2066919079 | 2024-10-21T13:29:31.365462
25 /
tcp
220 mail.herma-jo.com
250-mail-2.herma-jo.com Hello [224.129.170.12]
250-SIZE 37748736
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-X-ANONYMOUSTLS
250-AUTH NTLM
250-X-EXPS GSSAPI NTLM
250-8BITMIME
250-BINARYMIME
250-CHUNKING
250-SMTPUTF8
250 XRDST
SMTP NTLM Info:
OS: Windows Server 2022
OS Build: 10.0.20348
Target Name: HERMA-JO
NetBIOS Domain Name: HERMA-JO
NetBIOS Computer Name: MAIL-2
DNS Domain Name: herma-jo.com
DNS Tree Name: herma-jo.com
FQDN: mail-2.herma-jo.com
488928102 | 2024-10-25T12:21:17.993367
80 /
tcp
HTTP/1.1 403 Forbidden
Server: Microsoft-IIS/10.0
Date: Fri, 25 Oct 2024 12:20:36 GMT
Content-Length: 0
835095092 | 2024-10-26T18:08:11.895207
443 /
tcp
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/10.0
request-id: 4246ded3-e655-4595-9677-7a14e992f99f
X-Frame-Options: SAMEORIGIN
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Sat, 26 Oct 2024 18:07:29 GMT
Content-Length: 58713
Microsoft Exchange:
Name: Exchange Server 2019 CU13 (2023H1)
Build Number: 15.2.1258.12
Build Date: May 3, 2023
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:24:5e:14:3f:39:f7:9f:04:7e:5f:b5:60:84:3e:3e:06:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, O=Let's Encrypt, CN=R10
Validity
Not Before: Sep 7 07:36:20 2024 GMT
Not After : Dec 6 07:36:19 2024 GMT
Subject: CN=mail.herma-jo.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (3072 bit)
Modulus:
00:9c:25:32:a2:38:97:4b:ea:7d:25:d7:72:5c:03:
49:fd:a8:f9:97:f8:cc:2e:fa:7a:f7:15:ef:24:03:
98:f8:d6:29:d4:11:75:30:aa:6c:f5:85:8e:ca:f8:
c4:95:a8:cb:83:23:cd:35:ea:c3:02:49:51:26:82:
d3:76:37:62:bd:0f:79:4a:8f:2d:93:de:40:73:08:
09:a6:19:15:f8:44:72:f0:f2:af:ee:e0:72:6e:d8:
db:4b:4b:7e:85:1c:80:e9:2f:03:57:35:09:92:e9:
81:78:74:33:ce:49:67:e5:e4:dc:e8:b3:a9:68:6f:
65:2d:ac:b6:2b:19:40:e6:01:40:b0:5f:a7:e2:d0:
78:5a:df:6a:a0:53:5c:25:26:c5:19:11:df:53:76:
b1:8f:5d:9d:54:79:0c:e9:7b:96:8e:23:1b:a5:98:
ac:25:01:f6:59:9c:da:71:83:6b:1d:cd:f8:c5:bd:
d1:5c:cb:64:54:95:89:8e:b4:d6:f2:cb:79:3e:ec:
fb:4f:a2:54:55:2c:e5:7b:ba:57:a7:8e:31:7b:fa:
b1:30:31:86:61:9e:5e:9a:d5:22:41:98:bf:98:ed:
e0:b7:83:9c:a3:ef:28:1f:23:b7:0a:d4:9b:6b:2f:
30:63:ee:85:f6:f5:41:1e:42:86:22:ce:bf:a8:4f:
b1:3f:16:19:f7:99:89:06:f0:08:02:c6:ff:9b:cc:
5f:8f:4c:e3:8e:60:e6:4c:62:92:18:7f:de:ed:58:
02:c3:0f:de:1b:63:ea:0e:42:e8:78:dc:58:d6:3e:
9f:13:28:89:94:ca:f5:32:08:65:0e:d4:66:fb:73:
9c:41:d8:dd:2f:43:43:da:72:72:96:ec:6e:22:85:
b7:e7:f5:66:42:11:5b:c1:1b:0a:47:70:24:87:85:
77:98:5c:0b:f9:e5:a8:f2:e0:dd:31:e7:c1:56:af:
b5:f6:12:d7:1a:a2:bd:f4:b6:dc:2b:47:5f:bc:60:
42:80:c4:f9:f2:ad:0e:1f:bf:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Subject Key Identifier:
18:88:EA:41:6F:73:16:C3:C0:B4:EA:24:66:0D:F5:36:55:1D:5C:AD
X509v3 Authority Key Identifier:
BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8
Authority Information Access:
OCSP - URI:http://r10.o.lencr.org
CA Issuers - URI:http://r10.i.lencr.org/
X509v3 Subject Alternative Name:
DNS:autodiscover.herma-jo.com, DNS:autodiscover.herma.me, DNS:mail.herma-jo.com
X509v3 Certificate Policies:
Policy: 2.23.140.1.2.1
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
Timestamp : Sep 7 08:34:50.390 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:2E:49:74:23:A5:19:88:0D:3A:8D:91:DA:
20:DF:4B:58:57:EA:D9:27:28:C2:09:A9:81:FB:85:19:
BC:4A:7F:F8:02:20:1B:ED:0B:99:10:9C:3C:F5:CE:F7:
A5:44:F1:F4:F0:D8:72:65:1E:BC:C9:74:57:6D:21:0F:
88:2B:CA:12:D4:FB
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
Timestamp : Sep 7 08:34:50.385 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:A3:0F:7F:FE:DB:F7:BC:89:5C:9B:9E:
9C:C3:01:11:11:D4:F5:0A:F1:67:E9:6C:15:18:46:47:
38:DB:55:63:65:02:21:00:F1:3D:28:3E:21:31:D5:29:
6B:AA:92:2F:66:16:E5:FE:B6:30:0E:2E:A2:26:8E:93:
4E:1A:AE:53:7A:65:E4:7B
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
97:e7:34:56:9f:7c:37:da:1c:79:ea:a4:84:37:f3:91:27:b9:
57:4c:bf:b5:e9:1e:a1:ba:3b:e6:7d:66:3e:dd:73:07:3e:de:
fa:68:fd:20:7d:c7:6b:0a:b4:5f:70:60:0d:2f:df:1e:f4:1b:
74:7b:cf:2d:e8:03:f2:94:73:78:d2:30:a6:a2:66:09:c6:ef:
72:57:f6:0b:0b:e2:bb:7d:c9:66:d0:fe:1a:8b:75:a1:b3:46:
14:db:2f:51:50:b1:9e:e8:06:df:ac:73:01:d9:07:ce:82:a1:
fe:ce:7c:68:03:2c:91:cb:34:fd:e3:c4:48:2c:aa:21:c9:cc:
b1:37:f3:f6:8f:5b:19:0f:c7:f5:27:e6:d7:47:bb:78:b9:39:
a1:60:8e:c6:2a:cd:11:76:b3:7b:0f:ec:b6:a0:f2:d2:96:4b:
83:f1:ba:57:55:e7:88:72:dd:8f:83:60:f8:92:4f:ed:69:58:
7a:b7:0a:69:10:b8:89:81:f7:82:b0:65:53:96:4a:3e:6c:73:
a5:fc:03:a1:06:d4:e5:86:f6:1a:61:48:80:b3:aa:7c:fe:99:
52:db:a4:b9:9e:90:69:a8:5f:0e:31:07:5b:cf:f7:c0:59:3c:
eb:d8:43:c7:06:dc:b1:58:57:96:47:89:17:e1:12:a6:50:ea:
fa:58:18:39
1539077297 | 2024-10-20T01:54:17.348100
500 /
udp
VPN (IKE)
Initiator SPI: 35307a3939636576
Responder SPI: 3036783162776b36
Next Payload: RESERVED
Version: 2.0
Exchange Type: DOI Specific Use
Flags:
Encryption: False
Commit: False
Authentication: False
Message ID: 00000000
Length: 36