21 /
tcp
-370734890 | 2025-03-15T06:40:47.069259
220 Microsoft FTP Service
530 User cannot log in.
214-The following commands are recognized (* ==>'s unimplemented).
ABOR
ACCT
ADAT *
ALLO
APPE
AUTH
CCC
CDUP
CWD
DELE
ENC *
EPRT
EPSV
FEAT
HELP
HOST
LANG
LIST
MDTM
MIC *
MKD
MODE
NLST
NOOP
OPTS
PASS
PASV
PBSZ
PORT
PROT
PWD
QUIT
REIN
REST
RETR
RMD
RNFR
RNTO
SITE
SIZE
SMNT
STAT
STOR
STOU
STRU
SYST
TYPE
USER
XCUP
XCWD
XMKD
XPWD
XRMD
214 HELP command successful.
211-Extended features supported:
LANG EN*
UTF8
AUTH TLS;TLS-C;SSL;TLS-P;
PBSZ
PROT C;P;
CCC
HOST
SIZE
MDTM
REST STREAM
211 END
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1476806654 (0x580647fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=CH, L=Schaffhausen, O=Plesk, CN=Plesk/emailAddress=info@plesk.com
Validity
Not Before: Oct 18 16:04:14 2016 GMT
Not After : Oct 18 16:04:14 2017 GMT
Subject: C=CH, L=Schaffhausen, O=Plesk, CN=Plesk/emailAddress=info@plesk.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c4:e2:4c:30:24:88:23:6b:24:a1:a8:5b:f5:ac:
f3:19:99:97:84:6e:9f:9a:74:e3:ad:ad:0d:b1:f4:
37:f5:5f:73:75:72:7a:67:bb:43:b9:bf:d0:9c:99:
ef:88:39:2f:ff:7a:f6:e5:33:dd:06:3e:2b:71:85:
4e:b5:ca:1c:e9:1d:45:7b:2b:05:f0:a9:c3:a5:c2:
d5:8a:33:38:fe:e4:18:f0:6a:19:d8:73:7c:78:65:
76:5f:fc:fa:c6:2c:3d:91:ea:b8:d7:66:16:e5:31:
9d:3f:5d:1f:34:60:49:79:9e:68:9f:57:49:d0:9f:
42:58:a1:f2:be:5b:56:96:7f:54:99:d3:da:ba:0b:
90:8a:6b:27:51:c9:e6:6f:cf:70:ec:ee:3f:00:5f:
65:60:76:30:66:f3:ae:80:5e:d8:39:33:3b:92:61:
5f:e7:92:80:9a:ad:71:06:11:72:f6:19:31:30:96:
91:d4:64:9e:d2:29:ae:b0:8d:21:2a:98:44:a3:2c:
a2:2b:07:9e:87:d7:42:51:72:7f:21:41:5b:2e:8b:
d7:bf:ca:9a:b5:14:f5:54:45:48:20:0a:e4:c1:b9:
e5:dd:1e:a6:ab:61:b7:17:18:c9:17:2d:da:a3:de:
0c:77:84:b0:eb:25:82:14:42:e7:6b:c1:38:c2:86:
96:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:CF:AF:32:87:22:61:05:2F:16:EA:AC:95:E9:35:22:AE:9D:02:8F
X509v3 Authority Key Identifier:
keyid:34:CF:AF:32:87:22:61:05:2F:16:EA:AC:95:E9:35:22:AE:9D:02:8F
DirName:/C=CH/L=Schaffhausen/O=Plesk/CN=Plesk/emailAddress=info@plesk.com
serial:58:06:47:FE
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
b3:11:0a:a1:c0:f1:09:fa:74:e1:ba:d1:81:06:26:76:4e:28:
f1:82:7d:03:68:59:c3:f7:3f:5d:fa:86:d6:dd:88:e0:89:6b:
56:65:1e:72:6f:a9:d6:ac:6b:98:3d:84:e4:cc:b4:c7:f0:c0:
52:08:72:4f:76:f3:db:5d:c6:21:10:4c:59:cb:58:c3:18:96:
57:87:41:d5:dd:16:3e:d7:ee:ce:af:b7:1b:f9:34:21:f1:5b:
35:28:78:4d:a2:74:fd:78:7b:9e:d1:b8:a9:a6:f9:a1:65:67:
98:ef:77:a0:86:d1:98:44:d7:5a:5f:22:ef:aa:7d:68:98:ca:
93:36:68:7c:b6:a3:7a:33:87:a7:8a:1e:8a:7f:79:be:55:6f:
af:84:1a:75:e6:d8:de:b6:a3:0c:0b:4c:4a:10:6d:6f:ec:26:
f4:89:d3:b3:14:6a:10:84:da:a2:39:87:60:53:f2:50:10:12:
1b:0d:63:16:ad:7c:01:d6:6e:e9:b1:c1:80:1b:27:f0:96:05:
c6:79:94:86:d8:eb:cb:ef:f0:0c:e8:cc:6c:3f:f2:ba:4a:ee:
34:a5:85:65:c8:7b:c0:50:da:08:8a:13:5d:ac:b8:d3:70:da:
74:21:1c:d0:db:8c:0b:31:88:6d:8a:86:86:a0:eb:3e:59:4b:
2c:ee:e8:8b
22 /
tcp
-696545501 | 2025-03-15T10:06:35.960548
SSH-2.0-OpenSSH_for_Windows_8.9
Key type: ecdsa-sha2-nistp256
Key: AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLoi71AXVptRjF0aUdxlM3Rf
NJ4uZ67QLzdLS3AkFdiX5aQrQtV6T0ZgbSPT4ZW2lMZMIbxo2BN8LCssvgKJw6g=
Fingerprint: d5:e4:30:20:d5:f7:0f:05:9d:05:dd:8d:f8:b8:32:24
Kex Algorithms:
curve25519-sha256
curve25519-sha256@libssh.org
ecdh-sha2-nistp256
ecdh-sha2-nistp384
ecdh-sha2-nistp521
diffie-hellman-group-exchange-sha256
diffie-hellman-group16-sha512
diffie-hellman-group18-sha512
diffie-hellman-group14-sha256
Server Host Key Algorithms:
rsa-sha2-512
rsa-sha2-256
ecdsa-sha2-nistp256
ssh-ed25519
Encryption Algorithms:
chacha20-poly1305@openssh.com
aes128-ctr
aes192-ctr
aes256-ctr
aes128-gcm@openssh.com
aes256-gcm@openssh.com
MAC Algorithms:
umac-64-etm@openssh.com
umac-128-etm@openssh.com
hmac-sha2-256-etm@openssh.com
hmac-sha2-512-etm@openssh.com
hmac-sha1-etm@openssh.com
umac-64@openssh.com
umac-128@openssh.com
hmac-sha2-256
hmac-sha2-512
hmac-sha1
Compression Algorithms:
none
zlib@openssh.com
25 /
tcp
-801380661 | 2025-03-10T19:51:41.291828
220 app.medgress.com ESMTP MailEnable Service, Version: 10.46-- ready at 03/10/25 23:51:39
250-app.medgress.com [224.241.245.117], this server offers 4 extensions
250-AUTH LOGIN
250-SIZE 40960000
250-HELP
250 AUTH=LOGIN
53 /
tcp
-188396847 | 2025-03-17T23:35:08.416156
53 /
udp
-188396847 | 2025-03-13T05:34:15.634384
1956079492 | 2025-02-24T22:34:47.821213
HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Mon, 24 May 2021 23:54:52 GMT
Accept-Ranges: bytes
ETag: "b5718730f850d71:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 24 Feb 2025 22:34:47 GMT
Content-Length: 3888
Vulnerabilities
110 /
tcp
-471102630 | 2025-03-16T15:18:59.881990
+OK Welcome to MailEnable POP3 Server
+OK Capability list follows
TOP
USER
UIDL
.
135 /
tcp
-168185077 | 2025-03-11T08:58:40.335599
Microsoft RPC Endpoint Mapper
d95afe70-a6d5-4259-822e-2c84da1ddb0d
version: v1.0
protocol: [MS-RSP]: Remote Shutdown Protocol
provider: wininit.exe
ncacn_ip_tcp: 67.227.154.194:49152
ncalrpc: WindowsShutdown
ncacn_np: \\G1E6JQ\PIPE\InitShutdown
ncalrpc: WMsgKRpc04F250
76f226c3-ec14-4325-8a99-6a46348418af
version: v1.0
provider: winlogon.exe
ncalrpc: WindowsShutdown
ncacn_np: \\G1E6JQ\PIPE\InitShutdown
ncalrpc: WMsgKRpc04F250
ncalrpc: WMsgKRpc050ED1
ncalrpc: WMsgKRpc0223098F42
9b008953-f195-4bf9-bde0-4471971e58ed
version: v1.0
ncalrpc: LRPC-947a75443a36155451
ncacn_np: \\G1E6JQ\pipe\LSM_API_service
ncalrpc: LSMApi
ncalrpc: LRPC-c5cf162cdc2eb640e0
ncalrpc: actkernel
ncalrpc: umpo
697dcda9-3ba9-4eb2-9247-e11f1901b0d2
version: v1.0
ncalrpc: LRPC-947a75443a36155451
ncacn_np: \\G1E6JQ\pipe\LSM_API_service
ncalrpc: LSMApi
ncalrpc: LRPC-c5cf162cdc2eb640e0
ncalrpc: actkernel
ncalrpc: umpo
c9ac6db5-82b7-4e55-ae8a-e464ed7b4277
version: v1.0
annotation: Impl friendly name
provider: sysntfy.dll
ncalrpc: LRPC-c5cf162cdc2eb640e0
ncalrpc: actkernel
ncalrpc: umpo
ncalrpc: DeviceSetupManager
ncacn_np: \\G1E6JQ\PIPE\srvsvc
ncacn_ip_tcp: 67.227.154.194:49154
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\G1E6JQ\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE5BDC8926F2A1B7D83AC9F83A9F05
ncalrpc: IUserProfile2
ncalrpc: senssvc
ncalrpc: OLE5BDC8926F2A1B7D83AC9F83A9F05
ncalrpc: IUserProfile2
ncalrpc: senssvc
ncalrpc: OLE5BDC8926F2A1B7D83AC9F83A9F05
ncalrpc: IUserProfile2
ncalrpc: IUserProfile2
0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
c605f9fb-f0a3-4e2a-a073-73560f8d9e3e
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
8bfc3be1-6def-4e2d-af74-7c47cd0ade4a
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
2d98a740-581d-41b9-aa0d-a88b9d5ce938
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
3b338d89-6cfa-44b8-847e-531531bc9992
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
8782d3b9-ebbd-4644-a3d8-e8725381919b
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
085b0334-e454-4d91-9b8c-4134f9e793f3
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9
version: v1.0
ncalrpc: actkernel
ncalrpc: umpo
3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6
version: v1.0
annotation: DHCPv6 Client LRPC Endpoint
provider: dhcpcsvc6.dll
ncalrpc: dhcpcsvc6
ncalrpc: dhcpcsvc
ncalrpc: LRPC-93fe779bccc309d601
ncacn_ip_tcp: 67.227.154.194:49153
ncacn_np: \\G1E6JQ\pipe\eventlog
ncalrpc: eventlog
3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5
version: v1.0
annotation: DHCP Client LRPC Endpoint
provider: dhcpcsvc.dll
ncalrpc: dhcpcsvc
ncalrpc: LRPC-93fe779bccc309d601
ncacn_ip_tcp: 67.227.154.194:49153
ncacn_np: \\G1E6JQ\pipe\eventlog
ncalrpc: eventlog
abfb6ca3-0c5e-4734-9285-0aee72fe8d1c
version: v1.0
annotation: Wcm Service
ncalrpc: LRPC-93fe779bccc309d601
ncacn_ip_tcp: 67.227.154.194:49153
ncacn_np: \\G1E6JQ\pipe\eventlog
ncalrpc: eventlog
30adc50c-5cbc-46ce-9a0e-91914789e23c
version: v1.0
annotation: NRP server endpoint
provider: nrpsrv.dll
ncalrpc: LRPC-93fe779bccc309d601
ncacn_ip_tcp: 67.227.154.194:49153
ncacn_np: \\G1E6JQ\pipe\eventlog
ncalrpc: eventlog
f6beaff7-1e19-4fbb-9f8f-b89e2018337c
version: v1.0
annotation: Event log TCPIP
protocol: [MS-EVEN6]: EventLog Remoting Protocol
provider: wevtsvc.dll
ncacn_ip_tcp: 67.227.154.194:49153
ncacn_np: \\G1E6JQ\pipe\eventlog
ncalrpc: eventlog
58e604e8-9adb-4d2e-a464-3b0683fb1480
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncacn_np: \\G1E6JQ\pipe\SessEnvPublicRpc
ncalrpc: SessEnvPrivateRpc
ncalrpc: LRPC-d16b62b6620e8e74c6
ncalrpc: DeviceSetupManager
ncacn_np: \\G1E6JQ\PIPE\srvsvc
ncacn_ip_tcp: 67.227.154.194:49154
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\G1E6JQ\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE5BDC8926F2A1B7D83AC9F83A9F05
ncalrpc: IUserProfile2
fd7a0523-dc70-43dd-9b2e-9c5ed48225b1
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncacn_np: \\G1E6JQ\pipe\SessEnvPublicRpc
ncalrpc: SessEnvPrivateRpc
ncalrpc: LRPC-d16b62b6620e8e74c6
ncalrpc: DeviceSetupManager
ncacn_np: \\G1E6JQ\PIPE\srvsvc
ncacn_ip_tcp: 67.227.154.194:49154
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\G1E6JQ\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE5BDC8926F2A1B7D83AC9F83A9F05
ncalrpc: IUserProfile2
5f54ce7d-5b79-4175-8584-cb65313a0e98
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncacn_np: \\G1E6JQ\pipe\SessEnvPublicRpc
ncalrpc: SessEnvPrivateRpc
ncalrpc: LRPC-d16b62b6620e8e74c6
ncalrpc: DeviceSetupManager
ncacn_np: \\G1E6JQ\PIPE\srvsvc
ncacn_ip_tcp: 67.227.154.194:49154
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\G1E6JQ\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE5BDC8926F2A1B7D83AC9F83A9F05
ncalrpc: IUserProfile2
201ef99a-7fa0-444c-9399-19ba84f12a1a
version: v1.0
annotation: AppInfo
provider: appinfo.dll
ncacn_np: \\G1E6JQ\pipe\SessEnvPublicRpc
ncalrpc: SessEnvPrivateRpc
ncalrpc: LRPC-d16b62b6620e8e74c6
ncalrpc: DeviceSetupManager
ncacn_np: \\G1E6JQ\PIPE\srvsvc
ncacn_ip_tcp: 67.227.154.194:49154
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\G1E6JQ\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE5BDC8926F2A1B7D83AC9F83A9F05
ncalrpc: IUserProfile2
30b044a5-a225-43f0-b3a4-e060df91f9c1
version: v1.0
provider: certprop.dll
ncalrpc: LRPC-d16b62b6620e8e74c6
ncalrpc: DeviceSetupManager
ncacn_np: \\G1E6JQ\PIPE\srvsvc
ncacn_ip_tcp: 67.227.154.194:49154
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\G1E6JQ\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE5BDC8926F2A1B7D83AC9F83A9F05
ncalrpc: IUserProfile2
1a0d010f-1c33-432c-b0f5-8cf4e8053099
version: v1.0
annotation: IdSegSrv service
ncacn_ip_tcp: 67.227.154.194:49154
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\G1E6JQ\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE5BDC8926F2A1B7D83AC9F83A9F05
ncalrpc: IUserProfile2
98716d03-89ac-44c7-bb8c-285824e51c4a
version: v1.0
annotation: XactSrv service
provider: srvsvc.dll
ncacn_ip_tcp: 67.227.154.194:49154
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\G1E6JQ\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE5BDC8926F2A1B7D83AC9F83A9F05
ncalrpc: IUserProfile2
a398e520-d59a-4bdd-aa7a-3c1e0303a511
version: v1.0
annotation: IKE/Authip API
provider: IKEEXT.DLL
ncacn_ip_tcp: 67.227.154.194:49154
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\G1E6JQ\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE5BDC8926F2A1B7D83AC9F83A9F05
ncalrpc: IUserProfile2
3a9ef155-691d-4449-8d05-09ad57031823
version: v1.0
ncacn_ip_tcp: 67.227.154.194:49154
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\G1E6JQ\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE5BDC8926F2A1B7D83AC9F83A9F05
ncalrpc: IUserProfile2
86d35949-83c9-4044-b424-db363231fd0c
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: schedsvc.dll
ncacn_ip_tcp: 67.227.154.194:49154
ncalrpc: ubpmtaskhostchannel
ncacn_np: \\G1E6JQ\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE5BDC8926F2A1B7D83AC9F83A9F05
ncalrpc: IUserProfile2
378e52b0-c0a9-11cf-822d-00aa0051e40f
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: taskcomp.dll
ncacn_np: \\G1E6JQ\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE5BDC8926F2A1B7D83AC9F83A9F05
ncalrpc: IUserProfile2
1ff70682-0a51-30e8-076d-740be8cee98b
version: v1.0
protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
provider: taskcomp.dll
ncacn_np: \\G1E6JQ\PIPE\atsvc
ncalrpc: senssvc
ncalrpc: OLE5BDC8926F2A1B7D83AC9F83A9F05
ncalrpc: IUserProfile2
0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53
version: v1.0
provider: schedsvc.dll
ncalrpc: senssvc
ncalrpc: OLE5BDC8926F2A1B7D83AC9F83A9F05
ncalrpc: IUserProfile2
2eb08e3e-639f-4fba-97b1-14f878961076
version: v1.0
annotation: Group Policy RPC Interface
provider: gpsvc.dll
ncalrpc: LRPC-57a33445ea40d2d6b1
7ea70bcf-48af-4f6a-8968-6a440754d5fa
version: v1.0
annotation: NSI server endpoint
provider: nsisvc.dll
ncalrpc: LRPC-47023d913070827dac
ncalrpc: OLE3C88F3EF05006ADAFDA4A73DA335
b2507c30-b126-494a-92ac-ee32b6eeb039
version: v1.0
ncalrpc: LRPC-2220d6225beaf88eb7
2fb92682-6599-42dc-ae13-bd2ca89bd11c
version: v1.0
annotation: Fw APIs
provider: MPSSVC.dll
ncalrpc: LRPC-c471c66ae31ec04eb0
ncalrpc: LRPC-bb00250cd991bdf699
f47433c3-3e9d-4157-aad4-83aa1f5c2d4c
version: v1.0
annotation: Fw APIs
ncalrpc: LRPC-c471c66ae31ec04eb0
ncalrpc: LRPC-bb00250cd991bdf699
7f9d11bf-7fb9-436b-a812-b2d50c5d4c03
version: v1.0
annotation: Fw APIs
provider: MPSSVC.dll
ncalrpc: LRPC-c471c66ae31ec04eb0
ncalrpc: LRPC-bb00250cd991bdf699
dd490425-5325-4565-b774-7e27d6c09c24
version: v1.0
annotation: Base Firewall Engine API
provider: BFE.DLL
ncalrpc: LRPC-bb00250cd991bdf699
7f1343fe-50a9-4927-a778-0c5859517bac
version: v1.0
annotation: DfsDs service
ncacn_np: \\G1E6JQ\PIPE\wkssvc
ncalrpc: LRPC-06148052531cfacca8
ncalrpc: DNSResolver
eb081a0d-10ee-478a-a1dd-50995283e7a8
version: v3.0
annotation: Witness Client Test Interface
ncalrpc: LRPC-06148052531cfacca8
ncalrpc: DNSResolver
f2c9b409-c1c9-4100-8639-d8ab1486694a
version: v1.0
annotation: Witness Client Upcall Server
ncalrpc: LRPC-06148052531cfacca8
ncalrpc: DNSResolver
76f03f96-cdfd-44fc-a22c-64950a001209
version: v1.0
protocol: [MS-PAR]: Print System Asynchronous Remote Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 67.227.154.194:49155
ncalrpc: LRPC-4819657c1ed15a2b4e
4a452661-8290-4b36-8fbe-7f4093a94978
version: v1.0
provider: spoolsv.exe
ncacn_ip_tcp: 67.227.154.194:49155
ncalrpc: LRPC-4819657c1ed15a2b4e
ae33069b-a2a8-46ee-a235-ddfd339be281
version: v1.0
protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 67.227.154.194:49155
ncalrpc: LRPC-4819657c1ed15a2b4e
0b6edbfa-4a24-4fc6-8a23-942b1eca65d1
version: v1.0
protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 67.227.154.194:49155
ncalrpc: LRPC-4819657c1ed15a2b4e
12345678-1234-abcd-ef00-0123456789ab
version: v1.0
protocol: [MS-RPRN]: Print System Remote Protocol
provider: spoolsv.exe
ncacn_ip_tcp: 67.227.154.194:49155
ncalrpc: LRPC-4819657c1ed15a2b4e
12345778-1234-abcd-ef00-0123456789ac
version: v1.0
protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
provider: samsrv.dll
ncacn_ip_tcp: 67.227.154.194:49162
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\G1E6JQ\pipe\lsass
b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86
version: v2.0
annotation: KeyIso
ncalrpc: samss lpc
ncalrpc: SidKey Local End Point
ncalrpc: protected_storage
ncalrpc: lsasspirpc
ncalrpc: lsapolicylookup
ncalrpc: LSA_EAS_ENDPOINT
ncalrpc: lsacap
ncalrpc: LSARPC_ENDPOINT
ncalrpc: securityevent
ncalrpc: audit
ncacn_np: \\G1E6JQ\pipe\lsass
6b5bdd1e-528c-422c-af8c-a4079be4fe48
version: v1.0
annotation: Remote Fw APIs
protocol: [MS-FASP]: Firewall and Advanced Security Protocol
provider: FwRemoteSvr.dll
ncacn_ip_tcp: 67.227.154.194:49158
367abb81-9844-35f1-ad32-98f038001003
version: v2.0
protocol: [MS-SCMR]: Service Control Manager Remote Protocol
provider: services.exe
ncacn_ip_tcp: 67.227.154.194:49172
76209fe5-9049-4336-ba84-632d907cb154
version: v1.0
annotation: Interprocess Logon Service
ncalrpc: ReportingServices$MSRS12.MSSQLSERVER
ncalrpc: OLEBC1B9CCD7A31AB92665352FE71FF
906b0ce0-c70b-1067-b317-00dd010662da
version: v1.0
protocol: [MS-CMPO]: MSDTC Connection Manager:
provider: msdtcprx.dll
ncacn_ip_tcp: 67.227.154.194:49242
ncalrpc: LRPC-cc0656609c2e0a9cb1
ncacn_ip_tcp: 67.227.154.194:49242
ncalrpc: LRPC-cc0656609c2e0a9cb1
ncacn_ip_tcp: 67.227.154.194:49242
ncalrpc: LRPC-cc0656609c2e0a9cb1
12e65dd8-887f-41ef-91bf-8d816c42c2e7
version: v1.0
annotation: Secure Desktop LRPC interface
provider: winlogon.exe
ncalrpc: WMsgKRpc0223098F42
9435cc56-1d9c-4924-ac7d-b60a2c3520e1
version: v1.0
annotation: SPPSVC Default RPC Interface
provider: sppsvc.exe
ncalrpc: SPPCTransportEndpoint-00001
143 /
tcp
-1563716930 | 2025-03-15T21:46:31.577710
* OK IMAP4rev1 server ready at 03/16/25 01:46:31
* CAPABILITY IMAP4rev1 IMAP4 AUTH=LOGIN AUTH=CRAM-MD5 IDLE CHILDREN UIDPLUS
A001 OK CAPABILITY completed
A002 BAD UNKNOWN Command
A003 BAD UNKNOWN Command
* BYE IMAP4rev1 server terminating connection
A004 OK LOGOUT Initiated
587 /
tcp
-1814612851 | 2025-03-05T21:16:50.628902
220 app.medgress.com ESMTP MailEnable Service, Version: 10.46-- ready at 03/06/25 01:16:48
250-app.medgress.com [224.165.210.22], this server offers 4 extensions
250-AUTH LOGIN
250-SIZE 40960000
250-HELP
250 AUTH=LOGIN
-1954288346 | 2025-03-15T07:34:25.785077
HTTP/1.1 200 OK
Content-Length: 2162
Content-Type: text/html
Last-Modified: Sat, 27 Jun 2020 02:42:36 GMT
Accept-Ranges: bytes
ETag: "1d64c2c9d93fe72"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: *
Date: Sat, 15 Mar 2025 07:34:25 GMT
Vulnerabilities
1489525118 | 2025-02-27T15:31:58.284148
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 27 Feb 2025 15:31:58 GMT
Connection: close
Content-Length: 315
WinRM NTLM Info:
OS: Windows Server 2012 R2
OS Build: 6.3.9600
Target Name: G1E6JQ
NetBIOS Domain Name: G1E6JQ
NetBIOS Computer Name: G1E6JQ
DNS Domain Name: G1E6JQ
FQDN: G1E6JQ
-1879421078 | 2025-03-14T12:35:35.636962
<empty title>
HTTP/1.1 403 Forbidden
Date: Fri, 14 Mar 2025 12:35:35 GMT
X-Content-Type-Options: nosniff
Set-Cookie: JSESSIONID.d5bc91a7=node0mbhnjre0p12x1252opp06gwfz3595.node0; Path=/; HttpOnly
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=utf-8
X-Hudson: 1.395
X-Jenkins: 2.283
X-Jenkins-Session: 5a082de5
Content-Length: 548
Server: Jetty(9.4.38.v20210224)
Vulnerabilities
-1356382964 | 2025-03-12T05:59:06.935855
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate,post-check=0, pre-check=0
Pragma: no-cache
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Expires: Fri, 28 May 1999 00:00:00 GMT
Last-Modified: Wed, 12 Mar 2025 05:59:06 GMT
Server: Microsoft-IIS/8.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Powered-By: ASP.NET
Date: Wed, 12 Mar 2025 05:59:06 GMT
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:9d:0a:95:8c:cb:30:d6:43:c7:4c:09:88:2a:6b:84:16:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, O=Let's Encrypt, CN=R10
Validity
Not Before: Feb 25 17:52:39 2025 GMT
Not After : May 26 17:52:38 2025 GMT
Subject: CN=app.medgress.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b6:b1:40:15:cf:67:a6:c7:6c:bd:4c:0b:f5:99:
52:b7:21:1d:fb:db:a0:89:eb:7a:ac:29:39:84:47:
1d:dc:68:06:bf:36:bc:a0:a0:99:f4:08:73:63:6f:
ae:99:2d:11:e9:1a:ff:97:7a:60:8e:f5:69:44:06:
39:3a:7e:a1:43:82:b5:b3:db:76:bd:bb:55:a5:c3:
c8:a0:15:e6:2c:56:9c:ec:d6:a1:fd:ee:75:77:9f:
80:87:27:91:3c:e4:1b:43:a8:40:ec:97:3c:51:ed:
a6:13:fc:0c:94:49:a5:ea:cc:6f:27:b3:54:b3:03:
31:29:e5:a4:3a:ec:d6:a7:00:01:2b:9f:03:a4:53:
f4:17:c5:ab:39:17:88:f0:31:19:24:1e:19:38:c1:
5f:52:56:7a:4f:78:a9:78:90:e2:34:74:40:57:72:
0d:0a:5d:01:e2:6c:12:e2:6d:bb:29:46:a9:e9:c5:
9e:a3:8b:87:97:2e:18:56:7f:81:2b:e9:d4:7f:0f:
71:88:7c:11:aa:43:51:ff:cb:e8:06:f7:18:db:84:
2f:fe:89:9b:a1:7f:28:58:6a:4c:82:a4:7c:86:ac:
cd:d4:45:c7:44:b5:25:06:7d:fd:48:c1:1d:48:61:
e9:b9:d5:21:a2:d7:09:0f:19:3b:30:39:ca:71:7e:
d4:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Subject Key Identifier:
B0:B2:3F:1E:1A:53:FB:AA:A2:BE:3F:71:B4:DF:8A:08:8B:31:01:B6
X509v3 Authority Key Identifier:
BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8
Authority Information Access:
OCSP - URI:http://r10.o.lencr.org
CA Issuers - URI:http://r10.i.lencr.org/
X509v3 Subject Alternative Name:
DNS:app.medgress.com
X509v3 Certificate Policies:
Policy: 2.23.140.1.2.1
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
Timestamp : Feb 25 18:51:09.928 2025 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:38:E4:F8:6F:1C:C4:13:D0:73:AF:4B:DD:
2A:CA:F1:19:D8:54:3B:A6:F2:74:F6:07:57:2E:24:64:
A3:A6:BC:2B:02:21:00:D5:0F:1F:80:A8:76:F3:3D:30:
9A:17:05:BE:E2:64:65:CE:67:A9:CD:F1:BD:63:2D:95:
F2:D2:5B:D7:1F:F6:AC
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : E0:92:B3:FC:0C:1D:C8:E7:68:36:1F:DE:61:B9:96:4D:
0A:52:78:19:8A:72:D6:72:C4:B0:4D:A5:6D:6F:54:04
Timestamp : Feb 25 18:51:10.193 2025 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:E2:C3:C4:D5:06:8E:24:7F:F1:2B:02:
C9:8A:86:23:A5:A9:89:75:FC:8A:DE:B1:C2:D7:2B:FD:
E4:BD:F5:A0:2E:02:20:5A:77:94:B8:F7:CF:F0:F6:BC:
5E:A8:55:F5:1A:89:39:17:D5:D0:27:52:8E:9B:08:BB:
F5:73:FC:21:7F:8B:4D
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
cd:18:b7:07:57:2d:86:79:00:b0:48:08:70:ea:9c:80:c7:f4:
85:33:aa:55:fd:99:cd:a2:5d:15:d2:06:6e:ae:76:c9:81:ff:
2a:eb:22:a4:85:d4:6e:87:d3:3d:05:35:49:93:1e:3e:1f:72:
22:15:0a:56:59:73:6e:0d:3d:1c:cd:0b:20:04:1f:d0:db:12:
f5:39:8c:3d:d7:8e:ae:1e:d0:a4:95:81:f0:06:c2:a5:92:20:
35:7c:f3:ae:bd:7e:19:d0:2d:d5:f8:2e:5d:50:27:97:78:ba:
b8:a7:0c:97:6f:ad:c2:00:0c:e2:3a:47:df:82:d1:2c:39:b4:
12:02:f0:ca:55:2f:56:df:b0:b0:39:a3:5f:d2:39:82:30:30:
be:28:b9:e6:c0:81:c4:8f:79:b9:4c:ae:56:65:64:61:96:d2:
8b:68:7b:5d:c1:56:aa:99:53:92:3b:b3:a7:43:5d:fa:50:f2:
d4:dc:59:db:4a:59:32:1a:45:0a:d2:b4:42:33:e6:09:6d:0a:
fb:97:ef:cb:df:35:99:8b:9d:fa:6b:b3:16:4b:74:5a:6d:d6:
23:dc:6f:37:20:03:ae:29:10:f6:fb:23:cd:5c:de:93:a5:ef:
2e:35:de:82:40:fa:05:9e:6e:e0:ab:6e:13:a4:ea:cd:5b:fe:
43:51:98:c8
Vulnerabilities
48087227 | 2025-03-16T13:00:10.752721
HTTP/1.1 303 See Other
Cache-Control: no-store, no-cache, must-revalidate,post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Expires: Fri, 28 May 1999 00:00:00 GMT
Last-Modified: Sun, 16 Mar 2025 13:00:10 GMT
Location: http://67.227.154.194/login.php
Server: Microsoft-IIS/8.5
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Powered-By: ASP.NET
Date: Sun, 16 Mar 2025 13:00:09 GMT
Content-Length: 154
<head><title>Document Moved</title></head>
<body><h1>Object Moved</h1>This document may be found <a HREF="http://67.227.154.194/login.php">here</a></body>
Vulnerabilities
<empty title>
