Hostnames |
zstmb.com AutoDiscover.zstmb.com MailServer.zstmb.com mail.zstmb.com mailserver.zstmb.com |
Domains | zstmb.com |
Country | China |
City | Shenzhen |
Organization | CHINANET Guangdong province network |
ISP | China Telecom Next Generation Carrier Network |
ASN | AS4809 |
Operating System | Windows |
-553166942 | 2024-10-21T23:30:03.52344453 / udp
Recursion: enabled
1355394294 | 2024-10-17T03:28:13.38181480 / tcp
HTTP/1.1 403 Forbidden Content-Type: text/html Server: Microsoft-IIS/7.5 X-Powered-By: ASP.NET Date: Thu, 17 Oct 2024 03:28:10 GMT Content-Length: 1157
1355394294 | 2024-10-25T18:31:28.67187581 / tcp
HTTP/1.1 403 Forbidden Content-Type: text/html Server: Microsoft-IIS/7.5 X-Powered-By: ASP.NET Date: Fri, 25 Oct 2024 18:30:53 GMT Content-Length: 1157
-2126211945 | 2024-10-16T09:04:49.901738110 / tcp
+OK The Microsoft Exchange POP3 service is ready. +OK TOP UIDL STLS .
Certificate: Data: Version: 3 (0x2) Serial Number: 15:49:ff:21:00:00:00:00:00:17 Signature Algorithm: sha1WithRSAEncryption Issuer: DC=com, DC=zstmb, CN=zstmb-MAILSERVER-CA Validity Not Before: Feb 3 00:48:35 2024 GMT Not After : Feb 2 00:48:35 2026 GMT Subject: C=CN, ST=\xE5\xB9\xBF\xE4\xB8\x9C\xE7\x9C\x81, L=\xE4\xB8\xAD\xE5\xB1\xB1\xE5\xB8\x82, O=TMB, OU=IT, CN=mail.zstmb.com Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:ce:a0:43:ca:17:e7:f9:41:48:51:18:fa:fb:72: db:ac:fa:6d:ab:58:75:96:1e:55:7d:d9:d7:64:64: 0c:cf:63:7c:5e:35:31:36:e6:6e:a1:4a:44:90:e2: bc:46:f5:b1:24:da:97:51:01:54:f0:9e:48:29:dd: 85:d1:23:2d:ba:4d:93:81:df:d4:5c:fc:58:06:04: 2c:f0:25:4c:0a:19:b4:69:90:62:8e:d0:e9:14:89: 8c:80:df:83:58:38:17:6f:cf:e9:1d:d9:f8:c4:8d: bc:eb:38:c3:07:c2:48:a9:63:f4:e5:47:1f:86:3a: 4e:de:39:b6:a8:a9:8b:78:e5:ab:c4:fd:02:f9:2f: a7:9f:30:4b:47:59:e8:e3:51:a4:97:05:39:56:33: f7:3c:e8:97:f7:7c:22:9f:4b:9d:b4:ff:d5:2e:18: 1e:76:e8:18:50:85:e9:e5:fe:a6:96:3c:68:83:d9: e3:2f:17:4c:c0:de:19:0c:ab:af:21:1d:89:4b:7e: 21:47:3f:57:32:1a:8f:98:50:52:44:50:85:5e:fd: 04:5d:74:1d:58:32:e1:40:8e:cb:2b:4c:bc:9a:d9: 80:0e:db:32:fa:ac:35:a2:27:a6:24:b5:89:e8:2e: fa:dd:29:b1:6b:3f:92:81:2e:1e:5a:13:ef:f6:e2: fc:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Subject Key Identifier: D6:35:2A:BF:F4:A5:0D:92:D6:53:D3:4C:76:CF:14:79:9B:D7:85:AA X509v3 Subject Alternative Name: DNS:mail.zstmb.com, DNS:mailserver.zstmb.com, DNS:AutoDiscover.zstmb.com, DNS:MailServer, DNS:zstmb.com X509v3 Authority Key Identifier: C8:30:76:BD:C0:BE:5B:15:B1:3E:1F:8B:53:DF:2C:5E:14:FD:4B:55 X509v3 CRL Distribution Points: Full Name: URI:ldap:///CN=zstmb-MAILSERVER-CA,CN=MailServer,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=zstmb,DC=com?certificateRevocationList?base?objectClass=cRLDistributionPoint Authority Information Access: CA Issuers - URI:ldap:///CN=zstmb-MAILSERVER-CA,CN=AIA,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=zstmb,DC=com?cACertificate?base?objectClass=certificationAuthority 1.3.6.1.4.1.311.20.2: ...W.e.b.S.e.r.v.e.r X509v3 Extended Key Usage: TLS Web Server Authentication Signature Algorithm: sha1WithRSAEncryption Signature Value: 5a:4f:09:a9:8f:e6:58:ce:32:29:aa:c5:16:21:b8:07:47:a9: d0:93:85:05:bc:ec:96:2f:2e:74:81:ca:b8:c7:1f:fc:aa:04: 22:0f:05:6b:bd:55:0b:1f:45:ee:7a:1c:c8:ee:60:fa:55:09: 08:b8:88:21:97:6e:b0:e7:b2:30:d6:2f:5d:bf:a7:f5:4a:dd: 85:fb:7e:34:ae:bd:bb:86:a6:b9:b7:d4:9d:80:4b:e0:76:d0: 7e:bd:7f:12:7f:65:15:4d:a4:db:7c:b2:77:f5:29:48:bc:ba: 16:19:6b:0d:ee:47:f5:e7:49:03:8a:8b:13:e1:9a:ec:ff:28: 5f:46:92:d1:8e:a3:d1:02:f4:b2:5f:d1:b6:ed:95:53:a2:1e: b7:33:95:0d:90:e6:9a:5d:83:21:67:06:0e:d2:e8:ef:c7:b9: 0f:93:02:07:35:88:42:96:fd:52:f8:3c:3d:be:a7:67:5c:89: 62:a6:5c:f6:24:53:1d:dd:bb:ae:67:48:31:21:e5:40:b3:b9: f1:82:f4:3b:bd:fc:08:61:a7:37:7d:44:7f:ba:8e:52:21:6b: df:61:c7:ad:40:73:49:08:d5:5c:5e:98:84:97:57:6b:55:2b: 20:b7:80:32:a4:9c:ca:94:7a:f8:81:64:46:48:40:4c:b3:0b: 76:80:e4:20
-1704707835 | 2024-10-20T15:09:41.512420123 / udp
NTP protocolversion: 3 stratum: 1 leap: 0 precision: -6 rootdelay: 0.0 rootdisp: 10.5269927979 refid: 1280262988 reftime: 3938381561.52 poll: 0
-658432048 | 2024-10-25T17:51:59.115897135 / tcp
Microsoft RPC Endpoint Mapper d95afe70-a6d5-4259-822e-2c84da1ddb0d version: v1.0 protocol: [MS-RSP]: Remote Shutdown Protocol provider: wininit.exe ncacn_ip_tcp: 116.6.193.194:6005 ncalrpc: WindowsShutdown ncacn_np: \\MAILSERVER\PIPE\InitShutdown ncalrpc: WMsgKRpc0183040 76f226c3-ec14-4325-8a99-6a46348418af version: v1.0 provider: winlogon.exe ncalrpc: WindowsShutdown ncacn_np: \\MAILSERVER\PIPE\InitShutdown ncalrpc: WMsgKRpc0183040 ncalrpc: WMsgKRpc0189C61 ncalrpc: WMsgKRpc01EBEDC2 c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 version: v1.0 annotation: Impl friendly name provider: sysntfy.dll ncalrpc: LRPC-cf9c684f81eda625b9 ncacn_np: \\MAILSERVER\PIPE\srvsvc ncacn_ip_tcp: 116.6.193.194:6007 ncacn_np: \\MAILSERVER\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLEADE59FBC08B64A988F96623479D4 ncalrpc: IUserProfile2 ncalrpc: senssvc ncalrpc: OLEADE59FBC08B64A988F96623479D4 ncalrpc: IUserProfile2 ncalrpc: OLEADE59FBC08B64A988F96623479D4 ncalrpc: IUserProfile2 ncalrpc: IUserProfile2 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5 version: v1.0 annotation: DHCP Client LRPC Endpoint provider: dhcpcsvc.dll ncalrpc: dhcpcsvc ncalrpc: dhcpcsvc6 ncacn_ip_tcp: 116.6.193.194:6006 ncacn_np: \\MAILSERVER\pipe\eventlog ncalrpc: eventlog 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6 version: v1.0 annotation: DHCPv6 Client LRPC Endpoint provider: dhcpcsvc6.dll ncalrpc: dhcpcsvc6 ncacn_ip_tcp: 116.6.193.194:6006 ncacn_np: \\MAILSERVER\pipe\eventlog ncalrpc: eventlog 30adc50c-5cbc-46ce-9a0e-91914789e23c version: v1.0 annotation: NRP server endpoint provider: nrpsrv.dll ncacn_ip_tcp: 116.6.193.194:6006 ncacn_np: \\MAILSERVER\pipe\eventlog ncalrpc: eventlog f6beaff7-1e19-4fbb-9f8f-b89e2018337c version: v1.0 annotation: Event log TCPIP protocol: [MS-EVEN6]: EventLog Remoting Protocol provider: wevtsvc.dll ncacn_ip_tcp: 116.6.193.194:6006 ncacn_np: \\MAILSERVER\pipe\eventlog ncalrpc: eventlog 30b044a5-a225-43f0-b3a4-e060df91f9c1 version: v1.0 provider: certprop.dll ncacn_np: \\MAILSERVER\PIPE\srvsvc ncacn_ip_tcp: 116.6.193.194:6007 ncacn_np: \\MAILSERVER\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLEADE59FBC08B64A988F96623479D4 ncalrpc: IUserProfile2 552d076a-cb29-4e44-8b6a-d15e59e2c0af version: v1.0 annotation: IP Transition Configuration endpoint provider: iphlpsvc.dll ncacn_np: \\MAILSERVER\PIPE\srvsvc ncacn_ip_tcp: 116.6.193.194:6007 ncacn_np: \\MAILSERVER\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLEADE59FBC08B64A988F96623479D4 ncalrpc: IUserProfile2 a398e520-d59a-4bdd-aa7a-3c1e0303a511 version: v1.0 annotation: IKE/Authip API provider: IKEEXT.DLL ncacn_np: \\MAILSERVER\PIPE\srvsvc ncacn_ip_tcp: 116.6.193.194:6007 ncacn_np: \\MAILSERVER\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLEADE59FBC08B64A988F96623479D4 ncalrpc: IUserProfile2 98716d03-89ac-44c7-bb8c-285824e51c4a version: v1.0 annotation: XactSrv service provider: srvsvc.dll ncacn_ip_tcp: 116.6.193.194:6007 ncacn_np: \\MAILSERVER\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLEADE59FBC08B64A988F96623479D4 ncalrpc: IUserProfile2 86d35949-83c9-4044-b424-db363231fd0c version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: schedsvc.dll ncacn_ip_tcp: 116.6.193.194:6007 ncacn_np: \\MAILSERVER\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLEADE59FBC08B64A988F96623479D4 ncalrpc: IUserProfile2 378e52b0-c0a9-11cf-822d-00aa0051e40f version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: taskcomp.dll ncacn_np: \\MAILSERVER\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLEADE59FBC08B64A988F96623479D4 ncalrpc: IUserProfile2 1ff70682-0a51-30e8-076d-740be8cee98b version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: taskcomp.dll ncacn_np: \\MAILSERVER\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLEADE59FBC08B64A988F96623479D4 ncalrpc: IUserProfile2 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53 version: v1.0 provider: schedsvc.dll ncalrpc: senssvc ncalrpc: OLEADE59FBC08B64A988F96623479D4 ncalrpc: IUserProfile2 2eb08e3e-639f-4fba-97b1-14f878961076 version: v1.0 provider: gpsvc.dll ncalrpc: OLEADE59FBC08B64A988F96623479D4 ncalrpc: IUserProfile2 3473dd4d-2e88-4006-9cba-22570909dd10 version: v5.256 annotation: WinHttp Auto-Proxy Service ncacn_np: \\MAILSERVER\PIPE\W32TIME_ALT ncalrpc: W32TIME_ALT ncalrpc: LRPC-5b382894a50061ebef ncalrpc: OLE519DE99C70224604A8EC489FF147 7ea70bcf-48af-4f6a-8968-6a440754d5fa version: v1.0 annotation: NSI server endpoint provider: nsisvc.dll ncalrpc: LRPC-5b382894a50061ebef ncalrpc: OLE519DE99C70224604A8EC489FF147 24019106-a203-4642-b88d-82dae9158929 version: v1.0 provider: authui.dll ncalrpc: LRPC-bf35042bb537b67582 2fb92682-6599-42dc-ae13-bd2ca89bd11c version: v1.0 annotation: Fw APIs provider: MPSSVC.dll ncalrpc: LRPC-83062609351f234ab8 7f9d11bf-7fb9-436b-a812-b2d50c5d4c03 version: v1.0 annotation: Fw APIs provider: MPSSVC.dll ncalrpc: LRPC-83062609351f234ab8 dd490425-5325-4565-b774-7e27d6c09c24 version: v1.0 annotation: Base Firewall Engine API provider: BFE.DLL ncalrpc: LRPC-83062609351f234ab8 7f1343fe-50a9-4927-a778-0c5859517bac version: v1.0 annotation: DfsDs service ncacn_np: \\MAILSERVER\PIPE\wkssvc ncalrpc: DNSResolver b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86 version: v1.0 annotation: KeyIso provider: keyiso.dll ncacn_ip_tcp: 116.6.193.194:6011 ncacn_ip_http: 116.6.193.194:6010 ncalrpc: NTDS_LPC ncacn_ip_tcp: 116.6.193.194:6008 ncalrpc: OLE627F11D0D7DD4362AC2D3532B6F9 ncalrpc: samss lpc ncalrpc: dsrole ncacn_np: \\MAILSERVER\PIPE\protected_storage ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncalrpc: LRPC-3b70215740c5d02571 ncacn_np: \\MAILSERVER\pipe\lsass 12345678-1234-abcd-ef00-01234567cffb version: v1.0 protocol: [MS-NRPC]: Netlogon Remote Protocol provider: netlogon.dll ncacn_ip_tcp: 116.6.193.194:6011 ncacn_ip_http: 116.6.193.194:6010 ncalrpc: NTDS_LPC ncacn_ip_tcp: 116.6.193.194:6008 ncalrpc: OLE627F11D0D7DD4362AC2D3532B6F9 ncalrpc: samss lpc ncalrpc: dsrole ncacn_np: \\MAILSERVER\PIPE\protected_storage ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncalrpc: LRPC-3b70215740c5d02571 ncacn_np: \\MAILSERVER\pipe\lsass 12345778-1234-abcd-ef00-0123456789ac version: v1.0 protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol provider: samsrv.dll ncacn_ip_tcp: 116.6.193.194:6011 ncacn_ip_http: 116.6.193.194:6010 ncalrpc: NTDS_LPC ncacn_ip_tcp: 116.6.193.194:6008 ncalrpc: OLE627F11D0D7DD4362AC2D3532B6F9 ncalrpc: samss lpc ncalrpc: dsrole ncacn_np: \\MAILSERVER\PIPE\protected_storage ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncalrpc: LRPC-3b70215740c5d02571 ncacn_np: \\MAILSERVER\pipe\lsass 12345778-1234-abcd-ef00-0123456789ab version: v0.0 protocol: [MS-LSAT]: Local Security Authority (Translation Methods) Remote provider: lsasrv.dll ncacn_ip_http: 116.6.193.194:6010 ncalrpc: NTDS_LPC ncacn_ip_tcp: 116.6.193.194:6008 ncalrpc: OLE627F11D0D7DD4362AC2D3532B6F9 ncalrpc: samss lpc ncalrpc: dsrole ncacn_np: \\MAILSERVER\PIPE\protected_storage ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncalrpc: LRPC-3b70215740c5d02571 ncacn_np: \\MAILSERVER\pipe\lsass f5cc5a18-4264-101a-8c59-08002b2f8426 version: v56.0 annotation: MS NT Directory NSP Interface protocol: [MS-NSPI]: Name Service Provider Interface (NSPI) Protocol provider: ntdsai.dll ncacn_ip_http: 116.6.193.194:6010 ncalrpc: NTDS_LPC ncacn_ip_tcp: 116.6.193.194:6008 ncalrpc: OLE627F11D0D7DD4362AC2D3532B6F9 ncalrpc: samss lpc ncalrpc: dsrole ncacn_np: \\MAILSERVER\PIPE\protected_storage ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncalrpc: LRPC-3b70215740c5d02571 ncacn_np: \\MAILSERVER\pipe\lsass e3514235-4b06-11d1-ab04-00c04fc2dcd2 version: v4.0 annotation: MS NT Directory DRS Interface protocol: [MS-DRSR]: Directory Replication Service (DRS) Remote Protocol provider: ntdsai.dll ncacn_ip_http: 116.6.193.194:6010 ncalrpc: NTDS_LPC ncacn_ip_tcp: 116.6.193.194:6008 ncalrpc: OLE627F11D0D7DD4362AC2D3532B6F9 ncalrpc: samss lpc ncalrpc: dsrole ncacn_np: \\MAILSERVER\PIPE\protected_storage ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncalrpc: LRPC-3b70215740c5d02571 ncacn_np: \\MAILSERVER\pipe\lsass 4a452661-8290-4b36-8fbe-7f4093a94978 version: v1.0 annotation: Spooler function endpoint provider: spoolsv.exe ncalrpc: spoolss ae33069b-a2a8-46ee-a235-ddfd339be281 version: v1.0 annotation: Spooler base remote object endpoint protocol: [MS-PAN]: Print System Asynchronous Notification Protocol provider: spoolsv.exe ncalrpc: spoolss 0b6edbfa-4a24-4fc6-8a23-942b1eca65d1 version: v1.0 annotation: Spooler function endpoint protocol: [MS-PAN]: Print System Asynchronous Notification Protocol provider: spoolsv.exe ncalrpc: spoolss 50abc2a4-574d-40b3-9d66-ee4fd5fba076 version: v5.0 protocol: [MS-DNSP]: Domain Name Service (DNS) Server Management provider: dns.exe ncacn_ip_tcp: 116.6.193.194:6037 12d4b7c8-77d5-11d1-8c24-00c04fa3080d version: v1.0 provider: lserver.dll ncacn_ip_tcp: 116.6.193.194:6039 ncacn_np: \\MAILSERVER\pipe\HydraLsPipe ncalrpc: LRPC-08cfdb523bfd360d8a 3d267954-eeb7-11d1-b94e-00c04fa3080d version: v1.0 provider: lserver.dll ncacn_ip_tcp: 116.6.193.194:6039 ncacn_np: \\MAILSERVER\pipe\HydraLsPipe ncalrpc: LRPC-08cfdb523bfd360d8a 5df3c257-334b-4e96-9efb-a0619255be09 version: v1.0 annotation: 6540 MSExchangeDelivery ncalrpc: LRPC-4b54a027a0cccb0308 ncacn_ip_tcp: 116.6.193.194:6106 ncalrpc: OLE13338E4C907D48398644C5B176C9 ncalrpc: LRPC-4b54a027a0cccb0308 ncacn_ip_tcp: 116.6.193.194:6106 ncalrpc: OLE13338E4C907D48398644C5B176C9 ncalrpc: LRPC-f2bcb3c9ba35ea0936 ncacn_ip_tcp: 116.6.193.194:6130 ncalrpc: OLEA054A2219F3248D9A6C054327BD8 ncalrpc: LRPC-f2bcb3c9ba35ea0936 ncacn_ip_tcp: 116.6.193.194:6130 ncalrpc: OLEA054A2219F3248D9A6C054327BD8 ncalrpc: LRPC-85885996e16812d259 ncacn_ip_tcp: 116.6.193.194:6141 ncalrpc: OLE07529BFB7A8E4C668A7BB5389E23 ncalrpc: LRPC-85885996e16812d259 ncacn_ip_tcp: 116.6.193.194:6141 ncalrpc: OLE07529BFB7A8E4C668A7BB5389E23 ncalrpc: LRPC-d00e00f446f0c31af9 ncacn_ip_tcp: 116.6.193.194:6176 ncalrpc: OLEA9E0D3FDAC23464A9218D934995F ncalrpc: LRPC-d00e00f446f0c31af9 ncacn_ip_tcp: 116.6.193.194:6176 ncalrpc: OLEA9E0D3FDAC23464A9218D934995F ncalrpc: LRPC-50139fcde8949d9e0f ncacn_ip_tcp: 116.6.193.194:6182 ncalrpc: OLEC0A4D07CD31846A786ACA87691E0 ncalrpc: LRPC-50139fcde8949d9e0f ncacn_ip_tcp: 116.6.193.194:6182 ncalrpc: OLEC0A4D07CD31846A786ACA87691E0 ncacn_ip_tcp: 116.6.193.194:6183 ncalrpc: LRPC-256dcbf1d051f4876f ncalrpc: OLE5546053108664121A529227F84B1 ncacn_ip_tcp: 116.6.193.194:6183 ncalrpc: LRPC-256dcbf1d051f4876f ncalrpc: OLE5546053108664121A529227F84B1 ncalrpc: LRPC-acf8dead41b2656b24 ncacn_ip_tcp: 116.6.193.194:6197 ncalrpc: OLEE5AE7F51426B4F788580C8A26635 ncalrpc: LRPC-acf8dead41b2656b24 ncacn_ip_tcp: 116.6.193.194:6197 ncalrpc: OLEE5AE7F51426B4F788580C8A26635 ncalrpc: LRPC-1577303f7be6161e8b ncacn_ip_tcp: 116.6.193.194:6200 ncalrpc: OLEBC17295F928E41029C5DE575FE8F ncalrpc: LRPC-1577303f7be6161e8b ncacn_ip_tcp: 116.6.193.194:6200 ncalrpc: OLEBC17295F928E41029C5DE575FE8F ncalrpc: LRPC-c0c2a8cf5d51c56072 ncacn_ip_tcp: 116.6.193.194:6219 ncalrpc: OLE743A2446A4EF42FDADE6BA49B505 ncalrpc: LRPC-c0c2a8cf5d51c56072 ncacn_ip_tcp: 116.6.193.194:6219 ncalrpc: OLE743A2446A4EF42FDADE6BA49B505 ncalrpc: LRPC-b1d54b3d5de8977006 ncacn_ip_tcp: 116.6.193.194:6231 ncalrpc: OLEA1F1CFB0F5224FE8A3E533F9C68A ncalrpc: LRPC-b1d54b3d5de8977006 ncacn_ip_tcp: 116.6.193.194:6231 ncalrpc: OLEA1F1CFB0F5224FE8A3E533F9C68A ncalrpc: LRPC-9659362e660ed0628c ncacn_ip_tcp: 116.6.193.194:6244 ncalrpc: OLEF8C2F47B7C974A1D9196AEAEF868 ncalrpc: LRPC-9659362e660ed0628c ncacn_ip_tcp: 116.6.193.194:6244 ncalrpc: OLEF8C2F47B7C974A1D9196AEAEF868 ncalrpc: LRPC-d764c8cbedd1dc1417 ncacn_ip_tcp: 116.6.193.194:6268 ncalrpc: OLE5F345A633B134206A995B5A0D609 ncalrpc: LRPC-d764c8cbedd1dc1417 ncacn_ip_tcp: 116.6.193.194:6268 ncalrpc: OLE5F345A633B134206A995B5A0D609 ncalrpc: LRPC-34103c1db945adea7b ncacn_ip_tcp: 116.6.193.194:6378 ncalrpc: OLEECFC3852B340459393989F139DF1 ncalrpc: LRPC-34103c1db945adea7b ncacn_ip_tcp: 116.6.193.194:6378 ncalrpc: OLEECFC3852B340459393989F139DF1 ncalrpc: LRPC-047e81d0ead8e94ca5 ncacn_ip_tcp: 116.6.193.194:6479 ncalrpc: OLE4934578545384B99BC38BF23B889 ncalrpc: LRPC-047e81d0ead8e94ca5 ncacn_ip_tcp: 116.6.193.194:6479 ncalrpc: OLE4934578545384B99BC38BF23B889 ncalrpc: LRPC-29afa3ef4973f23388 ncacn_ip_tcp: 116.6.193.194:9496 ncalrpc: OLE51D1D4A2AD564E39AE4CCFF65EF4 ncalrpc: LRPC-29afa3ef4973f23388 ncacn_ip_tcp: 116.6.193.194:9496 ncalrpc: OLE51D1D4A2AD564E39AE4CCFF65EF4 ncalrpc: LRPC-8dcab0d750aee8cd23 ncacn_ip_tcp: 116.6.193.194:9507 ncalrpc: OLE4B12531A5DD84BB8B9CE8F45CB0E ncalrpc: LRPC-8dcab0d750aee8cd23 ncacn_ip_tcp: 116.6.193.194:9507 ncalrpc: OLE4B12531A5DD84BB8B9CE8F45CB0E ncalrpc: LRPC-940f5ae877d3616956 ncacn_ip_tcp: 116.6.193.194:64058 ncalrpc: OLE3970F79FBE40469C81DDEAE92898 ncalrpc: LRPC-940f5ae877d3616956 ncacn_ip_tcp: 116.6.193.194:64058 ncalrpc: OLE3970F79FBE40469C81DDEAE92898 ncalrpc: LRPC-7d6be0af6e7b5f20ec ncacn_ip_tcp: 116.6.193.194:64095 ncalrpc: OLE6FA31A58CE424100BC2B8090D7B8 ncacn_ip_tcp: 116.6.193.194:25730 ncalrpc: LRPC-9d3ff4a79e7c39fc51 ncalrpc: OLE6FA31A58CE424100BC2B8090D7B8 ncacn_ip_tcp: 116.6.193.194:25730 ncalrpc: LRPC-9d3ff4a79e7c39fc51 ncalrpc: OLEEC71E290FC304B9BBBB239353ED5 ncacn_ip_tcp: 116.6.193.194:23840 ncalrpc: LRPC-497c56ec4c79a36999 ncalrpc: OLEEC71E290FC304B9BBBB239353ED5 ncacn_ip_tcp: 116.6.193.194:23840 ncalrpc: LRPC-497c56ec4c79a36999 ncalrpc: OLE1AE7395F654B4851A8E2DD24451B ncacn_ip_tcp: 116.6.193.194:52913 ncalrpc: LRPC-9dddc88b864ceaffbc ncalrpc: OLE1AE7395F654B4851A8E2DD24451B ncacn_ip_tcp: 116.6.193.194:52913 ncalrpc: LRPC-9dddc88b864ceaffbc ncalrpc: OLE3C6D6F6D84A64D82AF518B329722 ncacn_ip_tcp: 116.6.193.194:47567 ncalrpc: LRPC-d2512168caf2af6abd ncalrpc: OLE3C6D6F6D84A64D82AF518B329722 ncacn_ip_tcp: 116.6.193.194:47567 ncalrpc: LRPC-d2512168caf2af6abd ncalrpc: OLEB6BB7BE4F91D46418B9A87B895B3 ncacn_ip_tcp: 116.6.193.194:61536 ncalrpc: LRPC-e61b647a61b6b4e3e4 ncalrpc: OLEB6BB7BE4F91D46418B9A87B895B3 ncacn_ip_tcp: 116.6.193.194:61536 ncalrpc: LRPC-e61b647a61b6b4e3e4 ncalrpc: OLE45693F0B32264AFDA4BEC1BFE2CA ncacn_ip_tcp: 116.6.193.194:64286 ncalrpc: LRPC-13df5af4ec291c109f ncalrpc: OLE45693F0B32264AFDA4BEC1BFE2CA ncacn_ip_tcp: 116.6.193.194:64286 ncalrpc: LRPC-13df5af4ec291c109f ncalrpc: OLE6B2DBAA1A335460A924710367B91 ncacn_ip_tcp: 116.6.193.194:64095 ncalrpc: LRPC-7d6be0af6e7b5f20ec ncalrpc: OLE6B2DBAA1A335460A924710367B91 e0c98683-720d-4139-b106-a4b13a290d6f version: v1.0 ncalrpc: LRPC-11de1ac7eaa3b3ed37 ncacn_ip_tcp: 116.6.193.194:6109 ncalrpc: OLE3EFAB76ADADF451FBE9E6F842ECF 1a71d6b4-89ff-40cb-ae84-0244ab866151 version: v1.0 ncalrpc: LRPC-11de1ac7eaa3b3ed37 ncacn_ip_tcp: 116.6.193.194:6109 ncalrpc: OLE3EFAB76ADADF451FBE9E6F842ECF f1f21151-7185-4170-ac8d-9bb077c29bd3 version: v1.0 ncalrpc: LRPC-17d385cc3c45050ab1 ncacn_ip_tcp: 116.6.193.194:6116 ncalrpc: OLEA517C449582C48AAB0FDC05C7172 5a4d59fe-42ac-4c6e-b554-b12c6af35956 version: v1.0 ncalrpc: LRPC-85885996e16812d259 ncacn_ip_tcp: 116.6.193.194:6141 ncalrpc: OLE07529BFB7A8E4C668A7BB5389E23 4a020372-bb0a-4031-a5a7-7c6896522c00 version: v1.0 ncalrpc: LRPC-d00e00f446f0c31af9 ncacn_ip_tcp: 116.6.193.194:6176 ncalrpc: OLEA9E0D3FDAC23464A9218D934995F 76c0d124-a18e-49d4-adf1-d8c6ba868ea6 version: v1.0 ncalrpc: LRPC-d00e00f446f0c31af9 ncacn_ip_tcp: 116.6.193.194:6176 ncalrpc: OLEA9E0D3FDAC23464A9218D934995F 31e68719-d4fc-401a-8788-bc56169a336b version: v0.256 ncacn_ip_tcp: 116.6.193.194:6183 ncalrpc: LRPC-256dcbf1d051f4876f ncalrpc: OLE5546053108664121A529227F84B1 df831451-edad-415d-905f-9d3793f92db3 version: v0.20736 annotation: Exchange Server STORE EmsmdbMT Proxy Interface ncacn_ip_tcp: 116.6.193.194:6183 ncalrpc: LRPC-256dcbf1d051f4876f ncalrpc: OLE5546053108664121A529227F84B1 9b48e5eb-b4cd-4b6d-ae73-656e0a777bda version: v0.256 annotation: Exchange Server STORE EmsmdbPoolNotify Proxy Interface ncacn_ip_tcp: 116.6.193.194:6183 ncalrpc: LRPC-256dcbf1d051f4876f ncalrpc: OLE5546053108664121A529227F84B1 ncalrpc: LRPC-34103c1db945adea7b ncacn_ip_tcp: 116.6.193.194:6378 ncalrpc: OLEECFC3852B340459393989F139DF1 ncalrpc: LRPC-29afa3ef4973f23388 ncacn_ip_tcp: 116.6.193.194:9496 ncalrpc: OLE51D1D4A2AD564E39AE4CCFF65EF4 ncalrpc: LRPC-8dcab0d750aee8cd23 ncacn_ip_tcp: 116.6.193.194:9507 ncalrpc: OLE4B12531A5DD84BB8B9CE8F45CB0E 938fe036-ede6-4f6c-966e-a3d7300279c8 version: v0.256 annotation: Exchange Server STORE EmsmdbPool Proxy Interface ncacn_ip_tcp: 116.6.193.194:6183 ncalrpc: LRPC-256dcbf1d051f4876f ncalrpc: OLE5546053108664121A529227F84B1 ncalrpc: LRPC-34103c1db945adea7b ncacn_ip_tcp: 116.6.193.194:6378 ncalrpc: OLEECFC3852B340459393989F139DF1 ncalrpc: LRPC-29afa3ef4973f23388 ncacn_ip_tcp: 116.6.193.194:9496 ncalrpc: OLE51D1D4A2AD564E39AE4CCFF65EF4 ncalrpc: LRPC-8dcab0d750aee8cd23 ncacn_ip_tcp: 116.6.193.194:9507 ncalrpc: OLE4B12531A5DD84BB8B9CE8F45CB0E da107c01-2b50-44d7-9d5f-bfd4fd8e95ed version: v5.0 annotation: Exchange Server STORE Admin50 Proxy Interface ncacn_ip_tcp: 116.6.193.194:6183 ncalrpc: LRPC-256dcbf1d051f4876f ncalrpc: OLE5546053108664121A529227F84B1 ncalrpc: LRPC-34103c1db945adea7b ncacn_ip_tcp: 116.6.193.194:6378 ncalrpc: OLEECFC3852B340459393989F139DF1 ncalrpc: LRPC-29afa3ef4973f23388 ncacn_ip_tcp: 116.6.193.194:9496 ncalrpc: OLE51D1D4A2AD564E39AE4CCFF65EF4 ncalrpc: LRPC-8dcab0d750aee8cd23 ncacn_ip_tcp: 116.6.193.194:9507 ncalrpc: OLE4B12531A5DD84BB8B9CE8F45CB0E 99e64010-b032-11d0-97a4-00c04fd6551d version: v4.0 annotation: Exchange Server STORE Admin40 Proxy Interface ncacn_ip_tcp: 116.6.193.194:6183 ncalrpc: LRPC-256dcbf1d051f4876f ncalrpc: OLE5546053108664121A529227F84B1 ncalrpc: LRPC-34103c1db945adea7b ncacn_ip_tcp: 116.6.193.194:6378 ncalrpc: OLEECFC3852B340459393989F139DF1 ncalrpc: LRPC-29afa3ef4973f23388 ncacn_ip_tcp: 116.6.193.194:9496 ncalrpc: OLE51D1D4A2AD564E39AE4CCFF65EF4 ncalrpc: LRPC-8dcab0d750aee8cd23 ncacn_ip_tcp: 116.6.193.194:9507 ncalrpc: OLE4B12531A5DD84BB8B9CE8F45CB0E 89742ace-a9ed-11cf-9c0c-08002be7ae86 version: v2.0 annotation: Exchange Server STORE Admin20 Proxy Interface ncacn_ip_tcp: 116.6.193.194:6183 ncalrpc: LRPC-256dcbf1d051f4876f ncalrpc: OLE5546053108664121A529227F84B1 ncalrpc: LRPC-34103c1db945adea7b ncacn_ip_tcp: 116.6.193.194:6378 ncalrpc: OLEECFC3852B340459393989F139DF1 ncalrpc: LRPC-29afa3ef4973f23388 ncacn_ip_tcp: 116.6.193.194:9496 ncalrpc: OLE51D1D4A2AD564E39AE4CCFF65EF4 ncalrpc: LRPC-8dcab0d750aee8cd23 ncacn_ip_tcp: 116.6.193.194:9507 ncalrpc: OLE4B12531A5DD84BB8B9CE8F45CB0E f224209f-9076-40f7-98ad-5416dbfa178e version: v3.0 ncalrpc: LRPC-499d815341d2195823 ncacn_ip_tcp: 116.6.193.194:6228 ncalrpc: OLE4E6FDBFC61B84BAAA4ECCBC8860D 37fc1b02-da36-4b27-a745-bf2f58a98ff6 version: v3.0 ncalrpc: LRPC-499d815341d2195823 ncacn_ip_tcp: 116.6.193.194:6228 ncalrpc: OLE4E6FDBFC61B84BAAA4ECCBC8860D 8fd9e884-86a5-4b2f-bc7c-2adaa75d0469 version: v1.0 ncalrpc: LRPC-b1d54b3d5de8977006 ncacn_ip_tcp: 116.6.193.194:6231 ncalrpc: OLEA1F1CFB0F5224FE8A3E533F9C68A 245a2854-fcdf-4215-adf4-0b4c364e79fb version: v1.0 ncalrpc: LRPC-b1d54b3d5de8977006 ncacn_ip_tcp: 116.6.193.194:6231 ncalrpc: OLEA1F1CFB0F5224FE8A3E533F9C68A d014c423-0d54-40a3-90dc-56c7a6071e6f version: v1.0 ncalrpc: LRPC-b1d54b3d5de8977006 ncacn_ip_tcp: 116.6.193.194:6231 ncalrpc: OLEA1F1CFB0F5224FE8A3E533F9C68A 37c6221b-cc4b-47ae-8366-7449f2fe9a06 version: v1.0 ncalrpc: LRPC-b1d54b3d5de8977006 ncacn_ip_tcp: 116.6.193.194:6231 ncalrpc: OLEA1F1CFB0F5224FE8A3E533F9C68A 20434699-5e7e-47d6-95f6-698c4a0ec2f0 version: v1.0 ncalrpc: LRPC-b1d54b3d5de8977006 ncacn_ip_tcp: 116.6.193.194:6231 ncalrpc: OLEA1F1CFB0F5224FE8A3E533F9C68A d9318e75-8a8b-4abb-88e7-aceb01f09e60 version: v1.0 ncalrpc: LRPC-b1d54b3d5de8977006 ncacn_ip_tcp: 116.6.193.194:6231 ncalrpc: OLEA1F1CFB0F5224FE8A3E533F9C68A 4d88f820-8c32-4453-9e30-7297e2fcf025 version: v1.0 ncalrpc: LRPC-1adbcbb9282a0de3f9 ncacn_ip_tcp: 116.6.193.194:6252 ncalrpc: OLE67B828D9048D4D01A0A568AFCA59 52d3f3f5-248c-4d74-a01f-a06e41d5cd59 version: v1.0 ncalrpc: LRPC-62c1f94171f9584863 ncacn_ip_tcp: 116.6.193.194:6261 ncalrpc: OLE0BE32DDADCC440209BE2D6B91421 75f47e04-c7c9-411e-a9eb-080b174b03a9 version: v1.0 ncalrpc: LRPC-63134e154ade656f67 ncacn_ip_tcp: 116.6.193.194:6328 ncalrpc: OLE06B16A9D27B243C09B7DFF34D3AE ea0c3893-d1fd-4fb3-82d0-8e9a86486dc5 version: v2.0 ncalrpc: LRPC-63134e154ade656f67 ncacn_ip_tcp: 116.6.193.194:6328 ncalrpc: OLE06B16A9D27B243C09B7DFF34D3AE f2d0ca50-457a-4d87-ab1e-45f3a324993f version: v1.0 ncalrpc: LRPC-63134e154ade656f67 ncacn_ip_tcp: 116.6.193.194:6328 ncalrpc: OLE06B16A9D27B243C09B7DFF34D3AE 6f08d61c-fd57-42b0-bb11-f30aedaca66e version: v1.0 ncalrpc: LRPC-63134e154ade656f67 ncacn_ip_tcp: 116.6.193.194:6328 ncalrpc: OLE06B16A9D27B243C09B7DFF34D3AE d3444dd6-ee15-4564-83fc-0b16b8f5e8d4 version: v1.0 ncalrpc: LRPC-63134e154ade656f67 ncacn_ip_tcp: 116.6.193.194:6328 ncalrpc: OLE06B16A9D27B243C09B7DFF34D3AE 8879d5aa-30a7-4eb2-9023-bec055dbe648 version: v1.0 ncalrpc: LRPC-63134e154ade656f67 ncacn_ip_tcp: 116.6.193.194:6328 ncalrpc: OLE06B16A9D27B243C09B7DFF34D3AE e62eb024-ee96-4d89-b24a-746cf02a3e98 version: v1.0 ncalrpc: LRPC-63134e154ade656f67 ncacn_ip_tcp: 116.6.193.194:6328 ncalrpc: OLE06B16A9D27B243C09B7DFF34D3AE 1febdc2a-1734-4e06-8998-ed919c26ad43 version: v2.0 ncalrpc: LRPC-63134e154ade656f67 ncacn_ip_tcp: 116.6.193.194:6328 ncalrpc: OLE06B16A9D27B243C09B7DFF34D3AE a9e05b20-6f57-4e24-a540-52412017e6ff version: v1.0 annotation: a09e299e-4b22-4718-bcf5-af5b290c2153 ncalrpc: LRPC-34103c1db945adea7b ncacn_ip_tcp: 116.6.193.194:6378 ncalrpc: OLEECFC3852B340459393989F139DF1 ncalrpc: LRPC-29afa3ef4973f23388 ncacn_ip_tcp: 116.6.193.194:9496 ncalrpc: OLE51D1D4A2AD564E39AE4CCFF65EF4 ncalrpc: LRPC-8dcab0d750aee8cd23 ncacn_ip_tcp: 116.6.193.194:9507 ncalrpc: OLE4B12531A5DD84BB8B9CE8F45CB0E 0e4a0156-dd5d-11d2-8c2f-00c04fb6bcde version: v1.0 annotation: a09e299e-4b22-4718-bcf5-af5b290c2153 ncalrpc: LRPC-34103c1db945adea7b ncacn_ip_tcp: 116.6.193.194:6378 ncalrpc: OLEECFC3852B340459393989F139DF1 ncalrpc: LRPC-29afa3ef4973f23388 ncacn_ip_tcp: 116.6.193.194:9496 ncalrpc: OLE51D1D4A2AD564E39AE4CCFF65EF4 ncalrpc: LRPC-8dcab0d750aee8cd23 ncacn_ip_tcp: 116.6.193.194:9507 ncalrpc: OLE4B12531A5DD84BB8B9CE8F45CB0E bf6dd426-77b4-44b3-984e-d413fc075562 version: v2.0 annotation: a09e299e-4b22-4718-bcf5-af5b290c2153 ncalrpc: LRPC-34103c1db945adea7b ncacn_ip_tcp: 116.6.193.194:6378 ncalrpc: OLEECFC3852B340459393989F139DF1 ncalrpc: LRPC-29afa3ef4973f23388 ncacn_ip_tcp: 116.6.193.194:9496 ncalrpc: OLE51D1D4A2AD564E39AE4CCFF65EF4 ncalrpc: LRPC-8dcab0d750aee8cd23 ncacn_ip_tcp: 116.6.193.194:9507 ncalrpc: OLE4B12531A5DD84BB8B9CE8F45CB0E 1453c42c-0fa6-11d2-a910-00c04f990f3b version: v1.0 annotation: a09e299e-4b22-4718-bcf5-af5b290c2153 ncalrpc: LRPC-34103c1db945adea7b ncacn_ip_tcp: 116.6.193.194:6378 ncalrpc: OLEECFC3852B340459393989F139DF1 ncalrpc: LRPC-29afa3ef4973f23388 ncacn_ip_tcp: 116.6.193.194:9496 ncalrpc: OLE51D1D4A2AD564E39AE4CCFF65EF4 ncalrpc: LRPC-8dcab0d750aee8cd23 ncacn_ip_tcp: 116.6.193.194:9507 ncalrpc: OLE4B12531A5DD84BB8B9CE8F45CB0E 10f24e8e-0fa6-11d2-a910-00c04f990f3b version: v1.0 annotation: a09e299e-4b22-4718-bcf5-af5b290c2153 ncalrpc: LRPC-34103c1db945adea7b ncacn_ip_tcp: 116.6.193.194:6378 ncalrpc: OLEECFC3852B340459393989F139DF1 ncalrpc: LRPC-29afa3ef4973f23388 ncacn_ip_tcp: 116.6.193.194:9496 ncalrpc: OLE51D1D4A2AD564E39AE4CCFF65EF4 ncalrpc: LRPC-8dcab0d750aee8cd23 ncacn_ip_tcp: 116.6.193.194:9507 ncalrpc: OLE4B12531A5DD84BB8B9CE8F45CB0E 41f5fae1-e0ac-414c-a721-0d287466cb23 version: v1.0 ncalrpc: LRPC-047e81d0ead8e94ca5 ncacn_ip_tcp: 116.6.193.194:6479 ncalrpc: OLE4934578545384B99BC38BF23B889 640aa52e-d472-443a-952c-4d3fe97f480c version: v1.0 ncalrpc: LRPC-047e81d0ead8e94ca5 ncacn_ip_tcp: 116.6.193.194:6479 ncalrpc: OLE4934578545384B99BC38BF23B889 bd5790c9-d855-42b0-990f-3dfed8c184b3 version: v1.0 ncalrpc: LRPC-047e81d0ead8e94ca5 ncacn_ip_tcp: 116.6.193.194:6479 ncalrpc: OLE4934578545384B99BC38BF23B889 8384fc47-956a-4d1e-ab2a-1205014f96ec version: v1.0 ncalrpc: LRPC-047e81d0ead8e94ca5 ncacn_ip_tcp: 116.6.193.194:6479 ncalrpc: OLE4934578545384B99BC38BF23B889 367abb81-9844-35f1-ad32-98f038001003 version: v2.0 protocol: [MS-SCMR]: Service Control Manager Remote Protocol provider: services.exe ncacn_ip_tcp: 116.6.193.194:6540 12345678-1234-abcd-ef00-0123456789ab version: v1.0 annotation: IPSec Policy agent endpoint protocol: [MS-RPRN]: Print System Remote Protocol provider: spoolsv.exe ncalrpc: LRPC-c65720161c66577aa7 897e2e5f-93f3-4376-9c9c-fd2277495c27 version: v1.0 annotation: Frs2 Service protocol: [MS-FRS2]: Distributed File System Replication Protocol provider: dfsrmig.exe ncacn_ip_tcp: 116.6.193.194:5722 ncalrpc: OLED1D3E759829C4211A1A0EBB9059D 12e65dd8-887f-41ef-91bf-8d816c42c2e7 version: v1.0 annotation: Secure Desktop LRPC interface provider: winlogon.exe ncalrpc: WMsgKRpc01EBEDC2 91ae6020-9e3c-11cf-8d7c-00aa00c091be version: v0.0 protocol: [MS-ICPR]: ICertPassage Remote Protocol provider: certsrv.exe ncacn_ip_tcp: 116.6.193.194:63314 ncacn_np: \\MAILSERVER\pipe\cert ncalrpc: OLE9902027FA789467581E75BB8373B 5261574a-4572-206e-b268-6b199213b4e4 version: v0.256 protocol: [MS-OXCRPC]: Wire Format Protocol ncalrpc: OLE6FA31A58CE424100BC2B8090D7B8 ncacn_ip_tcp: 116.6.193.194:25730 ncalrpc: LRPC-9d3ff4a79e7c39fc51 ncacn_ip_http: 116.6.193.194:6001 a4f1db00-ca47-1067-b31f-00dd010662da version: v0.20736 protocol: [MS-OXCRPC]: Wire Format Protocol ncalrpc: OLE6FA31A58CE424100BC2B8090D7B8 ncacn_ip_tcp: 116.6.193.194:25730 ncalrpc: LRPC-9d3ff4a79e7c39fc51 ncacn_ip_http: 116.6.193.194:6001 ba3fa067-8d56-4b56-ba1f-9cbae8db3478 version: v1.0 ncalrpc: OLE6FA31A58CE424100BC2B8090D7B8 ncacn_ip_tcp: 116.6.193.194:25730 ncalrpc: LRPC-9d3ff4a79e7c39fc51 ncacn_ip_http: 116.6.193.194:6001 1544f5e0-613c-11d1-93df-00c04fd7bd09 version: v1.0 annotation: Microsoft Exchange RFR Interface protocol: [MS-OXABREF]: Address Book Name Service Provider Interface (NSPI) Referral Protocol ncalrpc: OLE6FA31A58CE424100BC2B8090D7B8 ncacn_ip_tcp: 116.6.193.194:25730 ncalrpc: LRPC-9d3ff4a79e7c39fc51 ncacn_ip_http: 116.6.193.194:6001 ecca92d9-07d1-4136-87f7-2ac4109337ee version: v4.0 ncalrpc: OLE3C6D6F6D84A64D82AF518B329722 ncacn_ip_tcp: 116.6.193.194:47567 ncalrpc: LRPC-d2512168caf2af6abd 906b0ce0-c70b-1067-b317-00dd010662da version: v1.0 protocol: [MS-CMPO]: MSDTC Connection Manager: provider: msdtcprx.dll ncalrpc: LRPC-67e2837482e81a6f0e ncalrpc: LRPC-67e2837482e81a6f0e ncalrpc: LRPC-67e2837482e81a6f0e ncalrpc: LRPC-67e2837482e81a6f0e
-757264002 | 2024-10-05T12:41:10.491734139 / tcp
\x83\x00\x00\x01\x8f
-1522538898 | 2024-10-10T04:08:34.781870389 / tcp
LDAP: CurrentTime: 20241010040800.0Z SubschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=zstmb,DC=com DsServiceName: CN=NTDS Settings,CN=MAILSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=zstmb,DC=com NamingContexts: CN=Configuration,DC=zstmb,DC=com CN=Schema,CN=Configuration,DC=zstmb,DC=com DC=DomainDnsZones,DC=zstmb,DC=com DC=ForestDnsZones,DC=zstmb,DC=com DC=zstmb,DC=com DefaultNamingContext: DC=zstmb,DC=com SchemaNamingContext: CN=Schema,CN=Configuration,DC=zstmb,DC=com ConfigurationNamingContext: CN=Configuration,DC=zstmb,DC=com RootDomainNamingContext: DC=zstmb,DC=com SupportedControl: 1.2.840.113556.1.4.1338 1.2.840.113556.1.4.1339 1.2.840.113556.1.4.1340 1.2.840.113556.1.4.1341 1.2.840.113556.1.4.1413 1.2.840.113556.1.4.1504 1.2.840.113556.1.4.1852 1.2.840.113556.1.4.1907 1.2.840.113556.1.4.1948 1.2.840.113556.1.4.1974 1.2.840.113556.1.4.2026 1.2.840.113556.1.4.2064 1.2.840.113556.1.4.2065 1.2.840.113556.1.4.2066 1.2.840.113556.1.4.319 1.2.840.113556.1.4.417 1.2.840.113556.1.4.473 1.2.840.113556.1.4.474 1.2.840.113556.1.4.521 1.2.840.113556.1.4.528 1.2.840.113556.1.4.529 1.2.840.113556.1.4.619 1.2.840.113556.1.4.801 1.2.840.113556.1.4.802 1.2.840.113556.1.4.805 1.2.840.113556.1.4.841 1.2.840.113556.1.4.970 2.16.840.1.113730.3.4.10 2.16.840.1.113730.3.4.9 SupportedLDAPVersion: 2 3 SupportedLDAPPolicies: InitRecvTimeout MaxConnIdleTime MaxConnections MaxDatagramRecv MaxNotificationPerConn MaxPageSize MaxPoolThreads MaxQueryDuration MaxReceiveBuffer MaxResultSetSize MaxResultSetsPerConn MaxTempTableSize MaxValRange MinResultSets SystemMemoryLimitPercent ThreadMemoryLimit HighestCommittedUSN: 100389565 SupportedSASLMechanisms: DIGEST-MD5 EXTERNAL GSS-SPNEGO GSSAPI DnsHostName: MailServer.zstmb.com LdapServiceName: zstmb.com:mailserver$@ZSTMB.COM ServerName: CN=MAILSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=zstmb,DC=com SupportedCapabilities: 1.2.840.113556.1.4.1670 1.2.840.113556.1.4.1791 1.2.840.113556.1.4.1935 1.2.840.113556.1.4.2080 1.2.840.113556.1.4.800 IsSynchronized: TRUE IsGlobalCatalogReady: TRUE SupportedExtension: 1.2.840.113556.1.4.1781 1.3.6.1.4.1.1466.101.119.1 1.3.6.1.4.1.1466.20037 1.3.6.1.4.1.4203.1.11.3 DomainFunctionality: 4 ForestFunctionality: 4
-1002285680 | 2024-10-25T08:48:36.307469443 / tcp
HTTP/1.1 200 OK Cache-Control: no-cache, no-store Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: -1 Server: Microsoft-IIS/7.5 request-id: d859505b-fd99-424c-bf82-b72593ec88d2 Set-Cookie: ClientId=3DD477A2BCB84805AB713DE98DC3CDCC; expires=Sat, 25-Oct-2025 08:48:00 GMT; path=/; HttpOnly X-Frame-Options: SAMEORIGIN X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET Date: Fri, 25 Oct 2024 08:48:00 GMT Content-Length: 56798 Microsoft Exchange: Build Number: 15.0.1178
Certificate: Data: Version: 3 (0x2) Serial Number: 15:49:ff:21:00:00:00:00:00:17 Signature Algorithm: sha1WithRSAEncryption Issuer: DC=com, DC=zstmb, CN=zstmb-MAILSERVER-CA Validity Not Before: Feb 3 00:48:35 2024 GMT Not After : Feb 2 00:48:35 2026 GMT Subject: C=CN, ST=\xE5\xB9\xBF\xE4\xB8\x9C\xE7\x9C\x81, L=\xE4\xB8\xAD\xE5\xB1\xB1\xE5\xB8\x82, O=TMB, OU=IT, CN=mail.zstmb.com Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:ce:a0:43:ca:17:e7:f9:41:48:51:18:fa:fb:72: db:ac:fa:6d:ab:58:75:96:1e:55:7d:d9:d7:64:64: 0c:cf:63:7c:5e:35:31:36:e6:6e:a1:4a:44:90:e2: bc:46:f5:b1:24:da:97:51:01:54:f0:9e:48:29:dd: 85:d1:23:2d:ba:4d:93:81:df:d4:5c:fc:58:06:04: 2c:f0:25:4c:0a:19:b4:69:90:62:8e:d0:e9:14:89: 8c:80:df:83:58:38:17:6f:cf:e9:1d:d9:f8:c4:8d: bc:eb:38:c3:07:c2:48:a9:63:f4:e5:47:1f:86:3a: 4e:de:39:b6:a8:a9:8b:78:e5:ab:c4:fd:02:f9:2f: a7:9f:30:4b:47:59:e8:e3:51:a4:97:05:39:56:33: f7:3c:e8:97:f7:7c:22:9f:4b:9d:b4:ff:d5:2e:18: 1e:76:e8:18:50:85:e9:e5:fe:a6:96:3c:68:83:d9: e3:2f:17:4c:c0:de:19:0c:ab:af:21:1d:89:4b:7e: 21:47:3f:57:32:1a:8f:98:50:52:44:50:85:5e:fd: 04:5d:74:1d:58:32:e1:40:8e:cb:2b:4c:bc:9a:d9: 80:0e:db:32:fa:ac:35:a2:27:a6:24:b5:89:e8:2e: fa:dd:29:b1:6b:3f:92:81:2e:1e:5a:13:ef:f6:e2: fc:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Subject Key Identifier: D6:35:2A:BF:F4:A5:0D:92:D6:53:D3:4C:76:CF:14:79:9B:D7:85:AA X509v3 Subject Alternative Name: DNS:mail.zstmb.com, DNS:mailserver.zstmb.com, DNS:AutoDiscover.zstmb.com, DNS:MailServer, DNS:zstmb.com X509v3 Authority Key Identifier: C8:30:76:BD:C0:BE:5B:15:B1:3E:1F:8B:53:DF:2C:5E:14:FD:4B:55 X509v3 CRL Distribution Points: Full Name: URI:ldap:///CN=zstmb-MAILSERVER-CA,CN=MailServer,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=zstmb,DC=com?certificateRevocationList?base?objectClass=cRLDistributionPoint Authority Information Access: CA Issuers - URI:ldap:///CN=zstmb-MAILSERVER-CA,CN=AIA,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=zstmb,DC=com?cACertificate?base?objectClass=certificationAuthority 1.3.6.1.4.1.311.20.2: ...W.e.b.S.e.r.v.e.r X509v3 Extended Key Usage: TLS Web Server Authentication Signature Algorithm: sha1WithRSAEncryption Signature Value: 5a:4f:09:a9:8f:e6:58:ce:32:29:aa:c5:16:21:b8:07:47:a9: d0:93:85:05:bc:ec:96:2f:2e:74:81:ca:b8:c7:1f:fc:aa:04: 22:0f:05:6b:bd:55:0b:1f:45:ee:7a:1c:c8:ee:60:fa:55:09: 08:b8:88:21:97:6e:b0:e7:b2:30:d6:2f:5d:bf:a7:f5:4a:dd: 85:fb:7e:34:ae:bd:bb:86:a6:b9:b7:d4:9d:80:4b:e0:76:d0: 7e:bd:7f:12:7f:65:15:4d:a4:db:7c:b2:77:f5:29:48:bc:ba: 16:19:6b:0d:ee:47:f5:e7:49:03:8a:8b:13:e1:9a:ec:ff:28: 5f:46:92:d1:8e:a3:d1:02:f4:b2:5f:d1:b6:ed:95:53:a2:1e: b7:33:95:0d:90:e6:9a:5d:83:21:67:06:0e:d2:e8:ef:c7:b9: 0f:93:02:07:35:88:42:96:fd:52:f8:3c:3d:be:a7:67:5c:89: 62:a6:5c:f6:24:53:1d:dd:bb:ae:67:48:31:21:e5:40:b3:b9: f1:82:f4:3b:bd:fc:08:61:a7:37:7d:44:7f:ba:8e:52:21:6b: df:61:c7:ad:40:73:49:08:d5:5c:5e:98:84:97:57:6b:55:2b: 20:b7:80:32:a4:9c:ca:94:7a:f8:81:64:46:48:40:4c:b3:0b: 76:80:e4:20
-1371438727 | 2024-10-04T12:50:11.194140444 / tcp
HTTP/1.1 401 Unauthorized Content-Type: text/html Server: Microsoft-IIS/7.5 X-Powered-By: ASP.NET Date: Fri, 04 Oct 2024 12:49:38 GMT Content-Length: 1181
Certificate: Data: Version: 3 (0x2) Serial Number: 16:98:bd:ed:2c:bb:96:88:4d:dc:9a:ad:80:48:0d:a0 Signature Algorithm: sha1WithRSAEncryption Issuer: CN=MailServer Validity Not Before: Apr 11 05:49:01 2024 GMT Not After : Apr 11 05:49:01 2029 GMT Subject: CN=MailServer Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:92:79:46:67:fa:5a:d8:fb:eb:a2:c1:f3:91:a4: e3:27:a7:76:db:f4:25:d7:d9:5e:ba:1a:1f:ed:97: fa:32:ef:2c:3a:3c:24:15:19:63:7f:c9:44:17:00: 6c:65:5b:84:cf:09:dc:93:32:66:94:f8:c9:cd:e0: 63:c4:f8:ad:02:22:13:aa:47:12:59:1d:7b:62:cb: ad:78:fd:75:87:d1:df:d5:5c:f3:bc:dc:5c:62:2a: 77:0d:72:d0:14:ba:2d:69:1f:7b:c1:c5:28:50:5f: df:34:1b:c0:6d:d7:6e:84:5a:89:e2:9b:bf:0e:fb: 35:b9:a1:75:62:c7:13:1c:21:35:10:d9:a9:92:4c: 24:6f:ce:6c:43:7a:9a:a6:cc:59:75:c9:3a:7e:ab: 60:06:2d:11:b9:50:72:99:a0:49:52:87:4b:12:44: 24:e5:9a:cb:f4:b7:b8:5e:4b:d5:28:78:b3:8b:7d: 5b:66:e1:d0:1e:fa:37:15:f8:20:ba:e4:d3:68:af: 9b:4c:12:c5:2f:41:de:a5:2f:b6:f1:64:9a:ff:97: 4c:45:e3:67:a1:1b:af:09:fe:e7:1d:4c:ee:2d:6b: f0:d5:c0:01:2e:0a:ac:92:6c:3b:65:23:dd:27:6b: d3:0e:0f:12:a5:da:b8:db:8a:ae:29:18:3b:a1:d4: dd:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Subject Alternative Name: DNS:MailServer, DNS:MailServer.zstmb.com X509v3 Extended Key Usage: TLS Web Server Authentication X509v3 Basic Constraints: critical CA:FALSE Signature Algorithm: sha1WithRSAEncryption Signature Value: 8a:9d:c6:20:72:47:33:ee:0d:a0:b2:0c:20:dd:2d:6e:6e:09: 7b:b7:3b:47:bc:8d:8c:d4:c8:9e:7a:7f:7f:6c:2e:1e:05:cd: 85:9c:cb:04:b4:46:aa:99:68:5a:71:6a:04:8b:cd:28:53:b9: 9c:97:1a:25:e1:1b:1f:c6:70:82:44:7c:cd:8f:6f:42:6d:af: 72:3d:af:80:6d:50:38:fa:ec:c3:02:87:b6:b0:f4:d4:8d:f2: 4a:95:0d:86:34:ec:74:71:9a:af:58:53:fb:02:68:b9:22:82: a0:fa:3b:6b:dc:c4:37:94:db:10:c9:fb:80:a8:0c:32:c8:42: bb:a5:c6:b1:af:5e:ca:cd:ad:f2:2d:9a:a2:0d:61:0a:a4:96: bc:ae:c1:df:10:e9:3b:ac:da:33:c0:18:ff:b4:70:57:1c:69: dc:ca:27:ba:05:b0:45:d9:cf:da:69:ea:1d:04:db:31:bf:1f: da:4d:a3:01:27:e3:83:b6:3f:0a:25:d3:6d:2c:53:1d:50:e2: f5:27:00:1c:8b:2a:7d:98:89:f0:c7:29:8f:3b:7e:ca:e8:da: 53:29:58:56:ee:b0:30:f3:19:36:ab:4e:fb:68:de:4f:ee:4c: 65:e9:2e:99:9b:83:c7:de:3c:89:bc:93:40:e7:3c:3a:2a:72: 27:76:09:ff
-354676754 | 2024-10-15T21:44:05.020853465 / tcp
220 MailServer.zstmb.com Microsoft ESMTP MAIL Service ready at Wed, 16 Oct 2024 05:44:02 +0800\r\n
-1372574349 | 2024-10-16T20:27:31.940657587 / tcp
220 MailServer.zstmb.com Microsoft ESMTP MAIL Service ready at Thu, 17 Oct 2024 04:27:21 +0800 250-MailServer.zstmb.com Hello [224.27.52.141] 250-SIZE 104857600 250-PIPELINING 250-DSN 250-ENHANCEDSTATUSCODES 250-STARTTLS 250-AUTH GSSAPI NTLM LOGIN 250-8BITMIME 250-BINARYMIME 250 CHUNKING SMTP NTLM Info: OS: Windows 7/Windows Server 2008 R2 OS Build: 6.1.7601 Target Name: ZSTMB NetBIOS Domain Name: ZSTMB NetBIOS Computer Name: MAILSERVER DNS Domain Name: zstmb.com DNS Tree Name: zstmb.com FQDN: MailServer.zstmb.com
-1602973008 | 2024-10-10T18:36:57.815657593 / tcp
ncacn_http/1.0 Microsoft RPC Endpoint Mapper over HTTP d95afe70-a6d5-4259-822e-2c84da1ddb0d version: v1.0 protocol: [MS-RSP]: Remote Shutdown Protocol provider: wininit.exe ncacn_ip_tcp: 116.6.193.194:6005 ncalrpc: WindowsShutdown ncacn_np: \\MAILSERVER\PIPE\InitShutdown ncalrpc: WMsgKRpc018CFD0 76f226c3-ec14-4325-8a99-6a46348418af version: v1.0 provider: winlogon.exe ncalrpc: WindowsShutdown ncacn_np: \\MAILSERVER\PIPE\InitShutdown ncalrpc: WMsgKRpc018CFD0 ncalrpc: WMsgKRpc01933A1 ncalrpc: WMsgKRpc016FA35D3 c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 version: v1.0 annotation: Impl friendly name provider: sysntfy.dll ncalrpc: LRPC-054ef73e591414dc5c ncacn_np: \\MAILSERVER\PIPE\srvsvc ncacn_ip_tcp: 116.6.193.194:6007 ncacn_np: \\MAILSERVER\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE264FC5863EAB4AB393DECB293369 ncalrpc: IUserProfile2 ncalrpc: senssvc ncalrpc: OLE264FC5863EAB4AB393DECB293369 ncalrpc: IUserProfile2 ncalrpc: OLE264FC5863EAB4AB393DECB293369 ncalrpc: IUserProfile2 ncalrpc: IUserProfile2 12e65dd8-887f-41ef-91bf-8d816c42c2e7 version: v1.0 annotation: Secure Desktop LRPC interface provider: winlogon.exe ncalrpc: WMsgKRpc01933A1 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5 version: v1.0 annotation: DHCP Client LRPC Endpoint provider: dhcpcsvc.dll ncalrpc: dhcpcsvc ncalrpc: dhcpcsvc6 ncacn_ip_tcp: 116.6.193.194:6006 ncacn_np: \\MAILSERVER\pipe\eventlog ncalrpc: eventlog 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6 version: v1.0 annotation: DHCPv6 Client LRPC Endpoint provider: dhcpcsvc6.dll ncalrpc: dhcpcsvc6 ncacn_ip_tcp: 116.6.193.194:6006 ncacn_np: \\MAILSERVER\pipe\eventlog ncalrpc: eventlog 30adc50c-5cbc-46ce-9a0e-91914789e23c version: v1.0 annotation: NRP server endpoint provider: nrpsrv.dll ncacn_ip_tcp: 116.6.193.194:6006 ncacn_np: \\MAILSERVER\pipe\eventlog ncalrpc: eventlog f6beaff7-1e19-4fbb-9f8f-b89e2018337c version: v1.0 annotation: Event log TCPIP protocol: [MS-EVEN6]: EventLog Remoting Protocol provider: wevtsvc.dll ncacn_ip_tcp: 116.6.193.194:6006 ncacn_np: \\MAILSERVER\pipe\eventlog ncalrpc: eventlog 30b044a5-a225-43f0-b3a4-e060df91f9c1 version: v1.0 provider: certprop.dll ncacn_np: \\MAILSERVER\PIPE\srvsvc ncacn_ip_tcp: 116.6.193.194:6007 ncacn_np: \\MAILSERVER\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE264FC5863EAB4AB393DECB293369 ncalrpc: IUserProfile2 552d076a-cb29-4e44-8b6a-d15e59e2c0af version: v1.0 annotation: IP Transition Configuration endpoint provider: iphlpsvc.dll ncacn_np: \\MAILSERVER\PIPE\srvsvc ncacn_ip_tcp: 116.6.193.194:6007 ncacn_np: \\MAILSERVER\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE264FC5863EAB4AB393DECB293369 ncalrpc: IUserProfile2 a398e520-d59a-4bdd-aa7a-3c1e0303a511 version: v1.0 annotation: IKE/Authip API provider: IKEEXT.DLL ncacn_np: \\MAILSERVER\PIPE\srvsvc ncacn_ip_tcp: 116.6.193.194:6007 ncacn_np: \\MAILSERVER\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE264FC5863EAB4AB393DECB293369 ncalrpc: IUserProfile2 98716d03-89ac-44c7-bb8c-285824e51c4a version: v1.0 annotation: XactSrv service provider: srvsvc.dll ncacn_ip_tcp: 116.6.193.194:6007 ncacn_np: \\MAILSERVER\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE264FC5863EAB4AB393DECB293369 ncalrpc: IUserProfile2 86d35949-83c9-4044-b424-db363231fd0c version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: schedsvc.dll ncacn_ip_tcp: 116.6.193.194:6007 ncacn_np: \\MAILSERVER\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE264FC5863EAB4AB393DECB293369 ncalrpc: IUserProfile2 378e52b0-c0a9-11cf-822d-00aa0051e40f version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: taskcomp.dll ncacn_np: \\MAILSERVER\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE264FC5863EAB4AB393DECB293369 ncalrpc: IUserProfile2 1ff70682-0a51-30e8-076d-740be8cee98b version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: taskcomp.dll ncacn_np: \\MAILSERVER\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE264FC5863EAB4AB393DECB293369 ncalrpc: IUserProfile2 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53 version: v1.0 provider: schedsvc.dll ncalrpc: senssvc ncalrpc: OLE264FC5863EAB4AB393DECB293369 ncalrpc: IUserProfile2 2eb08e3e-639f-4fba-97b1-14f878961076 version: v1.0 provider: gpsvc.dll ncalrpc: OLE264FC5863EAB4AB393DECB293369 ncalrpc: IUserProfile2 3473dd4d-2e88-4006-9cba-22570909dd10 version: v5.256 annotation: WinHttp Auto-Proxy Service ncacn_np: \\MAILSERVER\PIPE\W32TIME_ALT ncalrpc: W32TIME_ALT ncalrpc: LRPC-6b488033252f7da2c5 ncalrpc: OLE3E58D48A38B44EF5B6AD022EE080 7ea70bcf-48af-4f6a-8968-6a440754d5fa version: v1.0 annotation: NSI server endpoint provider: nsisvc.dll ncalrpc: LRPC-6b488033252f7da2c5 ncalrpc: OLE3E58D48A38B44EF5B6AD022EE080 2fb92682-6599-42dc-ae13-bd2ca89bd11c version: v1.0 annotation: Fw APIs provider: MPSSVC.dll ncalrpc: LRPC-e3a1d83d529d57b5d4 7f9d11bf-7fb9-436b-a812-b2d50c5d4c03 version: v1.0 annotation: Fw APIs provider: MPSSVC.dll ncalrpc: LRPC-e3a1d83d529d57b5d4 dd490425-5325-4565-b774-7e27d6c09c24 version: v1.0 annotation: Base Firewall Engine API provider: BFE.DLL ncalrpc: LRPC-e3a1d83d529d57b5d4 7f1343fe-50a9-4927-a778-0c5859517bac version: v1.0 annotation: DfsDs service ncacn_np: \\MAILSERVER\PIPE\wkssvc ncalrpc: DNSResolver b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86 version: v1.0 annotation: KeyIso provider: keyiso.dll ncacn_ip_tcp: 116.6.193.194:6011 ncacn_ip_http: 116.6.193.194:6010 ncalrpc: NTDS_LPC ncacn_ip_tcp: 116.6.193.194:6008 ncalrpc: OLE6B875E2275B34C6FAE7B41FD60E1 ncalrpc: samss lpc ncalrpc: dsrole ncacn_np: \\MAILSERVER\PIPE\protected_storage ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncalrpc: LRPC-3accba8e4b34c837d9 ncacn_np: \\MAILSERVER\pipe\lsass 12345678-1234-abcd-ef00-01234567cffb version: v1.0 protocol: [MS-NRPC]: Netlogon Remote Protocol provider: netlogon.dll ncacn_ip_tcp: 116.6.193.194:6011 ncacn_ip_http: 116.6.193.194:6010 ncalrpc: NTDS_LPC ncacn_ip_tcp: 116.6.193.194:6008 ncalrpc: OLE6B875E2275B34C6FAE7B41FD60E1 ncalrpc: samss lpc ncalrpc: dsrole ncacn_np: \\MAILSERVER\PIPE\protected_storage ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncalrpc: LRPC-3accba8e4b34c837d9 ncacn_np: \\MAILSERVER\pipe\lsass 12345778-1234-abcd-ef00-0123456789ac version: v1.0 protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol provider: samsrv.dll ncacn_ip_tcp: 116.6.193.194:6011 ncacn_ip_http: 116.6.193.194:6010 ncalrpc: NTDS_LPC ncacn_ip_tcp: 116.6.193.194:6008 ncalrpc: OLE6B875E2275B34C6FAE7B41FD60E1 ncalrpc: samss lpc ncalrpc: dsrole ncacn_np: \\MAILSERVER\PIPE\protected_storage ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncalrpc: LRPC-3accba8e4b34c837d9 ncacn_np: \\MAILSERVER\pipe\lsass 12345778-1234-abcd-ef00-0123456789ab version: v0.0 protocol: [MS-LSAT]: Local Security Authority (Translation Methods) Remote provider: lsasrv.dll ncacn_ip_http: 116.6.193.194:6010 ncalrpc: NTDS_LPC ncacn_ip_tcp: 116.6.193.194:6008 ncalrpc: OLE6B875E2275B34C6FAE7B41FD60E1 ncalrpc: samss lpc ncalrpc: dsrole ncacn_np: \\MAILSERVER\PIPE\protected_storage ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncalrpc: LRPC-3accba8e4b34c837d9 ncacn_np: \\MAILSERVER\pipe\lsass f5cc5a18-4264-101a-8c59-08002b2f8426 version: v56.0 annotation: MS NT Directory NSP Interface protocol: [MS-NSPI]: Name Service Provider Interface (NSPI) Protocol provider: ntdsai.dll ncacn_ip_http: 116.6.193.194:6010 ncalrpc: NTDS_LPC ncacn_ip_tcp: 116.6.193.194:6008 ncalrpc: OLE6B875E2275B34C6FAE7B41FD60E1 ncalrpc: samss lpc ncalrpc: dsrole ncacn_np: \\MAILSERVER\PIPE\protected_storage ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncalrpc: LRPC-3accba8e4b34c837d9 ncacn_np: \\MAILSERVER\pipe\lsass e3514235-4b06-11d1-ab04-00c04fc2dcd2 version: v4.0 annotation: MS NT Directory DRS Interface protocol: [MS-DRSR]: Directory Replication Service (DRS) Remote Protocol provider: ntdsai.dll ncacn_ip_http: 116.6.193.194:6010 ncalrpc: NTDS_LPC ncacn_ip_tcp: 116.6.193.194:6008 ncalrpc: OLE6B875E2275B34C6FAE7B41FD60E1 ncalrpc: samss lpc ncalrpc: dsrole ncacn_np: \\MAILSERVER\PIPE\protected_storage ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncalrpc: LRPC-3accba8e4b34c837d9 ncacn_np: \\MAILSERVER\pipe\lsass 4a452661-8290-4b36-8fbe-7f4093a94978 version: v1.0 annotation: Spooler function endpoint provider: spoolsv.exe ncalrpc: spoolss ae33069b-a2a8-46ee-a235-ddfd339be281 version: v1.0 annotation: Spooler base remote object endpoint protocol: [MS-PAN]: Print System Asynchronous Notification Protocol provider: spoolsv.exe ncalrpc: spoolss 0b6edbfa-4a24-4fc6-8a23-942b1eca65d1 version: v1.0 annotation: Spooler function endpoint protocol: [MS-PAN]: Print System Asynchronous Notification Protocol provider: spoolsv.exe ncalrpc: spoolss 50abc2a4-574d-40b3-9d66-ee4fd5fba076 version: v5.0 protocol: [MS-DNSP]: Domain Name Service (DNS) Server Management provider: dns.exe ncacn_ip_tcp: 116.6.193.194:6036 91ae6020-9e3c-11cf-8d7c-00aa00c091be version: v0.0 protocol: [MS-ICPR]: ICertPassage Remote Protocol provider: certsrv.exe ncacn_ip_tcp: 116.6.193.194:6039 ncacn_np: \\MAILSERVER\pipe\cert ncalrpc: OLEA79AD8949E0640C1A0E56671E562 12d4b7c8-77d5-11d1-8c24-00c04fa3080d version: v1.0 provider: lserver.dll ncacn_ip_tcp: 116.6.193.194:6051 ncacn_np: \\MAILSERVER\pipe\HydraLsPipe ncalrpc: LRPC-72ba8a3dc3ece2a074 3d267954-eeb7-11d1-b94e-00c04fa3080d version: v1.0 provider: lserver.dll ncacn_ip_tcp: 116.6.193.194:6051 ncacn_np: \\MAILSERVER\pipe\HydraLsPipe ncalrpc: LRPC-72ba8a3dc3ece2a074 e0c98683-720d-4139-b106-a4b13a290d6f version: v1.0 ncalrpc: LRPC-fc6c2e76927a1588d6 ncacn_ip_tcp: 116.6.193.194:6103 ncalrpc: OLEA70B69307D5040899FC90BDB80BD 1a71d6b4-89ff-40cb-ae84-0244ab866151 version: v1.0 ncalrpc: LRPC-fc6c2e76927a1588d6 ncacn_ip_tcp: 116.6.193.194:6103 ncalrpc: OLEA70B69307D5040899FC90BDB80BD 5df3c257-334b-4e96-9efb-a0619255be09 version: v1.0 annotation: 7704 MSExchangeDelivery ncalrpc: LRPC-59e348ac673794de80 ncacn_ip_tcp: 116.6.193.194:6120 ncalrpc: OLE8DE64EF747C54D4194E6243913AD ncalrpc: LRPC-59e348ac673794de80 ncacn_ip_tcp: 116.6.193.194:6120 ncalrpc: OLE8DE64EF747C54D4194E6243913AD ncalrpc: LRPC-5d9e9c8f078ab6cfcb ncacn_ip_tcp: 116.6.193.194:6138 ncalrpc: OLEA41EAC4C4EB94A46A88F0EF7E421 ncalrpc: LRPC-5d9e9c8f078ab6cfcb ncacn_ip_tcp: 116.6.193.194:6138 ncalrpc: OLEA41EAC4C4EB94A46A88F0EF7E421 ncalrpc: LRPC-a11ff8304ad8237b39 ncacn_ip_tcp: 116.6.193.194:6148 ncalrpc: OLEE48BCFC30FAF402D9E3F7941D18E ncalrpc: LRPC-a11ff8304ad8237b39 ncacn_ip_tcp: 116.6.193.194:6148 ncalrpc: OLEE48BCFC30FAF402D9E3F7941D18E ncalrpc: LRPC-3c96ad9bd4ae8e8d8e ncacn_ip_tcp: 116.6.193.194:6199 ncalrpc: OLEFF891F57120340F89995BDA08474 ncalrpc: LRPC-3c96ad9bd4ae8e8d8e ncacn_ip_tcp: 116.6.193.194:6199 ncalrpc: OLEFF891F57120340F89995BDA08474 ncalrpc: LRPC-d7de0622b36d03af8e ncacn_ip_tcp: 116.6.193.194:6200 ncalrpc: OLE19247B80AF484E8D876598F9BD8C ncalrpc: LRPC-d7de0622b36d03af8e ncacn_ip_tcp: 116.6.193.194:6200 ncalrpc: OLE19247B80AF484E8D876598F9BD8C ncacn_ip_tcp: 116.6.193.194:6204 ncalrpc: LRPC-420f8a2f76b270a3f2 ncalrpc: OLE90445A503063418C9ACBAD7D93C6 ncacn_ip_tcp: 116.6.193.194:6204 ncalrpc: LRPC-420f8a2f76b270a3f2 ncalrpc: OLE90445A503063418C9ACBAD7D93C6 ncalrpc: LRPC-1370fa44d6056399a7 ncacn_ip_tcp: 116.6.193.194:6217 ncalrpc: OLE81A895CF8C1B47D98D1687F792A4 ncalrpc: LRPC-1370fa44d6056399a7 ncacn_ip_tcp: 116.6.193.194:6217 ncalrpc: OLE81A895CF8C1B47D98D1687F792A4 ncalrpc: LRPC-cb58ded2a307984261 ncacn_ip_tcp: 116.6.193.194:6219 ncalrpc: OLE4706A56546C346FB9BA910EC22AB ncalrpc: LRPC-cb58ded2a307984261 ncacn_ip_tcp: 116.6.193.194:6219 ncalrpc: OLE4706A56546C346FB9BA910EC22AB ncalrpc: LRPC-cd8607c7f22800cacc ncacn_ip_tcp: 116.6.193.194:6235 ncalrpc: OLE9D44A474FF2D4587969363958171 ncalrpc: LRPC-cd8607c7f22800cacc ncacn_ip_tcp: 116.6.193.194:6235 ncalrpc: OLE9D44A474FF2D4587969363958171 ncalrpc: LRPC-1ca919f3b34e495b11 ncacn_ip_tcp: 116.6.193.194:6242 ncalrpc: OLEA67CB8656CA3405298D7A435F9CA ncalrpc: LRPC-1ca919f3b34e495b11 ncacn_ip_tcp: 116.6.193.194:6242 ncalrpc: OLEA67CB8656CA3405298D7A435F9CA ncalrpc: LRPC-c7a548a8e0312a6290 ncacn_ip_tcp: 116.6.193.194:6249 ncalrpc: OLE85B04849175D4CA2A069B9D5CAE3 ncalrpc: LRPC-c7a548a8e0312a6290 ncacn_ip_tcp: 116.6.193.194:6249 ncalrpc: OLE85B04849175D4CA2A069B9D5CAE3 ncalrpc: LRPC-a4802dc7f33020245b ncacn_ip_tcp: 116.6.193.194:6263 ncalrpc: OLEF83886D3ECA74D0BB57705A82BD6 ncalrpc: LRPC-a4802dc7f33020245b ncacn_ip_tcp: 116.6.193.194:6263 ncalrpc: OLEF83886D3ECA74D0BB57705A82BD6 ncalrpc: LRPC-df2a036fa4c0e1bc7f ncacn_ip_tcp: 116.6.193.194:6281 ncalrpc: OLE6F06C5D63472482FAF6FBD249CEC ncalrpc: LRPC-df2a036fa4c0e1bc7f ncacn_ip_tcp: 116.6.193.194:6281 ncalrpc: OLE6F06C5D63472482FAF6FBD249CEC ncalrpc: LRPC-67d085394d2d8cca07 ncacn_ip_tcp: 116.6.193.194:6359 ncalrpc: OLE91EA776E94A74FCEBE4646AE1685 ncalrpc: LRPC-67d085394d2d8cca07 ncacn_ip_tcp: 116.6.193.194:6359 ncalrpc: OLE91EA776E94A74FCEBE4646AE1685 ncalrpc: LRPC-016919f6f1e054ab1e ncacn_ip_tcp: 116.6.193.194:6464 ncalrpc: OLED4DD0FAF817044D69E4969251AC4 ncalrpc: LRPC-016919f6f1e054ab1e ncacn_ip_tcp: 116.6.193.194:6464 ncalrpc: OLED4DD0FAF817044D69E4969251AC4 ncalrpc: LRPC-0ca2fc825188e0544e ncacn_ip_tcp: 116.6.193.194:6708 ncalrpc: OLE33A8195165E64E1C83A9E777A083 ncalrpc: LRPC-0ca2fc825188e0544e ncacn_ip_tcp: 116.6.193.194:6708 ncalrpc: OLE33A8195165E64E1C83A9E777A083 ncalrpc: LRPC-56dc457372c88303be ncacn_ip_tcp: 116.6.193.194:7974 ncalrpc: OLEF31CA60E214844F8877703774E82 ncalrpc: LRPC-56dc457372c88303be ncacn_ip_tcp: 116.6.193.194:7974 ncalrpc: OLEF31CA60E214844F8877703774E82 ncalrpc: LRPC-03161f3d00f2c58c89 ncacn_ip_tcp: 116.6.193.194:9852 ncalrpc: OLE818215AF9A7F4E69979764DED14C ncalrpc: LRPC-03161f3d00f2c58c89 ncacn_ip_tcp: 116.6.193.194:9852 ncalrpc: OLE818215AF9A7F4E69979764DED14C ncalrpc: LRPC-53e820f0045c747b3f ncacn_ip_tcp: 116.6.193.194:17916 ncalrpc: OLEFE0EB27964C145699C46CDCA247C ncalrpc: LRPC-53e820f0045c747b3f ncacn_ip_tcp: 116.6.193.194:17916 ncalrpc: OLEFE0EB27964C145699C46CDCA247C ncalrpc: OLE63DA7134B4A0473EB3ABD8B8DFE7 ncacn_ip_tcp: 116.6.193.194:61086 ncalrpc: LRPC-e5a7ee081facf3bce5 ncalrpc: OLE63DA7134B4A0473EB3ABD8B8DFE7 ncacn_ip_tcp: 116.6.193.194:61086 ncalrpc: LRPC-e5a7ee081facf3bce5 ncalrpc: OLEBAEFB87723BF47C091BE75067B49 ncacn_ip_tcp: 116.6.193.194:38095 ncalrpc: LRPC-c2b8f8873208671bb5 ncalrpc: OLEBAEFB87723BF47C091BE75067B49 ncacn_ip_tcp: 116.6.193.194:38095 ncalrpc: LRPC-c2b8f8873208671bb5 ncalrpc: OLEDB6429F1BAB34920B73A83DCF685 ncacn_ip_tcp: 116.6.193.194:12910 ncalrpc: LRPC-34b84c6c43b29bf47f ncalrpc: OLEDB6429F1BAB34920B73A83DCF685 ncacn_ip_tcp: 116.6.193.194:12910 ncalrpc: LRPC-34b84c6c43b29bf47f ncalrpc: OLEF6E0C342A6D44843B28C93353ACA ncacn_ip_tcp: 116.6.193.194:38661 ncalrpc: LRPC-b119212e9beb74f4b9 ncalrpc: OLEF6E0C342A6D44843B28C93353ACA ncacn_ip_tcp: 116.6.193.194:38661 ncalrpc: LRPC-b119212e9beb74f4b9 ncalrpc: OLE1AE5807847CC4A98AE211409AAB9 ncacn_ip_tcp: 116.6.193.194:17936 ncalrpc: LRPC-f7ed4c781ba63d2fe3 ncalrpc: OLE1AE5807847CC4A98AE211409AAB9 ncacn_ip_tcp: 116.6.193.194:17936 ncalrpc: LRPC-f7ed4c781ba63d2fe3 f1f21151-7185-4170-ac8d-9bb077c29bd3 version: v1.0 ncalrpc: LRPC-b157c00aa0edb89d7d ncacn_ip_tcp: 116.6.193.194:6129 ncalrpc: OLE7AC5E8A41B0C4374BDCE8B7EC0FB 5a4d59fe-42ac-4c6e-b554-b12c6af35956 version: v1.0 ncalrpc: LRPC-a11ff8304ad8237b39 ncacn_ip_tcp: 116.6.193.194:6148 ncalrpc: OLEE48BCFC30FAF402D9E3F7941D18E 4a020372-bb0a-4031-a5a7-7c6896522c00 version: v1.0 ncalrpc: LRPC-3c96ad9bd4ae8e8d8e ncacn_ip_tcp: 116.6.193.194:6199 ncalrpc: OLEFF891F57120340F89995BDA08474 76c0d124-a18e-49d4-adf1-d8c6ba868ea6 version: v1.0 ncalrpc: LRPC-3c96ad9bd4ae8e8d8e ncacn_ip_tcp: 116.6.193.194:6199 ncalrpc: OLEFF891F57120340F89995BDA08474 31e68719-d4fc-401a-8788-bc56169a336b version: v0.256 ncacn_ip_tcp: 116.6.193.194:6204 ncalrpc: LRPC-420f8a2f76b270a3f2 ncalrpc: OLE90445A503063418C9ACBAD7D93C6 df831451-edad-415d-905f-9d3793f92db3 version: v0.20736 annotation: Exchange Server STORE EmsmdbMT Proxy Interface ncacn_ip_tcp: 116.6.193.194:6204 ncalrpc: LRPC-420f8a2f76b270a3f2 ncalrpc: OLE90445A503063418C9ACBAD7D93C6 9b48e5eb-b4cd-4b6d-ae73-656e0a777bda version: v0.256 annotation: Exchange Server STORE EmsmdbPoolNotify Proxy Interface ncacn_ip_tcp: 116.6.193.194:6204 ncalrpc: LRPC-420f8a2f76b270a3f2 ncalrpc: OLE90445A503063418C9ACBAD7D93C6 ncalrpc: LRPC-016919f6f1e054ab1e ncacn_ip_tcp: 116.6.193.194:6464 ncalrpc: OLED4DD0FAF817044D69E4969251AC4 ncalrpc: LRPC-53e820f0045c747b3f ncacn_ip_tcp: 116.6.193.194:17916 ncalrpc: OLEFE0EB27964C145699C46CDCA247C ncalrpc: OLE1AE5807847CC4A98AE211409AAB9 ncacn_ip_tcp: 116.6.193.194:17936 ncalrpc: LRPC-f7ed4c781ba63d2fe3 938fe036-ede6-4f6c-966e-a3d7300279c8 version: v0.256 annotation: Exchange Server STORE EmsmdbPool Proxy Interface ncacn_ip_tcp: 116.6.193.194:6204 ncalrpc: LRPC-420f8a2f76b270a3f2 ncalrpc: OLE90445A503063418C9ACBAD7D93C6 ncalrpc: LRPC-016919f6f1e054ab1e ncacn_ip_tcp: 116.6.193.194:6464 ncalrpc: OLED4DD0FAF817044D69E4969251AC4 ncalrpc: LRPC-53e820f0045c747b3f ncacn_ip_tcp: 116.6.193.194:17916 ncalrpc: OLEFE0EB27964C145699C46CDCA247C ncalrpc: OLE1AE5807847CC4A98AE211409AAB9 ncacn_ip_tcp: 116.6.193.194:17936 ncalrpc: LRPC-f7ed4c781ba63d2fe3 da107c01-2b50-44d7-9d5f-bfd4fd8e95ed version: v5.0 annotation: Exchange Server STORE Admin50 Proxy Interface ncacn_ip_tcp: 116.6.193.194:6204 ncalrpc: LRPC-420f8a2f76b270a3f2 ncalrpc: OLE90445A503063418C9ACBAD7D93C6 ncalrpc: LRPC-016919f6f1e054ab1e ncacn_ip_tcp: 116.6.193.194:6464 ncalrpc: OLED4DD0FAF817044D69E4969251AC4 ncalrpc: LRPC-53e820f0045c747b3f ncacn_ip_tcp: 116.6.193.194:17916 ncalrpc: OLEFE0EB27964C145699C46CDCA247C ncalrpc: OLE1AE5807847CC4A98AE211409AAB9 ncacn_ip_tcp: 116.6.193.194:17936 ncalrpc: LRPC-f7ed4c781ba63d2fe3 99e64010-b032-11d0-97a4-00c04fd6551d version: v4.0 annotation: Exchange Server STORE Admin40 Proxy Interface ncacn_ip_tcp: 116.6.193.194:6204 ncalrpc: LRPC-420f8a2f76b270a3f2 ncalrpc: OLE90445A503063418C9ACBAD7D93C6 ncalrpc: LRPC-016919f6f1e054ab1e ncacn_ip_tcp: 116.6.193.194:6464 ncalrpc: OLED4DD0FAF817044D69E4969251AC4 ncalrpc: LRPC-53e820f0045c747b3f ncacn_ip_tcp: 116.6.193.194:17916 ncalrpc: OLEFE0EB27964C145699C46CDCA247C ncalrpc: OLE1AE5807847CC4A98AE211409AAB9 ncacn_ip_tcp: 116.6.193.194:17936 ncalrpc: LRPC-f7ed4c781ba63d2fe3 89742ace-a9ed-11cf-9c0c-08002be7ae86 version: v2.0 annotation: Exchange Server STORE Admin20 Proxy Interface ncacn_ip_tcp: 116.6.193.194:6204 ncalrpc: LRPC-420f8a2f76b270a3f2 ncalrpc: OLE90445A503063418C9ACBAD7D93C6 ncalrpc: LRPC-016919f6f1e054ab1e ncacn_ip_tcp: 116.6.193.194:6464 ncalrpc: OLED4DD0FAF817044D69E4969251AC4 ncalrpc: LRPC-53e820f0045c747b3f ncacn_ip_tcp: 116.6.193.194:17916 ncalrpc: OLEFE0EB27964C145699C46CDCA247C ncalrpc: OLE1AE5807847CC4A98AE211409AAB9 ncacn_ip_tcp: 116.6.193.194:17936 ncalrpc: LRPC-f7ed4c781ba63d2fe3 1544f5e0-613c-11d1-93df-00c04fd7bd09 version: v1.0 annotation: Microsoft Exchange RFR Interface protocol: [MS-OXABREF]: Address Book Name Service Provider Interface (NSPI) Referral Protocol ncacn_ip_http: 116.6.193.194:6001 ncalrpc: LRPC-1ca919f3b34e495b11 ncacn_ip_tcp: 116.6.193.194:6242 ncalrpc: OLEA67CB8656CA3405298D7A435F9CA ba3fa067-8d56-4b56-ba1f-9cbae8db3478 version: v1.0 ncacn_ip_http: 116.6.193.194:6001 ncalrpc: LRPC-1ca919f3b34e495b11 ncacn_ip_tcp: 116.6.193.194:6242 ncalrpc: OLEA67CB8656CA3405298D7A435F9CA a4f1db00-ca47-1067-b31f-00dd010662da version: v0.20736 protocol: [MS-OXCRPC]: Wire Format Protocol ncacn_ip_http: 116.6.193.194:6001 ncalrpc: LRPC-1ca919f3b34e495b11 ncacn_ip_tcp: 116.6.193.194:6242 ncalrpc: OLEA67CB8656CA3405298D7A435F9CA 5261574a-4572-206e-b268-6b199213b4e4 version: v0.256 protocol: [MS-OXCRPC]: Wire Format Protocol ncacn_ip_http: 116.6.193.194:6001 ncalrpc: LRPC-1ca919f3b34e495b11 ncacn_ip_tcp: 116.6.193.194:6242 ncalrpc: OLEA67CB8656CA3405298D7A435F9CA 8fd9e884-86a5-4b2f-bc7c-2adaa75d0469 version: v1.0 ncalrpc: LRPC-c7a548a8e0312a6290 ncacn_ip_tcp: 116.6.193.194:6249 ncalrpc: OLE85B04849175D4CA2A069B9D5CAE3 245a2854-fcdf-4215-adf4-0b4c364e79fb version: v1.0 ncalrpc: LRPC-c7a548a8e0312a6290 ncacn_ip_tcp: 116.6.193.194:6249 ncalrpc: OLE85B04849175D4CA2A069B9D5CAE3 d014c423-0d54-40a3-90dc-56c7a6071e6f version: v1.0 ncalrpc: LRPC-c7a548a8e0312a6290 ncacn_ip_tcp: 116.6.193.194:6249 ncalrpc: OLE85B04849175D4CA2A069B9D5CAE3 37c6221b-cc4b-47ae-8366-7449f2fe9a06 version: v1.0 ncalrpc: LRPC-c7a548a8e0312a6290 ncacn_ip_tcp: 116.6.193.194:6249 ncalrpc: OLE85B04849175D4CA2A069B9D5CAE3 20434699-5e7e-47d6-95f6-698c4a0ec2f0 version: v1.0 ncalrpc: LRPC-c7a548a8e0312a6290 ncacn_ip_tcp: 116.6.193.194:6249 ncalrpc: OLE85B04849175D4CA2A069B9D5CAE3 d9318e75-8a8b-4abb-88e7-aceb01f09e60 version: v1.0 ncalrpc: LRPC-c7a548a8e0312a6290 ncacn_ip_tcp: 116.6.193.194:6249 ncalrpc: OLE85B04849175D4CA2A069B9D5CAE3 f224209f-9076-40f7-98ad-5416dbfa178e version: v3.0 ncalrpc: LRPC-b0b29a85e35fc6222c ncacn_ip_tcp: 116.6.193.194:6252 ncalrpc: OLEA99DB3595F6348ECAB669F70FC0C 37fc1b02-da36-4b27-a745-bf2f58a98ff6 version: v3.0 ncalrpc: LRPC-b0b29a85e35fc6222c ncacn_ip_tcp: 116.6.193.194:6252 ncalrpc: OLEA99DB3595F6348ECAB669F70FC0C 4d88f820-8c32-4453-9e30-7297e2fcf025 version: v1.0 ncalrpc: LRPC-b57cc782b1323287af ncacn_ip_tcp: 116.6.193.194:6271 ncalrpc: OLE53108F4C057C41DF81AAF8300846 52d3f3f5-248c-4d74-a01f-a06e41d5cd59 version: v1.0 ncalrpc: LRPC-b9ac6fdda3e97cbf5b ncacn_ip_tcp: 116.6.193.194:6282 ncalrpc: OLEE7B4213C842645348A85052DBD7F 75f47e04-c7c9-411e-a9eb-080b174b03a9 version: v1.0 ncalrpc: LRPC-4bf66e5536cbcae1a6 ncacn_ip_tcp: 116.6.193.194:6363 ncalrpc: OLEFD2CF1746AAE42B180EF1C3E6A1C ea0c3893-d1fd-4fb3-82d0-8e9a86486dc5 version: v2.0 ncalrpc: LRPC-4bf66e5536cbcae1a6 ncacn_ip_tcp: 116.6.193.194:6363 ncalrpc: OLEFD2CF1746AAE42B180EF1C3E6A1C f2d0ca50-457a-4d87-ab1e-45f3a324993f version: v1.0 ncalrpc: LRPC-4bf66e5536cbcae1a6 ncacn_ip_tcp: 116.6.193.194:6363 ncalrpc: OLEFD2CF1746AAE42B180EF1C3E6A1C 6f08d61c-fd57-42b0-bb11-f30aedaca66e version: v1.0 ncalrpc: LRPC-4bf66e5536cbcae1a6 ncacn_ip_tcp: 116.6.193.194:6363 ncalrpc: OLEFD2CF1746AAE42B180EF1C3E6A1C d3444dd6-ee15-4564-83fc-0b16b8f5e8d4 version: v1.0 ncalrpc: LRPC-4bf66e5536cbcae1a6 ncacn_ip_tcp: 116.6.193.194:6363 ncalrpc: OLEFD2CF1746AAE42B180EF1C3E6A1C 8879d5aa-30a7-4eb2-9023-bec055dbe648 version: v1.0 ncalrpc: LRPC-4bf66e5536cbcae1a6 ncacn_ip_tcp: 116.6.193.194:6363 ncalrpc: OLEFD2CF1746AAE42B180EF1C3E6A1C e62eb024-ee96-4d89-b24a-746cf02a3e98 version: v1.0 ncalrpc: LRPC-4bf66e5536cbcae1a6 ncacn_ip_tcp: 116.6.193.194:6363 ncalrpc: OLEFD2CF1746AAE42B180EF1C3E6A1C 1febdc2a-1734-4e06-8998-ed919c26ad43 version: v2.0 ncalrpc: LRPC-4bf66e5536cbcae1a6 ncacn_ip_tcp: 116.6.193.194:6363 ncalrpc: OLEFD2CF1746AAE42B180EF1C3E6A1C a9e05b20-6f57-4e24-a540-52412017e6ff version: v1.0 annotation: a09e299e-4b22-4718-bcf5-af5b290c2153 ncalrpc: LRPC-016919f6f1e054ab1e ncacn_ip_tcp: 116.6.193.194:6464 ncalrpc: OLED4DD0FAF817044D69E4969251AC4 ncalrpc: LRPC-53e820f0045c747b3f ncacn_ip_tcp: 116.6.193.194:17916 ncalrpc: OLEFE0EB27964C145699C46CDCA247C ncalrpc: LRPC-f7ed4c781ba63d2fe3 ncacn_ip_tcp: 116.6.193.194:17936 ncalrpc: OLE1AE5807847CC4A98AE211409AAB9 0e4a0156-dd5d-11d2-8c2f-00c04fb6bcde version: v1.0 annotation: a09e299e-4b22-4718-bcf5-af5b290c2153 ncalrpc: LRPC-016919f6f1e054ab1e ncacn_ip_tcp: 116.6.193.194:6464 ncalrpc: OLED4DD0FAF817044D69E4969251AC4 ncalrpc: LRPC-53e820f0045c747b3f ncacn_ip_tcp: 116.6.193.194:17916 ncalrpc: OLEFE0EB27964C145699C46CDCA247C ncalrpc: LRPC-f7ed4c781ba63d2fe3 ncacn_ip_tcp: 116.6.193.194:17936 ncalrpc: OLE1AE5807847CC4A98AE211409AAB9 bf6dd426-77b4-44b3-984e-d413fc075562 version: v2.0 annotation: a09e299e-4b22-4718-bcf5-af5b290c2153 ncalrpc: LRPC-016919f6f1e054ab1e ncacn_ip_tcp: 116.6.193.194:6464 ncalrpc: OLED4DD0FAF817044D69E4969251AC4 ncalrpc: LRPC-53e820f0045c747b3f ncacn_ip_tcp: 116.6.193.194:17916 ncalrpc: OLEFE0EB27964C145699C46CDCA247C ncalrpc: OLE1AE5807847CC4A98AE211409AAB9 ncacn_ip_tcp: 116.6.193.194:17936 ncalrpc: LRPC-f7ed4c781ba63d2fe3 1453c42c-0fa6-11d2-a910-00c04f990f3b version: v1.0 annotation: a09e299e-4b22-4718-bcf5-af5b290c2153 ncalrpc: LRPC-016919f6f1e054ab1e ncacn_ip_tcp: 116.6.193.194:6464 ncalrpc: OLED4DD0FAF817044D69E4969251AC4 ncalrpc: LRPC-53e820f0045c747b3f ncacn_ip_tcp: 116.6.193.194:17916 ncalrpc: OLEFE0EB27964C145699C46CDCA247C ncalrpc: OLE1AE5807847CC4A98AE211409AAB9 ncacn_ip_tcp: 116.6.193.194:17936 ncalrpc: LRPC-f7ed4c781ba63d2fe3 10f24e8e-0fa6-11d2-a910-00c04f990f3b version: v1.0 annotation: a09e299e-4b22-4718-bcf5-af5b290c2153 ncalrpc: LRPC-016919f6f1e054ab1e ncacn_ip_tcp: 116.6.193.194:6464 ncalrpc: OLED4DD0FAF817044D69E4969251AC4 ncalrpc: LRPC-53e820f0045c747b3f ncacn_ip_tcp: 116.6.193.194:17916 ncalrpc: OLEFE0EB27964C145699C46CDCA247C ncalrpc: OLE1AE5807847CC4A98AE211409AAB9 ncacn_ip_tcp: 116.6.193.194:17936 ncalrpc: LRPC-f7ed4c781ba63d2fe3 41f5fae1-e0ac-414c-a721-0d287466cb23 version: v1.0 ncalrpc: LRPC-0ca2fc825188e0544e ncacn_ip_tcp: 116.6.193.194:6708 ncalrpc: OLE33A8195165E64E1C83A9E777A083 640aa52e-d472-443a-952c-4d3fe97f480c version: v1.0 ncalrpc: LRPC-0ca2fc825188e0544e ncacn_ip_tcp: 116.6.193.194:6708 ncalrpc: OLE33A8195165E64E1C83A9E777A083 bd5790c9-d855-42b0-990f-3dfed8c184b3 version: v1.0 ncalrpc: LRPC-0ca2fc825188e0544e ncacn_ip_tcp: 116.6.193.194:6708 ncalrpc: OLE33A8195165E64E1C83A9E777A083 8384fc47-956a-4d1e-ab2a-1205014f96ec version: v1.0 ncalrpc: LRPC-0ca2fc825188e0544e ncacn_ip_tcp: 116.6.193.194:6708 ncalrpc: OLE33A8195165E64E1C83A9E777A083 367abb81-9844-35f1-ad32-98f038001003 version: v2.0 protocol: [MS-SCMR]: Service Control Manager Remote Protocol provider: services.exe ncacn_ip_tcp: 116.6.193.194:6861 12345678-1234-abcd-ef00-0123456789ab version: v1.0 annotation: IPSec Policy agent endpoint protocol: [MS-RPRN]: Print System Remote Protocol provider: spoolsv.exe ncalrpc: LRPC-ee416f55e2ca311f92 897e2e5f-93f3-4376-9c9c-fd2277495c27 version: v1.0 annotation: Frs2 Service protocol: [MS-FRS2]: Distributed File System Replication Protocol provider: dfsrmig.exe ncacn_ip_tcp: 116.6.193.194:5722 ncalrpc: OLEAB98C7193F3D46438F3D18397DEA ecca92d9-07d1-4136-87f7-2ac4109337ee version: v4.0 ncalrpc: OLEF6E0C342A6D44843B28C93353ACA ncacn_ip_tcp: 116.6.193.194:38661 ncalrpc: LRPC-b119212e9beb74f4b9 24019106-a203-4642-b88d-82dae9158929 version: v1.0 provider: authui.dll ncalrpc: LRPC-6a2ab54c581e5357e5
37507309 | 2024-10-18T14:48:17.446426636 / tcp
LDAP: CurrentTime: 20241018144725.0Z SubschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=zstmb,DC=com DsServiceName: CN=NTDS Settings,CN=MAILSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=zstmb,DC=com NamingContexts: CN=Configuration,DC=zstmb,DC=com CN=Schema,CN=Configuration,DC=zstmb,DC=com DC=DomainDnsZones,DC=zstmb,DC=com DC=ForestDnsZones,DC=zstmb,DC=com DC=zstmb,DC=com DefaultNamingContext: DC=zstmb,DC=com SchemaNamingContext: CN=Schema,CN=Configuration,DC=zstmb,DC=com ConfigurationNamingContext: CN=Configuration,DC=zstmb,DC=com RootDomainNamingContext: DC=zstmb,DC=com SupportedControl: 1.2.840.113556.1.4.1338 1.2.840.113556.1.4.1339 1.2.840.113556.1.4.1340 1.2.840.113556.1.4.1341 1.2.840.113556.1.4.1413 1.2.840.113556.1.4.1504 1.2.840.113556.1.4.1852 1.2.840.113556.1.4.1907 1.2.840.113556.1.4.1948 1.2.840.113556.1.4.1974 1.2.840.113556.1.4.2026 1.2.840.113556.1.4.2064 1.2.840.113556.1.4.2065 1.2.840.113556.1.4.2066 1.2.840.113556.1.4.319 1.2.840.113556.1.4.417 1.2.840.113556.1.4.473 1.2.840.113556.1.4.474 1.2.840.113556.1.4.521 1.2.840.113556.1.4.528 1.2.840.113556.1.4.529 1.2.840.113556.1.4.619 1.2.840.113556.1.4.801 1.2.840.113556.1.4.802 1.2.840.113556.1.4.805 1.2.840.113556.1.4.841 1.2.840.113556.1.4.970 2.16.840.1.113730.3.4.10 2.16.840.1.113730.3.4.9 SupportedLDAPVersion: 2 3 SupportedLDAPPolicies: InitRecvTimeout MaxConnIdleTime MaxConnections MaxDatagramRecv MaxNotificationPerConn MaxPageSize MaxPoolThreads MaxQueryDuration MaxReceiveBuffer MaxResultSetSize MaxResultSetsPerConn MaxTempTableSize MaxValRange MinResultSets SystemMemoryLimitPercent ThreadMemoryLimit HighestCommittedUSN: 101353335 SupportedSASLMechanisms: DIGEST-MD5 EXTERNAL GSS-SPNEGO GSSAPI DnsHostName: MailServer.zstmb.com LdapServiceName: zstmb.com:mailserver$@ZSTMB.COM ServerName: CN=MAILSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=zstmb,DC=com SupportedCapabilities: 1.2.840.113556.1.4.1670 1.2.840.113556.1.4.1791 1.2.840.113556.1.4.1935 1.2.840.113556.1.4.2080 1.2.840.113556.1.4.800 IsSynchronized: TRUE IsGlobalCatalogReady: TRUE SupportedExtension: 1.2.840.113556.1.4.1781 1.3.6.1.4.1.1466.101.119.1 1.3.6.1.4.1.1466.20037 1.3.6.1.4.1.4203.1.11.3 DomainFunctionality: 4 ForestFunctionality: 4
Certificate: Data: Version: 3 (0x2) Serial Number: 15:49:ff:21:00:00:00:00:00:17 Signature Algorithm: sha1WithRSAEncryption Issuer: DC=com, DC=zstmb, CN=zstmb-MAILSERVER-CA Validity Not Before: Feb 3 00:48:35 2024 GMT Not After : Feb 2 00:48:35 2026 GMT Subject: C=CN, ST=\xE5\xB9\xBF\xE4\xB8\x9C\xE7\x9C\x81, L=\xE4\xB8\xAD\xE5\xB1\xB1\xE5\xB8\x82, O=TMB, OU=IT, CN=mail.zstmb.com Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:ce:a0:43:ca:17:e7:f9:41:48:51:18:fa:fb:72: db:ac:fa:6d:ab:58:75:96:1e:55:7d:d9:d7:64:64: 0c:cf:63:7c:5e:35:31:36:e6:6e:a1:4a:44:90:e2: bc:46:f5:b1:24:da:97:51:01:54:f0:9e:48:29:dd: 85:d1:23:2d:ba:4d:93:81:df:d4:5c:fc:58:06:04: 2c:f0:25:4c:0a:19:b4:69:90:62:8e:d0:e9:14:89: 8c:80:df:83:58:38:17:6f:cf:e9:1d:d9:f8:c4:8d: bc:eb:38:c3:07:c2:48:a9:63:f4:e5:47:1f:86:3a: 4e:de:39:b6:a8:a9:8b:78:e5:ab:c4:fd:02:f9:2f: a7:9f:30:4b:47:59:e8:e3:51:a4:97:05:39:56:33: f7:3c:e8:97:f7:7c:22:9f:4b:9d:b4:ff:d5:2e:18: 1e:76:e8:18:50:85:e9:e5:fe:a6:96:3c:68:83:d9: e3:2f:17:4c:c0:de:19:0c:ab:af:21:1d:89:4b:7e: 21:47:3f:57:32:1a:8f:98:50:52:44:50:85:5e:fd: 04:5d:74:1d:58:32:e1:40:8e:cb:2b:4c:bc:9a:d9: 80:0e:db:32:fa:ac:35:a2:27:a6:24:b5:89:e8:2e: fa:dd:29:b1:6b:3f:92:81:2e:1e:5a:13:ef:f6:e2: fc:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Subject Key Identifier: D6:35:2A:BF:F4:A5:0D:92:D6:53:D3:4C:76:CF:14:79:9B:D7:85:AA X509v3 Subject Alternative Name: DNS:mail.zstmb.com, DNS:mailserver.zstmb.com, DNS:AutoDiscover.zstmb.com, DNS:MailServer, DNS:zstmb.com X509v3 Authority Key Identifier: C8:30:76:BD:C0:BE:5B:15:B1:3E:1F:8B:53:DF:2C:5E:14:FD:4B:55 X509v3 CRL Distribution Points: Full Name: URI:ldap:///CN=zstmb-MAILSERVER-CA,CN=MailServer,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=zstmb,DC=com?certificateRevocationList?base?objectClass=cRLDistributionPoint Authority Information Access: CA Issuers - URI:ldap:///CN=zstmb-MAILSERVER-CA,CN=AIA,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=zstmb,DC=com?cACertificate?base?objectClass=certificationAuthority 1.3.6.1.4.1.311.20.2: ...W.e.b.S.e.r.v.e.r X509v3 Extended Key Usage: TLS Web Server Authentication Signature Algorithm: sha1WithRSAEncryption Signature Value: 5a:4f:09:a9:8f:e6:58:ce:32:29:aa:c5:16:21:b8:07:47:a9: d0:93:85:05:bc:ec:96:2f:2e:74:81:ca:b8:c7:1f:fc:aa:04: 22:0f:05:6b:bd:55:0b:1f:45:ee:7a:1c:c8:ee:60:fa:55:09: 08:b8:88:21:97:6e:b0:e7:b2:30:d6:2f:5d:bf:a7:f5:4a:dd: 85:fb:7e:34:ae:bd:bb:86:a6:b9:b7:d4:9d:80:4b:e0:76:d0: 7e:bd:7f:12:7f:65:15:4d:a4:db:7c:b2:77:f5:29:48:bc:ba: 16:19:6b:0d:ee:47:f5:e7:49:03:8a:8b:13:e1:9a:ec:ff:28: 5f:46:92:d1:8e:a3:d1:02:f4:b2:5f:d1:b6:ed:95:53:a2:1e: b7:33:95:0d:90:e6:9a:5d:83:21:67:06:0e:d2:e8:ef:c7:b9: 0f:93:02:07:35:88:42:96:fd:52:f8:3c:3d:be:a7:67:5c:89: 62:a6:5c:f6:24:53:1d:dd:bb:ae:67:48:31:21:e5:40:b3:b9: f1:82:f4:3b:bd:fc:08:61:a7:37:7d:44:7f:ba:8e:52:21:6b: df:61:c7:ad:40:73:49:08:d5:5c:5e:98:84:97:57:6b:55:2b: 20:b7:80:32:a4:9c:ca:94:7a:f8:81:64:46:48:40:4c:b3:0b: 76:80:e4:20
1107593961 | 2024-10-25T01:04:36.796508995 / tcp
+OK The Microsoft Exchange POP3 service is ready. +OK TOP UIDL SASL PLAIN USER .
Certificate: Data: Version: 3 (0x2) Serial Number: 15:49:ff:21:00:00:00:00:00:17 Signature Algorithm: sha1WithRSAEncryption Issuer: DC=com, DC=zstmb, CN=zstmb-MAILSERVER-CA Validity Not Before: Feb 3 00:48:35 2024 GMT Not After : Feb 2 00:48:35 2026 GMT Subject: C=CN, ST=\xE5\xB9\xBF\xE4\xB8\x9C\xE7\x9C\x81, L=\xE4\xB8\xAD\xE5\xB1\xB1\xE5\xB8\x82, O=TMB, OU=IT, CN=mail.zstmb.com Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:ce:a0:43:ca:17:e7:f9:41:48:51:18:fa:fb:72: db:ac:fa:6d:ab:58:75:96:1e:55:7d:d9:d7:64:64: 0c:cf:63:7c:5e:35:31:36:e6:6e:a1:4a:44:90:e2: bc:46:f5:b1:24:da:97:51:01:54:f0:9e:48:29:dd: 85:d1:23:2d:ba:4d:93:81:df:d4:5c:fc:58:06:04: 2c:f0:25:4c:0a:19:b4:69:90:62:8e:d0:e9:14:89: 8c:80:df:83:58:38:17:6f:cf:e9:1d:d9:f8:c4:8d: bc:eb:38:c3:07:c2:48:a9:63:f4:e5:47:1f:86:3a: 4e:de:39:b6:a8:a9:8b:78:e5:ab:c4:fd:02:f9:2f: a7:9f:30:4b:47:59:e8:e3:51:a4:97:05:39:56:33: f7:3c:e8:97:f7:7c:22:9f:4b:9d:b4:ff:d5:2e:18: 1e:76:e8:18:50:85:e9:e5:fe:a6:96:3c:68:83:d9: e3:2f:17:4c:c0:de:19:0c:ab:af:21:1d:89:4b:7e: 21:47:3f:57:32:1a:8f:98:50:52:44:50:85:5e:fd: 04:5d:74:1d:58:32:e1:40:8e:cb:2b:4c:bc:9a:d9: 80:0e:db:32:fa:ac:35:a2:27:a6:24:b5:89:e8:2e: fa:dd:29:b1:6b:3f:92:81:2e:1e:5a:13:ef:f6:e2: fc:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Subject Key Identifier: D6:35:2A:BF:F4:A5:0D:92:D6:53:D3:4C:76:CF:14:79:9B:D7:85:AA X509v3 Subject Alternative Name: DNS:mail.zstmb.com, DNS:mailserver.zstmb.com, DNS:AutoDiscover.zstmb.com, DNS:MailServer, DNS:zstmb.com X509v3 Authority Key Identifier: C8:30:76:BD:C0:BE:5B:15:B1:3E:1F:8B:53:DF:2C:5E:14:FD:4B:55 X509v3 CRL Distribution Points: Full Name: URI:ldap:///CN=zstmb-MAILSERVER-CA,CN=MailServer,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=zstmb,DC=com?certificateRevocationList?base?objectClass=cRLDistributionPoint Authority Information Access: CA Issuers - URI:ldap:///CN=zstmb-MAILSERVER-CA,CN=AIA,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=zstmb,DC=com?cACertificate?base?objectClass=certificationAuthority 1.3.6.1.4.1.311.20.2: ...W.e.b.S.e.r.v.e.r X509v3 Extended Key Usage: TLS Web Server Authentication Signature Algorithm: sha1WithRSAEncryption Signature Value: 5a:4f:09:a9:8f:e6:58:ce:32:29:aa:c5:16:21:b8:07:47:a9: d0:93:85:05:bc:ec:96:2f:2e:74:81:ca:b8:c7:1f:fc:aa:04: 22:0f:05:6b:bd:55:0b:1f:45:ee:7a:1c:c8:ee:60:fa:55:09: 08:b8:88:21:97:6e:b0:e7:b2:30:d6:2f:5d:bf:a7:f5:4a:dd: 85:fb:7e:34:ae:bd:bb:86:a6:b9:b7:d4:9d:80:4b:e0:76:d0: 7e:bd:7f:12:7f:65:15:4d:a4:db:7c:b2:77:f5:29:48:bc:ba: 16:19:6b:0d:ee:47:f5:e7:49:03:8a:8b:13:e1:9a:ec:ff:28: 5f:46:92:d1:8e:a3:d1:02:f4:b2:5f:d1:b6:ed:95:53:a2:1e: b7:33:95:0d:90:e6:9a:5d:83:21:67:06:0e:d2:e8:ef:c7:b9: 0f:93:02:07:35:88:42:96:fd:52:f8:3c:3d:be:a7:67:5c:89: 62:a6:5c:f6:24:53:1d:dd:bb:ae:67:48:31:21:e5:40:b3:b9: f1:82:f4:3b:bd:fc:08:61:a7:37:7d:44:7f:ba:8e:52:21:6b: df:61:c7:ad:40:73:49:08:d5:5c:5e:98:84:97:57:6b:55:2b: 20:b7:80:32:a4:9c:ca:94:7a:f8:81:64:46:48:40:4c:b3:0b: 76:80:e4:20
-183336801 | 2024-10-06T14:34:26.7770312525 / tcp
220 MailServer.zstmb.com Microsoft ESMTP MAIL Service ready at Sun, 6 Oct 2024 22:34:24 +0800\r\n
116346406 | 2024-10-23T16:59:17.5216133268 / tcp
LDAP: CurrentTime: 20241023165842.0Z SubschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=zstmb,DC=com DsServiceName: CN=NTDS Settings,CN=MAILSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=zstmb,DC=com NamingContexts: CN=Configuration,DC=zstmb,DC=com CN=Schema,CN=Configuration,DC=zstmb,DC=com DC=DomainDnsZones,DC=zstmb,DC=com DC=ForestDnsZones,DC=zstmb,DC=com DC=zstmb,DC=com DefaultNamingContext: DC=zstmb,DC=com SchemaNamingContext: CN=Schema,CN=Configuration,DC=zstmb,DC=com ConfigurationNamingContext: CN=Configuration,DC=zstmb,DC=com RootDomainNamingContext: DC=zstmb,DC=com SupportedControl: 1.2.840.113556.1.4.1338 1.2.840.113556.1.4.1339 1.2.840.113556.1.4.1340 1.2.840.113556.1.4.1341 1.2.840.113556.1.4.1413 1.2.840.113556.1.4.1504 1.2.840.113556.1.4.1852 1.2.840.113556.1.4.1907 1.2.840.113556.1.4.1948 1.2.840.113556.1.4.1974 1.2.840.113556.1.4.2026 1.2.840.113556.1.4.2064 1.2.840.113556.1.4.2065 1.2.840.113556.1.4.2066 1.2.840.113556.1.4.319 1.2.840.113556.1.4.417 1.2.840.113556.1.4.473 1.2.840.113556.1.4.474 1.2.840.113556.1.4.521 1.2.840.113556.1.4.528 1.2.840.113556.1.4.529 1.2.840.113556.1.4.619 1.2.840.113556.1.4.801 1.2.840.113556.1.4.802 1.2.840.113556.1.4.805 1.2.840.113556.1.4.841 1.2.840.113556.1.4.970 2.16.840.1.113730.3.4.10 2.16.840.1.113730.3.4.9 SupportedLDAPVersion: 2 3 SupportedLDAPPolicies: InitRecvTimeout MaxConnIdleTime MaxConnections MaxDatagramRecv MaxNotificationPerConn MaxPageSize MaxPoolThreads MaxQueryDuration MaxReceiveBuffer MaxResultSetSize MaxResultSetsPerConn MaxTempTableSize MaxValRange MinResultSets SystemMemoryLimitPercent ThreadMemoryLimit HighestCommittedUSN: 108507957 SupportedSASLMechanisms: DIGEST-MD5 EXTERNAL GSS-SPNEGO GSSAPI DnsHostName: MailServer.zstmb.com LdapServiceName: zstmb.com:mailserver$@ZSTMB.COM ServerName: CN=MAILSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=zstmb,DC=com SupportedCapabilities: 1.2.840.113556.1.4.1670 1.2.840.113556.1.4.1791 1.2.840.113556.1.4.1935 1.2.840.113556.1.4.2080 1.2.840.113556.1.4.800 IsSynchronized: TRUE IsGlobalCatalogReady: TRUE SupportedExtension: 1.2.840.113556.1.4.1781 1.3.6.1.4.1.1466.101.119.1 1.3.6.1.4.1.1466.20037 1.3.6.1.4.1.4203.1.11.3 DomainFunctionality: 4 ForestFunctionality: 4
317449905 | 2024-10-03T08:01:47.0211743269 / tcp
LDAP: CurrentTime: 20241003080055.0Z SubschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=zstmb,DC=com DsServiceName: CN=NTDS Settings,CN=MAILSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=zstmb,DC=com NamingContexts: CN=Configuration,DC=zstmb,DC=com CN=Schema,CN=Configuration,DC=zstmb,DC=com DC=DomainDnsZones,DC=zstmb,DC=com DC=ForestDnsZones,DC=zstmb,DC=com DC=zstmb,DC=com DefaultNamingContext: DC=zstmb,DC=com SchemaNamingContext: CN=Schema,CN=Configuration,DC=zstmb,DC=com ConfigurationNamingContext: CN=Configuration,DC=zstmb,DC=com RootDomainNamingContext: DC=zstmb,DC=com SupportedControl: 1.2.840.113556.1.4.1338 1.2.840.113556.1.4.1339 1.2.840.113556.1.4.1340 1.2.840.113556.1.4.1341 1.2.840.113556.1.4.1413 1.2.840.113556.1.4.1504 1.2.840.113556.1.4.1852 1.2.840.113556.1.4.1907 1.2.840.113556.1.4.1948 1.2.840.113556.1.4.1974 1.2.840.113556.1.4.2026 1.2.840.113556.1.4.2064 1.2.840.113556.1.4.2065 1.2.840.113556.1.4.2066 1.2.840.113556.1.4.319 1.2.840.113556.1.4.417 1.2.840.113556.1.4.473 1.2.840.113556.1.4.474 1.2.840.113556.1.4.521 1.2.840.113556.1.4.528 1.2.840.113556.1.4.529 1.2.840.113556.1.4.619 1.2.840.113556.1.4.801 1.2.840.113556.1.4.802 1.2.840.113556.1.4.805 1.2.840.113556.1.4.841 1.2.840.113556.1.4.970 2.16.840.1.113730.3.4.10 2.16.840.1.113730.3.4.9 SupportedLDAPVersion: 2 3 SupportedLDAPPolicies: InitRecvTimeout MaxConnIdleTime MaxConnections MaxDatagramRecv MaxNotificationPerConn MaxPageSize MaxPoolThreads MaxQueryDuration MaxReceiveBuffer MaxResultSetSize MaxResultSetsPerConn MaxTempTableSize MaxValRange MinResultSets SystemMemoryLimitPercent ThreadMemoryLimit HighestCommittedUSN: 96364607 SupportedSASLMechanisms: DIGEST-MD5 EXTERNAL GSS-SPNEGO GSSAPI DnsHostName: MailServer.zstmb.com LdapServiceName: zstmb.com:mailserver$@ZSTMB.COM ServerName: CN=MAILSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=zstmb,DC=com SupportedCapabilities: 1.2.840.113556.1.4.1670 1.2.840.113556.1.4.1791 1.2.840.113556.1.4.1935 1.2.840.113556.1.4.2080 1.2.840.113556.1.4.800 IsSynchronized: TRUE IsGlobalCatalogReady: TRUE SupportedExtension: 1.2.840.113556.1.4.1781 1.3.6.1.4.1.1466.101.119.1 1.3.6.1.4.1.1466.20037 1.3.6.1.4.1.4203.1.11.3 DomainFunctionality: 4 ForestFunctionality: 4
Certificate: Data: Version: 3 (0x2) Serial Number: 15:49:ff:21:00:00:00:00:00:17 Signature Algorithm: sha1WithRSAEncryption Issuer: DC=com, DC=zstmb, CN=zstmb-MAILSERVER-CA Validity Not Before: Feb 3 00:48:35 2024 GMT Not After : Feb 2 00:48:35 2026 GMT Subject: C=CN, ST=\xE5\xB9\xBF\xE4\xB8\x9C\xE7\x9C\x81, L=\xE4\xB8\xAD\xE5\xB1\xB1\xE5\xB8\x82, O=TMB, OU=IT, CN=mail.zstmb.com Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:ce:a0:43:ca:17:e7:f9:41:48:51:18:fa:fb:72: db:ac:fa:6d:ab:58:75:96:1e:55:7d:d9:d7:64:64: 0c:cf:63:7c:5e:35:31:36:e6:6e:a1:4a:44:90:e2: bc:46:f5:b1:24:da:97:51:01:54:f0:9e:48:29:dd: 85:d1:23:2d:ba:4d:93:81:df:d4:5c:fc:58:06:04: 2c:f0:25:4c:0a:19:b4:69:90:62:8e:d0:e9:14:89: 8c:80:df:83:58:38:17:6f:cf:e9:1d:d9:f8:c4:8d: bc:eb:38:c3:07:c2:48:a9:63:f4:e5:47:1f:86:3a: 4e:de:39:b6:a8:a9:8b:78:e5:ab:c4:fd:02:f9:2f: a7:9f:30:4b:47:59:e8:e3:51:a4:97:05:39:56:33: f7:3c:e8:97:f7:7c:22:9f:4b:9d:b4:ff:d5:2e:18: 1e:76:e8:18:50:85:e9:e5:fe:a6:96:3c:68:83:d9: e3:2f:17:4c:c0:de:19:0c:ab:af:21:1d:89:4b:7e: 21:47:3f:57:32:1a:8f:98:50:52:44:50:85:5e:fd: 04:5d:74:1d:58:32:e1:40:8e:cb:2b:4c:bc:9a:d9: 80:0e:db:32:fa:ac:35:a2:27:a6:24:b5:89:e8:2e: fa:dd:29:b1:6b:3f:92:81:2e:1e:5a:13:ef:f6:e2: fc:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Subject Key Identifier: D6:35:2A:BF:F4:A5:0D:92:D6:53:D3:4C:76:CF:14:79:9B:D7:85:AA X509v3 Subject Alternative Name: DNS:mail.zstmb.com, DNS:mailserver.zstmb.com, DNS:AutoDiscover.zstmb.com, DNS:MailServer, DNS:zstmb.com X509v3 Authority Key Identifier: C8:30:76:BD:C0:BE:5B:15:B1:3E:1F:8B:53:DF:2C:5E:14:FD:4B:55 X509v3 CRL Distribution Points: Full Name: URI:ldap:///CN=zstmb-MAILSERVER-CA,CN=MailServer,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=zstmb,DC=com?certificateRevocationList?base?objectClass=cRLDistributionPoint Authority Information Access: CA Issuers - URI:ldap:///CN=zstmb-MAILSERVER-CA,CN=AIA,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=zstmb,DC=com?cACertificate?base?objectClass=certificationAuthority 1.3.6.1.4.1.311.20.2: ...W.e.b.S.e.r.v.e.r X509v3 Extended Key Usage: TLS Web Server Authentication Signature Algorithm: sha1WithRSAEncryption Signature Value: 5a:4f:09:a9:8f:e6:58:ce:32:29:aa:c5:16:21:b8:07:47:a9: d0:93:85:05:bc:ec:96:2f:2e:74:81:ca:b8:c7:1f:fc:aa:04: 22:0f:05:6b:bd:55:0b:1f:45:ee:7a:1c:c8:ee:60:fa:55:09: 08:b8:88:21:97:6e:b0:e7:b2:30:d6:2f:5d:bf:a7:f5:4a:dd: 85:fb:7e:34:ae:bd:bb:86:a6:b9:b7:d4:9d:80:4b:e0:76:d0: 7e:bd:7f:12:7f:65:15:4d:a4:db:7c:b2:77:f5:29:48:bc:ba: 16:19:6b:0d:ee:47:f5:e7:49:03:8a:8b:13:e1:9a:ec:ff:28: 5f:46:92:d1:8e:a3:d1:02:f4:b2:5f:d1:b6:ed:95:53:a2:1e: b7:33:95:0d:90:e6:9a:5d:83:21:67:06:0e:d2:e8:ef:c7:b9: 0f:93:02:07:35:88:42:96:fd:52:f8:3c:3d:be:a7:67:5c:89: 62:a6:5c:f6:24:53:1d:dd:bb:ae:67:48:31:21:e5:40:b3:b9: f1:82:f4:3b:bd:fc:08:61:a7:37:7d:44:7f:ba:8e:52:21:6b: df:61:c7:ad:40:73:49:08:d5:5c:5e:98:84:97:57:6b:55:2b: 20:b7:80:32:a4:9c:ca:94:7a:f8:81:64:46:48:40:4c:b3:0b: 76:80:e4:20
1308377066 | 2024-10-11T21:23:05.9012946001 / tcp
ncacn_http/1.0
1276612955 | 2024-10-12T11:32:18.5782227001 / tcp
SSL Error: TLSV1_ALERT_INTERNAL_ERROR
Certificate: Data: Version: 3 (0x2) Serial Number: 1a:a9:48:dd:ab:99:0e:a3:49:77:02:41:95:86:c5:79 Signature Algorithm: sha1WithRSAEncryption Issuer: CN=MailServer.zstmb.com Validity Not Before: Oct 5 09:14:12 2024 GMT Not After : Apr 6 09:14:12 2025 GMT Subject: CN=MailServer.zstmb.com Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:c4:14:d9:76:9d:da:8b:a8:b1:c8:8c:cb:61:be: 77:d5:18:2f:1f:04:cf:78:a6:87:e9:bb:48:7d:0e: 97:b0:ae:98:e1:55:b2:c7:2f:5f:c8:97:dc:9e:bd: 38:49:ba:85:fa:03:1a:77:19:d8:80:06:7e:3d:85: 7f:b0:ea:6e:b3:c8:40:c9:53:f7:55:2d:ce:b8:a7: 68:4d:96:d6:58:76:92:94:dc:d9:fb:49:9d:01:e3: ea:18:1c:cb:1d:b2:63:34:02:7c:b3:28:55:87:84: b4:9d:21:49:2b:af:ec:ed:27:1a:46:ec:11:16:1a: b5:15:c3:94:29:d6:7a:0f:1b:97:f6:8f:75:87:ac: ec:2c:8a:c4:19:0a:3c:b8:84:8d:e6:d8:22:f2:35: c5:7e:09:e3:fb:db:f7:6a:48:0e:15:68:a1:10:2d: 08:61:03:3c:05:cd:14:36:73:81:e6:b9:3c:86:0e: a7:d3:8e:23:7c:2b:cd:cf:ad:b1:59:f6:a7:73:28: a5:a5:36:ba:de:01:05:32:d4:2e:c5:27:6d:64:39: e8:6f:e9:4c:ad:dd:74:d7:1f:5b:b5:8b:33:aa:34: b8:ab:31:d5:f4:a0:16:1a:8d:ea:4a:cb:a0:b3:3c: e0:89:88:15:0e:31:60:d7:7e:9d:0b:70:64:04:b1: f8:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Extended Key Usage: TLS Web Server Authentication X509v3 Key Usage: Key Encipherment, Data Encipherment Signature Algorithm: sha1WithRSAEncryption Signature Value: 49:b7:b1:3a:37:00:00:ec:53:51:58:76:fa:e0:e6:d2:b3:fa: a0:75:d7:32:19:e0:a8:77:58:d7:00:22:b6:77:43:1c:4f:f7: 55:55:c2:07:f2:c3:9e:18:28:82:61:28:df:57:88:ed:73:ed: f3:32:bb:96:db:1e:4c:37:7c:1f:d5:7c:8d:00:86:fc:4a:b0: 17:5d:1a:e9:ef:41:ee:c7:59:2c:d9:85:cc:c0:d6:d1:0a:80: bb:36:21:ac:78:e8:28:33:a3:c6:ed:68:8c:72:09:1e:38:91: b6:a9:48:22:f9:4b:36:31:05:d5:c5:10:88:d1:68:48:86:2b: f9:2c:85:c8:44:0b:68:bd:4c:d7:17:1c:04:f5:a7:46:74:a1: 32:d7:b8:b3:80:07:43:75:a7:a2:25:a9:d8:c1:46:db:f0:f1: 90:52:75:a4:c2:a1:44:d8:53:c8:66:89:70:bd:1a:f6:97:22: 08:df:34:ba:c0:72:55:74:f7:54:80:07:ab:f5:8f:c7:fb:4a: 62:3b:7b:ef:3f:b5:a8:c4:00:a8:60:58:7e:bc:0a:79:36:db: e8:ec:9b:da:ce:11:fe:d9:cb:05:03:65:a6:4f:c2:d2:0e:e8: 8c:e0:07:74:d4:3c:9c:fa:48:09:12:31:05:f0:34:4f:a5:51: d3:bb:71:8a