722168332 | 2024-11-15T06:49:39.905632
80 /
tcp
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Location: https://104.199.19.35/
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 15 Nov 2024 06:49:39 GMT
Content-Length: 145
89538180 | 2024-11-18T05:07:15.200132
83 /
tcp
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 18 Nov 2024 05:07:15 GMT
Content-Length: 813
-1047262034 | 2024-11-13T19:21:39.684836
135 /
tcp
Microsoft RPC Endpoint Mapper
d95afe70-a6d5-4259-822e-2c84da1ddb0d
version: v1.0
protocol: [MS-RSP]: Remote Shutdown Protocol
provider: wininit.exe
ncacn_ip_tcp: 172.16.20.10:49664
ncalrpc: WindowsShutdown
ncacn_np: \\WEBSERVER3\PIPE\InitShutdown
ncalrpc: WMsgKRpc051A40
76f226c3-ec14-4325-8a99-6a46348418af
version: v1.0
provider: winlogon.exe
ncalrpc: WindowsShutdown
ncacn_np: \\WEBSERVER3\PIPE\InitShutdown
ncalrpc: WMsgKRpc051A40
ncalrpc: WMsgKRpc052BD1
ncalrpc: WMsgKRpc039FFCD2
ncalrpc: WMsgKRpc2C50470653
fc48cd89-98d6-4628-9839-86f7a3e4161a
version: v1.0
ncalrpc: dabrpc
ncalrpc: csebpub
ncalrpc: LRPC-6ef295f3bda95847bd
ncalrpc: LRPC-1dca29dd1874981d1f
ncalrpc: LRPC-ce9fb8bd1a5421f76f
ncalrpc: LRPC-e5e917aae156c6a1ac
ncalrpc: LRPC-1756e6acbb1367eeee
ncalrpc: OLE823D88587291C0C9579CC53B0FD3
ncalrpc: LRPC-20b9cd61882feea9c1
ncalrpc: actkernel
ncalrpc: umpo
d09bdeb5-6171-4a34-bfe2-06fa82652568
version: v1.0
ncalrpc: csebpub
ncalrpc: LRPC-6ef295f3bda95847bd
ncalrpc: LRPC-1dca29dd1874981d1f
ncalrpc: LRPC-ce9fb8bd1a5421f76f
ncalrpc: LRPC-e5e917aae156c6a1ac
ncalrpc: LRPC-1756e6acbb1367eeee
ncalrpc: OLE823D88587291C0C9579CC53B0FD3
ncalrpc: LRPC-20b9cd61882feea9c1
ncalrpc: actkernel
ncalrpc: umpo
ncalrpc: LRPC-1dca29dd1874981d1f
ncalrpc: LRPC-ce9fb8bd1a5421f76f
ncalrpc: LRPC-e5e917aae156c6a1ac
ncalrpc: LRPC-1756e6acbb1367eeee
ncalrpc: OLE823D88587291C0C9579CC53B0FD3
ncalrpc: LRPC-20b9cd61882feea9c1
ncalrpc: actkernel
ncalrpc: umpo
ncalrpc: LRPC-ce9fb8bd1a5421f76f
ncalrpc: LRPC-e5e917aae156c6a1ac
ncalrpc: LRPC-1756e6acbb1367eeee
ncalrpc: OLE823D88587291C0C9579CC53B0FD3
ncalrpc: LRPC-20b9cd61882feea9c1
ncalrpc: actkernel
ncalrpc: umpo
ncalrpc: LRPC-9da446f5eaa6627744
ncalrpc: LRPC-acfe1da8b88c08d6e1
697dcda9-3ba9-4eb2-9247-e11f1901b0d2
version: v1.0
ncalrpc: LRPC-6ef295f3bda95847bd
ncalrpc: LRPC-1dca29dd1874981d1f
ncalrpc: LRPC-ce9fb8bd1a5421f76f
ncalrpc: LRPC-e5e917aae156c6a1ac
ncalrpc: LRPC-1756e6acbb1367eeee
ncalrpc: OLE823D88587291C0C9579CC53B0FD3
ncalrpc: LRPC-20b9cd61882feea9c1
ncalrpc: actkernel
ncalrpc: umpo
9b008953-f195-4bf9-bde0-4471971e58ed
version: v1.0
ncalrpc: LRPC-1dca29dd1874981d1f
ncalrpc: LRPC-ce9fb8bd1a5421f76f
ncalrpc: LRPC-e5e917aae156c6a1ac
ncalrpc: LRPC-1756e6acbb1367eeee
ncalrpc: OLE823D88587291C0C9579CC53B0FD3
ncalrpc: LRPC-20b9cd61882feea9c1
ncalrpc: actkernel
ncalrpc: umpo
dd59071b-3215-4c59-8481-972edadc0f6a
version: v1.0
ncalrpc: umpo
0d47017b-b33b-46ad-9e18-fe96456c5078
version: v1.0
ncalrpc: umpo
95406f0b-b239-4318-91bb-cea3a46ff0dc
version: v1.0
ncalrpc: umpo
4ed8abcc-f1e2-438b-981f-bb0e8abc010c
version: v1.0
ncalrpc: umpo
0ff1f646-13bb-400a-ab50-9a78f2b7a85a
version: v1.0
ncalrpc: umpo
6982a06e-5fe2-46b1-b39c-a2c545bfa069
version: v1.0
ncalrpc: umpo
082a3471-31b6-422a-b931-a54401960c62
version: v1.0
ncalrpc: umpo
fae436b0-b864-4a87-9eda-298547cd82f2
version: v1.0
ncalrpc: umpo
e53d94ca-7464-4839-b044-09a2fb8b3ae5
version: v1.0
ncalrpc: umpo
178d84be-9291-4994-82c6-3f909aca5a03
version: v1.0
ncalrpc: umpo
4dace966-a243-4450-ae3f-9b7bcb5315b8
version: v2.0
ncalrpc: umpo
1832bcf6-cab8-41d4-85d2-c9410764f75a
version: v1.0
ncalrpc: umpo
c521facf-09a9-42c5-b155-72388595cbf0
version: v0.0
ncalrpc: umpo
2c7fd9ce-e706-4b40-b412-953107ef9bb0
version: v0.0
ncalrpc: umpo
88abcbc3-34ea-76ae-8215-767520655a23
version: v0.0
ncalrpc: LRPC-e5e917aae156c6a1ac
ncalrpc: LRPC-1756e6acbb1367eeee
ncalrpc: OLE823D88587291C0C9579CC53B0FD3
ncalrpc: LRPC-20b9cd61882feea9c1
ncalrpc: actkernel
ncalrpc: umpo
76c217bc-c8b4-4201-a745-373ad9032b1a
version: v1.0
ncalrpc: LRPC-e5e917aae156c6a1ac
ncalrpc: LRPC-1756e6acbb1367eeee
ncalrpc: OLE823D88587291C0C9579CC53B0FD3
ncalrpc: LRPC-20b9cd61882feea9c1
ncalrpc: actkernel
ncalrpc: umpo
55e6b932-1979-45d6-90c5-7f6270724112
version: v1.0
ncalrpc: LRPC-e5e917aae156c6a1ac
ncalrpc: LRPC-1756e6acbb1367eeee
ncalrpc: OLE823D88587291C0C9579CC53B0FD3
ncalrpc: LRPC-20b9cd61882feea9c1
ncalrpc: actkernel
ncalrpc: umpo
857fb1be-084f-4fb5-b59c-4b2c4be5f0cf
version: v1.0
ncalrpc: LRPC-1756e6acbb1367eeee
ncalrpc: OLE823D88587291C0C9579CC53B0FD3
ncalrpc: LRPC-20b9cd61882feea9c1
ncalrpc: actkernel
ncalrpc: umpo
b8cadbaf-e84b-46b9-84f2-6f71c03f9e55
version: v1.0
ncalrpc: LRPC-1756e6acbb1367eeee
ncalrpc: OLE823D88587291C0C9579CC53B0FD3
ncalrpc: LRPC-20b9cd61882feea9c1
ncalrpc: actkernel
ncalrpc: umpo
20c40295-8dba-48e6-aebf-3e78ef3bb144
version: v1.0
ncalrpc: LRPC-1756e6acbb1367eeee
ncalrpc: OLE823D88587291C0C9579CC53B0FD3
ncalrpc: LRPC-20b9cd61882feea9c1
ncalrpc: actkernel
ncalrpc: umpo
2513bcbe-6cd4-4348-855e-7efb3c336dd3
version: v1.0
ncalrpc: LRPC-1756e6acbb1367eeee
ncalrpc: OLE823D88587291C0C9579CC53B0FD3
ncalrpc: LRPC-20b9cd61882feea9c1
ncalrpc: actkernel
ncalrpc: umpo
0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e
version: v1.0
ncalrpc: LRPC-20b9cd61882feea9c1
ncalrpc: actkernel
ncalrpc: umpo
c605f9fb-f0a3-4e2a-a073-73560f8d9e3e
version: v1.0
ncalrpc: LRPC-20b9cd61882feea9c1
ncalrpc: actkernel
ncalrpc: umpo
1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0
version: v1.0
ncalrpc: LRPC-20b9cd61882feea9c1
ncalrpc: actkernel
ncalrpc: umpo
8bfc3be1-6def-4e2d-af74-7c47cd0ade4a
version: v1.0
ncalrpc: LRPC-20b9cd61882feea9c1
ncalrpc: actkernel
ncalrpc: umpo
2d98a740-581d-41b9-aa0d-a88b9d5ce938
version: v1.0
ncalrpc: LRPC-20b9cd61882feea9c1
ncalrpc: actkernel
ncalrpc: umpo
0361ae94-0316-4c6c-8ad8-c594375800e2
version: v1.0
ncalrpc: umpo
5824833b-3c1a-4ad2-bdfd-c31d19e23ed2
version: v1.0
ncalrpc: umpo
bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760
version: v1.0
ncalrpc: umpo
3b338d89-6cfa-44b8-847e-531531bc9992
version: v1.0
ncalrpc: umpo
8782d3b9-ebbd-4644-a3d8-e8725381919b
version: v1.0
ncalrpc: umpo
085b0334-e454-4d91-9b8c-4134f9e793f3
version: v1.0
ncalrpc: umpo
4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9
version: v1.0
ncalrpc: umpo
c9ac6db5-82b7-4e55-ae8a-e464ed7b4277
version: v1.0
annotation: Impl friendly name
provider: sysntfy.dll
ncalrpc: LRPC-815f28b66ebea0fad1
ncalrpc: LRPC-78bc8bcb6e9b298bda
ncalrpc: IUserProfile2
ncalrpc: LRPC-40c2d83b6afd39eb77
ncalrpc: senssvc
ncalrpc: LRPC-315f7ce48cf37e3ffd
f3f09ffd-fbcf-4291-944d-70ad6e0e73bb
version: v1.0
ncalrpc: LRPC-f8fd9f0f4769dc9e92
ncalrpc: LRPC-ca4d242ea2e28b005f
ncalrpc: LRPC-1f65bf60f694d8f7f9
30adc50c-5cbc-46ce-9a0e-91914789e23c
version: v1.0
annotation: NRP server endpoint
provider: nrpsrv.dll
ncalrpc: LRPC-efd3a9d8d51564e196
7ea70bcf-48af-4f6a-8968-6a440754d5fa
version: v1.0
annotation: NSI server endpoint
provider: nsisvc.dll
ncalrpc: LRPC-dcf9c72991f762132b
a500d4c6-0dd1-4543-bc0c-d5f93486eaf8
version: v1.0
ncalrpc: LRPC-f74b887aece1db8217
ncalrpc: LRPC-9da446f5eaa6627744
e40f7b57-7a25-4cd3-a135-7f7d3df9d16b
version: v1.0
annotation: Network Connection Broker server endpoint
ncalrpc: LRPC-56a4da58c759eb52ca
ncalrpc: OLE4A10CDCBE808398CA30FCA331E35
ncalrpc: LRPC-fa3cf42e40016a343f
ncalrpc: LRPC-acfe1da8b88c08d6e1
880fd55e-43b9-11e0-b1a8-cf4edfd72085
version: v1.0
annotation: KAPI Service endpoint
ncalrpc: LRPC-56a4da58c759eb52ca
ncalrpc: OLE4A10CDCBE808398CA30FCA331E35
ncalrpc: LRPC-fa3cf42e40016a343f
ncalrpc: LRPC-acfe1da8b88c08d6e1
5222821f-d5e2-4885-84f1-5f6185a0ec41
version: v1.0
annotation: Network Connection Broker server endpoint for NCB Reset module
ncalrpc: LRPC-fa3cf42e40016a343f
ncalrpc: LRPC-acfe1da8b88c08d6e1
3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6
version: v1.0
annotation: DHCPv6 Client LRPC Endpoint
provider: dhcpcsvc6.dll
ncalrpc: dhcpcsvc6
ncalrpc: dhcpcsvc
3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5
version: v1.0
annotation: DHCP Client LRPC Endpoint
provider: dhcpcsvc.dll
ncalrpc: dhcpcsvc
f6beaff7-1e19-4fbb-9f8f-b89e2018337c
version: v1.0
annotation: Event log TCPIP
protocol: [MS-EVEN6]: EventLog Remoting Protocol
provider: wevtsvc.dll
ncacn_ip_tcp: 172.16.20.10:49665
ncacn_np: \\WEBSERVER3\pipe\eventlog
ncalrpc: eventlog
df4df73a-c52d-4e3a-8003-8437fdf8302a
version: v0.0
annotation: WM_WindowManagerRPC\Server
ncalrpc: LRPC-6029a09310a11c3b49
2eb08e3e-639f-4fba-97b1-14f878961076
version: v1.0
annotation: Group Policy RPC Interface
provider: gpsvc.dll
ncalrpc: LRPC-f354147541a2af1adf
3a9ef155-691d-4449-8d05-09ad57031823
version: v1.0
ncacn_ip_tcp: 172.16.20.10:49666
ncalrpc: LRPC-53fa21d988cbe4f125
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\WEBSERVER3\PIPE\atsvc
ncalrpc: LRPC-f1eaf05ed6911d692b
86d35949-83c9-4044-b424-db363231fd0c
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: schedsvc.dll
ncacn_ip_tcp: 172.16.20.10:49666
ncalrpc: LRPC-53fa21d988cbe4f125
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\WEBSERVER3\PIPE\atsvc
ncalrpc: LRPC-f1eaf05ed6911d692b
33d84484-3626-47ee-8c6f-e7e98b113be1
version: v2.0
ncalrpc: LRPC-53fa21d988cbe4f125
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\WEBSERVER3\PIPE\atsvc
ncalrpc: LRPC-f1eaf05ed6911d692b
378e52b0-c0a9-11cf-822d-00aa0051e40f
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: taskcomp.dll
ncacn_np: \\WEBSERVER3\PIPE\atsvc
ncalrpc: LRPC-f1eaf05ed6911d692b
1ff70682-0a51-30e8-076d-740be8cee98b
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: taskcomp.dll
ncacn_np: \\WEBSERVER3\PIPE\atsvc
ncalrpc: LRPC-f1eaf05ed6911d692b
0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53
version: v1.0
provider: schedsvc.dll
ncalrpc: LRPC-f1eaf05ed6911d692b
3473dd4d-2e88-4006-9cba-22570909dd10
version: v5.256
annotation: WinHttp Auto-Proxy Service
ncalrpc: 491cd5a1-1ad6-478f-9eea-6f5139cd8501
ncalrpc: LRPC-bbfa4b95b4478ddc6a
2fb92682-6599-42dc-ae13-bd2ca89bd11c
version: v1.0
annotation: Fw APIs
provider: MPSSVC.dll
ncalrpc: LRPC-617957fe48f20940e7
ncalrpc: LRPC-ad180ed117386dc131
ncalrpc: LRPC-1ea62bff79b3a14015
ncalrpc: LRPC-0aba4fa1722a42d26d
f47433c3-3e9d-4157-aad4-83aa1f5c2d4c
version: v1.0
annotation: Fw APIs
ncalrpc: LRPC-ad180ed117386dc131
ncalrpc: LRPC-1ea62bff79b3a14015
ncalrpc: LRPC-0aba4fa1722a42d26d
7f9d11bf-7fb9-436b-a812-b2d50c5d4c03
version: v1.0
annotation: Fw APIs
provider: MPSSVC.dll
ncalrpc: LRPC-1ea62bff79b3a14015
ncalrpc: LRPC-0aba4fa1722a42d26d
dd490425-5325-4565-b774-7e27d6c09c24
version: v1.0
annotation: Base Firewall Engine API
provider: BFE.DLL
ncalrpc: LRPC-0aba4fa1722a42d26d
c2d1b5dd-fa81-4460-9dd6-e7658b85454b
version: v1.0
ncalrpc: LRPC-c1e20ca9b6236e16cd
ncalrpc: OLE2338BD3338CDBFC9096987B25924
f44e62af-dab1-44c2-8013-049a9de417d6
version: v1.0
ncalrpc: LRPC-c1e20ca9b6236e16cd
ncalrpc: OLE2338BD3338CDBFC9096987B25924
7aeb6705-3ae6-471a-882d-f39c109edc12
version: v1.0
ncalrpc: LRPC-c1e20ca9b6236e16cd
ncalrpc: OLE2338BD3338CDBFC9096987B25924
e7f76134-9ef5-4949-a2d6-3368cc0988f3
version: v1.0
ncalrpc: LRPC-c1e20ca9b6236e16cd
ncalrpc: OLE2338BD3338CDBFC9096987B25924
b37f900a-eae4-4304-a2ab-12bb668c0188
version: v1.0
ncalrpc: LRPC-c1e20ca9b6236e16cd
ncalrpc: OLE2338BD3338CDBFC9096987B25924
abfb6ca3-0c5e-4734-9285-0aee72fe8d1c
version: v1.0
ncalrpc: LRPC-c1e20ca9b6236e16cd
ncalrpc: OLE2338BD3338CDBFC9096987B25924
30b044a5-a225-43f0-b3a4-e060df91f9c1
version: v1.0
provider: certprop.dll
ncalrpc: LRPC-927a1592f7835a7c1b
7f1343fe-50a9-4927-a778-0c5859517bac
version: v1.0
annotation: DfsDs service
ncacn_np: \\WEBSERVER3\PIPE\wkssvc
ncalrpc: LRPC-0bbc07dff76b46444b
eb081a0d-10ee-478a-a1dd-50995283e7a8
version: v3.0
annotation: Witness Client Test Interface
ncalrpc: LRPC-0bbc07dff76b46444b
f2c9b409-c1c9-4100-8639-d8ab1486694a
version: v1.0
annotation: Witness Client Upcall Server
ncalrpc: LRPC-0bbc07dff76b46444b
51a227ae-825b-41f2-b4a9-1ac9557a1018
version: v1.0
annotation: Ngc Pop Key Service
ncacn_ip_tcp: 172.16.20.10:49749
ncacn_ip_tcp: 172.16.20.10:49669
ncalrpc: NETLOGON_LRPC
ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: LSA_IDPEXT_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\WEBSERVER3\pipe\lsass
8fb74744-b2ff-4c00-be0d-9ef9a191fe1b
version: v1.0
annotation: Ngc Pop Key Service
ncacn_ip_tcp: 172.16.20.10:49749
ncacn_ip_tcp: 172.16.20.10:49669
ncalrpc: NETLOGON_LRPC
ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: LSA_IDPEXT_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\WEBSERVER3\pipe\lsass
b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86
version: v2.0
annotation: KeyIso
ncacn_ip_tcp: 172.16.20.10:49749
ncacn_ip_tcp: 172.16.20.10:49669
ncalrpc: NETLOGON_LRPC
ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: LSA_IDPEXT_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\WEBSERVER3\pipe\lsass
12345778-1234-abcd-ef00-0123456789ac
version: v1.0
protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
provider: samsrv.dll
ncacn_ip_tcp: 172.16.20.10:49749
ncacn_ip_tcp: 172.16.20.10:49669
ncalrpc: NETLOGON_LRPC
ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: LSA_IDPEXT_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\WEBSERVER3\pipe\lsass
0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7
version: v0.0
annotation: RemoteAccessCheck
protocol: [MS-RAA]: Remote Authorization API Protocol
ncacn_ip_tcp: 172.16.20.10:49669
ncalrpc: NETLOGON_LRPC
ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: LSA_IDPEXT_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\WEBSERVER3\pipe\lsass
ncacn_ip_tcp: 172.16.20.10:49669
ncalrpc: NETLOGON_LRPC
ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: LSA_IDPEXT_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\WEBSERVER3\pipe\lsass
c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1
version: v1.0
annotation: Adh APIs
ncalrpc: OLEF59889F246B1D72604DB6329DD79
ncalrpc: TeredoControl
ncalrpc: TeredoDiagnostics
ncalrpc: LRPC-e3ed4fec94c8300b43
c36be077-e14b-4fe9-8abc-e856ef4f048b
version: v1.0
annotation: Proxy Manager client server endpoint
ncalrpc: TeredoControl
ncalrpc: TeredoDiagnostics
ncalrpc: LRPC-e3ed4fec94c8300b43
2e6035b2-e8f1-41a7-a044-656b439c4c34
version: v1.0
annotation: Proxy Manager provider server endpoint
ncalrpc: TeredoControl
ncalrpc: TeredoDiagnostics
ncalrpc: LRPC-e3ed4fec94c8300b43
552d076a-cb29-4e44-8b6a-d15e59e2c0af
version: v1.0
annotation: IP Transition Configuration endpoint
provider: iphlpsvc.dll
ncalrpc: LRPC-e3ed4fec94c8300b43
29770a8f-829b-4158-90a2-78cd488501f7
version: v1.0
ncacn_ip_tcp: 172.16.20.10:49672
ncacn_np: \\WEBSERVER3\pipe\SessEnvPublicRpc
ncalrpc: SessEnvPrivateRpc
ncalrpc: LRPC-315f7ce48cf37e3ffd
a398e520-d59a-4bdd-aa7a-3c1e0303a511
version: v1.0
annotation: IKE/Authip API
provider: IKEEXT.DLL
ncalrpc: LRPC-156ea2a38729d29cea
76f03f96-cdfd-44fc-a22c-64950a001209
version: v1.0
protocol: [MS-PAR]: Print System Asynchronous Remote Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 172.16.20.10:49676
ncalrpc: LRPC-5425f7a019376e0392
4a452661-8290-4b36-8fbe-7f4093a94978
version: v1.0
provider: spoolsv.exe
ncacn_ip_tcp: 172.16.20.10:49676
ncalrpc: LRPC-5425f7a019376e0392
ae33069b-a2a8-46ee-a235-ddfd339be281
version: v1.0
protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 172.16.20.10:49676
ncalrpc: LRPC-5425f7a019376e0392
0b6edbfa-4a24-4fc6-8a23-942b1eca65d1
version: v1.0
protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 172.16.20.10:49676
ncalrpc: LRPC-5425f7a019376e0392
12345678-1234-abcd-ef00-0123456789ab
version: v1.0
protocol: [MS-RPRN]: Print System Remote Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 172.16.20.10:49676
ncalrpc: LRPC-5425f7a019376e0392
6b5bdd1e-528c-422c-af8c-a4079be4fe48
version: v1.0
annotation: Remote Fw APIs
protocol: [MS-FASP]: Firewall and Advanced Security Protocol
provider: FwRemoteSvr.dll
ncacn_ip_tcp: 172.16.20.10:49689
ncalrpc: ipsec
1a0d010f-1c33-432c-b0f5-8cf4e8053099
version: v1.0
annotation: IdSegSrv service
ncalrpc: LRPC-6bf43c97437b03b5a1
98716d03-89ac-44c7-bb8c-285824e51c4a
version: v1.0
annotation: XactSrv service
provider: srvsvc.dll
ncalrpc: LRPC-6bf43c97437b03b5a1
b58aa02e-2884-4e97-8176-4ee06d794184
version: v1.0
provider: sysmain.dll
ncalrpc: LRPC-0debf716870c3af864
650a7e26-eab8-5533-ce43-9c1dfce11511
version: v1.0
annotation: Vpn APIs
ncalrpc: LRPC-0ceab6ca72c03f886b
ncalrpc: VpnikeRpc
ncalrpc: RasmanLrpc
ncacn_np: \\WEBSERVER3\PIPE\ROUTER
367abb81-9844-35f1-ad32-98f038001003
version: v2.0
protocol: [MS-SCMR]: Service Control Manager Remote Protocol
provider: services.exe
ncacn_ip_tcp: 172.16.20.10:49714
906b0ce0-c70b-1067-b317-00dd010662da
version: v1.0
protocol: [MS-CMPO]: MSDTC Connection Manager:
provider: msdtcprx.dll
ncalrpc: LRPC-425a5492c54539a09e
ncalrpc: OLEF0412DC80A0CF1B1F074D6EAF518
ncalrpc: LRPC-323eed1f90eab82b23
ncalrpc: LRPC-323eed1f90eab82b23
ncalrpc: LRPC-323eed1f90eab82b23
0d3c7f20-1c8d-4654-a1b3-51563b298bda
version: v1.0
annotation: UserMgrCli
ncalrpc: LRPC-b5388cecd8a6d83539
ncalrpc: OLE3A26FDEE739EF486ADAA6C68CE1B
b18fbab6-56f8-4702-84e0-41053293a869
version: v1.0
annotation: UserMgrCli
ncalrpc: LRPC-b5388cecd8a6d83539
ncalrpc: OLE3A26FDEE739EF486ADAA6C68CE1B
98cd761e-e77d-41c8-a3c0-0fb756d90ec2
version: v1.0
ncalrpc: LRPC-2886b0c8ae20a41534
d22895ef-aff4-42c5-a5b2-b14466d34ab4
version: v1.0
ncalrpc: LRPC-2886b0c8ae20a41534
e38f5360-8572-473e-b696-1b46873beeab
version: v1.0
ncalrpc: LRPC-2886b0c8ae20a41534
95095ec8-32ea-4eb0-a3e2-041f97b36168
version: v1.0
ncalrpc: LRPC-2886b0c8ae20a41534
fd8be72b-a9cd-4b2c-a9ca-4ded242fbe4d
version: v1.0
ncalrpc: LRPC-2886b0c8ae20a41534
4c9dbf19-d39e-4bb9-90ee-8f7179b20283
version: v1.0
ncalrpc: LRPC-2886b0c8ae20a41534
0767a036-0d22-48aa-ba69-b619480f38cb
version: v1.0
annotation: PcaSvc
provider: pcasvc.dll
ncalrpc: LRPC-37cac80c7370c57e87
12e65dd8-887f-41ef-91bf-8d816c42c2e7
version: v1.0
annotation: Secure Desktop LRPC interface
provider: winlogon.exe
ncalrpc: WMsgKRpc039FFCD2
ncalrpc: WMsgKRpc2C50470653
b1ef227e-dfa5-421e-82bb-67a6a129c496
version: v0.0
ncalrpc: LRPC-04fea528d02052ad40
ncalrpc: OLE459B732C76AF094DA0E7E0DD52A4
ncalrpc: LRPC-5ebaba8274a01b25ff
ncalrpc: OLE5453ED5BA4FB6B61117E36053267
0fc77b1a-95d8-4a2e-a0c0-cff54237462b
version: v0.0
ncalrpc: LRPC-04fea528d02052ad40
ncalrpc: OLE459B732C76AF094DA0E7E0DD52A4
ncalrpc: LRPC-5ebaba8274a01b25ff
ncalrpc: OLE5453ED5BA4FB6B61117E36053267
8ec21e98-b5ce-4916-a3d6-449fa428a007
version: v0.0
ncalrpc: LRPC-04fea528d02052ad40
ncalrpc: OLE459B732C76AF094DA0E7E0DD52A4
ncalrpc: LRPC-5ebaba8274a01b25ff
ncalrpc: OLE5453ED5BA4FB6B61117E36053267
54b4c689-969a-476f-8dc2-990885e9f562
version: v0.0
ncalrpc: LRPC-5d1183350092b4cdf4
be7f785e-0e3a-4ab7-91de-7e46e443be29
version: v0.0
ncalrpc: LRPC-5d1183350092b4cdf4
bf4dc912-e52f-4904-8ebe-9317c1bdd497
version: v1.0
ncalrpc: LRPC-09725cc82b467b1c10
ncalrpc: OLE3C30C69C83289D0096FC571C3E48
a4b8d482-80ce-40d6-934d-b22a01a44fe7
version: v1.0
annotation: LicenseManager
ncalrpc: LicenseServiceEndpoint
58e604e8-9adb-4d2e-a464-3b0683fb1480
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncalrpc: LRPC-e4feb99e4c32bf3ec5
fd7a0523-dc70-43dd-9b2e-9c5ed48225b1
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncalrpc: LRPC-e4feb99e4c32bf3ec5
5f54ce7d-5b79-4175-8584-cb65313a0e98
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncalrpc: LRPC-e4feb99e4c32bf3ec5
201ef99a-7fa0-444c-9399-19ba84f12a1a
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncalrpc: LRPC-e4feb99e4c32bf3ec5
0497b57d-2e66-424f-a0c6-157cd5d41700
version: v1.0
annotation: AppInfo
ncalrpc: LRPC-e4feb99e4c32bf3ec5
8c7daf44-b6dc-11d1-9a4c-0020af6e7c57
version: v1.0
annotation: Group Policy RPC Interface
provider: appmgmts.dll
ncalrpc: LRPC-0521c45235959acd87
43890c94-bfd7-4655-ad6a-b4a68397cdcb
version: v0.0
ncalrpc: LRPC-4ac7880ee33eb1dc92
c8ba73d2-3d55-429c-8e9a-c44f006f69fc
version: v0.0
ncalrpc: LRPC-4ac7880ee33eb1dc92
e8748f69-a2a4-40df-9366-62dbeb696e26
version: v0.0
ncalrpc: LRPC-4ac7880ee33eb1dc92
a111f1c5-5923-47c0-9a68-d0bafb577901
version: v1.0
annotation: NetSetup API
ncalrpc: LRPC-754c7ed9d6dcd42111
128581479 | 2024-11-15T06:49:43.402911
443 /
tcp
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Set-Cookie: Language=en; path=/
Set-Cookie: Language=en; path=/
Set-Cookie: Language=en; path=/
Set-Cookie: Language=en; path=/
Set-Cookie: Language=en; path=/
Set-Cookie: Language=en; path=/
Set-Cookie: Language=en; path=/
Set-Cookie: Language=en; path=/
Set-Cookie: Language=en; path=/
Set-Cookie: Language=en; path=/
Set-Cookie: Language=en; path=/
Set-Cookie: Language=en; path=/
Set-Cookie: Language=en; path=/
Set-Cookie: Language=en; path=/
Set-Cookie: Language=en; path=/
Set-Cookie: Language=en; path=/
Set-Cookie: Language=en; path=/
Set-Cookie: Language=en; path=/
Set-Cookie: Language=en; path=/
Set-Cookie: Language=en; path=/
Set-Cookie: Language=en; path=/
Set-Cookie: Language=en; path=/
Set-Cookie: Language=en; path=/
Set-Cookie: Language=en; path=/
X-Powered-By: ASP.NET
Date: Fri, 15 Nov 2024 06:49:43 GMT
Content-Length: 85754
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 809178682672347570 (0xb3ac7b98480f9b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http:\/\/certs.godaddy.com\/repository\/, CN=Go Daddy Secure Certificate Authority - G2
Validity
Not Before: Oct 21 06:48:51 2024 GMT
Not After : May 12 19:10:12 2025 GMT
Subject: CN=alhokair.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:db:99:a1:70:9f:9b:8c:4c:1a:d9:18:f9:9a:94:
a1:98:4f:fd:3a:55:d5:f4:b8:38:2a:3b:e5:47:20:
20:c8:94:18:ce:53:d4:99:7c:64:30:09:46:3f:24:
ac:8f:27:f5:cd:da:ba:51:ba:ae:f4:ca:4e:5e:ed:
d9:6a:79:db:18:65:e6:ff:8c:ed:be:1a:bc:e6:20:
b7:c7:da:02:86:4d:c1:65:8f:a4:09:15:ed:ed:50:
4b:ed:68:3b:f4:04:84:be:80:cc:c1:9a:5a:23:83:
c0:3b:35:fd:c2:8c:be:d4:49:d7:1d:00:30:47:6c:
dc:00:ed:af:24:0b:a3:e7:ac:52:ef:16:e0:40:39:
86:18:94:58:77:d5:82:cb:a7:39:25:a2:ca:c5:3e:
a8:00:9f:8f:47:eb:6d:3d:c3:7c:c1:0e:0c:03:19:
79:83:b5:b3:19:ca:d1:25:70:f5:8d:9a:92:ed:dc:
9f:e0:2e:80:c6:fd:0a:fa:84:a3:91:be:39:a5:0d:
0e:98:55:ac:b0:24:16:76:86:06:64:3a:13:21:4f:
2d:6b:e1:a1:ef:f0:92:0c:df:7e:ff:0d:59:ce:10:
5a:3b:f3:08:55:fd:e9:da:f1:2f:89:d7:2b:8c:21:
93:e0:f0:6b:cd:11:84:ef:10:1c:22:23:1e:26:91:
54:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 CRL Distribution Points:
Full Name:
URI:http://crl.godaddy.com/gdig2s1-31613.crl
X509v3 Certificate Policies:
Policy: 2.16.840.1.114413.1.7.23.1
CPS: http://certificates.godaddy.com/repository/
Policy: 2.23.140.1.2.1
Authority Information Access:
OCSP - URI:http://ocsp.godaddy.com/
CA Issuers - URI:http://certificates.godaddy.com/repository/gdig2.crt
X509v3 Authority Key Identifier:
40:C2:BD:27:8E:CC:34:83:30:A2:33:D7:FB:6C:B3:F0:B4:2C:80:CE
X509v3 Subject Alternative Name:
DNS:ahgincapi.alhokair.com, DNS:alhokair.com, DNS:www.alhokair.com, DNS:hwaiver.alhokair.com, DNS:qrapp.alhokair.com, DNS:promotions.alhokair.com
X509v3 Subject Key Identifier:
03:2F:D7:DD:FC:7D:E4:F9:50:92:DE:45:2F:76:B4:69:E9:11:34:CF
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
Timestamp : Oct 21 06:48:53.451 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:3A:9D:0F:B3:C0:C7:88:A4:6D:CE:AD:F1:
EE:BA:13:C9:9E:1E:A4:03:8B:07:16:BD:8C:AB:95:8B:
1F:43:FD:4A:02:21:00:CC:A3:54:29:81:B6:8B:BB:E0:
D0:35:27:04:C8:33:74:08:04:9B:42:08:84:FA:B7:10:
7D:EB:D6:E1:1E:A1:6B
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 7D:59:1E:12:E1:78:2A:7B:1C:61:67:7C:5E:FD:F8:D0:
87:5C:14:A0:4E:95:9E:B9:03:2F:D9:0E:8C:2E:79:B8
Timestamp : Oct 21 06:48:53.703 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:E0:21:C4:CB:8C:DF:50:CF:84:51:17:
A5:75:CB:BB:B3:70:34:07:B6:35:20:B5:46:AA:30:54:
2C:A1:0E:4E:A8:02:20:7F:8C:A7:73:6C:84:00:2D:D4:
DE:38:A0:FD:BE:8C:18:06:07:EF:CB:4A:76:4E:64:C7:
18:A6:C7:E3:D8:2D:03
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
Timestamp : Oct 21 06:48:56.933 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:68:BB:38:34:14:18:66:DC:5B:37:5B:83:
3D:A3:27:66:78:D8:EA:7F:BD:DA:26:C8:C8:BC:9D:21:
1B:48:A5:F4:02:20:2B:E5:F2:26:37:66:C7:DA:1B:88:
AE:39:30:1D:7C:C2:DD:06:3A:D4:F8:C9:11:BA:FD:C4:
C4:0E:A8:55:EC:1D
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
23:7a:da:00:45:ec:b0:45:bc:d6:23:3e:a8:c4:c4:ba:3a:fb:
39:43:c3:57:47:7b:d0:85:99:77:1d:2f:86:19:91:dd:45:d9:
1c:c4:54:8c:e4:b5:97:2e:ff:ff:27:90:4f:95:53:40:65:9b:
60:a1:70:5b:9a:0e:d8:b3:3c:65:0e:34:2a:e5:04:4c:33:fd:
ec:37:ef:8a:e3:85:e3:98:90:dc:98:99:3c:5e:c7:7c:de:85:
82:3f:6a:8b:9b:ea:e5:bf:d4:6f:e3:fb:cf:10:54:83:01:48:
1e:67:e4:7c:15:3b:e0:3d:d6:27:13:f1:8a:6b:dc:cb:95:04:
3b:2b:b2:29:ee:fe:51:d4:fa:8c:89:1e:bf:9d:e9:24:ff:e7:
8c:3a:5c:58:26:51:8c:67:96:f4:2c:4a:7d:89:b0:d2:39:10:
d5:0d:9b:eb:c2:4f:55:f1:66:f4:e3:c9:22:2a:25:ab:9e:0f:
04:79:29:0d:8c:4d:90:59:7f:d1:c9:91:e8:f3:49:a9:12:62:
b6:f4:2b:8e:3f:c7:5b:71:58:2b:89:56:fd:a6:2f:0e:96:4b:
03:57:6f:5c:7a:16:05:f9:1e:b1:46:29:71:9f:e0:af:1e:c1:
3a:1e:1e:38:0b:99:39:44:6c:ce:fe:84:f7:aa:ab:35:7e:89:
b4:7b:2e:db
1298793639 | 2024-11-08T17:12:24.753574
444 /
tcp
HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Fri, 08 Nov 2024 17:12:24 GMT
Connection: close
Content-Length: 334
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 809178682672347570 (0xb3ac7b98480f9b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http:\/\/certs.godaddy.com\/repository\/, CN=Go Daddy Secure Certificate Authority - G2
Validity
Not Before: Oct 21 06:48:51 2024 GMT
Not After : May 12 19:10:12 2025 GMT
Subject: CN=alhokair.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:db:99:a1:70:9f:9b:8c:4c:1a:d9:18:f9:9a:94:
a1:98:4f:fd:3a:55:d5:f4:b8:38:2a:3b:e5:47:20:
20:c8:94:18:ce:53:d4:99:7c:64:30:09:46:3f:24:
ac:8f:27:f5:cd:da:ba:51:ba:ae:f4:ca:4e:5e:ed:
d9:6a:79:db:18:65:e6:ff:8c:ed:be:1a:bc:e6:20:
b7:c7:da:02:86:4d:c1:65:8f:a4:09:15:ed:ed:50:
4b:ed:68:3b:f4:04:84:be:80:cc:c1:9a:5a:23:83:
c0:3b:35:fd:c2:8c:be:d4:49:d7:1d:00:30:47:6c:
dc:00:ed:af:24:0b:a3:e7:ac:52:ef:16:e0:40:39:
86:18:94:58:77:d5:82:cb:a7:39:25:a2:ca:c5:3e:
a8:00:9f:8f:47:eb:6d:3d:c3:7c:c1:0e:0c:03:19:
79:83:b5:b3:19:ca:d1:25:70:f5:8d:9a:92:ed:dc:
9f:e0:2e:80:c6:fd:0a:fa:84:a3:91:be:39:a5:0d:
0e:98:55:ac:b0:24:16:76:86:06:64:3a:13:21:4f:
2d:6b:e1:a1:ef:f0:92:0c:df:7e:ff:0d:59:ce:10:
5a:3b:f3:08:55:fd:e9:da:f1:2f:89:d7:2b:8c:21:
93:e0:f0:6b:cd:11:84:ef:10:1c:22:23:1e:26:91:
54:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 CRL Distribution Points:
Full Name:
URI:http://crl.godaddy.com/gdig2s1-31613.crl
X509v3 Certificate Policies:
Policy: 2.16.840.1.114413.1.7.23.1
CPS: http://certificates.godaddy.com/repository/
Policy: 2.23.140.1.2.1
Authority Information Access:
OCSP - URI:http://ocsp.godaddy.com/
CA Issuers - URI:http://certificates.godaddy.com/repository/gdig2.crt
X509v3 Authority Key Identifier:
40:C2:BD:27:8E:CC:34:83:30:A2:33:D7:FB:6C:B3:F0:B4:2C:80:CE
X509v3 Subject Alternative Name:
DNS:ahgincapi.alhokair.com, DNS:alhokair.com, DNS:www.alhokair.com, DNS:hwaiver.alhokair.com, DNS:qrapp.alhokair.com, DNS:promotions.alhokair.com
X509v3 Subject Key Identifier:
03:2F:D7:DD:FC:7D:E4:F9:50:92:DE:45:2F:76:B4:69:E9:11:34:CF
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
Timestamp : Oct 21 06:48:53.451 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:3A:9D:0F:B3:C0:C7:88:A4:6D:CE:AD:F1:
EE:BA:13:C9:9E:1E:A4:03:8B:07:16:BD:8C:AB:95:8B:
1F:43:FD:4A:02:21:00:CC:A3:54:29:81:B6:8B:BB:E0:
D0:35:27:04:C8:33:74:08:04:9B:42:08:84:FA:B7:10:
7D:EB:D6:E1:1E:A1:6B
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 7D:59:1E:12:E1:78:2A:7B:1C:61:67:7C:5E:FD:F8:D0:
87:5C:14:A0:4E:95:9E:B9:03:2F:D9:0E:8C:2E:79:B8
Timestamp : Oct 21 06:48:53.703 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:E0:21:C4:CB:8C:DF:50:CF:84:51:17:
A5:75:CB:BB:B3:70:34:07:B6:35:20:B5:46:AA:30:54:
2C:A1:0E:4E:A8:02:20:7F:8C:A7:73:6C:84:00:2D:D4:
DE:38:A0:FD:BE:8C:18:06:07:EF:CB:4A:76:4E:64:C7:
18:A6:C7:E3:D8:2D:03
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
Timestamp : Oct 21 06:48:56.933 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:68:BB:38:34:14:18:66:DC:5B:37:5B:83:
3D:A3:27:66:78:D8:EA:7F:BD:DA:26:C8:C8:BC:9D:21:
1B:48:A5:F4:02:20:2B:E5:F2:26:37:66:C7:DA:1B:88:
AE:39:30:1D:7C:C2:DD:06:3A:D4:F8:C9:11:BA:FD:C4:
C4:0E:A8:55:EC:1D
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
23:7a:da:00:45:ec:b0:45:bc:d6:23:3e:a8:c4:c4:ba:3a:fb:
39:43:c3:57:47:7b:d0:85:99:77:1d:2f:86:19:91:dd:45:d9:
1c:c4:54:8c:e4:b5:97:2e:ff:ff:27:90:4f:95:53:40:65:9b:
60:a1:70:5b:9a:0e:d8:b3:3c:65:0e:34:2a:e5:04:4c:33:fd:
ec:37:ef:8a:e3:85:e3:98:90:dc:98:99:3c:5e:c7:7c:de:85:
82:3f:6a:8b:9b:ea:e5:bf:d4:6f:e3:fb:cf:10:54:83:01:48:
1e:67:e4:7c:15:3b:e0:3d:d6:27:13:f1:8a:6b:dc:cb:95:04:
3b:2b:b2:29:ee:fe:51:d4:fa:8c:89:1e:bf:9d:e9:24:ff:e7:
8c:3a:5c:58:26:51:8c:67:96:f4:2c:4a:7d:89:b0:d2:39:10:
d5:0d:9b:eb:c2:4f:55:f1:66:f4:e3:c9:22:2a:25:ab:9e:0f:
04:79:29:0d:8c:4d:90:59:7f:d1:c9:91:e8:f3:49:a9:12:62:
b6:f4:2b:8e:3f:c7:5b:71:58:2b:89:56:fd:a6:2f:0e:96:4b:
03:57:6f:5c:7a:16:05:f9:1e:b1:46:29:71:9f:e0:af:1e:c1:
3a:1e:1e:38:0b:99:39:44:6c:ce:fe:84:f7:aa:ab:35:7e:89:
b4:7b:2e:db
-1448252747 | 2024-11-09T03:18:42.156753
3389 /
tcp
Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x1f\x08\x00\x02\x00\x00\x00
Remote Desktop Protocol NTLM Info:
OS: Windows 10 (version 1809)/Windows Server 2019 (version 1809)
OS Build: 10.0.17763
Target Name: ALHOKAIR-DC
NetBIOS Domain Name: ALHOKAIR-DC
NetBIOS Computer Name: WEBSERVER3
DNS Domain Name: ALHOKAIR-DC.COM
DNS Tree Name: ALHOKAIR-DC.COM
FQDN: webserver3.ALHOKAIR-DC.COM
Ar Ze lly)
ALHOKAIR-DC)pe...
Ameen Mohammed
pervaz admin
Other user
-Pervaz Admin
ALHOKAIR-DCypervaz.admin
5
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:cc:6e:b1:95:23:02:bd:48:7d:4e:60:36:1b:aa:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=webserver3.ALHOKAIR-DC.COM
Validity
Not Before: Jul 27 10:48:06 2024 GMT
Not After : Jan 26 10:48:06 2025 GMT
Subject: CN=webserver3.ALHOKAIR-DC.COM
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b5:9c:eb:b6:4b:c8:f6:53:1b:a2:8e:a7:eb:28:
aa:18:0c:ec:7e:95:3c:3d:2f:ef:b9:fd:24:82:ce:
c4:ee:9b:ea:7b:75:a8:d5:f9:a9:79:ea:10:d1:cf:
62:18:44:a2:f2:3e:1b:27:f2:83:83:dd:69:91:f7:
6e:0d:7b:5f:6e:69:09:52:11:01:62:35:74:2c:93:
3a:f7:7e:bb:ee:db:9f:d1:6e:c4:9f:cf:62:3b:d6:
ff:be:80:5b:0f:13:fc:20:f8:78:69:aa:44:11:13:
e9:7c:94:35:94:6f:de:6e:69:e0:0b:58:7a:b5:54:
ff:12:e1:83:13:88:89:28:91:14:d9:98:2e:04:b9:
dc:7e:64:6a:49:76:68:51:a9:a0:78:99:7d:50:37:
0b:e5:48:fa:c6:6e:cd:3e:9c:72:83:63:f9:29:bd:
41:f3:70:2d:3c:c2:ab:0d:cd:e4:70:eb:71:c0:0c:
cb:87:4b:d7:56:f1:42:a4:27:38:97:bd:6b:4e:c1:
87:34:af:79:4d:d0:be:a3:cd:ff:cd:bb:60:bf:21:
f2:37:30:0e:42:f7:4e:dd:a3:82:c5:bd:b1:a0:36:
e4:f7:53:10:d3:8a:fd:34:1a:02:6d:5b:5a:16:7f:
50:bd:f4:81:17:6b:3b:e2:28:db:5e:1a:c2:2d:43:
e6:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Extended Key Usage:
TLS Web Server Authentication
X509v3 Key Usage:
Key Encipherment, Data Encipherment
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
32:58:2e:a9:17:a0:c5:78:5b:52:77:83:5f:2d:69:68:e5:cc:
3c:69:4d:ef:d2:23:97:30:dc:56:81:a0:0b:c8:22:97:2f:7f:
12:60:56:b1:cd:ea:b5:30:9a:54:7c:1b:47:12:df:b7:1f:df:
1f:d9:6e:45:5d:50:f0:36:a1:e3:cc:a8:52:05:5b:8a:cd:e2:
d2:55:90:ac:be:e6:62:75:be:4e:02:ad:a9:93:4c:9e:1a:16:
f3:f8:68:55:c9:0c:c5:08:e9:c4:a9:41:f6:7a:86:1c:e7:0c:
d7:c8:7e:4a:74:c8:cf:c4:81:77:ff:7c:4f:ac:a2:52:05:68:
b8:73:45:4d:18:a3:36:db:53:d8:43:ce:cf:59:53:92:f4:e9:
f7:b6:8b:18:22:0c:1e:54:1f:46:a2:0e:84:4a:a2:5f:48:6a:
83:02:e0:ab:39:e7:76:1d:ce:bc:cb:ff:a1:f6:eb:e8:03:86:
ca:06:ea:49:de:1e:32:ce:43:d0:c5:2e:d8:52:16:66:37:df:
2b:ee:20:c6:bb:3e:75:2a:8d:b5:6d:8d:bd:cf:dc:02:9b:7c:
b9:00:1b:1c:e0:9c:89:92:ba:16:07:35:13:db:01:e5:b5:da:
25:c1:1c:b8:06:16:9d:bc:72:15:4f:15:f4:63:af:95:39:1e:
92:7d:88:c1
