93415985 | 2024-06-01T07:40:02.447295
135 /
tcp
Microsoft RPC Endpoint Mapper
d95afe70-a6d5-4259-822e-2c84da1ddb0d
version: v1.0
protocol: [MS-RSP]: Remote Shutdown Protocol
provider: wininit.exe
ncacn_ip_tcp: 23.94.28.162:49152
ncalrpc: WindowsShutdown
ncacn_np: \\DESKTOP57495\PIPE\InitShutdown
ncalrpc: WMsgKRpc084B10
76f226c3-ec14-4325-8a99-6a46348418af
version: v1.0
provider: winlogon.exe
ncalrpc: WindowsShutdown
ncacn_np: \\DESKTOP57495\PIPE\InitShutdown
ncalrpc: WMsgKRpc084B10
ncalrpc: WMsgKRpc086BC1
ncalrpc: WMsgKRpc0C5A8682
9b008953-f195-4bf9-bde0-4471971e58ed
version: v1.0
ncalrpc: dabrpc
ncalrpc: LRPC-4e6608e850aa22fd66
ncacn_np: \\DESKTOP57495\pipe\LSM_API_service
ncalrpc: LSMApi
ncalrpc: LRPC-889576a8f3c5d3480c
ncalrpc: actkernel
ncalrpc: umpo
0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e
version: v1.0
ncalrpc: dabrpc
ncalrpc: LRPC-4e6608e850aa22fd66
ncacn_np: \\DESKTOP57495\pipe\LSM_API_service
ncalrpc: LSMApi
ncalrpc: LRPC-889576a8f3c5d3480c
ncalrpc: actkernel
ncalrpc: umpo
c605f9fb-f0a3-4e2a-a073-73560f8d9e3e
version: v1.0
ncalrpc: dabrpc
ncalrpc: LRPC-4e6608e850aa22fd66
ncacn_np: \\DESKTOP57495\pipe\LSM_API_service
ncalrpc: LSMApi
ncalrpc: LRPC-889576a8f3c5d3480c
ncalrpc: actkernel
ncalrpc: umpo
1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0
version: v1.0
ncalrpc: dabrpc
ncalrpc: LRPC-4e6608e850aa22fd66
ncacn_np: \\DESKTOP57495\pipe\LSM_API_service
ncalrpc: LSMApi
ncalrpc: LRPC-889576a8f3c5d3480c
ncalrpc: actkernel
ncalrpc: umpo
8bfc3be1-6def-4e2d-af74-7c47cd0ade4a
version: v1.0
ncalrpc: dabrpc
ncalrpc: LRPC-4e6608e850aa22fd66
ncacn_np: \\DESKTOP57495\pipe\LSM_API_service
ncalrpc: LSMApi
ncalrpc: LRPC-889576a8f3c5d3480c
ncalrpc: actkernel
ncalrpc: umpo
2d98a740-581d-41b9-aa0d-a88b9d5ce938
version: v1.0
ncalrpc: dabrpc
ncalrpc: LRPC-4e6608e850aa22fd66
ncacn_np: \\DESKTOP57495\pipe\LSM_API_service
ncalrpc: LSMApi
ncalrpc: LRPC-889576a8f3c5d3480c
ncalrpc: actkernel
ncalrpc: umpo
bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760
version: v1.0
ncalrpc: dabrpc
ncalrpc: LRPC-4e6608e850aa22fd66
ncacn_np: \\DESKTOP57495\pipe\LSM_API_service
ncalrpc: LSMApi
ncalrpc: LRPC-889576a8f3c5d3480c
ncalrpc: actkernel
ncalrpc: umpo
3b338d89-6cfa-44b8-847e-531531bc9992
version: v1.0
ncalrpc: dabrpc
ncalrpc: LRPC-4e6608e850aa22fd66
ncacn_np: \\DESKTOP57495\pipe\LSM_API_service
ncalrpc: LSMApi
ncalrpc: LRPC-889576a8f3c5d3480c
ncalrpc: actkernel
ncalrpc: umpo
8782d3b9-ebbd-4644-a3d8-e8725381919b
version: v1.0
ncalrpc: dabrpc
ncalrpc: LRPC-4e6608e850aa22fd66
ncacn_np: \\DESKTOP57495\pipe\LSM_API_service
ncalrpc: LSMApi
ncalrpc: LRPC-889576a8f3c5d3480c
ncalrpc: actkernel
ncalrpc: umpo
085b0334-e454-4d91-9b8c-4134f9e793f3
version: v1.0
ncalrpc: dabrpc
ncalrpc: LRPC-4e6608e850aa22fd66
ncacn_np: \\DESKTOP57495\pipe\LSM_API_service
ncalrpc: LSMApi
ncalrpc: LRPC-889576a8f3c5d3480c
ncalrpc: actkernel
ncalrpc: umpo
4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9
version: v1.0
ncalrpc: dabrpc
ncalrpc: LRPC-4e6608e850aa22fd66
ncacn_np: \\DESKTOP57495\pipe\LSM_API_service
ncalrpc: LSMApi
ncalrpc: LRPC-889576a8f3c5d3480c
ncalrpc: actkernel
ncalrpc: umpo
5c9a4cd7-ba75-45d2-9898-1773b3d1e5f1
version: v1.0
annotation: Device Install Service RPC Interface
ncalrpc: LRPC-6ea2634ef25f235312
697dcda9-3ba9-4eb2-9247-e11f1901b0d2
version: v1.0
ncalrpc: LRPC-4e6608e850aa22fd66
ncacn_np: \\DESKTOP57495\pipe\LSM_API_service
ncalrpc: LSMApi
ncalrpc: LRPC-889576a8f3c5d3480c
ncalrpc: actkernel
ncalrpc: umpo
c9ac6db5-82b7-4e55-ae8a-e464ed7b4277
version: v1.0
annotation: Impl friendly name
provider: sysntfy.dll
ncalrpc: LRPC-889576a8f3c5d3480c
ncalrpc: actkernel
ncalrpc: umpo
ncalrpc: DeviceSetupManager
ncacn_np: \\DESKTOP57495\PIPE\srvsvc
ncacn_ip_tcp: 23.94.28.162:49156
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\DESKTOP57495\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE62FF8833F018965698E4754E8AB0
ncalrpc: IUserProfile2
ncalrpc: senssvc
ncalrpc: OLE62FF8833F018965698E4754E8AB0
ncalrpc: IUserProfile2
ncalrpc: IUserProfile2
ncalrpc: IUserProfile2
b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86
version: v2.0
annotation: KeyIso
ncacn_ip_tcp: 23.94.28.162:49153
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\DESKTOP57495\pipe\lsass
12345778-1234-abcd-ef00-0123456789ac
version: v1.0
protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
provider: samsrv.dll
ncacn_ip_tcp: 23.94.28.162:49153
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\DESKTOP57495\pipe\lsass
abfb6ca3-0c5e-4734-9285-0aee72fe8d1c
version: v1.0
annotation: Wcm Service
ncalrpc: LRPC-8d89316908796347f2
ncalrpc: dhcpcsvc
ncalrpc: dhcpcsvc6
ncacn_ip_tcp: 23.94.28.162:49154
ncacn_np: \\DESKTOP57495\pipe\eventlog
ncalrpc: eventlog
30adc50c-5cbc-46ce-9a0e-91914789e23c
version: v1.0
annotation: NRP server endpoint
provider: nrpsrv.dll
ncalrpc: LRPC-8d89316908796347f2
ncalrpc: dhcpcsvc
ncalrpc: dhcpcsvc6
ncacn_ip_tcp: 23.94.28.162:49154
ncacn_np: \\DESKTOP57495\pipe\eventlog
ncalrpc: eventlog
3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5
version: v1.0
annotation: DHCP Client LRPC Endpoint
provider: dhcpcsvc.dll
ncalrpc: dhcpcsvc
ncalrpc: dhcpcsvc6
ncacn_ip_tcp: 23.94.28.162:49154
ncacn_np: \\DESKTOP57495\pipe\eventlog
ncalrpc: eventlog
3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6
version: v1.0
annotation: DHCPv6 Client LRPC Endpoint
provider: dhcpcsvc6.dll
ncalrpc: dhcpcsvc6
ncacn_ip_tcp: 23.94.28.162:49154
ncacn_np: \\DESKTOP57495\pipe\eventlog
ncalrpc: eventlog
f6beaff7-1e19-4fbb-9f8f-b89e2018337c
version: v1.0
annotation: Event log TCPIP
protocol: [MS-EVEN6]: EventLog Remoting Protocol
provider: wevtsvc.dll
ncacn_ip_tcp: 23.94.28.162:49154
ncacn_np: \\DESKTOP57495\pipe\eventlog
ncalrpc: eventlog
3473dd4d-2e88-4006-9cba-22570909dd10
version: v5.256
annotation: WinHttp Auto-Proxy Service
ncacn_np: \\DESKTOP57495\PIPE\W32TIME_ALT
ncalrpc: W32TIME_ALT
ncalrpc: OLE5F6B778679E7B2B7042773FCA100
ncalrpc: LRPC-2a9d66f3b13febb425
da5a86c5-12c2-4943-ab30-7f74a813d853
version: v1.0
annotation: RemoteRegistry Perflib Interface
protocol: [MS-PCQ]: Performance Counter Query Protocol
provider: regsvc.dll
ncacn_np: \\DESKTOP57495\PIPE\winreg
7ea70bcf-48af-4f6a-8968-6a440754d5fa
version: v1.0
annotation: NSI server endpoint
provider: nsisvc.dll
ncalrpc: LRPC-2a9d66f3b13febb425
58e604e8-9adb-4d2e-a464-3b0683fb1480
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncacn_np: \\DESKTOP57495\pipe\SessEnvPublicRpc
ncalrpc: SessEnvPrivateRpc
ncalrpc: LRPC-b905353c40eb622411
ncalrpc: DeviceSetupManager
ncacn_np: \\DESKTOP57495\PIPE\srvsvc
ncacn_ip_tcp: 23.94.28.162:49156
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\DESKTOP57495\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE62FF8833F018965698E4754E8AB0
ncalrpc: IUserProfile2
fd7a0523-dc70-43dd-9b2e-9c5ed48225b1
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncacn_np: \\DESKTOP57495\pipe\SessEnvPublicRpc
ncalrpc: SessEnvPrivateRpc
ncalrpc: LRPC-b905353c40eb622411
ncalrpc: DeviceSetupManager
ncacn_np: \\DESKTOP57495\PIPE\srvsvc
ncacn_ip_tcp: 23.94.28.162:49156
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\DESKTOP57495\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE62FF8833F018965698E4754E8AB0
ncalrpc: IUserProfile2
5f54ce7d-5b79-4175-8584-cb65313a0e98
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncacn_np: \\DESKTOP57495\pipe\SessEnvPublicRpc
ncalrpc: SessEnvPrivateRpc
ncalrpc: LRPC-b905353c40eb622411
ncalrpc: DeviceSetupManager
ncacn_np: \\DESKTOP57495\PIPE\srvsvc
ncacn_ip_tcp: 23.94.28.162:49156
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\DESKTOP57495\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE62FF8833F018965698E4754E8AB0
ncalrpc: IUserProfile2
201ef99a-7fa0-444c-9399-19ba84f12a1a
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncacn_np: \\DESKTOP57495\pipe\SessEnvPublicRpc
ncalrpc: SessEnvPrivateRpc
ncalrpc: LRPC-b905353c40eb622411
ncalrpc: DeviceSetupManager
ncacn_np: \\DESKTOP57495\PIPE\srvsvc
ncacn_ip_tcp: 23.94.28.162:49156
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\DESKTOP57495\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE62FF8833F018965698E4754E8AB0
ncalrpc: IUserProfile2
30b044a5-a225-43f0-b3a4-e060df91f9c1
version: v1.0
provider: certprop.dll
ncalrpc: LRPC-b905353c40eb622411
ncalrpc: DeviceSetupManager
ncacn_np: \\DESKTOP57495\PIPE\srvsvc
ncacn_ip_tcp: 23.94.28.162:49156
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\DESKTOP57495\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE62FF8833F018965698E4754E8AB0
ncalrpc: IUserProfile2
1a0d010f-1c33-432c-b0f5-8cf4e8053099
version: v1.0
annotation: IdSegSrv service
ncacn_ip_tcp: 23.94.28.162:49156
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\DESKTOP57495\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE62FF8833F018965698E4754E8AB0
ncalrpc: IUserProfile2
98716d03-89ac-44c7-bb8c-285824e51c4a
version: v1.0
annotation: XactSrv service
provider: srvsvc.dll
ncacn_ip_tcp: 23.94.28.162:49156
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\DESKTOP57495\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE62FF8833F018965698E4754E8AB0
ncalrpc: IUserProfile2
c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1
version: v1.0
annotation: Adh APIs
ncacn_ip_tcp: 23.94.28.162:49156
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\DESKTOP57495\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE62FF8833F018965698E4754E8AB0
ncalrpc: IUserProfile2
c36be077-e14b-4fe9-8abc-e856ef4f048b
version: v1.0
annotation: Proxy Manager client server endpoint
ncacn_ip_tcp: 23.94.28.162:49156
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\DESKTOP57495\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE62FF8833F018965698E4754E8AB0
ncalrpc: IUserProfile2
2e6035b2-e8f1-41a7-a044-656b439c4c34
version: v1.0
annotation: Proxy Manager provider server endpoint
ncacn_ip_tcp: 23.94.28.162:49156
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\DESKTOP57495\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE62FF8833F018965698E4754E8AB0
ncalrpc: IUserProfile2
552d076a-cb29-4e44-8b6a-d15e59e2c0af
version: v1.0
annotation: IP Transition Configuration endpoint
provider: iphlpsvc.dll
ncacn_ip_tcp: 23.94.28.162:49156
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\DESKTOP57495\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE62FF8833F018965698E4754E8AB0
ncalrpc: IUserProfile2
a398e520-d59a-4bdd-aa7a-3c1e0303a511
version: v1.0
annotation: IKE/Authip API
provider: IKEEXT.DLL
ncacn_ip_tcp: 23.94.28.162:49156
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\DESKTOP57495\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE62FF8833F018965698E4754E8AB0
ncalrpc: IUserProfile2
3a9ef155-691d-4449-8d05-09ad57031823
version: v1.0
ncacn_ip_tcp: 23.94.28.162:49156
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\DESKTOP57495\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE62FF8833F018965698E4754E8AB0
ncalrpc: IUserProfile2
86d35949-83c9-4044-b424-db363231fd0c
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: schedsvc.dll
ncacn_ip_tcp: 23.94.28.162:49156
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\DESKTOP57495\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE62FF8833F018965698E4754E8AB0
ncalrpc: IUserProfile2
378e52b0-c0a9-11cf-822d-00aa0051e40f
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: taskcomp.dll
ncacn_np: \\DESKTOP57495\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE62FF8833F018965698E4754E8AB0
ncalrpc: IUserProfile2
1ff70682-0a51-30e8-076d-740be8cee98b
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: taskcomp.dll
ncacn_np: \\DESKTOP57495\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE62FF8833F018965698E4754E8AB0
ncalrpc: IUserProfile2
0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53
version: v1.0
provider: schedsvc.dll
ncalrpc: senssvc
ncalrpc: OLE62FF8833F018965698E4754E8AB0
ncalrpc: IUserProfile2
2eb08e3e-639f-4fba-97b1-14f878961076
version: v1.0
annotation: Group Policy RPC Interface
provider: gpsvc.dll
ncalrpc: LRPC-9a1b65983e1af33d34
2fb92682-6599-42dc-ae13-bd2ca89bd11c
version: v1.0
annotation: Fw APIs
provider: MPSSVC.dll
ncalrpc: LRPC-10ebc71b0480a5130b
ncalrpc: LRPC-dd6eb36fd68eb88f3f
f47433c3-3e9d-4157-aad4-83aa1f5c2d4c
version: v1.0
annotation: Fw APIs
ncalrpc: LRPC-10ebc71b0480a5130b
ncalrpc: LRPC-dd6eb36fd68eb88f3f
7f9d11bf-7fb9-436b-a812-b2d50c5d4c03
version: v1.0
annotation: Fw APIs
provider: MPSSVC.dll
ncalrpc: LRPC-10ebc71b0480a5130b
ncalrpc: LRPC-dd6eb36fd68eb88f3f
dd490425-5325-4565-b774-7e27d6c09c24
version: v1.0
annotation: Base Firewall Engine API
provider: BFE.DLL
ncalrpc: LRPC-dd6eb36fd68eb88f3f
7f1343fe-50a9-4927-a778-0c5859517bac
version: v1.0
annotation: DfsDs service
ncacn_np: \\DESKTOP57495\PIPE\wkssvc
ncalrpc: OLE0B662E6C2C2CCA2518150356E340
ncalrpc: DNSResolver
ncalrpc: nlaapi
ncalrpc: nlaplg
ncalrpc: keysvc
eb081a0d-10ee-478a-a1dd-50995283e7a8
version: v3.0
annotation: Witness Client Test Interface
ncalrpc: OLE0B662E6C2C2CCA2518150356E340
ncalrpc: DNSResolver
ncalrpc: nlaapi
ncalrpc: nlaplg
ncalrpc: keysvc
f2c9b409-c1c9-4100-8639-d8ab1486694a
version: v1.0
annotation: Witness Client Upcall Server
ncalrpc: OLE0B662E6C2C2CCA2518150356E340
ncalrpc: DNSResolver
ncalrpc: nlaapi
ncalrpc: nlaplg
ncalrpc: keysvc
76f03f96-cdfd-44fc-a22c-64950a001209
version: v1.0
protocol: [MS-PAR]: Print System Asynchronous Remote Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 23.94.28.162:49157
ncalrpc: LRPC-0509a188db8016ba6c
4a452661-8290-4b36-8fbe-7f4093a94978
version: v1.0
provider: spoolsv.exe
ncacn_ip_tcp: 23.94.28.162:49157
ncalrpc: LRPC-0509a188db8016ba6c
ae33069b-a2a8-46ee-a235-ddfd339be281
version: v1.0
protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 23.94.28.162:49157
ncalrpc: LRPC-0509a188db8016ba6c
0b6edbfa-4a24-4fc6-8a23-942b1eca65d1
version: v1.0
protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 23.94.28.162:49157
ncalrpc: LRPC-0509a188db8016ba6c
12345678-1234-abcd-ef00-0123456789ab
version: v1.0
protocol: [MS-RPRN]: Print System Remote Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 23.94.28.162:49157
ncalrpc: LRPC-0509a188db8016ba6c
367abb81-9844-35f1-ad32-98f038001003
version: v2.0
protocol: [MS-SCMR]: Service Control Manager Remote Protocol
provider: services.exe
ncacn_ip_tcp: 23.94.28.162:49158
6b5bdd1e-528c-422c-af8c-a4079be4fe48
version: v1.0
annotation: Remote Fw APIs
protocol: [MS-FASP]: Firewall and Advanced Security Protocol
provider: FwRemoteSvr.dll
ncacn_ip_tcp: 23.94.28.162:49159
906b0ce0-c70b-1067-b317-00dd010662da
version: v1.0
protocol: [MS-CMPO]: MSDTC Connection Manager:
provider: msdtcprx.dll
ncalrpc: LRPC-4c53d0df7a5bdf0c11
ncalrpc: OLEC4CE637EB691C5CF119FB9EE49E6
ncalrpc: LRPC-42f6b5b591bbe93cfb
ncalrpc: LRPC-42f6b5b591bbe93cfb
ncalrpc: LRPC-42f6b5b591bbe93cfb
b2507c30-b126-494a-92ac-ee32b6eeb039
version: v1.0
ncalrpc: LRPC-4cc1f4ef889dea0c12
12e65dd8-887f-41ef-91bf-8d816c42c2e7
version: v1.0
annotation: Secure Desktop LRPC interface
provider: winlogon.exe
ncalrpc: WMsgKRpc0C5A8682
627562815 | 2024-05-29T21:33:17.318636
137 /
udp
NetBIOS Response:
Server Name: DESKTOP57495
MAC Address: 00:50:56:89:00:B4
Names:
WORKGROUP <0x0>
DESKTOP57495 <0x0>
DESKTOP57495 <0x20>MAC Addresses
00:50:56:89:00:B4
OUI: 00:50:56
Organization: VMware, Inc.
Assignment: MA-L
Registration Date: 2000-01-04
-757264002 | 2024-05-15T17:43:52.810655
139 /
tcp
1688663994 | 2024-06-04T14:37:48.899252
445 /
tcp
SMB Status:
Authentication: enabled
SMB Version: 1
OS: Windows Server 2012 R2 Standard 9600
Software: Windows Server 2012 R2 Standard 6.3
Capabilities: extended-security, infolevel-passthru, large-files, large-readx, large-writex, level2-oplocks, lock-and-read, lwio, nt-find, nt-smb, nt-status, rpc-remote-api, unicode
69074977 | 2024-05-22T04:13:55.448983
3389 /
tcp
Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x0f\x08\x00\x02\x00\x00\x00
Remote Desktop Protocol NTLM Info:
OS: Windows 8.1/Windows Server 2012 R2
OS Build: 6.3.9600
Target Name: DESKTOP57495
NetBIOS Domain Name: DESKTOP57495
NetBIOS Computer Name: DESKTOP57495
DNS Domain Name: desktop57495
FQDN: desktop57495
am Windows Server 2012R2
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:88:23:a7:29:e3:ab:b8:49:ca:f0:17:03:18:bb:8a
Signature Algorithm: sha1WithRSAEncryption
Issuer: CN=desktop57495
Validity
Not Before: May 5 20:54:12 2024 GMT
Not After : Nov 4 20:54:12 2024 GMT
Subject: CN=desktop57495
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c2:cc:bf:2b:19:80:93:b4:31:45:bb:78:ac:49:
0a:d7:a6:53:af:aa:c1:89:6c:be:c4:9a:87:28:50:
6f:4a:06:68:be:ce:b6:f3:29:82:d2:0b:e4:5d:cf:
06:f9:99:f4:93:1d:20:69:bd:b2:0b:24:0a:c5:c0:
02:e8:6f:8d:4a:d6:a8:01:ba:1e:c5:c7:26:e6:c6:
3b:9f:c2:ac:30:84:69:8d:ed:57:22:ef:15:3c:19:
db:97:e9:fd:74:bf:9b:ab:b9:08:a9:e3:b4:22:8f:
45:db:55:6b:6b:c2:a8:9a:e5:61:73:a5:74:5e:c2:
4c:0b:bc:ab:6f:e8:29:39:65:44:43:ee:16:ea:32:
9c:fc:ec:b1:b4:f5:bb:0c:6a:16:68:2a:a6:f1:0d:
ae:fc:d3:ca:be:32:4b:42:e2:61:85:48:8d:7e:96:
9b:d6:46:e7:4e:3f:73:d2:bf:44:75:82:03:72:32:
e0:2d:0e:00:c8:d1:77:df:90:f9:f9:9e:9a:89:99:
b1:fe:aa:b4:02:b1:58:06:ad:ec:98:01:c2:88:68:
dc:eb:cc:b0:e0:6a:9f:97:71:e2:60:9d:bb:5e:53:
32:76:cb:d0:bd:ff:eb:a7:5d:50:16:6d:c3:d6:ea:
4c:ef:72:1f:85:9e:ab:d7:f0:73:06:a3:ed:f7:a1:
f7:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Extended Key Usage:
TLS Web Server Authentication
X509v3 Key Usage:
Key Encipherment, Data Encipherment
Signature Algorithm: sha1WithRSAEncryption
Signature Value:
85:84:f2:30:f3:e3:2c:91:11:83:6d:1e:75:08:47:59:15:8d:
27:79:fc:91:19:9b:1d:a2:63:af:8b:b1:bf:5b:a1:4a:9c:f9:
1b:c3:5a:3b:83:3e:f2:8e:0d:a5:77:7b:3a:4a:7c:47:22:f4:
88:c5:a7:98:38:47:cd:e9:52:b0:df:75:c1:73:42:09:2f:40:
3d:0f:b5:98:64:09:17:fb:9c:28:2c:45:78:34:47:18:f5:9e:
30:d2:37:15:4e:f7:9d:1c:38:20:5f:15:c7:7b:c8:1c:5f:2b:
5f:84:03:e3:fe:7d:9b:70:02:9b:18:14:a9:61:20:14:c6:7a:
88:cd:3b:61:f4:61:26:57:76:95:11:79:bb:a7:6d:77:83:79:
05:7c:8a:19:e3:0e:33:e2:c8:ef:80:24:9b:fe:79:0d:1e:fa:
4f:75:ee:5c:cc:5c:71:72:51:75:ce:c3:6b:58:89:6c:5b:11:
80:d3:19:04:be:7f:0e:c0:3f:e0:07:21:4f:26:2f:51:ca:23:
cc:4b:1c:88:6e:ab:6b:6f:21:04:89:3f:3c:10:b6:c8:f9:e6:
bf:b9:87:42:b8:24:9e:2f:68:b8:d1:28:a1:4b:ae:b5:4f:a0:
10:cd:85:8a:94:77:ce:04:e3:d7:42:6b:b0:4e:1c:7c:ea:7b:
68:83:19:c6
1489525118 | 2024-05-18T17:04:44.625061
5985 /
tcp
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Sat, 18 May 2024 17:04:37 GMT
Connection: close
Content-Length: 315
WinRM NTLM Info:
OS: Windows Server 2012 R2
OS Build: 6.3.9600
Target Name: DESKTOP57495
NetBIOS Domain Name: DESKTOP57495
NetBIOS Computer Name: DESKTOP57495
DNS Domain Name: desktop57495
FQDN: desktop57495
616551314 | 2024-05-28T10:44:27.201667
8333 /
tcp
\xa4\x92w.7-\xc2\x93\xb6\x8bki\x87HC\xe6\x01\xb7\xe1\x18\x8fK\x85\xaf2q\x17O\x04\xd9\xb3S\x8b9G%Q\xc5i\xb2\xd1\xff\x088*\x84!\x90\xd6\x168#\x92c;\xe7\x83\xe2\xcb\xfa\x05+\xbd\x1d\x90[wx|l\x13K\xb3<\x08\x1aD\x1a)\x19\xee\x13\xcb&\xae\xcb\x80\xc4\xbd\xed\xce\xadAGu\x18\x9e\xbc%\xe3E!V\xcd\x9e\xa45K]y\xde\xca\xad\xcc\r\x8f\xf5\xb1\x9d2l\x1e\xc8\xfe?(\x7f3\xc5\xeenq.\xff\xf6t\xdfX"\xe1u\xbe\xbe\x1b\x0f\xb7\x8d\x86\xd4\r\x87a#L\xca\xc7K2e<\xf2\xa2$TT[L_;\x16\x8ep\xf4_\x08\x1a\xd2\xe0\xf7S\x1b\x8bf\xe59\x9e\xb6\xf8b=V\xb6\xa3\xfa\xb9\x00\xe0\xe3dv\x19\xbd\x17\x0e\x8ef3\x9fp4X\xb6\xee\xc3\xeb\xb4\x8f\xcfn\xa2J\x0fZ\x1aM\xf5i6\\]i`\x9a\xf5\xe1\x11\x94\xa2\x9e\xff+i\xecfO@\xd1m\x0c\xddi$ \xfd\xc1Z<s\'\xdf6\xf5\xfcQ\xe8\x8cY\x1a\xae\xa9\xc9\x8c\xbe\x89#\n\x06\x82\t\xf5\xaf\x80\x06\x0e\xbd\x19V\xfd\x00\xb0I\x1bj\xec\x8eI3LW$\x8c\x85)\xea\xfa\x9dm\x89g\xadw}\xd1\x17\x14\xb4\xc5\xbf\'4{\x10!\x0f\xabD1\xc0G\x13(\xbfw\xae\xc1\t\xfb\xab\xd0\x9a\xe4U=Aq\xff\x80}\xc8\xb9\x86\xd0\x03o\xaf \xbc\xb4a\xfd\x0e\xa8\xe1\xcf6\xab\xa9oPf\xc7\xff}\xae\xba\xda\xaaO\x17D\x1c\xccZ\x04JL\xf6<\x9c0\xeb\xd0}L\r\xa8=\xf3\xa7\xcd\xbc\x85#<\x89/\xd6\x08\x06\r\xc6\xc6><\xa2"\n\xde\x81.\xb7T\x8d\x9b\xff\xf0{n\xe4\xf5\xe6\x97!\x9c\xd6\xa0\x83\x01\xd3\x11\xc2\x83\xe8\xdf\xdf\xfc\x1a\x10\xa4\x8b\xf3o\xbf\x9b\xcc\x0e\xc5]\x9aaa\xca\xd3\'\xeb\xa3\xba\xae\xd0\xc6\xaf\\\xb3\x93m\x1c3\xb0?ho\xc6\xb8WK-\x16\x1b\x99\x9a\xe0\x8a\xa0\x014\x13\x97R\xb8\xf5\x0e\x88\x01\x81E\x7f\x83 \x1b\xa5o\xf9\x08\x7f2\xe1\xf6\xad\x8f\x81\xbd4\x97@|C{^\xf0\xee\x8a\xc5\xb1\xb2\x03\xca2\xe9\xfe\xb0\x86\xa7\x89\x8f\x91\xe2N\xd9f\xa8\xaa%\xceM\x98\xf1n\xd9\x14\n\xdb\xa0\xddR>\xfd\xa1p`\xfc\xa3\xc8\xd3D]9\xb3c\x02k\x95\xf7r\xec\xec\xc2\x94w\x0b\xe0z\xe3s\xa9\x0e\'\x98\x8d*4#^J\xaa4\xc54}\xf3 [d\xeb\x049d;`\x80\x14R{\x8f\xa0\xf0\xf5\x07\xd6foU\x04\x1a\xd2\x038\x00\\\x0e\xc6\x85(#^-L\x0b#\x9fGS\x0b\xe9\'\xe1\xb1x\xf5@\x02w\xfa\xe1\xea\x18\xee\x17\xa1q;\xb8r\xd8\xb8O \xb98D\xab\x7f\xb5\x18\xad\x00\x7f\xbfk\x95\xfez6\xb5\x0e\r\xf9\x02\xc2zh\xeb\xd5\xa8\xe3\xf5\x01k\xcd\xc1\xc8\xd4\xbe\x83\xb9dgNE\xd5\xe6\xd2\xba\xbd\xf3\xcd_:oX\xdd\xfa-;\xb9\xc1e}\xd3\xfawF\x01\xf90\xe2\xdcC~!\xd2\xa9b#\xd0KC\xb1%\xaa@\x88\xa4\xfc(\xc7\x93\x9c\x89\xcd\xe2\x97f\xd2\xac\xca\xb3e\xc76\x82\xb3Q|\xd2\xc9\xfb\xb6y\xe9\xb9\xc4\x07\x9f\xa0\x930\x81@\xa6\xdb\xc8\x1cyWC\xe2Cp\x0c1IdO\x19"\xe7Q\xd8\x13T\xe6\xc5\x10\x8c\x036v\xcf\xf3\x8dT\xe7\xc7d\x8d{\xa3Q\x7f\xa0\x91)\x0e\x17\xe8\xb3\x10X\x87gP\xed\xa6\xc5L.\x10h\x11\x89\xddc\xef\x9e\xe3\xbc>\xaf\xf5\x9e\r\xae@\x96\xab\x95!\xa9B(\x86\xa8@\xfa\xa7q\x83u\xd7\x83\xc7\xf1n?Q$e\x92\xcae\xb1$\xc4\x05\x8c\\\x14\xb3\x01i\x15Lz\xa0\x01\xf8\x004\x80\xe8N\xf9D%\x17\xe2P2\xa54\x94]$\x03P\x9d\xfcz\x17\x83Hl_vN7N\x86<o\xa71\xf3+\x9b\x1a^\x14\xdemK\xa7\xf6q\r;\xe3\xc5s\x05\x82\xaa\xcc\xdddHQ5@m\xa7M\xccQ>,\xd2M\xb8\x02\x85I\xe6&\xe2a\x19\xdc\x17w\xfd\x02\x04\xcfv\xba~\x8e\x9a\x02\xe1\xad|\xc3w}\xa4\xbb\xe7\n;rSc
