| Hostnames |
aurema-groupe.idsoft.net ip192.ip-178-33-46.eu |
| Domains | idsoft.net ip-178-33-46.eu |
| Country | France |
| City | Strasbourg |
| Organization | OVH SAS |
| ISP | OVH SAS |
| ASN | AS16276 |
1578623272 | 2025-01-05T01:38:06.12250480 / tcp
HTTP/1.1 200 READ_OK Connection: close Content-Type: text/html; charset=ISO-8859-1 Content-Length: 461 Cache-control: no-cache Date: Sun, 05 Jan 2025 01:38:10 GMT
1116056971 | 2025-01-04T03:32:15.73933788 / udp
Microsoft Windows Kerberos Server Time: 2025-01-04 03:32:15Z
625578014 | 2025-01-02T22:30:13.208523123 / udp
NTP protocolversion: 3 stratum: 5 leap: 0 precision: -23 rootdelay: 0.000335693359375 rootdisp: 0.0100708007812 refid: 1447908432 reftime: 3944845806.41 poll: 0
-1191565948 | 2024-12-26T05:32:20.981023135 / tcp
Microsoft RPC Endpoint Mapper 51a227ae-825b-41f2-b4a9-1ac9557a1018 version: v1.0 annotation: Ngc Pop Key Service ncacn_ip_tcp: 178.33.46.192:49704 ncalrpc: NETLOGON_LRPC ncacn_np: \\SRV-AUREMA\pipe\cf89da7a3804101e ncacn_ip_http: 178.33.46.192:49679 ncalrpc: NTDS_LPC ncalrpc: OLEBF874864597D560297CE29F7F122 ncacn_ip_tcp: 178.33.46.192:49670 ncacn_ip_tcp: 178.33.46.192:49664 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\SRV-AUREMA\pipe\lsass 8fb74744-b2ff-4c00-be0d-9ef9a191fe1b version: v1.0 annotation: Ngc Pop Key Service ncacn_ip_tcp: 178.33.46.192:49704 ncalrpc: NETLOGON_LRPC ncacn_np: \\SRV-AUREMA\pipe\cf89da7a3804101e ncacn_ip_http: 178.33.46.192:49679 ncalrpc: NTDS_LPC ncalrpc: OLEBF874864597D560297CE29F7F122 ncacn_ip_tcp: 178.33.46.192:49670 ncacn_ip_tcp: 178.33.46.192:49664 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\SRV-AUREMA\pipe\lsass b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86 version: v2.0 annotation: KeyIso ncacn_ip_tcp: 178.33.46.192:49704 ncalrpc: NETLOGON_LRPC ncacn_np: \\SRV-AUREMA\pipe\cf89da7a3804101e ncacn_ip_http: 178.33.46.192:49679 ncalrpc: NTDS_LPC ncalrpc: OLEBF874864597D560297CE29F7F122 ncacn_ip_tcp: 178.33.46.192:49670 ncacn_ip_tcp: 178.33.46.192:49664 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\SRV-AUREMA\pipe\lsass 12345678-1234-abcd-ef00-01234567cffb version: v1.0 protocol: [MS-NRPC]: Netlogon Remote Protocol provider: netlogon.dll ncacn_ip_tcp: 178.33.46.192:49704 ncalrpc: NETLOGON_LRPC ncacn_np: \\SRV-AUREMA\pipe\cf89da7a3804101e ncacn_ip_http: 178.33.46.192:49679 ncalrpc: NTDS_LPC ncalrpc: OLEBF874864597D560297CE29F7F122 ncacn_ip_tcp: 178.33.46.192:49670 ncacn_ip_tcp: 178.33.46.192:49664 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\SRV-AUREMA\pipe\lsass 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7 version: v0.0 annotation: RemoteAccessCheck protocol: [MS-RAA]: Remote Authorization API Protocol ncalrpc: NETLOGON_LRPC ncacn_np: \\SRV-AUREMA\pipe\cf89da7a3804101e ncacn_ip_http: 178.33.46.192:49679 ncalrpc: NTDS_LPC ncalrpc: OLEBF874864597D560297CE29F7F122 ncacn_ip_tcp: 178.33.46.192:49670 ncacn_ip_tcp: 178.33.46.192:49664 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\SRV-AUREMA\pipe\lsass ncalrpc: NETLOGON_LRPC ncacn_np: \\SRV-AUREMA\pipe\cf89da7a3804101e ncacn_ip_http: 178.33.46.192:49679 ncalrpc: NTDS_LPC ncalrpc: OLEBF874864597D560297CE29F7F122 ncacn_ip_tcp: 178.33.46.192:49670 ncacn_ip_tcp: 178.33.46.192:49664 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\SRV-AUREMA\pipe\lsass 12345778-1234-abcd-ef00-0123456789ab version: v0.0 protocol: [MS-LSAT]: Local Security Authority (Translation Methods) Remote provider: lsasrv.dll ncacn_np: \\SRV-AUREMA\pipe\cf89da7a3804101e ncacn_ip_http: 178.33.46.192:49679 ncalrpc: NTDS_LPC ncalrpc: OLEBF874864597D560297CE29F7F122 ncacn_ip_tcp: 178.33.46.192:49670 ncacn_ip_tcp: 178.33.46.192:49664 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\SRV-AUREMA\pipe\lsass e3514235-4b06-11d1-ab04-00c04fc2dcd2 version: v4.0 annotation: MS NT Directory DRS Interface protocol: [MS-DRSR]: Directory Replication Service (DRS) Remote Protocol provider: ntdsai.dll ncacn_np: \\SRV-AUREMA\pipe\cf89da7a3804101e ncacn_ip_http: 178.33.46.192:49679 ncalrpc: NTDS_LPC ncalrpc: OLEBF874864597D560297CE29F7F122 ncacn_ip_tcp: 178.33.46.192:49670 ncacn_ip_tcp: 178.33.46.192:49664 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\SRV-AUREMA\pipe\lsass c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 version: v1.0 annotation: Impl friendly name provider: sysntfy.dll ncalrpc: OLEBF874864597D560297CE29F7F122 ncacn_ip_tcp: 178.33.46.192:49670 ncacn_ip_tcp: 178.33.46.192:49664 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\SRV-AUREMA\pipe\lsass ncalrpc: LRPC-9aa64c1bc551d926b3 ncalrpc: LRPC-18a57648e04c4cfc0e ncalrpc: IUserProfile2 ncalrpc: LRPC-2ec69db05dc3f57431 ncalrpc: senssvc ncalrpc: LRPC-8780044ffa3fb402f7 12345778-1234-abcd-ef00-0123456789ac version: v1.0 protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol provider: samsrv.dll ncacn_ip_tcp: 178.33.46.192:49664 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\SRV-AUREMA\pipe\lsass d95afe70-a6d5-4259-822e-2c84da1ddb0d version: v1.0 protocol: [MS-RSP]: Remote Shutdown Protocol provider: wininit.exe ncacn_ip_tcp: 178.33.46.192:49665 ncalrpc: WindowsShutdown ncacn_np: \\SRV-AUREMA\PIPE\InitShutdown ncalrpc: WMsgKRpc050DC0 76f226c3-ec14-4325-8a99-6a46348418af version: v1.0 provider: winlogon.exe ncalrpc: WindowsShutdown ncacn_np: \\SRV-AUREMA\PIPE\InitShutdown ncalrpc: WMsgKRpc050DC0 ncalrpc: WMsgKRpc053481 fc48cd89-98d6-4628-9839-86f7a3e4161a version: v1.0 ncalrpc: dabrpc ncalrpc: csebpub ncalrpc: LRPC-38e185c9933a6a7462 ncalrpc: LRPC-4807a30cc216bf9c2f ncalrpc: LRPC-e3920b2855da08dab7 ncalrpc: LRPC-9af51fe06ec522a017 ncalrpc: OLE51E3DA65C07BE06402038F8A9230 ncalrpc: LRPC-db681776432849c49b ncalrpc: actkernel ncalrpc: umpo d09bdeb5-6171-4a34-bfe2-06fa82652568 version: v1.0 ncalrpc: csebpub ncalrpc: LRPC-38e185c9933a6a7462 ncalrpc: LRPC-4807a30cc216bf9c2f ncalrpc: LRPC-e3920b2855da08dab7 ncalrpc: LRPC-9af51fe06ec522a017 ncalrpc: OLE51E3DA65C07BE06402038F8A9230 ncalrpc: LRPC-db681776432849c49b ncalrpc: actkernel ncalrpc: umpo ncalrpc: LRPC-4807a30cc216bf9c2f ncalrpc: LRPC-e3920b2855da08dab7 ncalrpc: LRPC-9af51fe06ec522a017 ncalrpc: OLE51E3DA65C07BE06402038F8A9230 ncalrpc: LRPC-db681776432849c49b ncalrpc: actkernel ncalrpc: umpo ncalrpc: LRPC-e3920b2855da08dab7 ncalrpc: LRPC-9af51fe06ec522a017 ncalrpc: OLE51E3DA65C07BE06402038F8A9230 ncalrpc: LRPC-db681776432849c49b ncalrpc: actkernel ncalrpc: umpo ncalrpc: LRPC-784611ba854eeb0868 ncalrpc: LRPC-0b99422444dce786d1 697dcda9-3ba9-4eb2-9247-e11f1901b0d2 version: v1.0 ncalrpc: LRPC-38e185c9933a6a7462 ncalrpc: LRPC-4807a30cc216bf9c2f ncalrpc: LRPC-e3920b2855da08dab7 ncalrpc: LRPC-9af51fe06ec522a017 ncalrpc: OLE51E3DA65C07BE06402038F8A9230 ncalrpc: LRPC-db681776432849c49b ncalrpc: actkernel ncalrpc: umpo 9b008953-f195-4bf9-bde0-4471971e58ed version: v1.0 ncalrpc: LRPC-4807a30cc216bf9c2f ncalrpc: LRPC-e3920b2855da08dab7 ncalrpc: LRPC-9af51fe06ec522a017 ncalrpc: OLE51E3DA65C07BE06402038F8A9230 ncalrpc: LRPC-db681776432849c49b ncalrpc: actkernel ncalrpc: umpo 0d47017b-b33b-46ad-9e18-fe96456c5078 version: v1.0 ncalrpc: umpo 95406f0b-b239-4318-91bb-cea3a46ff0dc version: v1.0 ncalrpc: umpo 4ed8abcc-f1e2-438b-981f-bb0e8abc010c version: v1.0 ncalrpc: umpo 0ff1f646-13bb-400a-ab50-9a78f2b7a85a version: v1.0 ncalrpc: umpo 6982a06e-5fe2-46b1-b39c-a2c545bfa069 version: v1.0 ncalrpc: umpo 082a3471-31b6-422a-b931-a54401960c62 version: v1.0 ncalrpc: umpo fae436b0-b864-4a87-9eda-298547cd82f2 version: v1.0 ncalrpc: umpo e53d94ca-7464-4839-b044-09a2fb8b3ae5 version: v1.0 ncalrpc: umpo 178d84be-9291-4994-82c6-3f909aca5a03 version: v1.0 ncalrpc: umpo 4dace966-a243-4450-ae3f-9b7bcb5315b8 version: v2.0 ncalrpc: umpo 1832bcf6-cab8-41d4-85d2-c9410764f75a version: v1.0 ncalrpc: umpo c521facf-09a9-42c5-b155-72388595cbf0 version: v0.0 ncalrpc: umpo 2c7fd9ce-e706-4b40-b412-953107ef9bb0 version: v0.0 ncalrpc: umpo 88abcbc3-34ea-76ae-8215-767520655a23 version: v0.0 ncalrpc: LRPC-9af51fe06ec522a017 ncalrpc: OLE51E3DA65C07BE06402038F8A9230 ncalrpc: LRPC-db681776432849c49b ncalrpc: actkernel ncalrpc: umpo 76c217bc-c8b4-4201-a745-373ad9032b1a version: v1.0 ncalrpc: LRPC-9af51fe06ec522a017 ncalrpc: OLE51E3DA65C07BE06402038F8A9230 ncalrpc: LRPC-db681776432849c49b ncalrpc: actkernel ncalrpc: umpo 55e6b932-1979-45d6-90c5-7f6270724112 version: v1.0 ncalrpc: LRPC-9af51fe06ec522a017 ncalrpc: OLE51E3DA65C07BE06402038F8A9230 ncalrpc: LRPC-db681776432849c49b ncalrpc: actkernel ncalrpc: umpo 857fb1be-084f-4fb5-b59c-4b2c4be5f0cf version: v1.0 ncalrpc: OLE51E3DA65C07BE06402038F8A9230 ncalrpc: LRPC-db681776432849c49b ncalrpc: actkernel ncalrpc: umpo 20c40295-8dba-48e6-aebf-3e78ef3bb144 version: v2.0 ncalrpc: OLE51E3DA65C07BE06402038F8A9230 ncalrpc: LRPC-db681776432849c49b ncalrpc: actkernel ncalrpc: umpo 2513bcbe-6cd4-4348-855e-7efb3c336dd3 version: v2.0 ncalrpc: OLE51E3DA65C07BE06402038F8A9230 ncalrpc: LRPC-db681776432849c49b ncalrpc: actkernel ncalrpc: umpo 0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e version: v1.0 ncalrpc: LRPC-db681776432849c49b ncalrpc: actkernel ncalrpc: umpo c605f9fb-f0a3-4e2a-a073-73560f8d9e3e version: v1.0 ncalrpc: LRPC-db681776432849c49b ncalrpc: actkernel ncalrpc: umpo 1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0 version: v1.0 ncalrpc: LRPC-db681776432849c49b ncalrpc: actkernel ncalrpc: umpo 8bfc3be1-6def-4e2d-af74-7c47cd0ade4a version: v1.0 ncalrpc: LRPC-db681776432849c49b ncalrpc: actkernel ncalrpc: umpo 2d98a740-581d-41b9-aa0d-a88b9d5ce938 version: v1.0 ncalrpc: LRPC-db681776432849c49b ncalrpc: actkernel ncalrpc: umpo dd59071b-3215-4c59-8481-972edadc0f6a version: v1.0 ncalrpc: actkernel ncalrpc: umpo 0361ae94-0316-4c6c-8ad8-c594375800e2 version: v1.0 ncalrpc: umpo 5824833b-3c1a-4ad2-bdfd-c31d19e23ed2 version: v1.0 ncalrpc: umpo bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760 version: v1.0 ncalrpc: umpo 3b338d89-6cfa-44b8-847e-531531bc9992 version: v1.0 ncalrpc: umpo 8782d3b9-ebbd-4644-a3d8-e8725381919b version: v1.0 ncalrpc: umpo 085b0334-e454-4d91-9b8c-4134f9e793f3 version: v1.0 ncalrpc: umpo 4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9 version: v1.0 ncalrpc: umpo 7ea70bcf-48af-4f6a-8968-6a440754d5fa version: v1.0 annotation: NSI server endpoint provider: nsisvc.dll ncalrpc: LRPC-5814c44555c60238d3 a500d4c6-0dd1-4543-bc0c-d5f93486eaf8 version: v1.0 ncalrpc: LRPC-c025763f54daa83cff ncalrpc: LRPC-784611ba854eeb0868 e40f7b57-7a25-4cd3-a135-7f7d3df9d16b version: v1.0 ncalrpc: LRPC-26f72cc386ad34a3eb 880fd55e-43b9-11e0-b1a8-cf4edfd72085 version: v1.0 annotation: KAPI Service endpoint ncalrpc: LRPC-c6e11722129819c34a ncalrpc: OLE2F015C7CF5AB3D50F9CA61A3B755 ncalrpc: LRPC-0b99422444dce786d1 5222821f-d5e2-4885-84f1-5f6185a0ec41 version: v1.0 ncalrpc: LRPC-815def170db0e1371b 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6 version: v1.0 annotation: DHCPv6 Client LRPC Endpoint provider: dhcpcsvc6.dll ncalrpc: dhcpcsvc6 ncalrpc: dhcpcsvc 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5 version: v1.0 annotation: DHCP Client LRPC Endpoint provider: dhcpcsvc.dll ncalrpc: dhcpcsvc 30adc50c-5cbc-46ce-9a0e-91914789e23c version: v1.0 annotation: NRP server endpoint provider: nrpsrv.dll ncalrpc: LRPC-230e7dd191d5542691 ncalrpc: DNSResolver f6beaff7-1e19-4fbb-9f8f-b89e2018337c version: v1.0 annotation: Event log TCPIP protocol: [MS-EVEN6]: EventLog Remoting Protocol provider: wevtsvc.dll ncacn_ip_tcp: 178.33.46.192:49666 ncacn_np: \\SRV-AUREMA\pipe\eventlog ncalrpc: eventlog 89759fce-5a25-4086-8967-de12f39a60b5 version: v1.0 provider: tssdjet.dll ncacn_ip_tcp: 178.33.46.192:49667 ncalrpc: LcRpc ncalrpc: OLE1917BD8202F478FA4353506880B1 9b3195fe-d603-43d1-a0d5-9072d7cde122 version: v1.0 provider: tssdjet.dll ncacn_ip_tcp: 178.33.46.192:49667 ncalrpc: LcRpc ncalrpc: OLE1917BD8202F478FA4353506880B1 2eb08e3e-639f-4fba-97b1-14f878961076 version: v1.0 annotation: Group Policy RPC Interface provider: gpsvc.dll ncalrpc: LRPC-d2d095ca310abd5018 3f787932-3452-4363-8651-6ea97bb373bb version: v1.0 annotation: NSP Rpc Interface ncalrpc: LRPC-57bf4f90e129afcb2b ncalrpc: OLE3A36BA48229142EF7BA738AEEA72 3a9ef155-691d-4449-8d05-09ad57031823 version: v1.0 ncacn_ip_tcp: 178.33.46.192:49668 ncalrpc: LRPC-d600fcabda5a2b1095 ncalrpc: ubpmtaskhostchannel ncacn_np: \\SRV-AUREMA\PIPE\atsvc ncalrpc: LRPC-c0c7eca184f0c52096 86d35949-83c9-4044-b424-db363231fd0c version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: schedsvc.dll ncacn_ip_tcp: 178.33.46.192:49668 ncalrpc: LRPC-d600fcabda5a2b1095 ncalrpc: ubpmtaskhostchannel ncacn_np: \\SRV-AUREMA\PIPE\atsvc ncalrpc: LRPC-c0c7eca184f0c52096 33d84484-3626-47ee-8c6f-e7e98b113be1 version: v2.0 ncalrpc: LRPC-d600fcabda5a2b1095 ncalrpc: ubpmtaskhostchannel ncacn_np: \\SRV-AUREMA\PIPE\atsvc ncalrpc: LRPC-c0c7eca184f0c52096 378e52b0-c0a9-11cf-822d-00aa0051e40f version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: taskcomp.dll ncacn_np: \\SRV-AUREMA\PIPE\atsvc ncalrpc: LRPC-c0c7eca184f0c52096 1ff70682-0a51-30e8-076d-740be8cee98b version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: taskcomp.dll ncacn_np: \\SRV-AUREMA\PIPE\atsvc ncalrpc: LRPC-c0c7eca184f0c52096 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53 version: v1.0 provider: schedsvc.dll ncalrpc: LRPC-c0c7eca184f0c52096 3473dd4d-2e88-4006-9cba-22570909dd10 version: v5.256 annotation: WinHttp Auto-Proxy Service ncalrpc: 2c517e1e-379b-4e59-b399-ff689d7b098e ncalrpc: LRPC-e47f73ff7bf3386860 2fb92682-6599-42dc-ae13-bd2ca89bd11c version: v1.0 annotation: Fw APIs provider: MPSSVC.dll ncalrpc: LRPC-b6612c11f8de22c173 ncalrpc: LRPC-097248870faf7947e4 ncalrpc: LRPC-1fc350a3ebfff6276f ncalrpc: LRPC-153cf884647c30dd50 f47433c3-3e9d-4157-aad4-83aa1f5c2d4c version: v1.0 annotation: Fw APIs ncalrpc: LRPC-097248870faf7947e4 ncalrpc: LRPC-1fc350a3ebfff6276f ncalrpc: LRPC-153cf884647c30dd50 7f9d11bf-7fb9-436b-a812-b2d50c5d4c03 version: v1.0 annotation: Fw APIs provider: MPSSVC.dll ncalrpc: LRPC-1fc350a3ebfff6276f ncalrpc: LRPC-153cf884647c30dd50 dd490425-5325-4565-b774-7e27d6c09c24 version: v1.0 annotation: Base Firewall Engine API provider: BFE.DLL ncalrpc: LRPC-153cf884647c30dd50 13560fa9-8c09-4b56-a1fd-04d083b9b2a1 version: v1.0 ncalrpc: LRPC-ce20f0cebbbc661f7e ncalrpc: OLE14A4A7508C63755A48A110712922 c2d1b5dd-fa81-4460-9dd6-e7658b85454b version: v1.0 ncalrpc: LRPC-ce20f0cebbbc661f7e ncalrpc: OLE14A4A7508C63755A48A110712922 f44e62af-dab1-44c2-8013-049a9de417d6 version: v1.0 ncalrpc: LRPC-ce20f0cebbbc661f7e ncalrpc: OLE14A4A7508C63755A48A110712922 b37f900a-eae4-4304-a2ab-12bb668c0188 version: v1.0 ncalrpc: LRPC-ce20f0cebbbc661f7e ncalrpc: OLE14A4A7508C63755A48A110712922 abfb6ca3-0c5e-4734-9285-0aee72fe8d1c version: v1.0 ncalrpc: LRPC-ce20f0cebbbc661f7e ncalrpc: OLE14A4A7508C63755A48A110712922 7f1343fe-50a9-4927-a778-0c5859517bac version: v1.0 annotation: DfsDs service ncacn_np: \\SRV-AUREMA\PIPE\wkssvc ncalrpc: LRPC-ed00bad88cc5e742d0 eb081a0d-10ee-478a-a1dd-50995283e7a8 version: v3.0 annotation: Witness Client Test Interface ncalrpc: LRPC-ed00bad88cc5e742d0 f2c9b409-c1c9-4100-8639-d8ab1486694a version: v1.0 annotation: Witness Client Upcall Server ncalrpc: LRPC-ed00bad88cc5e742d0 c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1 version: v1.0 annotation: Adh APIs ncalrpc: OLE8F00A164590BD645C985EE8B1466 ncalrpc: TeredoControl ncalrpc: TeredoDiagnostics ncalrpc: LRPC-0db4da5072a7a6f68f c36be077-e14b-4fe9-8abc-e856ef4f048b version: v1.0 annotation: Proxy Manager client server endpoint ncalrpc: TeredoControl ncalrpc: TeredoDiagnostics ncalrpc: LRPC-0db4da5072a7a6f68f 2e6035b2-e8f1-41a7-a044-656b439c4c34 version: v1.0 annotation: Proxy Manager provider server endpoint ncalrpc: TeredoControl ncalrpc: TeredoDiagnostics ncalrpc: LRPC-0db4da5072a7a6f68f 552d076a-cb29-4e44-8b6a-d15e59e2c0af version: v1.0 annotation: IP Transition Configuration endpoint provider: iphlpsvc.dll ncalrpc: LRPC-0db4da5072a7a6f68f 0d3c7f20-1c8d-4654-a1b3-51563b298bda version: v1.0 annotation: UserMgrCli ncalrpc: LRPC-c4409d1c8206445d7d ncalrpc: OLE057EFD30ED4BB0F56918E7020B27 b18fbab6-56f8-4702-84e0-41053293a869 version: v1.0 annotation: UserMgrCli ncalrpc: LRPC-c4409d1c8206445d7d ncalrpc: OLE057EFD30ED4BB0F56918E7020B27 30b044a5-a225-43f0-b3a4-e060df91f9c1 version: v1.0 provider: certprop.dll ncalrpc: LRPC-48e065ffd8393b0c7d 29770a8f-829b-4158-90a2-78cd488501f7 version: v1.0 ncacn_ip_tcp: 178.33.46.192:49674 ncacn_np: \\SRV-AUREMA\pipe\SessEnvPublicRpc ncalrpc: SessEnvPrivateRpc ncalrpc: OLE0DECFBE916566CEE509BA41346FD ncalrpc: LRPC-8780044ffa3fb402f7 1a0d010f-1c33-432c-b0f5-8cf4e8053099 version: v1.0 annotation: IdSegSrv service ncalrpc: LRPC-5e20cbd5215cdbf640 98716d03-89ac-44c7-bb8c-285824e51c4a version: v1.0 annotation: XactSrv service provider: srvsvc.dll ncalrpc: LRPC-5e20cbd5215cdbf640 76f03f96-cdfd-44fc-a22c-64950a001209 version: v1.0 protocol: [MS-PAR]: Print System Asynchronous Remote Protocol provider: spoolsv.exe ncacn_ip_tcp: 178.33.46.192:49680 ncalrpc: LRPC-7b6d14563bdd49d271 4a452661-8290-4b36-8fbe-7f4093a94978 version: v1.0 provider: spoolsv.exe ncacn_ip_tcp: 178.33.46.192:49680 ncalrpc: LRPC-7b6d14563bdd49d271 ae33069b-a2a8-46ee-a235-ddfd339be281 version: v1.0 protocol: [MS-PAN]: Print System Asynchronous Notification Protocol provider: spoolsv.exe ncacn_ip_tcp: 178.33.46.192:49680 ncalrpc: LRPC-7b6d14563bdd49d271 0b6edbfa-4a24-4fc6-8a23-942b1eca65d1 version: v1.0 protocol: [MS-PAN]: Print System Asynchronous Notification Protocol provider: spoolsv.exe ncacn_ip_tcp: 178.33.46.192:49680 ncalrpc: LRPC-7b6d14563bdd49d271 12345678-1234-abcd-ef00-0123456789ab version: v1.0 protocol: [MS-RPRN]: Print System Remote Protocol provider: spoolsv.exe ncacn_ip_tcp: 178.33.46.192:49680 ncalrpc: LRPC-7b6d14563bdd49d271 b58aa02e-2884-4e97-8176-4ee06d794184 version: v1.0 provider: sysmain.dll ncalrpc: LRPC-b64df99e64d5d7fdda 1d45e083-478f-437c-9618-3594ced8c235 version: v1.0 ncalrpc: LRPC-0171db759936a4fe92 ncalrpc: OLE771F6E0162739B45F0CB87265635 98cd761e-e77d-41c8-a3c0-0fb756d90ec2 version: v1.0 ncalrpc: LRPC-0171db759936a4fe92 ncalrpc: OLE771F6E0162739B45F0CB87265635 d22895ef-aff4-42c5-a5b2-b14466d34ab4 version: v1.0 ncalrpc: LRPC-0171db759936a4fe92 ncalrpc: OLE771F6E0162739B45F0CB87265635 e38f5360-8572-473e-b696-1b46873beeab version: v1.0 ncalrpc: LRPC-0171db759936a4fe92 ncalrpc: OLE771F6E0162739B45F0CB87265635 95095ec8-32ea-4eb0-a3e2-041f97b36168 version: v1.0 ncalrpc: LRPC-0171db759936a4fe92 ncalrpc: OLE771F6E0162739B45F0CB87265635 fd8be72b-a9cd-4b2c-a9ca-4ded242fbe4d version: v1.0 ncalrpc: LRPC-0171db759936a4fe92 ncalrpc: OLE771F6E0162739B45F0CB87265635 4c9dbf19-d39e-4bb9-90ee-8f7179b20283 version: v1.0 ncalrpc: LRPC-0171db759936a4fe92 ncalrpc: OLE771F6E0162739B45F0CB87265635 d4051bde-9cdd-4910-b393-4aa85ec3c482 version: v1.0 ncalrpc: LRPC-0171db759936a4fe92 ncalrpc: OLE771F6E0162739B45F0CB87265635 7df1ceae-de4e-4e6f-ab14-49636e7c2052 version: v1.0 ncalrpc: LRPC-9babc413e4ee8f5048 3d267954-eeb7-11d1-b94e-00c04fa3080d version: v1.0 provider: lserver.dll ncacn_ip_tcp: 178.33.46.192:49686 ncacn_np: \\SRV-AUREMA\pipe\HydraLsPipe ncalrpc: LRPC-4d98da1dd66e53f489 2f5f6521-cb55-1059-b446-00df0bce31db version: v1.0 annotation: Unimodem LRPC Endpoint ncalrpc: unimdmsvc ncalrpc: tapsrvlpc ncacn_np: \\SRV-AUREMA\pipe\tapsrv 650a7e26-eab8-5533-ce43-9c1dfce11511 version: v1.0 annotation: Vpn APIs ncalrpc: LRPC-5ff88828abf4d682ca ncalrpc: VpnikeRpc ncalrpc: RasmanLrpc ncacn_np: \\SRV-AUREMA\PIPE\ROUTER f3f09ffd-fbcf-4291-944d-70ad6e0e73bb version: v1.0 ncalrpc: LRPC-4d14a64ddb2cb075e8 509bc7ae-77be-4ee8-b07c-0d096bb44345 version: v1.0 ncalrpc: LRPC-aa820d90c2f2d016ea ncalrpc: OLE2651A901F363E59500BFF4F5B393 367abb81-9844-35f1-ad32-98f038001003 version: v2.0 protocol: [MS-SCMR]: Service Control Manager Remote Protocol provider: services.exe ncacn_ip_tcp: 178.33.46.192:49711 ed96b012-c8ce-4f60-a682-35535b12ff75 version: v2.0 ncacn_ip_tcp: 178.33.46.192:5504 ncalrpc: OLE1ABF27CEF5D01CEA4181E507A3E0 32e36e84-4ba2-496c-ba85-fb450f325107 version: v2.0 ncalrpc: TSSessionDirectoryQueryApi ncacn_ip_tcp: 178.33.46.192:49712 c95fc993-f460-4763-a00d-bb3b9e5c7e2e version: v1.0 ncacn_ip_tcp: 178.33.46.192:49712 aa177641-fc9b-41bd-80ff-f964a701596f version: v1.0 provider: tssdis.exe ncacn_ip_tcp: 178.33.46.192:49712 c503f532-443a-4c69-8300-ccd1fbdb3839 version: v2.0 ncalrpc: LRPC-0a8f640d9706f549d0 ncalrpc: OLE3981D2E9BCA274D32160C8BBA9B1 d249bd56-4cc0-4fd3-8ce6-6fe050d590cb version: v0.0 ncalrpc: LRPC-2554c20b6d719c3c35 d8140e00-5c46-4ae6-80ac-2f9a76df224c version: v0.0 ncalrpc: LRPC-2554c20b6d719c3c35 906b0ce0-c70b-1067-b317-00dd010662da version: v1.0 protocol: [MS-CMPO]: MSDTC Connection Manager: provider: msdtcprx.dll ncalrpc: LRPC-340d42dab3afc445e6 ncalrpc: LRPC-340d42dab3afc445e6 ncalrpc: LRPC-340d42dab3afc445e6 0767a036-0d22-48aa-ba69-b619480f38cb version: v1.0 annotation: PcaSvc provider: pcasvc.dll ncalrpc: LRPC-b7b14042dd78abcc36 897e2e5f-93f3-4376-9c9c-fd2277495c27 version: v1.0 annotation: Frs2 Service protocol: [MS-FRS2]: Distributed File System Replication Protocol provider: dfsrmig.exe ncacn_ip_tcp: 178.33.46.192:49881 ncalrpc: OLEAA046E2C04A59B40FD5481A791AC bf4dc912-e52f-4904-8ebe-9317c1bdd497 version: v1.0 ncalrpc: LRPC-7255ed48503451700f ncalrpc: OLE30FB7E5DFF45D5460A114F2EB2CF 58e604e8-9adb-4d2e-a464-3b0683fb1480 version: v1.0 annotation: AppInfo provider: appinfo.dll ncalrpc: LRPC-5c2e2349ee13d6790f fd7a0523-dc70-43dd-9b2e-9c5ed48225b1 version: v1.0 annotation: AppInfo provider: appinfo.dll ncalrpc: LRPC-5c2e2349ee13d6790f 5f54ce7d-5b79-4175-8584-cb65313a0e98 version: v1.0 annotation: AppInfo provider: appinfo.dll ncalrpc: LRPC-5c2e2349ee13d6790f 201ef99a-7fa0-444c-9399-19ba84f12a1a version: v1.0 annotation: AppInfo provider: appinfo.dll ncalrpc: LRPC-5c2e2349ee13d6790f 0497b57d-2e66-424f-a0c6-157cd5d41700 version: v1.0 annotation: AppInfo ncalrpc: LRPC-5c2e2349ee13d6790f a4b8d482-80ce-40d6-934d-b22a01a44fe7 version: v1.0 annotation: LicenseManager ncalrpc: LicenseServiceEndpoint
1578623272 | 2024-12-30T02:41:21.656169443 / tcp
HTTP/1.1 200 READ_OK Connection: close Content-Type: text/html; charset=ISO-8859-1 Content-Length: 461 Cache-control: no-cache Date: Mon, 30 Dec 2024 02:41:25 GMT
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:34:8a:f7:19:e8:c9:19:13:13:ab:a7:a7:ce:88:25:37:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, O=Let's Encrypt, CN=R11
Validity
Not Before: Nov 30 00:01:57 2024 GMT
Not After : Feb 28 00:01:56 2025 GMT
Subject: CN=aurema-groupe.idsoft.net
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (3072 bit)
Modulus:
00:8d:7f:21:bf:fb:18:19:64:35:d0:13:1d:13:0b:
27:57:7a:0e:07:99:cc:b9:35:17:d5:f1:f2:3b:10:
6e:aa:74:52:5c:9c:54:6f:ec:12:32:82:ac:95:a8:
a7:37:06:33:e8:c7:9b:72:01:98:75:ad:4f:45:ec:
ea:06:89:32:fd:3b:e2:e0:1a:0e:14:98:0a:db:4c:
69:ab:5b:55:c3:bf:b7:06:15:9c:ee:76:e7:3c:e0:
61:55:01:24:c0:c1:42:9c:13:d4:7a:6f:ae:10:44:
17:40:80:36:c1:4e:40:e8:00:c4:28:68:5f:4a:7c:
53:40:2c:63:df:84:f2:b2:86:93:56:9e:b1:d8:55:
b2:10:c4:db:20:c5:c4:8b:95:07:30:af:97:ec:3b:
74:eb:60:46:20:4d:b7:80:8f:09:93:42:e5:73:bc:
44:50:3c:0a:ab:61:f7:d4:85:ff:27:25:94:a0:04:
3d:5c:e2:62:31:ab:10:c7:09:04:9c:cd:a4:3e:9d:
01:d3:3f:76:34:c2:c2:c3:cd:bd:77:e5:c4:4d:23:
ee:4a:8f:7a:eb:71:a1:6c:49:2f:91:3e:d4:c8:71:
f4:13:82:49:0a:5a:12:28:02:52:bd:52:f5:77:b6:
15:e4:98:f4:f5:32:14:b8:a1:bd:0f:89:25:71:2c:
c7:88:0c:3c:7b:72:cb:07:99:5d:42:ee:3f:ff:b1:
7c:f1:4b:bd:3f:70:b9:e2:56:94:53:45:3c:c4:c4:
d5:06:06:e4:dc:bf:51:1b:38:6e:41:9f:83:bd:80:
42:d9:8d:ba:19:34:f5:2a:98:6a:7e:16:d5:ae:25:
65:73:3e:16:cf:08:5c:4c:d0:22:a1:b5:27:93:c1:
a3:c3:e9:4e:5d:42:40:eb:af:14:1f:1f:64:38:6b:
d0:83:e1:a7:56:d6:df:8b:2f:67:6e:df:20:78:84:
03:41:b8:ec:da:64:a4:0c:95:60:fa:4c:6e:89:39:
97:ad:bc:58:63:43:02:b9:5e:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Subject Key Identifier:
DC:5A:A0:C6:FB:14:D3:3C:E1:FB:0E:3C:F4:EF:C4:39:C9:15:3B:73
X509v3 Authority Key Identifier:
C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9
Authority Information Access:
OCSP - URI:http://r11.o.lencr.org
CA Issuers - URI:http://r11.i.lencr.org/
X509v3 Subject Alternative Name:
DNS:aurema-groupe.idsoft.net
X509v3 Certificate Policies:
Policy: 2.23.140.1.2.1
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
Timestamp : Nov 30 01:00:27.823 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:7A:E6:7D:0F:27:41:27:2B:54:AB:EA:14:
58:24:F0:A1:47:DE:59:98:A2:A3:95:76:58:B5:64:DB:
D5:96:46:F4:02:21:00:8E:80:CF:79:C4:12:25:3A:E0:
1A:8E:9C:12:55:5C:FD:AC:07:88:63:1E:F2:11:A6:BB:
C5:7B:E3:E3:C0:24:BA
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
Timestamp : Nov 30 01:00:29.874 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:94:58:5B:AB:E5:57:9F:ED:F3:5B:A0:
60:25:ED:05:A8:44:12:64:AF:CD:1B:27:29:89:D6:9F:
C4:BB:FC:90:54:02:20:6F:D3:BF:14:9B:ED:FE:4B:37:
DD:C7:E9:F0:DF:DE:8E:88:94:5A:A0:92:B3:D0:D1:AD:
C9:AD:E8:88:89:AB:81
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
53:fd:53:d3:74:3c:23:29:62:1f:dc:f2:69:58:95:0e:56:f2:
10:d9:e3:7e:ba:f1:eb:38:d0:20:57:15:93:34:1a:5d:1d:0f:
39:39:d2:13:2a:b2:48:08:86:04:0b:05:e6:ea:ef:26:eb:72:
a8:d3:c0:ae:c8:dc:1d:6b:51:10:3b:4a:c0:0d:bd:3a:37:73:
bc:80:57:bc:f6:23:82:67:f5:38:e3:5d:c3:f0:65:2d:b8:4d:
ac:c3:90:bc:7a:a8:77:df:a5:7c:fa:59:bc:80:ae:fb:e3:f3:
d9:1e:bb:48:93:75:b6:6f:a9:e9:25:27:6f:ee:9b:5e:db:9e:
7b:bf:ca:ae:24:cd:43:b8:ba:94:c1:31:e7:49:19:34:35:be:
8b:6e:45:12:cf:bf:a7:45:06:ae:f2:fd:fe:76:87:61:a6:eb:
98:4e:1a:21:30:e6:cc:1b:0f:ae:92:cd:92:14:dd:82:3f:9b:
e2:aa:94:c6:b2:61:ac:13:37:59:bd:b6:1c:bc:3b:26:98:71:
7b:6c:7f:36:aa:63:46:63:09:94:b9:88:a6:0d:92:f5:58:b4:
d9:14:cc:8a:14:14:49:ef:60:12:56:52:78:98:26:59:45:b8:
57:a4:33:7b:2f:99:1f:be:6d:1d:ba:7e:89:45:cf:76:d3:f9:
ec:4f:0f:60
-1166656618 | 2025-01-03T15:12:29.140647445 / tcp
SMB Status: Authentication: enabled SMB Version: 2 Capabilities: raw-mode
-902649973 | 2024-12-29T10:45:46.470975593 / tcp
ncacn_http/1.0 Microsoft RPC Endpoint Mapper over HTTP 51a227ae-825b-41f2-b4a9-1ac9557a1018 version: v1.0 annotation: Ngc Pop Key Service ncacn_ip_tcp: 178.33.46.192:49704 ncalrpc: NETLOGON_LRPC ncacn_np: \\SRV-AUREMA\pipe\cf89da7a3804101e ncacn_ip_http: 178.33.46.192:49679 ncalrpc: NTDS_LPC ncalrpc: OLEBF874864597D560297CE29F7F122 ncacn_ip_tcp: 178.33.46.192:49670 ncacn_ip_tcp: 178.33.46.192:49664 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\SRV-AUREMA\pipe\lsass 8fb74744-b2ff-4c00-be0d-9ef9a191fe1b version: v1.0 annotation: Ngc Pop Key Service ncacn_ip_tcp: 178.33.46.192:49704 ncalrpc: NETLOGON_LRPC ncacn_np: \\SRV-AUREMA\pipe\cf89da7a3804101e ncacn_ip_http: 178.33.46.192:49679 ncalrpc: NTDS_LPC ncalrpc: OLEBF874864597D560297CE29F7F122 ncacn_ip_tcp: 178.33.46.192:49670 ncacn_ip_tcp: 178.33.46.192:49664 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\SRV-AUREMA\pipe\lsass b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86 version: v2.0 annotation: KeyIso ncacn_ip_tcp: 178.33.46.192:49704 ncalrpc: NETLOGON_LRPC ncacn_np: \\SRV-AUREMA\pipe\cf89da7a3804101e ncacn_ip_http: 178.33.46.192:49679 ncalrpc: NTDS_LPC ncalrpc: OLEBF874864597D560297CE29F7F122 ncacn_ip_tcp: 178.33.46.192:49670 ncacn_ip_tcp: 178.33.46.192:49664 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\SRV-AUREMA\pipe\lsass 12345678-1234-abcd-ef00-01234567cffb version: v1.0 protocol: [MS-NRPC]: Netlogon Remote Protocol provider: netlogon.dll ncacn_ip_tcp: 178.33.46.192:49704 ncalrpc: NETLOGON_LRPC ncacn_np: \\SRV-AUREMA\pipe\cf89da7a3804101e ncacn_ip_http: 178.33.46.192:49679 ncalrpc: NTDS_LPC ncalrpc: OLEBF874864597D560297CE29F7F122 ncacn_ip_tcp: 178.33.46.192:49670 ncacn_ip_tcp: 178.33.46.192:49664 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\SRV-AUREMA\pipe\lsass 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7 version: v0.0 annotation: RemoteAccessCheck protocol: [MS-RAA]: Remote Authorization API Protocol ncalrpc: NETLOGON_LRPC ncacn_np: \\SRV-AUREMA\pipe\cf89da7a3804101e ncacn_ip_http: 178.33.46.192:49679 ncalrpc: NTDS_LPC ncalrpc: OLEBF874864597D560297CE29F7F122 ncacn_ip_tcp: 178.33.46.192:49670 ncacn_ip_tcp: 178.33.46.192:49664 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\SRV-AUREMA\pipe\lsass ncalrpc: NETLOGON_LRPC ncacn_np: \\SRV-AUREMA\pipe\cf89da7a3804101e ncacn_ip_http: 178.33.46.192:49679 ncalrpc: NTDS_LPC ncalrpc: OLEBF874864597D560297CE29F7F122 ncacn_ip_tcp: 178.33.46.192:49670 ncacn_ip_tcp: 178.33.46.192:49664 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\SRV-AUREMA\pipe\lsass 12345778-1234-abcd-ef00-0123456789ab version: v0.0 protocol: [MS-LSAT]: Local Security Authority (Translation Methods) Remote provider: lsasrv.dll ncacn_np: \\SRV-AUREMA\pipe\cf89da7a3804101e ncacn_ip_http: 178.33.46.192:49679 ncalrpc: NTDS_LPC ncalrpc: OLEBF874864597D560297CE29F7F122 ncacn_ip_tcp: 178.33.46.192:49670 ncacn_ip_tcp: 178.33.46.192:49664 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\SRV-AUREMA\pipe\lsass e3514235-4b06-11d1-ab04-00c04fc2dcd2 version: v4.0 annotation: MS NT Directory DRS Interface protocol: [MS-DRSR]: Directory Replication Service (DRS) Remote Protocol provider: ntdsai.dll ncacn_np: \\SRV-AUREMA\pipe\cf89da7a3804101e ncacn_ip_http: 178.33.46.192:49679 ncalrpc: NTDS_LPC ncalrpc: OLEBF874864597D560297CE29F7F122 ncacn_ip_tcp: 178.33.46.192:49670 ncacn_ip_tcp: 178.33.46.192:49664 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\SRV-AUREMA\pipe\lsass c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 version: v1.0 annotation: Impl friendly name provider: sysntfy.dll ncalrpc: OLEBF874864597D560297CE29F7F122 ncacn_ip_tcp: 178.33.46.192:49670 ncacn_ip_tcp: 178.33.46.192:49664 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\SRV-AUREMA\pipe\lsass ncalrpc: LRPC-9aa64c1bc551d926b3 ncalrpc: LRPC-18a57648e04c4cfc0e ncalrpc: IUserProfile2 ncalrpc: LRPC-2ec69db05dc3f57431 ncalrpc: senssvc ncalrpc: LRPC-8780044ffa3fb402f7 12345778-1234-abcd-ef00-0123456789ac version: v1.0 protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol provider: samsrv.dll ncacn_ip_tcp: 178.33.46.192:49664 ncalrpc: MicrosoftLaps_LRPC_0fb2f016-fe45-4a08-a7f9-a467f5e5fa0b ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\SRV-AUREMA\pipe\lsass d95afe70-a6d5-4259-822e-2c84da1ddb0d version: v1.0 protocol: [MS-RSP]: Remote Shutdown Protocol provider: wininit.exe ncacn_ip_tcp: 178.33.46.192:49665 ncalrpc: WindowsShutdown ncacn_np: \\SRV-AUREMA\PIPE\InitShutdown ncalrpc: WMsgKRpc050DC0 76f226c3-ec14-4325-8a99-6a46348418af version: v1.0 provider: winlogon.exe ncalrpc: WindowsShutdown ncacn_np: \\SRV-AUREMA\PIPE\InitShutdown ncalrpc: WMsgKRpc050DC0 ncalrpc: WMsgKRpc053481 fc48cd89-98d6-4628-9839-86f7a3e4161a version: v1.0 ncalrpc: dabrpc ncalrpc: csebpub ncalrpc: LRPC-38e185c9933a6a7462 ncalrpc: LRPC-4807a30cc216bf9c2f ncalrpc: LRPC-e3920b2855da08dab7 ncalrpc: LRPC-9af51fe06ec522a017 ncalrpc: OLE51E3DA65C07BE06402038F8A9230 ncalrpc: LRPC-db681776432849c49b ncalrpc: actkernel ncalrpc: umpo d09bdeb5-6171-4a34-bfe2-06fa82652568 version: v1.0 ncalrpc: csebpub ncalrpc: LRPC-38e185c9933a6a7462 ncalrpc: LRPC-4807a30cc216bf9c2f ncalrpc: LRPC-e3920b2855da08dab7 ncalrpc: LRPC-9af51fe06ec522a017 ncalrpc: OLE51E3DA65C07BE06402038F8A9230 ncalrpc: LRPC-db681776432849c49b ncalrpc: actkernel ncalrpc: umpo ncalrpc: LRPC-4807a30cc216bf9c2f ncalrpc: LRPC-e3920b2855da08dab7 ncalrpc: LRPC-9af51fe06ec522a017 ncalrpc: OLE51E3DA65C07BE06402038F8A9230 ncalrpc: LRPC-db681776432849c49b ncalrpc: actkernel ncalrpc: umpo ncalrpc: LRPC-e3920b2855da08dab7 ncalrpc: LRPC-9af51fe06ec522a017 ncalrpc: OLE51E3DA65C07BE06402038F8A9230 ncalrpc: LRPC-db681776432849c49b ncalrpc: actkernel ncalrpc: umpo ncalrpc: LRPC-784611ba854eeb0868 ncalrpc: LRPC-0b99422444dce786d1 697dcda9-3ba9-4eb2-9247-e11f1901b0d2 version: v1.0 ncalrpc: LRPC-38e185c9933a6a7462 ncalrpc: LRPC-4807a30cc216bf9c2f ncalrpc: LRPC-e3920b2855da08dab7 ncalrpc: LRPC-9af51fe06ec522a017 ncalrpc: OLE51E3DA65C07BE06402038F8A9230 ncalrpc: LRPC-db681776432849c49b ncalrpc: actkernel ncalrpc: umpo 9b008953-f195-4bf9-bde0-4471971e58ed version: v1.0 ncalrpc: LRPC-4807a30cc216bf9c2f ncalrpc: LRPC-e3920b2855da08dab7 ncalrpc: LRPC-9af51fe06ec522a017 ncalrpc: OLE51E3DA65C07BE06402038F8A9230 ncalrpc: LRPC-db681776432849c49b ncalrpc: actkernel ncalrpc: umpo 0d47017b-b33b-46ad-9e18-fe96456c5078 version: v1.0 ncalrpc: umpo 95406f0b-b239-4318-91bb-cea3a46ff0dc version: v1.0 ncalrpc: umpo 4ed8abcc-f1e2-438b-981f-bb0e8abc010c version: v1.0 ncalrpc: umpo 0ff1f646-13bb-400a-ab50-9a78f2b7a85a version: v1.0 ncalrpc: umpo 6982a06e-5fe2-46b1-b39c-a2c545bfa069 version: v1.0 ncalrpc: umpo 082a3471-31b6-422a-b931-a54401960c62 version: v1.0 ncalrpc: umpo fae436b0-b864-4a87-9eda-298547cd82f2 version: v1.0 ncalrpc: umpo e53d94ca-7464-4839-b044-09a2fb8b3ae5 version: v1.0 ncalrpc: umpo 178d84be-9291-4994-82c6-3f909aca5a03 version: v1.0 ncalrpc: umpo 4dace966-a243-4450-ae3f-9b7bcb5315b8 version: v2.0 ncalrpc: umpo 1832bcf6-cab8-41d4-85d2-c9410764f75a version: v1.0 ncalrpc: umpo c521facf-09a9-42c5-b155-72388595cbf0 version: v0.0 ncalrpc: umpo 2c7fd9ce-e706-4b40-b412-953107ef9bb0 version: v0.0 ncalrpc: umpo 88abcbc3-34ea-76ae-8215-767520655a23 version: v0.0 ncalrpc: LRPC-9af51fe06ec522a017 ncalrpc: OLE51E3DA65C07BE06402038F8A9230 ncalrpc: LRPC-db681776432849c49b ncalrpc: actkernel ncalrpc: umpo 76c217bc-c8b4-4201-a745-373ad9032b1a version: v1.0 ncalrpc: LRPC-9af51fe06ec522a017 ncalrpc: OLE51E3DA65C07BE06402038F8A9230 ncalrpc: LRPC-db681776432849c49b ncalrpc: actkernel ncalrpc: umpo 55e6b932-1979-45d6-90c5-7f6270724112 version: v1.0 ncalrpc: LRPC-9af51fe06ec522a017 ncalrpc: OLE51E3DA65C07BE06402038F8A9230 ncalrpc: LRPC-db681776432849c49b ncalrpc: actkernel ncalrpc: umpo 857fb1be-084f-4fb5-b59c-4b2c4be5f0cf version: v1.0 ncalrpc: OLE51E3DA65C07BE06402038F8A9230 ncalrpc: LRPC-db681776432849c49b ncalrpc: actkernel ncalrpc: umpo 20c40295-8dba-48e6-aebf-3e78ef3bb144 version: v2.0 ncalrpc: OLE51E3DA65C07BE06402038F8A9230 ncalrpc: LRPC-db681776432849c49b ncalrpc: actkernel ncalrpc: umpo 2513bcbe-6cd4-4348-855e-7efb3c336dd3 version: v2.0 ncalrpc: OLE51E3DA65C07BE06402038F8A9230 ncalrpc: LRPC-db681776432849c49b ncalrpc: actkernel ncalrpc: umpo 0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e version: v1.0 ncalrpc: LRPC-db681776432849c49b ncalrpc: actkernel ncalrpc: umpo c605f9fb-f0a3-4e2a-a073-73560f8d9e3e version: v1.0 ncalrpc: LRPC-db681776432849c49b ncalrpc: actkernel ncalrpc: umpo 1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0 version: v1.0 ncalrpc: LRPC-db681776432849c49b ncalrpc: actkernel ncalrpc: umpo 8bfc3be1-6def-4e2d-af74-7c47cd0ade4a version: v1.0 ncalrpc: LRPC-db681776432849c49b ncalrpc: actkernel ncalrpc: umpo 2d98a740-581d-41b9-aa0d-a88b9d5ce938 version: v1.0 ncalrpc: LRPC-db681776432849c49b ncalrpc: actkernel ncalrpc: umpo dd59071b-3215-4c59-8481-972edadc0f6a version: v1.0 ncalrpc: actkernel ncalrpc: umpo 0361ae94-0316-4c6c-8ad8-c594375800e2 version: v1.0 ncalrpc: umpo 5824833b-3c1a-4ad2-bdfd-c31d19e23ed2 version: v1.0 ncalrpc: umpo bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760 version: v1.0 ncalrpc: umpo 3b338d89-6cfa-44b8-847e-531531bc9992 version: v1.0 ncalrpc: umpo 8782d3b9-ebbd-4644-a3d8-e8725381919b version: v1.0 ncalrpc: umpo 085b0334-e454-4d91-9b8c-4134f9e793f3 version: v1.0 ncalrpc: umpo 4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9 version: v1.0 ncalrpc: umpo 7ea70bcf-48af-4f6a-8968-6a440754d5fa version: v1.0 annotation: NSI server endpoint provider: nsisvc.dll ncalrpc: LRPC-5814c44555c60238d3 a500d4c6-0dd1-4543-bc0c-d5f93486eaf8 version: v1.0 ncalrpc: LRPC-c025763f54daa83cff ncalrpc: LRPC-784611ba854eeb0868 e40f7b57-7a25-4cd3-a135-7f7d3df9d16b version: v1.0 ncalrpc: LRPC-26f72cc386ad34a3eb 880fd55e-43b9-11e0-b1a8-cf4edfd72085 version: v1.0 annotation: KAPI Service endpoint ncalrpc: LRPC-c6e11722129819c34a ncalrpc: OLE2F015C7CF5AB3D50F9CA61A3B755 ncalrpc: LRPC-0b99422444dce786d1 5222821f-d5e2-4885-84f1-5f6185a0ec41 version: v1.0 ncalrpc: LRPC-815def170db0e1371b 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6 version: v1.0 annotation: DHCPv6 Client LRPC Endpoint provider: dhcpcsvc6.dll ncalrpc: dhcpcsvc6 ncalrpc: dhcpcsvc 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5 version: v1.0 annotation: DHCP Client LRPC Endpoint provider: dhcpcsvc.dll ncalrpc: dhcpcsvc 30adc50c-5cbc-46ce-9a0e-91914789e23c version: v1.0 annotation: NRP server endpoint provider: nrpsrv.dll ncalrpc: LRPC-230e7dd191d5542691 ncalrpc: DNSResolver f6beaff7-1e19-4fbb-9f8f-b89e2018337c version: v1.0 annotation: Event log TCPIP protocol: [MS-EVEN6]: EventLog Remoting Protocol provider: wevtsvc.dll ncacn_ip_tcp: 178.33.46.192:49666 ncacn_np: \\SRV-AUREMA\pipe\eventlog ncalrpc: eventlog 89759fce-5a25-4086-8967-de12f39a60b5 version: v1.0 provider: tssdjet.dll ncacn_ip_tcp: 178.33.46.192:49667 ncalrpc: LcRpc ncalrpc: OLE1917BD8202F478FA4353506880B1 9b3195fe-d603-43d1-a0d5-9072d7cde122 version: v1.0 provider: tssdjet.dll ncacn_ip_tcp: 178.33.46.192:49667 ncalrpc: LcRpc ncalrpc: OLE1917BD8202F478FA4353506880B1 2eb08e3e-639f-4fba-97b1-14f878961076 version: v1.0 annotation: Group Policy RPC Interface provider: gpsvc.dll ncalrpc: LRPC-d2d095ca310abd5018 3f787932-3452-4363-8651-6ea97bb373bb version: v1.0 annotation: NSP Rpc Interface ncalrpc: LRPC-57bf4f90e129afcb2b ncalrpc: OLE3A36BA48229142EF7BA738AEEA72 3a9ef155-691d-4449-8d05-09ad57031823 version: v1.0 ncacn_ip_tcp: 178.33.46.192:49668 ncalrpc: LRPC-d600fcabda5a2b1095 ncalrpc: ubpmtaskhostchannel ncacn_np: \\SRV-AUREMA\PIPE\atsvc ncalrpc: LRPC-c0c7eca184f0c52096 86d35949-83c9-4044-b424-db363231fd0c version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: schedsvc.dll ncacn_ip_tcp: 178.33.46.192:49668 ncalrpc: LRPC-d600fcabda5a2b1095 ncalrpc: ubpmtaskhostchannel ncacn_np: \\SRV-AUREMA\PIPE\atsvc ncalrpc: LRPC-c0c7eca184f0c52096 33d84484-3626-47ee-8c6f-e7e98b113be1 version: v2.0 ncalrpc: LRPC-d600fcabda5a2b1095 ncalrpc: ubpmtaskhostchannel ncacn_np: \\SRV-AUREMA\PIPE\atsvc ncalrpc: LRPC-c0c7eca184f0c52096 378e52b0-c0a9-11cf-822d-00aa0051e40f version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: taskcomp.dll ncacn_np: \\SRV-AUREMA\PIPE\atsvc ncalrpc: LRPC-c0c7eca184f0c52096 1ff70682-0a51-30e8-076d-740be8cee98b version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: taskcomp.dll ncacn_np: \\SRV-AUREMA\PIPE\atsvc ncalrpc: LRPC-c0c7eca184f0c52096 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53 version: v1.0 provider: schedsvc.dll ncalrpc: LRPC-c0c7eca184f0c52096 3473dd4d-2e88-4006-9cba-22570909dd10 version: v5.256 annotation: WinHttp Auto-Proxy Service ncalrpc: 2c517e1e-379b-4e59-b399-ff689d7b098e ncalrpc: LRPC-e47f73ff7bf3386860 2fb92682-6599-42dc-ae13-bd2ca89bd11c version: v1.0 annotation: Fw APIs provider: MPSSVC.dll ncalrpc: LRPC-b6612c11f8de22c173 ncalrpc: LRPC-097248870faf7947e4 ncalrpc: LRPC-1fc350a3ebfff6276f ncalrpc: LRPC-153cf884647c30dd50 f47433c3-3e9d-4157-aad4-83aa1f5c2d4c version: v1.0 annotation: Fw APIs ncalrpc: LRPC-097248870faf7947e4 ncalrpc: LRPC-1fc350a3ebfff6276f ncalrpc: LRPC-153cf884647c30dd50 7f9d11bf-7fb9-436b-a812-b2d50c5d4c03 version: v1.0 annotation: Fw APIs provider: MPSSVC.dll ncalrpc: LRPC-1fc350a3ebfff6276f ncalrpc: LRPC-153cf884647c30dd50 dd490425-5325-4565-b774-7e27d6c09c24 version: v1.0 annotation: Base Firewall Engine API provider: BFE.DLL ncalrpc: LRPC-153cf884647c30dd50 13560fa9-8c09-4b56-a1fd-04d083b9b2a1 version: v1.0 ncalrpc: LRPC-ce20f0cebbbc661f7e ncalrpc: OLE14A4A7508C63755A48A110712922 c2d1b5dd-fa81-4460-9dd6-e7658b85454b version: v1.0 ncalrpc: LRPC-ce20f0cebbbc661f7e ncalrpc: OLE14A4A7508C63755A48A110712922 f44e62af-dab1-44c2-8013-049a9de417d6 version: v1.0 ncalrpc: LRPC-ce20f0cebbbc661f7e ncalrpc: OLE14A4A7508C63755A48A110712922 b37f900a-eae4-4304-a2ab-12bb668c0188 version: v1.0 ncalrpc: LRPC-ce20f0cebbbc661f7e ncalrpc: OLE14A4A7508C63755A48A110712922 abfb6ca3-0c5e-4734-9285-0aee72fe8d1c version: v1.0 ncalrpc: LRPC-ce20f0cebbbc661f7e ncalrpc: OLE14A4A7508C63755A48A110712922 7f1343fe-50a9-4927-a778-0c5859517bac version: v1.0 annotation: DfsDs service ncacn_np: \\SRV-AUREMA\PIPE\wkssvc ncalrpc: LRPC-ed00bad88cc5e742d0 eb081a0d-10ee-478a-a1dd-50995283e7a8 version: v3.0 annotation: Witness Client Test Interface ncalrpc: LRPC-ed00bad88cc5e742d0 f2c9b409-c1c9-4100-8639-d8ab1486694a version: v1.0 annotation: Witness Client Upcall Server ncalrpc: LRPC-ed00bad88cc5e742d0 c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1 version: v1.0 annotation: Adh APIs ncalrpc: OLE8F00A164590BD645C985EE8B1466 ncalrpc: TeredoControl ncalrpc: TeredoDiagnostics ncalrpc: LRPC-0db4da5072a7a6f68f c36be077-e14b-4fe9-8abc-e856ef4f048b version: v1.0 annotation: Proxy Manager client server endpoint ncalrpc: TeredoControl ncalrpc: TeredoDiagnostics ncalrpc: LRPC-0db4da5072a7a6f68f 2e6035b2-e8f1-41a7-a044-656b439c4c34 version: v1.0 annotation: Proxy Manager provider server endpoint ncalrpc: TeredoControl ncalrpc: TeredoDiagnostics ncalrpc: LRPC-0db4da5072a7a6f68f 552d076a-cb29-4e44-8b6a-d15e59e2c0af version: v1.0 annotation: IP Transition Configuration endpoint provider: iphlpsvc.dll ncalrpc: LRPC-0db4da5072a7a6f68f 0d3c7f20-1c8d-4654-a1b3-51563b298bda version: v1.0 annotation: UserMgrCli ncalrpc: LRPC-c4409d1c8206445d7d ncalrpc: OLE057EFD30ED4BB0F56918E7020B27 b18fbab6-56f8-4702-84e0-41053293a869 version: v1.0 annotation: UserMgrCli ncalrpc: LRPC-c4409d1c8206445d7d ncalrpc: OLE057EFD30ED4BB0F56918E7020B27 30b044a5-a225-43f0-b3a4-e060df91f9c1 version: v1.0 provider: certprop.dll ncalrpc: LRPC-48e065ffd8393b0c7d 29770a8f-829b-4158-90a2-78cd488501f7 version: v1.0 ncacn_ip_tcp: 178.33.46.192:49674 ncacn_np: \\SRV-AUREMA\pipe\SessEnvPublicRpc ncalrpc: SessEnvPrivateRpc ncalrpc: OLE0DECFBE916566CEE509BA41346FD ncalrpc: LRPC-8780044ffa3fb402f7 1a0d010f-1c33-432c-b0f5-8cf4e8053099 version: v1.0 annotation: IdSegSrv service ncalrpc: LRPC-5e20cbd5215cdbf640 98716d03-89ac-44c7-bb8c-285824e51c4a version: v1.0 annotation: XactSrv service provider: srvsvc.dll ncalrpc: LRPC-5e20cbd5215cdbf640 76f03f96-cdfd-44fc-a22c-64950a001209 version: v1.0 protocol: [MS-PAR]: Print System Asynchronous Remote Protocol provider: spoolsv.exe ncacn_ip_tcp: 178.33.46.192:49680 ncalrpc: LRPC-7b6d14563bdd49d271 4a452661-8290-4b36-8fbe-7f4093a94978 version: v1.0 provider: spoolsv.exe ncacn_ip_tcp: 178.33.46.192:49680 ncalrpc: LRPC-7b6d14563bdd49d271 ae33069b-a2a8-46ee-a235-ddfd339be281 version: v1.0 protocol: [MS-PAN]: Print System Asynchronous Notification Protocol provider: spoolsv.exe ncacn_ip_tcp: 178.33.46.192:49680 ncalrpc: LRPC-7b6d14563bdd49d271 0b6edbfa-4a24-4fc6-8a23-942b1eca65d1 version: v1.0 protocol: [MS-PAN]: Print System Asynchronous Notification Protocol provider: spoolsv.exe ncacn_ip_tcp: 178.33.46.192:49680 ncalrpc: LRPC-7b6d14563bdd49d271 12345678-1234-abcd-ef00-0123456789ab version: v1.0 protocol: [MS-RPRN]: Print System Remote Protocol provider: spoolsv.exe ncacn_ip_tcp: 178.33.46.192:49680 ncalrpc: LRPC-7b6d14563bdd49d271 b58aa02e-2884-4e97-8176-4ee06d794184 version: v1.0 provider: sysmain.dll ncalrpc: LRPC-b64df99e64d5d7fdda 1d45e083-478f-437c-9618-3594ced8c235 version: v1.0 ncalrpc: LRPC-0171db759936a4fe92 ncalrpc: OLE771F6E0162739B45F0CB87265635 98cd761e-e77d-41c8-a3c0-0fb756d90ec2 version: v1.0 ncalrpc: LRPC-0171db759936a4fe92 ncalrpc: OLE771F6E0162739B45F0CB87265635 d22895ef-aff4-42c5-a5b2-b14466d34ab4 version: v1.0 ncalrpc: LRPC-0171db759936a4fe92 ncalrpc: OLE771F6E0162739B45F0CB87265635 e38f5360-8572-473e-b696-1b46873beeab version: v1.0 ncalrpc: LRPC-0171db759936a4fe92 ncalrpc: OLE771F6E0162739B45F0CB87265635 95095ec8-32ea-4eb0-a3e2-041f97b36168 version: v1.0 ncalrpc: LRPC-0171db759936a4fe92 ncalrpc: OLE771F6E0162739B45F0CB87265635 fd8be72b-a9cd-4b2c-a9ca-4ded242fbe4d version: v1.0 ncalrpc: LRPC-0171db759936a4fe92 ncalrpc: OLE771F6E0162739B45F0CB87265635 4c9dbf19-d39e-4bb9-90ee-8f7179b20283 version: v1.0 ncalrpc: LRPC-0171db759936a4fe92 ncalrpc: OLE771F6E0162739B45F0CB87265635 d4051bde-9cdd-4910-b393-4aa85ec3c482 version: v1.0 ncalrpc: LRPC-0171db759936a4fe92 ncalrpc: OLE771F6E0162739B45F0CB87265635 7df1ceae-de4e-4e6f-ab14-49636e7c2052 version: v1.0 ncalrpc: LRPC-9babc413e4ee8f5048 3d267954-eeb7-11d1-b94e-00c04fa3080d version: v1.0 provider: lserver.dll ncacn_ip_tcp: 178.33.46.192:49686 ncacn_np: \\SRV-AUREMA\pipe\HydraLsPipe ncalrpc: LRPC-4d98da1dd66e53f489 2f5f6521-cb55-1059-b446-00df0bce31db version: v1.0 annotation: Unimodem LRPC Endpoint ncalrpc: unimdmsvc ncalrpc: tapsrvlpc ncacn_np: \\SRV-AUREMA\pipe\tapsrv 650a7e26-eab8-5533-ce43-9c1dfce11511 version: v1.0 annotation: Vpn APIs ncalrpc: LRPC-5ff88828abf4d682ca ncalrpc: VpnikeRpc ncalrpc: RasmanLrpc ncacn_np: \\SRV-AUREMA\PIPE\ROUTER f3f09ffd-fbcf-4291-944d-70ad6e0e73bb version: v1.0 ncalrpc: LRPC-4d14a64ddb2cb075e8 509bc7ae-77be-4ee8-b07c-0d096bb44345 version: v1.0 ncalrpc: LRPC-aa820d90c2f2d016ea ncalrpc: OLE2651A901F363E59500BFF4F5B393 367abb81-9844-35f1-ad32-98f038001003 version: v2.0 protocol: [MS-SCMR]: Service Control Manager Remote Protocol provider: services.exe ncacn_ip_tcp: 178.33.46.192:49711 ed96b012-c8ce-4f60-a682-35535b12ff75 version: v2.0 ncacn_ip_tcp: 178.33.46.192:5504 ncalrpc: OLE1ABF27CEF5D01CEA4181E507A3E0 32e36e84-4ba2-496c-ba85-fb450f325107 version: v2.0 ncalrpc: TSSessionDirectoryQueryApi ncacn_ip_tcp: 178.33.46.192:49712 c95fc993-f460-4763-a00d-bb3b9e5c7e2e version: v1.0 ncacn_ip_tcp: 178.33.46.192:49712 aa177641-fc9b-41bd-80ff-f964a701596f version: v1.0 provider: tssdis.exe ncacn_ip_tcp: 178.33.46.192:49712 c503f532-443a-4c69-8300-ccd1fbdb3839 version: v2.0 ncalrpc: LRPC-0a8f640d9706f549d0 ncalrpc: OLE3981D2E9BCA274D32160C8BBA9B1 d249bd56-4cc0-4fd3-8ce6-6fe050d590cb version: v0.0 ncalrpc: LRPC-2554c20b6d719c3c35 d8140e00-5c46-4ae6-80ac-2f9a76df224c version: v0.0 ncalrpc: LRPC-2554c20b6d719c3c35 906b0ce0-c70b-1067-b317-00dd010662da version: v1.0 protocol: [MS-CMPO]: MSDTC Connection Manager: provider: msdtcprx.dll ncalrpc: LRPC-340d42dab3afc445e6 ncalrpc: LRPC-340d42dab3afc445e6 ncalrpc: LRPC-340d42dab3afc445e6 0767a036-0d22-48aa-ba69-b619480f38cb version: v1.0 annotation: PcaSvc provider: pcasvc.dll ncalrpc: LRPC-b7b14042dd78abcc36 897e2e5f-93f3-4376-9c9c-fd2277495c27 version: v1.0 annotation: Frs2 Service protocol: [MS-FRS2]: Distributed File System Replication Protocol provider: dfsrmig.exe ncacn_ip_tcp: 178.33.46.192:49881 ncalrpc: OLEAA046E2C04A59B40FD5481A791AC bf4dc912-e52f-4904-8ebe-9317c1bdd497 version: v1.0 ncalrpc: LRPC-7255ed48503451700f ncalrpc: OLE30FB7E5DFF45D5460A114F2EB2CF 58e604e8-9adb-4d2e-a464-3b0683fb1480 version: v1.0 annotation: AppInfo provider: appinfo.dll ncalrpc: LRPC-5c2e2349ee13d6790f fd7a0523-dc70-43dd-9b2e-9c5ed48225b1 version: v1.0 annotation: AppInfo provider: appinfo.dll ncalrpc: LRPC-5c2e2349ee13d6790f 5f54ce7d-5b79-4175-8584-cb65313a0e98 version: v1.0 annotation: AppInfo provider: appinfo.dll ncalrpc: LRPC-5c2e2349ee13d6790f 201ef99a-7fa0-444c-9399-19ba84f12a1a version: v1.0 annotation: AppInfo provider: appinfo.dll ncalrpc: LRPC-5c2e2349ee13d6790f 0497b57d-2e66-424f-a0c6-157cd5d41700 version: v1.0 annotation: AppInfo ncalrpc: LRPC-5c2e2349ee13d6790f a4b8d482-80ce-40d6-934d-b22a01a44fe7 version: v1.0 annotation: LicenseManager ncalrpc: LicenseServiceEndpoint 572e35b4-1344-4565-96a1-f5df3bfa89bb version: v1.0 annotation: LiveIdSvcNotify RPC Interface ncalrpc: liveidsvcnotify faf2447b-b348-4feb-8dbe-beee5b7f7778 version: v1.0 annotation: OnlineProviderCert RPC Interface ncalrpc: LRPC-8cbfe2bf72b30a1ae0 cc105610-da03-467e-bc73-5b9e2937458d version: v1.0 annotation: LiveIdSvc RPC Interface ncalrpc: LRPC-8cbfe2bf72b30a1ae0
1730208901 | 2025-01-05T13:20:17.8373253050 / tcp
\x00\x00\x00\x03\x00\x00\x00\n\x00\x00\x00\x01\x00\x00\x00\x03
-1869766310 | 2025-01-01T03:05:15.6558363268 / tcp
0\x84\x00\x00\x0c\x19\x02\x01\x02d\x84\x00\x00\x0c\x10\x04\x000\x84\x00\x00\x0c\x080\x84\x00\x00\x00\x99\x04\x12supportedExtension1\x84\x00\x00\x00\x7f\x04\x161.3.6.1.4.1.1466.20037\x04\x1a1.3.6.1.4.1.1466.101.119.1\x04\x171.2.840.113556.1.4.1781\x04\x171.3.6.1.4.1.4203.1.11.3\x04\x171.2.840.113556.1.4.22120\x84\x00\x00\x00I\x04\x17supportedSASLMechanisms1\x84\x00\x00\x00*\x04\x06GSSAPI\x04\nGSS-SPNEGO\x04\x08EXTERNAL\x04\nDIGEST-MD50\x84\x00\x00\x00"\x04\x14supportedLDAPVersion1\x84\x00\x00\x00\x06\x04\x013\x04\x0120\x84\x00\x00\x01\x9a\x04\x15supportedLDAPPolicies1\x84\x00\x00\x01}\x04\x0eMaxPoolThreads\x04\x19MaxPercentDirSyncRequests\x04\x0fMaxDatagramRecv\x04\x10MaxReceiveBuffer\x04\x0fInitRecvTimeout\x04\x0eMaxConnections\x04\x0fMaxConnIdleTime\x04\x0bMaxPageSize\x04\x16MaxBatchReturnMessages\x04\x10MaxQueryDuration\x04\x12MaxDirSyncDuration\x04\x10MaxTempTableSize\x04\x10MaxResultSetSize\x04\rMinResultSets\x04\x14MaxResultSetsPerConn\x04\x16MaxNotificationPerConn\x04\x0bMaxValRange\x04\x15MaxValRangeTransitive\x04\x11ThreadMemoryLimit\x04\x18SystemMemoryLimitPercent0\x84\x00\x00\x03\xf4\x04\x10supportedControl1\x84\x00\x00\x03\xdc\x04\x161.2.840.113556.1.4.319\x04\x161.2.840.113556.1.4.801\x04\x161.2.840.113556.1.4.473\x04\x161.2.840.113556.1.4.528\x04\x161.2.840.113556.1.4.417\x04\x161.2.840.113556.1.4.619\x04\x161.2.840.113556.1.4.841\x04\x161.2.840.113556.1.4.529\x04\x161.2.840.113556.1.4.805\x04\x161.2.840.113556.1.4.521\x04\x161.2.840.113556.1.4.970\x04\x171.2.840.113556.1.4.1338\x04\x161.2.840.113556.1.4.474\x04\x171.2.840.113556.1.4.1339\x04\x171.2.840.113556.1.4.1340\x04\x171.2.840.113556.1.4.1413\x04\x172.16.840.1.113730.3.4.9\x04\x182.16.840.1.113730.3.4.10\x04\x171.2.840.113556.1.4.1504\x04\x171.2.840.113556.1.4.1852\x04\x161.2.840.113556.1.4.802\x04\x171.2.840.113556.1.4.1907\x04\x171.2.840.113556.1.4.1948\x04\x171.2.840.113556.1.4.1974\x04\x171.2.840.113556.1.4.1341\x04\x171.2.840.113556.1.4.2026\x04\x171.2.840.113556.1.4.2064\x04\x171.2.840.113556.1.4.2065\x04\x171.2.840.113
-1505439972 | 2024-12-28T20:59:08.5719143389 / tcp
Remote Desktop Protocol \x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x1f\x08\x00\x02\x00\x00\x00 Remote Desktop Protocol NTLM Info: OS: Windows Server 2022 OS Build: 10.0.20348 Target Name: AUREMAGROUPE NetBIOS Domain Name: AUREMAGROUPE NetBIOS Computer Name: SRV-AUREMA DNS Domain Name: auremagroupe.local DNS Tree Name: auremagroupe.local FQDN: SRV-AUREMA.auremagroupe.local
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:46:d1:6c:24:33:38:a5:4f:43:9f:d4:0f:55:76:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=SRV-AUREMA.auremagroupe.local
Validity
Not Before: Aug 30 20:00:45 2024 GMT
Not After : Mar 1 20:00:45 2025 GMT
Subject: CN=SRV-AUREMA.auremagroupe.local
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b9:a1:fa:c0:90:03:25:43:67:73:1f:67:ac:7a:
e9:55:c2:45:35:e9:a5:c6:0c:c6:7b:07:4c:2b:53:
d6:64:57:cf:d0:55:3a:af:9f:15:40:40:91:0c:e1:
ae:b6:21:cd:88:bd:87:30:46:f2:e4:cc:5b:63:1f:
07:47:52:e0:b5:c9:10:0a:34:b2:e6:c8:0d:84:ca:
91:31:33:25:9d:1c:d0:99:a1:65:88:c0:c8:88:6c:
50:27:c8:38:a0:23:68:59:d8:2c:89:4f:e2:a0:3e:
9e:09:24:68:d3:a8:e1:72:c0:3f:8e:be:a1:20:a8:
34:f1:ab:5d:54:b7:b2:f0:0f:9b:77:e4:fa:b6:03:
85:7e:16:5a:5b:2a:cc:76:ac:48:bb:40:88:fd:c4:
43:fe:bb:2c:0f:20:00:06:16:63:60:17:a7:b0:51:
96:24:9e:e6:e7:d5:69:78:c4:2b:cd:88:0d:e4:96:
94:cb:d3:93:f7:03:5e:78:87:b3:9a:f5:f3:ec:da:
2f:68:74:90:a1:47:8c:da:9b:a5:b0:96:41:93:dd:
53:82:43:90:a8:c6:db:e6:78:1e:ab:91:c4:06:8b:
18:0c:2b:d1:d0:f9:e3:0b:e7:f0:b4:d9:24:90:f1:
9e:23:ee:72:d8:15:e1:ad:a0:88:8d:56:eb:53:2c:
a6:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Extended Key Usage:
TLS Web Server Authentication
X509v3 Key Usage:
Key Encipherment, Data Encipherment
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
0f:dc:91:6b:fe:59:4a:e6:2f:55:7e:d2:0a:8d:19:d4:cf:63:
b2:7a:66:5c:0e:5d:05:a2:b8:0c:4a:54:f4:5f:3f:ab:5f:e4:
cf:62:ec:2b:3a:dd:3d:3e:0b:99:4c:51:7c:81:6c:b9:10:01:
6b:30:80:37:b0:7b:e8:ee:53:99:03:fd:1d:00:8f:f2:3c:d2:
65:8d:ad:00:d8:8f:74:fe:b2:48:45:47:8f:01:d1:8b:ec:a4:
c5:e9:dd:1e:72:28:bc:d8:da:ae:e0:4f:fc:a0:49:b4:b3:79:
39:b6:be:1a:2c:9f:56:a2:2c:ca:05:60:37:06:7e:62:fd:4b:
f9:9a:cf:62:a4:50:1c:00:99:e7:26:5a:5b:c1:8f:04:3d:0e:
89:5b:e0:aa:9a:24:81:5b:07:2b:72:c3:a4:d2:0b:cf:49:07:
40:29:37:0d:1a:eb:54:e7:be:df:1d:2c:50:dc:92:27:4c:8a:
84:83:03:d4:dd:34:4e:24:75:e5:4f:55:1f:11:13:8f:70:3e:
55:f6:61:02:52:aa:e2:60:45:e4:1b:d7:3e:27:b3:30:16:97:
fa:26:28:a2:13:2b:28:30:9a:e7:98:5b:7f:2a:a9:a9:2c:92:
77:db:8e:54:7b:d4:e3:81:10:8a:1a:a2:9f:0c:83:34:dd:07:
9b:6f:ac:ab
1489525118 | 2025-01-04T20:40:43.5353785985 / tcp
HTTP/1.1 404 Not Found Content-Type: text/html; charset=us-ascii Server: Microsoft-HTTPAPI/2.0 Date: Sat, 04 Jan 2025 20:40:43 GMT Connection: close Content-Length: 315 WinRM NTLM Info: OS: Windows Server 2022 OS Build: 10.0.20348 Target Name: AUREMAGROUPE NetBIOS Domain Name: AUREMAGROUPE NetBIOS Computer Name: SRV-AUREMA DNS Domain Name: auremagroupe.local DNS Tree Name: auremagroupe.local FQDN: SRV-AUREMA.auremagroupe.local