GeneralInformation

Hostnames	host1.rifdoo.de host2.rifdoo.de www.host2.rifdoo.de
Domains	rifdoo.de
Country	Germany
City	Falkenstein
Organization	Hetzner Online GmbH
ISP	Hetzner Online GmbH
ASN	AS24940
Operating System	Windows

OpenPorts

21 25 53 80 135 465 587 993 995 3389 4040 5222 9001 9002 9998

148673504 | 2025-01-05T20:15:05.152325

21 / tcp

220 FTP AVE-STUDIO - host2.rifdoo.de
530 Login or password incorrect!
214-The following commands are recognized:
   ABOR   ADAT   ALLO   APPE   AUTH   CDUP   CLNT   CWD 
   DELE   EPRT   EPSV   FEAT   HASH   HELP   LIST   MDTM
   MFMT   MKD    MLSD   MLST   MODE   NLST   NOOP   NOP 
   OPTS   PASS   PASV   PBSZ   PORT   PROT   PWD    QUIT
   REST   RETR   RMD    RNFR   RNTO   SITE   SIZE   STOR
   STRU   SYST   TYPE   USER   XCUP   XCWD   XMKD   XPWD
   XRMD
214 Have a nice day.
211-Features:
 MDTM
 REST STREAM
 SIZE
 MLST type*;size*;modify*;
 MLSD
 AUTH SSL
 AUTH TLS
 PROT
 PBSZ
 UTF8
 CLNT
 MFMT
 EPSV
 EPRT
211 End

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1312677452 (0x4e3dde4c)
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=195.201.70.134, C=BA, ST=ZZH, L=Siroki Brijeg, O=AVE, OU=10/emailAddress=info@ave.ba
        Validity
            Not Before: Aug 12 06:03:59 2023 GMT
            Not After : Aug 11 06:03:59 2024 GMT
        Subject: CN=195.201.70.134, C=BA, ST=ZZH, L=Siroki Brijeg, O=AVE, OU=10/emailAddress=info@ave.ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (1280 bit)
                Modulus:
                    00:be:44:d3:8e:fd:bf:1c:c8:2f:d7:5d:b5:68:79:
                    3f:eb:50:e7:59:e6:0b:75:ba:58:9b:2b:da:7a:10:
                    0f:fd:66:1e:f6:dd:0b:b8:61:6f:ea:63:31:e4:af:
                    9c:3f:96:7a:bf:09:98:97:c1:b4:90:da:0c:35:5b:
                    dd:6a:0a:a5:5f:8b:ac:72:53:81:5a:08:80:00:15:
                    e5:7b:49:bc:02:74:38:87:ec:ce:e6:cb:f5:14:71:
                    55:aa:c8:3f:59:98:1c:9d:6d:37:48:c9:a0:98:78:
                    f9:95:5e:b7:f5:5d:8c:a2:7f:54:58:e5:e5:d5:69:
                    15:d3:b9:e6:08:0e:53:23:2d:74:94:03:2c:32:44:
                    1b:ab:77:50:8e:de:ba:56:ba:88:1d:50:ee:81:6e:
                    9f:ae:cd:08:00:39:5c:10:08:f4:7d
                Exponent: 65537 (0x10001)
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        b6:a0:82:9b:2c:94:f6:6b:01:e7:94:09:33:10:d5:a2:e6:49:
        1d:1e:5f:fb:37:3b:ca:6f:fb:9b:89:27:63:38:fe:3a:a9:34:
        f5:a7:65:b1:d9:17:f7:4a:56:a3:12:0b:0d:31:57:e8:f2:68:
        dc:60:a9:69:0e:96:c8:9d:3a:f6:c9:2b:2d:7f:54:33:ea:67:
        ac:bc:60:99:99:39:0f:f4:9d:e2:67:ec:c7:69:57:a4:4f:0d:
        c0:95:bb:3e:73:ca:1a:74:05:1d:fb:2d:a3:b6:2a:74:12:9f:
        7b:f9:ec:12:b7:3b:32:94:c3:70:30:1f:10:5b:71:b1:42:b8:
        24:c6:7b:4f:2f:c9:d0:f4:5b:42:1a:22:53:0a:4b:0d:6c:8a:
        e4:2f:00:c6:0a:e8:b2:60:78:06:3b:7b:15:d1:98:d2

-1738027650 | 2024-12-31T17:43:48.387053

25 / tcp

220 host2.rifdoo.de Kerio Connect 9.2.9 ESMTP ready
250-host2.rifdoo.de
250-AUTH CRAM-MD5 DIGEST-MD5
250-SIZE 31457280
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-PIPELINING
250-ETRN
250-DSN
250 HELP

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            d1:fb:5e:1c:fc:7c:5f:49:a7:e3:a0:12:4c:5d:70:93
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=LV, L=Riga, O=GoGetSSL, CN=GoGetSSL RSA DV CA
        Validity
            Not Before: May 11 00:00:00 2024 GMT
            Not After : May 11 23:59:59 2025 GMT
        Subject: CN=host2.rifdoo.de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b8:3b:56:98:b0:44:33:79:70:8b:e2:b7:5c:8b:
                    78:32:2b:a0:34:f6:48:eb:7f:59:41:e4:81:dc:fd:
                    b5:bc:5c:f9:60:b0:5c:10:f8:7c:f5:be:9f:e9:30:
                    0c:dc:cb:a2:5d:95:c4:8d:e2:46:f8:03:a8:97:aa:
                    f8:d5:58:ad:9c:fe:3b:46:cf:d1:ba:09:5b:22:9b:
                    3a:03:24:56:ea:a4:d4:70:d8:42:23:48:e4:c9:64:
                    6c:d1:0c:d9:43:16:96:f9:1f:b8:88:ba:ca:e3:d0:
                    66:22:7c:e9:70:5b:20:bf:55:ad:99:c8:82:c4:8d:
                    5f:9a:6c:08:74:be:26:8d:d7:bf:1a:7a:88:18:d0:
                    cb:56:57:51:a3:c1:32:7c:9f:98:15:74:6f:2d:70:
                    55:11:73:d1:6a:45:00:a9:3d:29:fe:9b:53:a7:36:
                    92:e5:12:43:34:ac:d3:d9:7f:a4:74:b7:96:e8:6f:
                    d3:68:82:e4:8d:3f:47:5f:63:d5:82:f4:37:df:cf:
                    25:d2:59:0d:f9:fc:28:31:77:33:55:b9:ac:16:d5:
                    08:7a:14:60:fd:3e:20:ca:8a:77:cc:b0:f3:d4:0b:
                    74:27:a8:f8:41:02:19:79:70:3c:e5:ed:a8:b6:01:
                    17:f1:87:2b:7c:b0:8e:77:ea:a4:e4:cb:10:e4:79:
                    75:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                F9:FB:50:C4:8B:67:BB:67:64:FE:83:21:A6:A9:CE:3F:55:84:93:99
            X509v3 Subject Key Identifier: 
                DF:6B:83:2D:5E:E0:1C:D9:48:75:A7:4F:17:D5:26:B8:DE:31:89:39
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.6449.1.2.2.64
                  CPS: https://cps.usertrust.com
                Policy: 2.23.140.1.2.1
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.usertrust.com/GoGetSSLRSADVCA.crl
            Authority Information Access: 
                CA Issuers - URI:http://crt.usertrust.com/GoGetSSLRSADVCA.crt
                OCSP - URI:http://ocsp.usertrust.com
            X509v3 Subject Alternative Name: 
                DNS:host2.rifdoo.de, DNS:www.host2.rifdoo.de
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
                                1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
                    Timestamp : May 11 21:38:17.753 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:D5:7B:CB:AE:53:A1:24:16:3C:35:CF:
                                A0:B0:B9:7C:56:30:97:54:A9:63:F4:A7:7B:39:4F:E6:
                                A3:A1:29:34:A3:02:21:00:AA:7E:EB:A7:E1:19:BC:65:
                                DD:DB:FF:D4:79:AF:11:09:F9:21:96:BC:55:A3:4A:9E:
                                65:B0:38:6C:CF:A7:04:B1
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : May 11 21:38:17.721 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:99:C6:10:2F:A9:2B:10:AE:A2:65:A1:
                                58:43:A1:71:8E:7D:CA:66:F5:38:88:6D:29:EA:BE:57:
                                41:C6:60:F3:90:02:21:00:8A:E6:75:73:82:00:07:82:
                                2B:8E:98:24:4D:53:6A:EB:FF:A9:CE:DB:00:E8:D3:59:
                                3F:63:0D:E2:C0:0F:AA:B1
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : May 11 21:38:17.721 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:BE:FA:AA:67:BC:10:F4:1F:BE:72:A3:
                                56:2A:68:2C:DB:2B:8F:29:89:8C:97:BA:B8:AB:A7:A4:
                                E7:FF:E6:A3:65:02:20:56:72:63:5F:AA:A9:D9:BA:44:
                                15:0E:5A:E6:E7:D2:85:84:CF:6E:AB:5F:FD:93:6A:07:
                                13:6F:C6:5B:09:91:E6
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        59:7c:7e:1b:a1:5c:5a:4a:68:39:e4:c5:7d:9c:61:10:01:ed:
        68:fb:62:0e:e0:62:b6:9a:8d:92:3f:07:e2:27:aa:a1:52:fc:
        72:af:dc:da:6d:28:02:e2:31:5a:f3:98:96:01:29:fb:1e:f1:
        4d:68:2e:2e:96:08:43:54:b1:00:2f:a1:b3:fb:49:59:ca:24:
        70:9b:e0:52:5f:d0:00:90:08:86:a4:ad:cb:33:83:c5:d2:1c:
        9f:ae:d7:c2:d9:46:0b:07:fb:ba:ae:cb:05:a2:36:69:d5:1b:
        de:67:76:59:ca:0d:6e:e7:dc:e5:b3:a1:2e:fc:87:5a:4d:e9:
        75:b7:b9:d0:79:55:17:93:6e:cf:76:55:1e:18:ee:1d:38:8b:
        3a:23:c7:fe:b4:44:80:b1:b1:04:07:c3:00:93:05:08:05:29:
        51:e2:c5:83:93:d5:0c:58:eb:8b:fb:ce:d3:4b:8b:42:2c:a9:
        cc:41:fa:b1:a5:7c:6a:84:d0:a5:a7:53:01:fe:82:e8:db:e1:
        d1:5c:94:30:e2:d3:15:c6:9b:2a:cb:ba:dd:71:ba:71:46:e7:
        8e:77:7a:f5:8e:9c:fc:92:30:8d:02:82:64:61:86:68:49:70:
        53:de:17:4e:c8:1e:0a:ed:95:c7:91:58:23:28:72:6f:60:e5:
        55:06:8a:ab

1297302213 | 2025-01-05T02:47:18.308940

80 / tcp

H2 AVE

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Fri, 01 Jul 2022 11:12:39 GMT
Accept-Ranges: bytes
ETag: "91102d7a3b8dd81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Sun, 05 Jan 2025 02:47:22 GMT
Content-Length: 745

1299130937 | 2025-01-06T01:16:57.920792

135 / tcp

Microsoft RPC Endpoint Mapper

d95afe70-a6d5-4259-822e-2c84da1ddb0d
  version: v1.0
  protocol: [MS-RSP]: Remote Shutdown Protocol
  provider: wininit.exe
  ncacn_ip_tcp: 159.69.75.118:49664
  ncalrpc: WindowsShutdown
  ncacn_np: \\HOST2\PIPE\InitShutdown
  ncalrpc: WMsgKRpc0977E0

76f226c3-ec14-4325-8a99-6a46348418af
  version: v1.0
  provider: winlogon.exe
  ncalrpc: WindowsShutdown
  ncacn_np: \\HOST2\PIPE\InitShutdown
  ncalrpc: WMsgKRpc0977E0
  ncalrpc: WMsgKRpc09C311
  ncalrpc: WMsgKRpc05F5E3C62

fc48cd89-98d6-4628-9839-86f7a3e4161a
  version: v1.0
  ncalrpc: dabrpc
  ncalrpc: csebpub
  ncalrpc: LRPC-951b7539cbcfb7278f
  ncalrpc: LRPC-13e18b3c9a31ade8a6
  ncalrpc: LRPC-92a5fe4454920fcf3c
  ncalrpc: LRPC-bd4de1c5cac8e43463
  ncalrpc: LRPC-c171922482f1e59383
  ncalrpc: OLE7B547E17A455F188ADDCAC8B1903
  ncalrpc: LRPC-cc60dbccf107928ed1
  ncalrpc: actkernel
  ncalrpc: umpo

d09bdeb5-6171-4a34-bfe2-06fa82652568
  version: v1.0
  ncalrpc: csebpub
  ncalrpc: LRPC-951b7539cbcfb7278f
  ncalrpc: LRPC-13e18b3c9a31ade8a6
  ncalrpc: LRPC-92a5fe4454920fcf3c
  ncalrpc: LRPC-bd4de1c5cac8e43463
  ncalrpc: LRPC-c171922482f1e59383
  ncalrpc: OLE7B547E17A455F188ADDCAC8B1903
  ncalrpc: LRPC-cc60dbccf107928ed1
  ncalrpc: actkernel
  ncalrpc: umpo
  ncalrpc: LRPC-13e18b3c9a31ade8a6
  ncalrpc: LRPC-92a5fe4454920fcf3c
  ncalrpc: LRPC-bd4de1c5cac8e43463
  ncalrpc: LRPC-c171922482f1e59383
  ncalrpc: OLE7B547E17A455F188ADDCAC8B1903
  ncalrpc: LRPC-cc60dbccf107928ed1
  ncalrpc: actkernel
  ncalrpc: umpo
  ncalrpc: LRPC-92a5fe4454920fcf3c
  ncalrpc: LRPC-bd4de1c5cac8e43463
  ncalrpc: LRPC-c171922482f1e59383
  ncalrpc: OLE7B547E17A455F188ADDCAC8B1903
  ncalrpc: LRPC-cc60dbccf107928ed1
  ncalrpc: actkernel
  ncalrpc: umpo
  ncalrpc: LRPC-fe9a20ebd2f14af1aa
  ncalrpc: LRPC-04ba9591dac736a105

697dcda9-3ba9-4eb2-9247-e11f1901b0d2
  version: v1.0
  ncalrpc: LRPC-951b7539cbcfb7278f
  ncalrpc: LRPC-13e18b3c9a31ade8a6
  ncalrpc: LRPC-92a5fe4454920fcf3c
  ncalrpc: LRPC-bd4de1c5cac8e43463
  ncalrpc: LRPC-c171922482f1e59383
  ncalrpc: OLE7B547E17A455F188ADDCAC8B1903
  ncalrpc: LRPC-cc60dbccf107928ed1
  ncalrpc: actkernel
  ncalrpc: umpo

9b008953-f195-4bf9-bde0-4471971e58ed
  version: v1.0
  ncalrpc: LRPC-13e18b3c9a31ade8a6
  ncalrpc: LRPC-92a5fe4454920fcf3c
  ncalrpc: LRPC-bd4de1c5cac8e43463
  ncalrpc: LRPC-c171922482f1e59383
  ncalrpc: OLE7B547E17A455F188ADDCAC8B1903
  ncalrpc: LRPC-cc60dbccf107928ed1
  ncalrpc: actkernel
  ncalrpc: umpo

dd59071b-3215-4c59-8481-972edadc0f6a
  version: v1.0
  ncalrpc: umpo

0d47017b-b33b-46ad-9e18-fe96456c5078
  version: v1.0
  ncalrpc: umpo

95406f0b-b239-4318-91bb-cea3a46ff0dc
  version: v1.0
  ncalrpc: umpo

4ed8abcc-f1e2-438b-981f-bb0e8abc010c
  version: v1.0
  ncalrpc: umpo

0ff1f646-13bb-400a-ab50-9a78f2b7a85a
  version: v1.0
  ncalrpc: umpo

6982a06e-5fe2-46b1-b39c-a2c545bfa069
  version: v1.0
  ncalrpc: umpo

082a3471-31b6-422a-b931-a54401960c62
  version: v1.0
  ncalrpc: umpo

fae436b0-b864-4a87-9eda-298547cd82f2
  version: v1.0
  ncalrpc: umpo

e53d94ca-7464-4839-b044-09a2fb8b3ae5
  version: v1.0
  ncalrpc: umpo

178d84be-9291-4994-82c6-3f909aca5a03
  version: v1.0
  ncalrpc: umpo

4dace966-a243-4450-ae3f-9b7bcb5315b8
  version: v2.0
  ncalrpc: umpo

1832bcf6-cab8-41d4-85d2-c9410764f75a
  version: v1.0
  ncalrpc: umpo

c521facf-09a9-42c5-b155-72388595cbf0
  version: v0.0
  ncalrpc: umpo

2c7fd9ce-e706-4b40-b412-953107ef9bb0
  version: v0.0
  ncalrpc: umpo

88abcbc3-34ea-76ae-8215-767520655a23
  version: v0.0
  ncalrpc: LRPC-bd4de1c5cac8e43463
  ncalrpc: LRPC-c171922482f1e59383
  ncalrpc: OLE7B547E17A455F188ADDCAC8B1903
  ncalrpc: LRPC-cc60dbccf107928ed1
  ncalrpc: actkernel
  ncalrpc: umpo

76c217bc-c8b4-4201-a745-373ad9032b1a
  version: v1.0
  ncalrpc: LRPC-bd4de1c5cac8e43463
  ncalrpc: LRPC-c171922482f1e59383
  ncalrpc: OLE7B547E17A455F188ADDCAC8B1903
  ncalrpc: LRPC-cc60dbccf107928ed1
  ncalrpc: actkernel
  ncalrpc: umpo

55e6b932-1979-45d6-90c5-7f6270724112
  version: v1.0
  ncalrpc: LRPC-bd4de1c5cac8e43463
  ncalrpc: LRPC-c171922482f1e59383
  ncalrpc: OLE7B547E17A455F188ADDCAC8B1903
  ncalrpc: LRPC-cc60dbccf107928ed1
  ncalrpc: actkernel
  ncalrpc: umpo

857fb1be-084f-4fb5-b59c-4b2c4be5f0cf
  version: v1.0
  ncalrpc: LRPC-c171922482f1e59383
  ncalrpc: OLE7B547E17A455F188ADDCAC8B1903
  ncalrpc: LRPC-cc60dbccf107928ed1
  ncalrpc: actkernel
  ncalrpc: umpo

b8cadbaf-e84b-46b9-84f2-6f71c03f9e55
  version: v1.0
  ncalrpc: LRPC-c171922482f1e59383
  ncalrpc: OLE7B547E17A455F188ADDCAC8B1903
  ncalrpc: LRPC-cc60dbccf107928ed1
  ncalrpc: actkernel
  ncalrpc: umpo

20c40295-8dba-48e6-aebf-3e78ef3bb144
  version: v1.0
  ncalrpc: LRPC-c171922482f1e59383
  ncalrpc: OLE7B547E17A455F188ADDCAC8B1903
  ncalrpc: LRPC-cc60dbccf107928ed1
  ncalrpc: actkernel
  ncalrpc: umpo

2513bcbe-6cd4-4348-855e-7efb3c336dd3
  version: v1.0
  ncalrpc: LRPC-c171922482f1e59383
  ncalrpc: OLE7B547E17A455F188ADDCAC8B1903
  ncalrpc: LRPC-cc60dbccf107928ed1
  ncalrpc: actkernel
  ncalrpc: umpo

0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e
  version: v1.0
  ncalrpc: LRPC-cc60dbccf107928ed1
  ncalrpc: actkernel
  ncalrpc: umpo

c605f9fb-f0a3-4e2a-a073-73560f8d9e3e
  version: v1.0
  ncalrpc: LRPC-cc60dbccf107928ed1
  ncalrpc: actkernel
  ncalrpc: umpo

1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0
  version: v1.0
  ncalrpc: LRPC-cc60dbccf107928ed1
  ncalrpc: actkernel
  ncalrpc: umpo

8bfc3be1-6def-4e2d-af74-7c47cd0ade4a
  version: v1.0
  ncalrpc: LRPC-cc60dbccf107928ed1
  ncalrpc: actkernel
  ncalrpc: umpo

2d98a740-581d-41b9-aa0d-a88b9d5ce938
  version: v1.0
  ncalrpc: LRPC-cc60dbccf107928ed1
  ncalrpc: actkernel
  ncalrpc: umpo

0361ae94-0316-4c6c-8ad8-c594375800e2
  version: v1.0
  ncalrpc: umpo

5824833b-3c1a-4ad2-bdfd-c31d19e23ed2
  version: v1.0
  ncalrpc: umpo

bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760
  version: v1.0
  ncalrpc: umpo

3b338d89-6cfa-44b8-847e-531531bc9992
  version: v1.0
  ncalrpc: umpo

8782d3b9-ebbd-4644-a3d8-e8725381919b
  version: v1.0
  ncalrpc: umpo

085b0334-e454-4d91-9b8c-4134f9e793f3
  version: v1.0
  ncalrpc: umpo

4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9
  version: v1.0
  ncalrpc: umpo

c9ac6db5-82b7-4e55-ae8a-e464ed7b4277
  version: v1.0
  annotation: Impl friendly name
  provider: sysntfy.dll
  ncalrpc: LRPC-dd2269e5cf35e84ee9
  ncalrpc: LRPC-b1cb4ff0f536d0eea8
  ncalrpc: IUserProfile2
  ncalrpc: LRPC-a21e1f50be893b8d73
  ncalrpc: senssvc
  ncalrpc: LRPC-f12431e2e0c89b4c0e

e40f7b57-7a25-4cd3-a135-7f7d3df9d16b
  version: v1.0
  annotation: Network Connection Broker server endpoint
  ncalrpc: LRPC-c3abfc9412352ff051
  ncalrpc: OLEA47B1B6241BFE450D4D91B5AA7A9
  ncalrpc: LRPC-7683b66cd48bcad3ad
  ncalrpc: LRPC-fe9a20ebd2f14af1aa

880fd55e-43b9-11e0-b1a8-cf4edfd72085
  version: v1.0
  annotation: KAPI Service endpoint
  ncalrpc: LRPC-c3abfc9412352ff051
  ncalrpc: OLEA47B1B6241BFE450D4D91B5AA7A9
  ncalrpc: LRPC-7683b66cd48bcad3ad
  ncalrpc: LRPC-fe9a20ebd2f14af1aa

5222821f-d5e2-4885-84f1-5f6185a0ec41
  version: v1.0
  annotation: Network Connection Broker server endpoint for NCB Reset module
  ncalrpc: LRPC-7683b66cd48bcad3ad
  ncalrpc: LRPC-fe9a20ebd2f14af1aa

a500d4c6-0dd1-4543-bc0c-d5f93486eaf8
  version: v1.0
  ncalrpc: LRPC-eb99113b2116e88115
  ncalrpc: LRPC-04ba9591dac736a105

30adc50c-5cbc-46ce-9a0e-91914789e23c
  version: v1.0
  annotation: NRP server endpoint
  provider: nrpsrv.dll
  ncalrpc: LRPC-db07804002af74f166

f6beaff7-1e19-4fbb-9f8f-b89e2018337c
  version: v1.0
  annotation: Event log TCPIP
  protocol: [MS-EVEN6]: EventLog Remoting Protocol
  provider: wevtsvc.dll
  ncacn_ip_tcp: 159.69.75.118:49665
  ncacn_np: \\HOST2\pipe\eventlog
  ncalrpc: eventlog

7ea70bcf-48af-4f6a-8968-6a440754d5fa
  version: v1.0
  annotation: NSI server endpoint
  provider: nsisvc.dll
  ncalrpc: LRPC-b71229679f4b280448

2eb08e3e-639f-4fba-97b1-14f878961076
  version: v1.0
  annotation: Group Policy RPC Interface
  provider: gpsvc.dll
  ncalrpc: LRPC-f9817b57da49cc6b97

3a9ef155-691d-4449-8d05-09ad57031823
  version: v1.0
  ncacn_ip_tcp: 159.69.75.118:49666
  ncalrpc: LRPC-e6655abadfd63febdd
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\HOST2\PIPE\atsvc
  ncalrpc: LRPC-e2d4826e0998121f1e

86d35949-83c9-4044-b424-db363231fd0c
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: schedsvc.dll
  ncacn_ip_tcp: 159.69.75.118:49666
  ncalrpc: LRPC-e6655abadfd63febdd
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\HOST2\PIPE\atsvc
  ncalrpc: LRPC-e2d4826e0998121f1e

33d84484-3626-47ee-8c6f-e7e98b113be1
  version: v2.0
  ncalrpc: LRPC-e6655abadfd63febdd
  ncalrpc: ubpmtaskhostchannel
  ncacn_np: \\HOST2\PIPE\atsvc
  ncalrpc: LRPC-e2d4826e0998121f1e

378e52b0-c0a9-11cf-822d-00aa0051e40f
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\HOST2\PIPE\atsvc
  ncalrpc: LRPC-e2d4826e0998121f1e

1ff70682-0a51-30e8-076d-740be8cee98b
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\HOST2\PIPE\atsvc
  ncalrpc: LRPC-e2d4826e0998121f1e

0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53
  version: v1.0
  provider: schedsvc.dll
  ncalrpc: LRPC-e2d4826e0998121f1e

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5
  version: v1.0
  annotation: DHCP Client LRPC Endpoint
  provider: dhcpcsvc.dll
  ncalrpc: dhcpcsvc
  ncalrpc: dhcpcsvc6

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6
  version: v1.0
  annotation: DHCPv6 Client LRPC Endpoint
  provider: dhcpcsvc6.dll
  ncalrpc: dhcpcsvc6

30b044a5-a225-43f0-b3a4-e060df91f9c1
  version: v1.0
  provider: certprop.dll
  ncalrpc: LRPC-52e084f700277c325e

3473dd4d-2e88-4006-9cba-22570909dd10
  version: v5.256
  annotation: WinHttp Auto-Proxy Service
  ncalrpc: b1affde2-e311-4342-bd0f-fab8efe85192
  ncalrpc: LRPC-571d0f8b370dc78eab

2fb92682-6599-42dc-ae13-bd2ca89bd11c
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-a55f444a200a60c1ae
  ncalrpc: LRPC-8af50a074342836760
  ncalrpc: LRPC-ce8891408f82dc2bb1
  ncalrpc: LRPC-461d4a7e1bb4b78b3b

f47433c3-3e9d-4157-aad4-83aa1f5c2d4c
  version: v1.0
  annotation: Fw APIs
  ncalrpc: LRPC-8af50a074342836760
  ncalrpc: LRPC-ce8891408f82dc2bb1
  ncalrpc: LRPC-461d4a7e1bb4b78b3b

7f9d11bf-7fb9-436b-a812-b2d50c5d4c03
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-ce8891408f82dc2bb1
  ncalrpc: LRPC-461d4a7e1bb4b78b3b

dd490425-5325-4565-b774-7e27d6c09c24
  version: v1.0
  annotation: Base Firewall Engine API
  provider: BFE.DLL
  ncalrpc: LRPC-461d4a7e1bb4b78b3b

0d3c7f20-1c8d-4654-a1b3-51563b298bda
  version: v1.0
  annotation: UserMgrCli
  ncalrpc: LRPC-056892d8c36a470017
  ncalrpc: OLEB00DB4236874D73BCFD81DA8B3D1

b18fbab6-56f8-4702-84e0-41053293a869
  version: v1.0
  annotation: UserMgrCli
  ncalrpc: LRPC-056892d8c36a470017
  ncalrpc: OLEB00DB4236874D73BCFD81DA8B3D1

c2d1b5dd-fa81-4460-9dd6-e7658b85454b
  version: v1.0
  ncalrpc: LRPC-9115296a4da1a0535b
  ncalrpc: OLEA154DB70E5D435BA8F7EEDF95249

f44e62af-dab1-44c2-8013-049a9de417d6
  version: v1.0
  ncalrpc: LRPC-9115296a4da1a0535b
  ncalrpc: OLEA154DB70E5D435BA8F7EEDF95249

7aeb6705-3ae6-471a-882d-f39c109edc12
  version: v1.0
  ncalrpc: LRPC-9115296a4da1a0535b
  ncalrpc: OLEA154DB70E5D435BA8F7EEDF95249

e7f76134-9ef5-4949-a2d6-3368cc0988f3
  version: v1.0
  ncalrpc: LRPC-9115296a4da1a0535b
  ncalrpc: OLEA154DB70E5D435BA8F7EEDF95249

b37f900a-eae4-4304-a2ab-12bb668c0188
  version: v1.0
  ncalrpc: LRPC-9115296a4da1a0535b
  ncalrpc: OLEA154DB70E5D435BA8F7EEDF95249

abfb6ca3-0c5e-4734-9285-0aee72fe8d1c
  version: v1.0
  ncalrpc: LRPC-9115296a4da1a0535b
  ncalrpc: OLEA154DB70E5D435BA8F7EEDF95249

7f1343fe-50a9-4927-a778-0c5859517bac
  version: v1.0
  annotation: DfsDs service
  ncacn_np: \\HOST2\PIPE\wkssvc
  ncalrpc: LRPC-31c4815b14ef0132c0

eb081a0d-10ee-478a-a1dd-50995283e7a8
  version: v3.0
  annotation: Witness Client Test Interface
  ncalrpc: LRPC-31c4815b14ef0132c0

f2c9b409-c1c9-4100-8639-d8ab1486694a
  version: v1.0
  annotation: Witness Client Upcall Server
  ncalrpc: LRPC-31c4815b14ef0132c0

29770a8f-829b-4158-90a2-78cd488501f7
  version: v1.0
  ncacn_ip_tcp: 159.69.75.118:49669
  ncacn_np: \\HOST2\pipe\SessEnvPublicRpc
  ncalrpc: SessEnvPrivateRpc
  ncalrpc: LRPC-f12431e2e0c89b4c0e

df4df73a-c52d-4e3a-8003-8437fdf8302a
  version: v0.0
  annotation: WM_WindowManagerRPC\Server
  ncalrpc: LRPC-1443847bb6bf4aad75

76f03f96-cdfd-44fc-a22c-64950a001209
  version: v1.0
  protocol: [MS-PAR]: Print System Asynchronous Remote Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 159.69.75.118:49670
  ncalrpc: LRPC-7636a11d35e06d51be

4a452661-8290-4b36-8fbe-7f4093a94978
  version: v1.0
  provider: spoolsv.exe
  ncacn_ip_tcp: 159.69.75.118:49670
  ncalrpc: LRPC-7636a11d35e06d51be

ae33069b-a2a8-46ee-a235-ddfd339be281
  version: v1.0
  protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 159.69.75.118:49670
  ncalrpc: LRPC-7636a11d35e06d51be

0b6edbfa-4a24-4fc6-8a23-942b1eca65d1
  version: v1.0
  protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 159.69.75.118:49670
  ncalrpc: LRPC-7636a11d35e06d51be

12345678-1234-abcd-ef00-0123456789ab
  version: v1.0
  protocol: [MS-RPRN]: Print System Remote Protocol
  provider: spoolsv.exe
  ncacn_ip_tcp: 159.69.75.118:49670
  ncalrpc: LRPC-7636a11d35e06d51be

12345778-1234-abcd-ef00-0123456789ac
  version: v1.0
  protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
  provider: samsrv.dll
  ncacn_ip_tcp: 159.69.75.118:49671
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: LSA_IDPEXT_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\HOST2\pipe\lsass

51a227ae-825b-41f2-b4a9-1ac9557a1018
  version: v1.0
  annotation: Ngc Pop Key Service
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: LSA_IDPEXT_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\HOST2\pipe\lsass

8fb74744-b2ff-4c00-be0d-9ef9a191fe1b
  version: v1.0
  annotation: Ngc Pop Key Service
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: LSA_IDPEXT_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\HOST2\pipe\lsass

b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86
  version: v2.0
  annotation: KeyIso
  ncalrpc: samss lpc
  ncalrpc: SidKey Local End Point
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSA_EAS_ENDPOINT
  ncalrpc: LSA_IDPEXT_ENDPOINT
  ncalrpc: lsacap
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncacn_np: \\HOST2\pipe\lsass

b58aa02e-2884-4e97-8176-4ee06d794184
  version: v1.0
  provider: sysmain.dll
  ncalrpc: LRPC-69999bbccd3775fe51

a398e520-d59a-4bdd-aa7a-3c1e0303a511
  version: v1.0
  annotation: IKE/Authip API
  provider: IKEEXT.DLL
  ncalrpc: LRPC-e6d73c1e4b9dc43305

c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1
  version: v1.0
  annotation: Adh APIs
  ncalrpc: TeredoControl
  ncalrpc: TeredoDiagnostics
  ncalrpc: LRPC-8b22b67804fedf6727

c36be077-e14b-4fe9-8abc-e856ef4f048b
  version: v1.0
  annotation: Proxy Manager client server endpoint
  ncalrpc: TeredoControl
  ncalrpc: TeredoDiagnostics
  ncalrpc: LRPC-8b22b67804fedf6727

2e6035b2-e8f1-41a7-a044-656b439c4c34
  version: v1.0
  annotation: Proxy Manager provider server endpoint
  ncalrpc: TeredoControl
  ncalrpc: TeredoDiagnostics
  ncalrpc: LRPC-8b22b67804fedf6727

552d076a-cb29-4e44-8b6a-d15e59e2c0af
  version: v1.0
  annotation: IP Transition Configuration endpoint
  provider: iphlpsvc.dll
  ncalrpc: LRPC-8b22b67804fedf6727

1a0d010f-1c33-432c-b0f5-8cf4e8053099
  version: v1.0
  annotation: IdSegSrv service
  ncalrpc: LRPC-9992962f44aa3970ad

98716d03-89ac-44c7-bb8c-285824e51c4a
  version: v1.0
  annotation: XactSrv service
  provider: srvsvc.dll
  ncalrpc: LRPC-9992962f44aa3970ad

906b0ce0-c70b-1067-b317-00dd010662da
  version: v1.0
  protocol: [MS-CMPO]: MSDTC Connection Manager:
  provider: msdtcprx.dll
  ncalrpc: LRPC-d0e8d1a3b4d6d281c0
  ncalrpc: LRPC-d0e8d1a3b4d6d281c0
  ncalrpc: LRPC-d0e8d1a3b4d6d281c0

98cd761e-e77d-41c8-a3c0-0fb756d90ec2
  version: v1.0
  ncalrpc: LRPC-fa6e171c4d9129a1ba

d22895ef-aff4-42c5-a5b2-b14466d34ab4
  version: v1.0
  ncalrpc: LRPC-fa6e171c4d9129a1ba

e38f5360-8572-473e-b696-1b46873beeab
  version: v1.0
  ncalrpc: LRPC-fa6e171c4d9129a1ba

95095ec8-32ea-4eb0-a3e2-041f97b36168
  version: v1.0
  ncalrpc: LRPC-fa6e171c4d9129a1ba

fd8be72b-a9cd-4b2c-a9ca-4ded242fbe4d
  version: v1.0
  ncalrpc: LRPC-fa6e171c4d9129a1ba

4c9dbf19-d39e-4bb9-90ee-8f7179b20283
  version: v1.0
  ncalrpc: LRPC-fa6e171c4d9129a1ba

650a7e26-eab8-5533-ce43-9c1dfce11511
  version: v1.0
  annotation: Vpn APIs
  ncalrpc: LRPC-7b35102d894a4b3496
  ncalrpc: VpnikeRpc
  ncalrpc: RasmanLrpc
  ncacn_np: \\HOST2\PIPE\ROUTER

50abc2a4-574d-40b3-9d66-ee4fd5fba076
  version: v5.0
  protocol: [MS-DNSP]: Domain Name Service (DNS) Server Management
  provider: dns.exe
  ncacn_ip_tcp: 159.69.75.118:49677

367abb81-9844-35f1-ad32-98f038001003
  version: v2.0
  protocol: [MS-SCMR]: Service Control Manager Remote Protocol
  provider: services.exe
  ncacn_ip_tcp: 159.69.75.118:49691

f3f09ffd-fbcf-4291-944d-70ad6e0e73bb
  version: v1.0
  ncalrpc: LRPC-13895b9c503abf9fc1
  ncalrpc: LRPC-0c03b751931240308c

9435cc56-1d9c-4924-ac7d-b60a2c3520e1
  version: v1.0
  annotation: SPPSVC Default RPC Interface
  provider: sppsvc.exe
  ncalrpc: SPPCTransportEndpoint-00001

0767a036-0d22-48aa-ba69-b619480f38cb
  version: v1.0
  annotation: PcaSvc
  provider: pcasvc.dll
  ncalrpc: LRPC-436c28d3b3762efa08

12e65dd8-887f-41ef-91bf-8d816c42c2e7
  version: v1.0
  annotation: Secure Desktop LRPC interface
  provider: winlogon.exe
  ncalrpc: WMsgKRpc05F5E3C62

b1ef227e-dfa5-421e-82bb-67a6a129c496
  version: v0.0
  ncalrpc: LRPC-fe13301ecda38c33f5
  ncalrpc: OLE4E402CA1735D2317DA0CD9366C44

0fc77b1a-95d8-4a2e-a0c0-cff54237462b
  version: v0.0
  ncalrpc: LRPC-fe13301ecda38c33f5
  ncalrpc: OLE4E402CA1735D2317DA0CD9366C44

8ec21e98-b5ce-4916-a3d6-449fa428a007
  version: v0.0
  ncalrpc: LRPC-fe13301ecda38c33f5
  ncalrpc: OLE4E402CA1735D2317DA0CD9366C44

54b4c689-969a-476f-8dc2-990885e9f562
  version: v0.0
  ncalrpc: LRPC-422352ff43dcaa067d

be7f785e-0e3a-4ab7-91de-7e46e443be29
  version: v0.0
  ncalrpc: LRPC-422352ff43dcaa067d

-687650146 | 2024-12-25T15:51:48.567739

465 / tcp

220 host2.rifdoo.de Kerio Connect 9.2.9 ESMTP ready
250-host2.rifdoo.de
250-AUTH CRAM-MD5 PLAIN LOGIN DIGEST-MD5
250-SIZE 31457280
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-PIPELINING
250-ETRN
250-DSN
250 HELP

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            d1:fb:5e:1c:fc:7c:5f:49:a7:e3:a0:12:4c:5d:70:93
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=LV, L=Riga, O=GoGetSSL, CN=GoGetSSL RSA DV CA
        Validity
            Not Before: May 11 00:00:00 2024 GMT
            Not After : May 11 23:59:59 2025 GMT
        Subject: CN=host2.rifdoo.de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b8:3b:56:98:b0:44:33:79:70:8b:e2:b7:5c:8b:
                    78:32:2b:a0:34:f6:48:eb:7f:59:41:e4:81:dc:fd:
                    b5:bc:5c:f9:60:b0:5c:10:f8:7c:f5:be:9f:e9:30:
                    0c:dc:cb:a2:5d:95:c4:8d:e2:46:f8:03:a8:97:aa:
                    f8:d5:58:ad:9c:fe:3b:46:cf:d1:ba:09:5b:22:9b:
                    3a:03:24:56:ea:a4:d4:70:d8:42:23:48:e4:c9:64:
                    6c:d1:0c:d9:43:16:96:f9:1f:b8:88:ba:ca:e3:d0:
                    66:22:7c:e9:70:5b:20:bf:55:ad:99:c8:82:c4:8d:
                    5f:9a:6c:08:74:be:26:8d:d7:bf:1a:7a:88:18:d0:
                    cb:56:57:51:a3:c1:32:7c:9f:98:15:74:6f:2d:70:
                    55:11:73:d1:6a:45:00:a9:3d:29:fe:9b:53:a7:36:
                    92:e5:12:43:34:ac:d3:d9:7f:a4:74:b7:96:e8:6f:
                    d3:68:82:e4:8d:3f:47:5f:63:d5:82:f4:37:df:cf:
                    25:d2:59:0d:f9:fc:28:31:77:33:55:b9:ac:16:d5:
                    08:7a:14:60:fd:3e:20:ca:8a:77:cc:b0:f3:d4:0b:
                    74:27:a8:f8:41:02:19:79:70:3c:e5:ed:a8:b6:01:
                    17:f1:87:2b:7c:b0:8e:77:ea:a4:e4:cb:10:e4:79:
                    75:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                F9:FB:50:C4:8B:67:BB:67:64:FE:83:21:A6:A9:CE:3F:55:84:93:99
            X509v3 Subject Key Identifier: 
                DF:6B:83:2D:5E:E0:1C:D9:48:75:A7:4F:17:D5:26:B8:DE:31:89:39
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.6449.1.2.2.64
                  CPS: https://cps.usertrust.com
                Policy: 2.23.140.1.2.1
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.usertrust.com/GoGetSSLRSADVCA.crl
            Authority Information Access: 
                CA Issuers - URI:http://crt.usertrust.com/GoGetSSLRSADVCA.crt
                OCSP - URI:http://ocsp.usertrust.com
            X509v3 Subject Alternative Name: 
                DNS:host2.rifdoo.de, DNS:www.host2.rifdoo.de
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
                                1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
                    Timestamp : May 11 21:38:17.753 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:D5:7B:CB:AE:53:A1:24:16:3C:35:CF:
                                A0:B0:B9:7C:56:30:97:54:A9:63:F4:A7:7B:39:4F:E6:
                                A3:A1:29:34:A3:02:21:00:AA:7E:EB:A7:E1:19:BC:65:
                                DD:DB:FF:D4:79:AF:11:09:F9:21:96:BC:55:A3:4A:9E:
                                65:B0:38:6C:CF:A7:04:B1
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : May 11 21:38:17.721 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:99:C6:10:2F:A9:2B:10:AE:A2:65:A1:
                                58:43:A1:71:8E:7D:CA:66:F5:38:88:6D:29:EA:BE:57:
                                41:C6:60:F3:90:02:21:00:8A:E6:75:73:82:00:07:82:
                                2B:8E:98:24:4D:53:6A:EB:FF:A9:CE:DB:00:E8:D3:59:
                                3F:63:0D:E2:C0:0F:AA:B1
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : May 11 21:38:17.721 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:BE:FA:AA:67:BC:10:F4:1F:BE:72:A3:
                                56:2A:68:2C:DB:2B:8F:29:89:8C:97:BA:B8:AB:A7:A4:
                                E7:FF:E6:A3:65:02:20:56:72:63:5F:AA:A9:D9:BA:44:
                                15:0E:5A:E6:E7:D2:85:84:CF:6E:AB:5F:FD:93:6A:07:
                                13:6F:C6:5B:09:91:E6
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        59:7c:7e:1b:a1:5c:5a:4a:68:39:e4:c5:7d:9c:61:10:01:ed:
        68:fb:62:0e:e0:62:b6:9a:8d:92:3f:07:e2:27:aa:a1:52:fc:
        72:af:dc:da:6d:28:02:e2:31:5a:f3:98:96:01:29:fb:1e:f1:
        4d:68:2e:2e:96:08:43:54:b1:00:2f:a1:b3:fb:49:59:ca:24:
        70:9b:e0:52:5f:d0:00:90:08:86:a4:ad:cb:33:83:c5:d2:1c:
        9f:ae:d7:c2:d9:46:0b:07:fb:ba:ae:cb:05:a2:36:69:d5:1b:
        de:67:76:59:ca:0d:6e:e7:dc:e5:b3:a1:2e:fc:87:5a:4d:e9:
        75:b7:b9:d0:79:55:17:93:6e:cf:76:55:1e:18:ee:1d:38:8b:
        3a:23:c7:fe:b4:44:80:b1:b1:04:07:c3:00:93:05:08:05:29:
        51:e2:c5:83:93:d5:0c:58:eb:8b:fb:ce:d3:4b:8b:42:2c:a9:
        cc:41:fa:b1:a5:7c:6a:84:d0:a5:a7:53:01:fe:82:e8:db:e1:
        d1:5c:94:30:e2:d3:15:c6:9b:2a:cb:ba:dd:71:ba:71:46:e7:
        8e:77:7a:f5:8e:9c:fc:92:30:8d:02:82:64:61:86:68:49:70:
        53:de:17:4e:c8:1e:0a:ed:95:c7:91:58:23:28:72:6f:60:e5:
        55:06:8a:ab

-1738027650 | 2024-12-08T13:56:39.313957

587 / tcp

220 host2.rifdoo.de Kerio Connect 9.2.9 ESMTP ready
250-host2.rifdoo.de
250-AUTH CRAM-MD5 DIGEST-MD5
250-SIZE 31457280
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-PIPELINING
250-ETRN
250-DSN
250 HELP

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            d1:fb:5e:1c:fc:7c:5f:49:a7:e3:a0:12:4c:5d:70:93
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=LV, L=Riga, O=GoGetSSL, CN=GoGetSSL RSA DV CA
        Validity
            Not Before: May 11 00:00:00 2024 GMT
            Not After : May 11 23:59:59 2025 GMT
        Subject: CN=host2.rifdoo.de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b8:3b:56:98:b0:44:33:79:70:8b:e2:b7:5c:8b:
                    78:32:2b:a0:34:f6:48:eb:7f:59:41:e4:81:dc:fd:
                    b5:bc:5c:f9:60:b0:5c:10:f8:7c:f5:be:9f:e9:30:
                    0c:dc:cb:a2:5d:95:c4:8d:e2:46:f8:03:a8:97:aa:
                    f8:d5:58:ad:9c:fe:3b:46:cf:d1:ba:09:5b:22:9b:
                    3a:03:24:56:ea:a4:d4:70:d8:42:23:48:e4:c9:64:
                    6c:d1:0c:d9:43:16:96:f9:1f:b8:88:ba:ca:e3:d0:
                    66:22:7c:e9:70:5b:20:bf:55:ad:99:c8:82:c4:8d:
                    5f:9a:6c:08:74:be:26:8d:d7:bf:1a:7a:88:18:d0:
                    cb:56:57:51:a3:c1:32:7c:9f:98:15:74:6f:2d:70:
                    55:11:73:d1:6a:45:00:a9:3d:29:fe:9b:53:a7:36:
                    92:e5:12:43:34:ac:d3:d9:7f:a4:74:b7:96:e8:6f:
                    d3:68:82:e4:8d:3f:47:5f:63:d5:82:f4:37:df:cf:
                    25:d2:59:0d:f9:fc:28:31:77:33:55:b9:ac:16:d5:
                    08:7a:14:60:fd:3e:20:ca:8a:77:cc:b0:f3:d4:0b:
                    74:27:a8:f8:41:02:19:79:70:3c:e5:ed:a8:b6:01:
                    17:f1:87:2b:7c:b0:8e:77:ea:a4:e4:cb:10:e4:79:
                    75:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                F9:FB:50:C4:8B:67:BB:67:64:FE:83:21:A6:A9:CE:3F:55:84:93:99
            X509v3 Subject Key Identifier: 
                DF:6B:83:2D:5E:E0:1C:D9:48:75:A7:4F:17:D5:26:B8:DE:31:89:39
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.6449.1.2.2.64
                  CPS: https://cps.usertrust.com
                Policy: 2.23.140.1.2.1
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.usertrust.com/GoGetSSLRSADVCA.crl
            Authority Information Access: 
                CA Issuers - URI:http://crt.usertrust.com/GoGetSSLRSADVCA.crt
                OCSP - URI:http://ocsp.usertrust.com
            X509v3 Subject Alternative Name: 
                DNS:host2.rifdoo.de, DNS:www.host2.rifdoo.de
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
                                1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
                    Timestamp : May 11 21:38:17.753 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:D5:7B:CB:AE:53:A1:24:16:3C:35:CF:
                                A0:B0:B9:7C:56:30:97:54:A9:63:F4:A7:7B:39:4F:E6:
                                A3:A1:29:34:A3:02:21:00:AA:7E:EB:A7:E1:19:BC:65:
                                DD:DB:FF:D4:79:AF:11:09:F9:21:96:BC:55:A3:4A:9E:
                                65:B0:38:6C:CF:A7:04:B1
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : May 11 21:38:17.721 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:99:C6:10:2F:A9:2B:10:AE:A2:65:A1:
                                58:43:A1:71:8E:7D:CA:66:F5:38:88:6D:29:EA:BE:57:
                                41:C6:60:F3:90:02:21:00:8A:E6:75:73:82:00:07:82:
                                2B:8E:98:24:4D:53:6A:EB:FF:A9:CE:DB:00:E8:D3:59:
                                3F:63:0D:E2:C0:0F:AA:B1
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : May 11 21:38:17.721 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:BE:FA:AA:67:BC:10:F4:1F:BE:72:A3:
                                56:2A:68:2C:DB:2B:8F:29:89:8C:97:BA:B8:AB:A7:A4:
                                E7:FF:E6:A3:65:02:20:56:72:63:5F:AA:A9:D9:BA:44:
                                15:0E:5A:E6:E7:D2:85:84:CF:6E:AB:5F:FD:93:6A:07:
                                13:6F:C6:5B:09:91:E6
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        59:7c:7e:1b:a1:5c:5a:4a:68:39:e4:c5:7d:9c:61:10:01:ed:
        68:fb:62:0e:e0:62:b6:9a:8d:92:3f:07:e2:27:aa:a1:52:fc:
        72:af:dc:da:6d:28:02:e2:31:5a:f3:98:96:01:29:fb:1e:f1:
        4d:68:2e:2e:96:08:43:54:b1:00:2f:a1:b3:fb:49:59:ca:24:
        70:9b:e0:52:5f:d0:00:90:08:86:a4:ad:cb:33:83:c5:d2:1c:
        9f:ae:d7:c2:d9:46:0b:07:fb:ba:ae:cb:05:a2:36:69:d5:1b:
        de:67:76:59:ca:0d:6e:e7:dc:e5:b3:a1:2e:fc:87:5a:4d:e9:
        75:b7:b9:d0:79:55:17:93:6e:cf:76:55:1e:18:ee:1d:38:8b:
        3a:23:c7:fe:b4:44:80:b1:b1:04:07:c3:00:93:05:08:05:29:
        51:e2:c5:83:93:d5:0c:58:eb:8b:fb:ce:d3:4b:8b:42:2c:a9:
        cc:41:fa:b1:a5:7c:6a:84:d0:a5:a7:53:01:fe:82:e8:db:e1:
        d1:5c:94:30:e2:d3:15:c6:9b:2a:cb:ba:dd:71:ba:71:46:e7:
        8e:77:7a:f5:8e:9c:fc:92:30:8d:02:82:64:61:86:68:49:70:
        53:de:17:4e:c8:1e:0a:ed:95:c7:91:58:23:28:72:6f:60:e5:
        55:06:8a:ab

1854939760 | 2024-12-29T06:01:31.867292

993 / tcp

* OK Kerio Connect 9.2.9 IMAP4rev1 server ready
* CAPABILITY IMAP4 IMAP4rev1 IDLE ACL LITERAL+ UIDPLUS QUOTA ID SORT ANNOTATE ANNOTATEMORE STATUS-COUNTERS UNSELECT LISTEXT NAMESPACE XLIST SPECIAL-USE XAPPLEPUSHSERVICE AUTH=CRAM-MD5 AUTH=PLAIN AUTH=LOGIN AUTH=DIGEST-MD5
A001 OK CAPABILITY completed
* ID ("name" "Kerio Connect" "version" " 9.2.9 ")
A002 OK ID completed
A003 BAD Unknown command 'unknowncmd'
* BYE logging out
A004 OK LOGOUT completed

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            d1:fb:5e:1c:fc:7c:5f:49:a7:e3:a0:12:4c:5d:70:93
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=LV, L=Riga, O=GoGetSSL, CN=GoGetSSL RSA DV CA
        Validity
            Not Before: May 11 00:00:00 2024 GMT
            Not After : May 11 23:59:59 2025 GMT
        Subject: CN=host2.rifdoo.de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b8:3b:56:98:b0:44:33:79:70:8b:e2:b7:5c:8b:
                    78:32:2b:a0:34:f6:48:eb:7f:59:41:e4:81:dc:fd:
                    b5:bc:5c:f9:60:b0:5c:10:f8:7c:f5:be:9f:e9:30:
                    0c:dc:cb:a2:5d:95:c4:8d:e2:46:f8:03:a8:97:aa:
                    f8:d5:58:ad:9c:fe:3b:46:cf:d1:ba:09:5b:22:9b:
                    3a:03:24:56:ea:a4:d4:70:d8:42:23:48:e4:c9:64:
                    6c:d1:0c:d9:43:16:96:f9:1f:b8:88:ba:ca:e3:d0:
                    66:22:7c:e9:70:5b:20:bf:55:ad:99:c8:82:c4:8d:
                    5f:9a:6c:08:74:be:26:8d:d7:bf:1a:7a:88:18:d0:
                    cb:56:57:51:a3:c1:32:7c:9f:98:15:74:6f:2d:70:
                    55:11:73:d1:6a:45:00:a9:3d:29:fe:9b:53:a7:36:
                    92:e5:12:43:34:ac:d3:d9:7f:a4:74:b7:96:e8:6f:
                    d3:68:82:e4:8d:3f:47:5f:63:d5:82:f4:37:df:cf:
                    25:d2:59:0d:f9:fc:28:31:77:33:55:b9:ac:16:d5:
                    08:7a:14:60:fd:3e:20:ca:8a:77:cc:b0:f3:d4:0b:
                    74:27:a8:f8:41:02:19:79:70:3c:e5:ed:a8:b6:01:
                    17:f1:87:2b:7c:b0:8e:77:ea:a4:e4:cb:10:e4:79:
                    75:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                F9:FB:50:C4:8B:67:BB:67:64:FE:83:21:A6:A9:CE:3F:55:84:93:99
            X509v3 Subject Key Identifier: 
                DF:6B:83:2D:5E:E0:1C:D9:48:75:A7:4F:17:D5:26:B8:DE:31:89:39
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.6449.1.2.2.64
                  CPS: https://cps.usertrust.com
                Policy: 2.23.140.1.2.1
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.usertrust.com/GoGetSSLRSADVCA.crl
            Authority Information Access: 
                CA Issuers - URI:http://crt.usertrust.com/GoGetSSLRSADVCA.crt
                OCSP - URI:http://ocsp.usertrust.com
            X509v3 Subject Alternative Name: 
                DNS:host2.rifdoo.de, DNS:www.host2.rifdoo.de
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
                                1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
                    Timestamp : May 11 21:38:17.753 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:D5:7B:CB:AE:53:A1:24:16:3C:35:CF:
                                A0:B0:B9:7C:56:30:97:54:A9:63:F4:A7:7B:39:4F:E6:
                                A3:A1:29:34:A3:02:21:00:AA:7E:EB:A7:E1:19:BC:65:
                                DD:DB:FF:D4:79:AF:11:09:F9:21:96:BC:55:A3:4A:9E:
                                65:B0:38:6C:CF:A7:04:B1
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : May 11 21:38:17.721 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:99:C6:10:2F:A9:2B:10:AE:A2:65:A1:
                                58:43:A1:71:8E:7D:CA:66:F5:38:88:6D:29:EA:BE:57:
                                41:C6:60:F3:90:02:21:00:8A:E6:75:73:82:00:07:82:
                                2B:8E:98:24:4D:53:6A:EB:FF:A9:CE:DB:00:E8:D3:59:
                                3F:63:0D:E2:C0:0F:AA:B1
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : May 11 21:38:17.721 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:BE:FA:AA:67:BC:10:F4:1F:BE:72:A3:
                                56:2A:68:2C:DB:2B:8F:29:89:8C:97:BA:B8:AB:A7:A4:
                                E7:FF:E6:A3:65:02:20:56:72:63:5F:AA:A9:D9:BA:44:
                                15:0E:5A:E6:E7:D2:85:84:CF:6E:AB:5F:FD:93:6A:07:
                                13:6F:C6:5B:09:91:E6
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        59:7c:7e:1b:a1:5c:5a:4a:68:39:e4:c5:7d:9c:61:10:01:ed:
        68:fb:62:0e:e0:62:b6:9a:8d:92:3f:07:e2:27:aa:a1:52:fc:
        72:af:dc:da:6d:28:02:e2:31:5a:f3:98:96:01:29:fb:1e:f1:
        4d:68:2e:2e:96:08:43:54:b1:00:2f:a1:b3:fb:49:59:ca:24:
        70:9b:e0:52:5f:d0:00:90:08:86:a4:ad:cb:33:83:c5:d2:1c:
        9f:ae:d7:c2:d9:46:0b:07:fb:ba:ae:cb:05:a2:36:69:d5:1b:
        de:67:76:59:ca:0d:6e:e7:dc:e5:b3:a1:2e:fc:87:5a:4d:e9:
        75:b7:b9:d0:79:55:17:93:6e:cf:76:55:1e:18:ee:1d:38:8b:
        3a:23:c7:fe:b4:44:80:b1:b1:04:07:c3:00:93:05:08:05:29:
        51:e2:c5:83:93:d5:0c:58:eb:8b:fb:ce:d3:4b:8b:42:2c:a9:
        cc:41:fa:b1:a5:7c:6a:84:d0:a5:a7:53:01:fe:82:e8:db:e1:
        d1:5c:94:30:e2:d3:15:c6:9b:2a:cb:ba:dd:71:ba:71:46:e7:
        8e:77:7a:f5:8e:9c:fc:92:30:8d:02:82:64:61:86:68:49:70:
        53:de:17:4e:c8:1e:0a:ed:95:c7:91:58:23:28:72:6f:60:e5:
        55:06:8a:ab

802233542 | 2024-12-31T12:33:33.276579

995 / tcp

+OK Kerio Connect 9.2.9 POP3 server ready <49596.1735648405@host2.rifdoo.de>
+OK Capability list follows
SASL CRAM-MD5 PLAIN LOGIN DIGEST-MD5
TOP
USER
UIDL
.

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            d1:fb:5e:1c:fc:7c:5f:49:a7:e3:a0:12:4c:5d:70:93
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=LV, L=Riga, O=GoGetSSL, CN=GoGetSSL RSA DV CA
        Validity
            Not Before: May 11 00:00:00 2024 GMT
            Not After : May 11 23:59:59 2025 GMT
        Subject: CN=host2.rifdoo.de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b8:3b:56:98:b0:44:33:79:70:8b:e2:b7:5c:8b:
                    78:32:2b:a0:34:f6:48:eb:7f:59:41:e4:81:dc:fd:
                    b5:bc:5c:f9:60:b0:5c:10:f8:7c:f5:be:9f:e9:30:
                    0c:dc:cb:a2:5d:95:c4:8d:e2:46:f8:03:a8:97:aa:
                    f8:d5:58:ad:9c:fe:3b:46:cf:d1:ba:09:5b:22:9b:
                    3a:03:24:56:ea:a4:d4:70:d8:42:23:48:e4:c9:64:
                    6c:d1:0c:d9:43:16:96:f9:1f:b8:88:ba:ca:e3:d0:
                    66:22:7c:e9:70:5b:20:bf:55:ad:99:c8:82:c4:8d:
                    5f:9a:6c:08:74:be:26:8d:d7:bf:1a:7a:88:18:d0:
                    cb:56:57:51:a3:c1:32:7c:9f:98:15:74:6f:2d:70:
                    55:11:73:d1:6a:45:00:a9:3d:29:fe:9b:53:a7:36:
                    92:e5:12:43:34:ac:d3:d9:7f:a4:74:b7:96:e8:6f:
                    d3:68:82:e4:8d:3f:47:5f:63:d5:82:f4:37:df:cf:
                    25:d2:59:0d:f9:fc:28:31:77:33:55:b9:ac:16:d5:
                    08:7a:14:60:fd:3e:20:ca:8a:77:cc:b0:f3:d4:0b:
                    74:27:a8:f8:41:02:19:79:70:3c:e5:ed:a8:b6:01:
                    17:f1:87:2b:7c:b0:8e:77:ea:a4:e4:cb:10:e4:79:
                    75:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                F9:FB:50:C4:8B:67:BB:67:64:FE:83:21:A6:A9:CE:3F:55:84:93:99
            X509v3 Subject Key Identifier: 
                DF:6B:83:2D:5E:E0:1C:D9:48:75:A7:4F:17:D5:26:B8:DE:31:89:39
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.6449.1.2.2.64
                  CPS: https://cps.usertrust.com
                Policy: 2.23.140.1.2.1
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.usertrust.com/GoGetSSLRSADVCA.crl
            Authority Information Access: 
                CA Issuers - URI:http://crt.usertrust.com/GoGetSSLRSADVCA.crt
                OCSP - URI:http://ocsp.usertrust.com
            X509v3 Subject Alternative Name: 
                DNS:host2.rifdoo.de, DNS:www.host2.rifdoo.de
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
                                1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
                    Timestamp : May 11 21:38:17.753 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:D5:7B:CB:AE:53:A1:24:16:3C:35:CF:
                                A0:B0:B9:7C:56:30:97:54:A9:63:F4:A7:7B:39:4F:E6:
                                A3:A1:29:34:A3:02:21:00:AA:7E:EB:A7:E1:19:BC:65:
                                DD:DB:FF:D4:79:AF:11:09:F9:21:96:BC:55:A3:4A:9E:
                                65:B0:38:6C:CF:A7:04:B1
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : May 11 21:38:17.721 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:99:C6:10:2F:A9:2B:10:AE:A2:65:A1:
                                58:43:A1:71:8E:7D:CA:66:F5:38:88:6D:29:EA:BE:57:
                                41:C6:60:F3:90:02:21:00:8A:E6:75:73:82:00:07:82:
                                2B:8E:98:24:4D:53:6A:EB:FF:A9:CE:DB:00:E8:D3:59:
                                3F:63:0D:E2:C0:0F:AA:B1
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : May 11 21:38:17.721 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:BE:FA:AA:67:BC:10:F4:1F:BE:72:A3:
                                56:2A:68:2C:DB:2B:8F:29:89:8C:97:BA:B8:AB:A7:A4:
                                E7:FF:E6:A3:65:02:20:56:72:63:5F:AA:A9:D9:BA:44:
                                15:0E:5A:E6:E7:D2:85:84:CF:6E:AB:5F:FD:93:6A:07:
                                13:6F:C6:5B:09:91:E6
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        59:7c:7e:1b:a1:5c:5a:4a:68:39:e4:c5:7d:9c:61:10:01:ed:
        68:fb:62:0e:e0:62:b6:9a:8d:92:3f:07:e2:27:aa:a1:52:fc:
        72:af:dc:da:6d:28:02:e2:31:5a:f3:98:96:01:29:fb:1e:f1:
        4d:68:2e:2e:96:08:43:54:b1:00:2f:a1:b3:fb:49:59:ca:24:
        70:9b:e0:52:5f:d0:00:90:08:86:a4:ad:cb:33:83:c5:d2:1c:
        9f:ae:d7:c2:d9:46:0b:07:fb:ba:ae:cb:05:a2:36:69:d5:1b:
        de:67:76:59:ca:0d:6e:e7:dc:e5:b3:a1:2e:fc:87:5a:4d:e9:
        75:b7:b9:d0:79:55:17:93:6e:cf:76:55:1e:18:ee:1d:38:8b:
        3a:23:c7:fe:b4:44:80:b1:b1:04:07:c3:00:93:05:08:05:29:
        51:e2:c5:83:93:d5:0c:58:eb:8b:fb:ce:d3:4b:8b:42:2c:a9:
        cc:41:fa:b1:a5:7c:6a:84:d0:a5:a7:53:01:fe:82:e8:db:e1:
        d1:5c:94:30:e2:d3:15:c6:9b:2a:cb:ba:dd:71:ba:71:46:e7:
        8e:77:7a:f5:8e:9c:fc:92:30:8d:02:82:64:61:86:68:49:70:
        53:de:17:4e:c8:1e:0a:ed:95:c7:91:58:23:28:72:6f:60:e5:
        55:06:8a:ab

2081518769 | 2025-01-01T17:05:36.800876

3389 / tcp

Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x1f\x08\x00\x02\x00\x00\x00
Remote Desktop Protocol NTLM Info:
  OS: Windows 10 (version 1809)/Windows Server 2019 (version 1809)
  OS Build: 10.0.17763
  Target Name: HOST2
  NetBIOS Domain Name: HOST2
  NetBIOS Computer Name: HOST2
  DNS Domain Name: host2.rifdoo.de
  FQDN: host2.rifdoo.de

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1c:f8:28:fe:1d:11:84:a2:41:02:ea:83:bc:d9:18:63
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=host2.rifdoo.de
        Validity
            Not Before: Nov 29 04:21:45 2024 GMT
            Not After : May 31 04:21:45 2025 GMT
        Subject: CN=host2.rifdoo.de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:e4:00:90:0c:d2:68:29:d5:82:be:64:28:70:19:
                    cb:f7:55:48:bd:e7:a1:fa:08:d5:d8:55:5e:2b:77:
                    5b:a7:2f:f5:bc:b6:85:90:2a:3f:26:47:b0:f2:36:
                    a2:bf:98:ab:dc:93:1a:b8:20:5a:cc:e7:04:ea:80:
                    68:c9:51:23:f9:f9:21:1c:ab:bc:56:53:4f:23:15:
                    0a:66:83:a9:64:10:5b:7f:53:eb:ae:24:15:e7:3e:
                    98:34:86:cf:c1:cc:b0:4f:4e:d5:17:f3:06:92:1b:
                    ef:45:ca:d1:c3:4d:95:39:45:a6:fd:fc:2f:7c:46:
                    ea:8d:9f:8c:01:27:74:76:f9:3f:62:35:5e:4b:3a:
                    5a:f5:a1:25:53:ba:04:7e:e1:9f:37:b7:96:2c:a6:
                    b6:02:39:47:88:68:87:8f:89:32:b6:10:8d:f7:79:
                    3a:af:b9:8a:26:24:f8:ad:4a:2c:bd:41:9f:a3:8b:
                    96:c9:a5:65:8d:46:09:6d:b0:c0:6c:68:66:ec:7f:
                    b8:d4:84:8f:1e:ad:ec:69:d0:3c:1e:02:66:9e:3c:
                    75:68:92:c3:c2:a8:c1:91:51:06:93:29:74:66:cc:
                    38:10:8e:47:7b:c8:d0:88:55:93:13:17:44:83:5e:
                    7c:6f:2c:54:28:ae:06:e5:f7:74:79:d9:b5:98:28:
                    c0:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Key Usage: 
                Key Encipherment, Data Encipherment
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        2a:94:69:f8:35:11:0d:90:14:4d:b9:07:c9:20:02:03:12:f2:
        37:3b:50:ea:c9:e3:16:b3:51:20:75:51:ad:52:3f:ea:38:6c:
        b0:e0:63:58:b4:a2:7b:de:92:03:e4:e1:48:ae:71:51:91:78:
        00:a8:83:7b:82:5b:3d:d8:61:4f:96:58:3d:0a:9c:bd:8a:e6:
        95:26:73:2a:4f:e2:49:96:81:84:a9:f8:df:2e:71:88:78:cc:
        9f:ca:97:68:97:e9:93:75:1c:80:5f:78:a0:98:f1:50:60:06:
        ca:70:fd:14:2b:d7:ef:7f:9d:d8:11:af:50:b7:dd:cb:fd:d4:
        57:b3:54:ac:78:a3:5e:ab:84:d2:b7:ea:22:8d:89:55:73:73:
        d6:27:f0:5c:f0:51:d1:20:51:9a:b9:1d:4e:ea:9a:5f:d2:5f:
        a4:61:e8:4c:29:5d:be:83:40:c2:bd:af:7c:44:13:01:97:65:
        49:25:d6:2b:df:ca:25:93:1a:46:88:3f:62:05:b7:c0:b3:3e:
        69:93:68:41:87:f0:19:45:6e:24:d8:8f:79:77:1f:0c:1d:f1:
        70:e9:8b:23:77:15:e0:8e:4f:08:4a:d9:af:00:f1:a1:69:63:
        07:7e:83:ee:6f:68:25:82:b9:40:fc:cb:64:3e:a7:c0:82:8e:
        05:8d:fd:de

-1397150960 | 2024-12-25T15:42:11.755359

4040 / tcp

Resource can be reach on other place

HTTP/1.1 301 Moved permanently
Connection: Close
Content-Length: 313
Content-Type: text/html
Date: Wed, 25 Dec 2024 15:42:14 GMT
Location: https://159.69.75.118:4040/
Server: Kerio Connect 9.2.9
X-UA-Compatible: IE=edge

1895834808 | 2025-01-04T11:36:43.823929

5222 / tcp

<?xml version='1.0'?><stream:stream xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' id='tigase-error-tigase' from='host2.rifdoo.de' version='1.0' xml:lang='en'><stream:error><host-unknown xmlns='urn:ietf:params:xml:ns:xmpp-streams'/></stream:error></stream:stream>

364729002 | 2025-01-06T01:35:40.930386

9001 / tcp

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Mon, 06 Jan 2025 01:35:40 GMT
Connection: close
Content-Length: 334

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Bad Request</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Bad Request - Invalid Hostname</h2>
<hr><p>HTTP Error 400. The request hostname is invalid.</p>
</BODY></HTML>

1685362388 | 2024-12-24T08:52:52.347263

9002 / tcp

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Tue, 24 Dec 2024 08:52:51 GMT
Connection: close
Content-Length: 334

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Bad Request</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Bad Request - Invalid Hostname</h2>
<hr><p>HTTP Error 400. The request hostname is invalid.</p>
</BODY></HTML>

-985096807 | 2025-01-05T11:16:02.332689

9998 / tcp

403 - Forbidden: Access is denied.

HTTP/1.1 403 Forbidden
Content-Type: text/html
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Sun, 05 Jan 2025 11:16:02 GMT
Content-Length: 1233

159.69.75.118

Last Seen: 2025-01-06

Tags:

GeneralInformation

OpenPorts

148673504 | 2025-01-05T20:15:05.152325
21 / tcp

-1738027650 | 2024-12-31T17:43:48.387053
25 / tcp

Kerio Connect smtpd9.2.9

1297302213 | 2025-01-05T02:47:18.308940
80 / tcp

Microsoft IIS httpd10.0

1299130937 | 2025-01-06T01:16:57.920792
135 / tcp

Microsoft RPC Endpoint Mapper

-687650146 | 2024-12-25T15:51:48.567739
465 / tcp

Kerio Connect smtpd9.2.9

-1738027650 | 2024-12-08T13:56:39.313957
587 / tcp

Kerio Connect smtpd9.2.9

1854939760 | 2024-12-29T06:01:31.867292
993 / tcp

802233542 | 2024-12-31T12:33:33.276579
995 / tcp

2081518769 | 2025-01-01T17:05:36.800876
3389 / tcp

Remote Desktop Protocol

-1397150960 | 2024-12-25T15:42:11.755359
4040 / tcp

1895834808 | 2025-01-04T11:36:43.823929
5222 / tcp

364729002 | 2025-01-06T01:35:40.930386
9001 / tcp

Microsoft HTTPAPI httpd2.0

1685362388 | 2024-12-24T08:52:52.347263
9002 / tcp

-985096807 | 2025-01-05T11:16:02.332689
9998 / tcp

Microsoft IIS httpd10.0

Products

Pricing

Contact Us

159.69.75.118

Last Seen: 2025-01-06

Tags:

GeneralInformation

OpenPorts

148673504 | 2025-01-05T20:15:05.152325 21 / tcp

-1738027650 | 2024-12-31T17:43:48.387053 25 / tcp

1297302213 | 2025-01-05T02:47:18.308940 80 / tcp

1299130937 | 2025-01-06T01:16:57.920792 135 / tcp

-687650146 | 2024-12-25T15:51:48.567739 465 / tcp

-1738027650 | 2024-12-08T13:56:39.313957 587 / tcp

1854939760 | 2024-12-29T06:01:31.867292 993 / tcp

802233542 | 2024-12-31T12:33:33.276579 995 / tcp

2081518769 | 2025-01-01T17:05:36.800876 3389 / tcp

-1397150960 | 2024-12-25T15:42:11.755359 4040 / tcp

1895834808 | 2025-01-04T11:36:43.823929 5222 / tcp

364729002 | 2025-01-06T01:35:40.930386 9001 / tcp

1685362388 | 2024-12-24T08:52:52.347263 9002 / tcp

-985096807 | 2025-01-05T11:16:02.332689 9998 / tcp

Products

Pricing

Contact Us

148673504 | 2025-01-05T20:15:05.152325
21 / tcp

-1738027650 | 2024-12-31T17:43:48.387053
25 / tcp

1297302213 | 2025-01-05T02:47:18.308940
80 / tcp

1299130937 | 2025-01-06T01:16:57.920792
135 / tcp

-687650146 | 2024-12-25T15:51:48.567739
465 / tcp

-1738027650 | 2024-12-08T13:56:39.313957
587 / tcp

1854939760 | 2024-12-29T06:01:31.867292
993 / tcp

802233542 | 2024-12-31T12:33:33.276579
995 / tcp

2081518769 | 2025-01-01T17:05:36.800876
3389 / tcp

-1397150960 | 2024-12-25T15:42:11.755359
4040 / tcp

1895834808 | 2025-01-04T11:36:43.823929
5222 / tcp

364729002 | 2025-01-06T01:35:40.930386
9001 / tcp

1685362388 | 2024-12-24T08:52:52.347263
9002 / tcp

-985096807 | 2025-01-05T11:16:02.332689
9998 / tcp