb-4d2e-a464-3b0683fb1480
  version: v1.0
  annotation: AppInfo
  provider: appinfo.dll
  ncacn_np: \\PALLDC\pipe\SessEnvPublicRpc
  ncalrpc: SessEnvPrivateRpc
  ncalrpc: LRPC-fcaeed9c279ace1fd4
  ncalrpc: DeviceSetupManager
  ncacn_np: \\PALLDC\PIPE\srvsvc
  ncacn_ip_tcp: 185.167.99.88:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\PALLDC\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2

fd7a0523-dc70-43dd-9b2e-9c5ed48225b1
  version: v1.0
  annotation: AppInfo
  provider: appinfo.dll
  ncacn_np: \\PALLDC\pipe\SessEnvPublicRpc
  ncalrpc: SessEnvPrivateRpc
  ncalrpc: LRPC-fcaeed9c279ace1fd4
  ncalrpc: DeviceSetupManager
  ncacn_np: \\PALLDC\PIPE\srvsvc
  ncacn_ip_tcp: 185.167.99.88:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\PALLDC\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2

5f54ce7d-5b79-4175-8584-cb65313a0e98
  version: v1.0
  annotation: AppInfo
  provider: appinfo.dll
  ncacn_np: \\PALLDC\pipe\SessEnvPublicRpc
  ncalrpc: SessEnvPrivateRpc
  ncalrpc: LRPC-fcaeed9c279ace1fd4
  ncalrpc: DeviceSetupManager
  ncacn_np: \\PALLDC\PIPE\srvsvc
  ncacn_ip_tcp: 185.167.99.88:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\PALLDC\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2

201ef99a-7fa0-444c-9399-19ba84f12a1a
  version: v1.0
  annotation: AppInfo
  provider: appinfo.dll
  ncacn_np: \\PALLDC\pipe\SessEnvPublicRpc
  ncalrpc: SessEnvPrivateRpc
  ncalrpc: LRPC-fcaeed9c279ace1fd4
  ncalrpc: DeviceSetupManager
  ncacn_np: \\PALLDC\PIPE\srvsvc
  ncacn_ip_tcp: 185.167.99.88:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\PALLDC\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2

30b044a5-a225-43f0-b3a4-e060df91f9c1
  version: v1.0
  provider: certprop.dll
  ncalrpc: LRPC-fcaeed9c279ace1fd4
  ncalrpc: DeviceSetupManager
  ncacn_np: \\PALLDC\PIPE\srvsvc
  ncacn_ip_tcp: 185.167.99.88:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\PALLDC\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2

c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1
  version: v1.0
  annotation: Adh APIs
  ncacn_np: \\PALLDC\PIPE\srvsvc
  ncacn_ip_tcp: 185.167.99.88:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\PALLDC\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2

c36be077-e14b-4fe9-8abc-e856ef4f048b
  version: v1.0
  annotation: Proxy Manager client server endpoint
  ncacn_np: \\PALLDC\PIPE\srvsvc
  ncacn_ip_tcp: 185.167.99.88:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\PALLDC\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2

2e6035b2-e8f1-41a7-a044-656b439c4c34
  version: v1.0
  annotation: Proxy Manager provider server endpoint
  ncacn_np: \\PALLDC\PIPE\srvsvc
  ncacn_ip_tcp: 185.167.99.88:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\PALLDC\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2

552d076a-cb29-4e44-8b6a-d15e59e2c0af
  version: v1.0
  annotation: IP Transition Configuration endpoint
  provider: iphlpsvc.dll
  ncacn_np: \\PALLDC\PIPE\srvsvc
  ncacn_ip_tcp: 185.167.99.88:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\PALLDC\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2

a398e520-d59a-4bdd-aa7a-3c1e0303a511
  version: v1.0
  annotation: IKE/Authip API
  provider: IKEEXT.DLL
  ncacn_np: \\PALLDC\PIPE\srvsvc
  ncacn_ip_tcp: 185.167.99.88:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\PALLDC\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2

1a0d010f-1c33-432c-b0f5-8cf4e8053099
  version: v1.0
  annotation: IdSegSrv service
  ncacn_ip_tcp: 185.167.99.88:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\PALLDC\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2

98716d03-89ac-44c7-bb8c-285824e51c4a
  version: v1.0
  annotation: XactSrv service
  provider: srvsvc.dll
  ncacn_ip_tcp: 185.167.99.88:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\PALLDC\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2

3a9ef155-691d-4449-8d05-09ad57031823
  version: v1.0
  ncacn_ip_tcp: 185.167.99.88:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\PALLDC\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2

86d35949-83c9-4044-b424-db363231fd0c
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: schedsvc.dll
  ncacn_ip_tcp: 185.167.99.88:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\PALLDC\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2

378e52b0-c0a9-11cf-822d-00aa0051e40f
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\PALLDC\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2

1ff70682-0a51-30e8-076d-740be8cee98b
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\PALLDC\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2

0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53
  version: v1.0
  provider: schedsvc.dll
  ncalrpc: senssvc
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2

2eb08e3e-639f-4fba-97b1-14f878961076
  version: v1.0
  annotation: Group Policy RPC Interface
  provider: gpsvc.dll
  ncalrpc: LRPC-1a25a4f093812c4051

3473dd4d-2e88-4006-9cba-22570909dd10
  version: v5.256
  annotation: WinHttp Auto-Proxy Service
  ncacn_np: \\PALLDC\PIPE\W32TIME_ALT
  ncalrpc: W32TIME_ALT
  ncalrpc: LRPC-377d1cc169ba959f71
  ncalrpc: OLE586DA8CCDED43D09A27D5F5B27C9

7ea70bcf-48af-4f6a-8968-6a440754d5fa
  version: v1.0
  annotation: NSI server endpoint
  provider: nsisvc.dll
  ncalrpc: LRPC-377d1cc169ba959f71
  ncalrpc: OLE586DA8CCDED43D09A27D5F5B27C9

2fb92682-6599-42dc-ae13-bd2ca89bd11c
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-c036db630f0cb45649
  ncalrpc: LRPC-2d352bb77a4403dd42

f47433c3-3e9d-4157-aad4-83aa1f5c2d4c
  version: v1.0
  annotation: Fw APIs
  ncalrpc: LRPC-c036db630f0cb45649
  ncalrpc: LRPC-2d352bb77a4403dd42

7f9d11bf-7fb9-436b-a812-b2d50c5d4c03
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-c036db630f0cb45649
  ncalrpc: LRPC-2d352bb77a4403dd42

dd490425-5325-4565-b774-7e27d6c09c24
  version: v1.0
  annotation: Base Firewall Engine API
  provider: BFE.DLL
  ncalrpc: LRPC-2d352bb77a4403dd42

7f1343fe-50a9-4927-a778-0c5859517bac
  version: v1.0
  annotation: DfsDs service
  ncacn_np: \\PALLDC\PIPE\wkssvc
  ncalrpc: LRPC-031cb5f65c247462b1
  ncalrpc: DNSResolver

eb081a0d-10ee-478a-a1dd-50995283e7a8
  version: v3.0
  annotation: Witness Client Test Interface
  ncalrpc: LRPC-031cb5f65c247462b1
  ncalrpc: DNSResolver

f2c9b409-c1c9-4100-8639-d8ab1486694a
  version: v1.0
  annotation: Witness Client Upcall Server
  ncalrpc: LRPC-031cb5f65c247462b1
  ncalrpc: DNSResolver

b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86
  version: v2.0
  annotation: KeyIso
  ncalrpc: NETLOGON_LRPC
  ncacn_ip_tcp: 185.167.99.88:49158
  ncacn_np: \\PALLDC\pipe\62e00aa8cf38ac9a
  ncacn_ip_http: 185.167.99.88:49157
  ncalrpc: NTDS_LPC
  ncalrpc: OLE9F8BEEBECF679363E901365CD467
  ncacn_ip_tcp: 185.167.99.88:49155
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\PALLDC\pipe\lsass

12345678-1234-abcd-ef00-01234567cffb
  version: v1.0
  protocol: [MS-NRPC]: Netlogon Remote Protocol
  provider: netlogon.dll
  ncalrpc: NETLOGON_LRPC
  ncacn_ip_tcp: 185.167.99.88:49158
  ncacn_np: \\PALLDC\pipe\62e00aa8cf38ac9a
  ncacn_ip_http: 185.167.99.88:49157
  ncalrpc: NTDS_LPC
  ncalrpc: OLE9F8BEEBECF679363E901365CD467
  ncacn_ip_tcp: 185.167.99.88:49155
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\PALLDC\pipe\lsass

0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7
  version: v0.0
  annotation: RemoteAccessCheck
  protocol: [MS-RAA]: Remote Authorization API Protocol
  ncalrpc: NETLOGON_LRPC
  ncacn_ip_tcp: 185.167.99.88:49158
  ncacn_np: \\PALLDC\pipe\62e00aa8cf38ac9a
  ncacn_ip_http: 185.167.99.88:49157
  ncalrpc: NTDS_LPC
  ncalrpc: OLE9F8BEEBECF679363E901365CD467
  ncacn_ip_tcp: 185.167.99.88:49155
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\PALLDC\pipe\lsass
  ncalrpc: NETLOGON_LRPC
  ncacn_ip_tcp: 185.167.99.88:49158
  ncacn_np: \\PALLDC\pipe\62e00aa8cf38ac9a
  ncacn_ip_http: 185.167.99.88:49157
  ncalrpc: NTDS_LPC
  ncalrpc: OLE9F8BEEBECF679363E901365CD467
  ncacn_ip_tcp: 185.167.99.88:49155
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\PALLDC\pipe\lsass

12345778-1234-abcd-ef00-0123456789ac
  version: v1.0
  protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
  provider: samsrv.dll
  ncacn_ip_tcp: 185.167.99.88:49158
  ncacn_np: \\PALLDC\pipe\62e00aa8cf38ac9a
  ncacn_ip_http: 185.167.99.88:49157
  ncalrpc: NTDS_LPC
  ncalrpc: OLE9F8BEEBECF679363E901365CD467
  ncacn_ip_tcp: 185.167.99.88:49155
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\PALLDC\pipe\lsass

12345778-1234-abcd-ef00-0123456789ab
  version: v0.0
  protocol: [MS-LSAT]: Local Security Authority (Translation Methods) Remote
  provider: lsasrv.dll
  ncacn_np: \\PALLDC\pipe\62e00aa8cf38ac9a
  ncacn_ip_http: 185.167.99.88:49157
  ncalrpc: NTDS_LPC
  ncalrpc: OLE9F8BEEBECF679363E901365CD467
  ncacn_ip_tcp: 185.167.99.88:49155
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\PALLDC\pipe\lsass

e3514235-4b06-11d1-ab04-00c04fc2dcd2
  version: v4.0
  annotation: MS NT Directory DRS Interface
  protocol: [MS-DRSR]: Directory Replication Service (DRS) Remote Protocol
  provider: ntdsai.dll
  ncacn_np: \\PALLDC\pipe\62e00aa8cf38ac9a
  ncacn_ip_http: 185.167.99.88:49157
  ncalrpc: NTDS_LPC
  ncalrpc: OLE9F8BEEBECF679363E901365CD467
  ncacn_ip_tcp: 185.167.99.88:49155
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\PALLDC\pipe\lsass

76f03f96-cdfd-44fc-a22c-64950a001209
  version: v1.0
  protocol: [MS-PAR]: Print System Asynchronous Remote Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 185.167.99.88:49159
  ncalrpc: LRPC-c386dba3ce81305f9c

4a452661-8290-4b36-8fbe-7f4093a94978
  version: v1.0
  provider: spoolsv.exe
  ncacn_ip_tcp: 185.167.99.88:49159
  ncalrpc: LRPC-c386dba3ce81305f9c

ae33069b-a2a8-46ee-a235-ddfd339be281
  version: v1.0
  protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 185.167.99.88:49159
  ncalrpc: LRPC-c386dba3ce81305f9c

0b6edbfa-4a24-4fc6-8a23-942b1eca65d1
  version: v1.0
  protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 185.167.99.88:49159
  ncalrpc: LRPC-c386dba3ce81305f9c

12345678-1234-abcd-ef00-0123456789ab
  version: v1.0
  protocol: [MS-RPRN]: Print System Remote Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 185.167.99.88:49159
  ncalrpc: LRPC-c386dba3ce81305f9c

12d4b7c8-77d5-11d1-8c24-00c04fa3080d
  version: v1.0
  provider: lserver.dll
  ncacn_ip_tcp: 185.167.99.88:49166
  ncacn_np: \\PALLDC\pipe\HydraLsPipe
  ncalrpc: LRPC-d92460a574e751185e

3d267954-eeb7-11d1-b94e-00c04fa3080d
  version: v1.0
  provider: lserver.dll
  ncacn_ip_tcp: 185.167.99.88:49166
  ncacn_np: \\PALLDC\pipe\HydraLsPipe
  ncalrpc: LRPC-d92460a574e751185e

ed96b012-c8ce-4f60-a682-35535b12ff75
  version: v2.0
  ncacn_ip_tcp: 185.167.99.88:5504
  ncalrpc: OLEA5D136973E99DE7F2F061EBB5762

32e36e84-4ba2-496c-ba85-fb450f325107
  version: v2.0
  ncalrpc: TSSessionDirectoryQueryApi
  ncacn_ip_tcp: 185.167.99.88:49171
  ncalrpc: OLE80C6B39DBCCB65F8C39D987520B8

aa177641-fc9b-41bd-80ff-f964a701596f
  version: v1.0
  provider: tssdis.exe
  ncacn_ip_tcp: 185.167.99.88:49171
  ncalrpc: OLE80C6B39DBCCB65F8C39D987520B8

5b821720-f63b-11d0-aad2-00c04fc324db
  version: v1.0
  protocol: [MS-DHCPM]: Microsoft Dynamic Host Configuration Protocol (DHCP)
  provider: dhcpssvc.dll
  ncacn_ip_tcp: 185.167.99.88:49174
  ncalrpc: OLE2FB13AFA74F0CE14CAE3CE6A500A

6bffd098-a112-3610-9833-46c3f874532d
  version: v1.0
  protocol: [MS-DHCPM]: Microsoft Dynamic Host Configuration Protocol (DHCP)
  provider: dhcpssvc.dll
  ncacn_ip_tcp: 185.167.99.88:49174
  ncalrpc: OLE2FB13AFA74F0CE14CAE3CE6A500A

367abb81-9844-35f1-ad32-98f038001003
  version: v2.0
  protocol: [MS-SCMR]: Service Control Manager Remote Protocol
  provider: services.exe
  ncacn_ip_tcp: 185.167.99.88:49176

89759fce-5a25-4086-8967-de12f39a60b5
  version: v1.0
  provider: tssdjet.dll
  ncacn_ip_tcp: 185.167.99.88:49180
  ncalrpc: LcRpc
  ncalrpc: OLE072B65D16AD4C81F5C564F3BCE56

9b3195fe-d603-43d1-a0d5-9072d7cde122
  version: v1.0
  provider: tssdjet.dll
  ncacn_ip_tcp: 185.167.99.88:49180
  ncalrpc: LcRpc
  ncalrpc: OLE072B65D16AD4C81F5C564F3BCE56

50abc2a4-574d-40b3-9d66-ee4fd5fba076
  version: v5.0
  protocol: [MS-DNSP]: Domain Name Service (DNS) Server Management
  provider: dns.exe
  ncacn_ip_tcp: 185.167.99.88:49183

906b0ce0-c70b-1067-b317-00dd010662da
  version: v1.0
  protocol: [MS-CMPO]: MSDTC Connection Manager:
  provider: msdtcprx.dll
  ncalrpc: LRPC-db7e87ad8fc5f3d1db
  ncalrpc: OLE1AD09680535C7DD1982D586DB01B
  ncalrpc: LRPC-7c51f384e73ee822b3
  ncalrpc: LRPC-7c51f384e73ee822b3
  ncalrpc: LRPC-7c51f384e73ee822b3

897e2e5f-93f3-4376-9c9c-fd2277495c27
  version: v1.0
  annotation: Frs2 Service
  protocol: [MS-FRS2]: Distributed File System Replication Protocol
  provider: dfsrmig.exe
  ncacn_ip_tcp: 185.167.99.88:49213
  ncalrpc: OLEE500D9921C89F9645FFDDBA5103E

b58aa02e-2884-4e97-8176-4ee06d794184
  version: v1.0
  provider: sysmain.dll
  ncalrpc: TSUMRPD_PRINT_DRV_LPC_API
  ncalrpc: RemoteDevicesLPC_API

12e65dd8-887f-41ef-91bf-8d816c42c2e7
  version: v1.0
  annotation: Secure Desktop LRPC interface
  provider: winlogon.exe
  ncalrpc: WMsgKRpc0B52A24
  ncalrpc: WMsgKRpc03FA2A48
  ncalrpc: WMsgKRpc04F080D59
  ncalrpc: WMsgKRpc08325CF3B
  ncalrpc: WMsgKRpc0C2DF0C43
  ncalrpc: WMsgKRpc0C4085B07
  ncalrpc: WMsgKRpc0C4576D9C
  ncalrpc: WMsgKRpc0C4F6A71E

3357951c-a1d1-47db-a278-ab945d063d03
  version: v1.0
  provider: LBService.dll
  ncacn_ip_tcp: 185.167.99.88:64876

958f92d8-da20-467a-bbe3-65e7e9b4edcf
  version: v1.0
  annotation: TsProxyMgmt
  protocol: [MS-TSGU]: Terminal Services Gateway Server Management Interface
  ncalrpc: AAGMgmt
  ncacn_ip_http: 185.167.99.88:3388

44e265dd-7daf-42cd-8560-3cdb6e7a2729
  version: v1.768
  annotation: TsProxy
  protocol: [MS-TSGU]: Terminal Services Gateway Server Protocol
  ncalrpc: AAGMgmt
  ncacn_ip_http: 185.167.99.88:3388

1690952096 | 2024-04-19T17:29:00.377292

389 / tcp

LDAP:
  CurrentTime: 20240419172859.0Z
  SubschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=Pall,DC=local
  DsServiceName: CN=NTDS Settings,CN=PALLDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Pall,DC=local
  NamingContexts:
    CN=Configuration,DC=Pall,DC=local
    CN=Schema,CN=Configuration,DC=Pall,DC=local
    DC=DomainDnsZones,DC=Pall,DC=local
    DC=ForestDnsZones,DC=Pall,DC=local
    DC=Pall,DC=local
  DefaultNamingContext: DC=Pall,DC=local
  SchemaNamingContext: CN=Schema,CN=Configuration,DC=Pall,DC=local
  ConfigurationNamingContext: CN=Configuration,DC=Pall,DC=local
  RootDomainNamingContext: DC=Pall,DC=local
  SupportedControl:
    1.2.840.113556.1.4.1338
    1.2.840.113556.1.4.1339
    1.2.840.113556.1.4.1340
    1.2.840.113556.1.4.1341
    1.2.840.113556.1.4.1413
    1.2.840.113556.1.4.1504
    1.2.840.113556.1.4.1852
    1.2.840.113556.1.4.1907
    1.2.840.113556.1.4.1948
    1.2.840.113556.1.4.1974
    1.2.840.113556.1.4.2026
    1.2.840.113556.1.4.2064
    1.2.840.113556.1.4.2065
    1.2.840.113556.1.4.2066
    1.2.840.113556.1.4.2090
    1.2.840.113556.1.4.2204
    1.2.840.113556.1.4.2205
    1.2.840.113556.1.4.2206
    1.2.840.113556.1.4.2211
    1.2.840.113556.1.4.2239
    1.2.840.113556.1.4.2255
    1.2.840.113556.1.4.2256
    1.2.840.113556.1.4.319
    1.2.840.113556.1.4.417
    1.2.840.113556.1.4.473
    1.2.840.113556.1.4.474
    1.2.840.113556.1.4.521
    1.2.840.113556.1.4.528
    1.2.840.113556.1.4.529
    1.2.840.113556.1.4.619
    1.2.840.113556.1.4.801
    1.2.840.113556.1.4.802
    1.2.840.113556.1.4.805
    1.2.840.113556.1.4.841
    1.2.840.113556.1.4.970
    2.16.840.1.113730.3.4.10
    2.16.840.1.113730.3.4.9
  SupportedLDAPVersion:
    2
    3
  SupportedLDAPPolicies:
    InitRecvTimeout
    MaxBatchReturnMessages
    MaxConnIdleTime
    MaxConnections
    MaxDatagramRecv
    MaxNotificationPerConn
    MaxPageSize
    MaxPercentDirSyncRequests
    MaxPoolThreads
    MaxQueryDuration
    MaxReceiveBuffer
    MaxResultSetSize
    MaxResultSetsPerConn
    MaxTempTableSize
    MaxValRange
    MaxValRangeTransitive
    MinResultSets
    SystemMemoryLimitPercent
    ThreadMemoryLimit
  HighestCommittedUSN: 89681593
  SupportedSASLMechanisms:
    DIGEST-MD5
    EXTERNAL
    GSS-SPNEGO
    GSSAPI
  DnsHostName: PallDC.Pall.local
  LdapServiceName: Pall.local:palldc$@PALL.LOCAL
  ServerName: CN=PALLDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Pall,DC=local
  SupportedCapabilities:
    1.2.840.113556.1.4.1670
    1.2.840.113556.1.4.1791
    1.2.840.113556.1.4.1935
    1.2.840.113556.1.4.2080
    1.2.840.113556.1.4.2237
    1.2.840.113556.1.4.800
  IsSynchronized: TRUE
  IsGlobalCatalogReady: TRUE
  SupportedExtension:
    1.2.840.113556.1.4.1781
    1.2.840.113556.1.4.2212
    1.3.6.1.4.1.1466.101.119.1
    1.3.6.1.4.1.1466.20037
    1.3.6.1.4.1.4203.1.11.3
  DomainFunctionality: 6
  ForestFunctionality: 6

1591477881 | 2024-04-19T17:37:32.237502

389 / udp

0\x84\x00\x00\x0b\x19\x02\x01\x07d\x84\x00\x00\x0b\x10\x04\x000\x84\x00\x00\x0b\x080\x84\x00\x00\x00&\x04\x0bcurrentTime1\x84\x00\x00\x00\x13\x04\x1120240419173731.0Z0\x84\x00\x00\x00S\x04\x11subschemaSubentry1\x84\x00\x00\x00:\x048CN=Aggregate,CN=Schema,CN=Configuration,DC=Pall,DC=local0\x84\x00\x00\x00\x82\x04\rdsServiceName1\x84\x00\x00\x00m\x04kCN=NTDS Settings,CN=PALLDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Pall,DC=local0\x84\x00\x00\x00\xc0\x04\x0enamingContexts1\x84\x00\x00\x00\xaa\x04\x10DC=Pall,DC=local\x04!CN=Configuration,DC=Pall,DC=local\x04+CN=Schema,CN=Configuration,DC=Pall,DC=local\x04"DC=DomainDnsZones,DC=Pall,DC=local\x04"DC=ForestDnsZones,DC=Pall,DC=local0\x84\x00\x00\x00.\x04\x14defaultNamingContext1\x84\x00\x00\x00\x12\x04\x10DC=Pall,DC=local0\x84\x00\x00\x00H\x04\x13schemaNamingContext1\x84\x00\x00\x00-\x04+CN=Schema,CN=Configuration,DC=Pall,DC=local0\x84\x00\x00\x00E\x04\x1aconfigurationNamingContext1\x84\x00\x00\x00#\x04!CN=Configuration,DC=Pall,DC=local0\x84\x00\x00\x001\x04\x17rootDomainNamingContext1\x84\x00\x00\x00\x12\x04\x10DC=Pall,DC=local0\x84\x00\x00\x03\xa9\x04\x10supportedControl1\x84\x00\x00\x03\x91\x04\x161.2.840.113556.1.4.319\x04\x161.2.840.113556.1.4.801\x04\x161.2.840.113556.1.4.473\x04\x161.2.840.113556.1.4.528\x04\x161.2.840.113556.1.4.417\x04\x161.2.840.113556.1.4.619\x04\x161.2.840.113556.1.4.841\x04\x161.2.840.113556.1.4.529\x04\x161.2.840.113556.1.4.805\x04\x161.2.840.113556.1.4.521\x04\x161.2.840.113556.1.4.970\x04\x171.2.840.113556.1.4.1338\x04\x161.2.840.113556.1.4.474\x04\x171.2.840.113556.1.4.1339\x04\x171.2.840.113556.1.4.1340\x04\x171.2.840.113556.1.4.1413\x04\x172.16.840.1.113730.3.4.9\x04\x182.16.840.1.113730.3.4.10\x04\x171.2.840.113556.1.4.1504\x04\x171.2.840.113556.1.4.1852\x04\x161.2.840.113556.1.4.802\x04\x171.2.840.113556.1.4.1907\x04\x171.2.840.113556.1.4.1948\x04\x171.2.840.113556.1.4.1974\x04\x171.2.840.113556.1.4.1341\x04\x171.2.840.113556.1.4.2026\x04\x171.2.840.113556.1.4.2064\x04\x171.2.840.113556.1.4.2065\x04\x171.\xe8\x00\x00\x00\xdb\xab"f\x02\x0e\x1b5\x90\x00\x00\x00\x90\x00\x00\x00\x81\x00\x00\x00V\x00d\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x11\x00\x08\x00\x02\x00\x00\x00\x01\x00\x00\x06DL\xa8\xc4\x1e\xfb\x00\x00\x00\x00\x00\x00\x11\x00\x08\x00\x02\x00\x00\x00\x01\x00\x00\x06DL\x0c\xc4z|\x8f\x98DL\xa8\xc4\x1e\xfb\x08\x00E\x00\x00\x82\xc2\x0f\x00\x00{\x11\xd3r\x08\x08\x04\x04PRM\x8b\x005\xbb\x83\x00nY\xfe\xca\xcc\x81\x83\x00\x01\x00\x00\x00\x01\x00\x00\x0249\x011\x03205\x03175\x07in-addr\x04arpa\x00\x00\x0c\x00\x01\xc0\x11\x00\x06\x00\x01\x00\x00\x00\xa3\x00/\x01g\x03dns\x02kr\x00\x07inverse\x03nic\x02or\xc0=x\xa4l\x80\x00\x00T`\x00\x00\x03\x84\x00\t:\x80\x00\x00\xa8\xc0\x00\x00\xa0\x00\x00\x00\xdb\xab"f\x9cUU5J\x00\x00\x00J\x00\x00\x00\x81\x00\x00\x00V\x00d\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x11\x00\x08\x00\x02\x00\x00\x00\x01\x00\x00\x06DL\xa8\xc4\x1e\xfb\xd0\xd6\x01hO\x19USRP\x00\x00&M\x00\x00\x00\x00\x00\x00\x0c\xc4z|\x8f\x98DL\xa8\xc4\x1e\xfb\x08\x00E\x00\x00<\x00\x00@\x009\x067\x08-<?\x9bPRM\x8b\x0c\xc5\xa3\xd0R]2\xea\xf9\xed9y\xa0\x12\xfe\x88)N\x00\x00\x02\x04\x05\xb4\x04\x02\x08\nF_hw\x8f\x14n5\x01\x03\x03\x07\x00\x00\x00\x00\xdb\xab"f\x9a\xf1_5J\x00\x00\x00J\x00\x00\x00\x81\x00\x00\x00V\x00d\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x11\x00\x08\x00\x02\x00\x00\x00\x01\x00\x00\x06DL\xa8\xc4\x1e\xfb\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0c\xc4z|\x8f\x98DL\xa8\xc4\x1e\xfb\x08\x00E\x00\x00<\x00\x00@\x00-\x06\x8f\xd1\xaf\xf7p\x16PRM\x8b\x02*\xc3\x92\xf3q\x93"\x95\xa1\xbfq\xa0\x12q \x08=\x00\x00\x02\x04\x05\xb4\x04\x02\x08\n\x17PP\xfb1\x02\xd5\xf6\x01\x03\x03\x06\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x08\x01\x00\x00\xda\xab"f\xea\xec\xb8\x03\xac\x00\x00\x00\xac\x00\x00\x00\x81\x00\x00\x00V\x00d\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x11\x00\x08\x00\x02\x00\x00\x00\x01\x00\x00\x06DL\xa8\xc4\x1e\xfbNG\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0c\xc4z|\x8f\x98DL\xa8\xc4\x1e\xfb\x08\x00E\x00\x00\x9e\x95\xeb@\x005\x11\xef]"\xea\xff>PRM\x8bv_\x8a!\x00\x8a~<D\xd3\xe1\xa2"ZSaE?\xbbR.\xf3\x10\xaf\xf7&\r\xbb[\xb6\xb1\xc4\x858l\x14\x10\xce\x9d4\xe7XB\xa1\x9c\xbd\x04-\xc65\xeb\x7f\xbc}\xd5\xafZJ\xb3\x99\x8c_\x9f\xb9?\xb1^\xe9@\xb8I=Y.\xc9\xd4=\x1ad\xa8\x06\x8a\xafv\xa3\x0c\x08\xf9\xc4\x0e:\x109\xc0\x8b\x01\xf0%xR:\xc8o\xef\x01\x01\xdf\x05\xcb\x84\x7f\x00\x00\x01\x82v_\x82v_\xcb\x84PRM\x8b\x82\x8a!\x82v_\x84f"\xac\x16\x0b\x00\x00\x00\x00\x00\x00\xe0\x01\x00\x00\xda\xab"f8\xe2\xc2\x03\x8a\x01\x00\x00\x8a\x01\x00\x00\x81\x00\x00\x00V\x00d\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x11\x00\x08\x00\x02\x00\x00\x00\x01\x00\x00\x06DL\xa8\xc4\x1e\xfb\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0c\xc4z|\x8f\x98DL\xa8\xc4\x1e\xfb\x08\x00E\x00\x01|\xe6\xe3@\x004\x11\xc5\x12\xb2\xc2H\xdbPRM\x8b\xd41\xe2\x90\x01h=_USRP\x00\x00&M\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00PING\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

-1413703094 | 2024-04-20T08:31:58.206966

445 / tcp

SMB Status:
  Authentication: enabled
  SMB Version: 1
  OS: Windows Server 2012 R2 Standard 9600
  Software: Windows Server 2012 R2 Standard 6.3
  Capabilities: dfs, extended-security, infolevel-passthru, large-files, large-readx, large-writex, level2-oplocks, lock-and-read, lwio, nt-find, nt-smb, nt-status, rpc-remote-api, unicode

1842484578 | 2024-04-22T19:52:03.541715

593 / tcp

ncacn_http/1.0

Microsoft RPC Endpoint Mapper over HTTP

d95afe70-a6d5-4259-822e-2c84da1ddb0d
  version: v1.0
  protocol: [MS-RSP]: Remote Shutdown Protocol
  provider: wininit.exe
  ncacn_ip_tcp: 185.167.99.88:49152
  ncalrpc: WindowsShutdown
  ncacn_np: \\PALLDC\PIPE\InitShutdown
  ncalrpc: WMsgKRpc096300

76f226c3-ec14-4325-8a99-6a46348418af
  version: v1.0
  provider: winlogon.exe
  ncalrpc: WindowsShutdown
  ncacn_np: \\PALLDC\PIPE\InitShutdown
  ncalrpc: WMsgKRpc096300
  ncalrpc: WMsgKRpc097B01
  ncalrpc: WMsgKRpc03FA2A48
  ncalrpc: WMsgKRpc08325CF3B
  ncalrpc: WMsgKRpc0C2DF0C43
  ncalrpc: WMsgKRpc0C4085B07
  ncalrpc: WMsgKRpc0C4F6A71E
  ncalrpc: WMsgKRpc0CC72D56A
  ncalrpc: WMsgKRpc0D801CEFF
  ncalrpc: WMsgKRpc013E790899
  ncalrpc: WMsgKRpc02530150310
  ncalrpc: WMsgKRpc035F9EF8DC
  ncalrpc: WMsgKRpc039D0D28E11

9b008953-f195-4bf9-bde0-4471971e58ed
  version: v1.0
  ncalrpc: LRPC-e0010b5214fc9968a2
  ncacn_np: \\PALLDC\pipe\LSM_API_service
  ncalrpc: LSMApi
  ncalrpc: LRPC-b0cfb8283f9463381a
  ncalrpc: actkernel
  ncalrpc: umpo

697dcda9-3ba9-4eb2-9247-e11f1901b0d2
  version: v1.0
  ncalrpc: LRPC-e0010b5214fc9968a2
  ncacn_np: \\PALLDC\pipe\LSM_API_service
  ncalrpc: LSMApi
  ncalrpc: LRPC-b0cfb8283f9463381a
  ncalrpc: actkernel
  ncalrpc: umpo

c9ac6db5-82b7-4e55-ae8a-e464ed7b4277
  version: v1.0
  annotation: Impl friendly name
  provider: sysntfy.dll
  ncalrpc: LRPC-b0cfb8283f9463381a
  ncalrpc: actkernel
  ncalrpc: umpo
  ncalrpc: DeviceSetupManager
  ncacn_np: \\PALLDC\PIPE\srvsvc
  ncacn_ip_tcp: 185.167.99.88:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\PALLDC\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2
  ncalrpc: senssvc
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2
  ncalrpc: IUserProfile2
  ncalrpc: OLE9F8BEEBECF679363E901365CD467
  ncacn_ip_tcp: 185.167.99.88:49155
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\PALLDC\pipe\lsass

0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

c605f9fb-f0a3-4e2a-a073-73560f8d9e3e
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

8bfc3be1-6def-4e2d-af74-7c47cd0ade4a
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

2d98a740-581d-41b9-aa0d-a88b9d5ce938
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

3b338d89-6cfa-44b8-847e-531531bc9992
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

8782d3b9-ebbd-4644-a3d8-e8725381919b
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

085b0334-e454-4d91-9b8c-4134f9e793f3
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9
  version: v1.0
  ncalrpc: actkernel
  ncalrpc: umpo

b2507c30-b126-494a-92ac-ee32b6eeb039
  version: v1.0
  ncalrpc: LRPC-1bde1bf3d26d7e46ff

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5
  version: v1.0
  annotation: DHCP Client LRPC Endpoint
  provider: dhcpcsvc.dll
  ncalrpc: dhcpcsvc
  ncalrpc: dhcpcsvc6
  ncalrpc: LRPC-c1193d8eebc0fd143c
  ncacn_ip_tcp: 185.167.99.88:49153
  ncacn_np: \\PALLDC\pipe\eventlog
  ncalrpc: eventlog

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6
  version: v1.0
  annotation: DHCPv6 Client LRPC Endpoint
  provider: dhcpcsvc6.dll
  ncalrpc: dhcpcsvc6
  ncalrpc: LRPC-c1193d8eebc0fd143c
  ncacn_ip_tcp: 185.167.99.88:49153
  ncacn_np: \\PALLDC\pipe\eventlog
  ncalrpc: eventlog

abfb6ca3-0c5e-4734-9285-0aee72fe8d1c
  version: v1.0
  annotation: Wcm Service
  ncalrpc: LRPC-c1193d8eebc0fd143c
  ncacn_ip_tcp: 185.167.99.88:49153
  ncacn_np: \\PALLDC\pipe\eventlog
  ncalrpc: eventlog

30adc50c-5cbc-46ce-9a0e-91914789e23c
  version: v1.0
  annotation: NRP server endpoint
  provider: nrpsrv.dll
  ncalrpc: LRPC-c1193d8eebc0fd143c
  ncacn_ip_tcp: 185.167.99.88:49153
  ncacn_np: \\PALLDC\pipe\eventlog
  ncalrpc: eventlog

f6beaff7-1e19-4fbb-9f8f-b89e2018337c
  version: v1.0
  annotation: Event log TCPIP
  protocol: [MS-EVEN6]: EventLog Remoting Protocol
  provider: wevtsvc.dll
  ncacn_ip_tcp: 185.167.99.88:49153
  ncacn_np: \\PALLDC\pipe\eventlog
  ncalrpc: eventlog

7d814569-35b3-4850-bb32-83035fcebf6e
  version: v1.0
  annotation: IAS RPC server
  provider: ias.dll
  ncacn_np: \\PALLDC\pipe\SessEnvPublicRpc
  ncalrpc: SessEnvPrivateRpc
  ncalrpc: LRPC-fcaeed9c279ace1fd4
  ncalrpc: DeviceSetupManager
  ncacn_np: \\PALLDC\PIPE\srvsvc
  ncacn_ip_tcp: 185.167.99.88:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\PALLDC\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2

58e604e8-9adb-4d2e-a464-3b0683fb1480
  version: v1.0
  annotation: AppInfo
  provider: appinfo.dll
  ncacn_np: \\PALLDC\pipe\SessEnvPublicRpc
  ncalrpc: SessEnvPrivateRpc
  ncalrpc: LRPC-fcaeed9c279ace1fd4
  ncalrpc: DeviceSetupManager
  ncacn_np: \\PALLDC\PIPE\srvsvc
  ncacn_ip_tcp: 185.167.99.88:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\PALLDC\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2

fd7a0523-dc70-43dd-9b2e-9c5ed48225b1
  version: v1.0
  annotation: AppInfo
  provider: appinfo.dll
  ncacn_np: \\PALLDC\pipe\SessEnvPublicRpc
  ncalrpc: SessEnvPrivateRpc
  ncalrpc: LRPC-fcaeed9c279ace1fd4
  ncalrpc: DeviceSetupManager
  ncacn_np: \\PALLDC\PIPE\srvsvc
  ncacn_ip_tcp: 185.167.99.88:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\PALLDC\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2

5f54ce7d-5b79-4175-8584-cb65313a0e98
  version: v1.0
  annotation: AppInfo
  provider: appinfo.dll
  ncacn_np: \\PALLDC\pipe\SessEnvPublicRpc
  ncalrpc: SessEnvPrivateRpc
  ncalrpc: LRPC-fcaeed9c279ace1fd4
  ncalrpc: DeviceSetupManager
  ncacn_np: \\PALLDC\PIPE\srvsvc
  ncacn_ip_tcp: 185.167.99.88:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\PALLDC\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2

201ef99a-7fa0-444c-9399-19ba84f12a1a
  version: v1.0
  annotation: AppInfo
  provider: appinfo.dll
  ncacn_np: \\PALLDC\pipe\SessEnvPublicRpc
  ncalrpc: SessEnvPrivateRpc
  ncalrpc: LRPC-fcaeed9c279ace1fd4
  ncalrpc: DeviceSetupManager
  ncacn_np: \\PALLDC\PIPE\srvsvc
  ncacn_ip_tcp: 185.167.99.88:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\PALLDC\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2

30b044a5-a225-43f0-b3a4-e060df91f9c1
  version: v1.0
  provider: certprop.dll
  ncalrpc: LRPC-fcaeed9c279ace1fd4
  ncalrpc: DeviceSetupManager
  ncacn_np: \\PALLDC\PIPE\srvsvc
  ncacn_ip_tcp: 185.167.99.88:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\PALLDC\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2

c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1
  version: v1.0
  annotation: Adh APIs
  ncacn_np: \\PALLDC\PIPE\srvsvc
  ncacn_ip_tcp: 185.167.99.88:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\PALLDC\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2

c36be077-e14b-4fe9-8abc-e856ef4f048b
  version: v1.0
  annotation: Proxy Manager client server endpoint
  ncacn_np: \\PALLDC\PIPE\srvsvc
  ncacn_ip_tcp: 185.167.99.88:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\PALLDC\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2

2e6035b2-e8f1-41a7-a044-656b439c4c34
  version: v1.0
  annotation: Proxy Manager provider server endpoint
  ncacn_np: \\PALLDC\PIPE\srvsvc
  ncacn_ip_tcp: 185.167.99.88:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\PALLDC\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2

552d076a-cb29-4e44-8b6a-d15e59e2c0af
  version: v1.0
  annotation: IP Transition Configuration endpoint
  provider: iphlpsvc.dll
  ncacn_np: \\PALLDC\PIPE\srvsvc
  ncacn_ip_tcp: 185.167.99.88:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\PALLDC\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2

a398e520-d59a-4bdd-aa7a-3c1e0303a511
  version: v1.0
  annotation: IKE/Authip API
  provider: IKEEXT.DLL
  ncacn_np: \\PALLDC\PIPE\srvsvc
  ncacn_ip_tcp: 185.167.99.88:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\PALLDC\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2

1a0d010f-1c33-432c-b0f5-8cf4e8053099
  version: v1.0
  annotation: IdSegSrv service
  ncacn_ip_tcp: 185.167.99.88:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\PALLDC\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2

98716d03-89ac-44c7-bb8c-285824e51c4a
  version: v1.0
  annotation: XactSrv service
  provider: srvsvc.dll
  ncacn_ip_tcp: 185.167.99.88:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\PALLDC\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2

3a9ef155-691d-4449-8d05-09ad57031823
  version: v1.0
  ncacn_ip_tcp: 185.167.99.88:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\PALLDC\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2

86d35949-83c9-4044-b424-db363231fd0c
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: schedsvc.dll
  ncacn_ip_tcp: 185.167.99.88:49154
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\PALLDC\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2

378e52b0-c0a9-11cf-822d-00aa0051e40f
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\PALLDC\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2

1ff70682-0a51-30e8-076d-740be8cee98b
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\PALLDC\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2

0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53
  version: v1.0
  provider: schedsvc.dll
  ncalrpc: senssvc
  ncalrpc: OLEE7558F186AA717DD0DA2F1760ACC
  ncalrpc: IUserProfile2

2eb08e3e-639f-4fba-97b1-14f878961076
  version: v1.0
  annotation: Group Policy RPC Interface
  provider: gpsvc.dll
  ncalrpc: LRPC-1a25a4f093812c4051

da5a86c5-12c2-4943-ab30-7f74a813d853
  version: v1.0
  annotation: RemoteRegistry Perflib Interface
  protocol: [MS-PCQ]: Performance Counter Query Protocol
  provider: regsvc.dll
  ncacn_np: \\PALLDC\PIPE\winreg

338cd001-2244-31f1-aaaa-900038001003
  version: v1.0
  annotation: RemoteRegistry Interface
  protocol: [MS-RRP]: Windows Remote Registry Protocol
  provider: regsvc.dll
  ncacn_np: \\PALLDC\PIPE\winreg

3473dd4d-2e88-4006-9cba-22570909dd10
  version: v5.256
  annotation: WinHttp Auto-Proxy Service
  ncacn_np: \\PALLDC\PIPE\W32TIME_ALT
  ncalrpc: W32TIME_ALT
  ncalrpc: LRPC-377d1cc169ba959f71
  ncalrpc: OLE586DA8CCDED43D09A27D5F5B27C9

7ea70bcf-48af-4f6a-8968-6a440754d5fa
  version: v1.0
  annotation: NSI server endpoint
  provider: nsisvc.dll
  ncalrpc: LRPC-377d1cc169ba959f71
  ncalrpc: OLE586DA8CCDED43D09A27D5F5B27C9

2fb92682-6599-42dc-ae13-bd2ca89bd11c
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-c036db630f0cb45649
  ncalrpc: LRPC-2d352bb77a4403dd42

f47433c3-3e9d-4157-aad4-83aa1f5c2d4c
  version: v1.0
  annotation: Fw APIs
  ncalrpc: LRPC-c036db630f0cb45649
  ncalrpc: LRPC-2d352bb77a4403dd42

7f9d11bf-7fb9-436b-a812-b2d50c5d4c03
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-c036db630f0cb45649
  ncalrpc: LRPC-2d352bb77a4403dd42

dd490425-5325-4565-b774-7e27d6c09c24
  version: v1.0
  annotation: Base Firewall Engine API
  provider: BFE.DLL
  ncalrpc: LRPC-2d352bb77a4403dd42

7f1343fe-50a9-4927-a778-0c5859517bac
  version: v1.0
  annotation: DfsDs service
  ncacn_np: \\PALLDC\PIPE\wkssvc
  ncalrpc: LRPC-031cb5f65c247462b1
  ncalrpc: DNSResolver

eb081a0d-10ee-478a-a1dd-50995283e7a8
  version: v3.0
  annotation: Witness Client Test Interface
  ncalrpc: LRPC-031cb5f65c247462b1
  ncalrpc: DNSResolver

f2c9b409-c1c9-4100-8639-d8ab1486694a
  version: v1.0
  annotation: Witness Client Upcall Server
  ncalrpc: LRPC-031cb5f65c247462b1
  ncalrpc: DNSResolver

b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86
  version: v2.0
  annotation: KeyIso
  ncalrpc: NETLOGON_LRPC
  ncacn_ip_tcp: 185.167.99.88:49158
  ncacn_np: \\PALLDC\pipe\62e00aa8cf38ac9a
  ncacn_ip_http: 185.167.99.88:49157
  ncalrpc: NTDS_LPC
  ncalrpc: OLE9F8BEEBECF679363E901365CD467
  ncacn_ip_tcp: 185.167.99.88:49155
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\PALLDC\pipe\lsass

12345678-1234-abcd-ef00-01234567cffb
  version: v1.0
  protocol: [MS-NRPC]: Netlogon Remote Protocol
  provider: netlogon.dll
  ncalrpc: NETLOGON_LRPC
  ncacn_ip_tcp: 185.167.99.88:49158
  ncacn_np: \\PALLDC\pipe\62e00aa8cf38ac9a
  ncacn_ip_http: 185.167.99.88:49157
  ncalrpc: NTDS_LPC
  ncalrpc: OLE9F8BEEBECF679363E901365CD467
  ncacn_ip_tcp: 185.167.99.88:49155
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\PALLDC\pipe\lsass

0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7
  version: v0.0
  annotation: RemoteAccessCheck
  protocol: [MS-RAA]: Remote Authorization API Protocol
  ncalrpc: NETLOGON_LRPC
  ncacn_ip_tcp: 185.167.99.88:49158
  ncacn_np: \\PALLDC\pipe\62e00aa8cf38ac9a
  ncacn_ip_http: 185.167.99.88:49157
  ncalrpc: NTDS_LPC
  ncalrpc: OLE9F8BEEBECF679363E901365CD467
  ncacn_ip_tcp: 185.167.99.88:49155
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\PALLDC\pipe\lsass
  ncalrpc: NETLOGON_LRPC
  ncacn_ip_tcp: 185.167.99.88:49158
  ncacn_np: \\PALLDC\pipe\62e00aa8cf38ac9a
  ncacn_ip_http: 185.167.99.88:49157
  ncalrpc: NTDS_LPC
  ncalrpc: OLE9F8BEEBECF679363E901365CD467
  ncacn_ip_tcp: 185.167.99.88:49155
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\PALLDC\pipe\lsass

12345778-1234-abcd-ef00-0123456789ac
  version: v1.0
  protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
  provider: samsrv.dll
  ncacn_ip_tcp: 185.167.99.88:49158
  ncacn_np: \\PALLDC\pipe\62e00aa8cf38ac9a
  ncacn_ip_http: 185.167.99.88:49157
  ncalrpc: NTDS_LPC
  ncalrpc: OLE9F8BEEBECF679363E901365CD467
  ncacn_ip_tcp: 185.167.99.88:49155
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\PALLDC\pipe\lsass

12345778-1234-abcd-ef00-0123456789ab
  version: v0.0
  protocol: [MS-LSAT]: Local Security Authority (Translation Methods) Remote
  provider: lsasrv.dll
  ncacn_np: \\PALLDC\pipe\62e00aa8cf38ac9a
  ncacn_ip_http: 185.167.99.88:49157
  ncalrpc: NTDS_LPC
  ncalrpc: OLE9F8BEEBECF679363E901365CD467
  ncacn_ip_tcp: 185.167.99.88:49155
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\PALLDC\pipe\lsass

e3514235-4b06-11d1-ab04-00c04fc2dcd2
  version: v4.0
  annotation: MS NT Directory DRS Interface
  protocol: [MS-DRSR]: Directory Replication Service (DRS) Remote Protocol
  provider: ntdsai.dll
  ncacn_np: \\PALLDC\pipe\62e00aa8cf38ac9a
  ncacn_ip_http: 185.167.99.88:49157
  ncalrpc: NTDS_LPC
  ncalrpc: OLE9F8BEEBECF679363E901365CD467
  ncacn_ip_tcp: 185.167.99.88:49155
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\PALLDC\pipe\lsass

76f03f96-cdfd-44fc-a22c-64950a001209
  version: v1.0
  protocol: [MS-PAR]: Print System Asynchronous Remote Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 185.167.99.88:49159
  ncalrpc: LRPC-c386dba3ce81305f9c

4a452661-8290-4b36-8fbe-7f4093a94978
  version: v1.0
  provider: spoolsv.exe
  ncacn_ip_tcp: 185.167.99.88:49159
  ncalrpc: LRPC-c386dba3ce81305f9c

ae33069b-a2a8-46ee-a235-ddfd339be281
  version: v1.0
  protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 185.167.99.88:49159
  ncalrpc: LRPC-c386dba3ce81305f9c

0b6edbfa-4a24-4fc6-8a23-942b1eca65d1
  version: v1.0
  protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 185.167.99.88:49159
  ncalrpc: LRPC-c386dba3ce81305f9c

12345678-1234-abcd-ef00-0123456789ab
  version: v1.0
  protocol: [MS-RPRN]: Print System Remote Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 185.167.99.88:49159
  ncalrpc: LRPC-c386dba3ce81305f9c

12d4b7c8-77d5-11d1-8c24-00c04fa3080d
  version: v1.0
  provider: lserver.dll
  ncacn_ip_tcp: 185.167.99.88:49166
  ncacn_np: \\PALLDC\pipe\HydraLsPipe
  ncalrpc: LRPC-d92460a574e751185e

3d267954-eeb7-11d1-b94e-00c04fa3080d
  version: v1.0
  provider: lserver.dll
  ncacn_ip_tcp: 185.167.99.88:49166
  ncacn_np: \\PALLDC\pipe\HydraLsPipe
  ncalrpc: LRPC-d92460a574e751185e

ed96b012-c8ce-4f60-a682-35535b12ff75
  version: v2.0
  ncacn_ip_tcp: 185.167.99.88:5504
  ncalrpc: OLEA5D136973E99DE7F2F061EBB5762

32e36e84-4ba2-496c-ba85-fb450f325107
  version: v2.0
  ncalrpc: TSSessionDirectoryQueryApi
  ncacn_ip_tcp: 185.167.99.88:49171
  ncalrpc: OLE80C6B39DBCCB65F8C39D987520B8

aa177641-fc9b-41bd-80ff-f964a701596f
  version: v1.0
  provider: tssdis.exe
  ncacn_ip_tcp: 185.167.99.88:49171
  ncalrpc: OLE80C6B39DBCCB65F8C39D987520B8

5b821720-f63b-11d0-aad2-00c04fc324db
  version: v1.0
  protocol: [MS-DHCPM]: Microsoft Dynamic Host Configuration Protocol (DHCP)
  provider: dhcpssvc.dll
  ncacn_ip_tcp: 185.167.99.88:49174
  ncalrpc: OLE2FB13AFA74F0CE14CAE3CE6A500A

6bffd098-a112-3610-9833-46c3f874532d
  version: v1.0
  protocol: [MS-DHCPM]: Microsoft Dynamic Host Configuration Protocol (DHCP)
  provider: dhcpssvc.dll
  ncacn_ip_tcp: 185.167.99.88:49174
  ncalrpc: OLE2FB13AFA74F0CE14CAE3CE6A500A

367abb81-9844-35f1-ad32-98f038001003
  version: v2.0
  protocol: [MS-SCMR]: Service Control Manager Remote Protocol
  provider: services.exe
  ncacn_ip_tcp: 185.167.99.88:49176

89759fce-5a25-4086-8967-de12f39a60b5
  version: v1.0
  provider: tssdjet.dll
  ncacn_ip_tcp: 185.167.99.88:49180
  ncalrpc: LcRpc
  ncalrpc: OLE072B65D16AD4C81F5C564F3BCE56

9b3195fe-d603-43d1-a0d5-9072d7cde122
  version: v1.0
  provider: tssdjet.dll
  ncacn_ip_tcp: 185.167.99.88:49180
  ncalrpc: LcRpc
  ncalrpc: OLE072B65D16AD4C81F5C564F3BCE56

50abc2a4-574d-40b3-9d66-ee4fd5fba076
  version: v5.0
  protocol: [MS-DNSP]: Domain Name Service (DNS) Server Management
  provider: dns.exe
  ncacn_ip_tcp: 185.167.99.88:49183

906b0ce0-c70b-1067-b317-00dd010662da
  version: v1.0
  protocol: [MS-CMPO]: MSDTC Connection Manager:
  provider: msdtcprx.dll
  ncalrpc: LRPC-db7e87ad8fc5f3d1db
  ncalrpc: OLE1AD09680535C7DD1982D586DB01B
  ncalrpc: LRPC-7c51f384e73ee822b3
  ncalrpc: LRPC-7c51f384e73ee822b3
  ncalrpc: LRPC-7c51f384e73ee822b3

897e2e5f-93f3-4376-9c9c-fd2277495c27
  version: v1.0
  annotation: Frs2 Service
  protocol: [MS-FRS2]: Distributed File System Replication Protocol
  provider: dfsrmig.exe
  ncacn_ip_tcp: 185.167.99.88:49213
  ncalrpc: OLEE500D9921C89F9645FFDDBA5103E

b58aa02e-2884-4e97-8176-4ee06d794184
  version: v1.0
  provider: sysmain.dll
  ncalrpc: TSUMRPD_PRINT_DRV_LPC_API
  ncalrpc: RemoteDevicesLPC_API

3357951c-a1d1-47db-a278-ab945d063d03
  version: v1.0
  provider: LBService.dll
  ncacn_ip_tcp: 185.167.99.88:64876

958f92d8-da20-467a-bbe3-65e7e9b4edcf
  version: v1.0
  annotation: TsProxyMgmt
  protocol: [MS-TSGU]: Terminal Services Gateway Server Management Interface
  ncalrpc: AAGMgmt
  ncacn_ip_http: 185.167.99.88:3388

44e265dd-7daf-42cd-8560-3cdb6e7a2729
  version: v1.768
  annotation: TsProxy
  protocol: [MS-TSGU]: Terminal Services Gateway Server Protocol
  ncalrpc: AAGMgmt
  ncacn_ip_http: 185.167.99.88:3388

12e65dd8-887f-41ef-91bf-8d816c42c2e7
  version: v1.0
  annotation: Secure Desktop LRPC interface
  provider: winlogon.exe
  ncalrpc: WMsgKRpc03FA2A48
  ncalrpc: WMsgKRpc08325CF3B
  ncalrpc: WMsgKRpc0C2DF0C43
  ncalrpc: WMsgKRpc0C4085B07
  ncalrpc: WMsgKRpc0C4F6A71E
  ncalrpc: WMsgKRpc0CC72D56A
  ncalrpc: WMsgKRpc0D801CEFF
  ncalrpc: WMsgKRpc013E790899
  ncalrpc: WMsgKRpc02530150310
  ncalrpc: WMsgKRpc035F9EF8DC
  ncalrpc: WMsgKRpc039D0D28E11

ff9fd3c4-742e-45e0-91dd-2f5bc632a1df
  version: v1.0
  annotation: appxsvc
  ncalrpc: LRPC-f93df59b209477a44e

ae2dc901-312d-41df-8b79-e835e63db874
  version: v1.0
  annotation: appxsvc
  ncalrpc: LRPC-f93df59b209477a44e

-424820031 | 2024-04-05T23:08:31.703354

3268 / tcp

LDAP:
  CurrentTime: 20240405230833.0Z
  SubschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=Pall,DC=local
  DsServiceName: CN=NTDS Settings,CN=PALLDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Pall,DC=local
  NamingContexts:
    CN=Configuration,DC=Pall,DC=local
    CN=Schema,CN=Configuration,DC=Pall,DC=local
    DC=DomainDnsZones,DC=Pall,DC=local
    DC=ForestDnsZones,DC=Pall,DC=local
    DC=Pall,DC=local
  DefaultNamingContext: DC=Pall,DC=local
  SchemaNamingContext: CN=Schema,CN=Configuration,DC=Pall,DC=local
  ConfigurationNamingContext: CN=Configuration,DC=Pall,DC=local
  RootDomainNamingContext: DC=Pall,DC=local
  SupportedControl:
    1.2.840.113556.1.4.1338
    1.2.840.113556.1.4.1339
    1.2.840.113556.1.4.1340
    1.2.840.113556.1.4.1341
    1.2.840.113556.1.4.1413
    1.2.840.113556.1.4.1504
    1.2.840.113556.1.4.1852
    1.2.840.113556.1.4.1907
    1.2.840.113556.1.4.1948
    1.2.840.113556.1.4.1974
    1.2.840.113556.1.4.2026
    1.2.840.113556.1.4.2064
    1.2.840.113556.1.4.2065
    1.2.840.113556.1.4.2066
    1.2.840.113556.1.4.2090
    1.2.840.113556.1.4.2204
    1.2.840.113556.1.4.2205
    1.2.840.113556.1.4.2206
    1.2.840.113556.1.4.2211
    1.2.840.113556.1.4.2239
    1.2.840.113556.1.4.2255
    1.2.840.113556.1.4.2256
    1.2.840.113556.1.4.319
    1.2.840.113556.1.4.417
    1.2.840.113556.1.4.473
    1.2.840.113556.1.4.474
    1.2.840.113556.1.4.521
    1.2.840.113556.1.4.528
    1.2.840.113556.1.4.529
    1.2.840.113556.1.4.619
    1.2.840.113556.1.4.801
    1.2.840.113556.1.4.802
    1.2.840.113556.1.4.805
    1.2.840.113556.1.4.841
    1.2.840.113556.1.4.970
    2.16.840.1.113730.3.4.10
    2.16.840.1.113730.3.4.9
  SupportedLDAPVersion:
    2
    3
  SupportedLDAPPolicies:
    InitRecvTimeout
    MaxBatchReturnMessages
    MaxConnIdleTime
    MaxConnections
    MaxDatagramRecv
    MaxNotificationPerConn
    MaxPageSize
    MaxPercentDirSyncRequests
    MaxPoolThreads
    MaxQueryDuration
    MaxReceiveBuffer
    MaxResultSetSize
    MaxResultSetsPerConn
    MaxTempTableSize
    MaxValRange
    MaxValRangeTransitive
    MinResultSets
    SystemMemoryLimitPercent
    ThreadMemoryLimit
  HighestCommittedUSN: 85693401
  SupportedSASLMechanisms:
    DIGEST-MD5
    EXTERNAL
    GSS-SPNEGO
    GSSAPI
  DnsHostName: PallDC.Pall.local
  LdapServiceName: Pall.local:palldc$@PALL.LOCAL
  ServerName: CN=PALLDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Pall,DC=local
  SupportedCapabilities:
    1.2.840.113556.1.4.1670
    1.2.840.113556.1.4.1791
    1.2.840.113556.1.4.1935
    1.2.840.113556.1.4.2080
    1.2.840.113556.1.4.2237
    1.2.840.113556.1.4.800
  IsSynchronized: TRUE
  IsGlobalCatalogReady: TRUE
  SupportedExtension:
    1.2.840.113556.1.4.1781
    1.2.840.113556.1.4.2212
    1.3.6.1.4.1.1466.101.119.1
    1.3.6.1.4.1.1466.20037
    1.3.6.1.4.1.4203.1.11.3
  DomainFunctionality: 6
  ForestFunctionality: 6

-284940441 | 2024-04-11T04:42:32.481352

3389 / tcp

Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x0f\x08\x00\x02\x00\x00\x00
Remote Desktop Protocol NTLM Info:
  OS: Windows 8.1/Windows Server 2012 R2
  OS Build: 6.3.9600
  Target Name: PALL
  NetBIOS Domain Name: PALL
  NetBIOS Computer Name: PALLDC
  DNS Domain Name: Pall.local
  DNS Tree Name: Pall.local
  FQDN: PallDC.Pall.local

Apyron nonb3oBaTeb
Napane BE
Bxoa B: PALL
i pa a 40H
reer eee Beles
LleHTp O6HOBNeHUMA Windows
AloctynHb! BaxHble O6HOBAEHMA. UTO6bI yCTaHOBUTb
ux, nepevaute K NapaMeTpamM KOMNMbIcTepa.
gm Windows Server 2012 R2 ENG

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            17:58:2d:d2:6f:9b:26:a9:4c:f6:1d:c7:c1:19:81:91
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=PallDC.Pall.local
        Validity
            Not Before: Jan 30 01:40:47 2024 GMT
            Not After : Jul 31 01:40:47 2024 GMT
        Subject: CN=PallDC.Pall.local
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:98:ce:aa:3b:8c:04:9d:e7:0c:dd:15:de:42:2b:
                    e4:07:4b:34:03:3d:5b:c2:5f:09:5d:06:53:54:3f:
                    92:5c:e3:5c:94:06:72:0b:02:d9:7e:f0:7e:99:b8:
                    6a:73:a2:5a:7e:63:01:a5:fd:47:5a:c6:f3:f7:e6:
                    a3:20:a0:8c:37:7d:be:a2:8e:82:89:0e:ab:9e:db:
                    f9:13:47:a9:05:0c:82:a0:c7:b9:72:5b:0d:08:f5:
                    d1:52:15:7d:13:e2:9f:32:33:b5:74:43:a0:31:85:
                    db:91:7a:0a:36:e0:7c:ab:c9:3f:bb:7e:6b:f1:26:
                    95:8a:67:48:87:7c:96:d2:ed:a4:e2:bb:22:e9:3e:
                    83:6c:b5:82:47:e6:36:55:20:6b:26:47:a0:a5:59:
                    cb:81:82:16:2f:8c:c4:e5:cb:88:4a:f5:ac:ed:e7:
                    5c:82:d9:3a:23:bf:6d:87:67:00:b4:0a:3b:76:35:
                    39:8b:7e:3d:33:9c:31:8e:16:f4:b2:a3:51:ec:eb:
                    92:f5:75:21:58:7f:76:c6:4e:2c:4a:f0:86:bd:ba:
                    db:42:f8:bb:a5:52:bd:e5:de:a1:a0:c2:ab:a1:5b:
                    1a:06:a4:2e:19:5e:9e:8d:70:40:b0:db:1a:5d:f9:
                    90:71:0a:30:ab:6b:70:2c:fe:f8:52:20:69:54:0a:
                    32:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Key Usage: 
                Key Encipherment, Data Encipherment
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        23:da:e9:f1:b8:ec:50:a6:8c:02:13:c5:1a:31:ec:86:74:87:
        90:97:d0:09:11:1f:6d:44:cd:43:5f:b2:10:1f:84:a2:be:29:
        63:c5:fc:cb:da:e8:44:12:db:89:ad:33:74:56:aa:f7:cf:b3:
        a5:8a:65:a4:57:9e:95:bf:03:46:da:97:54:1d:c7:99:63:0e:
        8f:32:c5:93:2f:42:aa:ba:f1:ad:7e:1e:d8:7d:51:7b:c1:25:
        ee:07:a4:5a:1f:cd:65:0d:bd:7e:b2:3d:5a:42:ad:a0:07:b8:
        87:22:03:f9:43:e1:03:11:73:64:60:ea:b2:48:9c:9a:74:03:
        ed:75:ec:0b:ca:42:31:98:ab:68:42:5c:e2:d2:ab:f3:ac:11:
        ba:9e:32:6e:85:8a:b4:52:d8:c8:14:4c:31:81:f5:2e:1d:06:
        68:cf:10:4b:32:a4:e5:8f:08:80:1e:e5:4a:79:e8:27:2d:47:
        ba:a7:f1:18:60:38:68:e6:9f:e5:87:09:5f:68:51:14:bf:b3:
        40:7f:45:a4:0c:aa:4c:ba:b7:19:ee:73:44:2b:86:4c:4c:b2:
        64:26:09:e0:ac:85:ee:c9:15:66:30:cb:4e:9b:5c:55:ac:1e:
        37:81:cb:2d:e0:9f:16:53:03:05:6d:cc:cc:b6:48:5a:83:6c:
        9a:d3:3f:06

185.167.99.88

Last Seen: 2024-04-23

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-553166942 | 2024-04-10T17:35:10.805971
53 / tcp

-553166942 | 2024-04-10T06:21:04.069407
53 / udp

1138219898 | 2024-04-17T06:33:09.500263
80 / tcp

Microsoft IIS httpd8.5

641825263 | 2024-04-23T12:14:01.857405
88 / udp

Windows 2003 Kerberos

2014741438 | 2024-04-20T22:39:29.547730
123 / udp

-730779271 | 2024-04-15T07:48:25.897062
135 / tcp

Microsoft RPC Endpoint Mapper

1690952096 | 2024-04-19T17:29:00.377292
389 / tcp

1591477881 | 2024-04-19T17:37:32.237502
389 / udp

-1413703094 | 2024-04-20T08:31:58.206966
445 / tcp

1842484578 | 2024-04-22T19:52:03.541715
593 / tcp

Microsoft RPC Endpoint Mapper over HTTP

-424820031 | 2024-04-05T23:08:31.703354
3268 / tcp

-284940441 | 2024-04-11T04:42:32.481352
3389 / tcp

Remote Desktop Protocol

Products

Pricing

Contact Us

185.167.99.88

Last Seen: 2024-04-23

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-553166942 | 2024-04-10T17:35:10.805971 53 / tcp

-553166942 | 2024-04-10T06:21:04.069407 53 / udp

1138219898 | 2024-04-17T06:33:09.500263 80 / tcp

Microsoft IIS httpd8.5

641825263 | 2024-04-23T12:14:01.857405 88 / udp

Windows 2003 Kerberos

2014741438 | 2024-04-20T22:39:29.547730 123 / udp

-730779271 | 2024-04-15T07:48:25.897062 135 / tcp

Microsoft RPC Endpoint Mapper

1690952096 | 2024-04-19T17:29:00.377292 389 / tcp

1591477881 | 2024-04-19T17:37:32.237502 389 / udp

-1413703094 | 2024-04-20T08:31:58.206966 445 / tcp

1842484578 | 2024-04-22T19:52:03.541715 593 / tcp

Microsoft RPC Endpoint Mapper over HTTP

-424820031 | 2024-04-05T23:08:31.703354 3268 / tcp

-284940441 | 2024-04-11T04:42:32.481352 3389 / tcp

Remote Desktop Protocol

Products

Pricing

Contact Us

-553166942 | 2024-04-10T17:35:10.805971
53 / tcp

-553166942 | 2024-04-10T06:21:04.069407
53 / udp

1138219898 | 2024-04-17T06:33:09.500263
80 / tcp

641825263 | 2024-04-23T12:14:01.857405
88 / udp

2014741438 | 2024-04-20T22:39:29.547730
123 / udp

-730779271 | 2024-04-15T07:48:25.897062
135 / tcp

1690952096 | 2024-04-19T17:29:00.377292
389 / tcp

1591477881 | 2024-04-19T17:37:32.237502
389 / udp

-1413703094 | 2024-04-20T08:31:58.206966
445 / tcp

1842484578 | 2024-04-22T19:52:03.541715
593 / tcp

-424820031 | 2024-04-05T23:08:31.703354
3268 / tcp

-284940441 | 2024-04-11T04:42:32.481352
3389 / tcp