-553166942 | 2024-04-10T05:29:32.787178
53 /
tcp
-553166942 | 2024-04-24T19:54:51.393273
53 /
udp
-119375469 | 2024-04-18T18:30:57.663848
80 /
tcp
HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Wed, 29 Mar 2017 16:48:53 GMT
Accept-Ranges: bytes
ETag: "62477a59aca8d21:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Thu, 18 Apr 2024 18:30:59 GMT
Content-Length: 689
-1292732853 | 2024-04-13T11:10:14.744226
135 /
tcp
Microsoft RPC Endpoint Mapper
d95afe70-a6d5-4259-822e-2c84da1ddb0d
version: v1.0
protocol: [MS-RSP]: Remote Shutdown Protocol
provider: wininit.exe
ncacn_ip_tcp: 23.229.88.50:1025
ncalrpc: WindowsShutdown
ncacn_np: \\WIN-2PU0617LLI8\PIPE\InitShutdown
ncalrpc: WMsgKRpc0287C50
76f226c3-ec14-4325-8a99-6a46348418af
version: v1.0
provider: winlogon.exe
ncalrpc: WindowsShutdown
ncacn_np: \\WIN-2PU0617LLI8\PIPE\InitShutdown
ncalrpc: WMsgKRpc0287C50
ncalrpc: WMsgKRpc02900E1
ncalrpc: WMsgKRpc06993C3
c9ac6db5-82b7-4e55-ae8a-e464ed7b4277
version: v1.0
annotation: Impl friendly name
provider: sysntfy.dll
ncalrpc: LRPC-720e6a8f5ea7b32fe4
ncacn_np: \\WIN-2PU0617LLI8\PIPE\srvsvc
ncacn_ip_tcp: 23.229.88.50:1028
ncacn_np: \\WIN-2PU0617LLI8\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLED9FC2FD227074125AF0379464EF1
ncalrpc: IUserProfile2
ncalrpc: senssvc
ncalrpc: OLED9FC2FD227074125AF0379464EF1
ncalrpc: IUserProfile2
ncalrpc: OLED9FC2FD227074125AF0379464EF1
ncalrpc: IUserProfile2
ncalrpc: IUserProfile2
12e65dd8-887f-41ef-91bf-8d816c42c2e7
version: v1.0
annotation: Secure Desktop LRPC interface
provider: winlogon.exe
ncalrpc: WMsgKRpc02900E1
30adc50c-5cbc-46ce-9a0e-91914789e23c
version: v1.0
annotation: NRP server endpoint
provider: nrpsrv.dll
ncalrpc: dhcpcsvc
ncalrpc: dhcpcsvc6
ncacn_ip_tcp: 23.229.88.50:1026
ncacn_np: \\WIN-2PU0617LLI8\pipe\eventlog
ncalrpc: eventlog
3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5
version: v1.0
annotation: DHCP Client LRPC Endpoint
provider: dhcpcsvc.dll
ncalrpc: dhcpcsvc
ncalrpc: dhcpcsvc6
ncacn_ip_tcp: 23.229.88.50:1026
ncacn_np: \\WIN-2PU0617LLI8\pipe\eventlog
ncalrpc: eventlog
3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6
version: v1.0
annotation: DHCPv6 Client LRPC Endpoint
provider: dhcpcsvc6.dll
ncalrpc: dhcpcsvc6
ncacn_ip_tcp: 23.229.88.50:1026
ncacn_np: \\WIN-2PU0617LLI8\pipe\eventlog
ncalrpc: eventlog
f6beaff7-1e19-4fbb-9f8f-b89e2018337c
version: v1.0
annotation: Event log TCPIP
protocol: [MS-EVEN6]: EventLog Remoting Protocol
provider: wevtsvc.dll
ncacn_ip_tcp: 23.229.88.50:1026
ncacn_np: \\WIN-2PU0617LLI8\pipe\eventlog
ncalrpc: eventlog
58e604e8-9adb-4d2e-a464-3b0683fb1480
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncacn_np: \\WIN-2PU0617LLI8\PIPE\srvsvc
ncacn_ip_tcp: 23.229.88.50:1028
ncacn_np: \\WIN-2PU0617LLI8\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLED9FC2FD227074125AF0379464EF1
ncalrpc: IUserProfile2
fd7a0523-dc70-43dd-9b2e-9c5ed48225b1
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncacn_np: \\WIN-2PU0617LLI8\PIPE\srvsvc
ncacn_ip_tcp: 23.229.88.50:1028
ncacn_np: \\WIN-2PU0617LLI8\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLED9FC2FD227074125AF0379464EF1
ncalrpc: IUserProfile2
5f54ce7d-5b79-4175-8584-cb65313a0e98
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncacn_np: \\WIN-2PU0617LLI8\PIPE\srvsvc
ncacn_ip_tcp: 23.229.88.50:1028
ncacn_np: \\WIN-2PU0617LLI8\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLED9FC2FD227074125AF0379464EF1
ncalrpc: IUserProfile2
201ef99a-7fa0-444c-9399-19ba84f12a1a
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncacn_np: \\WIN-2PU0617LLI8\PIPE\srvsvc
ncacn_ip_tcp: 23.229.88.50:1028
ncacn_np: \\WIN-2PU0617LLI8\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLED9FC2FD227074125AF0379464EF1
ncalrpc: IUserProfile2
30b044a5-a225-43f0-b3a4-e060df91f9c1
version: v1.0
provider: certprop.dll
ncacn_np: \\WIN-2PU0617LLI8\PIPE\srvsvc
ncacn_ip_tcp: 23.229.88.50:1028
ncacn_np: \\WIN-2PU0617LLI8\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLED9FC2FD227074125AF0379464EF1
ncalrpc: IUserProfile2
98716d03-89ac-44c7-bb8c-285824e51c4a
version: v1.0
annotation: XactSrv service
provider: srvsvc.dll
ncacn_ip_tcp: 23.229.88.50:1028
ncacn_np: \\WIN-2PU0617LLI8\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLED9FC2FD227074125AF0379464EF1
ncalrpc: IUserProfile2
552d076a-cb29-4e44-8b6a-d15e59e2c0af
version: v1.0
annotation: IP Transition Configuration endpoint
provider: iphlpsvc.dll
ncacn_ip_tcp: 23.229.88.50:1028
ncacn_np: \\WIN-2PU0617LLI8\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLED9FC2FD227074125AF0379464EF1
ncalrpc: IUserProfile2
86d35949-83c9-4044-b424-db363231fd0c
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: schedsvc.dll
ncacn_ip_tcp: 23.229.88.50:1028
ncacn_np: \\WIN-2PU0617LLI8\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLED9FC2FD227074125AF0379464EF1
ncalrpc: IUserProfile2
378e52b0-c0a9-11cf-822d-00aa0051e40f
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: taskcomp.dll
ncacn_np: \\WIN-2PU0617LLI8\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLED9FC2FD227074125AF0379464EF1
ncalrpc: IUserProfile2
1ff70682-0a51-30e8-076d-740be8cee98b
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: taskcomp.dll
ncacn_np: \\WIN-2PU0617LLI8\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLED9FC2FD227074125AF0379464EF1
ncalrpc: IUserProfile2
0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53
version: v1.0
provider: schedsvc.dll
ncalrpc: senssvc
ncalrpc: OLED9FC2FD227074125AF0379464EF1
ncalrpc: IUserProfile2
2eb08e3e-639f-4fba-97b1-14f878961076
version: v1.0
provider: gpsvc.dll
ncalrpc: OLED9FC2FD227074125AF0379464EF1
ncalrpc: IUserProfile2
3473dd4d-2e88-4006-9cba-22570909dd10
version: v5.256
annotation: WinHttp Auto-Proxy Service
ncacn_np: \\WIN-2PU0617LLI8\PIPE\W32TIME_ALT
ncalrpc: W32TIME_ALT
ncalrpc: LRPC-2945bd1e837f46292f
ncalrpc: OLE68DF05917431471AB6F1774F0634
7ea70bcf-48af-4f6a-8968-6a440754d5fa
version: v1.0
annotation: NSI server endpoint
provider: nsisvc.dll
ncalrpc: LRPC-2945bd1e837f46292f
ncalrpc: OLE68DF05917431471AB6F1774F0634
12345778-1234-abcd-ef00-0123456789ac
version: v1.0
protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
provider: samsrv.dll
ncacn_ip_tcp: 23.229.88.50:1027
ncalrpc: samss lpc
ncalrpc: dsrole
ncacn_np: \\WIN-2PU0617LLI8\PIPE\protected_storage
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncalrpc: LRPC-cc33b22e2ef03faf72
ncacn_np: \\WIN-2PU0617LLI8\pipe\lsass
2fb92682-6599-42dc-ae13-bd2ca89bd11c
version: v1.0
annotation: Fw APIs
provider: MPSSVC.dll
ncalrpc: LRPC-d1e781f82c2a787ccd
7f9d11bf-7fb9-436b-a812-b2d50c5d4c03
version: v1.0
annotation: Fw APIs
provider: MPSSVC.dll
ncalrpc: LRPC-d1e781f82c2a787ccd
dd490425-5325-4565-b774-7e27d6c09c24
version: v1.0
annotation: Base Firewall Engine API
provider: BFE.DLL
ncalrpc: LRPC-d1e781f82c2a787ccd
7f1343fe-50a9-4927-a778-0c5859517bac
version: v1.0
annotation: DfsDs service
ncacn_np: \\WIN-2PU0617LLI8\PIPE\wkssvc
ncalrpc: DNSResolver
4a452661-8290-4b36-8fbe-7f4093a94978
version: v1.0
annotation: Spooler function endpoint
provider: spoolsv.exe
ncalrpc: spoolss
ae33069b-a2a8-46ee-a235-ddfd339be281
version: v1.0
annotation: Spooler base remote object endpoint
protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
provider: spoolsv.exe
ncalrpc: spoolss
0b6edbfa-4a24-4fc6-8a23-942b1eca65d1
version: v1.0
annotation: Spooler function endpoint
protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
provider: spoolsv.exe
ncalrpc: spoolss
367abb81-9844-35f1-ad32-98f038001003
version: v2.0
protocol: [MS-SCMR]: Service Control Manager Remote Protocol
provider: services.exe
ncacn_ip_tcp: 23.229.88.50:1052
12345678-1234-abcd-ef00-0123456789ab
version: v1.0
annotation: IPSec Policy agent endpoint
protocol: [MS-RPRN]: Print System Remote Protocol
provider: spoolsv.exe
ncalrpc: LRPC-ab47c7ab0c15311015
24019106-a203-4642-b88d-82dae9158929
version: v1.0
provider: authui.dll
ncalrpc: LRPC-5e1e2a0264561397d8
906b0ce0-c70b-1067-b317-00dd010662da
version: v1.0
protocol: [MS-CMPO]: MSDTC Connection Manager:
provider: msdtcprx.dll
ncalrpc: LRPC-189da9e82d1409ab9f
ncalrpc: LRPC-189da9e82d1409ab9f
ncalrpc: LRPC-189da9e82d1409ab9f
ncalrpc: LRPC-189da9e82d1409ab9f
1641389631 | 2024-04-12T09:04:44.737405
445 /
tcp
SMB Status:
Authentication: enabled
SMB Version: 1
OS: Windows Server 2008 R2 Standard 7601 Service Pack 1
Software: Windows Server 2008 R2 Standard 6.1
Capabilities: extended-security, infolevel-passthru, large-files, large-readx, large-writex, level2-oplocks, lock-and-read, lwio, nt-find, nt-smb, nt-status, rpc-remote-api, unicode
-1278455031 | 2024-04-09T12:11:34.491847
3306 /
tcp
MySQL:
Protocol Version: 10
Version: 5.7.17-log
Capabilities: 63487
Server Language: 33
Server Status: 2
Extended Server Capabilities: 33279
Authentication Plugin: mysql_native_password
