Hostnames |
cloud.protagonist.nl static.80.0.99.88.clients.your-server.de |
Domains | protagonist.nl your-server.de |
Country | Germany |
City | Falkenstein |
Organization | Hetzner Online GmbH |
ISP | Hetzner Online GmbH |
ASN | AS24940 |
1570328462 | 2024-04-18T17:18:09.37611380 / tcp
HTTP/1.1 302 Found Cache-Control: private Content-Type: text/html; charset=utf-8 Location: https://88.99.0.80/rdweb/ Server: Microsoft-IIS/10.0 Date: Thu, 18 Apr 2024 17:18:08 GMT Content-Length: 142
-705366176 | 2024-04-12T05:04:22.63500088 / udp
Microsoft Windows Kerberos Server Time: 2024-04-12 05:04:19Z
957304432 | 2024-04-11T03:44:49.253740123 / udp
NTP protocolversion: 3 stratum: 3 leap: 0 precision: -23 rootdelay: 0.0119476318359 rootdisp: 0.0515747070312 refid: 3589271462 reftime: 3921795843.43 poll: 0
-1180182970 | 2024-04-19T07:53:13.422518135 / tcp
Microsoft RPC Endpoint Mapper d95afe70-a6d5-4259-822e-2c84da1ddb0d version: v1.0 protocol: [MS-RSP]: Remote Shutdown Protocol provider: wininit.exe ncacn_ip_tcp: 88.99.0.80:49664 ncalrpc: WindowsShutdown ncacn_np: \\BDS01\PIPE\InitShutdown ncalrpc: WMsgKRpc0A6C30 76f226c3-ec14-4325-8a99-6a46348418af version: v1.0 provider: winlogon.exe ncalrpc: WindowsShutdown ncacn_np: \\BDS01\PIPE\InitShutdown ncalrpc: WMsgKRpc0A6C30 ncalrpc: WMsgKRpc0AA581 d09bdeb5-6171-4a34-bfe2-06fa82652568 version: v1.0 ncalrpc: csebpub ncalrpc: LRPC-fcf30b61a56a8bdffe ncalrpc: LRPC-c8149faa0cbae39a5f ncalrpc: LRPC-d657878d63eb64f1b3 ncalrpc: LRPC-a8787df534fa03ef6c ncalrpc: LRPC-04de848ed3b9d15261 ncalrpc: OLE66F9868DCADA44A03571BBAB2F7A ncalrpc: LRPC-43d12da9acc0966e68 ncalrpc: actkernel ncalrpc: umpo ncalrpc: LRPC-c8149faa0cbae39a5f ncalrpc: LRPC-d657878d63eb64f1b3 ncalrpc: LRPC-a8787df534fa03ef6c ncalrpc: LRPC-04de848ed3b9d15261 ncalrpc: OLE66F9868DCADA44A03571BBAB2F7A ncalrpc: LRPC-43d12da9acc0966e68 ncalrpc: actkernel ncalrpc: umpo ncalrpc: LRPC-d657878d63eb64f1b3 ncalrpc: LRPC-a8787df534fa03ef6c ncalrpc: LRPC-04de848ed3b9d15261 ncalrpc: OLE66F9868DCADA44A03571BBAB2F7A ncalrpc: LRPC-43d12da9acc0966e68 ncalrpc: actkernel ncalrpc: umpo ncalrpc: LRPC-968caec9698e2db3b5 ncalrpc: LRPC-bcd53679ab1b235cf3 697dcda9-3ba9-4eb2-9247-e11f1901b0d2 version: v1.0 ncalrpc: LRPC-fcf30b61a56a8bdffe ncalrpc: LRPC-c8149faa0cbae39a5f ncalrpc: LRPC-d657878d63eb64f1b3 ncalrpc: LRPC-a8787df534fa03ef6c ncalrpc: LRPC-04de848ed3b9d15261 ncalrpc: OLE66F9868DCADA44A03571BBAB2F7A ncalrpc: LRPC-43d12da9acc0966e68 ncalrpc: actkernel ncalrpc: umpo 9b008953-f195-4bf9-bde0-4471971e58ed version: v1.0 ncalrpc: LRPC-c8149faa0cbae39a5f ncalrpc: LRPC-d657878d63eb64f1b3 ncalrpc: LRPC-a8787df534fa03ef6c ncalrpc: LRPC-04de848ed3b9d15261 ncalrpc: OLE66F9868DCADA44A03571BBAB2F7A ncalrpc: LRPC-43d12da9acc0966e68 ncalrpc: actkernel ncalrpc: umpo dd59071b-3215-4c59-8481-972edadc0f6a version: v1.0 ncalrpc: umpo 0d47017b-b33b-46ad-9e18-fe96456c5078 version: v1.0 ncalrpc: umpo 95406f0b-b239-4318-91bb-cea3a46ff0dc version: v1.0 ncalrpc: umpo 4ed8abcc-f1e2-438b-981f-bb0e8abc010c version: v1.0 ncalrpc: umpo 0ff1f646-13bb-400a-ab50-9a78f2b7a85a version: v1.0 ncalrpc: umpo 6982a06e-5fe2-46b1-b39c-a2c545bfa069 version: v1.0 ncalrpc: umpo 082a3471-31b6-422a-b931-a54401960c62 version: v1.0 ncalrpc: umpo fae436b0-b864-4a87-9eda-298547cd82f2 version: v1.0 ncalrpc: umpo e53d94ca-7464-4839-b044-09a2fb8b3ae5 version: v1.0 ncalrpc: umpo 178d84be-9291-4994-82c6-3f909aca5a03 version: v1.0 ncalrpc: umpo 4dace966-a243-4450-ae3f-9b7bcb5315b8 version: v2.0 ncalrpc: umpo 1832bcf6-cab8-41d4-85d2-c9410764f75a version: v1.0 ncalrpc: umpo c521facf-09a9-42c5-b155-72388595cbf0 version: v0.0 ncalrpc: umpo 2c7fd9ce-e706-4b40-b412-953107ef9bb0 version: v0.0 ncalrpc: umpo 88abcbc3-34ea-76ae-8215-767520655a23 version: v0.0 ncalrpc: LRPC-a8787df534fa03ef6c ncalrpc: LRPC-04de848ed3b9d15261 ncalrpc: OLE66F9868DCADA44A03571BBAB2F7A ncalrpc: LRPC-43d12da9acc0966e68 ncalrpc: actkernel ncalrpc: umpo 76c217bc-c8b4-4201-a745-373ad9032b1a version: v1.0 ncalrpc: LRPC-a8787df534fa03ef6c ncalrpc: LRPC-04de848ed3b9d15261 ncalrpc: OLE66F9868DCADA44A03571BBAB2F7A ncalrpc: LRPC-43d12da9acc0966e68 ncalrpc: actkernel ncalrpc: umpo 55e6b932-1979-45d6-90c5-7f6270724112 version: v1.0 ncalrpc: LRPC-a8787df534fa03ef6c ncalrpc: LRPC-04de848ed3b9d15261 ncalrpc: OLE66F9868DCADA44A03571BBAB2F7A ncalrpc: LRPC-43d12da9acc0966e68 ncalrpc: actkernel ncalrpc: umpo 857fb1be-084f-4fb5-b59c-4b2c4be5f0cf version: v1.0 ncalrpc: LRPC-04de848ed3b9d15261 ncalrpc: OLE66F9868DCADA44A03571BBAB2F7A ncalrpc: LRPC-43d12da9acc0966e68 ncalrpc: actkernel ncalrpc: umpo b8cadbaf-e84b-46b9-84f2-6f71c03f9e55 version: v1.0 ncalrpc: LRPC-04de848ed3b9d15261 ncalrpc: OLE66F9868DCADA44A03571BBAB2F7A ncalrpc: LRPC-43d12da9acc0966e68 ncalrpc: actkernel ncalrpc: umpo 20c40295-8dba-48e6-aebf-3e78ef3bb144 version: v1.0 ncalrpc: LRPC-04de848ed3b9d15261 ncalrpc: OLE66F9868DCADA44A03571BBAB2F7A ncalrpc: LRPC-43d12da9acc0966e68 ncalrpc: actkernel ncalrpc: umpo 2513bcbe-6cd4-4348-855e-7efb3c336dd3 version: v1.0 ncalrpc: LRPC-04de848ed3b9d15261 ncalrpc: OLE66F9868DCADA44A03571BBAB2F7A ncalrpc: LRPC-43d12da9acc0966e68 ncalrpc: actkernel ncalrpc: umpo 0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e version: v1.0 ncalrpc: LRPC-43d12da9acc0966e68 ncalrpc: actkernel ncalrpc: umpo c605f9fb-f0a3-4e2a-a073-73560f8d9e3e version: v1.0 ncalrpc: LRPC-43d12da9acc0966e68 ncalrpc: actkernel ncalrpc: umpo 1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0 version: v1.0 ncalrpc: LRPC-43d12da9acc0966e68 ncalrpc: actkernel ncalrpc: umpo 8bfc3be1-6def-4e2d-af74-7c47cd0ade4a version: v1.0 ncalrpc: LRPC-43d12da9acc0966e68 ncalrpc: actkernel ncalrpc: umpo 2d98a740-581d-41b9-aa0d-a88b9d5ce938 version: v1.0 ncalrpc: LRPC-43d12da9acc0966e68 ncalrpc: actkernel ncalrpc: umpo 0361ae94-0316-4c6c-8ad8-c594375800e2 version: v1.0 ncalrpc: umpo 5824833b-3c1a-4ad2-bdfd-c31d19e23ed2 version: v1.0 ncalrpc: umpo bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760 version: v1.0 ncalrpc: umpo 3b338d89-6cfa-44b8-847e-531531bc9992 version: v1.0 ncalrpc: umpo 8782d3b9-ebbd-4644-a3d8-e8725381919b version: v1.0 ncalrpc: umpo 085b0334-e454-4d91-9b8c-4134f9e793f3 version: v1.0 ncalrpc: umpo 4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9 version: v1.0 ncalrpc: umpo c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 version: v1.0 annotation: Impl friendly name provider: sysntfy.dll ncalrpc: LRPC-4a4bcdab85e086681d ncalrpc: LRPC-aba9434fef922876c8 ncalrpc: IUserProfile2 ncalrpc: LRPC-51192540d1f273dedf ncalrpc: senssvc ncalrpc: LRPC-938eb9e91514df6d98 ncalrpc: OLE21D4AF0335E8D0FEB6D4941DA1D0 ncacn_ip_tcp: 88.99.0.80:49671 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\BDS01\pipe\lsass 7ea70bcf-48af-4f6a-8968-6a440754d5fa version: v1.0 annotation: NSI server endpoint provider: nsisvc.dll ncalrpc: LRPC-e54bdf7a46a2aa53a9 30adc50c-5cbc-46ce-9a0e-91914789e23c version: v1.0 annotation: NRP server endpoint provider: nrpsrv.dll ncalrpc: LRPC-1261b104838074c5e6 a500d4c6-0dd1-4543-bc0c-d5f93486eaf8 version: v1.0 ncalrpc: LRPC-9160c9839c854e921e ncalrpc: LRPC-968caec9698e2db3b5 e40f7b57-7a25-4cd3-a135-7f7d3df9d16b version: v1.0 annotation: Network Connection Broker server endpoint ncalrpc: LRPC-d3f3f98e68d7ed06ea ncalrpc: OLE7E4853580A2FB25661E7DBCC6E3E ncalrpc: LRPC-9a1cb8c399ed5b1521 ncalrpc: LRPC-bcd53679ab1b235cf3 880fd55e-43b9-11e0-b1a8-cf4edfd72085 version: v1.0 annotation: KAPI Service endpoint ncalrpc: LRPC-d3f3f98e68d7ed06ea ncalrpc: OLE7E4853580A2FB25661E7DBCC6E3E ncalrpc: LRPC-9a1cb8c399ed5b1521 ncalrpc: LRPC-bcd53679ab1b235cf3 5222821f-d5e2-4885-84f1-5f6185a0ec41 version: v1.0 annotation: Network Connection Broker server endpoint for NCB Reset module ncalrpc: LRPC-9a1cb8c399ed5b1521 ncalrpc: LRPC-bcd53679ab1b235cf3 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5 version: v1.0 annotation: DHCP Client LRPC Endpoint provider: dhcpcsvc.dll ncalrpc: dhcpcsvc ncalrpc: dhcpcsvc6 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6 version: v1.0 annotation: DHCPv6 Client LRPC Endpoint provider: dhcpcsvc6.dll ncalrpc: dhcpcsvc6 f6beaff7-1e19-4fbb-9f8f-b89e2018337c version: v1.0 annotation: Event log TCPIP protocol: [MS-EVEN6]: EventLog Remoting Protocol provider: wevtsvc.dll ncacn_ip_tcp: 88.99.0.80:49665 ncacn_np: \\BDS01\pipe\eventlog ncalrpc: eventlog 89759fce-5a25-4086-8967-de12f39a60b5 version: v1.0 provider: tssdjet.dll ncacn_ip_tcp: 88.99.0.80:49666 ncalrpc: LcRpc ncalrpc: OLE283407BABCEEFBD08256B1868F8C 9b3195fe-d603-43d1-a0d5-9072d7cde122 version: v1.0 provider: tssdjet.dll ncacn_ip_tcp: 88.99.0.80:49666 ncalrpc: LcRpc ncalrpc: OLE283407BABCEEFBD08256B1868F8C 2eb08e3e-639f-4fba-97b1-14f878961076 version: v1.0 annotation: Group Policy RPC Interface provider: gpsvc.dll ncalrpc: LRPC-91b0c2edb43cd077c9 3a9ef155-691d-4449-8d05-09ad57031823 version: v1.0 ncacn_ip_tcp: 88.99.0.80:49667 ncalrpc: LRPC-d79ca6fa8333deb6a7 ncalrpc: ubpmtaskhostchannel ncacn_np: \\BDS01\PIPE\atsvc ncalrpc: LRPC-888427ec08e8e8b690 86d35949-83c9-4044-b424-db363231fd0c version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: schedsvc.dll ncacn_ip_tcp: 88.99.0.80:49667 ncalrpc: LRPC-d79ca6fa8333deb6a7 ncalrpc: ubpmtaskhostchannel ncacn_np: \\BDS01\PIPE\atsvc ncalrpc: LRPC-888427ec08e8e8b690 33d84484-3626-47ee-8c6f-e7e98b113be1 version: v2.0 ncalrpc: LRPC-d79ca6fa8333deb6a7 ncalrpc: ubpmtaskhostchannel ncacn_np: \\BDS01\PIPE\atsvc ncalrpc: LRPC-888427ec08e8e8b690 378e52b0-c0a9-11cf-822d-00aa0051e40f version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: taskcomp.dll ncacn_np: \\BDS01\PIPE\atsvc ncalrpc: LRPC-888427ec08e8e8b690 1ff70682-0a51-30e8-076d-740be8cee98b version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: taskcomp.dll ncacn_np: \\BDS01\PIPE\atsvc ncalrpc: LRPC-888427ec08e8e8b690 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53 version: v1.0 provider: schedsvc.dll ncalrpc: LRPC-888427ec08e8e8b690 2fb92682-6599-42dc-ae13-bd2ca89bd11c version: v1.0 annotation: Fw APIs provider: MPSSVC.dll ncalrpc: LRPC-15d20b37b03c3679d8 ncalrpc: LRPC-c90cd60da71bcea136 ncalrpc: LRPC-e4cc49661f0524d786 ncalrpc: LRPC-2e05143a5c63dd84a2 f47433c3-3e9d-4157-aad4-83aa1f5c2d4c version: v1.0 annotation: Fw APIs ncalrpc: LRPC-c90cd60da71bcea136 ncalrpc: LRPC-e4cc49661f0524d786 ncalrpc: LRPC-2e05143a5c63dd84a2 7f9d11bf-7fb9-436b-a812-b2d50c5d4c03 version: v1.0 annotation: Fw APIs provider: MPSSVC.dll ncalrpc: LRPC-e4cc49661f0524d786 ncalrpc: LRPC-2e05143a5c63dd84a2 dd490425-5325-4565-b774-7e27d6c09c24 version: v1.0 annotation: Base Firewall Engine API provider: BFE.DLL ncalrpc: LRPC-2e05143a5c63dd84a2 3473dd4d-2e88-4006-9cba-22570909dd10 version: v5.256 annotation: WinHttp Auto-Proxy Service ncalrpc: aeb7e264-6556-41bc-a915-fc17f7055d87 ncalrpc: LRPC-4b1d401539f305510d c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1 version: v1.0 annotation: Adh APIs ncalrpc: OLE1177157A7EA061CFDE3246F6B6A1 ncalrpc: TeredoControl ncalrpc: TeredoDiagnostics ncalrpc: LRPC-d38dad9e5db31459f0 c36be077-e14b-4fe9-8abc-e856ef4f048b version: v1.0 annotation: Proxy Manager client server endpoint ncalrpc: TeredoControl ncalrpc: TeredoDiagnostics ncalrpc: LRPC-d38dad9e5db31459f0 2e6035b2-e8f1-41a7-a044-656b439c4c34 version: v1.0 annotation: Proxy Manager provider server endpoint ncalrpc: TeredoControl ncalrpc: TeredoDiagnostics ncalrpc: LRPC-d38dad9e5db31459f0 552d076a-cb29-4e44-8b6a-d15e59e2c0af version: v1.0 annotation: IP Transition Configuration endpoint provider: iphlpsvc.dll ncalrpc: LRPC-d38dad9e5db31459f0 0d3c7f20-1c8d-4654-a1b3-51563b298bda version: v1.0 annotation: UserMgrCli ncalrpc: LRPC-55422875079228c516 ncalrpc: OLE6F2EC42F81FFA9E230DF07BEC02A b18fbab6-56f8-4702-84e0-41053293a869 version: v1.0 annotation: UserMgrCli ncalrpc: LRPC-55422875079228c516 ncalrpc: OLE6F2EC42F81FFA9E230DF07BEC02A c2d1b5dd-fa81-4460-9dd6-e7658b85454b version: v1.0 ncalrpc: LRPC-260f7205274b81b63a ncalrpc: OLE18AF9A33FF6C4957062141A7ED68 f44e62af-dab1-44c2-8013-049a9de417d6 version: v1.0 ncalrpc: LRPC-260f7205274b81b63a ncalrpc: OLE18AF9A33FF6C4957062141A7ED68 7aeb6705-3ae6-471a-882d-f39c109edc12 version: v1.0 ncalrpc: LRPC-260f7205274b81b63a ncalrpc: OLE18AF9A33FF6C4957062141A7ED68 e7f76134-9ef5-4949-a2d6-3368cc0988f3 version: v1.0 ncalrpc: LRPC-260f7205274b81b63a ncalrpc: OLE18AF9A33FF6C4957062141A7ED68 b37f900a-eae4-4304-a2ab-12bb668c0188 version: v1.0 ncalrpc: LRPC-260f7205274b81b63a ncalrpc: OLE18AF9A33FF6C4957062141A7ED68 abfb6ca3-0c5e-4734-9285-0aee72fe8d1c version: v1.0 ncalrpc: LRPC-260f7205274b81b63a ncalrpc: OLE18AF9A33FF6C4957062141A7ED68 30b044a5-a225-43f0-b3a4-e060df91f9c1 version: v1.0 provider: certprop.dll ncalrpc: LRPC-083600f54421bd8cb9 7f1343fe-50a9-4927-a778-0c5859517bac version: v1.0 annotation: DfsDs service ncacn_np: \\BDS01\PIPE\wkssvc ncalrpc: LRPC-b25ace7a2f0b44cd88 eb081a0d-10ee-478a-a1dd-50995283e7a8 version: v3.0 annotation: Witness Client Test Interface ncalrpc: LRPC-b25ace7a2f0b44cd88 f2c9b409-c1c9-4100-8639-d8ab1486694a version: v1.0 annotation: Witness Client Upcall Server ncalrpc: LRPC-b25ace7a2f0b44cd88 29770a8f-829b-4158-90a2-78cd488501f7 version: v1.0 ncacn_ip_tcp: 88.99.0.80:49673 ncacn_np: \\BDS01\pipe\SessEnvPublicRpc ncalrpc: SessEnvPrivateRpc ncalrpc: OLEE9C2A20402470DCA62F5E3DF6D88 ncalrpc: LRPC-938eb9e91514df6d98 51a227ae-825b-41f2-b4a9-1ac9557a1018 version: v1.0 annotation: Ngc Pop Key Service ncacn_ip_tcp: 88.99.0.80:49678 ncalrpc: NETLOGON_LRPC ncacn_np: \\BDS01\pipe\25a5371444c257c6 ncacn_ip_http: 88.99.0.80:49677 ncalrpc: NTDS_LPC ncacn_ip_tcp: 88.99.0.80:49676 ncalrpc: OLE21D4AF0335E8D0FEB6D4941DA1D0 ncacn_ip_tcp: 88.99.0.80:49671 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\BDS01\pipe\lsass 8fb74744-b2ff-4c00-be0d-9ef9a191fe1b version: v1.0 annotation: Ngc Pop Key Service ncacn_ip_tcp: 88.99.0.80:49678 ncalrpc: NETLOGON_LRPC ncacn_np: \\BDS01\pipe\25a5371444c257c6 ncacn_ip_http: 88.99.0.80:49677 ncalrpc: NTDS_LPC ncacn_ip_tcp: 88.99.0.80:49676 ncalrpc: OLE21D4AF0335E8D0FEB6D4941DA1D0 ncacn_ip_tcp: 88.99.0.80:49671 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\BDS01\pipe\lsass b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86 version: v2.0 annotation: KeyIso ncacn_ip_tcp: 88.99.0.80:49678 ncalrpc: NETLOGON_LRPC ncacn_np: \\BDS01\pipe\25a5371444c257c6 ncacn_ip_http: 88.99.0.80:49677 ncalrpc: NTDS_LPC ncacn_ip_tcp: 88.99.0.80:49676 ncalrpc: OLE21D4AF0335E8D0FEB6D4941DA1D0 ncacn_ip_tcp: 88.99.0.80:49671 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\BDS01\pipe\lsass 12345678-1234-abcd-ef00-01234567cffb version: v1.0 protocol: [MS-NRPC]: Netlogon Remote Protocol provider: netlogon.dll ncacn_ip_tcp: 88.99.0.80:49678 ncalrpc: NETLOGON_LRPC ncacn_np: \\BDS01\pipe\25a5371444c257c6 ncacn_ip_http: 88.99.0.80:49677 ncalrpc: NTDS_LPC ncacn_ip_tcp: 88.99.0.80:49676 ncalrpc: OLE21D4AF0335E8D0FEB6D4941DA1D0 ncacn_ip_tcp: 88.99.0.80:49671 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\BDS01\pipe\lsass 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7 version: v0.0 annotation: RemoteAccessCheck protocol: [MS-RAA]: Remote Authorization API Protocol ncalrpc: NETLOGON_LRPC ncacn_np: \\BDS01\pipe\25a5371444c257c6 ncacn_ip_http: 88.99.0.80:49677 ncalrpc: NTDS_LPC ncacn_ip_tcp: 88.99.0.80:49676 ncalrpc: OLE21D4AF0335E8D0FEB6D4941DA1D0 ncacn_ip_tcp: 88.99.0.80:49671 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\BDS01\pipe\lsass ncalrpc: NETLOGON_LRPC ncacn_np: \\BDS01\pipe\25a5371444c257c6 ncacn_ip_http: 88.99.0.80:49677 ncalrpc: NTDS_LPC ncacn_ip_tcp: 88.99.0.80:49676 ncalrpc: OLE21D4AF0335E8D0FEB6D4941DA1D0 ncacn_ip_tcp: 88.99.0.80:49671 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\BDS01\pipe\lsass 12345778-1234-abcd-ef00-0123456789ab version: v0.0 protocol: [MS-LSAT]: Local Security Authority (Translation Methods) Remote provider: lsasrv.dll ncacn_np: \\BDS01\pipe\25a5371444c257c6 ncacn_ip_http: 88.99.0.80:49677 ncalrpc: NTDS_LPC ncacn_ip_tcp: 88.99.0.80:49676 ncalrpc: OLE21D4AF0335E8D0FEB6D4941DA1D0 ncacn_ip_tcp: 88.99.0.80:49671 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\BDS01\pipe\lsass e3514235-4b06-11d1-ab04-00c04fc2dcd2 version: v4.0 annotation: MS NT Directory DRS Interface protocol: [MS-DRSR]: Directory Replication Service (DRS) Remote Protocol provider: ntdsai.dll ncacn_np: \\BDS01\pipe\25a5371444c257c6 ncacn_ip_http: 88.99.0.80:49677 ncalrpc: NTDS_LPC ncacn_ip_tcp: 88.99.0.80:49676 ncalrpc: OLE21D4AF0335E8D0FEB6D4941DA1D0 ncacn_ip_tcp: 88.99.0.80:49671 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\BDS01\pipe\lsass 12345778-1234-abcd-ef00-0123456789ac version: v1.0 protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol provider: samsrv.dll ncacn_ip_tcp: 88.99.0.80:49676 ncalrpc: OLE21D4AF0335E8D0FEB6D4941DA1D0 ncacn_ip_tcp: 88.99.0.80:49671 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\BDS01\pipe\lsass 1a0d010f-1c33-432c-b0f5-8cf4e8053099 version: v1.0 annotation: IdSegSrv service ncalrpc: LRPC-8cbfecc8a507303d8b 98716d03-89ac-44c7-bb8c-285824e51c4a version: v1.0 annotation: XactSrv service provider: srvsvc.dll ncalrpc: LRPC-8cbfecc8a507303d8b 76f03f96-cdfd-44fc-a22c-64950a001209 version: v1.0 protocol: [MS-PAR]: Print System Asynchronous Remote Protocol provider: spoolsv.exe ncacn_ip_tcp: 88.99.0.80:49679 ncalrpc: LRPC-76b2af0e74918ea075 4a452661-8290-4b36-8fbe-7f4093a94978 version: v1.0 provider: spoolsv.exe ncacn_ip_tcp: 88.99.0.80:49679 ncalrpc: LRPC-76b2af0e74918ea075 ae33069b-a2a8-46ee-a235-ddfd339be281 version: v1.0 protocol: [MS-PAN]: Print System Asynchronous Notification Protocol provider: spoolsv.exe ncacn_ip_tcp: 88.99.0.80:49679 ncalrpc: LRPC-76b2af0e74918ea075 0b6edbfa-4a24-4fc6-8a23-942b1eca65d1 version: v1.0 protocol: [MS-PAN]: Print System Asynchronous Notification Protocol provider: spoolsv.exe ncacn_ip_tcp: 88.99.0.80:49679 ncalrpc: LRPC-76b2af0e74918ea075 12345678-1234-abcd-ef00-0123456789ab version: v1.0 protocol: [MS-RPRN]: Print System Remote Protocol provider: spoolsv.exe ncacn_ip_tcp: 88.99.0.80:49679 ncalrpc: LRPC-76b2af0e74918ea075 df4df73a-c52d-4e3a-8003-8437fdf8302a version: v0.0 annotation: WM_WindowManagerRPC\Server ncalrpc: LRPC-6924e625d95814a98c b58aa02e-2884-4e97-8176-4ee06d794184 version: v1.0 provider: sysmain.dll ncalrpc: LRPC-f95cfc4d1484714c91 d1c2c07a-d989-48cc-a423-b73ecd518d40 version: v1.0 annotation: Veeam RPC Invoker ncacn_ip_tcp: 88.99.0.80:11731 ncacn_ip_tcp: 88.99.0.80:6160 ncacn_ip_tcp: 88.99.0.80:6162 ncacn_ip_tcp: 88.99.0.80:6190 ncacn_ip_tcp: 88.99.0.80:6183 ncalrpc: OLE72AA0F4852A2B94E3E194D0DEE08 d107c6e0-fc35-49ba-ba03-3e192de6797d version: v1.0 annotation: Veeam Deployer ncacn_ip_tcp: 88.99.0.80:11731 ncacn_ip_tcp: 88.99.0.80:6160 ncacn_ip_tcp: 88.99.0.80:6183 ncalrpc: OLE72AA0F4852A2B94E3E194D0DEE08 650a7e26-eab8-5533-ce43-9c1dfce11511 version: v1.0 annotation: Vpn APIs ncalrpc: LRPC-dc429a427706060974 ncalrpc: VpnikeRpc ncalrpc: RasmanLrpc ncacn_np: \\BDS01\PIPE\ROUTER 98cd761e-e77d-41c8-a3c0-0fb756d90ec2 version: v1.0 ncalrpc: LRPC-2ea778c893d5489ca9 d22895ef-aff4-42c5-a5b2-b14466d34ab4 version: v1.0 ncalrpc: LRPC-2ea778c893d5489ca9 e38f5360-8572-473e-b696-1b46873beeab version: v1.0 ncalrpc: LRPC-2ea778c893d5489ca9 95095ec8-32ea-4eb0-a3e2-041f97b36168 version: v1.0 ncalrpc: LRPC-2ea778c893d5489ca9 fd8be72b-a9cd-4b2c-a9ca-4ded242fbe4d version: v1.0 ncalrpc: LRPC-2ea778c893d5489ca9 4c9dbf19-d39e-4bb9-90ee-8f7179b20283 version: v1.0 ncalrpc: LRPC-2ea778c893d5489ca9 f3f09ffd-fbcf-4291-944d-70ad6e0e73bb version: v1.0 ncalrpc: LRPC-0c4f83b79195ea412e 3d267954-eeb7-11d1-b94e-00c04fa3080d version: v1.0 provider: lserver.dll ncacn_ip_tcp: 88.99.0.80:49694 ncacn_np: \\BDS01\pipe\HydraLsPipe ncalrpc: LRPC-fae19ac46d6ff4e10a 50abc2a4-574d-40b3-9d66-ee4fd5fba076 version: v5.0 protocol: [MS-DNSP]: Domain Name Service (DNS) Server Management provider: dns.exe ncacn_ip_tcp: 88.99.0.80:49707 32e36e84-4ba2-496c-ba85-fb450f325107 version: v2.0 ncalrpc: TSSessionDirectoryQueryApi ncacn_ip_tcp: 88.99.0.80:49731 c95fc993-f460-4763-a00d-bb3b9e5c7e2e version: v1.0 ncacn_ip_tcp: 88.99.0.80:49731 aa177641-fc9b-41bd-80ff-f964a701596f version: v1.0 provider: tssdis.exe ncacn_ip_tcp: 88.99.0.80:49731 ed96b012-c8ce-4f60-a682-35535b12ff75 version: v2.0 ncacn_ip_tcp: 88.99.0.80:5504 ncalrpc: OLE5E91CB9E65FBF194B2FFDD911574 367abb81-9844-35f1-ad32-98f038001003 version: v2.0 protocol: [MS-SCMR]: Service Control Manager Remote Protocol provider: services.exe ncacn_ip_tcp: 88.99.0.80:49732 0767a036-0d22-48aa-ba69-b619480f38cb version: v1.0 annotation: PcaSvc provider: pcasvc.dll ncalrpc: LRPC-58170ed5bcd91112f3 7d814569-35b3-4850-bb32-83035fcebf6e version: v1.0 annotation: IAS RPC server provider: ias.dll ncalrpc: LRPC-a86976a5ce14fac8a4 ncalrpc: OLE92DBA46B674E6151660F3A8D0188 906b0ce0-c70b-1067-b317-00dd010662da version: v1.0 protocol: [MS-CMPO]: MSDTC Connection Manager: provider: msdtcprx.dll ncalrpc: LRPC-33b137312696cceab2 ncalrpc: LRPC-33b137312696cceab2 ncalrpc: LRPC-33b137312696cceab2 3357951c-a1d1-47db-a278-ab945d063d03 version: v1.0 provider: LBService.dll ncacn_ip_tcp: 88.99.0.80:49827 958f92d8-da20-467a-bbe3-65e7e9b4edcf version: v1.0 annotation: TsProxyMgmt protocol: [MS-TSGU]: Terminal Services Gateway Server Management Interface ncalrpc: AAGMgmt ncacn_ip_http: 88.99.0.80:3388 44e265dd-7daf-42cd-8560-3cdb6e7a2729 version: v1.768 annotation: TsProxy protocol: [MS-TSGU]: Terminal Services Gateway Server Protocol ncalrpc: AAGMgmt ncacn_ip_http: 88.99.0.80:3388 897e2e5f-93f3-4376-9c9c-fd2277495c27 version: v1.0 annotation: Frs2 Service protocol: [MS-FRS2]: Distributed File System Replication Protocol provider: dfsrmig.exe ncacn_ip_tcp: 88.99.0.80:49864 ncalrpc: OLEFF5DB6D3400DA0BA658B589E929F bf4dc912-e52f-4904-8ebe-9317c1bdd497 version: v1.0 ncalrpc: LRPC-5f01e4152e5a656c4c ncalrpc: OLEE5A1D02FD8ECA75CA8C121328739 54b4c689-969a-476f-8dc2-990885e9f562 version: v0.0 ncalrpc: LRPC-60f584b49d2022761f be7f785e-0e3a-4ab7-91de-7e46e443be29 version: v0.0 ncalrpc: LRPC-60f584b49d2022761f
-1213584813 | 2024-04-11T00:26:03.601400389 / tcp
LDAP: SupportedExtension: 1.2.840.113556.1.4.1781 1.2.840.113556.1.4.2212 1.3.6.1.4.1.1466.101.119.1 1.3.6.1.4.1.1466.20037 1.3.6.1.4.1.4203.1.11.3 SupportedSASLMechanisms: DIGEST-MD5 EXTERNAL GSS-SPNEGO GSSAPI SupportedLDAPVersion: 2 3 SupportedLDAPPolicies: InitRecvTimeout MaxBatchReturnMessages MaxConnIdleTime MaxConnections MaxDatagramRecv MaxDirSyncDuration MaxNotificationPerConn MaxPageSize MaxPercentDirSyncRequests MaxPoolThreads MaxQueryDuration MaxReceiveBuffer MaxResultSetSize MaxResultSetsPerConn MaxTempTableSize MaxValRange MaxValRangeTransitive MinResultSets SystemMemoryLimitPercent ThreadMemoryLimit SupportedControl: 1.2.840.113556.1.4.1338 1.2.840.113556.1.4.1339 1.2.840.113556.1.4.1340 1.2.840.113556.1.4.1341 1.2.840.113556.1.4.1413 1.2.840.113556.1.4.1504 1.2.840.113556.1.4.1852 1.2.840.113556.1.4.1907 1.2.840.113556.1.4.1948 1.2.840.113556.1.4.1974 1.2.840.113556.1.4.2026 1.2.840.113556.1.4.2064 1.2.840.113556.1.4.2065 1.2.840.113556.1.4.2066 1.2.840.113556.1.4.2090 1.2.840.113556.1.4.2204 1.2.840.113556.1.4.2205 1.2.840.113556.1.4.2206 1.2.840.113556.1.4.2211 1.2.840.113556.1.4.2239 1.2.840.113556.1.4.2255 1.2.840.113556.1.4.2256 1.2.840.113556.1.4.2309 1.2.840.113556.1.4.2330 1.2.840.113556.1.4.2354 1.2.840.113556.1.4.319 1.2.840.113556.1.4.417 1.2.840.113556.1.4.473 1.2.840.113556.1.4.474 1.2.840.113556.1.4.521 1.2.840.113556.1.4.528 1.2.840.113556.1.4.529 1.2.840.113556.1.4.619 1.2.840.113556.1.4.801 1.2.840.113556.1.4.802 1.2.840.113556.1.4.805 1.2.840.113556.1.4.841 1.2.840.113556.1.4.970 2.16.840.1.113730.3.4.10 2.16.840.1.113730.3.4.9 SupportedCapabilities: 1.2.840.113556.1.4.1670 1.2.840.113556.1.4.1791 1.2.840.113556.1.4.1935 1.2.840.113556.1.4.2080 1.2.840.113556.1.4.2237 1.2.840.113556.1.4.800 SubschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=cloud,DC=protagonist,DC=nl ServerName: CN=BDS01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=cloud,DC=protagonist,DC=nl SchemaNamingContext: CN=Schema,CN=Configuration,DC=cloud,DC=protagonist,DC=nl RootDomainNamingContext: DC=cloud,DC=protagonist,DC=nl NamingContexts: CN=Configuration,DC=cloud,DC=protagonist,DC=nl CN=Schema,CN=Configuration,DC=cloud,DC=protagonist,DC=nl DC=DomainDnsZones,DC=cloud,DC=protagonist,DC=nl DC=ForestDnsZones,DC=cloud,DC=protagonist,DC=nl DC=cloud,DC=protagonist,DC=nl LdapServiceName: cloud.protagonist.nl:bds01$@CLOUD.PROTAGONIST.NL IsSynchronized: TRUE IsGlobalCatalogReady: TRUE HighestCommittedUSN: 6342058 ForestFunctionality: 7 DsServiceName: CN=NTDS Settings,CN=BDS01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=cloud,DC=protagonist,DC=nl DomainFunctionality: 7 DnsHostName: BDS01.cloud.protagonist.nl DefaultNamingContext: DC=cloud,DC=protagonist,DC=nl CurrentTime: 20240411002558.0Z ConfigurationNamingContext: CN=Configuration,DC=cloud,DC=protagonist,DC=nl
-1540739801 | 2024-04-17T02:57:11.310194443 / tcp
HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: text/xml; charset=utf-8 Expires: -1 Server: Microsoft-IIS/10.0 Set-Cookie: TSWAFeatureCheckCookie=true; path=/RDWeb/ Date: Wed, 17 Apr 2024 02:57:10 GMT Content-Length: 14806
Certificate: Data: Version: 3 (0x2) Serial Number: f9:e7:25:8e:0f:9d:3f:7c:a7:61:09:7f:df:3e:89:9c Signature Algorithm: sha256WithRSAEncryption Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA Validity Not Before: Jan 18 00:00:00 2023 GMT Not After : Feb 3 23:59:59 2024 GMT Subject: CN=*.cloud.protagonist.nl Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:c2:c4:08:b8:d7:08:1b:bd:89:2b:66:e6:d0:ee: ea:41:45:10:2a:06:53:08:d3:87:ec:da:da:c5:ab: a6:14:f7:17:c2:04:f1:4a:db:c1:6e:f9:a1:bf:69: 1b:33:71:ae:17:f7:67:bd:e8:99:e3:40:8c:1d:bf: f0:ab:c6:1b:c0:5b:b7:cc:2c:04:52:07:df:c2:7f: 46:03:06:8a:f9:5a:f8:21:a9:4f:28:d8:51:f3:97: 76:e5:0b:25:50:42:9b:84:f5:c4:bf:15:86:b1:ee: 78:be:77:fb:e5:e3:4d:08:50:48:dc:52:35:4b:9a: c6:f6:27:c0:36:fc:8a:9a:0d:1e:4e:fa:32:1c:e5: c7:61:25:66:fd:49:46:e8:cb:76:56:7b:4f:94:c7: 71:41:93:d1:b1:77:45:8b:ce:bc:f5:4f:50:c9:a5: 2b:84:90:3e:42:92:59:56:a9:6b:f2:8a:1b:b0:7d: 22:2b:e9:74:08:b3:40:6d:0e:0f:5d:3b:a2:b0:a2: 68:27:00:a6:94:12:c7:b2:85:c6:97:84:d6:f7:ec: f2:f3:12:83:32:a6:71:e0:05:72:4a:07:a3:06:74: b7:3c:12:97:eb:d6:28:1c:47:ec:3e:a6:51:1d:4e: 46:6f:79:16:c7:fe:c9:a2:33:85:52:5f:52:6a:3b: 91:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Authority Key Identifier: 8D:8C:5E:C4:54:AD:8A:E1:77:E9:9B:F9:9B:05:E1:B8:01:8D:61:E1 X509v3 Subject Key Identifier: E8:E5:DA:2F:B2:9C:33:60:CA:D5:A7:9F:67:E3:4D:4A:44:69:F4:04 X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Basic Constraints: critical CA:FALSE X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Certificate Policies: Policy: 1.3.6.1.4.1.6449.1.2.2.7 CPS: https://sectigo.com/CPS Policy: 2.23.140.1.2.1 Authority Information Access: CA Issuers - URI:http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt OCSP - URI:http://ocsp.sectigo.com X509v3 Subject Alternative Name: DNS:*.cloud.protagonist.nl, DNS:cloud.protagonist.nl CT Precertificate SCTs: Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34: B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74 Timestamp : Jan 18 08:06:12.657 2023 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:21:00:82:A0:97:80:19:BF:5C:5C:13:18:06: 91:7E:49:63:28:58:62:83:CC:0A:2D:E1:9D:F4:D8:65: C7:0B:F9:75:EB:02:20:50:36:F2:37:83:79:F4:EF:AD: F6:DB:1A:AF:5B:D9:AB:67:EC:47:7A:9A:F4:68:D7:F9: 83:DA:42:7F:D4:98:A4 Signed Certificate Timestamp: Version : v1 (0x0) Log ID : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70: 91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB Timestamp : Jan 18 08:06:12.678 2023 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:20:0E:09:4F:97:B9:3E:3C:61:9E:3E:2A:ED: 01:A7:00:B2:3D:D0:23:33:45:06:42:A6:58:15:62:7F: D1:7F:B5:8D:02:21:00:92:3B:36:F2:54:41:DE:E5:66: 08:67:2A:9E:6C:C5:3F:88:19:32:A4:F3:CD:A9:8A:02: A6:88:BB:F7:65:25:74 Signed Certificate Timestamp: Version : v1 (0x0) Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2: 32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B Timestamp : Jan 18 08:06:12.630 2023 GMT Extensions: none Signature : ecdsa-with-SHA256 30:46:02:21:00:CF:06:A1:2D:5D:41:D0:26:F8:1F:1E: D9:1C:B2:A6:0E:29:B5:E4:C0:84:99:61:ED:7A:82:94: F0:E3:48:C4:22:02:21:00:E0:AF:F0:D8:05:2F:74:67: 95:BB:70:A1:D7:B2:CF:D3:7E:E6:BF:D5:3B:E1:9D:40: 35:46:68:0B:C5:17:30:F7 Signature Algorithm: sha256WithRSAEncryption Signature Value: 05:e9:1b:c5:16:0d:06:a6:e6:03:5f:65:ed:6f:f5:cc:28:bb: 26:69:a0:81:23:4e:4c:9e:d5:dc:4c:78:27:7e:a7:ce:3e:e9: 1c:8b:ce:75:90:db:b9:ce:ac:c6:b1:c6:ab:21:f5:cf:3d:13: a2:c4:fe:3e:21:92:24:8c:32:cb:55:31:7b:47:d6:29:a9:c8: e4:0f:33:d0:c1:b6:bd:b3:f7:95:2e:a2:d1:13:c2:dd:97:80: 2e:66:c8:35:58:31:cc:06:02:6d:16:f8:9e:0c:3d:ed:ac:60: 67:66:53:c8:64:49:4f:cb:2e:0b:12:02:7c:07:9f:c4:da:26: 83:a9:11:f7:74:20:ec:af:ea:57:99:42:85:14:4f:f0:a4:c9: 55:8e:32:74:bd:f3:00:3d:67:6c:a9:09:c0:a7:a1:3b:0a:73: 60:af:cb:46:e7:7c:58:f5:67:7f:f0:48:8c:d8:a2:1d:88:67: a4:9e:81:8b:9d:6e:32:19:15:36:3b:3e:dd:81:3a:c0:34:59: 8f:a5:49:9a:8a:65:ca:6d:b2:72:3b:f8:98:b0:c1:b3:e2:1b: 06:5b:58:85:78:30:1f:60:e6:36:c5:a7:b7:53:7c:ae:18:43: 7e:69:a1:a6:86:69:43:0c:40:ff:9b:f4:45:ab:7a:b1:b0:a7: 58:f6:1b:e9
-1166656618 | 2024-04-05T13:47:28.422599445 / tcp
SMB Status: Authentication: enabled SMB Version: 2 Capabilities: raw-mode
21593253 | 2024-04-14T16:25:11.822492593 / tcp
ncacn_http/1.0 Microsoft RPC Endpoint Mapper over HTTP d95afe70-a6d5-4259-822e-2c84da1ddb0d version: v1.0 protocol: [MS-RSP]: Remote Shutdown Protocol provider: wininit.exe ncacn_ip_tcp: 88.99.0.80:49664 ncalrpc: WindowsShutdown ncacn_np: \\BDS01\PIPE\InitShutdown ncalrpc: WMsgKRpc0A6C30 76f226c3-ec14-4325-8a99-6a46348418af version: v1.0 provider: winlogon.exe ncalrpc: WindowsShutdown ncacn_np: \\BDS01\PIPE\InitShutdown ncalrpc: WMsgKRpc0A6C30 ncalrpc: WMsgKRpc0AA581 d09bdeb5-6171-4a34-bfe2-06fa82652568 version: v1.0 ncalrpc: csebpub ncalrpc: LRPC-fcf30b61a56a8bdffe ncalrpc: LRPC-c8149faa0cbae39a5f ncalrpc: LRPC-d657878d63eb64f1b3 ncalrpc: LRPC-a8787df534fa03ef6c ncalrpc: LRPC-04de848ed3b9d15261 ncalrpc: OLE66F9868DCADA44A03571BBAB2F7A ncalrpc: LRPC-43d12da9acc0966e68 ncalrpc: actkernel ncalrpc: umpo ncalrpc: LRPC-c8149faa0cbae39a5f ncalrpc: LRPC-d657878d63eb64f1b3 ncalrpc: LRPC-a8787df534fa03ef6c ncalrpc: LRPC-04de848ed3b9d15261 ncalrpc: OLE66F9868DCADA44A03571BBAB2F7A ncalrpc: LRPC-43d12da9acc0966e68 ncalrpc: actkernel ncalrpc: umpo ncalrpc: LRPC-d657878d63eb64f1b3 ncalrpc: LRPC-a8787df534fa03ef6c ncalrpc: LRPC-04de848ed3b9d15261 ncalrpc: OLE66F9868DCADA44A03571BBAB2F7A ncalrpc: LRPC-43d12da9acc0966e68 ncalrpc: actkernel ncalrpc: umpo ncalrpc: LRPC-968caec9698e2db3b5 ncalrpc: LRPC-bcd53679ab1b235cf3 697dcda9-3ba9-4eb2-9247-e11f1901b0d2 version: v1.0 ncalrpc: LRPC-fcf30b61a56a8bdffe ncalrpc: LRPC-c8149faa0cbae39a5f ncalrpc: LRPC-d657878d63eb64f1b3 ncalrpc: LRPC-a8787df534fa03ef6c ncalrpc: LRPC-04de848ed3b9d15261 ncalrpc: OLE66F9868DCADA44A03571BBAB2F7A ncalrpc: LRPC-43d12da9acc0966e68 ncalrpc: actkernel ncalrpc: umpo 9b008953-f195-4bf9-bde0-4471971e58ed version: v1.0 ncalrpc: LRPC-c8149faa0cbae39a5f ncalrpc: LRPC-d657878d63eb64f1b3 ncalrpc: LRPC-a8787df534fa03ef6c ncalrpc: LRPC-04de848ed3b9d15261 ncalrpc: OLE66F9868DCADA44A03571BBAB2F7A ncalrpc: LRPC-43d12da9acc0966e68 ncalrpc: actkernel ncalrpc: umpo dd59071b-3215-4c59-8481-972edadc0f6a version: v1.0 ncalrpc: umpo 0d47017b-b33b-46ad-9e18-fe96456c5078 version: v1.0 ncalrpc: umpo 95406f0b-b239-4318-91bb-cea3a46ff0dc version: v1.0 ncalrpc: umpo 4ed8abcc-f1e2-438b-981f-bb0e8abc010c version: v1.0 ncalrpc: umpo 0ff1f646-13bb-400a-ab50-9a78f2b7a85a version: v1.0 ncalrpc: umpo 6982a06e-5fe2-46b1-b39c-a2c545bfa069 version: v1.0 ncalrpc: umpo 082a3471-31b6-422a-b931-a54401960c62 version: v1.0 ncalrpc: umpo fae436b0-b864-4a87-9eda-298547cd82f2 version: v1.0 ncalrpc: umpo e53d94ca-7464-4839-b044-09a2fb8b3ae5 version: v1.0 ncalrpc: umpo 178d84be-9291-4994-82c6-3f909aca5a03 version: v1.0 ncalrpc: umpo 4dace966-a243-4450-ae3f-9b7bcb5315b8 version: v2.0 ncalrpc: umpo 1832bcf6-cab8-41d4-85d2-c9410764f75a version: v1.0 ncalrpc: umpo c521facf-09a9-42c5-b155-72388595cbf0 version: v0.0 ncalrpc: umpo 2c7fd9ce-e706-4b40-b412-953107ef9bb0 version: v0.0 ncalrpc: umpo 88abcbc3-34ea-76ae-8215-767520655a23 version: v0.0 ncalrpc: LRPC-a8787df534fa03ef6c ncalrpc: LRPC-04de848ed3b9d15261 ncalrpc: OLE66F9868DCADA44A03571BBAB2F7A ncalrpc: LRPC-43d12da9acc0966e68 ncalrpc: actkernel ncalrpc: umpo 76c217bc-c8b4-4201-a745-373ad9032b1a version: v1.0 ncalrpc: LRPC-a8787df534fa03ef6c ncalrpc: LRPC-04de848ed3b9d15261 ncalrpc: OLE66F9868DCADA44A03571BBAB2F7A ncalrpc: LRPC-43d12da9acc0966e68 ncalrpc: actkernel ncalrpc: umpo 55e6b932-1979-45d6-90c5-7f6270724112 version: v1.0 ncalrpc: LRPC-a8787df534fa03ef6c ncalrpc: LRPC-04de848ed3b9d15261 ncalrpc: OLE66F9868DCADA44A03571BBAB2F7A ncalrpc: LRPC-43d12da9acc0966e68 ncalrpc: actkernel ncalrpc: umpo 857fb1be-084f-4fb5-b59c-4b2c4be5f0cf version: v1.0 ncalrpc: LRPC-04de848ed3b9d15261 ncalrpc: OLE66F9868DCADA44A03571BBAB2F7A ncalrpc: LRPC-43d12da9acc0966e68 ncalrpc: actkernel ncalrpc: umpo b8cadbaf-e84b-46b9-84f2-6f71c03f9e55 version: v1.0 ncalrpc: LRPC-04de848ed3b9d15261 ncalrpc: OLE66F9868DCADA44A03571BBAB2F7A ncalrpc: LRPC-43d12da9acc0966e68 ncalrpc: actkernel ncalrpc: umpo 20c40295-8dba-48e6-aebf-3e78ef3bb144 version: v1.0 ncalrpc: LRPC-04de848ed3b9d15261 ncalrpc: OLE66F9868DCADA44A03571BBAB2F7A ncalrpc: LRPC-43d12da9acc0966e68 ncalrpc: actkernel ncalrpc: umpo 2513bcbe-6cd4-4348-855e-7efb3c336dd3 version: v1.0 ncalrpc: LRPC-04de848ed3b9d15261 ncalrpc: OLE66F9868DCADA44A03571BBAB2F7A ncalrpc: LRPC-43d12da9acc0966e68 ncalrpc: actkernel ncalrpc: umpo 0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e version: v1.0 ncalrpc: LRPC-43d12da9acc0966e68 ncalrpc: actkernel ncalrpc: umpo c605f9fb-f0a3-4e2a-a073-73560f8d9e3e version: v1.0 ncalrpc: LRPC-43d12da9acc0966e68 ncalrpc: actkernel ncalrpc: umpo 1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0 version: v1.0 ncalrpc: LRPC-43d12da9acc0966e68 ncalrpc: actkernel ncalrpc: umpo 8bfc3be1-6def-4e2d-af74-7c47cd0ade4a version: v1.0 ncalrpc: LRPC-43d12da9acc0966e68 ncalrpc: actkernel ncalrpc: umpo 2d98a740-581d-41b9-aa0d-a88b9d5ce938 version: v1.0 ncalrpc: LRPC-43d12da9acc0966e68 ncalrpc: actkernel ncalrpc: umpo 0361ae94-0316-4c6c-8ad8-c594375800e2 version: v1.0 ncalrpc: umpo 5824833b-3c1a-4ad2-bdfd-c31d19e23ed2 version: v1.0 ncalrpc: umpo bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760 version: v1.0 ncalrpc: umpo 3b338d89-6cfa-44b8-847e-531531bc9992 version: v1.0 ncalrpc: umpo 8782d3b9-ebbd-4644-a3d8-e8725381919b version: v1.0 ncalrpc: umpo 085b0334-e454-4d91-9b8c-4134f9e793f3 version: v1.0 ncalrpc: umpo 4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9 version: v1.0 ncalrpc: umpo c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 version: v1.0 annotation: Impl friendly name provider: sysntfy.dll ncalrpc: LRPC-4a4bcdab85e086681d ncalrpc: LRPC-aba9434fef922876c8 ncalrpc: IUserProfile2 ncalrpc: LRPC-51192540d1f273dedf ncalrpc: senssvc ncalrpc: LRPC-938eb9e91514df6d98 ncalrpc: OLE21D4AF0335E8D0FEB6D4941DA1D0 ncacn_ip_tcp: 88.99.0.80:49671 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\BDS01\pipe\lsass 7ea70bcf-48af-4f6a-8968-6a440754d5fa version: v1.0 annotation: NSI server endpoint provider: nsisvc.dll ncalrpc: LRPC-e54bdf7a46a2aa53a9 30adc50c-5cbc-46ce-9a0e-91914789e23c version: v1.0 annotation: NRP server endpoint provider: nrpsrv.dll ncalrpc: LRPC-1261b104838074c5e6 a500d4c6-0dd1-4543-bc0c-d5f93486eaf8 version: v1.0 ncalrpc: LRPC-9160c9839c854e921e ncalrpc: LRPC-968caec9698e2db3b5 e40f7b57-7a25-4cd3-a135-7f7d3df9d16b version: v1.0 annotation: Network Connection Broker server endpoint ncalrpc: LRPC-d3f3f98e68d7ed06ea ncalrpc: OLE7E4853580A2FB25661E7DBCC6E3E ncalrpc: LRPC-9a1cb8c399ed5b1521 ncalrpc: LRPC-bcd53679ab1b235cf3 880fd55e-43b9-11e0-b1a8-cf4edfd72085 version: v1.0 annotation: KAPI Service endpoint ncalrpc: LRPC-d3f3f98e68d7ed06ea ncalrpc: OLE7E4853580A2FB25661E7DBCC6E3E ncalrpc: LRPC-9a1cb8c399ed5b1521 ncalrpc: LRPC-bcd53679ab1b235cf3 5222821f-d5e2-4885-84f1-5f6185a0ec41 version: v1.0 annotation: Network Connection Broker server endpoint for NCB Reset module ncalrpc: LRPC-9a1cb8c399ed5b1521 ncalrpc: LRPC-bcd53679ab1b235cf3 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5 version: v1.0 annotation: DHCP Client LRPC Endpoint provider: dhcpcsvc.dll ncalrpc: dhcpcsvc ncalrpc: dhcpcsvc6 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6 version: v1.0 annotation: DHCPv6 Client LRPC Endpoint provider: dhcpcsvc6.dll ncalrpc: dhcpcsvc6 f6beaff7-1e19-4fbb-9f8f-b89e2018337c version: v1.0 annotation: Event log TCPIP protocol: [MS-EVEN6]: EventLog Remoting Protocol provider: wevtsvc.dll ncacn_ip_tcp: 88.99.0.80:49665 ncacn_np: \\BDS01\pipe\eventlog ncalrpc: eventlog 89759fce-5a25-4086-8967-de12f39a60b5 version: v1.0 provider: tssdjet.dll ncacn_ip_tcp: 88.99.0.80:49666 ncalrpc: LcRpc ncalrpc: OLE283407BABCEEFBD08256B1868F8C 9b3195fe-d603-43d1-a0d5-9072d7cde122 version: v1.0 provider: tssdjet.dll ncacn_ip_tcp: 88.99.0.80:49666 ncalrpc: LcRpc ncalrpc: OLE283407BABCEEFBD08256B1868F8C 2eb08e3e-639f-4fba-97b1-14f878961076 version: v1.0 annotation: Group Policy RPC Interface provider: gpsvc.dll ncalrpc: LRPC-91b0c2edb43cd077c9 3a9ef155-691d-4449-8d05-09ad57031823 version: v1.0 ncacn_ip_tcp: 88.99.0.80:49667 ncalrpc: LRPC-d79ca6fa8333deb6a7 ncalrpc: ubpmtaskhostchannel ncacn_np: \\BDS01\PIPE\atsvc ncalrpc: LRPC-888427ec08e8e8b690 86d35949-83c9-4044-b424-db363231fd0c version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: schedsvc.dll ncacn_ip_tcp: 88.99.0.80:49667 ncalrpc: LRPC-d79ca6fa8333deb6a7 ncalrpc: ubpmtaskhostchannel ncacn_np: \\BDS01\PIPE\atsvc ncalrpc: LRPC-888427ec08e8e8b690 33d84484-3626-47ee-8c6f-e7e98b113be1 version: v2.0 ncalrpc: LRPC-d79ca6fa8333deb6a7 ncalrpc: ubpmtaskhostchannel ncacn_np: \\BDS01\PIPE\atsvc ncalrpc: LRPC-888427ec08e8e8b690 378e52b0-c0a9-11cf-822d-00aa0051e40f version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: taskcomp.dll ncacn_np: \\BDS01\PIPE\atsvc ncalrpc: LRPC-888427ec08e8e8b690 1ff70682-0a51-30e8-076d-740be8cee98b version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: taskcomp.dll ncacn_np: \\BDS01\PIPE\atsvc ncalrpc: LRPC-888427ec08e8e8b690 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53 version: v1.0 provider: schedsvc.dll ncalrpc: LRPC-888427ec08e8e8b690 2fb92682-6599-42dc-ae13-bd2ca89bd11c version: v1.0 annotation: Fw APIs provider: MPSSVC.dll ncalrpc: LRPC-15d20b37b03c3679d8 ncalrpc: LRPC-c90cd60da71bcea136 ncalrpc: LRPC-e4cc49661f0524d786 ncalrpc: LRPC-2e05143a5c63dd84a2 f47433c3-3e9d-4157-aad4-83aa1f5c2d4c version: v1.0 annotation: Fw APIs ncalrpc: LRPC-c90cd60da71bcea136 ncalrpc: LRPC-e4cc49661f0524d786 ncalrpc: LRPC-2e05143a5c63dd84a2 7f9d11bf-7fb9-436b-a812-b2d50c5d4c03 version: v1.0 annotation: Fw APIs provider: MPSSVC.dll ncalrpc: LRPC-e4cc49661f0524d786 ncalrpc: LRPC-2e05143a5c63dd84a2 dd490425-5325-4565-b774-7e27d6c09c24 version: v1.0 annotation: Base Firewall Engine API provider: BFE.DLL ncalrpc: LRPC-2e05143a5c63dd84a2 3473dd4d-2e88-4006-9cba-22570909dd10 version: v5.256 annotation: WinHttp Auto-Proxy Service ncalrpc: aeb7e264-6556-41bc-a915-fc17f7055d87 ncalrpc: LRPC-4b1d401539f305510d c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1 version: v1.0 annotation: Adh APIs ncalrpc: OLE1177157A7EA061CFDE3246F6B6A1 ncalrpc: TeredoControl ncalrpc: TeredoDiagnostics ncalrpc: LRPC-d38dad9e5db31459f0 c36be077-e14b-4fe9-8abc-e856ef4f048b version: v1.0 annotation: Proxy Manager client server endpoint ncalrpc: TeredoControl ncalrpc: TeredoDiagnostics ncalrpc: LRPC-d38dad9e5db31459f0 2e6035b2-e8f1-41a7-a044-656b439c4c34 version: v1.0 annotation: Proxy Manager provider server endpoint ncalrpc: TeredoControl ncalrpc: TeredoDiagnostics ncalrpc: LRPC-d38dad9e5db31459f0 552d076a-cb29-4e44-8b6a-d15e59e2c0af version: v1.0 annotation: IP Transition Configuration endpoint provider: iphlpsvc.dll ncalrpc: LRPC-d38dad9e5db31459f0 0d3c7f20-1c8d-4654-a1b3-51563b298bda version: v1.0 annotation: UserMgrCli ncalrpc: LRPC-55422875079228c516 ncalrpc: OLE6F2EC42F81FFA9E230DF07BEC02A b18fbab6-56f8-4702-84e0-41053293a869 version: v1.0 annotation: UserMgrCli ncalrpc: LRPC-55422875079228c516 ncalrpc: OLE6F2EC42F81FFA9E230DF07BEC02A c2d1b5dd-fa81-4460-9dd6-e7658b85454b version: v1.0 ncalrpc: LRPC-260f7205274b81b63a ncalrpc: OLE18AF9A33FF6C4957062141A7ED68 f44e62af-dab1-44c2-8013-049a9de417d6 version: v1.0 ncalrpc: LRPC-260f7205274b81b63a ncalrpc: OLE18AF9A33FF6C4957062141A7ED68 7aeb6705-3ae6-471a-882d-f39c109edc12 version: v1.0 ncalrpc: LRPC-260f7205274b81b63a ncalrpc: OLE18AF9A33FF6C4957062141A7ED68 e7f76134-9ef5-4949-a2d6-3368cc0988f3 version: v1.0 ncalrpc: LRPC-260f7205274b81b63a ncalrpc: OLE18AF9A33FF6C4957062141A7ED68 b37f900a-eae4-4304-a2ab-12bb668c0188 version: v1.0 ncalrpc: LRPC-260f7205274b81b63a ncalrpc: OLE18AF9A33FF6C4957062141A7ED68 abfb6ca3-0c5e-4734-9285-0aee72fe8d1c version: v1.0 ncalrpc: LRPC-260f7205274b81b63a ncalrpc: OLE18AF9A33FF6C4957062141A7ED68 30b044a5-a225-43f0-b3a4-e060df91f9c1 version: v1.0 provider: certprop.dll ncalrpc: LRPC-083600f54421bd8cb9 7f1343fe-50a9-4927-a778-0c5859517bac version: v1.0 annotation: DfsDs service ncacn_np: \\BDS01\PIPE\wkssvc ncalrpc: LRPC-b25ace7a2f0b44cd88 eb081a0d-10ee-478a-a1dd-50995283e7a8 version: v3.0 annotation: Witness Client Test Interface ncalrpc: LRPC-b25ace7a2f0b44cd88 f2c9b409-c1c9-4100-8639-d8ab1486694a version: v1.0 annotation: Witness Client Upcall Server ncalrpc: LRPC-b25ace7a2f0b44cd88 29770a8f-829b-4158-90a2-78cd488501f7 version: v1.0 ncacn_ip_tcp: 88.99.0.80:49673 ncacn_np: \\BDS01\pipe\SessEnvPublicRpc ncalrpc: SessEnvPrivateRpc ncalrpc: OLEE9C2A20402470DCA62F5E3DF6D88 ncalrpc: LRPC-938eb9e91514df6d98 51a227ae-825b-41f2-b4a9-1ac9557a1018 version: v1.0 annotation: Ngc Pop Key Service ncacn_ip_tcp: 88.99.0.80:49678 ncalrpc: NETLOGON_LRPC ncacn_np: \\BDS01\pipe\25a5371444c257c6 ncacn_ip_http: 88.99.0.80:49677 ncalrpc: NTDS_LPC ncacn_ip_tcp: 88.99.0.80:49676 ncalrpc: OLE21D4AF0335E8D0FEB6D4941DA1D0 ncacn_ip_tcp: 88.99.0.80:49671 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\BDS01\pipe\lsass 8fb74744-b2ff-4c00-be0d-9ef9a191fe1b version: v1.0 annotation: Ngc Pop Key Service ncacn_ip_tcp: 88.99.0.80:49678 ncalrpc: NETLOGON_LRPC ncacn_np: \\BDS01\pipe\25a5371444c257c6 ncacn_ip_http: 88.99.0.80:49677 ncalrpc: NTDS_LPC ncacn_ip_tcp: 88.99.0.80:49676 ncalrpc: OLE21D4AF0335E8D0FEB6D4941DA1D0 ncacn_ip_tcp: 88.99.0.80:49671 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\BDS01\pipe\lsass b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86 version: v2.0 annotation: KeyIso ncacn_ip_tcp: 88.99.0.80:49678 ncalrpc: NETLOGON_LRPC ncacn_np: \\BDS01\pipe\25a5371444c257c6 ncacn_ip_http: 88.99.0.80:49677 ncalrpc: NTDS_LPC ncacn_ip_tcp: 88.99.0.80:49676 ncalrpc: OLE21D4AF0335E8D0FEB6D4941DA1D0 ncacn_ip_tcp: 88.99.0.80:49671 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\BDS01\pipe\lsass 12345678-1234-abcd-ef00-01234567cffb version: v1.0 protocol: [MS-NRPC]: Netlogon Remote Protocol provider: netlogon.dll ncacn_ip_tcp: 88.99.0.80:49678 ncalrpc: NETLOGON_LRPC ncacn_np: \\BDS01\pipe\25a5371444c257c6 ncacn_ip_http: 88.99.0.80:49677 ncalrpc: NTDS_LPC ncacn_ip_tcp: 88.99.0.80:49676 ncalrpc: OLE21D4AF0335E8D0FEB6D4941DA1D0 ncacn_ip_tcp: 88.99.0.80:49671 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\BDS01\pipe\lsass 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7 version: v0.0 annotation: RemoteAccessCheck protocol: [MS-RAA]: Remote Authorization API Protocol ncalrpc: NETLOGON_LRPC ncacn_np: \\BDS01\pipe\25a5371444c257c6 ncacn_ip_http: 88.99.0.80:49677 ncalrpc: NTDS_LPC ncacn_ip_tcp: 88.99.0.80:49676 ncalrpc: OLE21D4AF0335E8D0FEB6D4941DA1D0 ncacn_ip_tcp: 88.99.0.80:49671 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\BDS01\pipe\lsass ncalrpc: NETLOGON_LRPC ncacn_np: \\BDS01\pipe\25a5371444c257c6 ncacn_ip_http: 88.99.0.80:49677 ncalrpc: NTDS_LPC ncacn_ip_tcp: 88.99.0.80:49676 ncalrpc: OLE21D4AF0335E8D0FEB6D4941DA1D0 ncacn_ip_tcp: 88.99.0.80:49671 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\BDS01\pipe\lsass 12345778-1234-abcd-ef00-0123456789ab version: v0.0 protocol: [MS-LSAT]: Local Security Authority (Translation Methods) Remote provider: lsasrv.dll ncacn_np: \\BDS01\pipe\25a5371444c257c6 ncacn_ip_http: 88.99.0.80:49677 ncalrpc: NTDS_LPC ncacn_ip_tcp: 88.99.0.80:49676 ncalrpc: OLE21D4AF0335E8D0FEB6D4941DA1D0 ncacn_ip_tcp: 88.99.0.80:49671 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\BDS01\pipe\lsass e3514235-4b06-11d1-ab04-00c04fc2dcd2 version: v4.0 annotation: MS NT Directory DRS Interface protocol: [MS-DRSR]: Directory Replication Service (DRS) Remote Protocol provider: ntdsai.dll ncacn_np: \\BDS01\pipe\25a5371444c257c6 ncacn_ip_http: 88.99.0.80:49677 ncalrpc: NTDS_LPC ncacn_ip_tcp: 88.99.0.80:49676 ncalrpc: OLE21D4AF0335E8D0FEB6D4941DA1D0 ncacn_ip_tcp: 88.99.0.80:49671 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\BDS01\pipe\lsass 12345778-1234-abcd-ef00-0123456789ac version: v1.0 protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol provider: samsrv.dll ncacn_ip_tcp: 88.99.0.80:49676 ncalrpc: OLE21D4AF0335E8D0FEB6D4941DA1D0 ncacn_ip_tcp: 88.99.0.80:49671 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\BDS01\pipe\lsass 1a0d010f-1c33-432c-b0f5-8cf4e8053099 version: v1.0 annotation: IdSegSrv service ncalrpc: LRPC-8cbfecc8a507303d8b 98716d03-89ac-44c7-bb8c-285824e51c4a version: v1.0 annotation: XactSrv service provider: srvsvc.dll ncalrpc: LRPC-8cbfecc8a507303d8b 76f03f96-cdfd-44fc-a22c-64950a001209 version: v1.0 protocol: [MS-PAR]: Print System Asynchronous Remote Protocol provider: spoolsv.exe ncacn_ip_tcp: 88.99.0.80:49679 ncalrpc: LRPC-76b2af0e74918ea075 4a452661-8290-4b36-8fbe-7f4093a94978 version: v1.0 provider: spoolsv.exe ncacn_ip_tcp: 88.99.0.80:49679 ncalrpc: LRPC-76b2af0e74918ea075 ae33069b-a2a8-46ee-a235-ddfd339be281 version: v1.0 protocol: [MS-PAN]: Print System Asynchronous Notification Protocol provider: spoolsv.exe ncacn_ip_tcp: 88.99.0.80:49679 ncalrpc: LRPC-76b2af0e74918ea075 0b6edbfa-4a24-4fc6-8a23-942b1eca65d1 version: v1.0 protocol: [MS-PAN]: Print System Asynchronous Notification Protocol provider: spoolsv.exe ncacn_ip_tcp: 88.99.0.80:49679 ncalrpc: LRPC-76b2af0e74918ea075 12345678-1234-abcd-ef00-0123456789ab version: v1.0 protocol: [MS-RPRN]: Print System Remote Protocol provider: spoolsv.exe ncacn_ip_tcp: 88.99.0.80:49679 ncalrpc: LRPC-76b2af0e74918ea075 df4df73a-c52d-4e3a-8003-8437fdf8302a version: v0.0 annotation: WM_WindowManagerRPC\Server ncalrpc: LRPC-6924e625d95814a98c b58aa02e-2884-4e97-8176-4ee06d794184 version: v1.0 provider: sysmain.dll ncalrpc: LRPC-f95cfc4d1484714c91 d1c2c07a-d989-48cc-a423-b73ecd518d40 version: v1.0 annotation: Veeam RPC Invoker ncacn_ip_tcp: 88.99.0.80:11731 ncacn_ip_tcp: 88.99.0.80:6160 ncacn_ip_tcp: 88.99.0.80:6162 ncacn_ip_tcp: 88.99.0.80:6190 ncacn_ip_tcp: 88.99.0.80:6183 ncalrpc: OLE72AA0F4852A2B94E3E194D0DEE08 d107c6e0-fc35-49ba-ba03-3e192de6797d version: v1.0 annotation: Veeam Deployer ncacn_ip_tcp: 88.99.0.80:11731 ncacn_ip_tcp: 88.99.0.80:6160 ncacn_ip_tcp: 88.99.0.80:6183 ncalrpc: OLE72AA0F4852A2B94E3E194D0DEE08 650a7e26-eab8-5533-ce43-9c1dfce11511 version: v1.0 annotation: Vpn APIs ncalrpc: LRPC-dc429a427706060974 ncalrpc: VpnikeRpc ncalrpc: RasmanLrpc ncacn_np: \\BDS01\PIPE\ROUTER 98cd761e-e77d-41c8-a3c0-0fb756d90ec2 version: v1.0 ncalrpc: LRPC-2ea778c893d5489ca9 d22895ef-aff4-42c5-a5b2-b14466d34ab4 version: v1.0 ncalrpc: LRPC-2ea778c893d5489ca9 e38f5360-8572-473e-b696-1b46873beeab version: v1.0 ncalrpc: LRPC-2ea778c893d5489ca9 95095ec8-32ea-4eb0-a3e2-041f97b36168 version: v1.0 ncalrpc: LRPC-2ea778c893d5489ca9 fd8be72b-a9cd-4b2c-a9ca-4ded242fbe4d version: v1.0 ncalrpc: LRPC-2ea778c893d5489ca9 4c9dbf19-d39e-4bb9-90ee-8f7179b20283 version: v1.0 ncalrpc: LRPC-2ea778c893d5489ca9 f3f09ffd-fbcf-4291-944d-70ad6e0e73bb version: v1.0 ncalrpc: LRPC-0c4f83b79195ea412e 3d267954-eeb7-11d1-b94e-00c04fa3080d version: v1.0 provider: lserver.dll ncacn_ip_tcp: 88.99.0.80:49694 ncacn_np: \\BDS01\pipe\HydraLsPipe ncalrpc: LRPC-fae19ac46d6ff4e10a 50abc2a4-574d-40b3-9d66-ee4fd5fba076 version: v5.0 protocol: [MS-DNSP]: Domain Name Service (DNS) Server Management provider: dns.exe ncacn_ip_tcp: 88.99.0.80:49707 32e36e84-4ba2-496c-ba85-fb450f325107 version: v2.0 ncalrpc: TSSessionDirectoryQueryApi ncacn_ip_tcp: 88.99.0.80:49731 c95fc993-f460-4763-a00d-bb3b9e5c7e2e version: v1.0 ncacn_ip_tcp: 88.99.0.80:49731 aa177641-fc9b-41bd-80ff-f964a701596f version: v1.0 provider: tssdis.exe ncacn_ip_tcp: 88.99.0.80:49731 ed96b012-c8ce-4f60-a682-35535b12ff75 version: v2.0 ncacn_ip_tcp: 88.99.0.80:5504 ncalrpc: OLE5E91CB9E65FBF194B2FFDD911574 367abb81-9844-35f1-ad32-98f038001003 version: v2.0 protocol: [MS-SCMR]: Service Control Manager Remote Protocol provider: services.exe ncacn_ip_tcp: 88.99.0.80:49732 0767a036-0d22-48aa-ba69-b619480f38cb version: v1.0 annotation: PcaSvc provider: pcasvc.dll ncalrpc: LRPC-58170ed5bcd91112f3 7d814569-35b3-4850-bb32-83035fcebf6e version: v1.0 annotation: IAS RPC server provider: ias.dll ncalrpc: LRPC-a86976a5ce14fac8a4 ncalrpc: OLE92DBA46B674E6151660F3A8D0188 906b0ce0-c70b-1067-b317-00dd010662da version: v1.0 protocol: [MS-CMPO]: MSDTC Connection Manager: provider: msdtcprx.dll ncalrpc: LRPC-33b137312696cceab2 ncalrpc: LRPC-33b137312696cceab2 ncalrpc: LRPC-33b137312696cceab2 3357951c-a1d1-47db-a278-ab945d063d03 version: v1.0 provider: LBService.dll ncacn_ip_tcp: 88.99.0.80:49827 958f92d8-da20-467a-bbe3-65e7e9b4edcf version: v1.0 annotation: TsProxyMgmt protocol: [MS-TSGU]: Terminal Services Gateway Server Management Interface ncalrpc: AAGMgmt ncacn_ip_http: 88.99.0.80:3388 44e265dd-7daf-42cd-8560-3cdb6e7a2729 version: v1.768 annotation: TsProxy protocol: [MS-TSGU]: Terminal Services Gateway Server Protocol ncalrpc: AAGMgmt ncacn_ip_http: 88.99.0.80:3388 897e2e5f-93f3-4376-9c9c-fd2277495c27 version: v1.0 annotation: Frs2 Service protocol: [MS-FRS2]: Distributed File System Replication Protocol provider: dfsrmig.exe ncacn_ip_tcp: 88.99.0.80:49864 ncalrpc: OLEFF5DB6D3400DA0BA658B589E929F bf4dc912-e52f-4904-8ebe-9317c1bdd497 version: v1.0 ncalrpc: LRPC-5f01e4152e5a656c4c ncalrpc: OLEE5A1D02FD8ECA75CA8C121328739 54b4c689-969a-476f-8dc2-990885e9f562 version: v0.0 ncalrpc: LRPC-60f584b49d2022761f be7f785e-0e3a-4ab7-91de-7e46e443be29 version: v0.0 ncalrpc: LRPC-60f584b49d2022761f
449009587 | 2024-04-18T04:24:17.749989636 / tcp
LDAP: SupportedExtension: 1.2.840.113556.1.4.1781 1.2.840.113556.1.4.2212 1.3.6.1.4.1.1466.101.119.1 1.3.6.1.4.1.1466.20037 1.3.6.1.4.1.4203.1.11.3 SupportedSASLMechanisms: DIGEST-MD5 EXTERNAL GSS-SPNEGO GSSAPI SupportedLDAPVersion: 2 3 SupportedLDAPPolicies: InitRecvTimeout MaxBatchReturnMessages MaxConnIdleTime MaxConnections MaxDatagramRecv MaxDirSyncDuration MaxNotificationPerConn MaxPageSize MaxPercentDirSyncRequests MaxPoolThreads MaxQueryDuration MaxReceiveBuffer MaxResultSetSize MaxResultSetsPerConn MaxTempTableSize MaxValRange MaxValRangeTransitive MinResultSets SystemMemoryLimitPercent ThreadMemoryLimit SupportedControl: 1.2.840.113556.1.4.1338 1.2.840.113556.1.4.1339 1.2.840.113556.1.4.1340 1.2.840.113556.1.4.1341 1.2.840.113556.1.4.1413 1.2.840.113556.1.4.1504 1.2.840.113556.1.4.1852 1.2.840.113556.1.4.1907 1.2.840.113556.1.4.1948 1.2.840.113556.1.4.1974 1.2.840.113556.1.4.2026 1.2.840.113556.1.4.2064 1.2.840.113556.1.4.2065 1.2.840.113556.1.4.2066 1.2.840.113556.1.4.2090 1.2.840.113556.1.4.2204 1.2.840.113556.1.4.2205 1.2.840.113556.1.4.2206 1.2.840.113556.1.4.2211 1.2.840.113556.1.4.2239 1.2.840.113556.1.4.2255 1.2.840.113556.1.4.2256 1.2.840.113556.1.4.2309 1.2.840.113556.1.4.2330 1.2.840.113556.1.4.2354 1.2.840.113556.1.4.319 1.2.840.113556.1.4.417 1.2.840.113556.1.4.473 1.2.840.113556.1.4.474 1.2.840.113556.1.4.521 1.2.840.113556.1.4.528 1.2.840.113556.1.4.529 1.2.840.113556.1.4.619 1.2.840.113556.1.4.801 1.2.840.113556.1.4.802 1.2.840.113556.1.4.805 1.2.840.113556.1.4.841 1.2.840.113556.1.4.970 2.16.840.1.113730.3.4.10 2.16.840.1.113730.3.4.9 SupportedCapabilities: 1.2.840.113556.1.4.1670 1.2.840.113556.1.4.1791 1.2.840.113556.1.4.1935 1.2.840.113556.1.4.2080 1.2.840.113556.1.4.2237 1.2.840.113556.1.4.800 SubschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=cloud,DC=protagonist,DC=nl ServerName: CN=BDS01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=cloud,DC=protagonist,DC=nl SchemaNamingContext: CN=Schema,CN=Configuration,DC=cloud,DC=protagonist,DC=nl RootDomainNamingContext: DC=cloud,DC=protagonist,DC=nl NamingContexts: CN=Configuration,DC=cloud,DC=protagonist,DC=nl CN=Schema,CN=Configuration,DC=cloud,DC=protagonist,DC=nl DC=DomainDnsZones,DC=cloud,DC=protagonist,DC=nl DC=ForestDnsZones,DC=cloud,DC=protagonist,DC=nl DC=cloud,DC=protagonist,DC=nl LdapServiceName: cloud.protagonist.nl:bds01$@CLOUD.PROTAGONIST.NL IsSynchronized: TRUE IsGlobalCatalogReady: TRUE HighestCommittedUSN: 6395383 ForestFunctionality: 7 DsServiceName: CN=NTDS Settings,CN=BDS01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=cloud,DC=protagonist,DC=nl DomainFunctionality: 7 DnsHostName: BDS01.cloud.protagonist.nl DefaultNamingContext: DC=cloud,DC=protagonist,DC=nl CurrentTime: 20240418042409.0Z ConfigurationNamingContext: CN=Configuration,DC=cloud,DC=protagonist,DC=nl
Certificate: Data: Version: 3 (0x2) Serial Number: f9:e7:25:8e:0f:9d:3f:7c:a7:61:09:7f:df:3e:89:9c Signature Algorithm: sha256WithRSAEncryption Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA Validity Not Before: Jan 18 00:00:00 2023 GMT Not After : Feb 3 23:59:59 2024 GMT Subject: CN=*.cloud.protagonist.nl Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:c2:c4:08:b8:d7:08:1b:bd:89:2b:66:e6:d0:ee: ea:41:45:10:2a:06:53:08:d3:87:ec:da:da:c5:ab: a6:14:f7:17:c2:04:f1:4a:db:c1:6e:f9:a1:bf:69: 1b:33:71:ae:17:f7:67:bd:e8:99:e3:40:8c:1d:bf: f0:ab:c6:1b:c0:5b:b7:cc:2c:04:52:07:df:c2:7f: 46:03:06:8a:f9:5a:f8:21:a9:4f:28:d8:51:f3:97: 76:e5:0b:25:50:42:9b:84:f5:c4:bf:15:86:b1:ee: 78:be:77:fb:e5:e3:4d:08:50:48:dc:52:35:4b:9a: c6:f6:27:c0:36:fc:8a:9a:0d:1e:4e:fa:32:1c:e5: c7:61:25:66:fd:49:46:e8:cb:76:56:7b:4f:94:c7: 71:41:93:d1:b1:77:45:8b:ce:bc:f5:4f:50:c9:a5: 2b:84:90:3e:42:92:59:56:a9:6b:f2:8a:1b:b0:7d: 22:2b:e9:74:08:b3:40:6d:0e:0f:5d:3b:a2:b0:a2: 68:27:00:a6:94:12:c7:b2:85:c6:97:84:d6:f7:ec: f2:f3:12:83:32:a6:71:e0:05:72:4a:07:a3:06:74: b7:3c:12:97:eb:d6:28:1c:47:ec:3e:a6:51:1d:4e: 46:6f:79:16:c7:fe:c9:a2:33:85:52:5f:52:6a:3b: 91:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Authority Key Identifier: 8D:8C:5E:C4:54:AD:8A:E1:77:E9:9B:F9:9B:05:E1:B8:01:8D:61:E1 X509v3 Subject Key Identifier: E8:E5:DA:2F:B2:9C:33:60:CA:D5:A7:9F:67:E3:4D:4A:44:69:F4:04 X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Basic Constraints: critical CA:FALSE X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Certificate Policies: Policy: 1.3.6.1.4.1.6449.1.2.2.7 CPS: https://sectigo.com/CPS Policy: 2.23.140.1.2.1 Authority Information Access: CA Issuers - URI:http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt OCSP - URI:http://ocsp.sectigo.com X509v3 Subject Alternative Name: DNS:*.cloud.protagonist.nl, DNS:cloud.protagonist.nl CT Precertificate SCTs: Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34: B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74 Timestamp : Jan 18 08:06:12.657 2023 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:21:00:82:A0:97:80:19:BF:5C:5C:13:18:06: 91:7E:49:63:28:58:62:83:CC:0A:2D:E1:9D:F4:D8:65: C7:0B:F9:75:EB:02:20:50:36:F2:37:83:79:F4:EF:AD: F6:DB:1A:AF:5B:D9:AB:67:EC:47:7A:9A:F4:68:D7:F9: 83:DA:42:7F:D4:98:A4 Signed Certificate Timestamp: Version : v1 (0x0) Log ID : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70: 91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB Timestamp : Jan 18 08:06:12.678 2023 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:20:0E:09:4F:97:B9:3E:3C:61:9E:3E:2A:ED: 01:A7:00:B2:3D:D0:23:33:45:06:42:A6:58:15:62:7F: D1:7F:B5:8D:02:21:00:92:3B:36:F2:54:41:DE:E5:66: 08:67:2A:9E:6C:C5:3F:88:19:32:A4:F3:CD:A9:8A:02: A6:88:BB:F7:65:25:74 Signed Certificate Timestamp: Version : v1 (0x0) Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2: 32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B Timestamp : Jan 18 08:06:12.630 2023 GMT Extensions: none Signature : ecdsa-with-SHA256 30:46:02:21:00:CF:06:A1:2D:5D:41:D0:26:F8:1F:1E: D9:1C:B2:A6:0E:29:B5:E4:C0:84:99:61:ED:7A:82:94: F0:E3:48:C4:22:02:21:00:E0:AF:F0:D8:05:2F:74:67: 95:BB:70:A1:D7:B2:CF:D3:7E:E6:BF:D5:3B:E1:9D:40: 35:46:68:0B:C5:17:30:F7 Signature Algorithm: sha256WithRSAEncryption Signature Value: 05:e9:1b:c5:16:0d:06:a6:e6:03:5f:65:ed:6f:f5:cc:28:bb: 26:69:a0:81:23:4e:4c:9e:d5:dc:4c:78:27:7e:a7:ce:3e:e9: 1c:8b:ce:75:90:db:b9:ce:ac:c6:b1:c6:ab:21:f5:cf:3d:13: a2:c4:fe:3e:21:92:24:8c:32:cb:55:31:7b:47:d6:29:a9:c8: e4:0f:33:d0:c1:b6:bd:b3:f7:95:2e:a2:d1:13:c2:dd:97:80: 2e:66:c8:35:58:31:cc:06:02:6d:16:f8:9e:0c:3d:ed:ac:60: 67:66:53:c8:64:49:4f:cb:2e:0b:12:02:7c:07:9f:c4:da:26: 83:a9:11:f7:74:20:ec:af:ea:57:99:42:85:14:4f:f0:a4:c9: 55:8e:32:74:bd:f3:00:3d:67:6c:a9:09:c0:a7:a1:3b:0a:73: 60:af:cb:46:e7:7c:58:f5:67:7f:f0:48:8c:d8:a2:1d:88:67: a4:9e:81:8b:9d:6e:32:19:15:36:3b:3e:dd:81:3a:c0:34:59: 8f:a5:49:9a:8a:65:ca:6d:b2:72:3b:f8:98:b0:c1:b3:e2:1b: 06:5b:58:85:78:30:1f:60:e6:36:c5:a7:b7:53:7c:ae:18:43: 7e:69:a1:a6:86:69:43:0c:40:ff:9b:f4:45:ab:7a:b1:b0:a7: 58:f6:1b:e9
1909643365 | 2024-04-12T05:36:36.6498293268 / tcp
LDAP: SupportedExtension: 1.2.840.113556.1.4.1781 1.2.840.113556.1.4.2212 1.3.6.1.4.1.1466.101.119.1 1.3.6.1.4.1.1466.20037 1.3.6.1.4.1.4203.1.11.3 SupportedSASLMechanisms: DIGEST-MD5 EXTERNAL GSS-SPNEGO GSSAPI SupportedLDAPVersion: 2 3 SupportedLDAPPolicies: InitRecvTimeout MaxBatchReturnMessages MaxConnIdleTime MaxConnections MaxDatagramRecv MaxDirSyncDuration MaxNotificationPerConn MaxPageSize MaxPercentDirSyncRequests MaxPoolThreads MaxQueryDuration MaxReceiveBuffer MaxResultSetSize MaxResultSetsPerConn MaxTempTableSize MaxValRange MaxValRangeTransitive MinResultSets SystemMemoryLimitPercent ThreadMemoryLimit SupportedControl: 1.2.840.113556.1.4.1338 1.2.840.113556.1.4.1339 1.2.840.113556.1.4.1340 1.2.840.113556.1.4.1341 1.2.840.113556.1.4.1413 1.2.840.113556.1.4.1504 1.2.840.113556.1.4.1852 1.2.840.113556.1.4.1907 1.2.840.113556.1.4.1948 1.2.840.113556.1.4.1974 1.2.840.113556.1.4.2026 1.2.840.113556.1.4.2064 1.2.840.113556.1.4.2065 1.2.840.113556.1.4.2066 1.2.840.113556.1.4.2090 1.2.840.113556.1.4.2204 1.2.840.113556.1.4.2205 1.2.840.113556.1.4.2206 1.2.840.113556.1.4.2211 1.2.840.113556.1.4.2239 1.2.840.113556.1.4.2255 1.2.840.113556.1.4.2256 1.2.840.113556.1.4.2309 1.2.840.113556.1.4.2330 1.2.840.113556.1.4.2354 1.2.840.113556.1.4.319 1.2.840.113556.1.4.417 1.2.840.113556.1.4.473 1.2.840.113556.1.4.474 1.2.840.113556.1.4.521 1.2.840.113556.1.4.528 1.2.840.113556.1.4.529 1.2.840.113556.1.4.619 1.2.840.113556.1.4.801 1.2.840.113556.1.4.802 1.2.840.113556.1.4.805 1.2.840.113556.1.4.841 1.2.840.113556.1.4.970 2.16.840.1.113730.3.4.10 2.16.840.1.113730.3.4.9 SupportedCapabilities: 1.2.840.113556.1.4.1670 1.2.840.113556.1.4.1791 1.2.840.113556.1.4.1935 1.2.840.113556.1.4.2080 1.2.840.113556.1.4.2237 1.2.840.113556.1.4.800 SubschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=cloud,DC=protagonist,DC=nl ServerName: CN=BDS01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=cloud,DC=protagonist,DC=nl SchemaNamingContext: CN=Schema,CN=Configuration,DC=cloud,DC=protagonist,DC=nl RootDomainNamingContext: DC=cloud,DC=protagonist,DC=nl NamingContexts: CN=Configuration,DC=cloud,DC=protagonist,DC=nl CN=Schema,CN=Configuration,DC=cloud,DC=protagonist,DC=nl DC=DomainDnsZones,DC=cloud,DC=protagonist,DC=nl DC=ForestDnsZones,DC=cloud,DC=protagonist,DC=nl DC=cloud,DC=protagonist,DC=nl LdapServiceName: cloud.protagonist.nl:bds01$@CLOUD.PROTAGONIST.NL IsSynchronized: TRUE IsGlobalCatalogReady: TRUE HighestCommittedUSN: 6342903 ForestFunctionality: 7 DsServiceName: CN=NTDS Settings,CN=BDS01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=cloud,DC=protagonist,DC=nl DomainFunctionality: 7 DnsHostName: BDS01.cloud.protagonist.nl DefaultNamingContext: DC=cloud,DC=protagonist,DC=nl CurrentTime: 20240412053636.0Z ConfigurationNamingContext: CN=Configuration,DC=cloud,DC=protagonist,DC=nl
-2139881588 | 2024-04-11T14:23:13.9472833269 / tcp
LDAP: SupportedExtension: 1.2.840.113556.1.4.1781 1.2.840.113556.1.4.2212 1.3.6.1.4.1.1466.101.119.1 1.3.6.1.4.1.1466.20037 1.3.6.1.4.1.4203.1.11.3 SupportedSASLMechanisms: DIGEST-MD5 EXTERNAL GSS-SPNEGO GSSAPI SupportedLDAPVersion: 2 3 SupportedLDAPPolicies: InitRecvTimeout MaxBatchReturnMessages MaxConnIdleTime MaxConnections MaxDatagramRecv MaxDirSyncDuration MaxNotificationPerConn MaxPageSize MaxPercentDirSyncRequests MaxPoolThreads MaxQueryDuration MaxReceiveBuffer MaxResultSetSize MaxResultSetsPerConn MaxTempTableSize MaxValRange MaxValRangeTransitive MinResultSets SystemMemoryLimitPercent ThreadMemoryLimit SupportedControl: 1.2.840.113556.1.4.1338 1.2.840.113556.1.4.1339 1.2.840.113556.1.4.1340 1.2.840.113556.1.4.1341 1.2.840.113556.1.4.1413 1.2.840.113556.1.4.1504 1.2.840.113556.1.4.1852 1.2.840.113556.1.4.1907 1.2.840.113556.1.4.1948 1.2.840.113556.1.4.1974 1.2.840.113556.1.4.2026 1.2.840.113556.1.4.2064 1.2.840.113556.1.4.2065 1.2.840.113556.1.4.2066 1.2.840.113556.1.4.2090 1.2.840.113556.1.4.2204 1.2.840.113556.1.4.2205 1.2.840.113556.1.4.2206 1.2.840.113556.1.4.2211 1.2.840.113556.1.4.2239 1.2.840.113556.1.4.2255 1.2.840.113556.1.4.2256 1.2.840.113556.1.4.2309 1.2.840.113556.1.4.2330 1.2.840.113556.1.4.2354 1.2.840.113556.1.4.319 1.2.840.113556.1.4.417 1.2.840.113556.1.4.473 1.2.840.113556.1.4.474 1.2.840.113556.1.4.521 1.2.840.113556.1.4.528 1.2.840.113556.1.4.529 1.2.840.113556.1.4.619 1.2.840.113556.1.4.801 1.2.840.113556.1.4.802 1.2.840.113556.1.4.805 1.2.840.113556.1.4.841 1.2.840.113556.1.4.970 2.16.840.1.113730.3.4.10 2.16.840.1.113730.3.4.9 SupportedCapabilities: 1.2.840.113556.1.4.1670 1.2.840.113556.1.4.1791 1.2.840.113556.1.4.1935 1.2.840.113556.1.4.2080 1.2.840.113556.1.4.2237 1.2.840.113556.1.4.800 SubschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=cloud,DC=protagonist,DC=nl ServerName: CN=BDS01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=cloud,DC=protagonist,DC=nl SchemaNamingContext: CN=Schema,CN=Configuration,DC=cloud,DC=protagonist,DC=nl RootDomainNamingContext: DC=cloud,DC=protagonist,DC=nl NamingContexts: CN=Configuration,DC=cloud,DC=protagonist,DC=nl CN=Schema,CN=Configuration,DC=cloud,DC=protagonist,DC=nl DC=DomainDnsZones,DC=cloud,DC=protagonist,DC=nl DC=ForestDnsZones,DC=cloud,DC=protagonist,DC=nl DC=cloud,DC=protagonist,DC=nl LdapServiceName: cloud.protagonist.nl:bds01$@CLOUD.PROTAGONIST.NL IsSynchronized: TRUE IsGlobalCatalogReady: TRUE HighestCommittedUSN: 6342634 ForestFunctionality: 7 DsServiceName: CN=NTDS Settings,CN=BDS01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=cloud,DC=protagonist,DC=nl DomainFunctionality: 7 DnsHostName: BDS01.cloud.protagonist.nl DefaultNamingContext: DC=cloud,DC=protagonist,DC=nl CurrentTime: 20240411142255.0Z ConfigurationNamingContext: CN=Configuration,DC=cloud,DC=protagonist,DC=nl
Certificate: Data: Version: 3 (0x2) Serial Number: f9:e7:25:8e:0f:9d:3f:7c:a7:61:09:7f:df:3e:89:9c Signature Algorithm: sha256WithRSAEncryption Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA Validity Not Before: Jan 18 00:00:00 2023 GMT Not After : Feb 3 23:59:59 2024 GMT Subject: CN=*.cloud.protagonist.nl Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:c2:c4:08:b8:d7:08:1b:bd:89:2b:66:e6:d0:ee: ea:41:45:10:2a:06:53:08:d3:87:ec:da:da:c5:ab: a6:14:f7:17:c2:04:f1:4a:db:c1:6e:f9:a1:bf:69: 1b:33:71:ae:17:f7:67:bd:e8:99:e3:40:8c:1d:bf: f0:ab:c6:1b:c0:5b:b7:cc:2c:04:52:07:df:c2:7f: 46:03:06:8a:f9:5a:f8:21:a9:4f:28:d8:51:f3:97: 76:e5:0b:25:50:42:9b:84:f5:c4:bf:15:86:b1:ee: 78:be:77:fb:e5:e3:4d:08:50:48:dc:52:35:4b:9a: c6:f6:27:c0:36:fc:8a:9a:0d:1e:4e:fa:32:1c:e5: c7:61:25:66:fd:49:46:e8:cb:76:56:7b:4f:94:c7: 71:41:93:d1:b1:77:45:8b:ce:bc:f5:4f:50:c9:a5: 2b:84:90:3e:42:92:59:56:a9:6b:f2:8a:1b:b0:7d: 22:2b:e9:74:08:b3:40:6d:0e:0f:5d:3b:a2:b0:a2: 68:27:00:a6:94:12:c7:b2:85:c6:97:84:d6:f7:ec: f2:f3:12:83:32:a6:71:e0:05:72:4a:07:a3:06:74: b7:3c:12:97:eb:d6:28:1c:47:ec:3e:a6:51:1d:4e: 46:6f:79:16:c7:fe:c9:a2:33:85:52:5f:52:6a:3b: 91:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Authority Key Identifier: 8D:8C:5E:C4:54:AD:8A:E1:77:E9:9B:F9:9B:05:E1:B8:01:8D:61:E1 X509v3 Subject Key Identifier: E8:E5:DA:2F:B2:9C:33:60:CA:D5:A7:9F:67:E3:4D:4A:44:69:F4:04 X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Basic Constraints: critical CA:FALSE X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Certificate Policies: Policy: 1.3.6.1.4.1.6449.1.2.2.7 CPS: https://sectigo.com/CPS Policy: 2.23.140.1.2.1 Authority Information Access: CA Issuers - URI:http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt OCSP - URI:http://ocsp.sectigo.com X509v3 Subject Alternative Name: DNS:*.cloud.protagonist.nl, DNS:cloud.protagonist.nl CT Precertificate SCTs: Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34: B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74 Timestamp : Jan 18 08:06:12.657 2023 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:21:00:82:A0:97:80:19:BF:5C:5C:13:18:06: 91:7E:49:63:28:58:62:83:CC:0A:2D:E1:9D:F4:D8:65: C7:0B:F9:75:EB:02:20:50:36:F2:37:83:79:F4:EF:AD: F6:DB:1A:AF:5B:D9:AB:67:EC:47:7A:9A:F4:68:D7:F9: 83:DA:42:7F:D4:98:A4 Signed Certificate Timestamp: Version : v1 (0x0) Log ID : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70: 91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB Timestamp : Jan 18 08:06:12.678 2023 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:20:0E:09:4F:97:B9:3E:3C:61:9E:3E:2A:ED: 01:A7:00:B2:3D:D0:23:33:45:06:42:A6:58:15:62:7F: D1:7F:B5:8D:02:21:00:92:3B:36:F2:54:41:DE:E5:66: 08:67:2A:9E:6C:C5:3F:88:19:32:A4:F3:CD:A9:8A:02: A6:88:BB:F7:65:25:74 Signed Certificate Timestamp: Version : v1 (0x0) Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2: 32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B Timestamp : Jan 18 08:06:12.630 2023 GMT Extensions: none Signature : ecdsa-with-SHA256 30:46:02:21:00:CF:06:A1:2D:5D:41:D0:26:F8:1F:1E: D9:1C:B2:A6:0E:29:B5:E4:C0:84:99:61:ED:7A:82:94: F0:E3:48:C4:22:02:21:00:E0:AF:F0:D8:05:2F:74:67: 95:BB:70:A1:D7:B2:CF:D3:7E:E6:BF:D5:3B:E1:9D:40: 35:46:68:0B:C5:17:30:F7 Signature Algorithm: sha256WithRSAEncryption Signature Value: 05:e9:1b:c5:16:0d:06:a6:e6:03:5f:65:ed:6f:f5:cc:28:bb: 26:69:a0:81:23:4e:4c:9e:d5:dc:4c:78:27:7e:a7:ce:3e:e9: 1c:8b:ce:75:90:db:b9:ce:ac:c6:b1:c6:ab:21:f5:cf:3d:13: a2:c4:fe:3e:21:92:24:8c:32:cb:55:31:7b:47:d6:29:a9:c8: e4:0f:33:d0:c1:b6:bd:b3:f7:95:2e:a2:d1:13:c2:dd:97:80: 2e:66:c8:35:58:31:cc:06:02:6d:16:f8:9e:0c:3d:ed:ac:60: 67:66:53:c8:64:49:4f:cb:2e:0b:12:02:7c:07:9f:c4:da:26: 83:a9:11:f7:74:20:ec:af:ea:57:99:42:85:14:4f:f0:a4:c9: 55:8e:32:74:bd:f3:00:3d:67:6c:a9:09:c0:a7:a1:3b:0a:73: 60:af:cb:46:e7:7c:58:f5:67:7f:f0:48:8c:d8:a2:1d:88:67: a4:9e:81:8b:9d:6e:32:19:15:36:3b:3e:dd:81:3a:c0:34:59: 8f:a5:49:9a:8a:65:ca:6d:b2:72:3b:f8:98:b0:c1:b3:e2:1b: 06:5b:58:85:78:30:1f:60:e6:36:c5:a7:b7:53:7c:ae:18:43: 7e:69:a1:a6:86:69:43:0c:40:ff:9b:f4:45:ab:7a:b1:b0:a7: 58:f6:1b:e9
1450127729 | 2024-04-09T23:01:44.0861723389 / tcp
Remote Desktop Protocol \x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x1f\x08\x00\x02\x00\x00\x00 Remote Desktop Protocol NTLM Info: OS: Windows 10 (version 1809)/Windows Server 2019 (version 1809) OS Build: 10.0.17763 Target Name: CLOUD NetBIOS Domain Name: CLOUD NetBIOS Computer Name: BDS01 DNS Domain Name: cloud.protagonist.nl DNS Tree Name: cloud.protagonist.nl FQDN: BDS01.cloud.protagonist.nl
Certificate: Data: Version: 3 (0x2) Serial Number: 29:11:49:6b:3d:5a:8f:b5:4f:75:ce:d9:07:f3:2a:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDS01.cloud.protagonist.nl Validity Not Before: Mar 1 02:05:06 2024 GMT Not After : Aug 31 02:05:06 2024 GMT Subject: CN=BDS01.cloud.protagonist.nl Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:a4:57:c0:cc:4a:6c:6f:48:50:3c:1e:e6:c9:d1: e8:2a:3d:79:b6:93:ed:54:ce:c1:c4:24:63:9b:c8: ab:e8:a0:e1:a5:07:7f:01:57:eb:5f:87:b7:92:19: 31:9b:52:0f:98:97:a2:76:05:ba:49:5d:fd:20:22: 64:65:69:d5:f1:3a:27:84:f9:63:30:42:2e:f5:a3: 61:ae:cc:84:75:ff:64:9e:f2:57:6a:75:67:54:26: fa:4e:e2:28:3b:78:d6:15:f5:22:aa:c6:62:81:8d: 5a:18:98:77:e5:53:fe:97:bf:ca:00:76:32:88:0c: 38:3b:09:3f:78:09:a5:ac:30:a0:e0:ea:87:47:02: 47:fd:55:d0:86:f7:c0:5e:84:e2:87:69:bb:ce:a3: e4:3a:2e:a2:cd:8d:28:53:ca:ce:46:ea:3d:e4:66: a2:81:04:c0:46:73:47:a6:8c:9d:90:09:7d:ac:7b: 7f:5c:37:86:d9:08:e1:72:34:62:74:03:cb:66:8c: ef:c2:51:58:5e:88:48:39:8c:ba:19:1d:2b:aa:b9: c2:e8:c5:fd:25:67:ec:62:5b:a7:df:42:ff:d7:ec: 9c:cb:c1:53:dd:ee:a2:d4:ed:4b:36:4d:28:3d:b7: 9c:49:a9:8c:91:30:41:9b:f6:a3:c8:12:6e:a6:b1: 58:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Extended Key Usage: TLS Web Server Authentication X509v3 Key Usage: Key Encipherment, Data Encipherment Signature Algorithm: sha256WithRSAEncryption Signature Value: 0d:e5:e7:47:1b:99:3a:a8:7d:0a:ad:6d:d6:12:48:f1:5c:29: 68:db:43:42:98:0c:12:9f:ed:9e:d3:70:bf:99:9f:d4:e3:d0: 14:e8:3e:96:09:b7:b0:0c:1d:3d:ed:aa:68:b2:d6:cf:2a:bd: 3c:40:ec:ef:e3:74:40:40:10:29:51:90:17:d6:11:ac:9f:5c: b8:ad:a5:71:76:b1:f4:41:75:8d:e6:7b:7d:4f:88:83:0c:f5: bc:e1:e5:64:1c:9b:3f:fd:8e:d3:3d:fe:ff:67:31:64:fd:4b: e3:26:79:67:ab:26:3a:be:92:d8:68:7d:87:15:1f:87:44:e7: 71:01:54:27:e9:68:c4:32:b5:df:d8:f0:f0:9f:07:df:ce:12: 92:92:00:03:64:45:7c:dc:cb:61:b0:8a:fc:2a:64:bd:e1:7d: 98:a8:12:6e:4f:f4:6c:1a:b5:c5:84:96:a1:94:7b:19:11:5a: 05:d8:2e:b1:f4:7f:83:4e:41:1a:91:b0:f4:36:83:cf:2b:42: 5f:6c:5a:a2:be:26:1a:e3:be:89:0b:e9:3f:98:c7:11:dd:06: ea:20:fc:ca:29:85:c4:a6:f2:f8:06:94:22:f6:29:cb:92:3d: 1b:6b:ad:ac:f9:d3:e5:7e:3c:e1:5b:3d:6e:12:c4:eb:2b:9b: d6:ff:91:c2
-1325798215 | 2024-03-27T17:59:12.6055803391 / udp
\x16\xfe\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00/\x03\x00\x00#\x00\x00\x00\x00\x00\x00\x00#\xfe\xff \xeacq\x81\x88\xaf\xba\xba\xba\x0bm\x84\xfaat\xf7T#\xef;\xabD,G\x17I\xdf\xc8]\xcb\xa0\x01