Hostnames |
tarahanit.com mail.tarahanit.com www.tarahanit.com |
Domains | tarahanit.com |
Country | Iran, Islamic Republic of |
City | Tehran |
Organization | FIrst ISDP In IRAN |
ISP | Farahoosh Dena PLC |
ASN | AS44208 |
Operating System | Windows Server 2012 R2 (build 6.3.9600) |
1994175952 | 2024-09-02T01:49:57.36516025 / tcp
220 mail.tarahanit.com ESMTP MailEnable Service, Version: 10.20-- ready at 09/02/24 05:18:48 250-tarahanit.com [224.64.145.139], this server offers 5 extensions 250-AUTH LOGIN 250-SIZE 40960000 250-HELP 250-AUTH=LOGIN 250 STARTTLS
Certificate: Data: Version: 3 (0x2) Serial Number: 29:73:a2:05:b9:38:99:85:44:f1:9b:93:ce:00:77:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=WIN-65C2TEJ99KS Validity Not Before: Jul 18 18:27:26 2020 GMT Not After : Aug 18 18:27:26 2025 GMT Subject: CN=WIN-65C2TEJ99KS Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:d2:ff:a7:cd:ea:a1:a1:07:72:90:2f:bc:5c:86: 89:2f:d3:da:58:74:95:b2:87:f5:cc:b7:04:41:97: 54:85:6c:11:9d:fd:fc:d9:6a:a9:85:67:cb:88:8b: 6c:0d:3b:71:94:2e:c0:5d:35:7f:ec:44:f6:54:7d: f3:fa:e2:27:fc:d8:9b:99:c8:1c:b8:aa:ea:3b:1a: 9e:10:de:66:f2:81:f0:6f:0a:bd:3f:48:b0:48:73: e7:db:01:bf:46:69:66:0d:de:4b:af:3e:07:19:af: f8:b9:39:53:54:a4:e1:ff:ae:34:55:9b:93:db:75: fb:07:69:f5:a1:97:b6:f3:2b:64:48:c1:18:5e:33: 5b:15:ed:21:43:63:b6:32:43:8c:12:35:4d:56:f7: 07:7d:8e:52:2c:a5:72:f1:72:a3:55:eb:b9:4d:d6: e7:b8:0f:61:91:1e:7a:1c:85:cd:96:ed:6b:39:b7: 70:1c:5a:fc:35:22:fa:35:a7:a1:ed:9f:65:f5:b6: cd:5a:8e:07:ee:b4:5a:30:2f:0e:ad:97:21:83:8d: c2:43:f4:13:16:83:2a:6a:e2:60:7e:f1:90:9a:9c: 6c:af:69:e7:14:23:cb:e3:20:8a:a4:ff:df:65:21: 32:f5:ab:50:e3:ec:81:03:f7:63:be:0f:9b:c1:4b: fa:bd Exponent: 65537 (0x10001) Signature Algorithm: sha256WithRSAEncryption Signature Value: 4c:79:23:78:c9:7d:03:99:9c:d9:7b:4e:b3:32:1f:e9:8b:31: 99:43:3f:27:63:1e:32:3e:0b:9f:6b:23:4f:a5:b1:ac:42:1c: f8:bd:af:7f:4d:f8:4f:45:88:fa:31:11:f5:70:7b:48:f1:e0: 41:11:a2:42:8a:4a:56:0d:f6:11:f2:4f:b5:e2:f2:0d:e0:69: 10:6b:93:8c:fe:02:f8:9b:16:fc:f7:3c:66:fe:e0:29:db:41: 7d:cb:c5:5f:7b:82:7e:49:93:8c:9b:f7:5e:1a:d3:78:25:7f: a2:b0:78:84:ea:1e:27:65:cb:aa:b2:00:9c:f2:a0:bf:12:9b: 23:c0:83:b9:3c:8f:87:62:4b:86:0c:75:b2:c8:dc:25:ae:84: 21:cb:57:a0:b9:2b:f1:3c:4b:f5:7a:f6:f2:7f:a4:33:ff:e8: 40:18:f8:01:7e:8d:77:47:a7:68:07:89:3d:ab:c0:12:5a:f7: fe:c5:3b:17:c6:ea:d5:6a:b3:74:04:48:2b:1d:48:5f:19:f2: 8e:04:f1:54:ff:49:a5:e9:45:01:37:e0:af:ec:01:76:3a:bb: 44:c8:6e:c6:08:79:d7:be:33:36:2f:90:bd:eb:f7:0f:37:8d: e7:00:25:bb:32:9a:d2:8f:b7:44:d0:f1:54:48:43:94:84:67: ce:57:93:e0
1489525118 | 2024-09-05T22:43:40.52734580 / tcp
HTTP/1.1 404 Not Found Content-Type: text/html; charset=us-ascii Server: Microsoft-HTTPAPI/2.0 Date: Thu, 05 Sep 2024 22:43:12 GMT Connection: close Content-Length: 315
-471102630 | 2024-09-09T22:14:41.563863110 / tcp
+OK Welcome to MailEnable POP3 Server +OK Capability list follows TOP USER UIDL .
434445955 | 2024-09-02T10:48:23.105905135 / tcp
Microsoft RPC Endpoint Mapper d95afe70-a6d5-4259-822e-2c84da1ddb0d version: v1.0 protocol: [MS-RSP]: Remote Shutdown Protocol provider: wininit.exe ncacn_ip_tcp: 94.74.128.250:49152 ncalrpc: WindowsShutdown ncacn_np: \\WIN-65C2TEJ99KS\PIPE\InitShutdown ncalrpc: WMsgKRpc074B90 76f226c3-ec14-4325-8a99-6a46348418af version: v1.0 provider: winlogon.exe ncalrpc: WindowsShutdown ncacn_np: \\WIN-65C2TEJ99KS\PIPE\InitShutdown ncalrpc: WMsgKRpc074B90 ncalrpc: WMsgKRpc077211 ncalrpc: WMsgKRpc0411072 ncalrpc: WMsgKRpc0A5DDAAD3 9b008953-f195-4bf9-bde0-4471971e58ed version: v1.0 ncalrpc: dabrpc ncalrpc: LRPC-76ae7deeb74ec3b110 ncacn_np: \\WIN-65C2TEJ99KS\pipe\LSM_API_service ncalrpc: LSMApi ncalrpc: LRPC-06cfc493d6c1f160a5 ncalrpc: actkernel ncalrpc: umpo 697dcda9-3ba9-4eb2-9247-e11f1901b0d2 version: v1.0 ncalrpc: LRPC-76ae7deeb74ec3b110 ncacn_np: \\WIN-65C2TEJ99KS\pipe\LSM_API_service ncalrpc: LSMApi ncalrpc: LRPC-06cfc493d6c1f160a5 ncalrpc: actkernel ncalrpc: umpo c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 version: v1.0 annotation: Impl friendly name provider: sysntfy.dll ncalrpc: LRPC-06cfc493d6c1f160a5 ncalrpc: actkernel ncalrpc: umpo ncalrpc: LRPC-0d75b1c851f03f3450 ncacn_np: \\WIN-65C2TEJ99KS\PIPE\srvsvc ncacn_ip_tcp: 94.74.128.250:49154 ncalrpc: ubpmtaskhostchannel ncacn_np: \\WIN-65C2TEJ99KS\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE025321EE21E9EDAFB94CD44C1CAE ncalrpc: IUserProfile2 ncalrpc: senssvc ncalrpc: OLE025321EE21E9EDAFB94CD44C1CAE ncalrpc: IUserProfile2 ncalrpc: IUserProfile2 ncalrpc: IUserProfile2 0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e version: v1.0 ncalrpc: actkernel ncalrpc: umpo c605f9fb-f0a3-4e2a-a073-73560f8d9e3e version: v1.0 ncalrpc: actkernel ncalrpc: umpo 1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0 version: v1.0 ncalrpc: actkernel ncalrpc: umpo 8bfc3be1-6def-4e2d-af74-7c47cd0ade4a version: v1.0 ncalrpc: actkernel ncalrpc: umpo 2d98a740-581d-41b9-aa0d-a88b9d5ce938 version: v1.0 ncalrpc: actkernel ncalrpc: umpo bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760 version: v1.0 ncalrpc: actkernel ncalrpc: umpo 3b338d89-6cfa-44b8-847e-531531bc9992 version: v1.0 ncalrpc: actkernel ncalrpc: umpo 8782d3b9-ebbd-4644-a3d8-e8725381919b version: v1.0 ncalrpc: actkernel ncalrpc: umpo 085b0334-e454-4d91-9b8c-4134f9e793f3 version: v1.0 ncalrpc: actkernel ncalrpc: umpo 4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9 version: v1.0 ncalrpc: actkernel ncalrpc: umpo 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5 version: v1.0 annotation: DHCP Client LRPC Endpoint provider: dhcpcsvc.dll ncalrpc: dhcpcsvc ncalrpc: dhcpcsvc6 ncalrpc: LRPC-292bfccb5ea00b904a ncacn_ip_tcp: 94.74.128.250:49153 ncacn_np: \\WIN-65C2TEJ99KS\pipe\eventlog ncalrpc: eventlog 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6 version: v1.0 annotation: DHCPv6 Client LRPC Endpoint provider: dhcpcsvc6.dll ncalrpc: dhcpcsvc6 ncalrpc: LRPC-292bfccb5ea00b904a ncacn_ip_tcp: 94.74.128.250:49153 ncacn_np: \\WIN-65C2TEJ99KS\pipe\eventlog ncalrpc: eventlog abfb6ca3-0c5e-4734-9285-0aee72fe8d1c version: v1.0 annotation: Wcm Service ncalrpc: LRPC-292bfccb5ea00b904a ncacn_ip_tcp: 94.74.128.250:49153 ncacn_np: \\WIN-65C2TEJ99KS\pipe\eventlog ncalrpc: eventlog 30adc50c-5cbc-46ce-9a0e-91914789e23c version: v1.0 annotation: NRP server endpoint provider: nrpsrv.dll ncalrpc: LRPC-292bfccb5ea00b904a ncacn_ip_tcp: 94.74.128.250:49153 ncacn_np: \\WIN-65C2TEJ99KS\pipe\eventlog ncalrpc: eventlog f6beaff7-1e19-4fbb-9f8f-b89e2018337c version: v1.0 annotation: Event log TCPIP protocol: [MS-EVEN6]: EventLog Remoting Protocol provider: wevtsvc.dll ncacn_ip_tcp: 94.74.128.250:49153 ncacn_np: \\WIN-65C2TEJ99KS\pipe\eventlog ncalrpc: eventlog 58e604e8-9adb-4d2e-a464-3b0683fb1480 version: v1.0 annotation: AppInfo provider: appinfo.dll ncalrpc: DeviceSetupManager ncacn_np: \\WIN-65C2TEJ99KS\pipe\SessEnvPublicRpc ncalrpc: SessEnvPrivateRpc ncalrpc: LRPC-0d75b1c851f03f3450 ncacn_np: \\WIN-65C2TEJ99KS\PIPE\srvsvc ncacn_ip_tcp: 94.74.128.250:49154 ncalrpc: ubpmtaskhostchannel ncacn_np: \\WIN-65C2TEJ99KS\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE025321EE21E9EDAFB94CD44C1CAE ncalrpc: IUserProfile2 fd7a0523-dc70-43dd-9b2e-9c5ed48225b1 version: v1.0 annotation: AppInfo provider: appinfo.dll ncalrpc: DeviceSetupManager ncacn_np: \\WIN-65C2TEJ99KS\pipe\SessEnvPublicRpc ncalrpc: SessEnvPrivateRpc ncalrpc: LRPC-0d75b1c851f03f3450 ncacn_np: \\WIN-65C2TEJ99KS\PIPE\srvsvc ncacn_ip_tcp: 94.74.128.250:49154 ncalrpc: ubpmtaskhostchannel ncacn_np: \\WIN-65C2TEJ99KS\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE025321EE21E9EDAFB94CD44C1CAE ncalrpc: IUserProfile2 5f54ce7d-5b79-4175-8584-cb65313a0e98 version: v1.0 annotation: AppInfo provider: appinfo.dll ncalrpc: DeviceSetupManager ncacn_np: \\WIN-65C2TEJ99KS\pipe\SessEnvPublicRpc ncalrpc: SessEnvPrivateRpc ncalrpc: LRPC-0d75b1c851f03f3450 ncacn_np: \\WIN-65C2TEJ99KS\PIPE\srvsvc ncacn_ip_tcp: 94.74.128.250:49154 ncalrpc: ubpmtaskhostchannel ncacn_np: \\WIN-65C2TEJ99KS\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE025321EE21E9EDAFB94CD44C1CAE ncalrpc: IUserProfile2 201ef99a-7fa0-444c-9399-19ba84f12a1a version: v1.0 annotation: AppInfo provider: appinfo.dll ncalrpc: DeviceSetupManager ncacn_np: \\WIN-65C2TEJ99KS\pipe\SessEnvPublicRpc ncalrpc: SessEnvPrivateRpc ncalrpc: LRPC-0d75b1c851f03f3450 ncacn_np: \\WIN-65C2TEJ99KS\PIPE\srvsvc ncacn_ip_tcp: 94.74.128.250:49154 ncalrpc: ubpmtaskhostchannel ncacn_np: \\WIN-65C2TEJ99KS\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE025321EE21E9EDAFB94CD44C1CAE ncalrpc: IUserProfile2 30b044a5-a225-43f0-b3a4-e060df91f9c1 version: v1.0 provider: certprop.dll ncalrpc: LRPC-0d75b1c851f03f3450 ncacn_np: \\WIN-65C2TEJ99KS\PIPE\srvsvc ncacn_ip_tcp: 94.74.128.250:49154 ncalrpc: ubpmtaskhostchannel ncacn_np: \\WIN-65C2TEJ99KS\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE025321EE21E9EDAFB94CD44C1CAE ncalrpc: IUserProfile2 1a0d010f-1c33-432c-b0f5-8cf4e8053099 version: v1.0 annotation: IdSegSrv service ncacn_ip_tcp: 94.74.128.250:49154 ncalrpc: ubpmtaskhostchannel ncacn_np: \\WIN-65C2TEJ99KS\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE025321EE21E9EDAFB94CD44C1CAE ncalrpc: IUserProfile2 98716d03-89ac-44c7-bb8c-285824e51c4a version: v1.0 annotation: XactSrv service provider: srvsvc.dll ncacn_ip_tcp: 94.74.128.250:49154 ncalrpc: ubpmtaskhostchannel ncacn_np: \\WIN-65C2TEJ99KS\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE025321EE21E9EDAFB94CD44C1CAE ncalrpc: IUserProfile2 c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1 version: v1.0 annotation: Adh APIs ncacn_ip_tcp: 94.74.128.250:49154 ncalrpc: ubpmtaskhostchannel ncacn_np: \\WIN-65C2TEJ99KS\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE025321EE21E9EDAFB94CD44C1CAE ncalrpc: IUserProfile2 c36be077-e14b-4fe9-8abc-e856ef4f048b version: v1.0 annotation: Proxy Manager client server endpoint ncacn_ip_tcp: 94.74.128.250:49154 ncalrpc: ubpmtaskhostchannel ncacn_np: \\WIN-65C2TEJ99KS\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE025321EE21E9EDAFB94CD44C1CAE ncalrpc: IUserProfile2 2e6035b2-e8f1-41a7-a044-656b439c4c34 version: v1.0 annotation: Proxy Manager provider server endpoint ncacn_ip_tcp: 94.74.128.250:49154 ncalrpc: ubpmtaskhostchannel ncacn_np: \\WIN-65C2TEJ99KS\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE025321EE21E9EDAFB94CD44C1CAE ncalrpc: IUserProfile2 552d076a-cb29-4e44-8b6a-d15e59e2c0af version: v1.0 annotation: IP Transition Configuration endpoint provider: iphlpsvc.dll ncacn_ip_tcp: 94.74.128.250:49154 ncalrpc: ubpmtaskhostchannel ncacn_np: \\WIN-65C2TEJ99KS\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE025321EE21E9EDAFB94CD44C1CAE ncalrpc: IUserProfile2 a398e520-d59a-4bdd-aa7a-3c1e0303a511 version: v1.0 annotation: IKE/Authip API provider: IKEEXT.DLL ncacn_ip_tcp: 94.74.128.250:49154 ncalrpc: ubpmtaskhostchannel ncacn_np: \\WIN-65C2TEJ99KS\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE025321EE21E9EDAFB94CD44C1CAE ncalrpc: IUserProfile2 3a9ef155-691d-4449-8d05-09ad57031823 version: v1.0 ncacn_ip_tcp: 94.74.128.250:49154 ncalrpc: ubpmtaskhostchannel ncacn_np: \\WIN-65C2TEJ99KS\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE025321EE21E9EDAFB94CD44C1CAE ncalrpc: IUserProfile2 86d35949-83c9-4044-b424-db363231fd0c version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: schedsvc.dll ncacn_ip_tcp: 94.74.128.250:49154 ncalrpc: ubpmtaskhostchannel ncacn_np: \\WIN-65C2TEJ99KS\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE025321EE21E9EDAFB94CD44C1CAE ncalrpc: IUserProfile2 378e52b0-c0a9-11cf-822d-00aa0051e40f version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: taskcomp.dll ncacn_np: \\WIN-65C2TEJ99KS\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE025321EE21E9EDAFB94CD44C1CAE ncalrpc: IUserProfile2 1ff70682-0a51-30e8-076d-740be8cee98b version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: taskcomp.dll ncacn_np: \\WIN-65C2TEJ99KS\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE025321EE21E9EDAFB94CD44C1CAE ncalrpc: IUserProfile2 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53 version: v1.0 provider: schedsvc.dll ncalrpc: senssvc ncalrpc: OLE025321EE21E9EDAFB94CD44C1CAE ncalrpc: IUserProfile2 2eb08e3e-639f-4fba-97b1-14f878961076 version: v1.0 annotation: Group Policy RPC Interface provider: gpsvc.dll ncalrpc: LRPC-dedb815be5cafa9def b2507c30-b126-494a-92ac-ee32b6eeb039 version: v1.0 ncalrpc: LRPC-f0b5c3ea0b7ff5b0b1 3473dd4d-2e88-4006-9cba-22570909dd10 version: v5.256 annotation: WinHttp Auto-Proxy Service ncalrpc: LRPC-984e521697f7d5ad31 ncalrpc: OLE57718D7236009F9C1BEEA56902CC 7ea70bcf-48af-4f6a-8968-6a440754d5fa version: v1.0 annotation: NSI server endpoint provider: nsisvc.dll ncalrpc: LRPC-984e521697f7d5ad31 ncalrpc: OLE57718D7236009F9C1BEEA56902CC 2fb92682-6599-42dc-ae13-bd2ca89bd11c version: v1.0 annotation: Fw APIs provider: MPSSVC.dll ncalrpc: LRPC-59ed2001b2ba7b6d7a ncalrpc: LRPC-91e1b8226db81b87da f47433c3-3e9d-4157-aad4-83aa1f5c2d4c version: v1.0 annotation: Fw APIs ncalrpc: LRPC-59ed2001b2ba7b6d7a ncalrpc: LRPC-91e1b8226db81b87da 7f9d11bf-7fb9-436b-a812-b2d50c5d4c03 version: v1.0 annotation: Fw APIs provider: MPSSVC.dll ncalrpc: LRPC-59ed2001b2ba7b6d7a ncalrpc: LRPC-91e1b8226db81b87da dd490425-5325-4565-b774-7e27d6c09c24 version: v1.0 annotation: Base Firewall Engine API provider: BFE.DLL ncalrpc: LRPC-91e1b8226db81b87da 7f1343fe-50a9-4927-a778-0c5859517bac version: v1.0 annotation: DfsDs service ncacn_np: \\WIN-65C2TEJ99KS\PIPE\wkssvc ncalrpc: LRPC-43c467c9fef652603f ncalrpc: DNSResolver eb081a0d-10ee-478a-a1dd-50995283e7a8 version: v3.0 annotation: Witness Client Test Interface ncalrpc: LRPC-43c467c9fef652603f ncalrpc: DNSResolver f2c9b409-c1c9-4100-8639-d8ab1486694a version: v1.0 annotation: Witness Client Upcall Server ncalrpc: LRPC-43c467c9fef652603f ncalrpc: DNSResolver 76f03f96-cdfd-44fc-a22c-64950a001209 version: v1.0 protocol: [MS-PAR]: Print System Asynchronous Remote Protocol provider: spoolsv.exe ncacn_ip_tcp: 94.74.128.250:49155 ncalrpc: LRPC-7d31178d07e36fe2ad 4a452661-8290-4b36-8fbe-7f4093a94978 version: v1.0 provider: spoolsv.exe ncacn_ip_tcp: 94.74.128.250:49155 ncalrpc: LRPC-7d31178d07e36fe2ad ae33069b-a2a8-46ee-a235-ddfd339be281 version: v1.0 protocol: [MS-PAN]: Print System Asynchronous Notification Protocol provider: spoolsv.exe ncacn_ip_tcp: 94.74.128.250:49155 ncalrpc: LRPC-7d31178d07e36fe2ad 0b6edbfa-4a24-4fc6-8a23-942b1eca65d1 version: v1.0 protocol: [MS-PAN]: Print System Asynchronous Notification Protocol provider: spoolsv.exe ncacn_ip_tcp: 94.74.128.250:49155 ncalrpc: LRPC-7d31178d07e36fe2ad 12345678-1234-abcd-ef00-0123456789ab version: v1.0 protocol: [MS-RPRN]: Print System Remote Protocol provider: spoolsv.exe ncacn_ip_tcp: 94.74.128.250:49155 ncalrpc: LRPC-7d31178d07e36fe2ad 367abb81-9844-35f1-ad32-98f038001003 version: v2.0 protocol: [MS-SCMR]: Service Control Manager Remote Protocol provider: services.exe ncacn_ip_tcp: 94.74.128.250:49157 6b5bdd1e-528c-422c-af8c-a4079be4fe48 version: v1.0 annotation: Remote Fw APIs protocol: [MS-FASP]: Firewall and Advanced Security Protocol provider: FwRemoteSvr.dll ncacn_ip_tcp: 94.74.128.250:49158 906b0ce0-c70b-1067-b317-00dd010662da version: v1.0 protocol: [MS-CMPO]: MSDTC Connection Manager: provider: msdtcprx.dll ncalrpc: LRPC-f33166bc49a3afc16e ncalrpc: OLED1815003412DDE16B2B2AF9001E4 ncalrpc: LRPC-1f52ad36a87da44423 ncalrpc: LRPC-1f52ad36a87da44423 ncalrpc: LRPC-1f52ad36a87da44423 b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86 version: v2.0 annotation: KeyIso ncacn_ip_tcp: 94.74.128.250:49159 ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\WIN-65C2TEJ99KS\pipe\lsass 12345778-1234-abcd-ef00-0123456789ac version: v1.0 protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol provider: samsrv.dll ncacn_ip_tcp: 94.74.128.250:49159 ncalrpc: samss lpc ncalrpc: SidKey Local End Point ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSA_EAS_ENDPOINT ncalrpc: lsacap ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncacn_np: \\WIN-65C2TEJ99KS\pipe\lsass 12e65dd8-887f-41ef-91bf-8d816c42c2e7 version: v1.0 annotation: Secure Desktop LRPC interface provider: winlogon.exe ncalrpc: WMsgKRpc0411072 ncalrpc: WMsgKRpc0A5DDAAD3
-1684583448 | 2024-09-03T21:34:15.299298443 / tcp
HTTP/1.1 503 Service Unavailable Content-Type: text/html; charset=us-ascii Server: Microsoft-HTTPAPI/2.0 Date: Tue, 03 Sep 2024 21:33:51 GMT Connection: close Content-Length: 326
Certificate: Data: Version: 3 (0x2) Serial Number: 03:9d:b2:e2:91:1c:7d:71:ff:72:46:41:b1:d7:5c:67:14:da Signature Algorithm: sha256WithRSAEncryption Issuer: C=US, O=Let's Encrypt, CN=R10 Validity Not Before: Jun 22 08:07:22 2024 GMT Not After : Sep 20 08:07:21 2024 GMT Subject: CN=www.tarahanit.com Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (3072 bit) Modulus: 00:c6:c5:43:cf:39:20:f1:31:ba:3b:af:07:a1:5c: c6:6f:16:5b:b3:40:47:0f:35:f1:43:1c:b6:9c:ff: bc:ce:59:f8:17:51:04:92:0c:e8:cc:26:4a:4c:d3: 7b:3e:9f:ca:8b:47:14:7c:8e:c3:28:43:f9:12:57: 98:7c:e6:d8:88:e1:37:62:9d:87:93:21:0e:3a:63: 8b:e3:31:78:7f:35:01:65:32:47:94:98:77:1f:9f: 71:01:25:46:ae:c3:18:32:8c:64:44:36:2d:98:95: a5:bb:af:94:d8:cb:9b:8a:26:29:7d:5a:38:26:4c: 3c:df:0c:b8:e4:ca:5b:1e:d3:0d:51:15:1b:7f:e7: fd:38:ab:75:ab:aa:e1:01:c7:92:59:b5:c1:e1:cb: 75:ec:a8:c5:59:c1:bf:0b:d2:fb:5c:91:a4:91:e5: fd:4e:7e:be:72:f7:47:7b:18:ac:79:64:69:43:6a: f4:26:40:da:a5:cc:48:36:2a:81:be:b7:85:09:5f: c4:04:03:14:1e:54:68:f0:a4:ec:d7:90:05:ea:50: 12:c2:d6:b3:fc:04:ca:1f:15:7e:59:b9:f9:4b:20: 94:cb:09:30:70:80:1f:cb:d9:ac:d4:32:da:50:b1: 2e:43:5c:85:c8:17:ab:65:d7:b9:72:3d:c1:4b:58: f9:b7:36:f8:de:0d:57:db:ee:14:93:c1:b3:b1:1f: f8:7b:d3:7f:4a:3c:b8:d1:36:f7:bf:8e:0d:82:6e: 15:04:aa:3f:8b:b5:9b:75:94:ce:d9:d7:55:37:24: 20:97:1d:cc:25:b8:a7:c2:4a:71:a9:41:ba:77:a4: 86:fd:5b:4e:15:c1:09:c8:3f:55:f0:fc:27:4f:e8: 17:4b:76:f1:4e:9a:d8:20:48:ed:46:b2:6e:b3:98: bd:91:d9:2e:d5:68:cb:99:57:9e:7c:ab:42:b9:14: a3:bf:3e:1e:fb:42:e6:a7:18:91:b2:52:fe:19:63: 31:a5:72:59:e7:ec:d9:21:25:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Basic Constraints: critical CA:FALSE X509v3 Subject Key Identifier: 56:4B:FA:B1:CF:4E:C2:72:82:D5:98:E9:EA:D3:91:C4:8D:AB:21:CB X509v3 Authority Key Identifier: BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8 Authority Information Access: OCSP - URI:http://r10.o.lencr.org CA Issuers - URI:http://r10.i.lencr.org/ X509v3 Subject Alternative Name: DNS:tarahanit.com, DNS:www.tarahanit.com X509v3 Certificate Policies: Policy: 2.23.140.1.2.1 CT Precertificate SCTs: Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12: ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E Timestamp : Jun 22 09:07:22.373 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:20:04:54:31:A8:0B:7C:A5:5E:7A:68:FB:91: 26:EC:53:88:09:55:3F:F6:B5:C5:C9:95:16:68:BE:57: 5E:DF:F0:7D:02:21:00:ED:41:96:C7:48:70:18:24:4C: 6E:1E:FC:66:03:6E:06:69:D2:80:BF:56:C2:13:82:9F: 57:0C:85:85:5E:EC:0B Signed Certificate Timestamp: Version : v1 (0x0) Log ID : DF:E1:56:EB:AA:05:AF:B5:9C:0F:86:71:8D:A8:C0:32: 4E:AE:56:D9:6E:A7:F5:A5:6A:01:D1:C1:3B:BE:52:5C Timestamp : Jun 22 09:07:22.565 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:44:02:20:53:7B:76:CB:D4:77:93:D4:01:55:26:0E: 3E:77:A0:3C:D5:34:31:A6:05:F5:8A:2D:4B:71:67:AB: 7F:BF:3B:50:02:20:25:0B:14:BE:D9:2A:3D:77:08:9D: DF:42:AB:20:B4:1B:4E:48:59:09:B5:49:EA:AF:EB:77: F1:25:BE:6B:57:11 Signature Algorithm: sha256WithRSAEncryption Signature Value: be:6e:3d:35:36:2f:7e:e8:54:58:e1:0e:c8:9e:ea:b9:60:75: 27:38:db:29:9e:1f:34:27:cb:04:ec:40:87:b9:b8:4c:07:65: c2:3a:6b:ca:c8:eb:a7:16:8b:dc:19:65:c7:80:42:d4:56:a3: 33:a0:be:37:9d:da:f5:68:d2:ec:de:f7:fa:e0:06:22:e7:87: 41:3a:88:ac:5d:d3:17:09:84:b2:02:f1:eb:39:78:53:9e:79: b1:52:d9:55:13:40:4c:0b:97:a1:42:f9:0e:05:27:a2:f1:d2: f3:e7:6b:d6:ab:a9:8e:57:12:b7:12:4a:f0:7d:0b:57:08:69: a1:7d:e8:82:4e:94:01:a7:1e:35:90:9d:02:ad:f1:5d:76:5d: 66:e3:ee:5a:63:ad:9b:fd:3b:eb:ab:04:a9:dc:77:1c:3d:2a: 15:23:1e:7b:ee:20:4e:95:08:0c:bb:10:c8:32:03:2e:1f:5d: 8d:c7:5a:89:4a:ec:c3:f9:a0:25:a8:4a:34:13:f7:da:79:a6: 01:7b:86:b1:2f:64:0f:91:26:e1:c8:78:2d:46:56:b6:44:ba: 27:ec:f9:c5:2a:64:ad:17:8e:dc:b4:88:d4:1f:50:81:66:58: 74:82:4a:02:4d:ae:7b:4a:ef:da:ab:0f:5e:ba:39:03:71:63: 32:b9:b9:04
-1242801143 | 2024-09-12T01:55:26.027565445 / tcp
SMB Status: Authentication: enabled SMB Version: 1 OS: Windows Server 2012 R2 Datacenter 9600 Software: Windows Server 2012 R2 Datacenter 6.3 Capabilities: extended-security, infolevel-passthru, large-files, large-readx, large-writex, level2-oplocks, lock-and-read, lwio, nt-find, nt-smb, nt-status, rpc-remote-api, unicode
1716548133 | 2024-09-09T01:54:55.141991587 / tcp
220 mail.tarahanit.com ESMTP MailEnable Service, Version: 10.20-- ready at 09/09/24 05:23:22 250-tarahanit.com [224.100.122.134], this server offers 5 extensions 250-AUTH LOGIN 250-SIZE 40960000 250-HELP 250-AUTH=LOGIN 250 STARTTLS
Certificate: Data: Version: 3 (0x2) Serial Number: 29:73:a2:05:b9:38:99:85:44:f1:9b:93:ce:00:77:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=WIN-65C2TEJ99KS Validity Not Before: Jul 18 18:27:26 2020 GMT Not After : Aug 18 18:27:26 2025 GMT Subject: CN=WIN-65C2TEJ99KS Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:d2:ff:a7:cd:ea:a1:a1:07:72:90:2f:bc:5c:86: 89:2f:d3:da:58:74:95:b2:87:f5:cc:b7:04:41:97: 54:85:6c:11:9d:fd:fc:d9:6a:a9:85:67:cb:88:8b: 6c:0d:3b:71:94:2e:c0:5d:35:7f:ec:44:f6:54:7d: f3:fa:e2:27:fc:d8:9b:99:c8:1c:b8:aa:ea:3b:1a: 9e:10:de:66:f2:81:f0:6f:0a:bd:3f:48:b0:48:73: e7:db:01:bf:46:69:66:0d:de:4b:af:3e:07:19:af: f8:b9:39:53:54:a4:e1:ff:ae:34:55:9b:93:db:75: fb:07:69:f5:a1:97:b6:f3:2b:64:48:c1:18:5e:33: 5b:15:ed:21:43:63:b6:32:43:8c:12:35:4d:56:f7: 07:7d:8e:52:2c:a5:72:f1:72:a3:55:eb:b9:4d:d6: e7:b8:0f:61:91:1e:7a:1c:85:cd:96:ed:6b:39:b7: 70:1c:5a:fc:35:22:fa:35:a7:a1:ed:9f:65:f5:b6: cd:5a:8e:07:ee:b4:5a:30:2f:0e:ad:97:21:83:8d: c2:43:f4:13:16:83:2a:6a:e2:60:7e:f1:90:9a:9c: 6c:af:69:e7:14:23:cb:e3:20:8a:a4:ff:df:65:21: 32:f5:ab:50:e3:ec:81:03:f7:63:be:0f:9b:c1:4b: fa:bd Exponent: 65537 (0x10001) Signature Algorithm: sha256WithRSAEncryption Signature Value: 4c:79:23:78:c9:7d:03:99:9c:d9:7b:4e:b3:32:1f:e9:8b:31: 99:43:3f:27:63:1e:32:3e:0b:9f:6b:23:4f:a5:b1:ac:42:1c: f8:bd:af:7f:4d:f8:4f:45:88:fa:31:11:f5:70:7b:48:f1:e0: 41:11:a2:42:8a:4a:56:0d:f6:11:f2:4f:b5:e2:f2:0d:e0:69: 10:6b:93:8c:fe:02:f8:9b:16:fc:f7:3c:66:fe:e0:29:db:41: 7d:cb:c5:5f:7b:82:7e:49:93:8c:9b:f7:5e:1a:d3:78:25:7f: a2:b0:78:84:ea:1e:27:65:cb:aa:b2:00:9c:f2:a0:bf:12:9b: 23:c0:83:b9:3c:8f:87:62:4b:86:0c:75:b2:c8:dc:25:ae:84: 21:cb:57:a0:b9:2b:f1:3c:4b:f5:7a:f6:f2:7f:a4:33:ff:e8: 40:18:f8:01:7e:8d:77:47:a7:68:07:89:3d:ab:c0:12:5a:f7: fe:c5:3b:17:c6:ea:d5:6a:b3:74:04:48:2b:1d:48:5f:19:f2: 8e:04:f1:54:ff:49:a5:e9:45:01:37:e0:af:ec:01:76:3a:bb: 44:c8:6e:c6:08:79:d7:be:33:36:2f:90:bd:eb:f7:0f:37:8d: e7:00:25:bb:32:9a:d2:8f:b7:44:d0:f1:54:48:43:94:84:67: ce:57:93:e0
-46651915 | 2024-09-13T07:27:26.6126471433 / tcp
MS-SQL NTLM Info: OS: Windows 8.1/Windows Server 2012 R2 OS Build: 6.3.9600 Target Name: WIN-65C2TEJ99KS NetBIOS Domain Name: WIN-65C2TEJ99KS NetBIOS Computer Name: WIN-65C2TEJ99KS DNS Domain Name: WIN-65C2TEJ99KS FQDN: WIN-65C2TEJ99KS
-1969743411 | 2024-09-12T03:55:16.3007073306 / tcp
MySQL: Error Message: Host '224.64.145.139' is not allowed to connect to this MySQL server Error Code: 1130
940603052 | 2024-09-11T12:24:49.6186573389 / tcp
Remote Desktop Protocol \x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x0f\x08\x00\x02\x00\x00\x00
Certificate: Data: Version: 3 (0x2) Serial Number: 1c:6a:5c:28:51:ef:eb:92:40:60:88:42:2a:95:ed:1a Signature Algorithm: sha1WithRSAEncryption Issuer: CN=WIN-65C2TEJ99KS Validity Not Before: Jul 5 18:30:53 2024 GMT Not After : Jan 4 18:30:53 2025 GMT Subject: CN=WIN-65C2TEJ99KS Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:b8:c2:ad:8a:02:15:a6:3b:a4:7f:82:d1:ac:1c: c2:cb:22:53:03:85:e6:05:c9:35:85:48:3a:cb:25: a0:76:2b:9d:80:cb:af:45:b8:94:2b:0d:da:3a:88: a2:82:8c:dd:84:81:9a:65:e2:cb:58:a0:5e:71:20: 73:ec:67:ea:83:c7:c6:7a:cb:67:83:61:d5:87:87: 3c:4b:b0:dc:74:73:e4:fb:d0:13:3d:56:b2:4c:24: 32:c7:76:ab:c7:d3:00:0c:06:48:44:8c:30:26:ef: c9:37:ef:3e:2a:17:37:59:b1:a7:21:d5:4c:7d:c2: 43:9c:94:87:d8:17:45:1b:7e:52:b7:b4:d2:4e:4b: bf:ef:73:35:69:7e:73:f6:4e:71:54:f1:83:22:10: 2b:4c:c5:8a:22:b0:06:e6:b3:33:8a:0d:e4:c7:43: ac:b0:5c:1a:98:38:99:ac:6f:f1:27:2d:5a:52:00: 59:26:f7:02:30:f7:7a:5a:1a:0d:1e:c7:de:4c:9f: d0:19:34:41:22:48:88:d3:27:62:3f:92:42:17:59: 4a:f6:13:52:bd:79:0c:36:6f:f6:e4:7a:63:21:80: e3:fb:29:ee:2a:45:ff:dc:b2:d4:d7:80:f6:d3:27: 7a:2b:8b:f6:89:d4:ef:9d:2b:06:bc:56:ab:d5:74: 21:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Extended Key Usage: TLS Web Server Authentication X509v3 Key Usage: Key Encipherment, Data Encipherment Signature Algorithm: sha1WithRSAEncryption Signature Value: 5c:2d:e0:78:5a:23:6c:fd:36:4a:ca:47:b0:08:48:c4:38:6f: 48:85:7d:58:98:00:ba:fe:5d:58:8f:2e:aa:78:ee:16:4a:cc: 30:8f:49:73:f0:6c:0f:7c:43:9e:ea:c8:cd:a5:d8:ce:8c:13: 19:04:06:ba:04:32:98:89:61:34:ec:a8:c7:95:7d:6a:31:a3: 60:31:db:db:37:f7:96:dd:ea:f3:60:b3:d8:db:69:a9:18:3e: 08:c5:6a:c6:5e:9c:9e:a0:55:4f:da:36:de:f1:5e:a3:11:8e: 1c:9d:36:6f:4c:64:a4:c5:e4:1e:e4:08:97:c3:fd:38:da:1c: f9:4d:70:aa:f5:21:8a:fe:6a:f4:de:5a:43:6a:05:a2:2e:d2: 3e:71:aa:f5:14:dd:cd:6e:e6:db:25:d2:30:15:d4:5b:c7:4a: f2:45:6c:7f:23:2a:27:f7:78:64:33:f6:86:19:60:b3:a9:5a: a5:b2:af:7b:b8:ea:9e:9f:41:51:a6:c4:8c:1a:11:2c:b2:48: 3d:e1:bd:5d:94:c4:93:19:4d:c8:7b:82:4f:7b:81:7c:29:df: 16:9b:a7:32:90:06:36:44:13:2c:cd:b8:c7:0c:78:59:c1:6b: dc:a5:c0:71:f3:91:f3:6d:40:8e:4a:b4:36:fa:99:5b:19:e8: ed:82:f6:6e
1489525118 | 2024-09-13T11:57:46.0847415985 / tcp
HTTP/1.1 404 Not Found Content-Type: text/html; charset=us-ascii Server: Microsoft-HTTPAPI/2.0 Date: Fri, 13 Sep 2024 11:57:02 GMT Connection: close Content-Length: 315 WinRM NTLM Info: OS: Windows Server 2012 R2 OS Build: 6.3.9600 Target Name: WIN-65C2TEJ99KS NetBIOS Domain Name: WIN-65C2TEJ99KS NetBIOS Computer Name: WIN-65C2TEJ99KS DNS Domain Name: WIN-65C2TEJ99KS FQDN: WIN-65C2TEJ99KS
-732651599 | 2024-08-25T20:59:37.7554119001 / tcp
HTTP/1.1 302 Found Cache-Control: private Content-Type: text/html; charset=utf-8 Location: /Default.aspx?pid=Login&ReturnUrl=%2f Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET Date: Sun, 25 Aug 2024 20:59:32 GMT Content-Length: 158 <html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="/Default.aspx?pid=Login&ReturnUrl=%2f">here</a>.</h2> </body></html>