Hostnames |
autodiscover.harveast.com mail.harveast.com smtp.harveast.com |
Domains | harveast.com |
Cloud Provider | Azure |
Cloud Region | northeurope |
Cloud Service | AzureCloud |
Country | Ireland |
City | Dublin |
Organization | Microsoft Corporation |
ISP | Microsoft Corporation |
ASN | AS8075 |
Operating System | Windows (build 6.1.7601) |
-2039468747 | 2024-09-14T15:11:37.64682125 / tcp
220 smtp.harveast.com 250-AZ-EXCH-1.HarvEast.lan Hello [224.92.194.224] 250-SIZE 250-PIPELINING 250-DSN 250-ENHANCEDSTATUSCODES 250-X-ANONYMOUSTLS 250-AUTH NTLM LOGIN 250-X-EXPS GSSAPI NTLM 250-8BITMIME 250-BINARYMIME 250-CHUNKING 250-XEXCH50 250-XRDST 250 XSHADOW SMTP NTLM Info: OS: Windows 7/Windows Server 2008 R2 OS Build: 6.1.7601 Target Name: HARVEAST NetBIOS Domain Name: HARVEAST NetBIOS Computer Name: AZ-EXCH-1 DNS Domain Name: HarvEast.lan DNS Tree Name: HarvEast.lan FQDN: AZ-EXCH-1.HarvEast.lan
-985096807 | 2024-09-06T22:58:36.02239480 / tcp
HTTP/1.1 403 Forbidden Content-Type: text/html Server: Microsoft-IIS/7.5 X-Powered-By: ASP.NET Date: Fri, 06 Sep 2024 22:58:35 GMT Content-Length: 1233
415727626 | 2024-09-12T08:07:06.497726135 / tcp
Microsoft RPC Endpoint Mapper d95afe70-a6d5-4259-822e-2c84da1ddb0d version: v1.0 protocol: [MS-RSP]: Remote Shutdown Protocol provider: wininit.exe ncacn_ip_tcp: 10.78.78.8:6006 ncalrpc: WindowsShutdown ncacn_np: \\AZ-EXCH-1\PIPE\InitShutdown ncalrpc: WMsgKRpc090180 76f226c3-ec14-4325-8a99-6a46348418af version: v1.0 provider: winlogon.exe ncalrpc: WindowsShutdown ncacn_np: \\AZ-EXCH-1\PIPE\InitShutdown ncalrpc: WMsgKRpc090180 ncalrpc: WMsgKRpc092521 ncalrpc: WMsgKRpc0D99E9CF2 ncalrpc: WMsgKRpc96EA15DAB c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 version: v1.0 annotation: Impl friendly name provider: sysntfy.dll ncalrpc: LRPC-502f87370bb34c6d93 ncacn_np: \\AZ-EXCH-1\PIPE\srvsvc ncacn_ip_tcp: 10.78.78.8:6008 ncacn_np: \\AZ-EXCH-1\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE0903590892F943F59BA62BA79C41 ncalrpc: IUserProfile2 ncalrpc: senssvc ncalrpc: OLE0903590892F943F59BA62BA79C41 ncalrpc: IUserProfile2 ncalrpc: OLE0903590892F943F59BA62BA79C41 ncalrpc: IUserProfile2 ncalrpc: IUserProfile2 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6 version: v1.0 annotation: DHCPv6 Client LRPC Endpoint provider: dhcpcsvc6.dll ncalrpc: dhcpcsvc6 ncalrpc: dhcpcsvc ncacn_ip_tcp: 10.78.78.8:6007 ncacn_np: \\AZ-EXCH-1\pipe\eventlog ncalrpc: eventlog 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5 version: v1.0 annotation: DHCP Client LRPC Endpoint provider: dhcpcsvc.dll ncalrpc: dhcpcsvc ncacn_ip_tcp: 10.78.78.8:6007 ncacn_np: \\AZ-EXCH-1\pipe\eventlog ncalrpc: eventlog 30adc50c-5cbc-46ce-9a0e-91914789e23c version: v1.0 annotation: NRP server endpoint provider: nrpsrv.dll ncacn_ip_tcp: 10.78.78.8:6007 ncacn_np: \\AZ-EXCH-1\pipe\eventlog ncalrpc: eventlog f6beaff7-1e19-4fbb-9f8f-b89e2018337c version: v1.0 annotation: Event log TCPIP protocol: [MS-EVEN6]: EventLog Remoting Protocol provider: wevtsvc.dll ncacn_ip_tcp: 10.78.78.8:6007 ncacn_np: \\AZ-EXCH-1\pipe\eventlog ncalrpc: eventlog 58e604e8-9adb-4d2e-a464-3b0683fb1480 version: v1.0 annotation: AppInfo provider: appinfo.dll ncacn_np: \\AZ-EXCH-1\PIPE\srvsvc ncacn_ip_tcp: 10.78.78.8:6008 ncacn_np: \\AZ-EXCH-1\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE0903590892F943F59BA62BA79C41 ncalrpc: IUserProfile2 fd7a0523-dc70-43dd-9b2e-9c5ed48225b1 version: v1.0 annotation: AppInfo provider: appinfo.dll ncacn_np: \\AZ-EXCH-1\PIPE\srvsvc ncacn_ip_tcp: 10.78.78.8:6008 ncacn_np: \\AZ-EXCH-1\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE0903590892F943F59BA62BA79C41 ncalrpc: IUserProfile2 5f54ce7d-5b79-4175-8584-cb65313a0e98 version: v1.0 annotation: AppInfo provider: appinfo.dll ncacn_np: \\AZ-EXCH-1\PIPE\srvsvc ncacn_ip_tcp: 10.78.78.8:6008 ncacn_np: \\AZ-EXCH-1\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE0903590892F943F59BA62BA79C41 ncalrpc: IUserProfile2 201ef99a-7fa0-444c-9399-19ba84f12a1a version: v1.0 annotation: AppInfo provider: appinfo.dll ncacn_np: \\AZ-EXCH-1\PIPE\srvsvc ncacn_ip_tcp: 10.78.78.8:6008 ncacn_np: \\AZ-EXCH-1\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE0903590892F943F59BA62BA79C41 ncalrpc: IUserProfile2 30b044a5-a225-43f0-b3a4-e060df91f9c1 version: v1.0 provider: certprop.dll ncacn_np: \\AZ-EXCH-1\PIPE\srvsvc ncacn_ip_tcp: 10.78.78.8:6008 ncacn_np: \\AZ-EXCH-1\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE0903590892F943F59BA62BA79C41 ncalrpc: IUserProfile2 98716d03-89ac-44c7-bb8c-285824e51c4a version: v1.0 annotation: XactSrv service provider: srvsvc.dll ncacn_ip_tcp: 10.78.78.8:6008 ncacn_np: \\AZ-EXCH-1\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE0903590892F943F59BA62BA79C41 ncalrpc: IUserProfile2 552d076a-cb29-4e44-8b6a-d15e59e2c0af version: v1.0 annotation: IP Transition Configuration endpoint provider: iphlpsvc.dll ncacn_ip_tcp: 10.78.78.8:6008 ncacn_np: \\AZ-EXCH-1\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE0903590892F943F59BA62BA79C41 ncalrpc: IUserProfile2 a398e520-d59a-4bdd-aa7a-3c1e0303a511 version: v1.0 annotation: IKE/Authip API provider: IKEEXT.DLL ncacn_ip_tcp: 10.78.78.8:6008 ncacn_np: \\AZ-EXCH-1\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE0903590892F943F59BA62BA79C41 ncalrpc: IUserProfile2 86d35949-83c9-4044-b424-db363231fd0c version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: schedsvc.dll ncacn_ip_tcp: 10.78.78.8:6008 ncacn_np: \\AZ-EXCH-1\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE0903590892F943F59BA62BA79C41 ncalrpc: IUserProfile2 378e52b0-c0a9-11cf-822d-00aa0051e40f version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: taskcomp.dll ncacn_np: \\AZ-EXCH-1\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE0903590892F943F59BA62BA79C41 ncalrpc: IUserProfile2 1ff70682-0a51-30e8-076d-740be8cee98b version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: taskcomp.dll ncacn_np: \\AZ-EXCH-1\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE0903590892F943F59BA62BA79C41 ncalrpc: IUserProfile2 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53 version: v1.0 provider: schedsvc.dll ncalrpc: senssvc ncalrpc: OLE0903590892F943F59BA62BA79C41 ncalrpc: IUserProfile2 2eb08e3e-639f-4fba-97b1-14f878961076 version: v1.0 provider: gpsvc.dll ncalrpc: OLE0903590892F943F59BA62BA79C41 ncalrpc: IUserProfile2 24019106-a203-4642-b88d-82dae9158929 version: v1.0 provider: authui.dll ncalrpc: LRPC-7614a76d1788a0c45d 3473dd4d-2e88-4006-9cba-22570909dd10 version: v5.256 annotation: WinHttp Auto-Proxy Service ncacn_np: \\AZ-EXCH-1\PIPE\W32TIME_ALT ncalrpc: W32TIME_ALT ncalrpc: LRPC-9695fcddda9252b961 ncalrpc: OLE96623223F66D4F1FBAB68EB5BA55 7ea70bcf-48af-4f6a-8968-6a440754d5fa version: v1.0 annotation: NSI server endpoint provider: nsisvc.dll ncalrpc: LRPC-9695fcddda9252b961 ncalrpc: OLE96623223F66D4F1FBAB68EB5BA55 2fb92682-6599-42dc-ae13-bd2ca89bd11c version: v1.0 annotation: Fw APIs provider: MPSSVC.dll ncalrpc: LRPC-527183581564d9a545 7f9d11bf-7fb9-436b-a812-b2d50c5d4c03 version: v1.0 annotation: Fw APIs provider: MPSSVC.dll ncalrpc: LRPC-527183581564d9a545 dd490425-5325-4565-b774-7e27d6c09c24 version: v1.0 annotation: Base Firewall Engine API provider: BFE.DLL ncalrpc: LRPC-527183581564d9a545 7f1343fe-50a9-4927-a778-0c5859517bac version: v1.0 annotation: DfsDs service ncacn_np: \\AZ-EXCH-1\PIPE\wkssvc ncalrpc: DNSResolver 4a452661-8290-4b36-8fbe-7f4093a94978 version: v1.0 annotation: Spooler function endpoint provider: spoolsv.exe ncalrpc: spoolss ae33069b-a2a8-46ee-a235-ddfd339be281 version: v1.0 annotation: Spooler base remote object endpoint protocol: [MS-PAN]: Print System Asynchronous Notification Protocol provider: spoolsv.exe ncalrpc: spoolss 0b6edbfa-4a24-4fc6-8a23-942b1eca65d1 version: v1.0 annotation: Spooler function endpoint protocol: [MS-PAN]: Print System Asynchronous Notification Protocol provider: spoolsv.exe ncalrpc: spoolss 50abc2a4-574d-40b3-9d66-ee4fd5fba076 version: v5.0 protocol: [MS-DNSP]: Domain Name Service (DNS) Server Management provider: dns.exe ncacn_ip_tcp: 10.78.78.8:6029 b9fadb8d-53a1-41d7-b763-88d884b6b829 version: v1.0 annotation: Microsoft Exchange Topology Information Server RPC Interface ncalrpc: LRPC-8a92aa0c4ee4aaabde ncacn_ip_tcp: 10.78.78.8:21509 88d01b61-c20b-4dc0-a4d9-1d72952e42b8 version: v1.256 annotation: Microsoft Exchange Forms Based Authentication RPC Interface ncalrpc: LRPC-4db0ec7e9155779a07 ncacn_ip_tcp: 10.78.78.8:21511 b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86 version: v1.0 annotation: KeyIso provider: keyiso.dll ncacn_ip_tcp: 10.78.78.8:21512 ncalrpc: samss lpc ncalrpc: dsrole ncacn_np: \\AZ-EXCH-1\PIPE\protected_storage ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncalrpc: LRPC-6eba68d9ca357a8c79 ncacn_np: \\AZ-EXCH-1\pipe\lsass 12345778-1234-abcd-ef00-0123456789ac version: v1.0 protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol provider: samsrv.dll ncacn_ip_tcp: 10.78.78.8:21512 ncalrpc: samss lpc ncalrpc: dsrole ncacn_np: \\AZ-EXCH-1\PIPE\protected_storage ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncalrpc: LRPC-6eba68d9ca357a8c79 ncacn_np: \\AZ-EXCH-1\pipe\lsass 1544f5e0-613c-11d1-93df-00c04fd7bd09 version: v1.0 annotation: Microsoft Exchange RFR Interface protocol: [MS-OXABREF]: Address Book Name Service Provider Interface (NSPI) Referral Protocol ncacn_ip_http: 10.78.78.8:6002 ncacn_ip_http: 10.78.78.8:6004 ncacn_ip_tcp: 10.78.78.8:28359 f5cc5a18-4264-101a-8c59-08002b2f8426 version: v56.0 annotation: Microsoft Exchange NSP Interface protocol: [MS-NSPI]: Name Service Provider Interface (NSPI) Protocol provider: ntdsai.dll ncacn_ip_http: 10.78.78.8:6002 ncacn_ip_http: 10.78.78.8:6004 ncacn_ip_tcp: 10.78.78.8:28359 f1f21151-7185-4170-ac8d-9bb077c29bd3 version: v1.0 ncalrpc: LRPC-32cce24e9cf0b9f590 ncacn_ip_tcp: 10.78.78.8:28369 938fe036-ede6-4f6c-966e-a3d7300279c8 version: v0.256 annotation: Exchange Server STORE EMSMDBPOOL Interface ncalrpc: OLE9F981DB6070946BDA066ABDF9A0D ncalrpc: MSExchangeIS_LPC ncacn_ip_http: 10.78.78.8:6003 ncacn_ip_tcp: 10.78.78.8:28455 31e68719-d4fc-401a-8788-bc56169a336b version: v0.256 annotation: Exchange Server STORE Async EMSMDBMT Interface ncalrpc: OLE9F981DB6070946BDA066ABDF9A0D ncalrpc: MSExchangeIS_LPC ncacn_ip_http: 10.78.78.8:6003 ncacn_ip_tcp: 10.78.78.8:28455 df831451-edad-415d-905f-9d3793f92db3 version: v0.20736 annotation: Exchange Server STORE EMSMDBMT Interface ncalrpc: OLE9F981DB6070946BDA066ABDF9A0D ncalrpc: MSExchangeIS_LPC ncacn_ip_http: 10.78.78.8:6003 ncacn_ip_tcp: 10.78.78.8:28455 a9e05b20-6f57-4e24-a540-52412017e6ff version: v1.0 annotation: Microsoft Information Store ncalrpc: MSExchangeIS_LPC ncacn_ip_tcp: 10.78.78.8:28455 0e4a0156-dd5d-11d2-8c2f-00c04fb6bcde version: v1.0 annotation: Microsoft Information Store ncalrpc: MSExchangeIS_LPC ncacn_ip_tcp: 10.78.78.8:28455 bf6dd426-77b4-44b3-984e-d413fc075562 version: v2.0 annotation: Microsoft Information Store ncalrpc: MSExchangeIS_LPC ncacn_ip_tcp: 10.78.78.8:28455 1453c42c-0fa6-11d2-a910-00c04f990f3b version: v1.0 annotation: Microsoft Information Store ncalrpc: MSExchangeIS_LPC ncacn_ip_tcp: 10.78.78.8:28455 10f24e8e-0fa6-11d2-a910-00c04f990f3b version: v1.0 annotation: Microsoft Information Store ncalrpc: MSExchangeIS_LPC ncacn_ip_tcp: 10.78.78.8:28455 da107c01-2b50-44d7-9d5f-bfd4fd8e95ed version: v5.0 annotation: Exchange Server STORE ADMIN Interface ncalrpc: MSExchangeIS_LPC ncacn_ip_http: 10.78.78.8:6003 ncacn_ip_tcp: 10.78.78.8:28455 99e64010-b032-11d0-97a4-00c04fd6551d version: v4.0 annotation: Exchange Server STORE ADMIN Interface ncalrpc: MSExchangeIS_LPC ncacn_ip_http: 10.78.78.8:6003 ncacn_ip_tcp: 10.78.78.8:28455 89742ace-a9ed-11cf-9c0c-08002be7ae86 version: v2.0 annotation: Exchange Server STORE ADMIN Interface ncalrpc: MSExchangeIS_LPC ncacn_ip_http: 10.78.78.8:6003 ncacn_ip_tcp: 10.78.78.8:28455 367abb81-9844-35f1-ad32-98f038001003 version: v2.0 protocol: [MS-SCMR]: Service Control Manager Remote Protocol provider: services.exe ncacn_ip_tcp: 10.78.78.8:28658 3357951c-a1d1-47db-a278-ab945d063d03 version: v1.0 provider: LBService.dll ncacn_ip_tcp: 10.78.78.8:28668 12345678-1234-abcd-ef00-0123456789ab version: v1.0 annotation: IPSec Policy agent endpoint protocol: [MS-RPRN]: Print System Remote Protocol provider: spoolsv.exe ncalrpc: LRPC-56f9d92664d32e1687 906b0ce0-c70b-1067-b317-00dd010662da version: v1.0 protocol: [MS-CMPO]: MSDTC Connection Manager: provider: msdtcprx.dll ncacn_ip_tcp: 10.78.78.8:28681 ncalrpc: LRPC-0436867d29b9f3a783 ncacn_ip_tcp: 10.78.78.8:28681 ncalrpc: LRPC-0436867d29b9f3a783 ncacn_ip_tcp: 10.78.78.8:28681 ncalrpc: LRPC-0436867d29b9f3a783 ncacn_ip_tcp: 10.78.78.8:28681 ncalrpc: LRPC-0436867d29b9f3a783 ncacn_ip_tcp: 10.78.78.8:28682 ncalrpc: LRPC-c262de6e2824f6edd2 ncalrpc: OLE9ECAAD633C87409D8E4C0171D59B 12e65dd8-887f-41ef-91bf-8d816c42c2e7 version: v1.0 annotation: Secure Desktop LRPC interface provider: winlogon.exe ncalrpc: WMsgKRpc0D99E9CF2 ncalrpc: WMsgKRpc96EA15DAB b97db8b2-4c63-11cf-bff6-08002be23f2f version: v3.0 annotation: Microsoft Cluster Server API protocol: [MS-CMRP]: Failover Cluster: ncalrpc: LRPC-cf81a1bc7720a07d1a ncacn_ip_tcp: 10.78.78.8:21809 52d3f3f5-248c-4d74-a01f-a06e41d5cd59 version: v1.0 ncalrpc: LRPC-875b2331b0840760c5 ncacn_ip_tcp: 10.78.78.8:34116 4d88f820-8c32-4453-9e30-7297e2fcf025 version: v1.0 ncalrpc: LRPC-1b6f378c208798e429 ncacn_ip_tcp: 10.78.78.8:34157 3cb4be69-9ba1-448c-9a44-a1f759a1878a version: v1.256 annotation: MS Exchange Recipient Update Service RPC Interface ncalrpc: LRPC-3d7424defe9c3aeac5 ncacn_ip_tcp: 10.78.78.8:34164 f930c514-1215-11d3-99a5-00a0c9b61b04 version: v1.0 annotation: MS Exchange System Attendant Cluster Interface ncalrpc: LRPC-3d7424defe9c3aeac5 ncacn_ip_tcp: 10.78.78.8:34164 83d72bf0-0d89-11ce-b13f-00aa003bac6c version: v6.0 annotation: MS Exchange System Attendant Private Interface ncalrpc: LRPC-3d7424defe9c3aeac5 ncacn_ip_tcp: 10.78.78.8:34164 469d6ec0-0d87-11ce-b13f-00aa003bac6c version: v16.256 annotation: MS Exchange System Attendant Public Interface ncalrpc: LRPC-3d7424defe9c3aeac5 ncacn_ip_tcp: 10.78.78.8:34164 20434699-5e7e-47d6-95f6-698c4a0ec2f0 version: v1.0 ncalrpc: LRPC-72eb6c0160984f7818 ncacn_ip_tcp: 10.78.78.8:34237 d9318e75-8a8b-4abb-88e7-aceb01f09e60 version: v1.0 ncalrpc: LRPC-72eb6c0160984f7818 ncacn_ip_tcp: 10.78.78.8:34237 abb2ba17-588c-4c52-8dd9-c9a7030bdf26 version: v2.0 ncalrpc: LRPC-431d09942d4d497402 ncacn_ip_tcp: 10.78.78.8:34240 ncalrpc: OLE51BFC1A1D7C54C8EBFACE646D8EF 5261574a-4572-206e-b268-6b199213b4e4 version: v0.256 protocol: [MS-OXCRPC]: Wire Format Protocol ncacn_ip_http: 10.78.78.8:6001 ncacn_ip_tcp: 10.78.78.8:34289 a4f1db00-ca47-1067-b31f-00dd010662da version: v0.20736 protocol: [MS-OXCRPC]: Wire Format Protocol ncacn_ip_http: 10.78.78.8:6001 ncacn_ip_tcp: 10.78.78.8:34289 37fc1b02-da36-4b27-a745-bf2f58a98ff6 version: v3.0 ncalrpc: LRPC-cfefb0bb9881b169ad ncacn_ip_tcp: 10.78.78.8:34361 f224209f-9076-40f7-98ad-5416dbfa178e version: v3.0 ncalrpc: LRPC-cfefb0bb9881b169ad ncacn_ip_tcp: 10.78.78.8:34361 33440f02-5ea0-43d2-a706-d8a4dc712c83 version: v1.0 ncalrpc: LRPC-3a642c22593478bcbf 76c0d124-a18e-49d4-adf1-d8c6ba868ea6 version: v1.0 ncalrpc: LRPC-492c02fb5818c7a903 ncacn_ip_tcp: 10.78.78.8:10407 4a020372-bb0a-4031-a5a7-7c6896522c00 version: v1.0 ncalrpc: LRPC-492c02fb5818c7a903 ncacn_ip_tcp: 10.78.78.8:10407 5df3c257-334b-4e96-9efb-a0619255be09 version: v1.0 annotation: 23052 MSExchangeMailSubmission ncalrpc: LRPC-7ff7b0e15d86224b65 ncacn_ip_tcp: 10.78.78.8:10426 ncalrpc: LRPC-7ff7b0e15d86224b65 ncacn_ip_tcp: 10.78.78.8:10426 ncalrpc: LRPC-e97bacce615002a13d ncacn_ip_tcp: 10.78.78.8:64529 ncalrpc: LRPC-e97bacce615002a13d ncacn_ip_tcp: 10.78.78.8:64529 41f5fae1-e0ac-414c-a721-0d287466cb23 version: v1.0 ncalrpc: OLE268296B1F2E54983AD01860C6C47 ncalrpc: LRPC-e97bacce615002a13d ncacn_ip_tcp: 10.78.78.8:64529 640aa52e-d472-443a-952c-4d3fe97f480c version: v1.0 ncalrpc: OLE268296B1F2E54983AD01860C6C47 ncalrpc: LRPC-e97bacce615002a13d ncacn_ip_tcp: 10.78.78.8:64529 bd5790c9-d855-42b0-990f-3dfed8c184b3 version: v1.0 ncalrpc: OLE268296B1F2E54983AD01860C6C47 ncalrpc: LRPC-e97bacce615002a13d ncacn_ip_tcp: 10.78.78.8:64529 8384fc47-956a-4d1e-ab2a-1205014f96ec version: v1.0 ncalrpc: OLE268296B1F2E54983AD01860C6C47 ncalrpc: LRPC-e97bacce615002a13d ncacn_ip_tcp: 10.78.78.8:64529
795009750 | 2024-09-12T10:45:58.846028143 / tcp
* OK The Microsoft Exchange IMAP4 service is ready. * CAPABILITY IMAP4 IMAP4rev1 AUTH=NTLM AUTH=GSSAPI AUTH=PLAIN STARTTLS UIDPLUS CHILDREN IDLE NAMESPACE LITERAL+ A001 OK CAPABILITY completed. A002 BAD Command Error. 12 A003 BAD Command Error. 12 * BYE Microsoft Exchange Server 2010 IMAP4 server signing off. A004 OK LOGOUT completed.
Certificate: Data: Version: 3 (0x2) Serial Number: 03:25:b8:fb:c6:02:3e:aa:67:51:68:7a:c0:40:26:4e:12:fc Signature Algorithm: sha256WithRSAEncryption Issuer: C=US, O=Let's Encrypt, CN=R11 Validity Not Before: Aug 22 05:05:26 2024 GMT Not After : Nov 20 05:05:25 2024 GMT Subject: CN=mail.harveast.com Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (3072 bit) Modulus: 00:dd:cc:df:8d:a0:e9:67:1c:f6:ce:62:6a:4d:c4: c1:9c:e8:7e:0e:ea:b2:07:48:c1:25:af:97:66:9f: 1a:02:eb:6c:a1:fb:01:b2:c4:a2:fc:05:6e:ca:90: b6:c1:ae:39:2b:52:86:b4:01:6f:60:77:a6:3c:db: b0:bb:b0:a2:20:41:86:ef:b7:da:ab:d9:68:62:84: 04:2d:63:c8:fb:b4:22:46:94:26:d3:ef:18:1d:25: 6b:4a:dd:85:4a:0c:32:53:62:d2:3a:7e:4c:84:f7: f3:5d:3e:63:35:29:ec:89:8c:bf:cd:53:47:df:b6: 9f:2f:75:e1:a6:d8:24:dd:97:06:ff:f9:7f:8f:16: 7d:ad:96:16:73:9e:46:65:f6:ab:98:81:f3:18:7c: 08:f9:0e:63:00:cb:44:5c:38:bd:60:6f:42:b4:b3: d0:6d:fc:bb:7a:cc:aa:08:f7:6b:67:32:ae:53:64: d6:8d:d0:85:28:70:41:f3:a1:26:be:1b:18:6f:17: 03:ca:b9:11:5f:a2:65:bd:3e:a1:4a:af:99:42:1f: 97:0e:9b:a3:f0:d7:47:f6:22:9f:45:ff:a8:17:00: 74:50:af:ba:07:8f:55:4a:5d:ca:5a:34:0c:99:9b: e2:57:9d:f4:60:56:1a:1f:64:67:39:d5:51:84:36: 16:c6:48:81:db:32:4b:ed:fa:cd:e5:45:44:3e:74: d7:b5:ee:fb:3b:50:af:e4:ac:36:db:40:04:72:d2: d8:35:91:ab:0b:24:c7:3f:f3:50:fc:3b:e8:fa:2e: e9:be:cf:b3:55:9f:3a:df:24:8f:dd:2f:6c:2e:62: cd:9d:14:8e:b4:1b:4a:71:d8:2d:c4:dd:3a:e5:fc: 18:e4:c0:f6:79:b7:e9:6a:05:87:fe:62:15:2a:fc: de:c4:0a:78:b9:fd:d5:19:97:ad:8c:89:7f:26:e0: 8e:62:87:16:0c:e0:ba:b2:94:3a:48:02:cf:10:1f: 50:46:fc:a7:51:c9:02:92:fa:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Basic Constraints: critical CA:FALSE X509v3 Subject Key Identifier: 33:7A:F1:2C:51:87:37:E9:58:2C:A2:E8:A9:20:97:9C:AF:9D:05:F9 X509v3 Authority Key Identifier: C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9 Authority Information Access: OCSP - URI:http://r11.o.lencr.org CA Issuers - URI:http://r11.i.lencr.org/ X509v3 Subject Alternative Name: DNS:autodiscover.harveast.com, DNS:mail.harveast.com X509v3 Certificate Policies: Policy: 2.23.140.1.2.1 CT Precertificate SCTs: Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12: ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E Timestamp : Aug 22 06:03:56.308 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:21:00:E4:1E:C5:69:32:FD:2D:5F:19:BD:30: A1:89:81:E6:47:A9:FE:A4:67:5D:1D:6D:85:77:80:D9: 83:B4:46:0E:C1:02:20:14:B7:5A:B2:F4:CE:7F:CC:B6: 16:97:6B:88:3A:46:58:65:B9:0B:5A:FC:D6:2A:8C:A3: 13:14:9C:D8:A1:46:D0 Signed Certificate Timestamp: Version : v1 (0x0) Log ID : DF:E1:56:EB:AA:05:AF:B5:9C:0F:86:71:8D:A8:C0:32: 4E:AE:56:D9:6E:A7:F5:A5:6A:01:D1:C1:3B:BE:52:5C Timestamp : Aug 22 06:03:56.496 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:46:02:21:00:CD:1F:10:8D:A9:2C:B1:87:82:90:A9: 95:FB:F7:61:86:B4:63:AB:CB:B6:85:0B:73:52:F6:44: 8C:6A:93:0F:23:02:21:00:D5:A0:D7:39:C2:7E:EA:30: 09:8D:19:D4:B4:95:ED:8B:3D:67:89:69:E9:3F:D8:1B: C1:80:B7:1D:1F:CF:F7:18 Signature Algorithm: sha256WithRSAEncryption Signature Value: ab:c5:d2:8b:cf:1e:18:7e:a8:ce:a5:cc:34:15:31:10:7b:85: f4:28:b7:4b:96:a3:ea:17:97:c4:71:60:a7:fd:5a:27:8d:f8: 94:a5:4e:88:b1:de:34:8c:1c:e7:48:b6:1c:15:55:cd:d7:49: f7:59:01:21:bc:bc:1a:8e:e7:00:85:25:90:c5:e0:9d:4a:33: 86:3c:17:7f:31:40:44:94:67:09:db:0c:eb:f1:17:19:91:d4: 35:31:67:f8:f5:fa:62:9a:92:43:1a:c0:b0:34:af:10:5f:3d: 1a:82:25:a4:26:57:c2:3b:3d:d7:66:3d:04:fb:ac:73:af:f8: b8:fc:77:43:28:26:2c:96:57:cc:30:3e:0a:f4:2a:c9:e6:05: 75:f7:11:a4:e7:8d:70:6e:55:a9:1e:f4:d4:a1:ed:ae:aa:d8: a2:15:e2:f0:d3:48:c8:19:1b:ee:d2:34:b7:96:40:95:4c:65: a7:f3:0e:70:33:a9:3c:ca:20:15:71:aa:ce:cc:16:be:04:d4: 62:68:d4:f0:a2:eb:b0:78:52:ec:0e:38:6c:6b:18:1d:25:eb: 9c:93:cf:e6:c4:95:36:37:06:d3:90:49:f0:e7:91:0f:b0:9a: ef:7f:1a:c8:b2:e6:d4:30:af:61:04:97:54:c6:23:dd:a2:52: 52:10:6b:7c
1452714602 | 2024-09-10T04:29:46.437156443 / tcp
HTTP/1.1 200 OK Cache-Control: no-cache, no-store Pragma: no-cache Content-Type: text/html; charset=utf-8 Expires: -1 Set-Cookie: OutlookSession=1a830ff55d0a44ffa260c6db237a000e; path=/; secure; HttpOnly X-OWA-Version: 14.3.352.0 X-Powered-By: ASP.NET Date: Tue, 10 Sep 2024 04:29:45 GMT Content-Length: 8783 Microsoft Exchange: Name: Update Rollup 17 for Exchange Server 2010 SP3 Build Number: 14.3.352.0 Build Date: March 21, 2017
Certificate: Data: Version: 3 (0x2) Serial Number: 04:9f:aa:00:35:fe:33:5f:4e:c7:28:df:48:16:2e:98:95:02 Signature Algorithm: sha256WithRSAEncryption Issuer: C=US, O=Let's Encrypt, CN=R11 Validity Not Before: Aug 27 05:05:21 2024 GMT Not After : Nov 25 05:05:20 2024 GMT Subject: CN=autodiscover.harveast.com Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (3072 bit) Modulus: 00:b2:39:18:a1:03:0e:fe:8e:ea:96:f6:32:37:40: c3:17:05:98:73:9e:c2:60:f5:c9:fa:9e:3e:75:22: c2:1c:ab:bb:ab:4b:6e:dd:57:8d:15:55:36:e5:92: 47:40:dd:f3:d3:07:d5:d5:e3:8e:65:04:41:35:16: 5e:fa:cf:20:9b:bd:38:e7:ad:77:e5:6a:91:08:00: 83:60:eb:8d:9f:e3:ca:49:bf:89:95:55:ce:ec:a6: a7:38:eb:77:c1:14:18:79:43:b3:10:f3:40:b8:81: 36:e5:99:28:11:d3:a6:b0:a0:ef:7e:f8:b3:a2:12: 18:c4:9c:81:2d:42:5f:3a:2e:0f:d7:f1:fd:c7:ab: a1:40:d5:91:5d:da:6f:96:ce:93:36:5e:ee:fd:06: 1c:46:f9:2d:62:ec:0b:b5:7b:f4:76:47:ea:c7:f0: 5b:7a:ec:3a:90:ae:cf:cd:02:6f:25:95:56:bf:42: 90:15:a4:b0:ff:26:86:1e:fe:8b:8c:49:bd:9d:4d: c6:7d:6f:39:64:80:18:69:a4:3d:29:95:43:86:f3: e3:34:9e:6b:aa:cc:b7:d9:81:21:85:c8:8c:9c:23: 40:63:24:d6:86:c5:24:a0:87:53:9c:e5:a0:fd:a2: 20:b9:c0:f2:f7:c6:f3:76:71:b5:a3:b2:d3:0d:04: 3f:04:b9:46:34:25:6d:d8:46:21:6b:a5:fd:b0:45: ba:e4:4e:27:98:54:8f:86:26:bc:ba:34:5f:30:1f: f8:d5:0b:3c:67:82:0a:42:e7:ed:a7:43:d8:10:cb: ca:06:94:30:bc:a1:71:cf:d4:71:e8:ba:c5:d0:6d: 32:a5:76:68:8a:22:4b:74:b7:71:b7:73:8c:08:f1: 2f:e3:e6:29:36:e9:f9:59:54:e4:5e:94:0e:72:e9: d0:a7:76:fd:9c:01:b4:b5:b0:c9:82:cf:71:ff:8b: ec:b5:93:9b:37:44:02:19:5c:9d:15:6e:a0:c9:1c: 4b:1e:21:37:8c:a5:81:a2:b4:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Basic Constraints: critical CA:FALSE X509v3 Subject Key Identifier: 90:5C:AD:D8:E4:AE:55:78:59:84:09:29:1B:F4:19:AD:38:30:7E:6E X509v3 Authority Key Identifier: C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9 Authority Information Access: OCSP - URI:http://r11.o.lencr.org CA Issuers - URI:http://r11.i.lencr.org/ X509v3 Subject Alternative Name: DNS:autodiscover.harveast.com, DNS:mail.harveast.com X509v3 Certificate Policies: Policy: 2.23.140.1.2.1 CT Precertificate SCTs: Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12: ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E Timestamp : Aug 27 06:03:52.241 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:46:02:21:00:FB:DA:C1:5B:D3:65:68:71:CA:B5:6B: 76:AA:D9:AA:5F:5E:82:AD:F3:C1:A7:4B:50:84:9E:17: DE:A8:CE:69:94:02:21:00:AA:9B:BE:4C:13:82:9F:CF: 27:C5:B4:6C:28:D9:D4:8A:43:7F:68:FC:68:B8:CA:9A: EF:A0:ED:46:9C:9B:65:0B Signed Certificate Timestamp: Version : v1 (0x0) Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2: 32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B Timestamp : Aug 27 06:03:52.253 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:44:02:20:26:19:5A:C9:04:12:81:39:74:C2:29:BD: 30:E2:E5:7D:55:6F:92:0B:CE:BE:7B:C4:09:D3:3B:6D: 78:D6:03:58:02:20:52:E0:49:38:86:27:A0:5E:2B:DC: 3A:67:AC:83:C9:95:04:E6:D3:32:EF:17:CC:19:C4:66: C8:50:54:AF:63:85 Signature Algorithm: sha256WithRSAEncryption Signature Value: 80:b4:e9:3e:16:fb:c4:4d:1f:09:15:25:ca:1d:6e:ad:93:9f: e3:bf:5c:fb:83:b6:22:e9:bd:c3:c9:47:b7:47:8f:57:aa:e0: e0:f4:ac:92:89:60:c6:84:08:f8:3e:f5:92:4f:9d:f0:d1:e2: c5:b9:02:3e:83:e2:61:39:56:ac:7b:41:93:f8:51:b2:bd:91: 6d:e5:0e:21:57:4d:01:2d:92:35:48:57:88:c6:9f:4f:f9:96: 58:b9:48:ea:2a:24:10:59:c7:7e:e8:ed:f9:9e:98:64:f8:3f: de:ae:f8:dc:7b:16:e5:32:e6:41:02:08:a2:e5:65:cb:01:f5: 71:53:8e:05:4b:69:eb:50:14:ce:a8:ec:b8:73:df:84:8b:63: 34:ad:8e:9b:51:d9:41:ec:90:6a:99:27:bf:81:31:c3:94:b1: f8:10:5e:75:8f:6e:5d:73:ae:d9:8e:df:e6:93:e3:88:a6:7c: 34:8e:51:58:3f:fb:a9:5f:d9:88:02:39:0c:43:dd:64:63:27: 42:37:3a:68:7e:58:bc:fc:7a:7f:48:28:27:c6:17:14:63:9b: d6:87:8e:dd:35:23:4b:b1:9c:76:60:f8:20:71:69:c5:9f:61: c4:79:36:18:ee:20:1d:41:55:ed:d9:22:9e:9e:c5:2e:ee:0e: e6:ac:eb:f2
554922136 | 2024-09-05T05:29:41.457533445 / tcp
SMB Status: Authentication: enabled SMB Version: 1 OS: Windows Server 2008 R2 Datacenter 7601 Service Pack 1 Software: Windows Server 2008 R2 Datacenter 6.1 Capabilities: extended-security, infolevel-passthru, large-files, large-readx, large-writex, level2-oplocks, lock-and-read, lwio, nt-find, nt-smb, nt-status, rpc-remote-api, unicode
1896086426 | 2024-09-14T02:11:12.914832587 / tcp
220 AZ-EXCH-1.HarvEast.lan Microsoft ESMTP MAIL Service ready at Sat, 14 Sep 2024 05:11:05 +0300 250-AZ-EXCH-1.HarvEast.lan Hello [224.151.97.60] 250-SIZE 40960000 250-PIPELINING 250-DSN 250-ENHANCEDSTATUSCODES 250-AUTH GSSAPI NTLM LOGIN 250-8BITMIME 250-BINARYMIME 250 CHUNKING SMTP NTLM Info: OS: Windows 7/Windows Server 2008 R2 OS Build: 6.1.7601 Target Name: HARVEAST NetBIOS Domain Name: HARVEAST NetBIOS Computer Name: AZ-EXCH-1 DNS Domain Name: HarvEast.lan DNS Tree Name: HarvEast.lan FQDN: AZ-EXCH-1.HarvEast.lan
712698082 | 2024-09-11T14:02:27.821654993 / tcp
* OK The Microsoft Exchange IMAP4 service is ready. * CAPABILITY IMAP4 IMAP4rev1 AUTH=NTLM AUTH=GSSAPI AUTH=PLAIN UIDPLUS CHILDREN IDLE NAMESPACE LITERAL+ A001 OK CAPABILITY completed. A002 BAD Command Error. 12 A003 BAD Command Error. 12 * BYE Microsoft Exchange Server 2010 IMAP4 server signing off. A004 OK LOGOUT completed.
Certificate: Data: Version: 3 (0x2) Serial Number: 03:25:b8:fb:c6:02:3e:aa:67:51:68:7a:c0:40:26:4e:12:fc Signature Algorithm: sha256WithRSAEncryption Issuer: C=US, O=Let's Encrypt, CN=R11 Validity Not Before: Aug 22 05:05:26 2024 GMT Not After : Nov 20 05:05:25 2024 GMT Subject: CN=mail.harveast.com Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (3072 bit) Modulus: 00:dd:cc:df:8d:a0:e9:67:1c:f6:ce:62:6a:4d:c4: c1:9c:e8:7e:0e:ea:b2:07:48:c1:25:af:97:66:9f: 1a:02:eb:6c:a1:fb:01:b2:c4:a2:fc:05:6e:ca:90: b6:c1:ae:39:2b:52:86:b4:01:6f:60:77:a6:3c:db: b0:bb:b0:a2:20:41:86:ef:b7:da:ab:d9:68:62:84: 04:2d:63:c8:fb:b4:22:46:94:26:d3:ef:18:1d:25: 6b:4a:dd:85:4a:0c:32:53:62:d2:3a:7e:4c:84:f7: f3:5d:3e:63:35:29:ec:89:8c:bf:cd:53:47:df:b6: 9f:2f:75:e1:a6:d8:24:dd:97:06:ff:f9:7f:8f:16: 7d:ad:96:16:73:9e:46:65:f6:ab:98:81:f3:18:7c: 08:f9:0e:63:00:cb:44:5c:38:bd:60:6f:42:b4:b3: d0:6d:fc:bb:7a:cc:aa:08:f7:6b:67:32:ae:53:64: d6:8d:d0:85:28:70:41:f3:a1:26:be:1b:18:6f:17: 03:ca:b9:11:5f:a2:65:bd:3e:a1:4a:af:99:42:1f: 97:0e:9b:a3:f0:d7:47:f6:22:9f:45:ff:a8:17:00: 74:50:af:ba:07:8f:55:4a:5d:ca:5a:34:0c:99:9b: e2:57:9d:f4:60:56:1a:1f:64:67:39:d5:51:84:36: 16:c6:48:81:db:32:4b:ed:fa:cd:e5:45:44:3e:74: d7:b5:ee:fb:3b:50:af:e4:ac:36:db:40:04:72:d2: d8:35:91:ab:0b:24:c7:3f:f3:50:fc:3b:e8:fa:2e: e9:be:cf:b3:55:9f:3a:df:24:8f:dd:2f:6c:2e:62: cd:9d:14:8e:b4:1b:4a:71:d8:2d:c4:dd:3a:e5:fc: 18:e4:c0:f6:79:b7:e9:6a:05:87:fe:62:15:2a:fc: de:c4:0a:78:b9:fd:d5:19:97:ad:8c:89:7f:26:e0: 8e:62:87:16:0c:e0:ba:b2:94:3a:48:02:cf:10:1f: 50:46:fc:a7:51:c9:02:92:fa:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Basic Constraints: critical CA:FALSE X509v3 Subject Key Identifier: 33:7A:F1:2C:51:87:37:E9:58:2C:A2:E8:A9:20:97:9C:AF:9D:05:F9 X509v3 Authority Key Identifier: C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9 Authority Information Access: OCSP - URI:http://r11.o.lencr.org CA Issuers - URI:http://r11.i.lencr.org/ X509v3 Subject Alternative Name: DNS:autodiscover.harveast.com, DNS:mail.harveast.com X509v3 Certificate Policies: Policy: 2.23.140.1.2.1 CT Precertificate SCTs: Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12: ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E Timestamp : Aug 22 06:03:56.308 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:21:00:E4:1E:C5:69:32:FD:2D:5F:19:BD:30: A1:89:81:E6:47:A9:FE:A4:67:5D:1D:6D:85:77:80:D9: 83:B4:46:0E:C1:02:20:14:B7:5A:B2:F4:CE:7F:CC:B6: 16:97:6B:88:3A:46:58:65:B9:0B:5A:FC:D6:2A:8C:A3: 13:14:9C:D8:A1:46:D0 Signed Certificate Timestamp: Version : v1 (0x0) Log ID : DF:E1:56:EB:AA:05:AF:B5:9C:0F:86:71:8D:A8:C0:32: 4E:AE:56:D9:6E:A7:F5:A5:6A:01:D1:C1:3B:BE:52:5C Timestamp : Aug 22 06:03:56.496 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:46:02:21:00:CD:1F:10:8D:A9:2C:B1:87:82:90:A9: 95:FB:F7:61:86:B4:63:AB:CB:B6:85:0B:73:52:F6:44: 8C:6A:93:0F:23:02:21:00:D5:A0:D7:39:C2:7E:EA:30: 09:8D:19:D4:B4:95:ED:8B:3D:67:89:69:E9:3F:D8:1B: C1:80:B7:1D:1F:CF:F7:18 Signature Algorithm: sha256WithRSAEncryption Signature Value: ab:c5:d2:8b:cf:1e:18:7e:a8:ce:a5:cc:34:15:31:10:7b:85: f4:28:b7:4b:96:a3:ea:17:97:c4:71:60:a7:fd:5a:27:8d:f8: 94:a5:4e:88:b1:de:34:8c:1c:e7:48:b6:1c:15:55:cd:d7:49: f7:59:01:21:bc:bc:1a:8e:e7:00:85:25:90:c5:e0:9d:4a:33: 86:3c:17:7f:31:40:44:94:67:09:db:0c:eb:f1:17:19:91:d4: 35:31:67:f8:f5:fa:62:9a:92:43:1a:c0:b0:34:af:10:5f:3d: 1a:82:25:a4:26:57:c2:3b:3d:d7:66:3d:04:fb:ac:73:af:f8: b8:fc:77:43:28:26:2c:96:57:cc:30:3e:0a:f4:2a:c9:e6:05: 75:f7:11:a4:e7:8d:70:6e:55:a9:1e:f4:d4:a1:ed:ae:aa:d8: a2:15:e2:f0:d3:48:c8:19:1b:ee:d2:34:b7:96:40:95:4c:65: a7:f3:0e:70:33:a9:3c:ca:20:15:71:aa:ce:cc:16:be:04:d4: 62:68:d4:f0:a2:eb:b0:78:52:ec:0e:38:6c:6b:18:1d:25:eb: 9c:93:cf:e6:c4:95:36:37:06:d3:90:49:f0:e7:91:0f:b0:9a: ef:7f:1a:c8:b2:e6:d4:30:af:61:04:97:54:c6:23:dd:a2:52: 52:10:6b:7c
1489525118 | 2024-08-24T18:34:34.3892075986 / tcp
HTTP/1.1 404 Not Found Content-Type: text/html; charset=us-ascii Server: Microsoft-HTTPAPI/2.0 Date: Sat, 24 Aug 2024 18:34:34 GMT Connection: close Content-Length: 315 WinRM NTLM Info: OS: Windows Server 2008 R2 OS Build: 6.1.7601 Target Name: HARVEAST NetBIOS Domain Name: HARVEAST NetBIOS Computer Name: AZ-EXCH-1 DNS Domain Name: HarvEast.lan DNS Tree Name: HarvEast.lan FQDN: AZ-EXCH-1.HarvEast.lan
Certificate: Data: Version: 3 (0x2) Serial Number: 01:e4:00:14:00:10:00:04:00:04:00:04:00:09:07:de Signature Algorithm: sha1WithRSAEncryption Issuer: CN=az-exch-1.cloudapp.net Validity Not Before: Sep 2 12:00:00 2014 GMT Not After : Nov 19 12:00:00 2022 GMT Subject: CN=az-exch-1.cloudapp.net Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (1024 bit) Modulus: 00:ca:66:9c:a9:2d:1f:20:a8:0f:fe:e0:0e:15:67: 70:19:cc:9e:f9:6b:8b:f2:88:8b:bf:df:d5:a7:cc: b0:cc:76:05:60:49:af:df:89:2d:59:cd:15:7c:10: a2:16:33:6f:22:09:9f:df:13:3c:d8:1b:15:7a:47: fe:57:c8:ab:57:0a:22:99:ea:6f:71:08:f7:76:b8: cd:ba:a9:fc:6d:3e:34:63:9f:4d:7a:00:e3:a6:60: 7e:2a:11:4b:79:fe:b4:5b:78:a8:2d:25:2c:71:b3: b6:40:12:fc:66:13:87:43:aa:6c:b9:ed:c9:d3:d1: 7a:29:3d:0e:da:f2:be:b1:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:CA:66:FB:78:D8:D1:95:29:A7:0B:F4:A6:7F:2E:F8:8F:88:CA:4E X509v3 Key Usage: Digital Signature, Key Encipherment, Data Encipherment, Certificate Sign, CRL Sign X509v3 Extended Key Usage: TLS Web Server Authentication 2.5.29.10: 0..... Signature Algorithm: sha1WithRSAEncryption Signature Value: 68:de:62:25:9a:73:02:5d:7d:c6:9e:f5:e7:80:e3:2f:1d:38: c8:65:a8:1b:22:88:23:f0:21:a7:2e:61:27:62:3d:33:96:3c: df:68:70:dc:b5:2b:7b:87:18:af:48:fd:8d:02:a1:bb:3c:06: b5:f7:8d:5e:24:56:66:95:91:23:db:64:6d:32:57:6f:da:c0: 69:04:fa:e0:3e:16:c0:b2:c7:85:f4:7b:fa:b3:75:ef:b1:7d: ec:bf:82:5e:5c:b4:d5:54:ad:87:f3:71:e9:76:4f:e8:a8:55: 26:fc:4b:d9:88:cc:7a:64:a0:01:80:b7:e4:01:5e:18:88:9d: c2:f0