Hostnames |
app01.vo.so-accounting.com 83-136-249-45.uk-lon1.upcloud.host |
Domains | so-accounting.com upcloud.host |
Country | United Kingdom |
City | London |
Organization | UpCloud Cloud Servers |
ISP | UpCloud Ltd |
ASN | AS202053 |
Operating System | Windows |
-553166942 | 2024-05-14T14:38:13.77589853 / tcp
Recursion: enabled
-553166942 | 2024-04-30T12:18:54.72617753 / udp
Recursion: enabled
703707298 | 2024-05-07T23:06:50.14703580 / tcp
HTTP/1.1 200 OK Content-Type: text/html Last-Modified: Wed, 07 Jul 2021 14:51:33 GMT Accept-Ranges: bytes ETag: "c4a2e7933f73d71:0" Server: Microsoft-IIS/10.0 X-Powered-By: ASP.NET Date: Tue, 07 May 2024 23:06:30 GMT Content-Length: 703
141730091 | 2024-05-15T02:55:51.35629288 / udp
Microsoft Windows Kerberos Server Time: 2024-05-15 02:55:21Z
-1196317068 | 2024-05-08T05:13:01.694539123 / udp
NTP protocolversion: 3 stratum: 1 leap: 0 precision: -23 rootdelay: 0.0 rootdisp: 10.5348205566 refid: 1280262988 reftime: 3924087751.89 poll: 0
1825596136 | 2024-05-13T13:27:03.838398135 / tcp
Microsoft RPC Endpoint Mapper d95afe70-a6d5-4259-822e-2c84da1ddb0d version: v1.0 protocol: [MS-RSP]: Remote Shutdown Protocol provider: wininit.exe ncacn_ip_tcp: 83.136.249.45:49664 ncalrpc: WindowsShutdown ncacn_np: \\APP01\PIPE\InitShutdown ncalrpc: WMsgKRpc05A940 76f226c3-ec14-4325-8a99-6a46348418af version: v1.0 provider: winlogon.exe ncalrpc: WindowsShutdown ncacn_np: \\APP01\PIPE\InitShutdown ncalrpc: WMsgKRpc05A940 ncalrpc: WMsgKRpc05CC31 ncalrpc: WMsgKRpc020952B534 ncalrpc: WMsgKRpc15788575C6 ncalrpc: WMsgKRpc1590AFA207 fc48cd89-98d6-4628-9839-86f7a3e4161a version: v1.0 ncalrpc: dabrpc ncalrpc: csebpub ncalrpc: LRPC-18b29938b8ff6729c7 ncalrpc: LRPC-8cb0143214520c43cc ncalrpc: LRPC-0b96c39f369d0e1c2d ncalrpc: LRPC-d1fdb8829b8744cf3f ncalrpc: LRPC-c9a11383d63f90cbcc ncalrpc: OLEE3B22366339C224DBFF673DFF0B7 ncalrpc: LRPC-32b4456cfaad1dd79e ncalrpc: actkernel ncalrpc: umpo d09bdeb5-6171-4a34-bfe2-06fa82652568 version: v1.0 ncalrpc: csebpub ncalrpc: LRPC-18b29938b8ff6729c7 ncalrpc: LRPC-8cb0143214520c43cc ncalrpc: LRPC-0b96c39f369d0e1c2d ncalrpc: LRPC-d1fdb8829b8744cf3f ncalrpc: LRPC-c9a11383d63f90cbcc ncalrpc: OLEE3B22366339C224DBFF673DFF0B7 ncalrpc: LRPC-32b4456cfaad1dd79e ncalrpc: actkernel ncalrpc: umpo ncalrpc: LRPC-8cb0143214520c43cc ncalrpc: LRPC-0b96c39f369d0e1c2d ncalrpc: LRPC-d1fdb8829b8744cf3f ncalrpc: LRPC-c9a11383d63f90cbcc ncalrpc: OLEE3B22366339C224DBFF673DFF0B7 ncalrpc: LRPC-32b4456cfaad1dd79e ncalrpc: actkernel ncalrpc: umpo ncalrpc: LRPC-0b96c39f369d0e1c2d ncalrpc: LRPC-d1fdb8829b8744cf3f ncalrpc: LRPC-c9a11383d63f90cbcc ncalrpc: OLEE3B22366339C224DBFF673DFF0B7 ncalrpc: LRPC-32b4456cfaad1dd79e ncalrpc: actkernel ncalrpc: umpo ncalrpc: LRPC-8c9124b8d7ff1de2e8 ncalrpc: LRPC-d5479f6d065e45b048 697dcda9-3ba9-4eb2-9247-e11f1901b0d2 version: v1.0 ncalrpc: LRPC-18b29938b8ff6729c7 ncalrpc: LRPC-8cb0143214520c43cc ncalrpc: LRPC-0b96c39f369d0e1c2d ncalrpc: LRPC-d1fdb8829b8744cf3f ncalrpc: LRPC-c9a11383d63f90cbcc ncalrpc: OLEE3B22366339C224DBFF673DFF0B7 ncalrpc: LRPC-32b4456cfaad1dd79e ncalrpc: actkernel ncalrpc: umpo 9b008953-f195-4bf9-bde0-4471971e58ed version: v1.0 ncalrpc: LRPC-8cb0143214520c43cc ncalrpc: LRPC-0b96c39f369d0e1c2d ncalrpc: LRPC-d1fdb8829b8744cf3f ncalrpc: LRPC-c9a11383d63f90cbcc ncalrpc: OLEE3B22366339C224DBFF673DFF0B7 ncalrpc: LRPC-32b4456cfaad1dd79e ncalrpc: actkernel ncalrpc: umpo dd59071b-3215-4c59-8481-972edadc0f6a version: v1.0 ncalrpc: umpo 0d47017b-b33b-46ad-9e18-fe96456c5078 version: v1.0 ncalrpc: umpo 95406f0b-b239-4318-91bb-cea3a46ff0dc version: v1.0 ncalrpc: umpo 4ed8abcc-f1e2-438b-981f-bb0e8abc010c version: v1.0 ncalrpc: umpo 0ff1f646-13bb-400a-ab50-9a78f2b7a85a version: v1.0 ncalrpc: umpo 6982a06e-5fe2-46b1-b39c-a2c545bfa069 version: v1.0 ncalrpc: umpo 082a3471-31b6-422a-b931-a54401960c62 version: v1.0 ncalrpc: umpo fae436b0-b864-4a87-9eda-298547cd82f2 version: v1.0 ncalrpc: umpo e53d94ca-7464-4839-b044-09a2fb8b3ae5 version: v1.0 ncalrpc: umpo 178d84be-9291-4994-82c6-3f909aca5a03 version: v1.0 ncalrpc: umpo 4dace966-a243-4450-ae3f-9b7bcb5315b8 version: v2.0 ncalrpc: umpo 1832bcf6-cab8-41d4-85d2-c9410764f75a version: v1.0 ncalrpc: umpo c521facf-09a9-42c5-b155-72388595cbf0 version: v0.0 ncalrpc: umpo 2c7fd9ce-e706-4b40-b412-953107ef9bb0 version: v0.0 ncalrpc: umpo 88abcbc3-34ea-76ae-8215-767520655a23 version: v0.0 ncalrpc: LRPC-d1fdb8829b8744cf3f ncalrpc: LRPC-c9a11383d63f90cbcc ncalrpc: OLEE3B22366339C224DBFF673DFF0B7 ncalrpc: LRPC-32b4456cfaad1dd79e ncalrpc: actkernel ncalrpc: umpo 76c217bc-c8b4-4201-a745-373ad9032b1a version: v1.0 ncalrpc: LRPC-d1fdb8829b8744cf3f ncalrpc: LRPC-c9a11383d63f90cbcc ncalrpc: OLEE3B22366339C224DBFF673DFF0B7 ncalrpc: LRPC-32b4456cfaad1dd79e ncalrpc: actkernel ncalrpc: umpo 55e6b932-1979-45d6-90c5-7f6270724112 version: v1.0 ncalrpc: LRPC-d1fdb8829b8744cf3f ncalrpc: LRPC-c9a11383d63f90cbcc ncalrpc: OLEE3B22366339C224DBFF673DFF0B7 ncalrpc: LRPC-32b4456cfaad1dd79e ncalrpc: actkernel ncalrpc: umpo 857fb1be-084f-4fb5-b59c-4b2c4be5f0cf version: v1.0 ncalrpc: LRPC-c9a11383d63f90cbcc ncalrpc: OLEE3B22366339C224DBFF673DFF0B7 ncalrpc: LRPC-32b4456cfaad1dd79e ncalrpc: actkernel ncalrpc: umpo b8cadbaf-e84b-46b9-84f2-6f71c03f9e55 version: v1.0 ncalrpc: LRPC-c9a11383d63f90cbcc ncalrpc: OLEE3B22366339C224DBFF673DFF0B7 ncalrpc: LRPC-32b4456cfaad1dd79e ncalrpc: actkernel ncalrpc: umpo 20c40295-8dba-48e6-aebf-3e78ef3bb144 version: v1.0 ncalrpc: LRPC-c9a11383d63f90cbcc ncalrpc: OLEE3B22366339C224DBFF673DFF0B7 ncalrpc: LRPC-32b4456cfaad1dd79e ncalrpc: actkernel ncalrpc: umpo 2513bcbe-6cd4-4348-855e-7efb3c336dd3 version: v1.0 ncalrpc: LRPC-c9a11383d63f90cbcc ncalrpc: OLEE3B22366339C224DBFF673DFF0B7 ncalrpc: LRPC-32b4456cfaad1dd79e ncalrpc: actkernel ncalrpc: umpo 0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e version: v1.0 ncalrpc: LRPC-32b4456cfaad1dd79e ncalrpc: actkernel ncalrpc: umpo c605f9fb-f0a3-4e2a-a073-73560f8d9e3e version: v1.0 ncalrpc: LRPC-32b4456cfaad1dd79e ncalrpc: actkernel ncalrpc: umpo 1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0 version: v1.0 ncalrpc: LRPC-32b4456cfaad1dd79e ncalrpc: actkernel ncalrpc: umpo 8bfc3be1-6def-4e2d-af74-7c47cd0ade4a version: v1.0 ncalrpc: LRPC-32b4456cfaad1dd79e ncalrpc: actkernel ncalrpc: umpo 2d98a740-581d-41b9-aa0d-a88b9d5ce938 version: v1.0 ncalrpc: LRPC-32b4456cfaad1dd79e ncalrpc: actkernel ncalrpc: umpo 0361ae94-0316-4c6c-8ad8-c594375800e2 version: v1.0 ncalrpc: umpo 5824833b-3c1a-4ad2-bdfd-c31d19e23ed2 version: v1.0 ncalrpc: umpo bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760 version: v1.0 ncalrpc: umpo 3b338d89-6cfa-44b8-847e-531531bc9992 version: v1.0 ncalrpc: umpo 8782d3b9-ebbd-4644-a3d8-e8725381919b version: v1.0 ncalrpc: umpo 085b0334-e454-4d91-9b8c-4134f9e793f3 version: v1.0 ncalrpc: umpo 4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9 version: v1.0 ncalrpc: umpo c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 version: v1.0 annotation: Impl friendly name provider: sysntfy.dll ncalrpc: LRPC-7326013da814e113ba ncalrpc: LRPC-991db8559791efa038 ncalrpc: IUserProfile2 ncalrpc: LRPC-342f9678ffc4fe471b ncalrpc: senssvc ncalrpc: LRPC-6d8cfdd267287c80f7 ncalrpc: OLEEAE70AE94BCE373C24FC7D1F314A ncacn_ip_tcp: 83.136.249.45:49669 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\APP01\pipe\lsass 7ea70bcf-48af-4f6a-8968-6a440754d5fa version: v1.0 annotation: NSI server endpoint provider: nsisvc.dll ncalrpc: LRPC-b6f352f43dffad8ca2 30adc50c-5cbc-46ce-9a0e-91914789e23c version: v1.0 annotation: NRP server endpoint provider: nrpsrv.dll ncalrpc: LRPC-3bc275bb6e2174c493 a500d4c6-0dd1-4543-bc0c-d5f93486eaf8 version: v1.0 ncalrpc: LRPC-e30a6563c0c918b06a ncalrpc: LRPC-8c9124b8d7ff1de2e8 e40f7b57-7a25-4cd3-a135-7f7d3df9d16b version: v1.0 annotation: Network Connection Broker server endpoint ncalrpc: LRPC-fd180cc9818f154eb4 ncalrpc: OLEDD8C41FDA943BB4564C53426A67E ncalrpc: LRPC-4898a49e43e9e2fc9c ncalrpc: LRPC-d5479f6d065e45b048 880fd55e-43b9-11e0-b1a8-cf4edfd72085 version: v1.0 annotation: KAPI Service endpoint ncalrpc: LRPC-fd180cc9818f154eb4 ncalrpc: OLEDD8C41FDA943BB4564C53426A67E ncalrpc: LRPC-4898a49e43e9e2fc9c ncalrpc: LRPC-d5479f6d065e45b048 5222821f-d5e2-4885-84f1-5f6185a0ec41 version: v1.0 annotation: Network Connection Broker server endpoint for NCB Reset module ncalrpc: LRPC-4898a49e43e9e2fc9c ncalrpc: LRPC-d5479f6d065e45b048 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5 version: v1.0 annotation: DHCP Client LRPC Endpoint provider: dhcpcsvc.dll ncalrpc: dhcpcsvc ncalrpc: dhcpcsvc6 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6 version: v1.0 annotation: DHCPv6 Client LRPC Endpoint provider: dhcpcsvc6.dll ncalrpc: dhcpcsvc6 f6beaff7-1e19-4fbb-9f8f-b89e2018337c version: v1.0 annotation: Event log TCPIP protocol: [MS-EVEN6]: EventLog Remoting Protocol provider: wevtsvc.dll ncacn_ip_tcp: 83.136.249.45:49665 ncacn_np: \\APP01\pipe\eventlog ncalrpc: eventlog 89759fce-5a25-4086-8967-de12f39a60b5 version: v1.0 provider: tssdjet.dll ncacn_ip_tcp: 83.136.249.45:49666 ncalrpc: LcRpc ncalrpc: OLEBDF601FEF204C10958C00C68975D 9b3195fe-d603-43d1-a0d5-9072d7cde122 version: v1.0 provider: tssdjet.dll ncacn_ip_tcp: 83.136.249.45:49666 ncalrpc: LcRpc ncalrpc: OLEBDF601FEF204C10958C00C68975D 2eb08e3e-639f-4fba-97b1-14f878961076 version: v1.0 annotation: Group Policy RPC Interface provider: gpsvc.dll ncalrpc: LRPC-59083e5cfd011c3182 3a9ef155-691d-4449-8d05-09ad57031823 version: v1.0 ncacn_ip_tcp: 83.136.249.45:49667 ncalrpc: LRPC-fb52fb0e1cac2d9b50 ncalrpc: ubpmtaskhostchannel ncacn_np: \\APP01\PIPE\atsvc ncalrpc: LRPC-5374b3daef821662ce 86d35949-83c9-4044-b424-db363231fd0c version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: schedsvc.dll ncacn_ip_tcp: 83.136.249.45:49667 ncalrpc: LRPC-fb52fb0e1cac2d9b50 ncalrpc: ubpmtaskhostchannel ncacn_np: \\APP01\PIPE\atsvc ncalrpc: LRPC-5374b3daef821662ce 33d84484-3626-47ee-8c6f-e7e98b113be1 version: v2.0 ncalrpc: LRPC-fb52fb0e1cac2d9b50 ncalrpc: ubpmtaskhostchannel ncacn_np: \\APP01\PIPE\atsvc ncalrpc: LRPC-5374b3daef821662ce 378e52b0-c0a9-11cf-822d-00aa0051e40f version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: taskcomp.dll ncacn_np: \\APP01\PIPE\atsvc ncalrpc: LRPC-5374b3daef821662ce 1ff70682-0a51-30e8-076d-740be8cee98b version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: taskcomp.dll ncacn_np: \\APP01\PIPE\atsvc ncalrpc: LRPC-5374b3daef821662ce 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53 version: v1.0 provider: schedsvc.dll ncalrpc: LRPC-5374b3daef821662ce 2fb92682-6599-42dc-ae13-bd2ca89bd11c version: v1.0 annotation: Fw APIs provider: MPSSVC.dll ncalrpc: LRPC-c06247b8ccae69a637 ncalrpc: LRPC-868243ac4c9179ddd3 ncalrpc: LRPC-72928cd1c9f08ffab7 ncalrpc: LRPC-954ab943b92c8cdd1b f47433c3-3e9d-4157-aad4-83aa1f5c2d4c version: v1.0 annotation: Fw APIs ncalrpc: LRPC-868243ac4c9179ddd3 ncalrpc: LRPC-72928cd1c9f08ffab7 ncalrpc: LRPC-954ab943b92c8cdd1b 7f9d11bf-7fb9-436b-a812-b2d50c5d4c03 version: v1.0 annotation: Fw APIs provider: MPSSVC.dll ncalrpc: LRPC-72928cd1c9f08ffab7 ncalrpc: LRPC-954ab943b92c8cdd1b dd490425-5325-4565-b774-7e27d6c09c24 version: v1.0 annotation: Base Firewall Engine API provider: BFE.DLL ncalrpc: LRPC-954ab943b92c8cdd1b c2d1b5dd-fa81-4460-9dd6-e7658b85454b version: v1.0 ncalrpc: LRPC-a13de2bc04b995db9c ncalrpc: OLE580984FB78813CBF5993A3BBB242 f44e62af-dab1-44c2-8013-049a9de417d6 version: v1.0 ncalrpc: LRPC-a13de2bc04b995db9c ncalrpc: OLE580984FB78813CBF5993A3BBB242 7aeb6705-3ae6-471a-882d-f39c109edc12 version: v1.0 ncalrpc: LRPC-a13de2bc04b995db9c ncalrpc: OLE580984FB78813CBF5993A3BBB242 e7f76134-9ef5-4949-a2d6-3368cc0988f3 version: v1.0 ncalrpc: LRPC-a13de2bc04b995db9c ncalrpc: OLE580984FB78813CBF5993A3BBB242 b37f900a-eae4-4304-a2ab-12bb668c0188 version: v1.0 ncalrpc: LRPC-a13de2bc04b995db9c ncalrpc: OLE580984FB78813CBF5993A3BBB242 abfb6ca3-0c5e-4734-9285-0aee72fe8d1c version: v1.0 ncalrpc: LRPC-a13de2bc04b995db9c ncalrpc: OLE580984FB78813CBF5993A3BBB242 c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1 version: v1.0 annotation: Adh APIs ncalrpc: OLEDA271F1CEB27F8BB45188032304B ncalrpc: TeredoControl ncalrpc: TeredoDiagnostics ncalrpc: LRPC-1f6bfd7af38534ba6c c36be077-e14b-4fe9-8abc-e856ef4f048b version: v1.0 annotation: Proxy Manager client server endpoint ncalrpc: TeredoControl ncalrpc: TeredoDiagnostics ncalrpc: LRPC-1f6bfd7af38534ba6c 2e6035b2-e8f1-41a7-a044-656b439c4c34 version: v1.0 annotation: Proxy Manager provider server endpoint ncalrpc: TeredoControl ncalrpc: TeredoDiagnostics ncalrpc: LRPC-1f6bfd7af38534ba6c 552d076a-cb29-4e44-8b6a-d15e59e2c0af version: v1.0 annotation: IP Transition Configuration endpoint provider: iphlpsvc.dll ncalrpc: LRPC-1f6bfd7af38534ba6c 0d3c7f20-1c8d-4654-a1b3-51563b298bda version: v1.0 annotation: UserMgrCli ncalrpc: LRPC-7c7e60db48a0ff1bb3 ncalrpc: OLE11FF3E99012C40F984E61EC31226 b18fbab6-56f8-4702-84e0-41053293a869 version: v1.0 annotation: UserMgrCli ncalrpc: LRPC-7c7e60db48a0ff1bb3 ncalrpc: OLE11FF3E99012C40F984E61EC31226 7f1343fe-50a9-4927-a778-0c5859517bac version: v1.0 annotation: DfsDs service ncacn_np: \\APP01\PIPE\wkssvc ncalrpc: LRPC-2ddcde60010d4555c6 eb081a0d-10ee-478a-a1dd-50995283e7a8 version: v3.0 annotation: Witness Client Test Interface ncalrpc: LRPC-2ddcde60010d4555c6 f2c9b409-c1c9-4100-8639-d8ab1486694a version: v1.0 annotation: Witness Client Upcall Server ncalrpc: LRPC-2ddcde60010d4555c6 30b044a5-a225-43f0-b3a4-e060df91f9c1 version: v1.0 provider: certprop.dll ncalrpc: LRPC-e1ddea55fe699b4050 29770a8f-829b-4158-90a2-78cd488501f7 version: v1.0 ncacn_ip_tcp: 83.136.249.45:49671 ncacn_np: \\APP01\pipe\SessEnvPublicRpc ncalrpc: SessEnvPrivateRpc ncalrpc: OLE4EE32D7C931455B6B82A785268A1 ncalrpc: LRPC-6d8cfdd267287c80f7 04eeb297-cbf4-466b-8a2a-bfd6a2f10bba version: v1.0 annotation: EFSK RPC Interface provider: efssvc.dll ncacn_np: \\APP01\pipe\efsrpc ncalrpc: LRPC-2295e287795c4a8348 df1941c5-fe89-4e79-bf10-463657acf44d version: v1.0 annotation: EFS RPC Interface provider: efssvc.dll ncacn_np: \\APP01\pipe\efsrpc ncalrpc: LRPC-2295e287795c4a8348 51a227ae-825b-41f2-b4a9-1ac9557a1018 version: v1.0 annotation: Ngc Pop Key Service ncacn_ip_tcp: 83.136.249.45:49675 ncalrpc: NETLOGON_LRPC ncacn_ip_tcp: 83.136.249.45:49673 ncacn_np: \\APP01\pipe\bebfd3639986af16 ncacn_ip_http: 83.136.249.45:49672 ncalrpc: NTDS_LPC ncalrpc: OLEEAE70AE94BCE373C24FC7D1F314A ncacn_ip_tcp: 83.136.249.45:49669 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\APP01\pipe\lsass 8fb74744-b2ff-4c00-be0d-9ef9a191fe1b version: v1.0 annotation: Ngc Pop Key Service ncacn_ip_tcp: 83.136.249.45:49675 ncalrpc: NETLOGON_LRPC ncacn_ip_tcp: 83.136.249.45:49673 ncacn_np: \\APP01\pipe\bebfd3639986af16 ncacn_ip_http: 83.136.249.45:49672 ncalrpc: NTDS_LPC ncalrpc: OLEEAE70AE94BCE373C24FC7D1F314A ncacn_ip_tcp: 83.136.249.45:49669 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\APP01\pipe\lsass b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86 version: v2.0 annotation: KeyIso ncacn_ip_tcp: 83.136.249.45:49675 ncalrpc: NETLOGON_LRPC ncacn_ip_tcp: 83.136.249.45:49673 ncacn_np: \\APP01\pipe\bebfd3639986af16 ncacn_ip_http: 83.136.249.45:49672 ncalrpc: NTDS_LPC ncalrpc: OLEEAE70AE94BCE373C24FC7D1F314A ncacn_ip_tcp: 83.136.249.45:49669 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\APP01\pipe\lsass 12345678-1234-abcd-ef00-01234567cffb version: v1.0 protocol: [MS-NRPC]: Netlogon Remote Protocol provider: netlogon.dll ncacn_ip_tcp: 83.136.249.45:49675 ncalrpc: NETLOGON_LRPC ncacn_ip_tcp: 83.136.249.45:49673 ncacn_np: \\APP01\pipe\bebfd3639986af16 ncacn_ip_http: 83.136.249.45:49672 ncalrpc: NTDS_LPC ncalrpc: OLEEAE70AE94BCE373C24FC7D1F314A ncacn_ip_tcp: 83.136.249.45:49669 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\APP01\pipe\lsass 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7 version: v0.0 annotation: RemoteAccessCheck protocol: [MS-RAA]: Remote Authorization API Protocol ncalrpc: NETLOGON_LRPC ncacn_ip_tcp: 83.136.249.45:49673 ncacn_np: \\APP01\pipe\bebfd3639986af16 ncacn_ip_http: 83.136.249.45:49672 ncalrpc: NTDS_LPC ncalrpc: OLEEAE70AE94BCE373C24FC7D1F314A ncacn_ip_tcp: 83.136.249.45:49669 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\APP01\pipe\lsass ncalrpc: NETLOGON_LRPC ncacn_ip_tcp: 83.136.249.45:49673 ncacn_np: \\APP01\pipe\bebfd3639986af16 ncacn_ip_http: 83.136.249.45:49672 ncalrpc: NTDS_LPC ncalrpc: OLEEAE70AE94BCE373C24FC7D1F314A ncacn_ip_tcp: 83.136.249.45:49669 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\APP01\pipe\lsass 12345778-1234-abcd-ef00-0123456789ac version: v1.0 protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol provider: samsrv.dll ncacn_ip_tcp: 83.136.249.45:49673 ncacn_np: \\APP01\pipe\bebfd3639986af16 ncacn_ip_http: 83.136.249.45:49672 ncalrpc: NTDS_LPC ncalrpc: OLEEAE70AE94BCE373C24FC7D1F314A ncacn_ip_tcp: 83.136.249.45:49669 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\APP01\pipe\lsass 12345778-1234-abcd-ef00-0123456789ab version: v0.0 protocol: [MS-LSAT]: Local Security Authority (Translation Methods) Remote provider: lsasrv.dll ncacn_np: \\APP01\pipe\bebfd3639986af16 ncacn_ip_http: 83.136.249.45:49672 ncalrpc: NTDS_LPC ncalrpc: OLEEAE70AE94BCE373C24FC7D1F314A ncacn_ip_tcp: 83.136.249.45:49669 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\APP01\pipe\lsass e3514235-4b06-11d1-ab04-00c04fc2dcd2 version: v4.0 annotation: MS NT Directory DRS Interface protocol: [MS-DRSR]: Directory Replication Service (DRS) Remote Protocol provider: ntdsai.dll ncacn_np: \\APP01\pipe\bebfd3639986af16 ncacn_ip_http: 83.136.249.45:49672 ncalrpc: NTDS_LPC ncalrpc: OLEEAE70AE94BCE373C24FC7D1F314A ncacn_ip_tcp: 83.136.249.45:49669 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\APP01\pipe\lsass 1a0d010f-1c33-432c-b0f5-8cf4e8053099 version: v1.0 annotation: IdSegSrv service ncalrpc: LRPC-6993c946fe069dce39 98716d03-89ac-44c7-bb8c-285824e51c4a version: v1.0 annotation: XactSrv service provider: srvsvc.dll ncalrpc: LRPC-6993c946fe069dce39 df4df73a-c52d-4e3a-8003-8437fdf8302a version: v0.0 annotation: WM_WindowManagerRPC\Server ncalrpc: LRPC-72679d34bb6b752a3c a398e520-d59a-4bdd-aa7a-3c1e0303a511 version: v1.0 annotation: IKE/Authip API provider: IKEEXT.DLL ncalrpc: LRPC-02c0fcdf167a86ffa3 b58aa02e-2884-4e97-8176-4ee06d794184 version: v1.0 provider: sysmain.dll ncalrpc: LRPC-20ffda53b5a98f9348 3d267954-eeb7-11d1-b94e-00c04fa3080d version: v1.0 provider: lserver.dll ncacn_ip_tcp: 83.136.249.45:49679 ncacn_np: \\APP01\pipe\HydraLsPipe ncalrpc: LRPC-fc48b2548074698c0a 650a7e26-eab8-5533-ce43-9c1dfce11511 version: v1.0 annotation: Vpn APIs ncalrpc: LRPC-284d229d49bf896b91 ncalrpc: VpnikeRpc ncalrpc: RasmanLrpc ncacn_np: \\APP01\PIPE\ROUTER 98cd761e-e77d-41c8-a3c0-0fb756d90ec2 version: v1.0 ncalrpc: LRPC-94450eaf4ffa92dddc d22895ef-aff4-42c5-a5b2-b14466d34ab4 version: v1.0 ncalrpc: LRPC-94450eaf4ffa92dddc e38f5360-8572-473e-b696-1b46873beeab version: v1.0 ncalrpc: LRPC-94450eaf4ffa92dddc 95095ec8-32ea-4eb0-a3e2-041f97b36168 version: v1.0 ncalrpc: LRPC-94450eaf4ffa92dddc fd8be72b-a9cd-4b2c-a9ca-4ded242fbe4d version: v1.0 ncalrpc: LRPC-94450eaf4ffa92dddc 4c9dbf19-d39e-4bb9-90ee-8f7179b20283 version: v1.0 ncalrpc: LRPC-94450eaf4ffa92dddc f3f09ffd-fbcf-4291-944d-70ad6e0e73bb version: v1.0 ncalrpc: LRPC-c4aa6562eeb62926d7 ncalrpc: LRPC-a39ab661d3c35cb015 ed96b012-c8ce-4f60-a682-35535b12ff75 version: v2.0 ncacn_ip_tcp: 83.136.249.45:5504 ncalrpc: OLE2B0B97B24F74313960ED86249C05 367abb81-9844-35f1-ad32-98f038001003 version: v2.0 protocol: [MS-SCMR]: Service Control Manager Remote Protocol provider: services.exe ncacn_ip_tcp: 83.136.249.45:49686 32e36e84-4ba2-496c-ba85-fb450f325107 version: v2.0 ncalrpc: TSSessionDirectoryQueryApi ncacn_ip_tcp: 83.136.249.45:49687 c95fc993-f460-4763-a00d-bb3b9e5c7e2e version: v1.0 ncacn_ip_tcp: 83.136.249.45:49687 aa177641-fc9b-41bd-80ff-f964a701596f version: v1.0 provider: tssdis.exe ncacn_ip_tcp: 83.136.249.45:49687 50abc2a4-574d-40b3-9d66-ee4fd5fba076 version: v5.0 protocol: [MS-DNSP]: Domain Name Service (DNS) Server Management provider: dns.exe ncacn_ip_tcp: 83.136.249.45:49697 906b0ce0-c70b-1067-b317-00dd010662da version: v1.0 protocol: [MS-CMPO]: MSDTC Connection Manager: provider: msdtcprx.dll ncalrpc: LRPC-3540cd4f1158603649 ncalrpc: LRPC-3540cd4f1158603649 ncalrpc: LRPC-3540cd4f1158603649 897e2e5f-93f3-4376-9c9c-fd2277495c27 version: v1.0 annotation: Frs2 Service protocol: [MS-FRS2]: Distributed File System Replication Protocol provider: dfsrmig.exe ncacn_ip_tcp: 83.136.249.45:49755 ncalrpc: OLE65A20E791B82666856FE1564BD0D 54b4c689-969a-476f-8dc2-990885e9f562 version: v0.0 ncalrpc: LRPC-57feda1f3800c045a3 be7f785e-0e3a-4ab7-91de-7e46e443be29 version: v0.0 ncalrpc: LRPC-57feda1f3800c045a3 bf4dc912-e52f-4904-8ebe-9317c1bdd497 version: v1.0 ncalrpc: LRPC-b491b3560ca4856539 ncalrpc: OLE898914204F9A881D57F52301C43B 58e604e8-9adb-4d2e-a464-3b0683fb1480 version: v1.0 annotation: AppInfo provider: appinfo.dll ncalrpc: LRPC-95954f3bf319fa9f79 fd7a0523-dc70-43dd-9b2e-9c5ed48225b1 version: v1.0 annotation: AppInfo provider: appinfo.dll ncalrpc: LRPC-95954f3bf319fa9f79 5f54ce7d-5b79-4175-8584-cb65313a0e98 version: v1.0 annotation: AppInfo provider: appinfo.dll ncalrpc: LRPC-95954f3bf319fa9f79 201ef99a-7fa0-444c-9399-19ba84f12a1a version: v1.0 annotation: AppInfo provider: appinfo.dll ncalrpc: LRPC-95954f3bf319fa9f79 0497b57d-2e66-424f-a0c6-157cd5d41700 version: v1.0 annotation: AppInfo ncalrpc: LRPC-95954f3bf319fa9f79 0767a036-0d22-48aa-ba69-b619480f38cb version: v1.0 annotation: PcaSvc provider: pcasvc.dll ncalrpc: LRPC-7f4df9d67493e9d32d a4b8d482-80ce-40d6-934d-b22a01a44fe7 version: v1.0 annotation: LicenseManager ncalrpc: LicenseServiceEndpoint 12e65dd8-887f-41ef-91bf-8d816c42c2e7 version: v1.0 annotation: Secure Desktop LRPC interface provider: winlogon.exe ncalrpc: WMsgKRpc020952B534 ncalrpc: WMsgKRpc15788575C6 ncalrpc: WMsgKRpc1590AFA207 b1ef227e-dfa5-421e-82bb-67a6a129c496 version: v0.0 ncalrpc: LRPC-5bce3794543fc1b7a6 ncalrpc: OLE473F3F5B7CF510B0D13553C1A85E ncalrpc: LRPC-0ddda295d11105db7b ncalrpc: OLE41E1E22A32AF703DE3D5543E7901 ncalrpc: OLE728458A9446D5E3B3AAF1C39694E ncalrpc: LRPC-c96f49860059691da1 0fc77b1a-95d8-4a2e-a0c0-cff54237462b version: v0.0 ncalrpc: LRPC-5bce3794543fc1b7a6 ncalrpc: OLE473F3F5B7CF510B0D13553C1A85E ncalrpc: LRPC-0ddda295d11105db7b ncalrpc: OLE41E1E22A32AF703DE3D5543E7901 ncalrpc: OLE728458A9446D5E3B3AAF1C39694E ncalrpc: LRPC-c96f49860059691da1 8ec21e98-b5ce-4916-a3d6-449fa428a007 version: v0.0 ncalrpc: LRPC-5bce3794543fc1b7a6 ncalrpc: OLE473F3F5B7CF510B0D13553C1A85E ncalrpc: LRPC-0ddda295d11105db7b ncalrpc: OLE41E1E22A32AF703DE3D5543E7901 ncalrpc: OLE728458A9446D5E3B3AAF1C39694E ncalrpc: LRPC-c96f49860059691da1 c503f532-443a-4c69-8300-ccd1fbdb3839 version: v2.0 ncalrpc: LRPC-9d258d36feafd1800a ncalrpc: OLE7F1447EE04CD4E0519ACA4B8F7A3 76f03f96-cdfd-44fc-a22c-64950a001209 version: v1.0 protocol: [MS-PAR]: Print System Asynchronous Remote Protocol provider: spoolsv.exe ncacn_ip_tcp: 83.136.249.45:54720 ncalrpc: LRPC-e964253a9b98211353 4a452661-8290-4b36-8fbe-7f4093a94978 version: v1.0 provider: spoolsv.exe ncacn_ip_tcp: 83.136.249.45:54720 ncalrpc: LRPC-e964253a9b98211353 ae33069b-a2a8-46ee-a235-ddfd339be281 version: v1.0 protocol: [MS-PAN]: Print System Asynchronous Notification Protocol provider: spoolsv.exe ncacn_ip_tcp: 83.136.249.45:54720 ncalrpc: LRPC-e964253a9b98211353 0b6edbfa-4a24-4fc6-8a23-942b1eca65d1 version: v1.0 protocol: [MS-PAN]: Print System Asynchronous Notification Protocol provider: spoolsv.exe ncacn_ip_tcp: 83.136.249.45:54720 ncalrpc: LRPC-e964253a9b98211353 12345678-1234-abcd-ef00-0123456789ab version: v1.0 protocol: [MS-RPRN]: Print System Remote Protocol provider: spoolsv.exe ncacn_ip_tcp: 83.136.249.45:54720 ncalrpc: LRPC-e964253a9b98211353 3473dd4d-2e88-4006-9cba-22570909dd10 version: v5.256 annotation: WinHttp Auto-Proxy Service ncalrpc: a8c0c9a8-03c7-4065-a19b-20d48b5b0173 ncalrpc: LRPC-353c0e2d96409c6a04 a111f1c5-5923-47c0-9a68-d0bafb577901 version: v1.0 annotation: NetSetup API ncalrpc: LRPC-ad968d9253a29ab589
1602784924 | 2024-05-11T11:21:37.511052389 / tcp
LDAP: SupportedExtension: 1.2.840.113556.1.4.1781 1.2.840.113556.1.4.2212 1.3.6.1.4.1.1466.101.119.1 1.3.6.1.4.1.1466.20037 1.3.6.1.4.1.4203.1.11.3 SupportedSASLMechanisms: DIGEST-MD5 EXTERNAL GSS-SPNEGO GSSAPI SupportedLDAPVersion: 2 3 SupportedLDAPPolicies: InitRecvTimeout MaxBatchReturnMessages MaxConnIdleTime MaxConnections MaxDatagramRecv MaxDirSyncDuration MaxNotificationPerConn MaxPageSize MaxPercentDirSyncRequests MaxPoolThreads MaxQueryDuration MaxReceiveBuffer MaxResultSetSize MaxResultSetsPerConn MaxTempTableSize MaxValRange MaxValRangeTransitive MinResultSets SystemMemoryLimitPercent ThreadMemoryLimit SupportedControl: 1.2.840.113556.1.4.1338 1.2.840.113556.1.4.1339 1.2.840.113556.1.4.1340 1.2.840.113556.1.4.1341 1.2.840.113556.1.4.1413 1.2.840.113556.1.4.1504 1.2.840.113556.1.4.1852 1.2.840.113556.1.4.1907 1.2.840.113556.1.4.1948 1.2.840.113556.1.4.1974 1.2.840.113556.1.4.2026 1.2.840.113556.1.4.2064 1.2.840.113556.1.4.2065 1.2.840.113556.1.4.2066 1.2.840.113556.1.4.2090 1.2.840.113556.1.4.2204 1.2.840.113556.1.4.2205 1.2.840.113556.1.4.2206 1.2.840.113556.1.4.2211 1.2.840.113556.1.4.2239 1.2.840.113556.1.4.2255 1.2.840.113556.1.4.2256 1.2.840.113556.1.4.2309 1.2.840.113556.1.4.2330 1.2.840.113556.1.4.2354 1.2.840.113556.1.4.319 1.2.840.113556.1.4.417 1.2.840.113556.1.4.473 1.2.840.113556.1.4.474 1.2.840.113556.1.4.521 1.2.840.113556.1.4.528 1.2.840.113556.1.4.529 1.2.840.113556.1.4.619 1.2.840.113556.1.4.801 1.2.840.113556.1.4.802 1.2.840.113556.1.4.805 1.2.840.113556.1.4.841 1.2.840.113556.1.4.970 2.16.840.1.113730.3.4.10 2.16.840.1.113730.3.4.9 SupportedCapabilities: 1.2.840.113556.1.4.1670 1.2.840.113556.1.4.1791 1.2.840.113556.1.4.1935 1.2.840.113556.1.4.2080 1.2.840.113556.1.4.2237 1.2.840.113556.1.4.800 SubschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=vo,DC=so-accounting,DC=com ServerName: CN=APP01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=vo,DC=so-accounting,DC=com SchemaNamingContext: CN=Schema,CN=Configuration,DC=vo,DC=so-accounting,DC=com RootDomainNamingContext: DC=vo,DC=so-accounting,DC=com NamingContexts: CN=Configuration,DC=vo,DC=so-accounting,DC=com CN=Schema,CN=Configuration,DC=vo,DC=so-accounting,DC=com DC=DomainDnsZones,DC=vo,DC=so-accounting,DC=com DC=ForestDnsZones,DC=vo,DC=so-accounting,DC=com DC=vo,DC=so-accounting,DC=com LdapServiceName: vo.so-accounting.com:app01$@VO.SO-ACCOUNTING.COM IsSynchronized: TRUE IsGlobalCatalogReady: TRUE HighestCommittedUSN: 230281895 ForestFunctionality: 7 DsServiceName: CN=NTDS Settings,CN=APP01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=vo,DC=so-accounting,DC=com DomainFunctionality: 7 DnsHostName: app01.vo.so-accounting.com DefaultNamingContext: DC=vo,DC=so-accounting,DC=com CurrentTime: 20240511112052.0Z ConfigurationNamingContext: CN=Configuration,DC=vo,DC=so-accounting,DC=com
-882271396 | 2024-05-14T21:19:23.028433389 / udp
0\x84\x00\x00\x0c/\x02\x01\x07d\x84\x00\x00\x0c&\x04\x000\x84\x00\x00\x0c\x1e0\x84\x00\x00\x00\x1e\x04\x13domainFunctionality1\x84\x00\x00\x00\x03\x04\x0170\x84\x00\x00\x00\x1e\x04\x13forestFunctionality1\x84\x00\x00\x00\x03\x04\x0170\x84\x00\x00\x00(\x04\x1ddomainControllerFunctionality1\x84\x00\x00\x00\x03\x04\x0170\x84\x00\x00\x00>\x04\x17rootDomainNamingContext1\x84\x00\x00\x00\x1f\x04\x1dDC=vo,DC=so-accounting,DC=com0\x84\x00\x00\x00I\x04\x0fldapServiceName1\x84\x00\x00\x002\x040vo.so-accounting.com:app01$@VO.SO-ACCOUNTING.COM0\x84\x00\x00\x00"\x04\x14isGlobalCatalogReady1\x84\x00\x00\x00\x06\x04\x04TRUE0\x84\x00\x00\x00I\x04\x17supportedSASLMechanisms1\x84\x00\x00\x00*\x04\x06GSSAPI\x04\nGSS-SPNEGO\x04\x08EXTERNAL\x04\nDIGEST-MD50\x84\x00\x00\x00"\x04\x14supportedLDAPVersion1\x84\x00\x00\x00\x06\x04\x013\x04\x0120\x84\x00\x00\x01\x9a\x04\x15supportedLDAPPolicies1\x84\x00\x00\x01}\x04\x0eMaxPoolThreads\x04\x19MaxPercentDirSyncRequests\x04\x0fMaxDatagramRecv\x04\x10MaxReceiveBuffer\x04\x0fInitRecvTimeout\x04\x0eMaxConnections\x04\x0fMaxConnIdleTime\x04\x0bMaxPageSize\x04\x16MaxBatchReturnMessages\x04\x10MaxQueryDuration\x04\x12MaxDirSyncDuration\x04\x10MaxTempTableSize\x04\x10MaxResultSetSize\x04\rMinResultSets\x04\x14MaxResultSetsPerConn\x04\x16MaxNotificationPerConn\x04\x0bMaxValRange\x04\x15MaxValRangeTransitive\x04\x11ThreadMemoryLimit\x04\x18SystemMemoryLimitPercent0\x84\x00\x00\x03\xf4\x04\x10supportedControl1\x84\x00\x00\x03\xdc\x04\x161.2.840.113556.1.4.319\x04\x161.2.840.113556.1.4.801\x04\x161.2.840.113556.1.4.473\x04\x161.2.840.113556.1.4.528\x04\x161.2.840.113556.1.4.417\x04\x161.2.840.113556.1.4.619\x04\x161.2.840.113556.1.4.841\x04\x161.2.840.113556.1.4.529\x04\x161.2.840.113556.1.4.805\x04\x161.2.840.113556.1.4.521\x04\x161.2.840.113556.1.4.970\x04\x171.2.840.113556.1.4.1338\x04\x161.2.840.113556.1.4.474\x04\x171.2.840.113556.1.4.1339\x04\x171.2.840.113556.1.4.1340\x04\x171.2.840.113556.1.4.1413\x04\x172.16.840.1.113730.3.4.9\x04\x182.16.840.1.113730.3.4.10\x04\x171.2.840.113556.1.4.1504\x04\x171.2.840.113556.1.4.1852\x04\x161.2.840.113556.1.4.802\x04\x171.2.840.113556.1.4.1907\x04\x171.2.840.113556.1.4.1948\x04\x171.2.840.113556@\x06\x00\x00W\xd5Cf\xd0\xdcd$\xea\x05\x00\x00\xea\x05\x00\x00\x01\x00\x00 V\x00d\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x11\x00\x08\x00\x02\x00\x00\x00\x01\x00\x00\x06\x001F7\xf6\xc1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x11\x00\x08\x00\x02\x00\xec\xf4\xbb\xcfb,\x001F7\xf6\xc1\x08\x00E(\x05\xdc\x8c\x94 \xb9q\x11\xd1%S\x88\xf9-\xb9\xa5\xbf\x1a.1.4.1974\x04\x171.2.840.113556.1.4.1341\x04\x171.2.840.113556.1.4.2026\x04\x171.2.840.113556.1.4.2064\x04\x171.2.840.113556.1.4.2065\x04\x171.2.840.113556.1.4.2066\x04\x171.2.840.113556.1.4.2090\x04\x171.2.840.113556.1.4.2205\x04\x171.2.840.113556.1.4.2204\x04\x171.2.840.113556.1.4.2206\x04\x171.2.840.113556.1.4.2211\x04\x171.2.840.113556.1.4.2239\x04\x171.2.840.113556.1.4.2255\x04\x171.2.840.113556.1.4.2256\x04\x171.2.840.113556.1.4.2309\x04\x171.2.840.113556.1.4.2330\x04\x171.2.840.113556.1.4.23540\x84\x00\x00\x00\xb2\x04\x15supportedCapabilities1\x84\x00\x00\x00\x95\x04\x161.2.840.113556.1.4.800\x04\x171.2.840.113556.1.4.1670\x04\x171.2.840.113556.1.4.1791\x04\x171.2.840.113556.1.4.1935\x04\x171.2.840.113556.1.4.2080\x04\x171.2.840.113556.1.4.22370\x84\x00\x00\x00`\x04\x11subschemaSubentry1\x84\x00\x00\x00G\x04ECN=Aggregate,CN=Schema,CN=Configuration,DC=vo,DC=so-accounting,DC=com0\x84\x00\x00\x00z\x04\nserverName1\x84\x00\x00\x00h\x04fCN=APP01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=vo,DC=so-accounting,DC=com0\x84\x00\x00\x00U\x04\x13schemaNamingContext1\x84\x00\x00\x00:\x048CN=Schema,CN=Configuration,DC=vo,DC=so-accounting,DC=com0\x84\x00\x00\x01\x01\x04\x0enamingContexts1\x84\x00\x00\x00\xeb\x04\x1dDC=vo,DC=so-accounting,DC=com\x04.CN=Configuration,DC=vo,DC=so-accounting,DC=com\x048CN=Schema,CN=Configuration,DC=vo,DC=so-accounting,DC=com\x04/DC=DomainDnsZones,DC=vo,DC=so-accounting,DC=com\x04/DC=ForestDnsZones,DC=vo,DC=so-accounting,DC=com0\x84\x00\x00\x00\x1c\x04\x0eisSynchronized1\x84\x00\x00\x00\x06\x04\x04TRUE0\x84\x00\x00\x00&\x04\x13highestCommittedUSN1\x84\x00\x00\x00\x0b\x04\t2310936160\x84\x00\x00\x00\x8e\x04\rdsServiceName1\x84\x00\x00\x00y\x04wCN=NTDS Settings,CN=APP01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=vo,DC=so-accounting,DC=com0\x84\x00\x00\x00/\x04\x0bdnsHostName1\x84\x00\x00\x00\x1c\x04\x1aapp01.vo.so-accounting.com0\x84\x00\x00\x00;\x04\x14defaultNamingCon\x00\x00\x00\x00W\xd5Cf\xf3\xdcd$\xe5\x00\x00\x00\xe5\x00\x00\x00\x01\x00\x00 V\x00d\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x11\x00\x08\x00\x02\x00\x00\x00\x01\x00\x00\x06\x001F7\xf6\xc1n\x93\xb9\xa5\xbf\x1a\x00Q\xcd
703707298 | 2024-05-12T18:34:50.765990443 / tcp
HTTP/1.1 200 OK Content-Type: text/html Last-Modified: Wed, 07 Jul 2021 14:51:33 GMT Accept-Ranges: bytes ETag: "c4a2e7933f73d71:0" Server: Microsoft-IIS/10.0 X-Powered-By: ASP.NET Date: Sun, 12 May 2024 18:33:56 GMT Content-Length: 703
Certificate: Data: Version: 3 (0x2) Serial Number: 11:8e:87:c9:2c:f4:42:ac:46:46:79:75:42:71:3d:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=app01.vo.so-accounting.com Validity Not Before: Jul 6 14:54:01 2021 GMT Not After : Jan 5 14:54:01 2022 GMT Subject: CN=app01.vo.so-accounting.com Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:bc:3e:ab:d3:2d:86:a9:72:00:74:c7:e1:e2:6d: 99:23:5f:2f:37:2d:a1:67:51:b2:b1:67:5e:48:19: 37:24:14:14:a9:ed:3d:27:1a:c3:61:ce:94:ac:d8: 7a:21:9a:03:0f:a9:71:1f:61:49:7a:38:5a:ad:64: 48:e9:fb:49:df:cb:13:f9:0f:c1:3a:8e:7b:3d:13: 82:54:26:3e:ad:5d:b5:92:81:46:65:99:f3:8f:7d: 98:03:87:48:41:d6:d3:ca:68:bb:63:b4:25:98:7e: 72:15:a6:42:af:6e:8a:2e:72:33:fb:b5:23:76:da: 90:2d:4b:de:8d:5b:83:0a:24:6f:82:91:e2:a6:ee: 2a:92:18:49:11:31:3d:a4:b9:6f:63:40:4e:23:ab: b9:9c:0a:e0:91:a8:53:3e:14:8c:79:c5:91:78:3d: e7:34:60:b1:1d:ba:64:6f:11:63:d6:2d:c9:f3:2f: a8:95:06:14:4e:07:05:83:49:a5:47:0f:0b:a2:dd: d2:7b:b9:77:aa:83:8c:97:e2:0f:f8:d9:99:29:9e: 59:be:43:15:b4:4f:b4:6b:22:05:cc:a4:41:3c:60: 3d:3d:dc:c4:96:49:53:de:e2:c6:70:1a:c9:fe:65: 45:65:b9:a4:83:54:89:98:04:85:64:39:67:cb:72: 69:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Extended Key Usage: TLS Web Server Authentication X509v3 Key Usage: Key Encipherment, Data Encipherment Signature Algorithm: sha256WithRSAEncryption Signature Value: 7c:bd:b0:b6:73:95:8d:64:e1:ec:72:4f:ca:ce:44:f0:d6:a4: d7:9e:ea:05:9e:83:32:e0:72:53:4a:e4:09:d6:f7:8c:02:e0: dd:2d:e3:97:72:e6:71:43:dc:aa:4e:f6:96:d2:4a:ae:ae:99: 7f:74:75:93:41:cc:c0:75:76:35:8a:d7:47:43:17:9f:83:c9: 8f:5f:ae:a4:c4:ee:5a:e2:15:db:a6:1e:57:2b:09:c2:62:f3: 8f:77:af:dc:bd:27:f2:91:8c:2a:a7:19:1c:30:2b:08:7e:57: 13:1c:c1:54:f0:15:c2:19:f2:31:d9:fa:1a:0f:7e:0a:df:77: 56:94:dd:b5:2c:96:33:15:5c:52:bb:41:14:7d:e7:d9:96:b4: f4:74:82:17:f7:58:2f:b5:ae:68:3e:e0:0d:71:49:2f:0b:c7: 48:f2:c6:27:d3:d7:78:c0:72:b6:59:2e:22:63:5b:42:3a:82: af:6c:59:94:c2:8f:11:07:17:8c:35:04:46:a4:b3:a2:df:f2: ab:0a:f8:ba:2e:84:b0:5b:c7:a0:9f:a5:45:38:56:9b:85:a0: e8:87:29:c2:d3:71:84:8d:b2:18:45:cb:2a:71:e0:83:df:2d: f0:3e:b0:32:3a:cb:e2:97:4a:bb:97:99:da:8a:f0:05:8a:d8: 4c:82:36:0f
-1166656618 | 2024-05-12T11:15:28.471013445 / tcp
SMB Status: Authentication: enabled SMB Version: 2 Capabilities: raw-mode
704641311 | 2024-05-14T03:59:47.395680593 / tcp
ncacn_http/1.0 Microsoft RPC Endpoint Mapper over HTTP d95afe70-a6d5-4259-822e-2c84da1ddb0d version: v1.0 protocol: [MS-RSP]: Remote Shutdown Protocol provider: wininit.exe ncacn_ip_tcp: 83.136.249.45:49664 ncalrpc: WindowsShutdown ncacn_np: \\APP01\PIPE\InitShutdown ncalrpc: WMsgKRpc05A940 76f226c3-ec14-4325-8a99-6a46348418af version: v1.0 provider: winlogon.exe ncalrpc: WindowsShutdown ncacn_np: \\APP01\PIPE\InitShutdown ncalrpc: WMsgKRpc05A940 ncalrpc: WMsgKRpc05CC31 ncalrpc: WMsgKRpc020952B534 ncalrpc: WMsgKRpc1590AFA207 fc48cd89-98d6-4628-9839-86f7a3e4161a version: v1.0 ncalrpc: dabrpc ncalrpc: csebpub ncalrpc: LRPC-18b29938b8ff6729c7 ncalrpc: LRPC-8cb0143214520c43cc ncalrpc: LRPC-0b96c39f369d0e1c2d ncalrpc: LRPC-d1fdb8829b8744cf3f ncalrpc: LRPC-c9a11383d63f90cbcc ncalrpc: OLEE3B22366339C224DBFF673DFF0B7 ncalrpc: LRPC-32b4456cfaad1dd79e ncalrpc: actkernel ncalrpc: umpo d09bdeb5-6171-4a34-bfe2-06fa82652568 version: v1.0 ncalrpc: csebpub ncalrpc: LRPC-18b29938b8ff6729c7 ncalrpc: LRPC-8cb0143214520c43cc ncalrpc: LRPC-0b96c39f369d0e1c2d ncalrpc: LRPC-d1fdb8829b8744cf3f ncalrpc: LRPC-c9a11383d63f90cbcc ncalrpc: OLEE3B22366339C224DBFF673DFF0B7 ncalrpc: LRPC-32b4456cfaad1dd79e ncalrpc: actkernel ncalrpc: umpo ncalrpc: LRPC-8cb0143214520c43cc ncalrpc: LRPC-0b96c39f369d0e1c2d ncalrpc: LRPC-d1fdb8829b8744cf3f ncalrpc: LRPC-c9a11383d63f90cbcc ncalrpc: OLEE3B22366339C224DBFF673DFF0B7 ncalrpc: LRPC-32b4456cfaad1dd79e ncalrpc: actkernel ncalrpc: umpo ncalrpc: LRPC-0b96c39f369d0e1c2d ncalrpc: LRPC-d1fdb8829b8744cf3f ncalrpc: LRPC-c9a11383d63f90cbcc ncalrpc: OLEE3B22366339C224DBFF673DFF0B7 ncalrpc: LRPC-32b4456cfaad1dd79e ncalrpc: actkernel ncalrpc: umpo ncalrpc: LRPC-8c9124b8d7ff1de2e8 ncalrpc: LRPC-d5479f6d065e45b048 697dcda9-3ba9-4eb2-9247-e11f1901b0d2 version: v1.0 ncalrpc: LRPC-18b29938b8ff6729c7 ncalrpc: LRPC-8cb0143214520c43cc ncalrpc: LRPC-0b96c39f369d0e1c2d ncalrpc: LRPC-d1fdb8829b8744cf3f ncalrpc: LRPC-c9a11383d63f90cbcc ncalrpc: OLEE3B22366339C224DBFF673DFF0B7 ncalrpc: LRPC-32b4456cfaad1dd79e ncalrpc: actkernel ncalrpc: umpo 9b008953-f195-4bf9-bde0-4471971e58ed version: v1.0 ncalrpc: LRPC-8cb0143214520c43cc ncalrpc: LRPC-0b96c39f369d0e1c2d ncalrpc: LRPC-d1fdb8829b8744cf3f ncalrpc: LRPC-c9a11383d63f90cbcc ncalrpc: OLEE3B22366339C224DBFF673DFF0B7 ncalrpc: LRPC-32b4456cfaad1dd79e ncalrpc: actkernel ncalrpc: umpo dd59071b-3215-4c59-8481-972edadc0f6a version: v1.0 ncalrpc: umpo 0d47017b-b33b-46ad-9e18-fe96456c5078 version: v1.0 ncalrpc: umpo 95406f0b-b239-4318-91bb-cea3a46ff0dc version: v1.0 ncalrpc: umpo 4ed8abcc-f1e2-438b-981f-bb0e8abc010c version: v1.0 ncalrpc: umpo 0ff1f646-13bb-400a-ab50-9a78f2b7a85a version: v1.0 ncalrpc: umpo 6982a06e-5fe2-46b1-b39c-a2c545bfa069 version: v1.0 ncalrpc: umpo 082a3471-31b6-422a-b931-a54401960c62 version: v1.0 ncalrpc: umpo fae436b0-b864-4a87-9eda-298547cd82f2 version: v1.0 ncalrpc: umpo e53d94ca-7464-4839-b044-09a2fb8b3ae5 version: v1.0 ncalrpc: umpo 178d84be-9291-4994-82c6-3f909aca5a03 version: v1.0 ncalrpc: umpo 4dace966-a243-4450-ae3f-9b7bcb5315b8 version: v2.0 ncalrpc: umpo 1832bcf6-cab8-41d4-85d2-c9410764f75a version: v1.0 ncalrpc: umpo c521facf-09a9-42c5-b155-72388595cbf0 version: v0.0 ncalrpc: umpo 2c7fd9ce-e706-4b40-b412-953107ef9bb0 version: v0.0 ncalrpc: umpo 88abcbc3-34ea-76ae-8215-767520655a23 version: v0.0 ncalrpc: LRPC-d1fdb8829b8744cf3f ncalrpc: LRPC-c9a11383d63f90cbcc ncalrpc: OLEE3B22366339C224DBFF673DFF0B7 ncalrpc: LRPC-32b4456cfaad1dd79e ncalrpc: actkernel ncalrpc: umpo 76c217bc-c8b4-4201-a745-373ad9032b1a version: v1.0 ncalrpc: LRPC-d1fdb8829b8744cf3f ncalrpc: LRPC-c9a11383d63f90cbcc ncalrpc: OLEE3B22366339C224DBFF673DFF0B7 ncalrpc: LRPC-32b4456cfaad1dd79e ncalrpc: actkernel ncalrpc: umpo 55e6b932-1979-45d6-90c5-7f6270724112 version: v1.0 ncalrpc: LRPC-d1fdb8829b8744cf3f ncalrpc: LRPC-c9a11383d63f90cbcc ncalrpc: OLEE3B22366339C224DBFF673DFF0B7 ncalrpc: LRPC-32b4456cfaad1dd79e ncalrpc: actkernel ncalrpc: umpo 857fb1be-084f-4fb5-b59c-4b2c4be5f0cf version: v1.0 ncalrpc: LRPC-c9a11383d63f90cbcc ncalrpc: OLEE3B22366339C224DBFF673DFF0B7 ncalrpc: LRPC-32b4456cfaad1dd79e ncalrpc: actkernel ncalrpc: umpo b8cadbaf-e84b-46b9-84f2-6f71c03f9e55 version: v1.0 ncalrpc: LRPC-c9a11383d63f90cbcc ncalrpc: OLEE3B22366339C224DBFF673DFF0B7 ncalrpc: LRPC-32b4456cfaad1dd79e ncalrpc: actkernel ncalrpc: umpo 20c40295-8dba-48e6-aebf-3e78ef3bb144 version: v1.0 ncalrpc: LRPC-c9a11383d63f90cbcc ncalrpc: OLEE3B22366339C224DBFF673DFF0B7 ncalrpc: LRPC-32b4456cfaad1dd79e ncalrpc: actkernel ncalrpc: umpo 2513bcbe-6cd4-4348-855e-7efb3c336dd3 version: v1.0 ncalrpc: LRPC-c9a11383d63f90cbcc ncalrpc: OLEE3B22366339C224DBFF673DFF0B7 ncalrpc: LRPC-32b4456cfaad1dd79e ncalrpc: actkernel ncalrpc: umpo 0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e version: v1.0 ncalrpc: LRPC-32b4456cfaad1dd79e ncalrpc: actkernel ncalrpc: umpo c605f9fb-f0a3-4e2a-a073-73560f8d9e3e version: v1.0 ncalrpc: LRPC-32b4456cfaad1dd79e ncalrpc: actkernel ncalrpc: umpo 1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0 version: v1.0 ncalrpc: LRPC-32b4456cfaad1dd79e ncalrpc: actkernel ncalrpc: umpo 8bfc3be1-6def-4e2d-af74-7c47cd0ade4a version: v1.0 ncalrpc: LRPC-32b4456cfaad1dd79e ncalrpc: actkernel ncalrpc: umpo 2d98a740-581d-41b9-aa0d-a88b9d5ce938 version: v1.0 ncalrpc: LRPC-32b4456cfaad1dd79e ncalrpc: actkernel ncalrpc: umpo 0361ae94-0316-4c6c-8ad8-c594375800e2 version: v1.0 ncalrpc: umpo 5824833b-3c1a-4ad2-bdfd-c31d19e23ed2 version: v1.0 ncalrpc: umpo bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760 version: v1.0 ncalrpc: umpo 3b338d89-6cfa-44b8-847e-531531bc9992 version: v1.0 ncalrpc: umpo 8782d3b9-ebbd-4644-a3d8-e8725381919b version: v1.0 ncalrpc: umpo 085b0334-e454-4d91-9b8c-4134f9e793f3 version: v1.0 ncalrpc: umpo 4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9 version: v1.0 ncalrpc: umpo c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 version: v1.0 annotation: Impl friendly name provider: sysntfy.dll ncalrpc: LRPC-7326013da814e113ba ncalrpc: LRPC-991db8559791efa038 ncalrpc: IUserProfile2 ncalrpc: LRPC-342f9678ffc4fe471b ncalrpc: senssvc ncalrpc: LRPC-6d8cfdd267287c80f7 ncalrpc: OLEEAE70AE94BCE373C24FC7D1F314A ncacn_ip_tcp: 83.136.249.45:49669 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\APP01\pipe\lsass 7ea70bcf-48af-4f6a-8968-6a440754d5fa version: v1.0 annotation: NSI server endpoint provider: nsisvc.dll ncalrpc: LRPC-b6f352f43dffad8ca2 30adc50c-5cbc-46ce-9a0e-91914789e23c version: v1.0 annotation: NRP server endpoint provider: nrpsrv.dll ncalrpc: LRPC-3bc275bb6e2174c493 a500d4c6-0dd1-4543-bc0c-d5f93486eaf8 version: v1.0 ncalrpc: LRPC-e30a6563c0c918b06a ncalrpc: LRPC-8c9124b8d7ff1de2e8 e40f7b57-7a25-4cd3-a135-7f7d3df9d16b version: v1.0 annotation: Network Connection Broker server endpoint ncalrpc: LRPC-fd180cc9818f154eb4 ncalrpc: OLEDD8C41FDA943BB4564C53426A67E ncalrpc: LRPC-4898a49e43e9e2fc9c ncalrpc: LRPC-d5479f6d065e45b048 880fd55e-43b9-11e0-b1a8-cf4edfd72085 version: v1.0 annotation: KAPI Service endpoint ncalrpc: LRPC-fd180cc9818f154eb4 ncalrpc: OLEDD8C41FDA943BB4564C53426A67E ncalrpc: LRPC-4898a49e43e9e2fc9c ncalrpc: LRPC-d5479f6d065e45b048 5222821f-d5e2-4885-84f1-5f6185a0ec41 version: v1.0 annotation: Network Connection Broker server endpoint for NCB Reset module ncalrpc: LRPC-4898a49e43e9e2fc9c ncalrpc: LRPC-d5479f6d065e45b048 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5 version: v1.0 annotation: DHCP Client LRPC Endpoint provider: dhcpcsvc.dll ncalrpc: dhcpcsvc ncalrpc: dhcpcsvc6 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6 version: v1.0 annotation: DHCPv6 Client LRPC Endpoint provider: dhcpcsvc6.dll ncalrpc: dhcpcsvc6 f6beaff7-1e19-4fbb-9f8f-b89e2018337c version: v1.0 annotation: Event log TCPIP protocol: [MS-EVEN6]: EventLog Remoting Protocol provider: wevtsvc.dll ncacn_ip_tcp: 83.136.249.45:49665 ncacn_np: \\APP01\pipe\eventlog ncalrpc: eventlog 89759fce-5a25-4086-8967-de12f39a60b5 version: v1.0 provider: tssdjet.dll ncacn_ip_tcp: 83.136.249.45:49666 ncalrpc: LcRpc ncalrpc: OLEBDF601FEF204C10958C00C68975D 9b3195fe-d603-43d1-a0d5-9072d7cde122 version: v1.0 provider: tssdjet.dll ncacn_ip_tcp: 83.136.249.45:49666 ncalrpc: LcRpc ncalrpc: OLEBDF601FEF204C10958C00C68975D 2eb08e3e-639f-4fba-97b1-14f878961076 version: v1.0 annotation: Group Policy RPC Interface provider: gpsvc.dll ncalrpc: LRPC-59083e5cfd011c3182 3a9ef155-691d-4449-8d05-09ad57031823 version: v1.0 ncacn_ip_tcp: 83.136.249.45:49667 ncalrpc: LRPC-fb52fb0e1cac2d9b50 ncalrpc: ubpmtaskhostchannel ncacn_np: \\APP01\PIPE\atsvc ncalrpc: LRPC-5374b3daef821662ce 86d35949-83c9-4044-b424-db363231fd0c version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: schedsvc.dll ncacn_ip_tcp: 83.136.249.45:49667 ncalrpc: LRPC-fb52fb0e1cac2d9b50 ncalrpc: ubpmtaskhostchannel ncacn_np: \\APP01\PIPE\atsvc ncalrpc: LRPC-5374b3daef821662ce 33d84484-3626-47ee-8c6f-e7e98b113be1 version: v2.0 ncalrpc: LRPC-fb52fb0e1cac2d9b50 ncalrpc: ubpmtaskhostchannel ncacn_np: \\APP01\PIPE\atsvc ncalrpc: LRPC-5374b3daef821662ce 378e52b0-c0a9-11cf-822d-00aa0051e40f version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: taskcomp.dll ncacn_np: \\APP01\PIPE\atsvc ncalrpc: LRPC-5374b3daef821662ce 1ff70682-0a51-30e8-076d-740be8cee98b version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: taskcomp.dll ncacn_np: \\APP01\PIPE\atsvc ncalrpc: LRPC-5374b3daef821662ce 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53 version: v1.0 provider: schedsvc.dll ncalrpc: LRPC-5374b3daef821662ce 2fb92682-6599-42dc-ae13-bd2ca89bd11c version: v1.0 annotation: Fw APIs provider: MPSSVC.dll ncalrpc: LRPC-c06247b8ccae69a637 ncalrpc: LRPC-868243ac4c9179ddd3 ncalrpc: LRPC-72928cd1c9f08ffab7 ncalrpc: LRPC-954ab943b92c8cdd1b f47433c3-3e9d-4157-aad4-83aa1f5c2d4c version: v1.0 annotation: Fw APIs ncalrpc: LRPC-868243ac4c9179ddd3 ncalrpc: LRPC-72928cd1c9f08ffab7 ncalrpc: LRPC-954ab943b92c8cdd1b 7f9d11bf-7fb9-436b-a812-b2d50c5d4c03 version: v1.0 annotation: Fw APIs provider: MPSSVC.dll ncalrpc: LRPC-72928cd1c9f08ffab7 ncalrpc: LRPC-954ab943b92c8cdd1b dd490425-5325-4565-b774-7e27d6c09c24 version: v1.0 annotation: Base Firewall Engine API provider: BFE.DLL ncalrpc: LRPC-954ab943b92c8cdd1b c2d1b5dd-fa81-4460-9dd6-e7658b85454b version: v1.0 ncalrpc: LRPC-a13de2bc04b995db9c ncalrpc: OLE580984FB78813CBF5993A3BBB242 f44e62af-dab1-44c2-8013-049a9de417d6 version: v1.0 ncalrpc: LRPC-a13de2bc04b995db9c ncalrpc: OLE580984FB78813CBF5993A3BBB242 7aeb6705-3ae6-471a-882d-f39c109edc12 version: v1.0 ncalrpc: LRPC-a13de2bc04b995db9c ncalrpc: OLE580984FB78813CBF5993A3BBB242 e7f76134-9ef5-4949-a2d6-3368cc0988f3 version: v1.0 ncalrpc: LRPC-a13de2bc04b995db9c ncalrpc: OLE580984FB78813CBF5993A3BBB242 b37f900a-eae4-4304-a2ab-12bb668c0188 version: v1.0 ncalrpc: LRPC-a13de2bc04b995db9c ncalrpc: OLE580984FB78813CBF5993A3BBB242 abfb6ca3-0c5e-4734-9285-0aee72fe8d1c version: v1.0 ncalrpc: LRPC-a13de2bc04b995db9c ncalrpc: OLE580984FB78813CBF5993A3BBB242 c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1 version: v1.0 annotation: Adh APIs ncalrpc: OLEDA271F1CEB27F8BB45188032304B ncalrpc: TeredoControl ncalrpc: TeredoDiagnostics ncalrpc: LRPC-1f6bfd7af38534ba6c c36be077-e14b-4fe9-8abc-e856ef4f048b version: v1.0 annotation: Proxy Manager client server endpoint ncalrpc: TeredoControl ncalrpc: TeredoDiagnostics ncalrpc: LRPC-1f6bfd7af38534ba6c 2e6035b2-e8f1-41a7-a044-656b439c4c34 version: v1.0 annotation: Proxy Manager provider server endpoint ncalrpc: TeredoControl ncalrpc: TeredoDiagnostics ncalrpc: LRPC-1f6bfd7af38534ba6c 552d076a-cb29-4e44-8b6a-d15e59e2c0af version: v1.0 annotation: IP Transition Configuration endpoint provider: iphlpsvc.dll ncalrpc: LRPC-1f6bfd7af38534ba6c 0d3c7f20-1c8d-4654-a1b3-51563b298bda version: v1.0 annotation: UserMgrCli ncalrpc: LRPC-7c7e60db48a0ff1bb3 ncalrpc: OLE11FF3E99012C40F984E61EC31226 b18fbab6-56f8-4702-84e0-41053293a869 version: v1.0 annotation: UserMgrCli ncalrpc: LRPC-7c7e60db48a0ff1bb3 ncalrpc: OLE11FF3E99012C40F984E61EC31226 7f1343fe-50a9-4927-a778-0c5859517bac version: v1.0 annotation: DfsDs service ncacn_np: \\APP01\PIPE\wkssvc ncalrpc: LRPC-2ddcde60010d4555c6 eb081a0d-10ee-478a-a1dd-50995283e7a8 version: v3.0 annotation: Witness Client Test Interface ncalrpc: LRPC-2ddcde60010d4555c6 f2c9b409-c1c9-4100-8639-d8ab1486694a version: v1.0 annotation: Witness Client Upcall Server ncalrpc: LRPC-2ddcde60010d4555c6 30b044a5-a225-43f0-b3a4-e060df91f9c1 version: v1.0 provider: certprop.dll ncalrpc: LRPC-e1ddea55fe699b4050 29770a8f-829b-4158-90a2-78cd488501f7 version: v1.0 ncacn_ip_tcp: 83.136.249.45:49671 ncacn_np: \\APP01\pipe\SessEnvPublicRpc ncalrpc: SessEnvPrivateRpc ncalrpc: OLE4EE32D7C931455B6B82A785268A1 ncalrpc: LRPC-6d8cfdd267287c80f7 04eeb297-cbf4-466b-8a2a-bfd6a2f10bba version: v1.0 annotation: EFSK RPC Interface provider: efssvc.dll ncacn_np: \\APP01\pipe\efsrpc ncalrpc: LRPC-2295e287795c4a8348 df1941c5-fe89-4e79-bf10-463657acf44d version: v1.0 annotation: EFS RPC Interface provider: efssvc.dll ncacn_np: \\APP01\pipe\efsrpc ncalrpc: LRPC-2295e287795c4a8348 51a227ae-825b-41f2-b4a9-1ac9557a1018 version: v1.0 annotation: Ngc Pop Key Service ncacn_ip_tcp: 83.136.249.45:49675 ncalrpc: NETLOGON_LRPC ncacn_ip_tcp: 83.136.249.45:49673 ncacn_np: \\APP01\pipe\bebfd3639986af16 ncacn_ip_http: 83.136.249.45:49672 ncalrpc: NTDS_LPC ncalrpc: OLEEAE70AE94BCE373C24FC7D1F314A ncacn_ip_tcp: 83.136.249.45:49669 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\APP01\pipe\lsass 8fb74744-b2ff-4c00-be0d-9ef9a191fe1b version: v1.0 annotation: Ngc Pop Key Service ncacn_ip_tcp: 83.136.249.45:49675 ncalrpc: NETLOGON_LRPC ncacn_ip_tcp: 83.136.249.45:49673 ncacn_np: \\APP01\pipe\bebfd3639986af16 ncacn_ip_http: 83.136.249.45:49672 ncalrpc: NTDS_LPC ncalrpc: OLEEAE70AE94BCE373C24FC7D1F314A ncacn_ip_tcp: 83.136.249.45:49669 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\APP01\pipe\lsass b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86 version: v2.0 annotation: KeyIso ncacn_ip_tcp: 83.136.249.45:49675 ncalrpc: NETLOGON_LRPC ncacn_ip_tcp: 83.136.249.45:49673 ncacn_np: \\APP01\pipe\bebfd3639986af16 ncacn_ip_http: 83.136.249.45:49672 ncalrpc: NTDS_LPC ncalrpc: OLEEAE70AE94BCE373C24FC7D1F314A ncacn_ip_tcp: 83.136.249.45:49669 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\APP01\pipe\lsass 12345678-1234-abcd-ef00-01234567cffb version: v1.0 protocol: [MS-NRPC]: Netlogon Remote Protocol provider: netlogon.dll ncacn_ip_tcp: 83.136.249.45:49675 ncalrpc: NETLOGON_LRPC ncacn_ip_tcp: 83.136.249.45:49673 ncacn_np: \\APP01\pipe\bebfd3639986af16 ncacn_ip_http: 83.136.249.45:49672 ncalrpc: NTDS_LPC ncalrpc: OLEEAE70AE94BCE373C24FC7D1F314A ncacn_ip_tcp: 83.136.249.45:49669 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\APP01\pipe\lsass 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7 version: v0.0 annotation: RemoteAccessCheck protocol: [MS-RAA]: Remote Authorization API Protocol ncalrpc: NETLOGON_LRPC ncacn_ip_tcp: 83.136.249.45:49673 ncacn_np: \\APP01\pipe\bebfd3639986af16 ncacn_ip_http: 83.136.249.45:49672 ncalrpc: NTDS_LPC ncalrpc: OLEEAE70AE94BCE373C24FC7D1F314A ncacn_ip_tcp: 83.136.249.45:49669 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\APP01\pipe\lsass ncalrpc: NETLOGON_LRPC ncacn_ip_tcp: 83.136.249.45:49673 ncacn_np: \\APP01\pipe\bebfd3639986af16 ncacn_ip_http: 83.136.249.45:49672 ncalrpc: NTDS_LPC ncalrpc: OLEEAE70AE94BCE373C24FC7D1F314A ncacn_ip_tcp: 83.136.249.45:49669 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\APP01\pipe\lsass 12345778-1234-abcd-ef00-0123456789ac version: v1.0 protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol provider: samsrv.dll ncacn_ip_tcp: 83.136.249.45:49673 ncacn_np: \\APP01\pipe\bebfd3639986af16 ncacn_ip_http: 83.136.249.45:49672 ncalrpc: NTDS_LPC ncalrpc: OLEEAE70AE94BCE373C24FC7D1F314A ncacn_ip_tcp: 83.136.249.45:49669 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\APP01\pipe\lsass 12345778-1234-abcd-ef00-0123456789ab version: v0.0 protocol: [MS-LSAT]: Local Security Authority (Translation Methods) Remote provider: lsasrv.dll ncacn_np: \\APP01\pipe\bebfd3639986af16 ncacn_ip_http: 83.136.249.45:49672 ncalrpc: NTDS_LPC ncalrpc: OLEEAE70AE94BCE373C24FC7D1F314A ncacn_ip_tcp: 83.136.249.45:49669 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\APP01\pipe\lsass e3514235-4b06-11d1-ab04-00c04fc2dcd2 version: v4.0 annotation: MS NT Directory DRS Interface protocol: [MS-DRSR]: Directory Replication Service (DRS) Remote Protocol provider: ntdsai.dll ncacn_np: \\APP01\pipe\bebfd3639986af16 ncacn_ip_http: 83.136.249.45:49672 ncalrpc: NTDS_LPC ncalrpc: OLEEAE70AE94BCE373C24FC7D1F314A ncacn_ip_tcp: 83.136.249.45:49669 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\APP01\pipe\lsass 1a0d010f-1c33-432c-b0f5-8cf4e8053099 version: v1.0 annotation: IdSegSrv service ncalrpc: LRPC-6993c946fe069dce39 98716d03-89ac-44c7-bb8c-285824e51c4a version: v1.0 annotation: XactSrv service provider: srvsvc.dll ncalrpc: LRPC-6993c946fe069dce39 df4df73a-c52d-4e3a-8003-8437fdf8302a version: v0.0 annotation: WM_WindowManagerRPC\Server ncalrpc: LRPC-72679d34bb6b752a3c a398e520-d59a-4bdd-aa7a-3c1e0303a511 version: v1.0 annotation: IKE/Authip API provider: IKEEXT.DLL ncalrpc: LRPC-02c0fcdf167a86ffa3 b58aa02e-2884-4e97-8176-4ee06d794184 version: v1.0 provider: sysmain.dll ncalrpc: LRPC-20ffda53b5a98f9348 3d267954-eeb7-11d1-b94e-00c04fa3080d version: v1.0 provider: lserver.dll ncacn_ip_tcp: 83.136.249.45:49679 ncacn_np: \\APP01\pipe\HydraLsPipe ncalrpc: LRPC-fc48b2548074698c0a 650a7e26-eab8-5533-ce43-9c1dfce11511 version: v1.0 annotation: Vpn APIs ncalrpc: LRPC-284d229d49bf896b91 ncalrpc: VpnikeRpc ncalrpc: RasmanLrpc ncacn_np: \\APP01\PIPE\ROUTER 98cd761e-e77d-41c8-a3c0-0fb756d90ec2 version: v1.0 ncalrpc: LRPC-94450eaf4ffa92dddc d22895ef-aff4-42c5-a5b2-b14466d34ab4 version: v1.0 ncalrpc: LRPC-94450eaf4ffa92dddc e38f5360-8572-473e-b696-1b46873beeab version: v1.0 ncalrpc: LRPC-94450eaf4ffa92dddc 95095ec8-32ea-4eb0-a3e2-041f97b36168 version: v1.0 ncalrpc: LRPC-94450eaf4ffa92dddc fd8be72b-a9cd-4b2c-a9ca-4ded242fbe4d version: v1.0 ncalrpc: LRPC-94450eaf4ffa92dddc 4c9dbf19-d39e-4bb9-90ee-8f7179b20283 version: v1.0 ncalrpc: LRPC-94450eaf4ffa92dddc f3f09ffd-fbcf-4291-944d-70ad6e0e73bb version: v1.0 ncalrpc: LRPC-c4aa6562eeb62926d7 ncalrpc: LRPC-a39ab661d3c35cb015 ncalrpc: LRPC-8d29b3186e88e36a1c ed96b012-c8ce-4f60-a682-35535b12ff75 version: v2.0 ncacn_ip_tcp: 83.136.249.45:5504 ncalrpc: OLE2B0B97B24F74313960ED86249C05 367abb81-9844-35f1-ad32-98f038001003 version: v2.0 protocol: [MS-SCMR]: Service Control Manager Remote Protocol provider: services.exe ncacn_ip_tcp: 83.136.249.45:49686 32e36e84-4ba2-496c-ba85-fb450f325107 version: v2.0 ncalrpc: TSSessionDirectoryQueryApi ncacn_ip_tcp: 83.136.249.45:49687 c95fc993-f460-4763-a00d-bb3b9e5c7e2e version: v1.0 ncacn_ip_tcp: 83.136.249.45:49687 aa177641-fc9b-41bd-80ff-f964a701596f version: v1.0 provider: tssdis.exe ncacn_ip_tcp: 83.136.249.45:49687 50abc2a4-574d-40b3-9d66-ee4fd5fba076 version: v5.0 protocol: [MS-DNSP]: Domain Name Service (DNS) Server Management provider: dns.exe ncacn_ip_tcp: 83.136.249.45:49697 906b0ce0-c70b-1067-b317-00dd010662da version: v1.0 protocol: [MS-CMPO]: MSDTC Connection Manager: provider: msdtcprx.dll ncalrpc: LRPC-3540cd4f1158603649 ncalrpc: LRPC-3540cd4f1158603649 ncalrpc: LRPC-3540cd4f1158603649 897e2e5f-93f3-4376-9c9c-fd2277495c27 version: v1.0 annotation: Frs2 Service protocol: [MS-FRS2]: Distributed File System Replication Protocol provider: dfsrmig.exe ncacn_ip_tcp: 83.136.249.45:49755 ncalrpc: OLE65A20E791B82666856FE1564BD0D 54b4c689-969a-476f-8dc2-990885e9f562 version: v0.0 ncalrpc: LRPC-57feda1f3800c045a3 be7f785e-0e3a-4ab7-91de-7e46e443be29 version: v0.0 ncalrpc: LRPC-57feda1f3800c045a3 bf4dc912-e52f-4904-8ebe-9317c1bdd497 version: v1.0 ncalrpc: LRPC-b491b3560ca4856539 ncalrpc: OLE898914204F9A881D57F52301C43B 58e604e8-9adb-4d2e-a464-3b0683fb1480 version: v1.0 annotation: AppInfo provider: appinfo.dll ncalrpc: LRPC-95954f3bf319fa9f79 fd7a0523-dc70-43dd-9b2e-9c5ed48225b1 version: v1.0 annotation: AppInfo provider: appinfo.dll ncalrpc: LRPC-95954f3bf319fa9f79 5f54ce7d-5b79-4175-8584-cb65313a0e98 version: v1.0 annotation: AppInfo provider: appinfo.dll ncalrpc: LRPC-95954f3bf319fa9f79 201ef99a-7fa0-444c-9399-19ba84f12a1a version: v1.0 annotation: AppInfo provider: appinfo.dll ncalrpc: LRPC-95954f3bf319fa9f79 0497b57d-2e66-424f-a0c6-157cd5d41700 version: v1.0 annotation: AppInfo ncalrpc: LRPC-95954f3bf319fa9f79 0767a036-0d22-48aa-ba69-b619480f38cb version: v1.0 annotation: PcaSvc provider: pcasvc.dll ncalrpc: LRPC-7f4df9d67493e9d32d a4b8d482-80ce-40d6-934d-b22a01a44fe7 version: v1.0 annotation: LicenseManager ncalrpc: LicenseServiceEndpoint 12e65dd8-887f-41ef-91bf-8d816c42c2e7 version: v1.0 annotation: Secure Desktop LRPC interface provider: winlogon.exe ncalrpc: WMsgKRpc020952B534 ncalrpc: WMsgKRpc1590AFA207 b1ef227e-dfa5-421e-82bb-67a6a129c496 version: v0.0 ncalrpc: LRPC-5bce3794543fc1b7a6 ncalrpc: OLE473F3F5B7CF510B0D13553C1A85E ncalrpc: LRPC-c96f49860059691da1 ncalrpc: OLE728458A9446D5E3B3AAF1C39694E 0fc77b1a-95d8-4a2e-a0c0-cff54237462b version: v0.0 ncalrpc: LRPC-5bce3794543fc1b7a6 ncalrpc: OLE473F3F5B7CF510B0D13553C1A85E ncalrpc: LRPC-c96f49860059691da1 ncalrpc: OLE728458A9446D5E3B3AAF1C39694E 8ec21e98-b5ce-4916-a3d6-449fa428a007 version: v0.0 ncalrpc: LRPC-5bce3794543fc1b7a6 ncalrpc: OLE473F3F5B7CF510B0D13553C1A85E ncalrpc: LRPC-c96f49860059691da1 ncalrpc: OLE728458A9446D5E3B3AAF1C39694E 76f03f96-cdfd-44fc-a22c-64950a001209 version: v1.0 protocol: [MS-PAR]: Print System Asynchronous Remote Protocol provider: spoolsv.exe ncacn_ip_tcp: 83.136.249.45:54720 ncalrpc: LRPC-e964253a9b98211353 4a452661-8290-4b36-8fbe-7f4093a94978 version: v1.0 provider: spoolsv.exe ncacn_ip_tcp: 83.136.249.45:54720 ncalrpc: LRPC-e964253a9b98211353 ae33069b-a2a8-46ee-a235-ddfd339be281 version: v1.0 protocol: [MS-PAN]: Print System Asynchronous Notification Protocol provider: spoolsv.exe ncacn_ip_tcp: 83.136.249.45:54720 ncalrpc: LRPC-e964253a9b98211353 0b6edbfa-4a24-4fc6-8a23-942b1eca65d1 version: v1.0 protocol: [MS-PAN]: Print System Asynchronous Notification Protocol provider: spoolsv.exe ncacn_ip_tcp: 83.136.249.45:54720 ncalrpc: LRPC-e964253a9b98211353 12345678-1234-abcd-ef00-0123456789ab version: v1.0 protocol: [MS-RPRN]: Print System Remote Protocol provider: spoolsv.exe ncacn_ip_tcp: 83.136.249.45:54720 ncalrpc: LRPC-e964253a9b98211353 3473dd4d-2e88-4006-9cba-22570909dd10 version: v5.256 annotation: WinHttp Auto-Proxy Service ncalrpc: a8c0c9a8-03c7-4065-a19b-20d48b5b0173 ncalrpc: LRPC-353c0e2d96409c6a04 c503f532-443a-4c69-8300-ccd1fbdb3839 version: v2.0 ncalrpc: LRPC-0ff67539567555edcb ncalrpc: OLE140F6D1E831BBD443C494A287659
489707540 | 2024-05-10T06:45:19.120268636 / tcp
LDAP: SupportedExtension: 1.2.840.113556.1.4.1781 1.2.840.113556.1.4.2212 1.3.6.1.4.1.1466.101.119.1 1.3.6.1.4.1.1466.20037 1.3.6.1.4.1.4203.1.11.3 SupportedSASLMechanisms: DIGEST-MD5 EXTERNAL GSS-SPNEGO GSSAPI SupportedLDAPVersion: 2 3 SupportedLDAPPolicies: InitRecvTimeout MaxBatchReturnMessages MaxConnIdleTime MaxConnections MaxDatagramRecv MaxDirSyncDuration MaxNotificationPerConn MaxPageSize MaxPercentDirSyncRequests MaxPoolThreads MaxQueryDuration MaxReceiveBuffer MaxResultSetSize MaxResultSetsPerConn MaxTempTableSize MaxValRange MaxValRangeTransitive MinResultSets SystemMemoryLimitPercent ThreadMemoryLimit SupportedControl: 1.2.840.113556.1.4.1338 1.2.840.113556.1.4.1339 1.2.840.113556.1.4.1340 1.2.840.113556.1.4.1341 1.2.840.113556.1.4.1413 1.2.840.113556.1.4.1504 1.2.840.113556.1.4.1852 1.2.840.113556.1.4.1907 1.2.840.113556.1.4.1948 1.2.840.113556.1.4.1974 1.2.840.113556.1.4.2026 1.2.840.113556.1.4.2064 1.2.840.113556.1.4.2065 1.2.840.113556.1.4.2066 1.2.840.113556.1.4.2090 1.2.840.113556.1.4.2204 1.2.840.113556.1.4.2205 1.2.840.113556.1.4.2206 1.2.840.113556.1.4.2211 1.2.840.113556.1.4.2239 1.2.840.113556.1.4.2255 1.2.840.113556.1.4.2256 1.2.840.113556.1.4.2309 1.2.840.113556.1.4.2330 1.2.840.113556.1.4.2354 1.2.840.113556.1.4.319 1.2.840.113556.1.4.417 1.2.840.113556.1.4.473 1.2.840.113556.1.4.474 1.2.840.113556.1.4.521 1.2.840.113556.1.4.528 1.2.840.113556.1.4.529 1.2.840.113556.1.4.619 1.2.840.113556.1.4.801 1.2.840.113556.1.4.802 1.2.840.113556.1.4.805 1.2.840.113556.1.4.841 1.2.840.113556.1.4.970 2.16.840.1.113730.3.4.10 2.16.840.1.113730.3.4.9 SupportedCapabilities: 1.2.840.113556.1.4.1670 1.2.840.113556.1.4.1791 1.2.840.113556.1.4.1935 1.2.840.113556.1.4.2080 1.2.840.113556.1.4.2237 1.2.840.113556.1.4.800 SubschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=vo,DC=so-accounting,DC=com ServerName: CN=APP01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=vo,DC=so-accounting,DC=com SchemaNamingContext: CN=Schema,CN=Configuration,DC=vo,DC=so-accounting,DC=com RootDomainNamingContext: DC=vo,DC=so-accounting,DC=com NamingContexts: CN=Configuration,DC=vo,DC=so-accounting,DC=com CN=Schema,CN=Configuration,DC=vo,DC=so-accounting,DC=com DC=DomainDnsZones,DC=vo,DC=so-accounting,DC=com DC=ForestDnsZones,DC=vo,DC=so-accounting,DC=com DC=vo,DC=so-accounting,DC=com LdapServiceName: vo.so-accounting.com:app01$@VO.SO-ACCOUNTING.COM IsSynchronized: TRUE IsGlobalCatalogReady: TRUE HighestCommittedUSN: 230066760 ForestFunctionality: 7 DsServiceName: CN=NTDS Settings,CN=APP01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=vo,DC=so-accounting,DC=com DomainFunctionality: 7 DnsHostName: app01.vo.so-accounting.com DefaultNamingContext: DC=vo,DC=so-accounting,DC=com CurrentTime: 20240510064441.0Z ConfigurationNamingContext: CN=Configuration,DC=vo,DC=so-accounting,DC=com
Certificate: Data: Version: 3 (0x2) Serial Number: 04:4f:eb:10:4b:80:ba:85:af:42:05:fa:3b:bc:fa:16:7c:2c Signature Algorithm: sha256WithRSAEncryption Issuer: C=US, O=Let's Encrypt, CN=R3 Validity Not Before: Mar 19 09:01:01 2024 GMT Not After : Jun 17 09:01:00 2024 GMT Subject: CN=app01.vo.so-accounting.com Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (3072 bit) Modulus: 00:97:96:ae:2b:e1:12:39:b8:be:e5:a8:dd:a4:8a: d6:5d:ea:3d:d3:86:a3:a6:98:16:f9:52:af:5c:6f: bc:01:bf:d0:68:31:75:c4:65:48:84:de:79:a3:7a: 0e:d0:7d:18:65:8f:d8:b9:d2:1c:73:88:b2:1b:20: 55:ff:33:10:bb:cb:6e:8c:bd:61:51:12:2b:15:e6: 6e:67:df:90:c6:1d:8d:ad:2e:c3:2d:01:b6:d0:00: 4c:41:5b:f0:ca:5f:4e:87:2f:6d:a4:52:83:08:ab: e4:22:94:ad:f1:f5:89:b5:04:e5:06:08:20:3a:7f: 3c:5e:e7:67:98:6d:60:62:d4:28:38:f5:0c:6f:f4: 1e:2c:1f:5a:29:0d:c4:08:da:e7:08:69:02:27:5a: fd:15:10:d5:a3:b3:cf:f2:bd:69:ab:e2:3d:f2:74: 0e:51:85:c4:c4:27:44:5b:4a:4a:f1:93:af:f0:ee: 8c:65:8c:be:3b:d2:7a:b4:ce:fc:69:8f:f7:12:c1: 7e:d9:6c:dd:83:1c:6b:85:fa:fd:fc:b0:4f:5a:32: 36:be:0c:84:47:32:dc:fe:6b:f1:cc:ac:71:72:ff: 3c:cb:99:f4:69:21:a2:05:e0:2a:14:47:86:90:20: e1:77:cf:7e:a9:ad:6a:a2:61:01:3b:2b:6f:be:5d: 63:62:82:8b:08:9a:4b:b0:82:cb:5d:b0:9b:64:ac: 3d:31:6d:ed:58:1c:15:26:25:0f:cf:64:2f:a6:5a: e9:9f:ed:49:14:dd:2c:4b:9f:21:34:47:c4:22:44: 8b:36:1f:bb:cb:6c:79:38:60:ec:fb:58:f8:f6:92: 1c:c3:f5:3f:c4:3f:d3:b0:5b:30:22:c1:b5:31:93: 6a:68:51:fb:cf:87:90:e5:59:ab:b4:bf:22:14:2a: 3a:f9:4e:ff:4a:f4:23:03:aa:5b:5d:9d:f4:df:33: ad:5d:80:e9:97:8c:e4:a4:f8:06:0f:d7:c1:54:dd: f1:65:6e:69:77:8e:27:33:f3:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Basic Constraints: critical CA:FALSE X509v3 Subject Key Identifier: A5:22:B8:35:86:B1:70:8F:4D:22:E7:72:6D:C6:EF:4B:70:45:A0:84 X509v3 Authority Key Identifier: 14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6 Authority Information Access: OCSP - URI:http://r3.o.lencr.org CA Issuers - URI:http://r3.i.lencr.org/ X509v3 Subject Alternative Name: DNS:app01.vo.so-accounting.com X509v3 Certificate Policies: Policy: 2.23.140.1.2.1 CT Precertificate SCTs: Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB: 1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73 Timestamp : Mar 19 10:01:01.639 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:44:02:20:37:57:21:3C:01:CA:95:4F:2B:69:33:19: 9C:2A:44:43:D0:56:AD:F1:EC:3E:E3:35:E4:D2:12:B8: 79:CB:E2:AF:02:20:15:4D:20:88:3A:9B:4F:73:3F:D6: 1F:DD:49:88:8B:6F:91:4A:92:C4:44:EC:AD:49:2E:A5: 7F:7C:96:C9:48:6C Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34: B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74 Timestamp : Mar 19 10:01:01.703 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:44:02:20:65:2E:2B:CC:1C:F2:99:8F:7F:75:54:A0: E3:A4:64:A2:77:D8:71:CE:C2:5B:8D:E3:FC:27:56:D0: 90:BB:F6:0D:02:20:1A:10:C3:B2:BF:7D:51:E7:67:DC: 8C:5A:E9:9F:05:E3:13:A1:53:3B:53:F6:A7:F8:91:E4: BC:61:A7:08:32:17 Signature Algorithm: sha256WithRSAEncryption Signature Value: 91:17:64:36:10:be:7b:a1:15:c8:30:fa:60:eb:0e:1d:10:46: fd:dd:e9:8d:68:fe:8e:73:30:63:2a:05:54:71:e6:10:c3:f6: aa:7c:f2:8e:9c:d3:8f:ef:db:67:bd:31:e5:39:6b:5f:ab:23: 45:0e:72:4b:85:2f:00:bd:75:29:15:77:d8:1d:90:c8:48:8c: 5e:4a:44:7e:ea:bc:25:52:4f:9b:af:31:59:11:21:85:d9:13: 7a:9d:c9:dc:b8:68:02:89:ed:9c:86:5c:13:49:54:8a:84:31: cb:17:4c:c0:bf:15:eb:21:8a:db:09:40:bf:8e:54:82:31:12: bd:e5:33:5b:0c:8f:bc:a2:d0:19:76:28:01:cc:8d:15:85:fd: a6:2e:d8:1a:26:9b:fa:e2:08:ff:03:15:fe:8f:01:19:06:17: b6:c8:47:32:4a:fb:5c:e6:25:be:e3:b5:3f:08:cb:41:ec:b1: 08:56:5f:af:e1:02:ad:ab:e7:aa:25:da:d8:2a:19:df:86:46: 86:98:b1:c3:66:2b:a4:23:13:8c:6a:e9:97:ba:94:a5:c1:87: ac:0d:ac:56:a1:2b:65:4a:d8:04:75:d1:bd:f4:0a:fc:e4:84: d7:06:57:3e:26:27:ca:09:0a:a1:bc:6d:76:09:ac:64:91:bd: da:12:03:4a
-2040434615 | 2024-05-06T07:01:27.3580913268 / tcp
LDAP: SupportedExtension: 1.2.840.113556.1.4.1781 1.2.840.113556.1.4.2212 1.3.6.1.4.1.1466.101.119.1 1.3.6.1.4.1.1466.20037 1.3.6.1.4.1.4203.1.11.3 SupportedSASLMechanisms: DIGEST-MD5 EXTERNAL GSS-SPNEGO GSSAPI SupportedLDAPVersion: 2 3 SupportedLDAPPolicies: InitRecvTimeout MaxBatchReturnMessages MaxConnIdleTime MaxConnections MaxDatagramRecv MaxDirSyncDuration MaxNotificationPerConn MaxPageSize MaxPercentDirSyncRequests MaxPoolThreads MaxQueryDuration MaxReceiveBuffer MaxResultSetSize MaxResultSetsPerConn MaxTempTableSize MaxValRange MaxValRangeTransitive MinResultSets SystemMemoryLimitPercent ThreadMemoryLimit SupportedControl: 1.2.840.113556.1.4.1338 1.2.840.113556.1.4.1339 1.2.840.113556.1.4.1340 1.2.840.113556.1.4.1341 1.2.840.113556.1.4.1413 1.2.840.113556.1.4.1504 1.2.840.113556.1.4.1852 1.2.840.113556.1.4.1907 1.2.840.113556.1.4.1948 1.2.840.113556.1.4.1974 1.2.840.113556.1.4.2026 1.2.840.113556.1.4.2064 1.2.840.113556.1.4.2065 1.2.840.113556.1.4.2066 1.2.840.113556.1.4.2090 1.2.840.113556.1.4.2204 1.2.840.113556.1.4.2205 1.2.840.113556.1.4.2206 1.2.840.113556.1.4.2211 1.2.840.113556.1.4.2239 1.2.840.113556.1.4.2255 1.2.840.113556.1.4.2256 1.2.840.113556.1.4.2309 1.2.840.113556.1.4.2330 1.2.840.113556.1.4.2354 1.2.840.113556.1.4.319 1.2.840.113556.1.4.417 1.2.840.113556.1.4.473 1.2.840.113556.1.4.474 1.2.840.113556.1.4.521 1.2.840.113556.1.4.528 1.2.840.113556.1.4.529 1.2.840.113556.1.4.619 1.2.840.113556.1.4.801 1.2.840.113556.1.4.802 1.2.840.113556.1.4.805 1.2.840.113556.1.4.841 1.2.840.113556.1.4.970 2.16.840.1.113730.3.4.10 2.16.840.1.113730.3.4.9 SupportedCapabilities: 1.2.840.113556.1.4.1670 1.2.840.113556.1.4.1791 1.2.840.113556.1.4.1935 1.2.840.113556.1.4.2080 1.2.840.113556.1.4.2237 1.2.840.113556.1.4.800 SubschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=vo,DC=so-accounting,DC=com ServerName: CN=APP01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=vo,DC=so-accounting,DC=com SchemaNamingContext: CN=Schema,CN=Configuration,DC=vo,DC=so-accounting,DC=com RootDomainNamingContext: DC=vo,DC=so-accounting,DC=com NamingContexts: CN=Configuration,DC=vo,DC=so-accounting,DC=com CN=Schema,CN=Configuration,DC=vo,DC=so-accounting,DC=com DC=DomainDnsZones,DC=vo,DC=so-accounting,DC=com DC=ForestDnsZones,DC=vo,DC=so-accounting,DC=com DC=vo,DC=so-accounting,DC=com LdapServiceName: vo.so-accounting.com:app01$@VO.SO-ACCOUNTING.COM IsSynchronized: TRUE IsGlobalCatalogReady: TRUE HighestCommittedUSN: 229006745 ForestFunctionality: 7 DsServiceName: CN=NTDS Settings,CN=APP01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=vo,DC=so-accounting,DC=com DomainFunctionality: 7 DnsHostName: app01.vo.so-accounting.com DefaultNamingContext: DC=vo,DC=so-accounting,DC=com CurrentTime: 20240506070019.0Z ConfigurationNamingContext: CN=Configuration,DC=vo,DC=so-accounting,DC=com
-153709550 | 2024-05-02T13:35:36.3805613269 / tcp
LDAP: SupportedExtension: 1.2.840.113556.1.4.1781 1.2.840.113556.1.4.2212 1.3.6.1.4.1.1466.101.119.1 1.3.6.1.4.1.1466.20037 1.3.6.1.4.1.4203.1.11.3 SupportedSASLMechanisms: DIGEST-MD5 EXTERNAL GSS-SPNEGO GSSAPI SupportedLDAPVersion: 2 3 SupportedLDAPPolicies: InitRecvTimeout MaxBatchReturnMessages MaxConnIdleTime MaxConnections MaxDatagramRecv MaxDirSyncDuration MaxNotificationPerConn MaxPageSize MaxPercentDirSyncRequests MaxPoolThreads MaxQueryDuration MaxReceiveBuffer MaxResultSetSize MaxResultSetsPerConn MaxTempTableSize MaxValRange MaxValRangeTransitive MinResultSets SystemMemoryLimitPercent ThreadMemoryLimit SupportedControl: 1.2.840.113556.1.4.1338 1.2.840.113556.1.4.1339 1.2.840.113556.1.4.1340 1.2.840.113556.1.4.1341 1.2.840.113556.1.4.1413 1.2.840.113556.1.4.1504 1.2.840.113556.1.4.1852 1.2.840.113556.1.4.1907 1.2.840.113556.1.4.1948 1.2.840.113556.1.4.1974 1.2.840.113556.1.4.2026 1.2.840.113556.1.4.2064 1.2.840.113556.1.4.2065 1.2.840.113556.1.4.2066 1.2.840.113556.1.4.2090 1.2.840.113556.1.4.2204 1.2.840.113556.1.4.2205 1.2.840.113556.1.4.2206 1.2.840.113556.1.4.2211 1.2.840.113556.1.4.2239 1.2.840.113556.1.4.2255 1.2.840.113556.1.4.2256 1.2.840.113556.1.4.2309 1.2.840.113556.1.4.2330 1.2.840.113556.1.4.2354 1.2.840.113556.1.4.319 1.2.840.113556.1.4.417 1.2.840.113556.1.4.473 1.2.840.113556.1.4.474 1.2.840.113556.1.4.521 1.2.840.113556.1.4.528 1.2.840.113556.1.4.529 1.2.840.113556.1.4.619 1.2.840.113556.1.4.801 1.2.840.113556.1.4.802 1.2.840.113556.1.4.805 1.2.840.113556.1.4.841 1.2.840.113556.1.4.970 2.16.840.1.113730.3.4.10 2.16.840.1.113730.3.4.9 SupportedCapabilities: 1.2.840.113556.1.4.1670 1.2.840.113556.1.4.1791 1.2.840.113556.1.4.1935 1.2.840.113556.1.4.2080 1.2.840.113556.1.4.2237 1.2.840.113556.1.4.800 SubschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=vo,DC=so-accounting,DC=com ServerName: CN=APP01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=vo,DC=so-accounting,DC=com SchemaNamingContext: CN=Schema,CN=Configuration,DC=vo,DC=so-accounting,DC=com RootDomainNamingContext: DC=vo,DC=so-accounting,DC=com NamingContexts: CN=Configuration,DC=vo,DC=so-accounting,DC=com CN=Schema,CN=Configuration,DC=vo,DC=so-accounting,DC=com DC=DomainDnsZones,DC=vo,DC=so-accounting,DC=com DC=ForestDnsZones,DC=vo,DC=so-accounting,DC=com DC=vo,DC=so-accounting,DC=com LdapServiceName: vo.so-accounting.com:app01$@VO.SO-ACCOUNTING.COM IsSynchronized: TRUE IsGlobalCatalogReady: TRUE HighestCommittedUSN: 228144280 ForestFunctionality: 7 DsServiceName: CN=NTDS Settings,CN=APP01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=vo,DC=so-accounting,DC=com DomainFunctionality: 7 DnsHostName: app01.vo.so-accounting.com DefaultNamingContext: DC=vo,DC=so-accounting,DC=com CurrentTime: 20240502133449.0Z ConfigurationNamingContext: CN=Configuration,DC=vo,DC=so-accounting,DC=com
Certificate: Data: Version: 3 (0x2) Serial Number: 04:4f:eb:10:4b:80:ba:85:af:42:05:fa:3b:bc:fa:16:7c:2c Signature Algorithm: sha256WithRSAEncryption Issuer: C=US, O=Let's Encrypt, CN=R3 Validity Not Before: Mar 19 09:01:01 2024 GMT Not After : Jun 17 09:01:00 2024 GMT Subject: CN=app01.vo.so-accounting.com Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (3072 bit) Modulus: 00:97:96:ae:2b:e1:12:39:b8:be:e5:a8:dd:a4:8a: d6:5d:ea:3d:d3:86:a3:a6:98:16:f9:52:af:5c:6f: bc:01:bf:d0:68:31:75:c4:65:48:84:de:79:a3:7a: 0e:d0:7d:18:65:8f:d8:b9:d2:1c:73:88:b2:1b:20: 55:ff:33:10:bb:cb:6e:8c:bd:61:51:12:2b:15:e6: 6e:67:df:90:c6:1d:8d:ad:2e:c3:2d:01:b6:d0:00: 4c:41:5b:f0:ca:5f:4e:87:2f:6d:a4:52:83:08:ab: e4:22:94:ad:f1:f5:89:b5:04:e5:06:08:20:3a:7f: 3c:5e:e7:67:98:6d:60:62:d4:28:38:f5:0c:6f:f4: 1e:2c:1f:5a:29:0d:c4:08:da:e7:08:69:02:27:5a: fd:15:10:d5:a3:b3:cf:f2:bd:69:ab:e2:3d:f2:74: 0e:51:85:c4:c4:27:44:5b:4a:4a:f1:93:af:f0:ee: 8c:65:8c:be:3b:d2:7a:b4:ce:fc:69:8f:f7:12:c1: 7e:d9:6c:dd:83:1c:6b:85:fa:fd:fc:b0:4f:5a:32: 36:be:0c:84:47:32:dc:fe:6b:f1:cc:ac:71:72:ff: 3c:cb:99:f4:69:21:a2:05:e0:2a:14:47:86:90:20: e1:77:cf:7e:a9:ad:6a:a2:61:01:3b:2b:6f:be:5d: 63:62:82:8b:08:9a:4b:b0:82:cb:5d:b0:9b:64:ac: 3d:31:6d:ed:58:1c:15:26:25:0f:cf:64:2f:a6:5a: e9:9f:ed:49:14:dd:2c:4b:9f:21:34:47:c4:22:44: 8b:36:1f:bb:cb:6c:79:38:60:ec:fb:58:f8:f6:92: 1c:c3:f5:3f:c4:3f:d3:b0:5b:30:22:c1:b5:31:93: 6a:68:51:fb:cf:87:90:e5:59:ab:b4:bf:22:14:2a: 3a:f9:4e:ff:4a:f4:23:03:aa:5b:5d:9d:f4:df:33: ad:5d:80:e9:97:8c:e4:a4:f8:06:0f:d7:c1:54:dd: f1:65:6e:69:77:8e:27:33:f3:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Basic Constraints: critical CA:FALSE X509v3 Subject Key Identifier: A5:22:B8:35:86:B1:70:8F:4D:22:E7:72:6D:C6:EF:4B:70:45:A0:84 X509v3 Authority Key Identifier: 14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6 Authority Information Access: OCSP - URI:http://r3.o.lencr.org CA Issuers - URI:http://r3.i.lencr.org/ X509v3 Subject Alternative Name: DNS:app01.vo.so-accounting.com X509v3 Certificate Policies: Policy: 2.23.140.1.2.1 CT Precertificate SCTs: Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB: 1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73 Timestamp : Mar 19 10:01:01.639 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:44:02:20:37:57:21:3C:01:CA:95:4F:2B:69:33:19: 9C:2A:44:43:D0:56:AD:F1:EC:3E:E3:35:E4:D2:12:B8: 79:CB:E2:AF:02:20:15:4D:20:88:3A:9B:4F:73:3F:D6: 1F:DD:49:88:8B:6F:91:4A:92:C4:44:EC:AD:49:2E:A5: 7F:7C:96:C9:48:6C Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34: B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74 Timestamp : Mar 19 10:01:01.703 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:44:02:20:65:2E:2B:CC:1C:F2:99:8F:7F:75:54:A0: E3:A4:64:A2:77:D8:71:CE:C2:5B:8D:E3:FC:27:56:D0: 90:BB:F6:0D:02:20:1A:10:C3:B2:BF:7D:51:E7:67:DC: 8C:5A:E9:9F:05:E3:13:A1:53:3B:53:F6:A7:F8:91:E4: BC:61:A7:08:32:17 Signature Algorithm: sha256WithRSAEncryption Signature Value: 91:17:64:36:10:be:7b:a1:15:c8:30:fa:60:eb:0e:1d:10:46: fd:dd:e9:8d:68:fe:8e:73:30:63:2a:05:54:71:e6:10:c3:f6: aa:7c:f2:8e:9c:d3:8f:ef:db:67:bd:31:e5:39:6b:5f:ab:23: 45:0e:72:4b:85:2f:00:bd:75:29:15:77:d8:1d:90:c8:48:8c: 5e:4a:44:7e:ea:bc:25:52:4f:9b:af:31:59:11:21:85:d9:13: 7a:9d:c9:dc:b8:68:02:89:ed:9c:86:5c:13:49:54:8a:84:31: cb:17:4c:c0:bf:15:eb:21:8a:db:09:40:bf:8e:54:82:31:12: bd:e5:33:5b:0c:8f:bc:a2:d0:19:76:28:01:cc:8d:15:85:fd: a6:2e:d8:1a:26:9b:fa:e2:08:ff:03:15:fe:8f:01:19:06:17: b6:c8:47:32:4a:fb:5c:e6:25:be:e3:b5:3f:08:cb:41:ec:b1: 08:56:5f:af:e1:02:ad:ab:e7:aa:25:da:d8:2a:19:df:86:46: 86:98:b1:c3:66:2b:a4:23:13:8c:6a:e9:97:ba:94:a5:c1:87: ac:0d:ac:56:a1:2b:65:4a:d8:04:75:d1:bd:f4:0a:fc:e4:84: d7:06:57:3e:26:27:ca:09:0a:a1:bc:6d:76:09:ac:64:91:bd: da:12:03:4a
-231588453 | 2024-04-24T21:52:39.7889973389 / tcp
Remote Desktop Protocol \x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x1f\x08\x00\x02\x00\x00\x00 Remote Desktop Protocol NTLM Info: OS: Windows 10 (version 1809)/Windows Server 2019 (version 1809) OS Build: 10.0.17763 Target Name: VO NetBIOS Domain Name: VO NetBIOS Computer Name: APP01 DNS Domain Name: vo.so-accounting.com DNS Tree Name: vo.so-accounting.com FQDN: app01.vo.so-accounting.com Other user ! Password ra Sign in to: VO How do I sign in to another domain
Certificate: Data: Version: 3 (0x2) Serial Number: 1b:12:c1:8c:b9:a6:2f:9f:42:37:fd:b0:40:ac:e5:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=app01.vo.so-accounting.com Validity Not Before: Dec 30 23:46:27 2023 GMT Not After : Jun 30 23:46:27 2024 GMT Subject: CN=app01.vo.so-accounting.com Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:c0:28:e5:1e:d1:fb:90:f9:88:87:77:61:d8:27: 2d:96:70:ef:72:9c:d0:01:cd:03:70:61:c9:77:26: 4a:0b:d8:ef:a3:45:88:d1:70:04:06:98:c0:ce:e9: 57:dc:52:bd:d0:fc:29:fa:27:de:cf:4c:80:1a:6d: 94:45:a3:e3:e0:f7:d8:f0:24:c4:7f:96:a9:52:1a: d5:bc:ce:0b:f0:f1:90:18:39:a2:ee:46:53:b5:0b: 0d:a4:33:09:35:c7:68:44:7b:e7:f9:16:42:21:c0: 1a:3c:3f:4f:78:94:12:7f:57:72:25:4c:e4:af:dd: 1b:66:2d:6e:06:50:c2:1c:d0:f1:e7:cb:e6:9b:7e: 47:6b:e1:b6:59:3e:a4:31:d8:bb:bd:a0:27:f1:a5: 03:a7:1e:5f:14:29:03:45:7c:05:b0:91:41:35:d2: f2:fa:ef:4b:fb:3c:eb:02:0b:22:e0:44:40:f7:00: db:e3:93:a8:cf:8a:dd:eb:3d:7e:f8:4e:40:51:77: cc:f7:ae:7e:71:35:cd:a0:09:28:1e:45:8b:a4:a1: de:6c:cc:d9:8a:e5:10:84:6a:a4:82:2a:8e:c3:67: c6:27:48:72:74:6e:46:3e:02:03:4c:27:73:19:c9: e0:06:3e:40:28:28:30:d4:3b:40:e4:4c:e7:26:77: 99:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Extended Key Usage: TLS Web Server Authentication X509v3 Key Usage: Key Encipherment, Data Encipherment Signature Algorithm: sha256WithRSAEncryption Signature Value: 50:0b:c0:5b:8b:79:de:a0:96:e3:f4:85:1e:f0:d5:20:bb:01: 19:55:94:b1:46:e3:0c:da:fc:d4:9f:2e:fd:4e:94:71:16:dd: 6a:7a:68:37:93:41:b7:d5:99:30:a9:c0:2e:6e:d3:06:4a:d8: e5:5e:d3:b1:7b:78:df:c2:e5:f8:03:38:d2:4b:43:9d:f0:24: 57:35:ae:e1:06:75:2a:bf:57:ea:52:bd:b8:c9:60:ee:56:8a: 50:77:b6:00:e9:94:4d:01:5a:ca:32:6d:60:6f:13:36:10:c3: aa:53:a6:16:a3:ef:9f:8b:84:81:32:a3:4f:d7:bd:c1:41:ed: 1d:d1:dc:5f:61:ea:85:66:28:7a:8c:ab:46:c9:5f:5b:69:28: d0:d0:7d:67:a1:7d:0e:4b:8d:e4:4c:55:13:f7:6d:d2:80:89: c5:81:e4:d0:bd:f9:d1:d6:ad:4b:8a:45:38:41:b8:60:6c:e7: 32:0b:7c:96:4c:6f:ce:c9:c7:46:4e:2f:c3:10:b8:53:e8:7f: a7:c6:23:aa:cb:10:ba:f5:84:a2:63:f0:0b:aa:db:0b:55:19: 46:c5:3d:e8:b1:72:34:2a:de:0c:d1:c1:e7:28:00:33:dd:78: bc:7e:04:d1:94:86:9b:88:cf:d3:3f:1e:d5:7d:99:59:c4:88: eb:31:23:47
1489525118 | 2024-05-06T21:26:40.2489185985 / tcp
HTTP/1.1 404 Not Found Content-Type: text/html; charset=us-ascii Server: Microsoft-HTTPAPI/2.0 Date: Mon, 06 May 2024 21:25:08 GMT Connection: close Content-Length: 315 WinRM NTLM Info: OS: Windows Server 2019 (version 1809) OS Build: 10.0.17763 Target Name: VO NetBIOS Domain Name: VO NetBIOS Computer Name: APP01 DNS Domain Name: vo.so-accounting.com DNS Tree Name: vo.so-accounting.com FQDN: app01.vo.so-accounting.com