********************** Windows PowerShell transcript start Start time: 20231018162503 Username: THERMALS\ZAdmin07 RunAs User: THERMALS\ZAdmin07 Machine: TSMS0930 (Microsoft Windows NT 10.0.14393.0) Host Application: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Process ID: 3664 PSVersion: 5.1.14393.6343 PSEdition: Desktop PSCompatibleVersions: 1.0, 2.0, 3.0, 4.0, 5.0, 5.1.14393.6343 BuildVersion: 10.0.14393.6343 CLRVersion: 4.0.30319.42000 WSManStackVersion: 3.0 PSRemotingProtocolVersion: 2.3 SerializationVersion: 1.1.0.1 ********************** Transcript started, output file is C:\Users\ZAdmin07\Documents\PowerShell_transcript.TSMS0930.+XgUpfRb.20231018162503.txt PS C:\Windows\system32> netstat -ano Active Connections Proto Local Address Foreign Address State PID TCP 0.0.0.0:22 0.0.0.0:0 LISTENING 3180 TCP 0.0.0.0:80 0.0.0.0:0 LISTENING 4 TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 776 TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4 TCP 0.0.0.0:3388 0.0.0.0:0 LISTENING 3284 TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING 932 TCP 0.0.0.0:5985 0.0.0.0:0 LISTENING 4 TCP 0.0.0.0:47001 0.0.0.0:0 LISTENING 4 TCP 0.0.0.0:49664 0.0.0.0:0 LISTENING 488 TCP 0.0.0.0:49665 0.0.0.0:0 LISTENING 1016 TCP 0.0.0.0:49666 0.0.0.0:0 LISTENING 1252 TCP 0.0.0.0:49667 0.0.0.0:0 LISTENING 1580 TCP 0.0.0.0:49670 0.0.0.0:0 LISTENING 632 TCP 0.0.0.0:49693 0.0.0.0:0 LISTENING 2232 TCP 0.0.0.0:49726 0.0.0.0:0 LISTENING 616 TCP 0.0.0.0:51198 0.0.0.0:0 LISTENING 632 TCP 0.0.0.0:60518 0.0.0.0:0 LISTENING 4 TCP 10.10.2.30:139 0.0.0.0:0 LISTENING 4 TCP 10.10.2.30:3389 10.75.0.187:63655 ESTABLISHED 932 TCP 10.10.2.30:3389 83.97.73.191:28928 ESTABLISHED 932 TCP 10.10.2.30:3389 141.98.9.6:48734 ESTABLISHED 932 TCP 10.10.2.30:3389 172.104.162.81:52649 CLOSE_WAIT 932 TCP 10.10.2.30:49729 13.64.180.106:443 ESTABLISHED 1252 TCP 10.10.2.30:49808 40.83.240.146:443 ESTABLISHED 4216 TCP 10.10.2.30:51244 168.63.129.16:32526 ESTABLISHED 2588 TCP 10.10.2.30:51265 168.63.129.16:80 ESTABLISHED 2588 TCP 10.10.2.30:51309 168.63.129.16:32526 ESTABLISHED 2596 TCP 10.10.2.30:52962 10.10.1.11:49675 ESTABLISHED 632 TCP 10.10.2.30:53204 52.112.95.106:443 ESTABLISHED 8388 TCP 10.10.2.30:53208 52.114.132.32:443 ESTABLISHED 8776 TCP 10.10.2.30:54626 40.83.247.108:443 ESTABLISHED 7012 TCP 10.10.2.30:56275 168.63.129.16:80 TIME_WAIT 0 TCP 10.10.2.30:56296 44.195.171.249:443 TIME_WAIT 0 TCP 10.10.2.30:56300 13.69.68.15:443 ESTABLISHED 10104 TCP 10.10.2.30:56301 20.209.110.8:443 ESTABLISHED 10104 TCP 10.10.2.30:56305 20.190.155.2:443 ESTABLISHED 632 TCP 10.10.2.30:56306 10.10.1.11:135 TIME_WAIT 0 TCP 10.10.2.30:56307 10.10.1.11:49668 TIME_WAIT 0 TCP 10.10.2.30:56308 10.10.1.10:135 TIME_WAIT 0 TCP 10.10.2.30:56309 10.10.1.10:49671 ESTABLISHED 632 TCP 10.10.2.30:56323 4.154.131.233:443 TIME_WAIT 0 TCP 10.10.2.30:56324 52.168.112.67:443 ESTABLISHED 2552 TCP 10.10.2.30:56326 52.142.223.178:80 ESTABLISHED 1252 TCP 10.10.2.30:56327 23.221.22.180:80 ESTABLISHED 2612 TCP 10.10.2.30:56330 96.6.162.175:80 TIME_WAIT 0 TCP 10.10.2.30:56336 3.210.177.142:443 TIME_WAIT 0 TCP 10.10.2.30:56341 3.210.177.142:443 TIME_WAIT 0 TCP 10.10.2.30:56344 3.210.177.142:443 TIME_WAIT 0 TCP 10.10.2.30:56347 3.210.177.142:443 TIME_WAIT 0 TCP 10.10.2.30:56350 3.210.177.142:443 TIME_WAIT 0 TCP 10.10.2.30:56357 10.10.1.10:135 TIME_WAIT 0 TCP 10.10.2.30:56358 10.10.1.10:49671 ESTABLISHED 1888 TCP 10.10.2.30:56360 10.10.1.11:389 ESTABLISHED 1888 TCP 10.10.2.30:56364 3.210.177.142:443 TIME_WAIT 0 TCP 10.10.2.30:56366 192.229.211.108:80 ESTABLISHED 1252 TCP 10.10.2.30:56367 40.83.247.108:443 ESTABLISHED 8212 TCP 10.10.2.30:56369 173.222.53.237:443 ESTABLISHED 2496 TCP 10.10.2.30:56370 173.222.53.237:443 ESTABLISHED 2496 TCP 10.10.2.30:56371 4.154.131.233:443 TIME_WAIT 0 TCP 10.10.2.30:56374 3.210.177.142:443 TIME_WAIT 0 TCP 10.10.2.30:56376 52.168.112.67:443 ESTABLISHED 2552 TCP 10.10.2.30:56382 96.6.162.175:80 TIME_WAIT 0 TCP 10.10.2.30:56384 52.123.185.40:443 ESTABLISHED 8388 TCP 10.10.2.30:56387 192.229.211.108:80 ESTABLISHED 10728 TCP 10.10.2.30:56390 3.210.177.142:443 TIME_WAIT 0 TCP 10.10.2.30:56397 209.87.211.157:443 ESTABLISHED 10104 TCP [::]:22 [::]:0 LISTENING 3180 TCP [::]:80 [::]:0 LISTENING 4 TCP [::]:135 [::]:0 LISTENING 776 TCP [::]:445 [::]:0 LISTENING 4 TCP [::]:3388 [::]:0 LISTENING 3284 TCP [::]:3389 [::]:0 LISTENING 932 TCP [::]:5985 [::]:0 LISTENING 4 TCP [::]:47001 [::]:0 LISTENING 4 TCP [::]:49664 [::]:0 LISTENING 488 TCP [::]:49665 [::]:0 LISTENING 1016 TCP [::]:49666 [::]:0 LISTENING 1252 TCP [::]:49667 [::]:0 LISTENING 1580 TCP [::]:49670 [::]:0 LISTENING 632 TCP [::]:49693 [::]:0 LISTENING 2232 TCP [::]:49726 [::]:0 LISTENING 616 TCP [::]:51198 [::]:0 LISTENING 632 TCP [::]:60518 [::]:0 LISTENING 4 TCP [::1]:55807 [::1]:60518 ESTABLISHED 7012 TCP [::1]:56233 [::1]:60518 ESTABLISHED 2604 TCP [::1]:56391 [::1]:60518 ESTABLISHED 2604 TCP [::1]:60518 [::1]:55807 ESTABLISHED 4 TCP [::1]:60518 [::1]:56233 ESTABLISHED 4 TCP [::1]:60518 [::1]:56391 ESTABLISHED 4 UDP 0.0.0.0:123 *:* 76 UDP 0.0.0.0:500 *:* 1252 UDP 0.0.0.0:3389 *:* 932 UDP 0.0.0.0:4500 *:* 1252 UDP 0.0.0.0:5050 *:* 76 UDP 0.0.0.0:5353 *:* 612 UDP 0.0.0.0:5353 *:* 6676 UDP 0.0.0.0:5353 *:* 6676 UDP 0.0.0.0:5355 *:* 612 UDP 0.0.0.0:53660 *:* 8776 UDP 0.0.0.0:59902 *:* 8776 UDP 10.10.2.30:137 *:* 4 UDP 10.10.2.30:138 *:* 4 UDP 10.10.2.30:1900 *:* 4640 UDP 10.10.2.30:52214 *:* 4640 UDP 127.0.0.1:1900 *:* 4640 UDP 127.0.0.1:52215 *:* 4640 UDP 127.0.0.1:57785 *:* 2596 UDP 127.0.0.1:58244 *:* 380 UDP 127.0.0.1:61977 *:* 612 UDP 127.0.0.1:63174 *:* 632 UDP 127.0.0.1:63181 *:* 1252 UDP 127.0.0.1:64884 *:* 1888 UDP [::]:123 *:* 76 UDP [::]:500 *:* 1252 UDP [::]:3389 *:* 932 UDP [::]:4500 *:* 1252 UDP [::]:5353 *:* 612 UDP [::]:5353 *:* 6676 UDP [::]:5355 *:* 612 UDP [::]:53660 *:* 8776 UDP [::]:59902 *:* 8776 UDP [::1]:1900 *:* 4640 UDP [::1]:52213 *:* 4640 UDP [fe80::98db:21b1:88e9:4aef%7]:1900 *:* 4640 UDP [fe80::98db:21b1:88e9:4aef%7]:52212 *:* 4640 PS C:\Windows\system32> Stop-Transcript ********************** Windows PowerShell transcript end End time: 20231018162519 **********************