672847789 | 2024-05-09T01:57:09.519065
25 /
tcp
220 srv297 Kerio Connect 7.1.1 ESMTP ready
250-srv297
250-AUTH CRAM-MD5 PLAIN LOGIN DIGEST-MD5 NTLM
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-PIPELINING
250-ETRN
250-DSN
250 HELP
SMTP NTLM Info:
OS: Windows 8.1/Windows Server 2012 R2
OS Build: 6.3.9600
Target Name: SRV297
NetBIOS Domain Name: SRV297
NetBIOS Computer Name: SRV297
DNS Domain Name: srv297
FQDN: srv297
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1612475950 (0x601c6e2e)
Signature Algorithm: sha1WithRSAEncryption
Issuer: CN=srv297, C=US
Validity
Not Before: Feb 4 21:59:10 2021 GMT
Not After : Feb 4 21:59:10 2022 GMT
Subject: CN=srv297, C=US
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:eb:98:66:26:05:ba:a3:a4:03:ec:18:44:c0:ac:
73:59:1f:4b:09:e2:fd:83:9e:ed:a1:49:5f:a7:72:
b3:4c:c7:6b:ab:be:57:c1:b1:a6:05:33:fc:69:32:
e7:db:9b:2e:a5:94:69:d5:b7:98:b2:88:17:ef:28:
43:5e:43:c3:4d:14:ff:c4:44:a3:94:0c:50:11:85:
33:e7:de:55:2d:83:7d:9b:a5:55:11:f1:f2:12:ac:
c9:fa:c5:e5:82:aa:7e:fe:7d:ef:af:11:3d:31:15:
bf:d4:da:c6:da:8e:36:65:2a:b4:53:30:98:af:d8:
93:9f:fa:a4:f9:36:ee:64:95:48:67:0f:ac:59:b8:
27:a0:53:ed:75:fa:80:1a:d4:a3:fb:af:8c:0a:c1:
42:13:c6:e5:8e:5a:e8:2e:66:ba:a8:88:66:a8:db:
94:c4:b5:11:b7:7a:b0:4e:12:67:47:b6:df:86:84:
ff:8a:b6:7e:84:39:e4:be:0b:a1:0f:b2:fe:fd:09:
b2:ef:70:ed:2c:8a:de:52:a7:f1:62:20:f8:ec:1d:
b0:88:49:44:16:a5:77:c0:c1:ff:7f:d8:fe:e4:0a:
a6:54:a8:0d:24:36:db:24:94:80:36:99:1d:dd:63:
3d:0a:81:18:2e:71:0e:7e:e3:a4:1c:18:57:3f:aa:
65:8b
Exponent: 65537 (0x10001)
Signature Algorithm: sha1WithRSAEncryption
Signature Value:
ae:1b:f8:b2:25:cc:a2:79:e7:21:96:cc:c8:2b:2e:b8:62:c9:
3a:2d:45:8f:0b:85:2f:98:31:aa:6b:8f:bb:6c:0b:34:36:9d:
00:bf:20:1a:f2:52:97:ae:45:96:19:18:cd:80:27:aa:18:c3:
2d:72:ef:5a:86:b6:56:7d:36:36:82:8a:e0:83:c9:70:45:fb:
46:01:f8:fc:02:bc:1b:fc:3a:6a:e7:8d:ce:1a:68:39:2f:00:
9d:83:0a:eb:65:a2:57:f7:fe:77:2d:09:a2:f5:56:d0:4c:3a:
04:89:a5:6a:40:da:2d:02:a7:33:ff:36:f9:bc:fc:be:6c:20:
83:47:fa:fe:b9:1b:64:18:e6:a9:19:05:f1:f7:81:6a:56:78:
75:75:4e:ee:42:6b:5c:e5:0f:b7:d5:8b:79:89:02:a7:2f:5f:
a2:69:38:e4:54:3b:0d:a4:a0:1e:dc:2d:73:0c:bf:77:a6:f9:
86:b7:0a:80:0d:d7:47:0b:19:c8:7d:95:9a:58:61:f4:2e:9c:
20:2d:71:ec:52:af:51:8e:a2:2d:2d:48:b6:b1:09:61:47:98:
d8:f9:1f:94:9b:37:cf:41:bf:1e:e3:fe:e1:2c:44:48:a0:51:
f3:e1:8b:cc:2d:75:20:c8:ef:3f:4b:84:a4:91:2b:d4:e7:28:
1b:50:2e:31
1138219898 | 2024-05-08T07:19:51.873995
80 /
tcp
HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Thu, 04 Feb 2021 22:12:57 GMT
Accept-Ranges: bytes
ETag: "9a69abe442fbd61:0"
Server: Microsoft-IIS/8.5
Date: Wed, 08 May 2024 07:19:53 GMT
Content-Length: 701
1632197660 | 2024-04-30T12:48:00.190497
110 /
tcp
+OK Kerio Connect 7.1.1 POP3 server ready <14952.1714481257@srv297>
+OK Capability list follows
STLS
SASL CRAM-MD5 PLAIN LOGIN DIGEST-MD5 NTLM
TOP
USER
UIDL
.
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1612475950 (0x601c6e2e)
Signature Algorithm: sha1WithRSAEncryption
Issuer: CN=srv297, C=US
Validity
Not Before: Feb 4 21:59:10 2021 GMT
Not After : Feb 4 21:59:10 2022 GMT
Subject: CN=srv297, C=US
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:eb:98:66:26:05:ba:a3:a4:03:ec:18:44:c0:ac:
73:59:1f:4b:09:e2:fd:83:9e:ed:a1:49:5f:a7:72:
b3:4c:c7:6b:ab:be:57:c1:b1:a6:05:33:fc:69:32:
e7:db:9b:2e:a5:94:69:d5:b7:98:b2:88:17:ef:28:
43:5e:43:c3:4d:14:ff:c4:44:a3:94:0c:50:11:85:
33:e7:de:55:2d:83:7d:9b:a5:55:11:f1:f2:12:ac:
c9:fa:c5:e5:82:aa:7e:fe:7d:ef:af:11:3d:31:15:
bf:d4:da:c6:da:8e:36:65:2a:b4:53:30:98:af:d8:
93:9f:fa:a4:f9:36:ee:64:95:48:67:0f:ac:59:b8:
27:a0:53:ed:75:fa:80:1a:d4:a3:fb:af:8c:0a:c1:
42:13:c6:e5:8e:5a:e8:2e:66:ba:a8:88:66:a8:db:
94:c4:b5:11:b7:7a:b0:4e:12:67:47:b6:df:86:84:
ff:8a:b6:7e:84:39:e4:be:0b:a1:0f:b2:fe:fd:09:
b2:ef:70:ed:2c:8a:de:52:a7:f1:62:20:f8:ec:1d:
b0:88:49:44:16:a5:77:c0:c1:ff:7f:d8:fe:e4:0a:
a6:54:a8:0d:24:36:db:24:94:80:36:99:1d:dd:63:
3d:0a:81:18:2e:71:0e:7e:e3:a4:1c:18:57:3f:aa:
65:8b
Exponent: 65537 (0x10001)
Signature Algorithm: sha1WithRSAEncryption
Signature Value:
ae:1b:f8:b2:25:cc:a2:79:e7:21:96:cc:c8:2b:2e:b8:62:c9:
3a:2d:45:8f:0b:85:2f:98:31:aa:6b:8f:bb:6c:0b:34:36:9d:
00:bf:20:1a:f2:52:97:ae:45:96:19:18:cd:80:27:aa:18:c3:
2d:72:ef:5a:86:b6:56:7d:36:36:82:8a:e0:83:c9:70:45:fb:
46:01:f8:fc:02:bc:1b:fc:3a:6a:e7:8d:ce:1a:68:39:2f:00:
9d:83:0a:eb:65:a2:57:f7:fe:77:2d:09:a2:f5:56:d0:4c:3a:
04:89:a5:6a:40:da:2d:02:a7:33:ff:36:f9:bc:fc:be:6c:20:
83:47:fa:fe:b9:1b:64:18:e6:a9:19:05:f1:f7:81:6a:56:78:
75:75:4e:ee:42:6b:5c:e5:0f:b7:d5:8b:79:89:02:a7:2f:5f:
a2:69:38:e4:54:3b:0d:a4:a0:1e:dc:2d:73:0c:bf:77:a6:f9:
86:b7:0a:80:0d:d7:47:0b:19:c8:7d:95:9a:58:61:f4:2e:9c:
20:2d:71:ec:52:af:51:8e:a2:2d:2d:48:b6:b1:09:61:47:98:
d8:f9:1f:94:9b:37:cf:41:bf:1e:e3:fe:e1:2c:44:48:a0:51:
f3:e1:8b:cc:2d:75:20:c8:ef:3f:4b:84:a4:91:2b:d4:e7:28:
1b:50:2e:31
-1573111484 | 2024-05-15T16:33:08.306487
119 /
tcp
200 Kerio Connect 7.1.1 NNTP server ready
1980258901 | 2024-05-06T15:32:08.148959
135 /
tcp
Microsoft RPC Endpoint Mapper
d95afe70-a6d5-4259-822e-2c84da1ddb0d
version: v1.0
protocol: [MS-RSP]: Remote Shutdown Protocol
provider: wininit.exe
ncacn_ip_tcp: 185.13.36.121:1025
ncalrpc: WindowsShutdown
ncacn_np: \\SRV297\PIPE\InitShutdown
ncalrpc: WMsgKRpc0627D0
76f226c3-ec14-4325-8a99-6a46348418af
version: v1.0
provider: winlogon.exe
ncalrpc: WindowsShutdown
ncacn_np: \\SRV297\PIPE\InitShutdown
ncalrpc: WMsgKRpc0627D0
ncalrpc: WMsgKRpc063211
ncalrpc: WMsgKRpc026706B2
ncalrpc: WMsgKRpc0713747F3
9b008953-f195-4bf9-bde0-4471971e58ed
version: v1.0
ncalrpc: LRPC-1b2b8d6c3cc05d03c6
ncacn_np: \\SRV297\pipe\LSM_API_service
ncalrpc: LSMApi
ncalrpc: LRPC-e62cd3ef9abc75bb11
ncalrpc: actkernel
ncalrpc: umpo
697dcda9-3ba9-4eb2-9247-e11f1901b0d2
version: v1.0
ncalrpc: LRPC-1b2b8d6c3cc05d03c6
ncacn_np: \\SRV297\pipe\LSM_API_service
ncalrpc: LSMApi
ncalrpc: LRPC-e62cd3ef9abc75bb11
ncalrpc: actkernel
ncalrpc: umpo
c9ac6db5-82b7-4e55-ae8a-e464ed7b4277
version: v1.0
annotation: Impl friendly name
provider: sysntfy.dll
ncalrpc: LRPC-e62cd3ef9abc75bb11
ncalrpc: actkernel
ncalrpc: umpo
ncalrpc: LRPC-e34086639046de4084
ncacn_np: \\SRV297\PIPE\srvsvc
ncacn_ip_tcp: 185.13.36.121:1028
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\SRV297\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEAB9699790A1397F6876E7FF74A28
ncalrpc: IUserProfile2
ncalrpc: senssvc
ncalrpc: OLEAB9699790A1397F6876E7FF74A28
ncalrpc: IUserProfile2
ncalrpc: IUserProfile2
ncalrpc: IUserProfile2
0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
c605f9fb-f0a3-4e2a-a073-73560f8d9e3e
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
8bfc3be1-6def-4e2d-af74-7c47cd0ade4a
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
2d98a740-581d-41b9-aa0d-a88b9d5ce938
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
3b338d89-6cfa-44b8-847e-531531bc9992
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
8782d3b9-ebbd-4644-a3d8-e8725381919b
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
085b0334-e454-4d91-9b8c-4134f9e793f3
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5
version: v1.0
annotation: DHCP Client LRPC Endpoint
provider: dhcpcsvc.dll
ncalrpc: dhcpcsvc
ncalrpc: dhcpcsvc6
ncalrpc: LRPC-716abcaeb6c6f3db23
ncacn_ip_tcp: 185.13.36.121:1026
ncacn_np: \\SRV297\pipe\eventlog
ncalrpc: eventlog
3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6
version: v1.0
annotation: DHCPv6 Client LRPC Endpoint
provider: dhcpcsvc6.dll
ncalrpc: dhcpcsvc6
ncalrpc: LRPC-716abcaeb6c6f3db23
ncacn_ip_tcp: 185.13.36.121:1026
ncacn_np: \\SRV297\pipe\eventlog
ncalrpc: eventlog
abfb6ca3-0c5e-4734-9285-0aee72fe8d1c
version: v1.0
annotation: Wcm Service
ncalrpc: LRPC-716abcaeb6c6f3db23
ncacn_ip_tcp: 185.13.36.121:1026
ncacn_np: \\SRV297\pipe\eventlog
ncalrpc: eventlog
30adc50c-5cbc-46ce-9a0e-91914789e23c
version: v1.0
annotation: NRP server endpoint
provider: nrpsrv.dll
ncalrpc: LRPC-716abcaeb6c6f3db23
ncacn_ip_tcp: 185.13.36.121:1026
ncacn_np: \\SRV297\pipe\eventlog
ncalrpc: eventlog
f6beaff7-1e19-4fbb-9f8f-b89e2018337c
version: v1.0
annotation: Event log TCPIP
protocol: [MS-EVEN6]: EventLog Remoting Protocol
provider: wevtsvc.dll
ncacn_ip_tcp: 185.13.36.121:1026
ncacn_np: \\SRV297\pipe\eventlog
ncalrpc: eventlog
572e35b4-1344-4565-96a1-f5df3bfa89bb
version: v1.0
annotation: LiveIdSvcNotify RPC Interface
ncalrpc: liveidsvcnotify
faf2447b-b348-4feb-8dbe-beee5b7f7778
version: v1.0
annotation: OnlineProviderCert RPC Interface
ncalrpc: LRPC-0913706e26c3f55d1f
cc105610-da03-467e-bc73-5b9e2937458d
version: v1.0
annotation: LiveIdSvc RPC Interface
ncalrpc: LRPC-0913706e26c3f55d1f
8c7daf44-b6dc-11d1-9a4c-0020af6e7c57
version: v1.0
annotation: Group Policy RPC Interface
provider: appmgmts.dll
ncalrpc: LRPC-7816a157bc687128cd
58e604e8-9adb-4d2e-a464-3b0683fb1480
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncalrpc: DeviceSetupManager
ncacn_np: \\SRV297\pipe\SessEnvPublicRpc
ncalrpc: SessEnvPrivateRpc
ncalrpc: LRPC-e34086639046de4084
ncacn_np: \\SRV297\PIPE\srvsvc
ncacn_ip_tcp: 185.13.36.121:1028
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\SRV297\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEAB9699790A1397F6876E7FF74A28
ncalrpc: IUserProfile2
fd7a0523-dc70-43dd-9b2e-9c5ed48225b1
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncalrpc: DeviceSetupManager
ncacn_np: \\SRV297\pipe\SessEnvPublicRpc
ncalrpc: SessEnvPrivateRpc
ncalrpc: LRPC-e34086639046de4084
ncacn_np: \\SRV297\PIPE\srvsvc
ncacn_ip_tcp: 185.13.36.121:1028
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\SRV297\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEAB9699790A1397F6876E7FF74A28
ncalrpc: IUserProfile2
5f54ce7d-5b79-4175-8584-cb65313a0e98
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncalrpc: DeviceSetupManager
ncacn_np: \\SRV297\pipe\SessEnvPublicRpc
ncalrpc: SessEnvPrivateRpc
ncalrpc: LRPC-e34086639046de4084
ncacn_np: \\SRV297\PIPE\srvsvc
ncacn_ip_tcp: 185.13.36.121:1028
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\SRV297\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEAB9699790A1397F6876E7FF74A28
ncalrpc: IUserProfile2
201ef99a-7fa0-444c-9399-19ba84f12a1a
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncalrpc: DeviceSetupManager
ncacn_np: \\SRV297\pipe\SessEnvPublicRpc
ncalrpc: SessEnvPrivateRpc
ncalrpc: LRPC-e34086639046de4084
ncacn_np: \\SRV297\PIPE\srvsvc
ncacn_ip_tcp: 185.13.36.121:1028
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\SRV297\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEAB9699790A1397F6876E7FF74A28
ncalrpc: IUserProfile2
30b044a5-a225-43f0-b3a4-e060df91f9c1
version: v1.0
provider: certprop.dll
ncalrpc: LRPC-e34086639046de4084
ncacn_np: \\SRV297\PIPE\srvsvc
ncacn_ip_tcp: 185.13.36.121:1028
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\SRV297\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEAB9699790A1397F6876E7FF74A28
ncalrpc: IUserProfile2
1a0d010f-1c33-432c-b0f5-8cf4e8053099
version: v1.0
annotation: IdSegSrv service
ncacn_ip_tcp: 185.13.36.121:1028
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\SRV297\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEAB9699790A1397F6876E7FF74A28
ncalrpc: IUserProfile2
98716d03-89ac-44c7-bb8c-285824e51c4a
version: v1.0
annotation: XactSrv service
provider: srvsvc.dll
ncacn_ip_tcp: 185.13.36.121:1028
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\SRV297\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEAB9699790A1397F6876E7FF74A28
ncalrpc: IUserProfile2
c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1
version: v1.0
annotation: Adh APIs
ncacn_ip_tcp: 185.13.36.121:1028
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\SRV297\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEAB9699790A1397F6876E7FF74A28
ncalrpc: IUserProfile2
c36be077-e14b-4fe9-8abc-e856ef4f048b
version: v1.0
annotation: Proxy Manager client server endpoint
ncacn_ip_tcp: 185.13.36.121:1028
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\SRV297\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEAB9699790A1397F6876E7FF74A28
ncalrpc: IUserProfile2
2e6035b2-e8f1-41a7-a044-656b439c4c34
version: v1.0
annotation: Proxy Manager provider server endpoint
ncacn_ip_tcp: 185.13.36.121:1028
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\SRV297\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEAB9699790A1397F6876E7FF74A28
ncalrpc: IUserProfile2
552d076a-cb29-4e44-8b6a-d15e59e2c0af
version: v1.0
annotation: IP Transition Configuration endpoint
provider: iphlpsvc.dll
ncacn_ip_tcp: 185.13.36.121:1028
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\SRV297\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEAB9699790A1397F6876E7FF74A28
ncalrpc: IUserProfile2
a398e520-d59a-4bdd-aa7a-3c1e0303a511
version: v1.0
annotation: IKE/Authip API
provider: IKEEXT.DLL
ncacn_ip_tcp: 185.13.36.121:1028
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\SRV297\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEAB9699790A1397F6876E7FF74A28
ncalrpc: IUserProfile2
3a9ef155-691d-4449-8d05-09ad57031823
version: v1.0
ncacn_ip_tcp: 185.13.36.121:1028
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\SRV297\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEAB9699790A1397F6876E7FF74A28
ncalrpc: IUserProfile2
86d35949-83c9-4044-b424-db363231fd0c
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: schedsvc.dll
ncacn_ip_tcp: 185.13.36.121:1028
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\SRV297\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEAB9699790A1397F6876E7FF74A28
ncalrpc: IUserProfile2
378e52b0-c0a9-11cf-822d-00aa0051e40f
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: taskcomp.dll
ncacn_np: \\SRV297\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEAB9699790A1397F6876E7FF74A28
ncalrpc: IUserProfile2
1ff70682-0a51-30e8-076d-740be8cee98b
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: taskcomp.dll
ncacn_np: \\SRV297\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLEAB9699790A1397F6876E7FF74A28
ncalrpc: IUserProfile2
0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53
version: v1.0
provider: schedsvc.dll
ncalrpc: senssvc
ncalrpc: OLEAB9699790A1397F6876E7FF74A28
ncalrpc: IUserProfile2
2eb08e3e-639f-4fba-97b1-14f878961076
version: v1.0
annotation: Group Policy RPC Interface
provider: gpsvc.dll
ncalrpc: LRPC-c81fb7e37763c475bb
b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86
version: v2.0
annotation: KeyIso
ncacn_ip_tcp: 185.13.36.121:1027
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\SRV297\pipe\lsass
12345778-1234-abcd-ef00-0123456789ac
version: v1.0
protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
provider: samsrv.dll
ncacn_ip_tcp: 185.13.36.121:1027
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\SRV297\pipe\lsass
3473dd4d-2e88-4006-9cba-22570909dd10
version: v5.256
annotation: WinHttp Auto-Proxy Service
ncacn_np: \\SRV297\PIPE\W32TIME_ALT
ncalrpc: W32TIME_ALT
ncalrpc: LRPC-80901d02826a416f26
ncalrpc: OLEE0811024DF47FFDCE7BE30408867
7ea70bcf-48af-4f6a-8968-6a440754d5fa
version: v1.0
annotation: NSI server endpoint
provider: nsisvc.dll
ncalrpc: LRPC-80901d02826a416f26
ncalrpc: OLEE0811024DF47FFDCE7BE30408867
2fb92682-6599-42dc-ae13-bd2ca89bd11c
version: v1.0
annotation: Fw APIs
provider: MPSSVC.dll
ncalrpc: LRPC-852afd515c5cdc1a2b
ncalrpc: LRPC-e689c69859732f580a
f47433c3-3e9d-4157-aad4-83aa1f5c2d4c
version: v1.0
annotation: Fw APIs
ncalrpc: LRPC-852afd515c5cdc1a2b
ncalrpc: LRPC-e689c69859732f580a
7f9d11bf-7fb9-436b-a812-b2d50c5d4c03
version: v1.0
annotation: Fw APIs
provider: MPSSVC.dll
ncalrpc: LRPC-852afd515c5cdc1a2b
ncalrpc: LRPC-e689c69859732f580a
dd490425-5325-4565-b774-7e27d6c09c24
version: v1.0
annotation: Base Firewall Engine API
provider: BFE.DLL
ncalrpc: LRPC-e689c69859732f580a
b2507c30-b126-494a-92ac-ee32b6eeb039
version: v1.0
ncalrpc: LRPC-9825e89e348b545cce
ncalrpc: OLE1585CBE7078FF2D5D33CEEF594C0
7f1343fe-50a9-4927-a778-0c5859517bac
version: v1.0
annotation: DfsDs service
ncacn_np: \\SRV297\PIPE\wkssvc
ncalrpc: LRPC-6871ca70a4c48d8242
ncalrpc: DNSResolver
eb081a0d-10ee-478a-a1dd-50995283e7a8
version: v3.0
annotation: Witness Client Test Interface
ncalrpc: LRPC-6871ca70a4c48d8242
ncalrpc: DNSResolver
f2c9b409-c1c9-4100-8639-d8ab1486694a
version: v1.0
annotation: Witness Client Upcall Server
ncalrpc: LRPC-6871ca70a4c48d8242
ncalrpc: DNSResolver
76f03f96-cdfd-44fc-a22c-64950a001209
version: v1.0
protocol: [MS-PAR]: Print System Asynchronous Remote Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 185.13.36.121:1029
ncalrpc: LRPC-394de1b24971d5cc6f
4a452661-8290-4b36-8fbe-7f4093a94978
version: v1.0
provider: spoolsv.exe
ncacn_ip_tcp: 185.13.36.121:1029
ncalrpc: LRPC-394de1b24971d5cc6f
ae33069b-a2a8-46ee-a235-ddfd339be281
version: v1.0
protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 185.13.36.121:1029
ncalrpc: LRPC-394de1b24971d5cc6f
0b6edbfa-4a24-4fc6-8a23-942b1eca65d1
version: v1.0
protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 185.13.36.121:1029
ncalrpc: LRPC-394de1b24971d5cc6f
12345678-1234-abcd-ef00-0123456789ab
version: v1.0
protocol: [MS-RPRN]: Print System Remote Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 185.13.36.121:1029
ncalrpc: LRPC-394de1b24971d5cc6f
367abb81-9844-35f1-ad32-98f038001003
version: v2.0
protocol: [MS-SCMR]: Service Control Manager Remote Protocol
provider: services.exe
ncacn_ip_tcp: 185.13.36.121:1031
6b5bdd1e-528c-422c-af8c-a4079be4fe48
version: v1.0
annotation: Remote Fw APIs
protocol: [MS-FASP]: Firewall and Advanced Security Protocol
provider: FwRemoteSvr.dll
ncacn_ip_tcp: 185.13.36.121:1032
906b0ce0-c70b-1067-b317-00dd010662da
version: v1.0
protocol: [MS-CMPO]: MSDTC Connection Manager:
provider: msdtcprx.dll
ncalrpc: LRPC-0896cde9744e16596a
ncalrpc: LRPC-0896cde9744e16596a
ncalrpc: LRPC-0896cde9744e16596a
12e65dd8-887f-41ef-91bf-8d816c42c2e7
version: v1.0
annotation: Secure Desktop LRPC interface
provider: winlogon.exe
ncalrpc: WMsgKRpc026706B2
ncalrpc: WMsgKRpc0713747F3
a500d4c6-0dd1-4543-bc0c-d5f93486eaf8
version: v1.0
ncalrpc: LRPC-920483a2947e325d46
e40f7b57-7a25-4cd3-a135-7f7d3df9d16b
version: v1.0
annotation: Network Connection Broker server endpoint
ncalrpc: OLE79472A520198F418F4C3811325B2
ncalrpc: TSUMRPD_PRINT_DRV_LPC_API
ncalrpc: trkwks
ncacn_np: \\SRV297\pipe\trkwks
880fd55e-43b9-11e0-b1a8-cf4edfd72085
version: v1.0
annotation: KAPI Service endpoint
ncalrpc: OLE79472A520198F418F4C3811325B2
ncalrpc: TSUMRPD_PRINT_DRV_LPC_API
ncalrpc: trkwks
ncacn_np: \\SRV297\pipe\trkwks
5222821f-d5e2-4885-84f1-5f6185a0ec41
version: v1.0
annotation: Network Connection Broker server endpoint for NCB Reset module
ncalrpc: OLE79472A520198F418F4C3811325B2
ncalrpc: TSUMRPD_PRINT_DRV_LPC_API
ncalrpc: trkwks
ncacn_np: \\SRV297\pipe\trkwks
-1985107624 | 2024-05-11T20:22:06.769022
143 /
tcp
* OK Kerio Connect 7.1.1 IMAP4rev1 server ready
* CAPABILITY IMAP4 IMAP4rev1 IDLE ACL LITERAL+ UIDPLUS QUOTA ID SORT ANNOTATE ANNOTATEMORE STATUS-COUNTERS UNSELECT LISTEXT NAMESPACE XLIST STARTTLS AUTH=CRAM-MD5 AUTH=PLAIN AUTH=LOGIN AUTH=DIGEST-MD5 AUTH=NTLM
A001 OK CAPABILITY completed
* ID ("name" "Kerio Connect" "version" " 7.1.1 ")
A002 OK ID completed
A003 BAD Unknown command 'unknowncmd'
* BYE logging out
A004 OK LOGOUT completed
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1612475950 (0x601c6e2e)
Signature Algorithm: sha1WithRSAEncryption
Issuer: CN=srv297, C=US
Validity
Not Before: Feb 4 21:59:10 2021 GMT
Not After : Feb 4 21:59:10 2022 GMT
Subject: CN=srv297, C=US
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:eb:98:66:26:05:ba:a3:a4:03:ec:18:44:c0:ac:
73:59:1f:4b:09:e2:fd:83:9e:ed:a1:49:5f:a7:72:
b3:4c:c7:6b:ab:be:57:c1:b1:a6:05:33:fc:69:32:
e7:db:9b:2e:a5:94:69:d5:b7:98:b2:88:17:ef:28:
43:5e:43:c3:4d:14:ff:c4:44:a3:94:0c:50:11:85:
33:e7:de:55:2d:83:7d:9b:a5:55:11:f1:f2:12:ac:
c9:fa:c5:e5:82:aa:7e:fe:7d:ef:af:11:3d:31:15:
bf:d4:da:c6:da:8e:36:65:2a:b4:53:30:98:af:d8:
93:9f:fa:a4:f9:36:ee:64:95:48:67:0f:ac:59:b8:
27:a0:53:ed:75:fa:80:1a:d4:a3:fb:af:8c:0a:c1:
42:13:c6:e5:8e:5a:e8:2e:66:ba:a8:88:66:a8:db:
94:c4:b5:11:b7:7a:b0:4e:12:67:47:b6:df:86:84:
ff:8a:b6:7e:84:39:e4:be:0b:a1:0f:b2:fe:fd:09:
b2:ef:70:ed:2c:8a:de:52:a7:f1:62:20:f8:ec:1d:
b0:88:49:44:16:a5:77:c0:c1:ff:7f:d8:fe:e4:0a:
a6:54:a8:0d:24:36:db:24:94:80:36:99:1d:dd:63:
3d:0a:81:18:2e:71:0e:7e:e3:a4:1c:18:57:3f:aa:
65:8b
Exponent: 65537 (0x10001)
Signature Algorithm: sha1WithRSAEncryption
Signature Value:
ae:1b:f8:b2:25:cc:a2:79:e7:21:96:cc:c8:2b:2e:b8:62:c9:
3a:2d:45:8f:0b:85:2f:98:31:aa:6b:8f:bb:6c:0b:34:36:9d:
00:bf:20:1a:f2:52:97:ae:45:96:19:18:cd:80:27:aa:18:c3:
2d:72:ef:5a:86:b6:56:7d:36:36:82:8a:e0:83:c9:70:45:fb:
46:01:f8:fc:02:bc:1b:fc:3a:6a:e7:8d:ce:1a:68:39:2f:00:
9d:83:0a:eb:65:a2:57:f7:fe:77:2d:09:a2:f5:56:d0:4c:3a:
04:89:a5:6a:40:da:2d:02:a7:33:ff:36:f9:bc:fc:be:6c:20:
83:47:fa:fe:b9:1b:64:18:e6:a9:19:05:f1:f7:81:6a:56:78:
75:75:4e:ee:42:6b:5c:e5:0f:b7:d5:8b:79:89:02:a7:2f:5f:
a2:69:38:e4:54:3b:0d:a4:a0:1e:dc:2d:73:0c:bf:77:a6:f9:
86:b7:0a:80:0d:d7:47:0b:19:c8:7d:95:9a:58:61:f4:2e:9c:
20:2d:71:ec:52:af:51:8e:a2:2d:2d:48:b6:b1:09:61:47:98:
d8:f9:1f:94:9b:37:cf:41:bf:1e:e3:fe:e1:2c:44:48:a0:51:
f3:e1:8b:cc:2d:75:20:c8:ef:3f:4b:84:a4:91:2b:d4:e7:28:
1b:50:2e:31
-455162815 | 2024-04-17T06:36:30.511370
389 /
tcp
LDAP:
NamingContexts: fn=ContactRoot
DefaultNamingContext: fn=ContactRoot
SupportedControl:
1.2.840.113556.1.4.319
1.2.840.113556.1.4.473
1.2.840.113556.1.4.474
-222255069 | 2024-05-14T16:26:19.996336
443 /
tcp
HTTP/1.1 200 OK
Connection: Close
Content-type: text/html
Date: Tue, 14 May 2024 16:26:20 GMT
Server: Kerio Connect 7.1.1
X-UA-Compatible: IE=8
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1612475950 (0x601c6e2e)
Signature Algorithm: sha1WithRSAEncryption
Issuer: CN=srv297, C=US
Validity
Not Before: Feb 4 21:59:10 2021 GMT
Not After : Feb 4 21:59:10 2022 GMT
Subject: CN=srv297, C=US
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:eb:98:66:26:05:ba:a3:a4:03:ec:18:44:c0:ac:
73:59:1f:4b:09:e2:fd:83:9e:ed:a1:49:5f:a7:72:
b3:4c:c7:6b:ab:be:57:c1:b1:a6:05:33:fc:69:32:
e7:db:9b:2e:a5:94:69:d5:b7:98:b2:88:17:ef:28:
43:5e:43:c3:4d:14:ff:c4:44:a3:94:0c:50:11:85:
33:e7:de:55:2d:83:7d:9b:a5:55:11:f1:f2:12:ac:
c9:fa:c5:e5:82:aa:7e:fe:7d:ef:af:11:3d:31:15:
bf:d4:da:c6:da:8e:36:65:2a:b4:53:30:98:af:d8:
93:9f:fa:a4:f9:36:ee:64:95:48:67:0f:ac:59:b8:
27:a0:53:ed:75:fa:80:1a:d4:a3:fb:af:8c:0a:c1:
42:13:c6:e5:8e:5a:e8:2e:66:ba:a8:88:66:a8:db:
94:c4:b5:11:b7:7a:b0:4e:12:67:47:b6:df:86:84:
ff:8a:b6:7e:84:39:e4:be:0b:a1:0f:b2:fe:fd:09:
b2:ef:70:ed:2c:8a:de:52:a7:f1:62:20:f8:ec:1d:
b0:88:49:44:16:a5:77:c0:c1:ff:7f:d8:fe:e4:0a:
a6:54:a8:0d:24:36:db:24:94:80:36:99:1d:dd:63:
3d:0a:81:18:2e:71:0e:7e:e3:a4:1c:18:57:3f:aa:
65:8b
Exponent: 65537 (0x10001)
Signature Algorithm: sha1WithRSAEncryption
Signature Value:
ae:1b:f8:b2:25:cc:a2:79:e7:21:96:cc:c8:2b:2e:b8:62:c9:
3a:2d:45:8f:0b:85:2f:98:31:aa:6b:8f:bb:6c:0b:34:36:9d:
00:bf:20:1a:f2:52:97:ae:45:96:19:18:cd:80:27:aa:18:c3:
2d:72:ef:5a:86:b6:56:7d:36:36:82:8a:e0:83:c9:70:45:fb:
46:01:f8:fc:02:bc:1b:fc:3a:6a:e7:8d:ce:1a:68:39:2f:00:
9d:83:0a:eb:65:a2:57:f7:fe:77:2d:09:a2:f5:56:d0:4c:3a:
04:89:a5:6a:40:da:2d:02:a7:33:ff:36:f9:bc:fc:be:6c:20:
83:47:fa:fe:b9:1b:64:18:e6:a9:19:05:f1:f7:81:6a:56:78:
75:75:4e:ee:42:6b:5c:e5:0f:b7:d5:8b:79:89:02:a7:2f:5f:
a2:69:38:e4:54:3b:0d:a4:a0:1e:dc:2d:73:0c:bf:77:a6:f9:
86:b7:0a:80:0d:d7:47:0b:19:c8:7d:95:9a:58:61:f4:2e:9c:
20:2d:71:ec:52:af:51:8e:a2:2d:2d:48:b6:b1:09:61:47:98:
d8:f9:1f:94:9b:37:cf:41:bf:1e:e3:fe:e1:2c:44:48:a0:51:
f3:e1:8b:cc:2d:75:20:c8:ef:3f:4b:84:a4:91:2b:d4:e7:28:
1b:50:2e:31
1688663994 | 2024-04-18T12:35:37.226689
445 /
tcp
SMB Status:
Authentication: enabled
SMB Version: 1
OS: Windows Server 2012 R2 Standard 9600
Software: Windows Server 2012 R2 Standard 6.3
Capabilities: extended-security, infolevel-passthru, large-files, large-readx, large-writex, level2-oplocks, lock-and-read, lwio, nt-find, nt-smb, nt-status, rpc-remote-api, unicode
1525600033 | 2024-04-25T04:40:03.392019
465 /
tcp
220 srv297 Kerio Connect 7.1.1 ESMTP ready
250-srv297
250-AUTH CRAM-MD5 PLAIN LOGIN DIGEST-MD5 NTLM
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-PIPELINING
250-ETRN
250-DSN
250 HELP
SMTP NTLM Info:
OS: Windows 8.1/Windows Server 2012 R2
OS Build: 6.3.9600
Target Name: SRV297
NetBIOS Domain Name: SRV297
NetBIOS Computer Name: SRV297
DNS Domain Name: srv297
FQDN: srv297
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1612475950 (0x601c6e2e)
Signature Algorithm: sha1WithRSAEncryption
Issuer: CN=srv297, C=US
Validity
Not Before: Feb 4 21:59:10 2021 GMT
Not After : Feb 4 21:59:10 2022 GMT
Subject: CN=srv297, C=US
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:eb:98:66:26:05:ba:a3:a4:03:ec:18:44:c0:ac:
73:59:1f:4b:09:e2:fd:83:9e:ed:a1:49:5f:a7:72:
b3:4c:c7:6b:ab:be:57:c1:b1:a6:05:33:fc:69:32:
e7:db:9b:2e:a5:94:69:d5:b7:98:b2:88:17:ef:28:
43:5e:43:c3:4d:14:ff:c4:44:a3:94:0c:50:11:85:
33:e7:de:55:2d:83:7d:9b:a5:55:11:f1:f2:12:ac:
c9:fa:c5:e5:82:aa:7e:fe:7d:ef:af:11:3d:31:15:
bf:d4:da:c6:da:8e:36:65:2a:b4:53:30:98:af:d8:
93:9f:fa:a4:f9:36:ee:64:95:48:67:0f:ac:59:b8:
27:a0:53:ed:75:fa:80:1a:d4:a3:fb:af:8c:0a:c1:
42:13:c6:e5:8e:5a:e8:2e:66:ba:a8:88:66:a8:db:
94:c4:b5:11:b7:7a:b0:4e:12:67:47:b6:df:86:84:
ff:8a:b6:7e:84:39:e4:be:0b:a1:0f:b2:fe:fd:09:
b2:ef:70:ed:2c:8a:de:52:a7:f1:62:20:f8:ec:1d:
b0:88:49:44:16:a5:77:c0:c1:ff:7f:d8:fe:e4:0a:
a6:54:a8:0d:24:36:db:24:94:80:36:99:1d:dd:63:
3d:0a:81:18:2e:71:0e:7e:e3:a4:1c:18:57:3f:aa:
65:8b
Exponent: 65537 (0x10001)
Signature Algorithm: sha1WithRSAEncryption
Signature Value:
ae:1b:f8:b2:25:cc:a2:79:e7:21:96:cc:c8:2b:2e:b8:62:c9:
3a:2d:45:8f:0b:85:2f:98:31:aa:6b:8f:bb:6c:0b:34:36:9d:
00:bf:20:1a:f2:52:97:ae:45:96:19:18:cd:80:27:aa:18:c3:
2d:72:ef:5a:86:b6:56:7d:36:36:82:8a:e0:83:c9:70:45:fb:
46:01:f8:fc:02:bc:1b:fc:3a:6a:e7:8d:ce:1a:68:39:2f:00:
9d:83:0a:eb:65:a2:57:f7:fe:77:2d:09:a2:f5:56:d0:4c:3a:
04:89:a5:6a:40:da:2d:02:a7:33:ff:36:f9:bc:fc:be:6c:20:
83:47:fa:fe:b9:1b:64:18:e6:a9:19:05:f1:f7:81:6a:56:78:
75:75:4e:ee:42:6b:5c:e5:0f:b7:d5:8b:79:89:02:a7:2f:5f:
a2:69:38:e4:54:3b:0d:a4:a0:1e:dc:2d:73:0c:bf:77:a6:f9:
86:b7:0a:80:0d:d7:47:0b:19:c8:7d:95:9a:58:61:f4:2e:9c:
20:2d:71:ec:52:af:51:8e:a2:2d:2d:48:b6:b1:09:61:47:98:
d8:f9:1f:94:9b:37:cf:41:bf:1e:e3:fe:e1:2c:44:48:a0:51:
f3:e1:8b:cc:2d:75:20:c8:ef:3f:4b:84:a4:91:2b:d4:e7:28:
1b:50:2e:31
672847789 | 2024-05-13T08:07:46.691791
587 /
tcp
220 srv297 Kerio Connect 7.1.1 ESMTP ready
250-srv297
250-AUTH CRAM-MD5 PLAIN LOGIN DIGEST-MD5 NTLM
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-PIPELINING
250-ETRN
250-DSN
250 HELP
SMTP NTLM Info:
OS: Windows 8.1/Windows Server 2012 R2
OS Build: 6.3.9600
Target Name: SRV297
NetBIOS Domain Name: SRV297
NetBIOS Computer Name: SRV297
DNS Domain Name: srv297
FQDN: srv297
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1612475950 (0x601c6e2e)
Signature Algorithm: sha1WithRSAEncryption
Issuer: CN=srv297, C=US
Validity
Not Before: Feb 4 21:59:10 2021 GMT
Not After : Feb 4 21:59:10 2022 GMT
Subject: CN=srv297, C=US
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:eb:98:66:26:05:ba:a3:a4:03:ec:18:44:c0:ac:
73:59:1f:4b:09:e2:fd:83:9e:ed:a1:49:5f:a7:72:
b3:4c:c7:6b:ab:be:57:c1:b1:a6:05:33:fc:69:32:
e7:db:9b:2e:a5:94:69:d5:b7:98:b2:88:17:ef:28:
43:5e:43:c3:4d:14:ff:c4:44:a3:94:0c:50:11:85:
33:e7:de:55:2d:83:7d:9b:a5:55:11:f1:f2:12:ac:
c9:fa:c5:e5:82:aa:7e:fe:7d:ef:af:11:3d:31:15:
bf:d4:da:c6:da:8e:36:65:2a:b4:53:30:98:af:d8:
93:9f:fa:a4:f9:36:ee:64:95:48:67:0f:ac:59:b8:
27:a0:53:ed:75:fa:80:1a:d4:a3:fb:af:8c:0a:c1:
42:13:c6:e5:8e:5a:e8:2e:66:ba:a8:88:66:a8:db:
94:c4:b5:11:b7:7a:b0:4e:12:67:47:b6:df:86:84:
ff:8a:b6:7e:84:39:e4:be:0b:a1:0f:b2:fe:fd:09:
b2:ef:70:ed:2c:8a:de:52:a7:f1:62:20:f8:ec:1d:
b0:88:49:44:16:a5:77:c0:c1:ff:7f:d8:fe:e4:0a:
a6:54:a8:0d:24:36:db:24:94:80:36:99:1d:dd:63:
3d:0a:81:18:2e:71:0e:7e:e3:a4:1c:18:57:3f:aa:
65:8b
Exponent: 65537 (0x10001)
Signature Algorithm: sha1WithRSAEncryption
Signature Value:
ae:1b:f8:b2:25:cc:a2:79:e7:21:96:cc:c8:2b:2e:b8:62:c9:
3a:2d:45:8f:0b:85:2f:98:31:aa:6b:8f:bb:6c:0b:34:36:9d:
00:bf:20:1a:f2:52:97:ae:45:96:19:18:cd:80:27:aa:18:c3:
2d:72:ef:5a:86:b6:56:7d:36:36:82:8a:e0:83:c9:70:45:fb:
46:01:f8:fc:02:bc:1b:fc:3a:6a:e7:8d:ce:1a:68:39:2f:00:
9d:83:0a:eb:65:a2:57:f7:fe:77:2d:09:a2:f5:56:d0:4c:3a:
04:89:a5:6a:40:da:2d:02:a7:33:ff:36:f9:bc:fc:be:6c:20:
83:47:fa:fe:b9:1b:64:18:e6:a9:19:05:f1:f7:81:6a:56:78:
75:75:4e:ee:42:6b:5c:e5:0f:b7:d5:8b:79:89:02:a7:2f:5f:
a2:69:38:e4:54:3b:0d:a4:a0:1e:dc:2d:73:0c:bf:77:a6:f9:
86:b7:0a:80:0d:d7:47:0b:19:c8:7d:95:9a:58:61:f4:2e:9c:
20:2d:71:ec:52:af:51:8e:a2:2d:2d:48:b6:b1:09:61:47:98:
d8:f9:1f:94:9b:37:cf:41:bf:1e:e3:fe:e1:2c:44:48:a0:51:
f3:e1:8b:cc:2d:75:20:c8:ef:3f:4b:84:a4:91:2b:d4:e7:28:
1b:50:2e:31
-455162815 | 2024-05-14T09:11:22.932665
636 /
tcp
LDAP:
NamingContexts: fn=ContactRoot
DefaultNamingContext: fn=ContactRoot
SupportedControl:
1.2.840.113556.1.4.319
1.2.840.113556.1.4.473
1.2.840.113556.1.4.474SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1612475950 (0x601c6e2e)
Signature Algorithm: sha1WithRSAEncryption
Issuer: CN=srv297, C=US
Validity
Not Before: Feb 4 21:59:10 2021 GMT
Not After : Feb 4 21:59:10 2022 GMT
Subject: CN=srv297, C=US
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:eb:98:66:26:05:ba:a3:a4:03:ec:18:44:c0:ac:
73:59:1f:4b:09:e2:fd:83:9e:ed:a1:49:5f:a7:72:
b3:4c:c7:6b:ab:be:57:c1:b1:a6:05:33:fc:69:32:
e7:db:9b:2e:a5:94:69:d5:b7:98:b2:88:17:ef:28:
43:5e:43:c3:4d:14:ff:c4:44:a3:94:0c:50:11:85:
33:e7:de:55:2d:83:7d:9b:a5:55:11:f1:f2:12:ac:
c9:fa:c5:e5:82:aa:7e:fe:7d:ef:af:11:3d:31:15:
bf:d4:da:c6:da:8e:36:65:2a:b4:53:30:98:af:d8:
93:9f:fa:a4:f9:36:ee:64:95:48:67:0f:ac:59:b8:
27:a0:53:ed:75:fa:80:1a:d4:a3:fb:af:8c:0a:c1:
42:13:c6:e5:8e:5a:e8:2e:66:ba:a8:88:66:a8:db:
94:c4:b5:11:b7:7a:b0:4e:12:67:47:b6:df:86:84:
ff:8a:b6:7e:84:39:e4:be:0b:a1:0f:b2:fe:fd:09:
b2:ef:70:ed:2c:8a:de:52:a7:f1:62:20:f8:ec:1d:
b0:88:49:44:16:a5:77:c0:c1:ff:7f:d8:fe:e4:0a:
a6:54:a8:0d:24:36:db:24:94:80:36:99:1d:dd:63:
3d:0a:81:18:2e:71:0e:7e:e3:a4:1c:18:57:3f:aa:
65:8b
Exponent: 65537 (0x10001)
Signature Algorithm: sha1WithRSAEncryption
Signature Value:
ae:1b:f8:b2:25:cc:a2:79:e7:21:96:cc:c8:2b:2e:b8:62:c9:
3a:2d:45:8f:0b:85:2f:98:31:aa:6b:8f:bb:6c:0b:34:36:9d:
00:bf:20:1a:f2:52:97:ae:45:96:19:18:cd:80:27:aa:18:c3:
2d:72:ef:5a:86:b6:56:7d:36:36:82:8a:e0:83:c9:70:45:fb:
46:01:f8:fc:02:bc:1b:fc:3a:6a:e7:8d:ce:1a:68:39:2f:00:
9d:83:0a:eb:65:a2:57:f7:fe:77:2d:09:a2:f5:56:d0:4c:3a:
04:89:a5:6a:40:da:2d:02:a7:33:ff:36:f9:bc:fc:be:6c:20:
83:47:fa:fe:b9:1b:64:18:e6:a9:19:05:f1:f7:81:6a:56:78:
75:75:4e:ee:42:6b:5c:e5:0f:b7:d5:8b:79:89:02:a7:2f:5f:
a2:69:38:e4:54:3b:0d:a4:a0:1e:dc:2d:73:0c:bf:77:a6:f9:
86:b7:0a:80:0d:d7:47:0b:19:c8:7d:95:9a:58:61:f4:2e:9c:
20:2d:71:ec:52:af:51:8e:a2:2d:2d:48:b6:b1:09:61:47:98:
d8:f9:1f:94:9b:37:cf:41:bf:1e:e3:fe:e1:2c:44:48:a0:51:
f3:e1:8b:cc:2d:75:20:c8:ef:3f:4b:84:a4:91:2b:d4:e7:28:
1b:50:2e:31
504437210 | 2024-04-19T20:33:27.906947
993 /
tcp
* OK Kerio Connect 7.1.1 IMAP4rev1 server ready
* CAPABILITY IMAP4 IMAP4rev1 IDLE ACL LITERAL+ UIDPLUS QUOTA ID SORT ANNOTATE ANNOTATEMORE STATUS-COUNTERS UNSELECT LISTEXT NAMESPACE XLIST AUTH=CRAM-MD5 AUTH=PLAIN AUTH=LOGIN AUTH=DIGEST-MD5 AUTH=NTLM
A001 OK CAPABILITY completed
* ID ("name" "Kerio Connect" "version" " 7.1.1 ")
A002 OK ID completed
A003 BAD Unknown command 'unknowncmd'
* BYE logging out
A004 OK LOGOUT completed
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1612475950 (0x601c6e2e)
Signature Algorithm: sha1WithRSAEncryption
Issuer: CN=srv297, C=US
Validity
Not Before: Feb 4 21:59:10 2021 GMT
Not After : Feb 4 21:59:10 2022 GMT
Subject: CN=srv297, C=US
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:eb:98:66:26:05:ba:a3:a4:03:ec:18:44:c0:ac:
73:59:1f:4b:09:e2:fd:83:9e:ed:a1:49:5f:a7:72:
b3:4c:c7:6b:ab:be:57:c1:b1:a6:05:33:fc:69:32:
e7:db:9b:2e:a5:94:69:d5:b7:98:b2:88:17:ef:28:
43:5e:43:c3:4d:14:ff:c4:44:a3:94:0c:50:11:85:
33:e7:de:55:2d:83:7d:9b:a5:55:11:f1:f2:12:ac:
c9:fa:c5:e5:82:aa:7e:fe:7d:ef:af:11:3d:31:15:
bf:d4:da:c6:da:8e:36:65:2a:b4:53:30:98:af:d8:
93:9f:fa:a4:f9:36:ee:64:95:48:67:0f:ac:59:b8:
27:a0:53:ed:75:fa:80:1a:d4:a3:fb:af:8c:0a:c1:
42:13:c6:e5:8e:5a:e8:2e:66:ba:a8:88:66:a8:db:
94:c4:b5:11:b7:7a:b0:4e:12:67:47:b6:df:86:84:
ff:8a:b6:7e:84:39:e4:be:0b:a1:0f:b2:fe:fd:09:
b2:ef:70:ed:2c:8a:de:52:a7:f1:62:20:f8:ec:1d:
b0:88:49:44:16:a5:77:c0:c1:ff:7f:d8:fe:e4:0a:
a6:54:a8:0d:24:36:db:24:94:80:36:99:1d:dd:63:
3d:0a:81:18:2e:71:0e:7e:e3:a4:1c:18:57:3f:aa:
65:8b
Exponent: 65537 (0x10001)
Signature Algorithm: sha1WithRSAEncryption
Signature Value:
ae:1b:f8:b2:25:cc:a2:79:e7:21:96:cc:c8:2b:2e:b8:62:c9:
3a:2d:45:8f:0b:85:2f:98:31:aa:6b:8f:bb:6c:0b:34:36:9d:
00:bf:20:1a:f2:52:97:ae:45:96:19:18:cd:80:27:aa:18:c3:
2d:72:ef:5a:86:b6:56:7d:36:36:82:8a:e0:83:c9:70:45:fb:
46:01:f8:fc:02:bc:1b:fc:3a:6a:e7:8d:ce:1a:68:39:2f:00:
9d:83:0a:eb:65:a2:57:f7:fe:77:2d:09:a2:f5:56:d0:4c:3a:
04:89:a5:6a:40:da:2d:02:a7:33:ff:36:f9:bc:fc:be:6c:20:
83:47:fa:fe:b9:1b:64:18:e6:a9:19:05:f1:f7:81:6a:56:78:
75:75:4e:ee:42:6b:5c:e5:0f:b7:d5:8b:79:89:02:a7:2f:5f:
a2:69:38:e4:54:3b:0d:a4:a0:1e:dc:2d:73:0c:bf:77:a6:f9:
86:b7:0a:80:0d:d7:47:0b:19:c8:7d:95:9a:58:61:f4:2e:9c:
20:2d:71:ec:52:af:51:8e:a2:2d:2d:48:b6:b1:09:61:47:98:
d8:f9:1f:94:9b:37:cf:41:bf:1e:e3:fe:e1:2c:44:48:a0:51:
f3:e1:8b:cc:2d:75:20:c8:ef:3f:4b:84:a4:91:2b:d4:e7:28:
1b:50:2e:31
1932486237 | 2024-05-15T20:25:55.831096
995 /
tcp
+OK Kerio Connect 7.1.1 POP3 server ready <8724.1715804745@srv297>
+OK Capability list follows
SASL CRAM-MD5 PLAIN LOGIN DIGEST-MD5 NTLM
TOP
USER
UIDL
.
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1612475950 (0x601c6e2e)
Signature Algorithm: sha1WithRSAEncryption
Issuer: CN=srv297, C=US
Validity
Not Before: Feb 4 21:59:10 2021 GMT
Not After : Feb 4 21:59:10 2022 GMT
Subject: CN=srv297, C=US
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:eb:98:66:26:05:ba:a3:a4:03:ec:18:44:c0:ac:
73:59:1f:4b:09:e2:fd:83:9e:ed:a1:49:5f:a7:72:
b3:4c:c7:6b:ab:be:57:c1:b1:a6:05:33:fc:69:32:
e7:db:9b:2e:a5:94:69:d5:b7:98:b2:88:17:ef:28:
43:5e:43:c3:4d:14:ff:c4:44:a3:94:0c:50:11:85:
33:e7:de:55:2d:83:7d:9b:a5:55:11:f1:f2:12:ac:
c9:fa:c5:e5:82:aa:7e:fe:7d:ef:af:11:3d:31:15:
bf:d4:da:c6:da:8e:36:65:2a:b4:53:30:98:af:d8:
93:9f:fa:a4:f9:36:ee:64:95:48:67:0f:ac:59:b8:
27:a0:53:ed:75:fa:80:1a:d4:a3:fb:af:8c:0a:c1:
42:13:c6:e5:8e:5a:e8:2e:66:ba:a8:88:66:a8:db:
94:c4:b5:11:b7:7a:b0:4e:12:67:47:b6:df:86:84:
ff:8a:b6:7e:84:39:e4:be:0b:a1:0f:b2:fe:fd:09:
b2:ef:70:ed:2c:8a:de:52:a7:f1:62:20:f8:ec:1d:
b0:88:49:44:16:a5:77:c0:c1:ff:7f:d8:fe:e4:0a:
a6:54:a8:0d:24:36:db:24:94:80:36:99:1d:dd:63:
3d:0a:81:18:2e:71:0e:7e:e3:a4:1c:18:57:3f:aa:
65:8b
Exponent: 65537 (0x10001)
Signature Algorithm: sha1WithRSAEncryption
Signature Value:
ae:1b:f8:b2:25:cc:a2:79:e7:21:96:cc:c8:2b:2e:b8:62:c9:
3a:2d:45:8f:0b:85:2f:98:31:aa:6b:8f:bb:6c:0b:34:36:9d:
00:bf:20:1a:f2:52:97:ae:45:96:19:18:cd:80:27:aa:18:c3:
2d:72:ef:5a:86:b6:56:7d:36:36:82:8a:e0:83:c9:70:45:fb:
46:01:f8:fc:02:bc:1b:fc:3a:6a:e7:8d:ce:1a:68:39:2f:00:
9d:83:0a:eb:65:a2:57:f7:fe:77:2d:09:a2:f5:56:d0:4c:3a:
04:89:a5:6a:40:da:2d:02:a7:33:ff:36:f9:bc:fc:be:6c:20:
83:47:fa:fe:b9:1b:64:18:e6:a9:19:05:f1:f7:81:6a:56:78:
75:75:4e:ee:42:6b:5c:e5:0f:b7:d5:8b:79:89:02:a7:2f:5f:
a2:69:38:e4:54:3b:0d:a4:a0:1e:dc:2d:73:0c:bf:77:a6:f9:
86:b7:0a:80:0d:d7:47:0b:19:c8:7d:95:9a:58:61:f4:2e:9c:
20:2d:71:ec:52:af:51:8e:a2:2d:2d:48:b6:b1:09:61:47:98:
d8:f9:1f:94:9b:37:cf:41:bf:1e:e3:fe:e1:2c:44:48:a0:51:
f3:e1:8b:cc:2d:75:20:c8:ef:3f:4b:84:a4:91:2b:d4:e7:28:
1b:50:2e:31
2081024562 | 2024-05-10T04:12:36.646131
3389 /
tcp
Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x0f\x08\x00\x02\x00\x00\x00
Remote Desktop Protocol NTLM Info:
OS: Windows 8.1/Windows Server 2012 R2
OS Build: 6.3.9600
Target Name: SRV297
NetBIOS Domain Name: SRV297
NetBIOS Computer Name: SRV297
DNS Domain Name: srv297
FQDN: srv297
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:df:a1:b8:8a:d1:cb:b4:45:06:f4:a8:99:45:12:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=srv297
Validity
Not Before: Feb 13 10:49:25 2024 GMT
Not After : Aug 14 10:49:25 2024 GMT
Subject: CN=srv297
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:cf:ef:11:e2:c5:f6:be:ea:f5:b0:3a:22:cc:88:
4d:06:b2:7d:3d:81:a2:95:8c:b1:96:ce:28:13:03:
6d:74:da:bf:9e:cb:59:8b:90:3d:d8:09:61:74:57:
d4:3c:3b:43:c6:8f:d6:7a:d7:0c:6a:b9:6b:f4:24:
18:60:4d:dd:55:32:36:ad:89:51:25:65:67:90:d6:
b2:ba:55:88:f8:a8:15:3b:ae:f5:2c:d2:c2:8a:7e:
87:8f:48:5b:c8:24:3e:1d:20:a9:3b:fb:9c:5d:5d:
73:76:57:50:66:30:31:03:2e:05:ca:81:96:30:d9:
fa:15:68:67:1c:d4:c6:15:29:a6:6c:cb:6f:1f:76:
e6:91:3a:94:8a:76:cb:ca:7a:72:28:83:22:6f:00:
bb:a5:b5:aa:95:a5:46:56:71:c1:ee:70:5f:19:be:
8b:93:11:d3:4b:45:27:26:a7:12:f5:f5:13:b8:d0:
7d:a2:a8:4b:24:a1:33:ff:cf:08:00:e8:02:d7:51:
11:e6:c2:ed:37:84:2e:54:4c:57:f7:d8:c3:0d:29:
87:d8:52:ac:79:58:36:02:5d:b4:c2:e1:8d:af:d8:
a9:68:aa:d4:99:63:a1:4c:17:31:72:c5:b9:eb:4f:
c6:a3:2a:01:84:43:2a:4e:c4:c3:30:60:28:31:a8:
f7:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Extended Key Usage:
TLS Web Server Authentication
X509v3 Key Usage:
Key Encipherment, Data Encipherment
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
51:f8:b3:a8:4b:57:21:7c:45:bd:4e:4f:63:b5:58:c4:e8:f7:
a1:f3:01:0e:b5:1b:ce:47:68:bd:fd:2e:fb:86:f4:a3:23:91:
52:be:49:cc:9c:9a:34:6f:ad:51:b7:bb:16:f0:33:c6:ea:a1:
c8:69:47:33:77:c6:47:10:e6:c4:94:95:84:63:b3:5d:e0:ee:
54:71:97:48:e7:43:21:5d:5f:10:1d:92:33:fd:cf:ea:9f:1a:
11:2e:e7:50:1f:e1:8a:39:00:8a:68:b5:b0:1f:ba:65:56:13:
65:59:f7:71:29:5a:11:cc:65:a7:22:13:00:f4:a7:04:92:9f:
6e:41:ff:32:5b:e6:62:17:39:60:cb:95:69:63:cb:ed:1a:73:
35:bc:a0:e5:47:87:bf:4b:29:96:6a:e0:6e:4c:df:38:98:b5:
fe:26:d7:ee:98:f4:b4:be:18:99:7c:da:d0:3f:fd:17:1e:f1:
31:7f:e3:0b:1b:c5:5f:92:10:3d:a8:a1:47:7d:08:b8:3f:3b:
1b:74:6b:e2:ed:ec:f4:8b:d1:85:de:ac:fe:87:bc:5f:4a:53:
a0:2a:05:f5:af:da:28:e4:63:d3:f0:f9:85:38:d2:0f:47:1b:
3e:cf:cb:1a:9b:c6:22:28:ef:e4:1b:3e:5a:69:ff:00:aa:de:
cf:7d:c8:f4
-2017161040 | 2024-05-10T22:44:05.782947
4040 /
tcp
HTTP/1.1 301 Moved permanently
Connection: Close
Content-Length: 313
Content-Type: text/html
Date: Fri, 10 May 2024 22:44:08 GMT
Location: https://185.13.36.121:4040/
Server: Kerio Connect 7.1.1
X-UA-Compatible: IE=8
1489525118 | 2024-05-10T06:13:46.822354
5985 /
tcp
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Fri, 10 May 2024 06:13:49 GMT
Connection: close
Content-Length: 315
WinRM NTLM Info:
OS: Windows Server 2012 R2
OS Build: 6.3.9600
Target Name: SRV297
NetBIOS Domain Name: SRV297
NetBIOS Computer Name: SRV297
DNS Domain Name: srv297
FQDN: srv297
-540154546 | 2024-05-13T20:14:42.450103
8080 /
tcp
HTTP/1.0 403 Access denied because Web Monitor access is not permitted from this source(no certificate presented). Please consult http-access directive in PMTA User Guide.
Content-Type: text/html
-222255069 | 2024-05-07T04:11:52.580801
8443 /
tcp
HTTP/1.1 200 OK
Connection: Close
Content-type: text/html
Date: Tue, 7 May 2024 04:11:52 GMT
Server: Kerio Connect 7.1.1
X-UA-Compatible: IE=8
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1612475950 (0x601c6e2e)
Signature Algorithm: sha1WithRSAEncryption
Issuer: CN=srv297, C=US
Validity
Not Before: Feb 4 21:59:10 2021 GMT
Not After : Feb 4 21:59:10 2022 GMT
Subject: CN=srv297, C=US
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:eb:98:66:26:05:ba:a3:a4:03:ec:18:44:c0:ac:
73:59:1f:4b:09:e2:fd:83:9e:ed:a1:49:5f:a7:72:
b3:4c:c7:6b:ab:be:57:c1:b1:a6:05:33:fc:69:32:
e7:db:9b:2e:a5:94:69:d5:b7:98:b2:88:17:ef:28:
43:5e:43:c3:4d:14:ff:c4:44:a3:94:0c:50:11:85:
33:e7:de:55:2d:83:7d:9b:a5:55:11:f1:f2:12:ac:
c9:fa:c5:e5:82:aa:7e:fe:7d:ef:af:11:3d:31:15:
bf:d4:da:c6:da:8e:36:65:2a:b4:53:30:98:af:d8:
93:9f:fa:a4:f9:36:ee:64:95:48:67:0f:ac:59:b8:
27:a0:53:ed:75:fa:80:1a:d4:a3:fb:af:8c:0a:c1:
42:13:c6:e5:8e:5a:e8:2e:66:ba:a8:88:66:a8:db:
94:c4:b5:11:b7:7a:b0:4e:12:67:47:b6:df:86:84:
ff:8a:b6:7e:84:39:e4:be:0b:a1:0f:b2:fe:fd:09:
b2:ef:70:ed:2c:8a:de:52:a7:f1:62:20:f8:ec:1d:
b0:88:49:44:16:a5:77:c0:c1:ff:7f:d8:fe:e4:0a:
a6:54:a8:0d:24:36:db:24:94:80:36:99:1d:dd:63:
3d:0a:81:18:2e:71:0e:7e:e3:a4:1c:18:57:3f:aa:
65:8b
Exponent: 65537 (0x10001)
Signature Algorithm: sha1WithRSAEncryption
Signature Value:
ae:1b:f8:b2:25:cc:a2:79:e7:21:96:cc:c8:2b:2e:b8:62:c9:
3a:2d:45:8f:0b:85:2f:98:31:aa:6b:8f:bb:6c:0b:34:36:9d:
00:bf:20:1a:f2:52:97:ae:45:96:19:18:cd:80:27:aa:18:c3:
2d:72:ef:5a:86:b6:56:7d:36:36:82:8a:e0:83:c9:70:45:fb:
46:01:f8:fc:02:bc:1b:fc:3a:6a:e7:8d:ce:1a:68:39:2f:00:
9d:83:0a:eb:65:a2:57:f7:fe:77:2d:09:a2:f5:56:d0:4c:3a:
04:89:a5:6a:40:da:2d:02:a7:33:ff:36:f9:bc:fc:be:6c:20:
83:47:fa:fe:b9:1b:64:18:e6:a9:19:05:f1:f7:81:6a:56:78:
75:75:4e:ee:42:6b:5c:e5:0f:b7:d5:8b:79:89:02:a7:2f:5f:
a2:69:38:e4:54:3b:0d:a4:a0:1e:dc:2d:73:0c:bf:77:a6:f9:
86:b7:0a:80:0d:d7:47:0b:19:c8:7d:95:9a:58:61:f4:2e:9c:
20:2d:71:ec:52:af:51:8e:a2:2d:2d:48:b6:b1:09:61:47:98:
d8:f9:1f:94:9b:37:cf:41:bf:1e:e3:fe:e1:2c:44:48:a0:51:
f3:e1:8b:cc:2d:75:20:c8:ef:3f:4b:84:a4:91:2b:d4:e7:28:
1b:50:2e:31
