1731646188 | 2025-01-16T01:21:35.241601
80 /
tcp
HTTP/1.1 403 ModSecurity Action
Content-Type: text/html
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Access-Control-Allow-Origin: *
Date: Thu, 16 Jan 2025 01:21:34 GMT
Content-Length: 12566
1780330283 | 2025-01-16T03:19:16.668134
135 /
tcp
Microsoft RPC Endpoint Mapper
51a227ae-825b-41f2-b4a9-1ac9557a1018
version: v1.0
annotation: Ngc Pop Key Service
ncacn_ip_tcp: 184.168.127.69:49664
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: LSA_IDPEXT_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\152-245-72-148\pipe\lsass
8fb74744-b2ff-4c00-be0d-9ef9a191fe1b
version: v1.0
annotation: Ngc Pop Key Service
ncacn_ip_tcp: 184.168.127.69:49664
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: LSA_IDPEXT_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\152-245-72-148\pipe\lsass
b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86
version: v2.0
annotation: KeyIso
ncacn_ip_tcp: 184.168.127.69:49664
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: LSA_IDPEXT_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\152-245-72-148\pipe\lsass
12345778-1234-abcd-ef00-0123456789ac
version: v1.0
protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
provider: samsrv.dll
ncacn_ip_tcp: 184.168.127.69:49664
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: LSA_IDPEXT_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\152-245-72-148\pipe\lsass
d95afe70-a6d5-4259-822e-2c84da1ddb0d
version: v1.0
protocol: [MS-RSP]: Remote Shutdown Protocol
provider: wininit.exe
ncacn_ip_tcp: 184.168.127.69:49665
ncalrpc: WindowsShutdown
ncacn_np: \\152-245-72-148\PIPE\InitShutdown
ncalrpc: WMsgKRpc06DD20
76f226c3-ec14-4325-8a99-6a46348418af
version: v1.0
provider: winlogon.exe
ncalrpc: WindowsShutdown
ncacn_np: \\152-245-72-148\PIPE\InitShutdown
ncalrpc: WMsgKRpc06DD20
ncalrpc: WMsgKRpc070BD1
ncalrpc: WMsgKRpc2A3D968372
fc48cd89-98d6-4628-9839-86f7a3e4161a
version: v1.0
ncalrpc: dabrpc
ncalrpc: csebpub
ncalrpc: LRPC-8f4390ba8dad7ec87a
ncalrpc: LRPC-8ac3adf5abb83fd33f
ncalrpc: LRPC-ec1e4377f2131369a5
ncalrpc: LRPC-642c290787071b416d
ncalrpc: OLEB948DE1F6132A012A32C847120C5
ncalrpc: LRPC-e6d484b4b7683fdb90
ncalrpc: actkernel
ncalrpc: umpo
d09bdeb5-6171-4a34-bfe2-06fa82652568
version: v1.0
ncalrpc: csebpub
ncalrpc: LRPC-8f4390ba8dad7ec87a
ncalrpc: LRPC-8ac3adf5abb83fd33f
ncalrpc: LRPC-ec1e4377f2131369a5
ncalrpc: LRPC-642c290787071b416d
ncalrpc: OLEB948DE1F6132A012A32C847120C5
ncalrpc: LRPC-e6d484b4b7683fdb90
ncalrpc: actkernel
ncalrpc: umpo
ncalrpc: LRPC-8ac3adf5abb83fd33f
ncalrpc: LRPC-ec1e4377f2131369a5
ncalrpc: LRPC-642c290787071b416d
ncalrpc: OLEB948DE1F6132A012A32C847120C5
ncalrpc: LRPC-e6d484b4b7683fdb90
ncalrpc: actkernel
ncalrpc: umpo
ncalrpc: LRPC-ec1e4377f2131369a5
ncalrpc: LRPC-642c290787071b416d
ncalrpc: OLEB948DE1F6132A012A32C847120C5
ncalrpc: LRPC-e6d484b4b7683fdb90
ncalrpc: actkernel
ncalrpc: umpo
ncalrpc: LRPC-9c60067c8d4cc43cbb
ncalrpc: LRPC-9be7315db4bfd056c5
697dcda9-3ba9-4eb2-9247-e11f1901b0d2
version: v1.0
ncalrpc: LRPC-8f4390ba8dad7ec87a
ncalrpc: LRPC-8ac3adf5abb83fd33f
ncalrpc: LRPC-ec1e4377f2131369a5
ncalrpc: LRPC-642c290787071b416d
ncalrpc: OLEB948DE1F6132A012A32C847120C5
ncalrpc: LRPC-e6d484b4b7683fdb90
ncalrpc: actkernel
ncalrpc: umpo
9b008953-f195-4bf9-bde0-4471971e58ed
version: v1.0
ncalrpc: LRPC-8ac3adf5abb83fd33f
ncalrpc: LRPC-ec1e4377f2131369a5
ncalrpc: LRPC-642c290787071b416d
ncalrpc: OLEB948DE1F6132A012A32C847120C5
ncalrpc: LRPC-e6d484b4b7683fdb90
ncalrpc: actkernel
ncalrpc: umpo
0d47017b-b33b-46ad-9e18-fe96456c5078
version: v1.0
ncalrpc: umpo
95406f0b-b239-4318-91bb-cea3a46ff0dc
version: v1.0
ncalrpc: umpo
4ed8abcc-f1e2-438b-981f-bb0e8abc010c
version: v1.0
ncalrpc: umpo
0ff1f646-13bb-400a-ab50-9a78f2b7a85a
version: v1.0
ncalrpc: umpo
6982a06e-5fe2-46b1-b39c-a2c545bfa069
version: v1.0
ncalrpc: umpo
082a3471-31b6-422a-b931-a54401960c62
version: v1.0
ncalrpc: umpo
fae436b0-b864-4a87-9eda-298547cd82f2
version: v1.0
ncalrpc: umpo
e53d94ca-7464-4839-b044-09a2fb8b3ae5
version: v1.0
ncalrpc: umpo
178d84be-9291-4994-82c6-3f909aca5a03
version: v1.0
ncalrpc: umpo
4dace966-a243-4450-ae3f-9b7bcb5315b8
version: v2.0
ncalrpc: umpo
1832bcf6-cab8-41d4-85d2-c9410764f75a
version: v1.0
ncalrpc: umpo
c521facf-09a9-42c5-b155-72388595cbf0
version: v0.0
ncalrpc: umpo
2c7fd9ce-e706-4b40-b412-953107ef9bb0
version: v0.0
ncalrpc: umpo
88abcbc3-34ea-76ae-8215-767520655a23
version: v0.0
ncalrpc: LRPC-642c290787071b416d
ncalrpc: OLEB948DE1F6132A012A32C847120C5
ncalrpc: LRPC-e6d484b4b7683fdb90
ncalrpc: actkernel
ncalrpc: umpo
76c217bc-c8b4-4201-a745-373ad9032b1a
version: v1.0
ncalrpc: LRPC-642c290787071b416d
ncalrpc: OLEB948DE1F6132A012A32C847120C5
ncalrpc: LRPC-e6d484b4b7683fdb90
ncalrpc: actkernel
ncalrpc: umpo
55e6b932-1979-45d6-90c5-7f6270724112
version: v1.0
ncalrpc: LRPC-642c290787071b416d
ncalrpc: OLEB948DE1F6132A012A32C847120C5
ncalrpc: LRPC-e6d484b4b7683fdb90
ncalrpc: actkernel
ncalrpc: umpo
857fb1be-084f-4fb5-b59c-4b2c4be5f0cf
version: v1.0
ncalrpc: OLEB948DE1F6132A012A32C847120C5
ncalrpc: LRPC-e6d484b4b7683fdb90
ncalrpc: actkernel
ncalrpc: umpo
20c40295-8dba-48e6-aebf-3e78ef3bb144
version: v2.0
ncalrpc: OLEB948DE1F6132A012A32C847120C5
ncalrpc: LRPC-e6d484b4b7683fdb90
ncalrpc: actkernel
ncalrpc: umpo
2513bcbe-6cd4-4348-855e-7efb3c336dd3
version: v2.0
ncalrpc: OLEB948DE1F6132A012A32C847120C5
ncalrpc: LRPC-e6d484b4b7683fdb90
ncalrpc: actkernel
ncalrpc: umpo
0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e
version: v1.0
ncalrpc: LRPC-e6d484b4b7683fdb90
ncalrpc: actkernel
ncalrpc: umpo
c605f9fb-f0a3-4e2a-a073-73560f8d9e3e
version: v1.0
ncalrpc: LRPC-e6d484b4b7683fdb90
ncalrpc: actkernel
ncalrpc: umpo
1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0
version: v1.0
ncalrpc: LRPC-e6d484b4b7683fdb90
ncalrpc: actkernel
ncalrpc: umpo
8bfc3be1-6def-4e2d-af74-7c47cd0ade4a
version: v1.0
ncalrpc: LRPC-e6d484b4b7683fdb90
ncalrpc: actkernel
ncalrpc: umpo
2d98a740-581d-41b9-aa0d-a88b9d5ce938
version: v1.0
ncalrpc: LRPC-e6d484b4b7683fdb90
ncalrpc: actkernel
ncalrpc: umpo
dd59071b-3215-4c59-8481-972edadc0f6a
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
0361ae94-0316-4c6c-8ad8-c594375800e2
version: v1.0
ncalrpc: umpo
5824833b-3c1a-4ad2-bdfd-c31d19e23ed2
version: v1.0
ncalrpc: umpo
bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760
version: v1.0
ncalrpc: umpo
3b338d89-6cfa-44b8-847e-531531bc9992
version: v1.0
ncalrpc: umpo
8782d3b9-ebbd-4644-a3d8-e8725381919b
version: v1.0
ncalrpc: umpo
085b0334-e454-4d91-9b8c-4134f9e793f3
version: v1.0
ncalrpc: umpo
4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9
version: v1.0
ncalrpc: umpo
c9ac6db5-82b7-4e55-ae8a-e464ed7b4277
version: v1.0
annotation: Impl friendly name
provider: sysntfy.dll
ncalrpc: LRPC-b96c51d542c78680b1
ncalrpc: LRPC-9e0d866c608923c2d4
ncalrpc: IUserProfile2
ncalrpc: LRPC-3171bcad0900d6ebb6
ncalrpc: senssvc
ncalrpc: LRPC-9b7e3f70c7c5e4ccb0
e40f7b57-7a25-4cd3-a135-7f7d3df9d16b
version: v1.0
ncalrpc: LRPC-b3d3812addc0ebf4a6
880fd55e-43b9-11e0-b1a8-cf4edfd72085
version: v1.0
annotation: KAPI Service endpoint
ncalrpc: LRPC-16544aadd86eee056f
ncalrpc: OLE5D0F61807139779D95BADBFCDB73
ncalrpc: LRPC-9c60067c8d4cc43cbb
5222821f-d5e2-4885-84f1-5f6185a0ec41
version: v1.0
ncalrpc: LRPC-30f8b9ae8a33454bad
a500d4c6-0dd1-4543-bc0c-d5f93486eaf8
version: v1.0
ncalrpc: LRPC-97b6666ca21d44a080
ncalrpc: LRPC-9be7315db4bfd056c5
f6beaff7-1e19-4fbb-9f8f-b89e2018337c
version: v1.0
annotation: Event log TCPIP
protocol: [MS-EVEN6]: EventLog Remoting Protocol
provider: wevtsvc.dll
ncacn_ip_tcp: 184.168.127.69:49666
ncacn_np: \\152-245-72-148\pipe\eventlog
ncalrpc: eventlog
7ea70bcf-48af-4f6a-8968-6a440754d5fa
version: v1.0
annotation: NSI server endpoint
provider: nsisvc.dll
ncalrpc: LRPC-f39f6ea5bc1b28b718
2eb08e3e-639f-4fba-97b1-14f878961076
version: v1.0
annotation: Group Policy RPC Interface
provider: gpsvc.dll
ncalrpc: LRPC-3d113680d0b5d8c866
3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5
version: v1.0
annotation: DHCP Client LRPC Endpoint
provider: dhcpcsvc.dll
ncalrpc: dhcpcsvc
ncalrpc: dhcpcsvc6
3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6
version: v1.0
annotation: DHCPv6 Client LRPC Endpoint
provider: dhcpcsvc6.dll
ncalrpc: dhcpcsvc6
3a9ef155-691d-4449-8d05-09ad57031823
version: v1.0
ncacn_ip_tcp: 184.168.127.69:49667
ncalrpc: LRPC-60812bf964e679ee97
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\152-245-72-148\PIPE\atsvc
ncalrpc: LRPC-e725e58a9da9e8444f
86d35949-83c9-4044-b424-db363231fd0c
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: schedsvc.dll
ncacn_ip_tcp: 184.168.127.69:49667
ncalrpc: LRPC-60812bf964e679ee97
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\152-245-72-148\PIPE\atsvc
ncalrpc: LRPC-e725e58a9da9e8444f
33d84484-3626-47ee-8c6f-e7e98b113be1
version: v2.0
ncalrpc: LRPC-60812bf964e679ee97
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\152-245-72-148\PIPE\atsvc
ncalrpc: LRPC-e725e58a9da9e8444f
378e52b0-c0a9-11cf-822d-00aa0051e40f
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: taskcomp.dll
ncacn_np: \\152-245-72-148\PIPE\atsvc
ncalrpc: LRPC-e725e58a9da9e8444f
1ff70682-0a51-30e8-076d-740be8cee98b
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: taskcomp.dll
ncacn_np: \\152-245-72-148\PIPE\atsvc
ncalrpc: LRPC-e725e58a9da9e8444f
0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53
version: v1.0
provider: schedsvc.dll
ncalrpc: LRPC-e725e58a9da9e8444f
30b044a5-a225-43f0-b3a4-e060df91f9c1
version: v1.0
provider: certprop.dll
ncalrpc: LRPC-13186ddb1abd73aa84
7f1343fe-50a9-4927-a778-0c5859517bac
version: v1.0
annotation: DfsDs service
ncacn_np: \\152-245-72-148\PIPE\wkssvc
ncalrpc: LRPC-a4813ee68b4cf8852c
eb081a0d-10ee-478a-a1dd-50995283e7a8
version: v3.0
annotation: Witness Client Test Interface
ncalrpc: LRPC-a4813ee68b4cf8852c
f2c9b409-c1c9-4100-8639-d8ab1486694a
version: v1.0
annotation: Witness Client Upcall Server
ncalrpc: LRPC-a4813ee68b4cf8852c
3f787932-3452-4363-8651-6ea97bb373bb
version: v1.0
annotation: NSP Rpc Interface
ncalrpc: LRPC-8eadf225068f009ffd
ncalrpc: OLE0FC5D9213C03414CEC20CF94031E
30adc50c-5cbc-46ce-9a0e-91914789e23c
version: v1.0
annotation: NRP server endpoint
provider: nrpsrv.dll
ncalrpc: LRPC-9bcb0cbdbc9a47037c
ncalrpc: DNSResolver
3473dd4d-2e88-4006-9cba-22570909dd10
version: v5.256
annotation: WinHttp Auto-Proxy Service
ncalrpc: 2a3d143e-f5e1-4941-b6c8-ac640969a2cb
ncalrpc: LRPC-5d6f7c9814145d590a
29770a8f-829b-4158-90a2-78cd488501f7
version: v1.0
ncacn_ip_tcp: 184.168.127.69:49668
ncacn_np: \\152-245-72-148\pipe\SessEnvPublicRpc
ncalrpc: SessEnvPrivateRpc
ncalrpc: LRPC-9b7e3f70c7c5e4ccb0
13560fa9-8c09-4b56-a1fd-04d083b9b2a1
version: v1.0
ncalrpc: LRPC-8048524d36ddd8f3b2
ncalrpc: OLE102B55B45F129A96B011FB3B6AF7
c2d1b5dd-fa81-4460-9dd6-e7658b85454b
version: v1.0
ncalrpc: LRPC-8048524d36ddd8f3b2
ncalrpc: OLE102B55B45F129A96B011FB3B6AF7
f44e62af-dab1-44c2-8013-049a9de417d6
version: v1.0
ncalrpc: LRPC-8048524d36ddd8f3b2
ncalrpc: OLE102B55B45F129A96B011FB3B6AF7
b37f900a-eae4-4304-a2ab-12bb668c0188
version: v1.0
ncalrpc: LRPC-8048524d36ddd8f3b2
ncalrpc: OLE102B55B45F129A96B011FB3B6AF7
abfb6ca3-0c5e-4734-9285-0aee72fe8d1c
version: v1.0
ncalrpc: LRPC-8048524d36ddd8f3b2
ncalrpc: OLE102B55B45F129A96B011FB3B6AF7
2fb92682-6599-42dc-ae13-bd2ca89bd11c
version: v1.0
annotation: Fw APIs
provider: MPSSVC.dll
ncalrpc: LRPC-50999094ad18dfa5a3
ncalrpc: LRPC-d00318e9eaa5d30122
ncalrpc: LRPC-fda145fe5a947b7ed9
ncalrpc: LRPC-3a212376cecd473eaf
f47433c3-3e9d-4157-aad4-83aa1f5c2d4c
version: v1.0
annotation: Fw APIs
ncalrpc: LRPC-d00318e9eaa5d30122
ncalrpc: LRPC-fda145fe5a947b7ed9
ncalrpc: LRPC-3a212376cecd473eaf
7f9d11bf-7fb9-436b-a812-b2d50c5d4c03
version: v1.0
annotation: Fw APIs
provider: MPSSVC.dll
ncalrpc: LRPC-fda145fe5a947b7ed9
ncalrpc: LRPC-3a212376cecd473eaf
dd490425-5325-4565-b774-7e27d6c09c24
version: v1.0
annotation: Base Firewall Engine API
provider: BFE.DLL
ncalrpc: LRPC-3a212376cecd473eaf
0d3c7f20-1c8d-4654-a1b3-51563b298bda
version: v1.0
annotation: UserMgrCli
ncalrpc: LRPC-820ecf4c65ed97587c
ncalrpc: OLE45532433711ADFBD9A7581EE9ECD
b18fbab6-56f8-4702-84e0-41053293a869
version: v1.0
annotation: UserMgrCli
ncalrpc: LRPC-820ecf4c65ed97587c
ncalrpc: OLE45532433711ADFBD9A7581EE9ECD
76f03f96-cdfd-44fc-a22c-64950a001209
version: v1.0
protocol: [MS-PAR]: Print System Asynchronous Remote Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 184.168.127.69:49669
ncalrpc: LRPC-9e0aebe1e93afbf571
4a452661-8290-4b36-8fbe-7f4093a94978
version: v1.0
provider: spoolsv.exe
ncacn_ip_tcp: 184.168.127.69:49669
ncalrpc: LRPC-9e0aebe1e93afbf571
ae33069b-a2a8-46ee-a235-ddfd339be281
version: v1.0
protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 184.168.127.69:49669
ncalrpc: LRPC-9e0aebe1e93afbf571
0b6edbfa-4a24-4fc6-8a23-942b1eca65d1
version: v1.0
protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 184.168.127.69:49669
ncalrpc: LRPC-9e0aebe1e93afbf571
12345678-1234-abcd-ef00-0123456789ab
version: v1.0
protocol: [MS-RPRN]: Print System Remote Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 184.168.127.69:49669
ncalrpc: LRPC-9e0aebe1e93afbf571
c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1
version: v1.0
annotation: Adh APIs
ncalrpc: OLED18FC9F978594CAF1C49C26B08FA
ncalrpc: TeredoControl
ncalrpc: TeredoDiagnostics
ncalrpc: LRPC-b1f828386a04145ef9
c36be077-e14b-4fe9-8abc-e856ef4f048b
version: v1.0
annotation: Proxy Manager client server endpoint
ncalrpc: OLED18FC9F978594CAF1C49C26B08FA
ncalrpc: TeredoControl
ncalrpc: TeredoDiagnostics
ncalrpc: LRPC-b1f828386a04145ef9
2e6035b2-e8f1-41a7-a044-656b439c4c34
version: v1.0
annotation: Proxy Manager provider server endpoint
ncalrpc: TeredoControl
ncalrpc: TeredoDiagnostics
ncalrpc: LRPC-b1f828386a04145ef9
552d076a-cb29-4e44-8b6a-d15e59e2c0af
version: v1.0
annotation: IP Transition Configuration endpoint
provider: iphlpsvc.dll
ncalrpc: LRPC-b1f828386a04145ef9
1a0d010f-1c33-432c-b0f5-8cf4e8053099
version: v1.0
annotation: IdSegSrv service
ncalrpc: LRPC-15ce4dd79ba34cfdba
98716d03-89ac-44c7-bb8c-285824e51c4a
version: v1.0
annotation: XactSrv service
provider: srvsvc.dll
ncalrpc: LRPC-15ce4dd79ba34cfdba
a398e520-d59a-4bdd-aa7a-3c1e0303a511
version: v1.0
annotation: IKE/Authip API
provider: IKEEXT.DLL
ncalrpc: LRPC-b223614dca604b8245
1d45e083-478f-437c-9618-3594ced8c235
version: v1.0
ncalrpc: LRPC-4566c65e167b3e7015
ncalrpc: OLE9B8C06C6D7B7E29D820DAEC0D8A1
98cd761e-e77d-41c8-a3c0-0fb756d90ec2
version: v1.0
ncalrpc: LRPC-4566c65e167b3e7015
ncalrpc: OLE9B8C06C6D7B7E29D820DAEC0D8A1
d22895ef-aff4-42c5-a5b2-b14466d34ab4
version: v1.0
ncalrpc: LRPC-4566c65e167b3e7015
ncalrpc: OLE9B8C06C6D7B7E29D820DAEC0D8A1
e38f5360-8572-473e-b696-1b46873beeab
version: v1.0
ncalrpc: LRPC-4566c65e167b3e7015
ncalrpc: OLE9B8C06C6D7B7E29D820DAEC0D8A1
95095ec8-32ea-4eb0-a3e2-041f97b36168
version: v1.0
ncalrpc: LRPC-4566c65e167b3e7015
ncalrpc: OLE9B8C06C6D7B7E29D820DAEC0D8A1
fd8be72b-a9cd-4b2c-a9ca-4ded242fbe4d
version: v1.0
ncalrpc: LRPC-4566c65e167b3e7015
ncalrpc: OLE9B8C06C6D7B7E29D820DAEC0D8A1
4c9dbf19-d39e-4bb9-90ee-8f7179b20283
version: v1.0
ncalrpc: LRPC-4566c65e167b3e7015
ncalrpc: OLE9B8C06C6D7B7E29D820DAEC0D8A1
d4051bde-9cdd-4910-b393-4aa85ec3c482
version: v1.0
ncalrpc: LRPC-4566c65e167b3e7015
ncalrpc: OLE9B8C06C6D7B7E29D820DAEC0D8A1
7df1ceae-de4e-4e6f-ab14-49636e7c2052
version: v1.0
ncalrpc: LRPC-df8a33465d06eec9eb
b58aa02e-2884-4e97-8176-4ee06d794184
version: v1.0
provider: sysmain.dll
ncalrpc: LRPC-5bc1e1fb16cb1a769b
f3f09ffd-fbcf-4291-944d-70ad6e0e73bb
version: v1.0
ncalrpc: LRPC-64ba9c606c970003ef
ncalrpc: LRPC-97fcef30ca825ca9c1
367abb81-9844-35f1-ad32-98f038001003
version: v2.0
protocol: [MS-SCMR]: Service Control Manager Remote Protocol
provider: services.exe
ncacn_ip_tcp: 184.168.127.69:49703
650a7e26-eab8-5533-ce43-9c1dfce11511
version: v1.0
annotation: Vpn APIs
ncalrpc: LRPC-5cfd56a6a8e76f233f
ncalrpc: VpnikeRpc
ncalrpc: RasmanLrpc
ncacn_np: \\152-245-72-148\PIPE\ROUTER
509bc7ae-77be-4ee8-b07c-0d096bb44345
version: v1.0
ncalrpc: LRPC-dacc25e9e95222c4a1
ncalrpc: OLE734951D0F671D7AD850B21056721
906b0ce0-c70b-1067-b317-00dd010662da
version: v1.0
protocol: [MS-CMPO]: MSDTC Connection Manager:
provider: msdtcprx.dll
ncalrpc: LRPC-99c1267164c988aa82
ncalrpc: LRPC-99c1267164c988aa82
ncalrpc: LRPC-99c1267164c988aa82
ncalrpc: LRPC-88bda240cc46d33469
ncalrpc: OLE347D19A84A273D2C9CB5C5348B29
0767a036-0d22-48aa-ba69-b619480f38cb
version: v1.0
annotation: PcaSvc
provider: pcasvc.dll
ncalrpc: LRPC-028d5bd4c7996d2e19
d249bd56-4cc0-4fd3-8ce6-6fe050d590cb
version: v0.0
ncalrpc: LRPC-7dceb1710159effbde
d8140e00-5c46-4ae6-80ac-2f9a76df224c
version: v0.0
ncalrpc: LRPC-7dceb1710159effbde
50abc2a4-574d-40b3-9d66-ee4fd5fba076
version: v5.0
protocol: [MS-DNSP]: Domain Name Service (DNS) Server Management
provider: dns.exe
ncacn_ip_tcp: 184.168.127.69:58195
bf4dc912-e52f-4904-8ebe-9317c1bdd497
version: v1.0
ncalrpc: LRPC-4e0d4ecc62ae206afd
ncalrpc: OLEF51A7C50C57AAC0FA80A88B098F0
58e604e8-9adb-4d2e-a464-3b0683fb1480
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncalrpc: LRPC-8b11ee34e8748e6747
fd7a0523-dc70-43dd-9b2e-9c5ed48225b1
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncalrpc: LRPC-8b11ee34e8748e6747
5f54ce7d-5b79-4175-8584-cb65313a0e98
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncalrpc: LRPC-8b11ee34e8748e6747
201ef99a-7fa0-444c-9399-19ba84f12a1a
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncalrpc: LRPC-8b11ee34e8748e6747
0497b57d-2e66-424f-a0c6-157cd5d41700
version: v1.0
annotation: AppInfo
ncalrpc: LRPC-8b11ee34e8748e6747
c503f532-443a-4c69-8300-ccd1fbdb3839
version: v2.0
ncalrpc: LRPC-4d58ff9f0f60de9a9e
ncalrpc: OLE800A124C7C3AAF9E8274610D9296
12e65dd8-887f-41ef-91bf-8d816c42c2e7
version: v1.0
annotation: Secure Desktop LRPC interface
provider: winlogon.exe
ncalrpc: WMsgKRpc2A3D968372
b1ef227e-dfa5-421e-82bb-67a6a129c496
version: v0.0
ncalrpc: LRPC-becaf75ff419a0cb11
ncalrpc: OLE377D2235D95ABF8F38F13FB8F9C6
0fc77b1a-95d8-4a2e-a0c0-cff54237462b
version: v0.0
ncalrpc: LRPC-becaf75ff419a0cb11
ncalrpc: OLE377D2235D95ABF8F38F13FB8F9C6
8ec21e98-b5ce-4916-a3d6-449fa428a007
version: v0.0
ncalrpc: LRPC-becaf75ff419a0cb11
ncalrpc: OLE377D2235D95ABF8F38F13FB8F9C6
43890c94-bfd7-4655-ad6a-b4a68397cdcb
version: v0.0
ncalrpc: LRPC-fa22fcd6d81c7c259c
c8ba73d2-3d55-429c-8e9a-c44f006f69fc
version: v0.0
ncalrpc: LRPC-fa22fcd6d81c7c259c
e8748f69-a2a4-40df-9366-62dbeb696e26
version: v0.0
ncalrpc: LRPC-fa22fcd6d81c7c259c
a4b8d482-80ce-40d6-934d-b22a01a44fe7
version: v1.0
annotation: LicenseManager
ncalrpc: LicenseServiceEndpoint
a111f1c5-5923-47c0-9a68-d0bafb577901
version: v1.0
annotation: NetSetup API
ncalrpc: LRPC-972018b0877b1727e1
-1350296618 | 2025-01-15T13:15:23.044517
443 /
tcp
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate,post-check=0, pre-check=0
Pragma: no-cache
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Expires: Fri, 28 May 1999 00:00:00 GMT
Last-Modified: Wed, 15 Jan 2025 13:15:20 GMT
Server: Microsoft-IIS/10.0
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Powered-By: ASP.NET
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Date: Wed, 15 Jan 2025 13:15:20 GMT
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:ff:5f:9e:46:e7:50:0d:a6:1e:78:45:bb:d4:b8:bf:58:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, O=Let's Encrypt, CN=R10
Validity
Not Before: Dec 14 11:52:46 2024 GMT
Not After : Mar 14 11:52:45 2025 GMT
Subject: CN=affectionate-khayyam.148-72-245-152.plesk.page
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c7:07:64:2f:15:21:d5:bd:04:33:bd:6d:d5:18:
44:7d:96:11:87:37:75:9b:19:7a:de:d8:89:a7:c8:
bd:40:e5:c7:b2:71:20:9d:14:ec:8f:61:54:43:c4:
a9:e4:b2:07:7d:1e:77:4c:c1:40:09:23:f3:88:76:
90:52:c6:db:46:3a:83:23:fc:20:b1:f2:a8:dd:ed:
27:6f:6e:f5:64:2c:c2:2b:23:7d:95:1f:1f:62:91:
ae:d8:eb:63:6b:16:04:a2:41:c2:81:8b:92:e6:43:
01:8e:86:98:0b:3e:2f:01:fb:0b:00:ea:16:da:a1:
b2:d5:1d:99:f9:75:20:a4:f0:2c:03:33:21:ac:0b:
4c:ed:c9:b4:e8:71:c6:e7:7c:12:44:f6:92:1f:33:
5b:b7:a1:a8:d9:be:d4:79:93:75:5f:9f:7c:38:8b:
52:aa:c3:b8:73:d8:84:23:10:66:d1:a8:b7:d6:26:
66:63:a0:21:81:d8:eb:0b:07:69:7e:ce:ff:36:56:
79:de:b6:2f:fa:8e:6f:29:f7:23:d2:cc:fc:99:89:
8b:93:2a:56:39:72:be:e5:d6:d6:78:0b:66:da:af:
ae:98:94:12:db:35:18:8c:bd:10:0e:bc:e5:2c:23:
d7:b4:bc:82:fb:8a:62:d8:e7:57:be:aa:f5:67:55:
ea:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Subject Key Identifier:
06:D8:A1:17:D2:C1:A3:88:B7:E3:2D:01:BF:D7:7C:38:C4:22:D3:B4
X509v3 Authority Key Identifier:
BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8
Authority Information Access:
OCSP - URI:http://r10.o.lencr.org
CA Issuers - URI:http://r10.i.lencr.org/
X509v3 Subject Alternative Name:
DNS:affectionate-khayyam.148-72-245-152.plesk.page
X509v3 Certificate Policies:
Policy: 2.23.140.1.2.1
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : E6:D2:31:63:40:77:8C:C1:10:41:06:D7:71:B9:CE:C1:
D2:40:F6:96:84:86:FB:BA:87:32:1D:FD:1E:37:8E:50
Timestamp : Dec 14 12:51:16.108 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:4E:DA:E1:F5:7E:04:3A:F0:90:44:24:92:
4C:FC:59:3D:6A:6D:0B:8A:25:87:A0:6B:A5:66:CF:1C:
73:98:84:DD:02:21:00:AD:A2:F7:89:B7:24:5D:3C:98:
71:40:62:C8:F9:AB:4A:DE:E8:BC:D9:6A:67:90:80:1F:
C1:BF:DD:11:EE:63:34
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
Timestamp : Dec 14 12:51:16.125 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:7D:65:8C:5F:A9:9B:E6:8C:57:6A:E6:D7:
D1:CA:4D:95:E6:9C:58:8E:F0:8E:F2:03:F2:14:EE:B5:
30:24:51:B0:02:20:6D:3C:98:38:5A:41:47:9A:D8:6B:
01:54:9B:C9:60:9F:BD:95:51:C1:EE:C3:12:F4:A2:80:
99:1B:C8:F2:39:44
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
95:dc:53:3b:a6:04:7e:b2:1e:04:25:bd:b5:ad:b5:53:ed:89:
71:a5:42:05:ad:3c:01:f5:3f:31:4f:03:ff:67:23:e0:81:ff:
74:ff:74:96:ec:cd:e1:6c:dc:93:1d:ae:ef:e3:64:a7:6b:fb:
6f:0b:48:00:9d:a4:9c:42:d3:cf:1a:52:3d:5a:75:a5:36:c8:
08:9f:e1:38:77:4b:56:11:7f:06:17:23:e5:71:77:ab:b1:2e:
d9:94:b0:5c:18:6f:42:53:26:3a:7a:85:f7:76:f7:45:9b:fb:
74:82:56:4f:f8:a8:e2:b6:3c:bd:5a:ea:d1:b5:1d:fa:9f:36:
f1:9c:a2:68:91:a2:c6:0a:6d:2b:50:23:12:68:56:42:09:e1:
7e:d1:86:b6:ff:b7:91:1f:09:1c:fd:3f:42:53:e0:7e:44:21:
7a:9d:84:c5:b9:bf:48:f6:05:7d:a2:f2:01:4a:11:c2:e4:91:
4a:1d:a3:2d:00:d9:59:9a:92:16:c7:d7:c9:71:cf:36:c5:44:
6e:3e:c2:3f:35:44:0f:ad:97:d6:31:47:5e:f8:6b:b8:13:2d:
36:1a:87:30:a6:39:37:01:04:01:88:0c:21:4e:ec:af:2a:e1:
9e:e5:a3:07:66:4c:9c:f1:a7:07:b7:a4:1c:ff:f7:da:6e:4a:
89:1a:6a:65
196090384 | 2025-01-09T01:07:10.119191
3306 /
tcp
MariaDB:
Protocol Version: 10
Version: 10.6.18-MariaDB
Capabilities: 63486
Server Language: 8
Server Status: 2
Extended Server Capabilities: 33279
Authentication Plugin: mysql_native_password
-1991924565 | 2025-01-15T23:34:56.206687
3389 /
tcp
Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x1f\x08\x00\x02\x00\x00\x00
Remote Desktop Protocol NTLM Info:
OS: Windows Server 2022
OS Build: 10.0.20348
Target Name: 152-245-72-148
NetBIOS Domain Name: 152-245-72-148
NetBIOS Computer Name: 152-245-72-148
DNS Domain Name: 152-245-72-148.152-245-72-148
FQDN: 152-245-72-148.152-245-72-148
- Other user
SES
Password
Sign-in options
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:fe:c6:88:27:89:c8:8c:49:03:2a:04:aa:49:09:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=152-245-72-148.152-245-72-148
Validity
Not Before: Nov 19 23:10:22 2024 GMT
Not After : May 21 23:10:22 2025 GMT
Subject: CN=152-245-72-148.152-245-72-148
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c0:56:7f:e3:db:ad:d7:96:68:28:36:b2:81:85:
d5:7d:07:cc:ba:e4:f7:ac:7f:81:d0:16:1b:a2:15:
4e:0b:84:1c:1f:be:98:05:0b:d4:39:aa:e4:e7:1b:
c7:1d:ca:4c:33:d3:a2:d6:49:1d:f4:21:40:65:e5:
c7:54:17:26:0c:f2:88:52:ae:b2:05:0a:47:ec:3d:
98:9d:a9:08:bc:b4:f0:40:fe:80:67:9e:c7:4f:2a:
44:ed:03:eb:ae:ea:fb:19:0f:5a:fa:cb:56:94:f9:
9d:de:94:b6:f3:b2:36:38:9b:79:e2:34:b3:6e:fd:
ce:c6:50:0f:a3:7e:05:c4:ee:26:ac:3a:ff:f7:fd:
00:ab:23:f6:7f:ef:b1:2d:fb:5c:27:ed:8b:f3:a9:
56:76:d9:db:de:1a:07:ac:14:c3:1b:4c:32:a5:b7:
dc:0c:d9:c6:0f:9d:06:40:4d:fe:6e:d9:94:e0:c7:
94:5e:fa:a4:1d:e4:1f:da:be:d4:1d:bd:6a:c3:ba:
2f:46:7e:2f:f9:fa:1d:f4:3f:94:02:06:48:e5:bd:
4d:27:25:6d:70:55:fd:d3:23:64:24:b3:a4:b8:ca:
dd:00:38:d3:64:ef:c5:9d:7b:d7:82:29:bc:41:2b:
c1:dc:03:7b:b5:9a:c0:64:74:e5:a3:21:6b:91:7d:
eb:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Extended Key Usage:
TLS Web Server Authentication
X509v3 Key Usage:
Key Encipherment, Data Encipherment
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
65:ac:33:79:93:76:1f:f2:36:79:41:42:f2:e7:ab:27:2a:72:
b1:19:3f:b4:3d:ea:85:a1:a7:e0:ee:40:48:5e:ca:13:1f:a2:
06:94:e1:c1:43:92:37:fd:0a:09:b1:64:27:81:de:91:b1:a9:
0b:dc:14:40:cb:44:d0:f7:c8:16:5e:f7:d3:0f:d2:82:ce:68:
ea:86:11:f9:61:65:16:9e:8f:5c:29:d6:60:36:74:6f:fb:31:
ea:e2:52:87:c6:85:d4:7f:ac:eb:04:77:75:80:ab:1f:15:13:
be:80:34:d6:19:ae:e7:e3:4b:42:87:ce:fe:b4:2f:8f:29:2c:
f0:05:02:15:01:5d:ef:93:78:c7:4f:4f:8c:12:4b:ee:03:56:
fc:67:e6:b5:54:30:b9:bc:26:57:2c:04:1a:80:25:5f:d7:dc:
7f:3f:38:e5:32:1b:7b:29:c4:57:d5:93:4b:da:d9:fd:2c:56:
51:74:c0:68:28:98:3a:0f:7c:bb:0c:04:76:a6:9b:65:86:75:
59:9e:47:ee:03:e0:f6:f5:d7:84:53:94:84:e7:b1:6a:c0:48:
43:06:00:6b:66:b1:72:b7:b6:08:8f:c7:e5:0a:98:4a:6b:73:
65:a9:36:f5:32:86:98:56:c4:90:bd:d1:1a:11:27:a3:7a:c3:
3e:af:56:bc
