626709805 | 2024-04-11T03:37:06.197857
22 /
tcp
SSH-2.0-OpenSSH_for_Windows_8.1
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQDA2dP/beYJYBHqzbDA3Dxw1Z+JAg+ZG7NAu2V/nO5ZhJIz
luD7Oej9QYR4dw93DLOG8LmeRuCyRuunIe1xeDehK6M2SIJMq1mEpYN7zjx6otpwCoZoWAYggE3p
tgYE1Fka85/YiBA5NPc6sKGQTOboLjUte2pHS/DmuJFvld2t2sCSFuHkYoly4AJErRmdr9IAemus
D9iDKeHfwxlhDAY208MlwlyVYzQqsiLfhtO3cZghXAojsDeNdsRMRcqpk5ST3kotIrfvthqndr2g
rdhCWOHhF3AlO/jtjNexiSe+J7pJdNSWparDW0sjFAQ6KyPlG7hvsvmTv+xjrzW92lKw0U60DmnI
D6TFCUu8VE8NwIWoBxfWvPAzG6bYUcU6la4a6aZKQ/By3UJ97rq8TXTF2jP/vrlG6LYXTHGLuH74
r0sv8H/gTgyq9tz57c5YpXqOKeJNyw9xRk35aAh4B9FQ/D9pEES/bu2tBspw+5VxfbhjHgt2Tamu
YKfAsNW9UVE=
Fingerprint: c5:2e:eb:d8:f3:b7:eb:c2:c5:7a:8a:46:9c:85:bb:73
Kex Algorithms:
curve25519-sha256
curve25519-sha256@libssh.org
ecdh-sha2-nistp256
ecdh-sha2-nistp384
ecdh-sha2-nistp521
diffie-hellman-group-exchange-sha256
diffie-hellman-group16-sha512
diffie-hellman-group18-sha512
diffie-hellman-group14-sha256
diffie-hellman-group14-sha1
Server Host Key Algorithms:
rsa-sha2-512
rsa-sha2-256
ssh-rsa
ecdsa-sha2-nistp256
ssh-ed25519
Encryption Algorithms:
chacha20-poly1305@openssh.com
aes128-ctr
aes192-ctr
aes256-ctr
aes128-gcm@openssh.com
aes256-gcm@openssh.com
MAC Algorithms:
umac-64-etm@openssh.com
umac-128-etm@openssh.com
hmac-sha2-256-etm@openssh.com
hmac-sha2-512-etm@openssh.com
hmac-sha1-etm@openssh.com
umac-64@openssh.com
umac-128@openssh.com
hmac-sha2-256
hmac-sha2-512
hmac-sha1
Compression Algorithms:
none
zlib@openssh.com
374969621 | 2024-04-13T01:27:41.617186
135 /
tcp
Microsoft RPC Endpoint Mapper
51a227ae-825b-41f2-b4a9-1ac9557a1018
version: v1.0
annotation: Ngc Pop Key Service
ncacn_ip_tcp: 45.84.196.223:49664
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: LSA_IDPEXT_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\24FIRE\pipe\lsass
8fb74744-b2ff-4c00-be0d-9ef9a191fe1b
version: v1.0
annotation: Ngc Pop Key Service
ncacn_ip_tcp: 45.84.196.223:49664
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: LSA_IDPEXT_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\24FIRE\pipe\lsass
b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86
version: v2.0
annotation: KeyIso
ncacn_ip_tcp: 45.84.196.223:49664
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: LSA_IDPEXT_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\24FIRE\pipe\lsass
12345778-1234-abcd-ef00-0123456789ac
version: v1.0
protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
provider: samsrv.dll
ncacn_ip_tcp: 45.84.196.223:49664
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: LSA_IDPEXT_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\24FIRE\pipe\lsass
d95afe70-a6d5-4259-822e-2c84da1ddb0d
version: v1.0
protocol: [MS-RSP]: Remote Shutdown Protocol
provider: wininit.exe
ncacn_ip_tcp: 45.84.196.223:49665
ncalrpc: WindowsShutdown
ncacn_np: \\24FIRE\PIPE\InitShutdown
ncalrpc: WMsgKRpc090930
76f226c3-ec14-4325-8a99-6a46348418af
version: v1.0
provider: winlogon.exe
ncalrpc: WindowsShutdown
ncacn_np: \\24FIRE\PIPE\InitShutdown
ncalrpc: WMsgKRpc090930
ncalrpc: WMsgKRpc093A01
ncalrpc: WMsgKRpc0EDA5C72
ncalrpc: WMsgKRpc033613BC3
fc48cd89-98d6-4628-9839-86f7a3e4161a
version: v1.0
ncalrpc: dabrpc
ncalrpc: csebpub
ncalrpc: LRPC-2c138416caa0ade0d9
ncalrpc: LRPC-52c0174ad7f86ad4db
ncalrpc: LRPC-1f0cb684fe8654e50e
ncalrpc: LRPC-4928e4476702aac2ce
ncalrpc: OLEF45B22CCD7ACB95D610C76740DA3
ncalrpc: LRPC-43b55eaa61222ea7d7
ncalrpc: actkernel
ncalrpc: umpo
d09bdeb5-6171-4a34-bfe2-06fa82652568
version: v1.0
ncalrpc: csebpub
ncalrpc: LRPC-2c138416caa0ade0d9
ncalrpc: LRPC-52c0174ad7f86ad4db
ncalrpc: LRPC-1f0cb684fe8654e50e
ncalrpc: LRPC-4928e4476702aac2ce
ncalrpc: OLEF45B22CCD7ACB95D610C76740DA3
ncalrpc: LRPC-43b55eaa61222ea7d7
ncalrpc: actkernel
ncalrpc: umpo
ncalrpc: LRPC-52c0174ad7f86ad4db
ncalrpc: LRPC-1f0cb684fe8654e50e
ncalrpc: LRPC-4928e4476702aac2ce
ncalrpc: OLEF45B22CCD7ACB95D610C76740DA3
ncalrpc: LRPC-43b55eaa61222ea7d7
ncalrpc: actkernel
ncalrpc: umpo
ncalrpc: LRPC-1f0cb684fe8654e50e
ncalrpc: LRPC-4928e4476702aac2ce
ncalrpc: OLEF45B22CCD7ACB95D610C76740DA3
ncalrpc: LRPC-43b55eaa61222ea7d7
ncalrpc: actkernel
ncalrpc: umpo
ncalrpc: LRPC-a4771a9bcb9a200bd0
ncalrpc: LRPC-7a7dc0ae320ac86db9
697dcda9-3ba9-4eb2-9247-e11f1901b0d2
version: v1.0
ncalrpc: LRPC-2c138416caa0ade0d9
ncalrpc: LRPC-52c0174ad7f86ad4db
ncalrpc: LRPC-1f0cb684fe8654e50e
ncalrpc: LRPC-4928e4476702aac2ce
ncalrpc: OLEF45B22CCD7ACB95D610C76740DA3
ncalrpc: LRPC-43b55eaa61222ea7d7
ncalrpc: actkernel
ncalrpc: umpo
9b008953-f195-4bf9-bde0-4471971e58ed
version: v1.0
ncalrpc: LRPC-52c0174ad7f86ad4db
ncalrpc: LRPC-1f0cb684fe8654e50e
ncalrpc: LRPC-4928e4476702aac2ce
ncalrpc: OLEF45B22CCD7ACB95D610C76740DA3
ncalrpc: LRPC-43b55eaa61222ea7d7
ncalrpc: actkernel
ncalrpc: umpo
0d47017b-b33b-46ad-9e18-fe96456c5078
version: v1.0
ncalrpc: umpo
95406f0b-b239-4318-91bb-cea3a46ff0dc
version: v1.0
ncalrpc: umpo
4ed8abcc-f1e2-438b-981f-bb0e8abc010c
version: v1.0
ncalrpc: umpo
0ff1f646-13bb-400a-ab50-9a78f2b7a85a
version: v1.0
ncalrpc: umpo
6982a06e-5fe2-46b1-b39c-a2c545bfa069
version: v1.0
ncalrpc: umpo
082a3471-31b6-422a-b931-a54401960c62
version: v1.0
ncalrpc: umpo
fae436b0-b864-4a87-9eda-298547cd82f2
version: v1.0
ncalrpc: umpo
e53d94ca-7464-4839-b044-09a2fb8b3ae5
version: v1.0
ncalrpc: umpo
178d84be-9291-4994-82c6-3f909aca5a03
version: v1.0
ncalrpc: umpo
4dace966-a243-4450-ae3f-9b7bcb5315b8
version: v2.0
ncalrpc: umpo
1832bcf6-cab8-41d4-85d2-c9410764f75a
version: v1.0
ncalrpc: umpo
c521facf-09a9-42c5-b155-72388595cbf0
version: v0.0
ncalrpc: umpo
2c7fd9ce-e706-4b40-b412-953107ef9bb0
version: v0.0
ncalrpc: umpo
88abcbc3-34ea-76ae-8215-767520655a23
version: v0.0
ncalrpc: LRPC-4928e4476702aac2ce
ncalrpc: OLEF45B22CCD7ACB95D610C76740DA3
ncalrpc: LRPC-43b55eaa61222ea7d7
ncalrpc: actkernel
ncalrpc: umpo
76c217bc-c8b4-4201-a745-373ad9032b1a
version: v1.0
ncalrpc: LRPC-4928e4476702aac2ce
ncalrpc: OLEF45B22CCD7ACB95D610C76740DA3
ncalrpc: LRPC-43b55eaa61222ea7d7
ncalrpc: actkernel
ncalrpc: umpo
55e6b932-1979-45d6-90c5-7f6270724112
version: v1.0
ncalrpc: LRPC-4928e4476702aac2ce
ncalrpc: OLEF45B22CCD7ACB95D610C76740DA3
ncalrpc: LRPC-43b55eaa61222ea7d7
ncalrpc: actkernel
ncalrpc: umpo
857fb1be-084f-4fb5-b59c-4b2c4be5f0cf
version: v1.0
ncalrpc: OLEF45B22CCD7ACB95D610C76740DA3
ncalrpc: LRPC-43b55eaa61222ea7d7
ncalrpc: actkernel
ncalrpc: umpo
20c40295-8dba-48e6-aebf-3e78ef3bb144
version: v2.0
ncalrpc: OLEF45B22CCD7ACB95D610C76740DA3
ncalrpc: LRPC-43b55eaa61222ea7d7
ncalrpc: actkernel
ncalrpc: umpo
2513bcbe-6cd4-4348-855e-7efb3c336dd3
version: v2.0
ncalrpc: OLEF45B22CCD7ACB95D610C76740DA3
ncalrpc: LRPC-43b55eaa61222ea7d7
ncalrpc: actkernel
ncalrpc: umpo
0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e
version: v1.0
ncalrpc: LRPC-43b55eaa61222ea7d7
ncalrpc: actkernel
ncalrpc: umpo
c605f9fb-f0a3-4e2a-a073-73560f8d9e3e
version: v1.0
ncalrpc: LRPC-43b55eaa61222ea7d7
ncalrpc: actkernel
ncalrpc: umpo
1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0
version: v1.0
ncalrpc: LRPC-43b55eaa61222ea7d7
ncalrpc: actkernel
ncalrpc: umpo
8bfc3be1-6def-4e2d-af74-7c47cd0ade4a
version: v1.0
ncalrpc: LRPC-43b55eaa61222ea7d7
ncalrpc: actkernel
ncalrpc: umpo
2d98a740-581d-41b9-aa0d-a88b9d5ce938
version: v1.0
ncalrpc: LRPC-43b55eaa61222ea7d7
ncalrpc: actkernel
ncalrpc: umpo
dd59071b-3215-4c59-8481-972edadc0f6a
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
0361ae94-0316-4c6c-8ad8-c594375800e2
version: v1.0
ncalrpc: umpo
5824833b-3c1a-4ad2-bdfd-c31d19e23ed2
version: v1.0
ncalrpc: umpo
bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760
version: v1.0
ncalrpc: umpo
3b338d89-6cfa-44b8-847e-531531bc9992
version: v1.0
ncalrpc: umpo
8782d3b9-ebbd-4644-a3d8-e8725381919b
version: v1.0
ncalrpc: umpo
085b0334-e454-4d91-9b8c-4134f9e793f3
version: v1.0
ncalrpc: umpo
4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9
version: v1.0
ncalrpc: umpo
c9ac6db5-82b7-4e55-ae8a-e464ed7b4277
version: v1.0
annotation: Impl friendly name
provider: sysntfy.dll
ncalrpc: LRPC-fc6f8cec17531f03fd
ncalrpc: LRPC-7b073d23a8e4e3e35a
ncalrpc: IUserProfile2
ncalrpc: LRPC-d74de6b053ab933a9a
ncalrpc: senssvc
ncalrpc: LRPC-54c6c4ec9550be4552
e40f7b57-7a25-4cd3-a135-7f7d3df9d16b
version: v1.0
ncalrpc: LRPC-369587e2c2e8eabc68
880fd55e-43b9-11e0-b1a8-cf4edfd72085
version: v1.0
annotation: KAPI Service endpoint
ncalrpc: LRPC-af51b19c396b0a1388
ncalrpc: OLEF48710B4F07FFEE399831B0B04DE
ncalrpc: LRPC-a4771a9bcb9a200bd0
5222821f-d5e2-4885-84f1-5f6185a0ec41
version: v1.0
ncalrpc: LRPC-492f98f1ea73abc365
a500d4c6-0dd1-4543-bc0c-d5f93486eaf8
version: v1.0
ncalrpc: LRPC-1afb3ac730a24f1dbe
ncalrpc: LRPC-7a7dc0ae320ac86db9
f6beaff7-1e19-4fbb-9f8f-b89e2018337c
version: v1.0
annotation: Event log TCPIP
protocol: [MS-EVEN6]: EventLog Remoting Protocol
provider: wevtsvc.dll
ncacn_ip_tcp: 45.84.196.223:49666
ncacn_np: \\24FIRE\pipe\eventlog
ncalrpc: eventlog
7ea70bcf-48af-4f6a-8968-6a440754d5fa
version: v1.0
annotation: NSI server endpoint
provider: nsisvc.dll
ncalrpc: LRPC-b4ca11c7ceca7b3a9e
2eb08e3e-639f-4fba-97b1-14f878961076
version: v1.0
annotation: Group Policy RPC Interface
provider: gpsvc.dll
ncalrpc: LRPC-fcd59601f8c9d0ef04
30adc50c-5cbc-46ce-9a0e-91914789e23c
version: v1.0
annotation: NRP server endpoint
provider: nrpsrv.dll
ncalrpc: LRPC-88a83cc163992b990c
ncalrpc: DNSResolver
3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5
version: v1.0
annotation: DHCP Client LRPC Endpoint
provider: dhcpcsvc.dll
ncalrpc: dhcpcsvc
ncalrpc: dhcpcsvc6
3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6
version: v1.0
annotation: DHCPv6 Client LRPC Endpoint
provider: dhcpcsvc6.dll
ncalrpc: dhcpcsvc6
3a9ef155-691d-4449-8d05-09ad57031823
version: v1.0
ncacn_ip_tcp: 45.84.196.223:49667
ncalrpc: LRPC-810983f1e774470603
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\24FIRE\PIPE\atsvc
ncalrpc: LRPC-bd8f7d4b6ba4981852
86d35949-83c9-4044-b424-db363231fd0c
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: schedsvc.dll
ncacn_ip_tcp: 45.84.196.223:49667
ncalrpc: LRPC-810983f1e774470603
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\24FIRE\PIPE\atsvc
ncalrpc: LRPC-bd8f7d4b6ba4981852
33d84484-3626-47ee-8c6f-e7e98b113be1
version: v2.0
ncalrpc: LRPC-810983f1e774470603
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\24FIRE\PIPE\atsvc
ncalrpc: LRPC-bd8f7d4b6ba4981852
378e52b0-c0a9-11cf-822d-00aa0051e40f
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: taskcomp.dll
ncacn_np: \\24FIRE\PIPE\atsvc
ncalrpc: LRPC-bd8f7d4b6ba4981852
1ff70682-0a51-30e8-076d-740be8cee98b
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: taskcomp.dll
ncacn_np: \\24FIRE\PIPE\atsvc
ncalrpc: LRPC-bd8f7d4b6ba4981852
0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53
version: v1.0
provider: schedsvc.dll
ncalrpc: LRPC-bd8f7d4b6ba4981852
30b044a5-a225-43f0-b3a4-e060df91f9c1
version: v1.0
provider: certprop.dll
ncalrpc: LRPC-c088eb175c065a12ca
3f787932-3452-4363-8651-6ea97bb373bb
version: v1.0
annotation: NSP Rpc Interface
ncalrpc: LRPC-2aafca0a896efdaa57
ncalrpc: OLE3BA77F174CA07566115EF59A7888
3473dd4d-2e88-4006-9cba-22570909dd10
version: v5.256
annotation: WinHttp Auto-Proxy Service
ncalrpc: bf563f64-9b5f-4575-8cc5-a06c02dd6e27
ncalrpc: LRPC-b34dff509e699cd8e8
7f1343fe-50a9-4927-a778-0c5859517bac
version: v1.0
annotation: DfsDs service
ncacn_np: \\24FIRE\PIPE\wkssvc
ncalrpc: LRPC-d1910a7d2c02bce4fa
eb081a0d-10ee-478a-a1dd-50995283e7a8
version: v3.0
annotation: Witness Client Test Interface
ncalrpc: LRPC-d1910a7d2c02bce4fa
f2c9b409-c1c9-4100-8639-d8ab1486694a
version: v1.0
annotation: Witness Client Upcall Server
ncalrpc: LRPC-d1910a7d2c02bce4fa
0d3c7f20-1c8d-4654-a1b3-51563b298bda
version: v1.0
annotation: UserMgrCli
ncalrpc: LRPC-8d671768a4a494f840
ncalrpc: OLEA7493454CE338E9BDC4E5BC8538A
b18fbab6-56f8-4702-84e0-41053293a869
version: v1.0
annotation: UserMgrCli
ncalrpc: LRPC-8d671768a4a494f840
ncalrpc: OLEA7493454CE338E9BDC4E5BC8538A
13560fa9-8c09-4b56-a1fd-04d083b9b2a1
version: v1.0
ncalrpc: LRPC-8a2efd6fc95038e7b3
ncalrpc: OLE8024BDEC904A803622999C8616D2
c2d1b5dd-fa81-4460-9dd6-e7658b85454b
version: v1.0
ncalrpc: LRPC-8a2efd6fc95038e7b3
ncalrpc: OLE8024BDEC904A803622999C8616D2
f44e62af-dab1-44c2-8013-049a9de417d6
version: v1.0
ncalrpc: LRPC-8a2efd6fc95038e7b3
ncalrpc: OLE8024BDEC904A803622999C8616D2
b37f900a-eae4-4304-a2ab-12bb668c0188
version: v1.0
ncalrpc: LRPC-8a2efd6fc95038e7b3
ncalrpc: OLE8024BDEC904A803622999C8616D2
abfb6ca3-0c5e-4734-9285-0aee72fe8d1c
version: v1.0
ncalrpc: LRPC-8a2efd6fc95038e7b3
ncalrpc: OLE8024BDEC904A803622999C8616D2
29770a8f-829b-4158-90a2-78cd488501f7
version: v1.0
ncacn_ip_tcp: 45.84.196.223:49668
ncacn_np: \\24FIRE\pipe\SessEnvPublicRpc
ncalrpc: SessEnvPrivateRpc
ncalrpc: LRPC-54c6c4ec9550be4552
2fb92682-6599-42dc-ae13-bd2ca89bd11c
version: v1.0
annotation: Fw APIs
provider: MPSSVC.dll
ncalrpc: LRPC-f24ef334812e3845b0
ncalrpc: LRPC-1d21f0b7ba95f9d872
ncalrpc: LRPC-bc221d2736393e2cba
ncalrpc: LRPC-094a579b1547345f0b
f47433c3-3e9d-4157-aad4-83aa1f5c2d4c
version: v1.0
annotation: Fw APIs
ncalrpc: LRPC-1d21f0b7ba95f9d872
ncalrpc: LRPC-bc221d2736393e2cba
ncalrpc: LRPC-094a579b1547345f0b
7f9d11bf-7fb9-436b-a812-b2d50c5d4c03
version: v1.0
annotation: Fw APIs
provider: MPSSVC.dll
ncalrpc: LRPC-bc221d2736393e2cba
ncalrpc: LRPC-094a579b1547345f0b
dd490425-5325-4565-b774-7e27d6c09c24
version: v1.0
annotation: Base Firewall Engine API
provider: BFE.DLL
ncalrpc: LRPC-094a579b1547345f0b
76f03f96-cdfd-44fc-a22c-64950a001209
version: v1.0
protocol: [MS-PAR]: Print System Asynchronous Remote Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 45.84.196.223:49669
ncalrpc: LRPC-a17f1327c35a9aa7ee
4a452661-8290-4b36-8fbe-7f4093a94978
version: v1.0
provider: spoolsv.exe
ncacn_ip_tcp: 45.84.196.223:49669
ncalrpc: LRPC-a17f1327c35a9aa7ee
ae33069b-a2a8-46ee-a235-ddfd339be281
version: v1.0
protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 45.84.196.223:49669
ncalrpc: LRPC-a17f1327c35a9aa7ee
0b6edbfa-4a24-4fc6-8a23-942b1eca65d1
version: v1.0
protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 45.84.196.223:49669
ncalrpc: LRPC-a17f1327c35a9aa7ee
12345678-1234-abcd-ef00-0123456789ab
version: v1.0
protocol: [MS-RPRN]: Print System Remote Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 45.84.196.223:49669
ncalrpc: LRPC-a17f1327c35a9aa7ee
c36be077-e14b-4fe9-8abc-e856ef4f048b
version: v1.0
annotation: Proxy Manager client server endpoint
ncalrpc: TeredoControl
ncalrpc: TeredoDiagnostics
ncalrpc: LRPC-87076fa02bca8d3a69
2e6035b2-e8f1-41a7-a044-656b439c4c34
version: v1.0
annotation: Proxy Manager provider server endpoint
ncalrpc: TeredoControl
ncalrpc: TeredoDiagnostics
ncalrpc: LRPC-87076fa02bca8d3a69
c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1
version: v1.0
annotation: Adh APIs
ncalrpc: TeredoControl
ncalrpc: TeredoDiagnostics
ncalrpc: LRPC-87076fa02bca8d3a69
552d076a-cb29-4e44-8b6a-d15e59e2c0af
version: v1.0
annotation: IP Transition Configuration endpoint
provider: iphlpsvc.dll
ncalrpc: LRPC-87076fa02bca8d3a69
b58aa02e-2884-4e97-8176-4ee06d794184
version: v1.0
provider: sysmain.dll
ncalrpc: LRPC-8d91ee47e60ea73843
1a0d010f-1c33-432c-b0f5-8cf4e8053099
version: v1.0
annotation: IdSegSrv service
ncalrpc: LRPC-8dd91643c6d1e23fa4
98716d03-89ac-44c7-bb8c-285824e51c4a
version: v1.0
annotation: XactSrv service
provider: srvsvc.dll
ncalrpc: LRPC-8dd91643c6d1e23fa4
367abb81-9844-35f1-ad32-98f038001003
version: v2.0
protocol: [MS-SCMR]: Service Control Manager Remote Protocol
provider: services.exe
ncacn_ip_tcp: 45.84.196.223:49670
1d45e083-478f-437c-9618-3594ced8c235
version: v1.0
ncalrpc: LRPC-05e6a87328b65179f5
ncalrpc: OLE1F8E380F2AB18A99B412AF984004
98cd761e-e77d-41c8-a3c0-0fb756d90ec2
version: v1.0
ncalrpc: LRPC-05e6a87328b65179f5
ncalrpc: OLE1F8E380F2AB18A99B412AF984004
d22895ef-aff4-42c5-a5b2-b14466d34ab4
version: v1.0
ncalrpc: LRPC-05e6a87328b65179f5
ncalrpc: OLE1F8E380F2AB18A99B412AF984004
e38f5360-8572-473e-b696-1b46873beeab
version: v1.0
ncalrpc: LRPC-05e6a87328b65179f5
ncalrpc: OLE1F8E380F2AB18A99B412AF984004
95095ec8-32ea-4eb0-a3e2-041f97b36168
version: v1.0
ncalrpc: LRPC-05e6a87328b65179f5
ncalrpc: OLE1F8E380F2AB18A99B412AF984004
fd8be72b-a9cd-4b2c-a9ca-4ded242fbe4d
version: v1.0
ncalrpc: LRPC-05e6a87328b65179f5
ncalrpc: OLE1F8E380F2AB18A99B412AF984004
4c9dbf19-d39e-4bb9-90ee-8f7179b20283
version: v1.0
ncalrpc: LRPC-05e6a87328b65179f5
ncalrpc: OLE1F8E380F2AB18A99B412AF984004
d4051bde-9cdd-4910-b393-4aa85ec3c482
version: v1.0
ncalrpc: LRPC-05e6a87328b65179f5
ncalrpc: OLE1F8E380F2AB18A99B412AF984004
7df1ceae-de4e-4e6f-ab14-49636e7c2052
version: v1.0
ncalrpc: LRPC-246273b433560ff544
f3f09ffd-fbcf-4291-944d-70ad6e0e73bb
version: v1.0
ncalrpc: LRPC-acb5cd56caac1c3c11
ncalrpc: LRPC-8b57b33b26e01c01b2
ncalrpc: LRPC-735ee34d35c0ddf121
650a7e26-eab8-5533-ce43-9c1dfce11511
version: v1.0
annotation: Vpn APIs
ncalrpc: LRPC-dd9e99ee41c2e397f3
ncalrpc: VpnikeRpc
ncalrpc: RasmanLrpc
ncacn_np: \\24FIRE\PIPE\ROUTER
509bc7ae-77be-4ee8-b07c-0d096bb44345
version: v1.0
ncalrpc: LRPC-edf42a6dde22052420
ncalrpc: OLE7D380E4FA3A12C540A9D15F01B14
c503f532-443a-4c69-8300-ccd1fbdb3839
version: v2.0
ncalrpc: LRPC-b1f9c088264acacdde
ncalrpc: OLEF09D2F7546FD7E8CD4205C197892
0767a036-0d22-48aa-ba69-b619480f38cb
version: v1.0
annotation: PcaSvc
provider: pcasvc.dll
ncalrpc: LRPC-91216a2e3995c603cb
906b0ce0-c70b-1067-b317-00dd010662da
version: v1.0
protocol: [MS-CMPO]: MSDTC Connection Manager:
provider: msdtcprx.dll
ncalrpc: LRPC-9c5ded59e71fbf6b72
ncalrpc: LRPC-9c5ded59e71fbf6b72
ncalrpc: LRPC-9c5ded59e71fbf6b72
d249bd56-4cc0-4fd3-8ce6-6fe050d590cb
version: v0.0
ncalrpc: LRPC-679611e6a3ab78143b
d8140e00-5c46-4ae6-80ac-2f9a76df224c
version: v0.0
ncalrpc: LRPC-679611e6a3ab78143b
bf4dc912-e52f-4904-8ebe-9317c1bdd497
version: v1.0
ncalrpc: LRPC-4a398411533c40b978
ncalrpc: OLED246301A4589E199B7C10001A3D3
12e65dd8-887f-41ef-91bf-8d816c42c2e7
version: v1.0
annotation: Secure Desktop LRPC interface
provider: winlogon.exe
ncalrpc: WMsgKRpc0EDA5C72
ncalrpc: WMsgKRpc033613BC3
b1ef227e-dfa5-421e-82bb-67a6a129c496
version: v0.0
ncalrpc: LRPC-99a89fff61df71a659
ncalrpc: OLED45F46E151B4D566DC7CB2F38096
ncalrpc: LRPC-a22188443d71d2cc8d
ncalrpc: OLE482F3B9E5DB6F64DD8B4D5D98511
0fc77b1a-95d8-4a2e-a0c0-cff54237462b
version: v0.0
ncalrpc: LRPC-99a89fff61df71a659
ncalrpc: OLED45F46E151B4D566DC7CB2F38096
ncalrpc: LRPC-a22188443d71d2cc8d
ncalrpc: OLE482F3B9E5DB6F64DD8B4D5D98511
8ec21e98-b5ce-4916-a3d6-449fa428a007
version: v0.0
ncalrpc: LRPC-99a89fff61df71a659
ncalrpc: OLED45F46E151B4D566DC7CB2F38096
ncalrpc: LRPC-a22188443d71d2cc8d
ncalrpc: OLE482F3B9E5DB6F64DD8B4D5D98511
a4b8d482-80ce-40d6-934d-b22a01a44fe7
version: v1.0
annotation: LicenseManager
ncalrpc: LicenseServiceEndpoint
58e604e8-9adb-4d2e-a464-3b0683fb1480
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncalrpc: LRPC-873d0791838b1d5cd1
fd7a0523-dc70-43dd-9b2e-9c5ed48225b1
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncalrpc: LRPC-873d0791838b1d5cd1
5f54ce7d-5b79-4175-8584-cb65313a0e98
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncalrpc: LRPC-873d0791838b1d5cd1
201ef99a-7fa0-444c-9399-19ba84f12a1a
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncalrpc: LRPC-873d0791838b1d5cd1
0497b57d-2e66-424f-a0c6-157cd5d41700
version: v1.0
annotation: AppInfo
ncalrpc: LRPC-873d0791838b1d5cd1
-1166656618 | 2024-03-26T18:57:26.828868
445 /
tcp
SMB Status:
Authentication: enabled
SMB Version: 2
Capabilities: raw-mode
910361959 | 2024-04-09T03:41:35.662881
3389 /
tcp
Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x1f\x08\x00\x02\x00\x00\x00
Remote Desktop Protocol NTLM Info:
OS: Windows Server 2022
OS Build: 10.0.20348
Target Name: 24FIRE
NetBIOS Domain Name: 24FIRE
NetBIOS Computer Name: 24FIRE
DNS Domain Name: 24fire
FQDN: 24fire
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:5c:bb:9b:d3:28:ea:99:42:a3:54:06:96:0e:56:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24fire
Validity
Not Before: Jan 18 23:58:44 2024 GMT
Not After : Jul 19 23:58:44 2024 GMT
Subject: CN=24fire
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:bf:50:47:8f:99:de:25:0b:6e:33:07:8e:1f:f7:
3c:cf:d6:4d:d0:03:3b:f1:2c:44:b3:9a:87:2a:5a:
aa:7b:d3:31:a3:62:19:4b:27:7f:c9:ee:1e:3f:12:
26:5e:a5:9d:76:b8:fd:cc:d4:1f:a3:5d:8c:b8:3f:
7f:aa:c2:ca:7c:c7:d6:81:a5:f8:af:71:ed:4f:71:
31:35:16:31:df:64:7f:40:34:a5:b5:c4:d8:80:dd:
d8:de:42:df:4e:62:30:73:95:ae:02:97:26:7b:f7:
9e:c1:75:8d:7b:c8:33:8c:6f:e7:73:12:89:07:ea:
49:61:bd:5c:bb:0b:c7:69:9b:15:43:49:cb:66:fe:
e2:df:4e:f1:b7:00:ff:33:fa:12:ce:49:fe:f5:29:
22:cb:3f:bf:52:aa:59:89:8a:c4:a8:24:c5:aa:1a:
b4:dc:a0:74:5d:2c:38:58:25:79:ea:87:9c:84:07:
76:06:47:df:22:53:43:9b:23:5d:7a:c5:20:ad:64:
3a:b9:19:71:2e:25:cf:dc:e3:40:44:38:91:47:f6:
ec:32:e7:12:57:38:63:97:94:30:2e:5e:25:35:10:
2e:58:88:3b:53:68:d9:d9:f3:bd:34:1b:65:ee:cb:
a3:f8:98:86:78:b5:c6:1d:88:87:ef:10:2b:f3:e6:
00:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Extended Key Usage:
TLS Web Server Authentication
X509v3 Key Usage:
Key Encipherment, Data Encipherment
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
18:88:05:12:63:fb:52:78:0a:d9:9c:3f:2a:45:5b:3f:a5:1a:
0a:4f:b5:30:4b:eb:85:e0:26:af:50:55:0c:33:2b:72:fa:e2:
a3:05:e4:98:82:9f:18:89:f8:14:c3:e3:b6:2b:ca:93:45:ed:
99:64:e0:6b:e7:3d:ca:26:9d:0c:f3:76:b9:c4:9f:84:73:e7:
64:b6:f9:eb:ac:d7:f2:16:8c:72:04:aa:4a:f1:93:4c:cd:62:
89:d9:98:9a:61:e7:95:5b:0e:ce:c9:ac:ee:7c:ff:d7:d7:fe:
cd:e3:d5:32:ab:ec:3e:5e:10:47:b1:91:a9:b9:b4:cb:27:d8:
49:d3:cc:e7:b1:fc:f2:49:a6:19:c8:de:03:59:fd:2e:59:db:
43:19:ed:e4:99:a3:3c:32:cc:ff:4d:58:e3:54:12:25:6c:d3:
bd:fb:82:f1:93:25:a3:8f:ce:9a:60:55:3c:2b:73:6c:37:35:
a8:cb:2b:86:ad:89:6e:14:90:70:96:eb:b3:63:47:a9:97:79:
c9:43:c6:66:ae:ab:0e:e2:60:99:d0:38:52:d2:c7:c2:2e:d8:
2a:16:22:4e:bf:54:75:93:bc:00:7b:30:68:60:75:5c:a6:d1:
30:2a:fd:b7:b9:67:8b:55:af:1b:7e:fc:ad:be:c9:14:26:a9:
1c:79:72:e2
-1684583448 | 2024-04-09T10:00:55.545492
5357 /
tcp
HTTP/1.1 503 Service Unavailable
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Tue, 09 Apr 2024 10:00:55 GMT
Connection: close
Content-Length: 326
1378095735 | 2024-04-10T11:26:07.996075
7788 /
tcp
HTTP/1.1 302 Found
Date: Wed, 10 Apr 2024 11:26:07 GMT
Connection: keep-alive
Location: https://cfx.re/join/jzqpvk
Transfer-Encoding: chunked
