Hostnames |
barson.co MAIL.barson.co autodiscover.barson.co legacy.barson.co mail.barson.co gravitystorm.us autodiscover.gravitystorm.us legacy.gravitystorm.us mmsi-fab.com autodiscover.mmsi-fab.com legacy.mmsi-fab.com nbarson.com autodiscover.nbarson.com legacy.nbarson.com 172-9-142-171.lightspeed.wepbfl.sbcglobal.net |
Domains | barson.co gravitystorm.us mmsi-fab.com nbarson.com sbcglobal.net |
Country | United States |
City | Boca Raton |
Organization | AT&T Services, Inc. |
ISP | AT&T Services, Inc. |
ASN | AS7018 |
Operating System | Windows (build 6.1.7601) |
Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.
MS15-034 | 10.0HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka "HTTP.sys Remote Code Execution Vulnerability." |
CVE-2019-0708 | 10.0A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'. |
CVE-2015-1635 | 10.0HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka "HTTP.sys Remote Code Execution Vulnerability." |
CVE-2010-3972 | 10.0Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendData function in ftpsvc.dll in Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) 7.0, and IIS 7.5, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted FTP command, aka "IIS FTP Service Heap Buffer Overrun Vulnerability." NOTE: some of these details are obtained from third party information. |
CVE-2010-2730 | 9.3Buffer overflow in Microsoft Internet Information Services (IIS) 7.5, when FastCGI is enabled, allows remote attackers to execute arbitrary code via crafted headers in a request, aka "Request Header Buffer Overflow Vulnerability." |
CVE-2010-1899 | 4.3Stack consumption vulnerability in the ASP implementation in Microsoft Internet Information Services (IIS) 5.1, 6.0, 7.0, and 7.5 allows remote attackers to cause a denial of service (daemon outage) via a crafted request, related to asp.dll, aka "IIS Repeated Parameter Request Denial of Service Vulnerability." |
649755902 | 2024-04-08T13:34:04.6579557 / udp
echo
1109035431 | 2024-04-27T15:36:30.95856513 / tcp
11:30:13 AM 4/27/2024
1944946270 | 2024-04-29T02:04:14.97851817 / tcp
"A wonderful fact to reflect upon, that every human creature is constituted to be that profound secret and mystery to every other." Charles Dickens (1812-70)
829384519 | 2024-04-23T01:27:25.19831819 / tcp
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefg !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUV
-370734890 | 2024-04-29T20:25:18.86367321 / tcp
220 Microsoft FTP Service 530 User cannot log in. 214-The following commands are recognized (* ==>'s unimplemented). ABOR ACCT ADAT * ALLO APPE AUTH CCC CDUP CWD DELE ENC * EPRT EPSV FEAT HELP HOST LANG LIST MDTM MIC * MKD MODE NLST NOOP OPTS PASS PASV PBSZ PORT PROT PWD QUIT REIN REST RETR RMD RNFR RNTO SITE SIZE SMNT STAT STOR STOU STRU SYST TYPE USER XCUP XCWD XMKD XPWD XRMD 214 HELP command successful. 211-Extended features supported: LANG EN* UTF8 AUTH TLS;TLS-C;SSL;TLS-P; PBSZ PROT C;P; CCC HOST SIZE MDTM REST STREAM 211 END
Certificate: Data: Version: 3 (0x2) Serial Number: 18:22:f7:3c:e0:db:44:b7:4d:fc:48:40:cb:33:cc:be Signature Algorithm: sha1WithRSAEncryption Issuer: CN=WMSvc-MAIL Validity Not Before: Dec 29 02:30:07 2013 GMT Not After : Dec 27 02:30:07 2023 GMT Subject: CN=WMSvc-MAIL Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:ad:6f:ea:62:6c:6d:9a:52:93:4f:4b:2b:bb:d5: 44:51:81:a6:92:97:a6:da:7d:56:97:ac:e2:79:ed: 99:a6:31:ad:09:9f:7c:d0:83:6e:e9:fe:7c:8f:33: e8:df:7b:59:c5:e4:88:f2:96:d7:ff:54:ca:b6:24: 88:07:9d:2e:c0:0f:4f:9d:62:e0:6e:ab:1a:c3:51: 80:d6:ab:07:e0:7f:87:23:01:c5:6e:e6:5b:b5:b8: 30:61:9f:d3:ec:15:92:94:9c:1b:c7:54:28:c5:81: d2:4c:8f:3a:c1:ea:a9:10:0b:20:71:e0:e8:a4:72: 86:5d:57:38:a6:72:1e:92:d8:74:24:5b:af:ff:61: b5:61:f1:93:0b:1c:0c:c5:b6:fc:75:ec:15:ab:41: 52:60:91:01:51:16:36:e4:b1:77:0d:37:0f:95:f2: 7d:0f:fc:bb:69:8b:ce:66:9c:63:39:42:47:82:2c: f6:a7:89:1d:60:7a:0a:a3:ba:76:d6:32:41:ca:02: 3c:bc:75:a7:34:f8:cc:9e:10:84:9c:f8:5a:a5:f3: 16:ad:05:51:ff:6c:07:49:47:79:22:44:a8:cd:91: 83:13:ed:63:ed:99:ff:77:cf:ae:f6:52:42:c3:78: 32:b1:f8:26:f7:3b:dc:12:1d:a0:6c:b4:11:2a:6e: 0f:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Extended Key Usage: TLS Web Server Authentication X509v3 Key Usage: Digital Signature, Key Encipherment, Data Encipherment Signature Algorithm: sha1WithRSAEncryption Signature Value: 6d:32:9d:50:49:47:8c:44:d4:29:15:ce:df:a1:a2:d7:95:ad: 63:ea:fc:23:3b:cf:83:73:eb:d1:1b:b3:f8:c6:4b:b1:63:59: 93:d5:ff:9f:1c:c7:b8:43:dd:c7:d6:e1:33:c2:ab:54:73:fc: bd:8e:40:73:08:e6:b8:2f:76:af:52:00:58:40:38:02:59:c1: a6:f6:63:07:a0:5e:f2:dc:1b:8f:3b:8d:6b:30:a1:8f:e5:89: 2c:63:41:e8:8f:c9:00:3d:b6:57:f8:c3:16:de:2f:6a:5f:1c: 42:a5:2e:e4:0d:19:8c:eb:b3:7d:e0:2c:c0:2a:99:7b:08:86: 10:5d:52:fe:37:73:d7:4a:43:75:27:1a:33:5c:1c:6f:5a:00: e9:f7:72:d8:76:00:1d:e7:1e:89:6f:c0:35:20:16:95:82:06: 8d:6f:7c:ef:93:c6:ad:bc:d9:f5:a2:44:40:b1:f3:a0:6c:2d: 15:a2:32:2f:56:00:2d:52:fb:c1:f2:1a:e0:31:28:f8:e1:8a: 57:17:98:06:77:24:38:f0:68:a4:ce:7d:14:7f:7c:38:09:49: 8c:7e:d5:a6:f7:be:35:28:cd:9f:e0:8b:9a:df:af:1c:3e:6e: d7:9b:89:6c:b5:d7:5e:4b:8c:0c:dc:a5:28:82:48:f2:8c:fe: f8:8d:5c:1b
-24540166 | 2024-05-04T07:51:17.16624225 / tcp
220 MAIL.barson.co Microsoft ESMTP MAIL Service ready at Sat, 4 May 2024 03:44:34 -0400 250-MAIL.barson.co Hello [224.88.247.62] 250-SIZE 250-PIPELINING 250-DSN 250-ENHANCEDSTATUSCODES 250-STARTTLS 250-X-ANONYMOUSTLS 250-AUTH NTLM 250-X-EXPS GSSAPI NTLM 250-8BITMIME 250-BINARYMIME 250-CHUNKING 250-XEXCH50 250-XRDST 250 XSHADOW SMTP NTLM Info: OS: Windows 7/Windows Server 2008 R2 OS Build: 6.1.7601 Target Name: BARSON NetBIOS Domain Name: BARSON NetBIOS Computer Name: MAIL DNS Domain Name: barson.co DNS Tree Name: barson.co FQDN: MAIL.barson.co
Certificate: Data: Version: 3 (0x2) Serial Number: 14:d5:63:05:21:41:a4:9b:41:40:ec:04:9d:81:41:42 Signature Algorithm: sha1WithRSAEncryption Issuer: CN=MAIL Validity Not Before: Feb 23 19:55:56 2020 GMT Not After : Feb 23 19:55:56 2025 GMT Subject: CN=MAIL Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:99:c8:2c:87:90:17:98:94:5f:cf:72:bb:93:8e: da:fa:3e:35:38:cf:e0:7a:41:82:7f:50:de:52:9f: b4:18:25:31:17:08:65:74:46:d9:7c:ac:2f:4a:7b: 81:cc:32:6b:d8:f1:6f:63:73:8b:57:7c:17:6f:cc: 38:79:4c:91:84:4c:43:27:c9:09:7b:e4:1f:4a:3d: 35:d2:8e:9b:42:f1:bb:d2:cf:b9:5e:18:57:28:b6: d0:73:28:19:14:56:4c:77:0d:b1:33:e0:b6:36:43: 5d:d4:20:f5:71:93:53:77:9b:99:01:8e:f2:dd:c9: 77:0d:2f:66:ff:2c:7a:33:ee:74:3e:d9:b0:aa:af: ec:51:1b:5a:ba:0b:6f:71:e6:d8:76:d7:74:47:f4: 34:77:a5:f1:cf:c9:f6:97:0c:1a:7e:cf:d8:f0:37: fe:31:e7:4a:2e:be:9e:5f:81:aa:42:c4:ad:2e:c1: 53:43:e3:70:06:12:e3:f6:ed:74:a1:5d:84:75:f9: ea:81:0c:b9:26:0b:0e:02:19:57:90:24:72:ee:72: 36:df:94:e5:23:a8:1f:6a:3e:36:67:13:63:6b:96: 2e:8f:c5:10:e3:20:5d:bf:17:03:fa:f6:c3:2a:13: f2:ca:5c:00:9a:eb:55:d6:3f:a0:8c:e0:91:82:5a: 1b:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Subject Alternative Name: DNS:MAIL, DNS:MAIL.barson.co X509v3 Extended Key Usage: TLS Web Server Authentication X509v3 Basic Constraints: critical CA:FALSE Signature Algorithm: sha1WithRSAEncryption Signature Value: 32:88:96:66:47:4d:d4:e5:3c:c3:2a:11:02:69:66:c6:57:17: b4:0b:b9:e7:2e:c2:df:a8:84:a5:51:e4:33:d1:c1:d4:c9:78: 7f:47:06:29:7c:a7:3b:4a:e0:b9:91:11:62:69:7e:c1:87:b6: 13:58:fb:93:75:d4:bd:80:cb:d7:4d:ea:53:81:9c:9b:63:2c: e0:0c:35:c1:6a:17:95:d2:4e:83:87:f0:88:ea:0d:cf:cd:30: f4:ec:b9:65:a6:18:3f:17:38:98:48:46:d0:71:79:7e:6e:4e: 5c:65:a2:bf:71:66:41:4e:3d:bb:1e:98:23:dd:6b:03:07:3e: f2:36:8b:ea:d3:93:81:b1:09:68:b4:98:97:fd:2a:f0:cd:ce: 54:c7:d5:cb:56:d6:5a:87:69:61:71:1d:a6:4e:9e:f1:ab:64: 6a:85:92:ef:e0:de:79:c1:8f:51:44:43:44:d1:98:7c:a3:c1: 8d:b3:2b:a2:f7:36:fc:1b:18:a2:d4:a3:da:df:c2:8c:bf:dd: b5:17:90:d4:73:f2:11:36:a5:1f:32:a5:0d:e1:02:31:80:5b: 64:a1:00:1b:5b:94:1a:a5:3e:60:07:63:63:3f:70:1f:ab:79: aa:3b:e2:22:c8:06:31:8d:5b:df:1d:b0:c7:90:e9:92:bb:5d: fd:a1:4b:f2
-985096807 | 2024-04-30T05:32:15.78752180 / tcp
HTTP/1.1 403 Forbidden Content-Type: text/html Server: Microsoft-IIS/7.5 X-Powered-By: ASP.NET Date: Tue, 30 Apr 2024 05:25:44 GMT Content-Length: 1233
-380164550 | 2024-05-02T06:05:02.65825688 / udp
Microsoft Windows Kerberos Server Time: 2024-05-02 05:58:42Z
-345366676 | 2024-04-18T02:13:53.776101110 / tcp
+OK The Microsoft Exchange POP3 service is ready. +OK TOP UIDL .
938952688 | 2024-04-27T11:09:10.764333389 / tcp
LDAP: CurrentTime: 20240427110253.0Z SubschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=barson,DC=co DsServiceName: CN=NTDS Settings,CN=MAIL,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=barson,DC=co NamingContexts: CN=Configuration,DC=barson,DC=co CN=Schema,CN=Configuration,DC=barson,DC=co DC=DomainDnsZones,DC=barson,DC=co DC=ForestDnsZones,DC=barson,DC=co DC=barson,DC=co DefaultNamingContext: DC=barson,DC=co SchemaNamingContext: CN=Schema,CN=Configuration,DC=barson,DC=co ConfigurationNamingContext: CN=Configuration,DC=barson,DC=co RootDomainNamingContext: DC=barson,DC=co SupportedControl: 1.2.840.113556.1.4.1338 1.2.840.113556.1.4.1339 1.2.840.113556.1.4.1340 1.2.840.113556.1.4.1341 1.2.840.113556.1.4.1413 1.2.840.113556.1.4.1504 1.2.840.113556.1.4.1852 1.2.840.113556.1.4.1907 1.2.840.113556.1.4.1948 1.2.840.113556.1.4.1974 1.2.840.113556.1.4.2026 1.2.840.113556.1.4.2064 1.2.840.113556.1.4.2065 1.2.840.113556.1.4.2066 1.2.840.113556.1.4.319 1.2.840.113556.1.4.417 1.2.840.113556.1.4.473 1.2.840.113556.1.4.474 1.2.840.113556.1.4.521 1.2.840.113556.1.4.528 1.2.840.113556.1.4.529 1.2.840.113556.1.4.619 1.2.840.113556.1.4.801 1.2.840.113556.1.4.802 1.2.840.113556.1.4.805 1.2.840.113556.1.4.841 1.2.840.113556.1.4.970 2.16.840.1.113730.3.4.10 2.16.840.1.113730.3.4.9 SupportedLDAPVersion: 2 3 SupportedLDAPPolicies: InitRecvTimeout MaxConnIdleTime MaxConnections MaxDatagramRecv MaxNotificationPerConn MaxPageSize MaxPoolThreads MaxQueryDuration MaxReceiveBuffer MaxResultSetSize MaxResultSetsPerConn MaxTempTableSize MaxValRange MinResultSets SystemMemoryLimitPercent ThreadMemoryLimit HighestCommittedUSN: 191718322 SupportedSASLMechanisms: DIGEST-MD5 EXTERNAL GSS-SPNEGO GSSAPI DnsHostName: MAIL.barson.co LdapServiceName: barson.co:mail$@BARSON.CO ServerName: CN=MAIL,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=barson,DC=co SupportedCapabilities: 1.2.840.113556.1.4.1670 1.2.840.113556.1.4.1791 1.2.840.113556.1.4.1935 1.2.840.113556.1.4.2080 1.2.840.113556.1.4.800 IsSynchronized: TRUE IsGlobalCatalogReady: TRUE SupportedExtension: 1.2.840.113556.1.4.1781 1.3.6.1.4.1.1466.101.119.1 1.3.6.1.4.1.1466.20037 1.3.6.1.4.1.4203.1.11.3 DomainFunctionality: 4 ForestFunctionality: 4
-1076589535 | 2024-04-28T03:46:18.542226389 / udp
0\x84\x00\x00\t\xd8\x02\x01\x07d\x84\x00\x00\t\xcf\x04\x000\x84\x00\x00\t\xc70\x84\x00\x00\x00&\x04\x0bcurrentTime1\x84\x00\x00\x00\x13\x04\x1120240428033958.0Z0\x84\x00\x00\x00R\x04\x11subschemaSubentry1\x84\x00\x00\x009\x047CN=Aggregate,CN=Schema,CN=Configuration,DC=barson,DC=co0\x84\x00\x00\x00\x7f\x04\rdsServiceName1\x84\x00\x00\x00j\x04hCN=NTDS Settings,CN=MAIL,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=barson,DC=co0\x84\x00\x00\x00\xbb\x04\x0enamingContexts1\x84\x00\x00\x00\xa5\x04\x0fDC=barson,DC=co\x04 CN=Configuration,DC=barson,DC=co\x04*CN=Schema,CN=Configuration,DC=barson,DC=co\x04!DC=DomainDnsZones,DC=barson,DC=co\x04!DC=ForestDnsZones,DC=barson,DC=co0\x84\x00\x00\x00-\x04\x14defaultNamingContext1\x84\x00\x00\x00\x11\x04\x0fDC=barson,DC=co0\x84\x00\x00\x00G\x04\x13schemaNamingContext1\x84\x00\x00\x00,\x04*CN=Schema,CN=Configuration,DC=barson,DC=co0\x84\x00\x00\x00D\x04\x1aconfigurationNamingContext1\x84\x00\x00\x00"\x04 CN=Configuration,DC=barson,DC=co0\x84\x00\x00\x000\x04\x17rootDomainNamingContext1\x84\x00\x00\x00\x11\x04\x0fDC=barson,DC=co0\x84\x00\x00\x02\xe1\x04\x10supportedControl1\x84\x00\x00\x02\xc9\x04\x161.2.840.113556.1.4.319\x04\x161.2.840.113556.1.4.801\x04\x161.2.840.113556.1.4.473\x04\x161.2.840.113556.1.4.528\x04\x161.2.840.113556.1.4.417\x04\x161.2.840.113556.1.4.619\x04\x161.2.840.113556.1.4.841\x04\x161.2.840.113556.1.4.529\x04\x161.2.840.113556.1.4.805\x04\x161.2.840.113556.1.4.521\x04\x161.2.840.113556.1.4.970\x04\x171.2.840.113556.1.4.1338\x04\x161.2.840.113556.1.4.474\x04\x171.2.840.113556.1.4.1339\x04\x171.2.840.113556.1.4.1340\x04\x171.2.840.113556.1.4.1413\x04\x172.16.840.1.113730.3.4.9\x04\x182.16.840.1.113730.3.4.10\x04\x171.2.840.113556.1.4.1504\x04\x171.2.840.113556.1.4.1852\x04\x161.2.840.113556.1.4.802\x04\x171.2.840.113556.1.4.1907\x04\x171.2.840.113556.1.4.1948\x04\x171.2.840.113556.1.4.1974\x04\x171.2.840.113556.1.4.1341\x04\x171.2.840.113556.1.4.2026\x04\x171.2.840.113556.1.4.2064\x04\x171.2.840.113556.1.4.2065\x04\x171.2.840.113556.\xb0\x04\x00\x00\x89\xc6-f0X\xaa\x19V\x04\x00\x00V\x04\x00\x00\x01\x00\x00\x00V\x00d\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x11\x00\x08\x00\x02\x00\x00\x00\x01\x00\x00\x06DL\xa8\xc4\x1e\xfbRP\x00\x00Bq\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x0c\xc4z|\x8f\x98DL\xa8\xc4\x1e\xfb\x08\x00E\x00\x04H\x7fF\x00\xb9t\x11\xea\x13\xac\t\x8e\xabPRM\x8b1.4.20660\x84\x00\x00\x00"\x04\x14supportedLDAPVersion1\x84\x00\x00\x00\x06\x04\x013\x04\x0120\x84\x00\x00\x01<\x04\x15supportedLDAPPolicies1\x84\x00\x00\x01\x1f\x04\x0eMaxPoolThreads\x04\x0fMaxDatagramRecv\x04\x10MaxReceiveBuffer\x04\x0fInitRecvTimeout\x04\x0eMaxConnections\x04\x0fMaxConnIdleTime\x04\x0bMaxPageSize\x04\x10MaxQueryDuration\x04\x10MaxTempTableSize\x04\x10MaxResultSetSize\x04\rMinResultSets\x04\x14MaxResultSetsPerConn\x04\x16MaxNotificationPerConn\x04\x0bMaxValRange\x04\x11ThreadMemoryLimit\x04\x18SystemMemoryLimitPercent0\x84\x00\x00\x00&\x04\x13highestCommittedUSN1\x84\x00\x00\x00\x0b\x04\t1917666380\x84\x00\x00\x00I\x04\x17supportedSASLMechanisms1\x84\x00\x00\x00*\x04\x06GSSAPI\x04\nGSS-SPNEGO\x04\x08EXTERNAL\x04\nDIGEST-MD50\x84\x00\x00\x00#\x04\x0bdnsHostName1\x84\x00\x00\x00\x10\x04\x0eMAIL.barson.co0\x84\x00\x00\x002\x04\x0fldapServiceName1\x84\x00\x00\x00\x1b\x04\x19barson.co:mail$@BARSON.CO0\x84\x00\x00\x00k\x04\nserverName1\x84\x00\x00\x00Y\x04WCN=MAIL,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=barson,DC=co0\x84\x00\x00\x00\x99\x04\x15supportedCapabilities1\x84\x00\x00\x00|\x04\x161.2.840.113556.1.4.800\x04\x171.2.840.113556.1.4.1670\x04\x171.2.840.113556.1.4.1791\x04\x171.2.840.113556.1.4.1935\x04\x171.2.840.113556.1.4.20800\x84\x00\x00\x00\x1c\x04\x0eisSynchronized1\x84\x00\x00\x00\x06\x04\x04TRUE0\x84\x00\x00\x00"\x04\x14isGlobalCatalogReady1\x84\x00\x00\x00\x06\x04\x04TRUE0\x84\x00\x00\x00\x1e\x04\x13domainFuncti
-119375469 | 2024-04-27T14:36:36.018279443 / tcp
HTTP/1.1 200 OK Content-Type: text/html Last-Modified: Sun, 29 Dec 2013 05:13:21 GMT Accept-Ranges: bytes ETag: "71193b1544cf1:0" Server: Microsoft-IIS/7.5 X-Powered-By: ASP.NET Date: Sat, 27 Apr 2024 14:30:18 GMT Content-Length: 689
Certificate: Data: Version: 3 (0x2) Serial Number: 17:74:e8:90:00:00:00:00:00:1f Signature Algorithm: sha1WithRSAEncryption Issuer: DC=co, DC=barson, CN=barson-MAIL-CA Validity Not Before: Jan 4 14:40:35 2022 GMT Not After : Jan 4 14:40:35 2024 GMT Subject: C=US, ST=FL, L=Fort Pierce, O=Barson.co, OU=barson, CN=barson.co Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:98:ef:b3:75:01:d9:39:e9:5a:4b:8d:bd:27:20: 32:84:c1:0d:82:40:94:ae:8a:d0:d6:b8:4d:2c:12: 90:15:19:05:00:76:ee:5b:fc:ff:3e:22:aa:6c:2e: 14:d8:9a:08:93:68:0c:ba:fc:05:21:05:bf:b7:6b: 70:c3:dc:ab:99:e5:28:2d:9d:97:8e:f2:e6:1d:4d: 61:9b:05:5e:c2:71:f8:ff:f3:29:c6:90:e7:7b:b3: f9:87:97:b9:02:51:d4:da:cc:81:34:37:e2:39:8e: f6:69:3b:18:c2:a0:50:b8:86:0f:ac:91:b7:df:05: 28:7b:55:81:dd:e0:e4:f1:92:6d:53:95:22:e3:ae: a0:88:a9:11:31:12:7f:85:9e:40:2d:b4:ff:aa:53: 58:21:25:96:0a:d5:49:0c:81:be:b7:84:87:54:a3: 78:5e:03:41:f3:a3:71:54:9e:fc:d0:25:14:0a:06: 9f:65:71:c2:30:07:cd:28:62:12:22:93:42:4e:23: 53:8c:09:8b:a3:09:13:35:72:cb:f4:dd:d0:12:8b: 45:25:e6:2f:5a:29:c8:4b:f2:e4:27:48:09:13:62: d7:02:c4:04:b5:82:9d:f0:67:72:11:44:4c:d5:8a: f2:3e:d2:9d:36:71:2a:13:a4:f9:f5:77:64:65:85: dd:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment 1.3.6.1.4.1.311.20.2: ...W.e.b.S.e.r.v.e.r X509v3 Extended Key Usage: TLS Web Server Authentication X509v3 Subject Alternative Name: DNS:mail.barson.co, DNS:barson.co, DNS:autodiscover.barson.co, DNS:autodiscover.mmsi-fab.com, DNS:autodiscover.gravitystorm.us, DNS:autodiscover.nbarson.com, DNS:mmsi-fab.com, DNS:gravitystorm.us, DNS:nbarson.com, DNS:legacy.barson.co, DNS:legacy.mmsi-fab.com, DNS:legacy.gravitystorm.us, DNS:legacy.nbarson.com X509v3 Subject Key Identifier: A6:34:AE:4E:75:6F:A3:11:74:AC:B9:60:D1:41:3E:D5:04:75:CB:3B X509v3 Authority Key Identifier: A1:0C:7F:45:CB:92:05:A3:14:FA:80:1D:B1:6A:9A:31:EB:77:96:45 X509v3 CRL Distribution Points: Full Name: URI:ldap:///CN=barson-MAIL-CA,CN=MAIL,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=barson,DC=co?certificateRevocationList?base?objectClass=cRLDistributionPoint Authority Information Access: CA Issuers - URI:ldap:///CN=barson-MAIL-CA,CN=AIA,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=barson,DC=co?cACertificate?base?objectClass=certificationAuthority Signature Algorithm: sha1WithRSAEncryption Signature Value: 39:4a:bc:8e:ea:58:36:f0:8a:9a:71:ad:00:e7:db:fb:77:c4: 2c:f9:49:14:bf:bf:b8:31:be:07:37:c2:f8:aa:cf:b9:ba:5c: 1c:28:76:40:68:21:ab:36:5e:34:b8:ce:43:56:0d:e2:6d:01: b2:77:35:98:c5:3c:c9:68:49:ae:e6:7f:00:79:6f:58:3a:0f: 5b:13:d3:d9:3f:cb:c3:55:2a:52:6f:e5:98:bd:0e:1a:6b:f3: 17:ee:e9:f7:a4:19:b6:3b:e0:5f:3e:37:13:90:a5:ea:9e:ab: ff:1c:20:fc:c8:4c:e8:0c:84:72:30:dd:75:f9:e3:6f:94:76: ad:cc:6d:ea:b8:b8:48:c0:b1:d3:54:bb:35:3b:95:25:6e:7a: 8b:ad:6d:4f:6a:e1:06:a9:25:fb:58:a2:6c:ca:c1:eb:51:84: f7:fd:34:9f:b4:7a:60:9d:21:c2:cf:32:fd:06:85:e5:ab:3c: 9c:8e:38:23:1b:b7:e0:c8:73:5a:a6:65:83:76:a0:79:30:48: 47:aa:ee:a5:29:44:1f:3d:26:9b:4d:bb:5f:25:bd:00:eb:9a: c0:af:e2:4c:f1:82:cd:c3:15:23:8a:f9:c0:98:2a:34:db:55: 8c:9c:72:f7:5d:41:30:fc:73:0f:a4:a8:a8:ce:0a:44:a9:28: 52:16:1d:e4
1792467890 | 2024-05-01T17:33:14.853087587 / tcp
220 MAIL.barson.co Microsoft ESMTP MAIL Service ready at Wed, 1 May 2024 13:26:48 -0400 250-MAIL.barson.co Hello [224.20.185.243] 250-SIZE 47185920 250-PIPELINING 250-DSN 250-ENHANCEDSTATUSCODES 250-STARTTLS 250-AUTH GSSAPI NTLM 250-8BITMIME 250-BINARYMIME 250 CHUNKING SMTP NTLM Info: OS: Windows 7/Windows Server 2008 R2 OS Build: 6.1.7601 Target Name: BARSON NetBIOS Domain Name: BARSON NetBIOS Computer Name: MAIL DNS Domain Name: barson.co DNS Tree Name: barson.co FQDN: MAIL.barson.co
-1933380488 | 2024-05-02T17:22:38.292469593 / tcp
ncacn_http/1.0 Microsoft RPC Endpoint Mapper over HTTP d95afe70-a6d5-4259-822e-2c84da1ddb0d version: v1.0 protocol: [MS-RSP]: Remote Shutdown Protocol provider: wininit.exe ncacn_ip_tcp: 172.9.142.171:6005 ncalrpc: WindowsShutdown ncacn_np: \\MAIL\PIPE\InitShutdown ncalrpc: WMsgKRpc0A1A30 76f226c3-ec14-4325-8a99-6a46348418af version: v1.0 provider: winlogon.exe ncalrpc: WindowsShutdown ncacn_np: \\MAIL\PIPE\InitShutdown ncalrpc: WMsgKRpc0A1A30 ncalrpc: WMsgKRpc0A4141 c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 version: v1.0 annotation: Impl friendly name provider: sysntfy.dll ncalrpc: LRPC-31b878092e9c0f940c ncalrpc: RemoteAccessLrpc ncalrpc: VpnikeRpc ncalrpc: RasmanLrpc ncacn_np: \\MAIL\PIPE\ROUTER ncacn_np: \\MAIL\PIPE\srvsvc ncacn_ip_tcp: 172.9.142.171:6011 ncacn_np: \\MAIL\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE7A3E775B22314281B96283D2D3BF ncalrpc: IUserProfile2 ncalrpc: senssvc ncalrpc: OLE7A3E775B22314281B96283D2D3BF ncalrpc: IUserProfile2 ncalrpc: IUserProfile2 ncalrpc: IUserProfile2 ncalrpc: LRPC-90fb28e01675e977aa 24019106-a203-4642-b88d-82dae9158929 version: v1.0 provider: authui.dll ncalrpc: LRPC-45efa5497dc35f80e6 12345678-1234-abcd-ef00-01234567cffb version: v1.0 protocol: [MS-NRPC]: Netlogon Remote Protocol provider: netlogon.dll ncalrpc: OLE3F7D513504904588B03D3CAACDA6 ncacn_ip_http: 172.9.142.171:6004 ncacn_ip_http: 172.9.142.171:6010 ncalrpc: NTDS_LPC ncacn_ip_tcp: 172.9.142.171:6009 ncacn_ip_tcp: 172.9.142.171:6006 ncalrpc: samss lpc ncalrpc: dsrole ncacn_np: \\MAIL\PIPE\protected_storage ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncalrpc: LRPC-58733efbbfa8b8964c ncacn_np: \\MAIL\pipe\lsass 12345778-1234-abcd-ef00-0123456789ab version: v0.0 protocol: [MS-LSAT]: Local Security Authority (Translation Methods) Remote provider: lsasrv.dll ncalrpc: OLE3F7D513504904588B03D3CAACDA6 ncacn_ip_http: 172.9.142.171:6004 ncacn_ip_http: 172.9.142.171:6010 ncalrpc: NTDS_LPC ncacn_ip_tcp: 172.9.142.171:6009 ncacn_ip_tcp: 172.9.142.171:6006 ncalrpc: samss lpc ncalrpc: dsrole ncacn_np: \\MAIL\PIPE\protected_storage ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncalrpc: LRPC-58733efbbfa8b8964c ncacn_np: \\MAIL\pipe\lsass f5cc5a18-4264-101a-8c59-08002b2f8426 version: v56.0 annotation: MS NT Directory NSP Interface protocol: [MS-NSPI]: Name Service Provider Interface (NSPI) Protocol provider: ntdsai.dll ncalrpc: OLE3F7D513504904588B03D3CAACDA6 ncacn_ip_http: 172.9.142.171:6004 ncacn_ip_http: 172.9.142.171:6010 ncalrpc: NTDS_LPC ncacn_ip_tcp: 172.9.142.171:6009 ncacn_ip_tcp: 172.9.142.171:6006 ncalrpc: samss lpc ncalrpc: dsrole ncacn_np: \\MAIL\PIPE\protected_storage ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncalrpc: LRPC-58733efbbfa8b8964c ncacn_np: \\MAIL\pipe\lsass e3514235-4b06-11d1-ab04-00c04fc2dcd2 version: v4.0 annotation: MS NT Directory DRS Interface protocol: [MS-DRSR]: Directory Replication Service (DRS) Remote Protocol provider: ntdsai.dll ncalrpc: OLE3F7D513504904588B03D3CAACDA6 ncacn_ip_http: 172.9.142.171:6004 ncacn_ip_http: 172.9.142.171:6010 ncalrpc: NTDS_LPC ncacn_ip_tcp: 172.9.142.171:6009 ncacn_ip_tcp: 172.9.142.171:6006 ncalrpc: samss lpc ncalrpc: dsrole ncacn_np: \\MAIL\PIPE\protected_storage ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncalrpc: LRPC-58733efbbfa8b8964c ncacn_np: \\MAIL\pipe\lsass b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86 version: v1.0 annotation: KeyIso provider: keyiso.dll ncacn_ip_tcp: 172.9.142.171:6006 ncalrpc: samss lpc ncalrpc: dsrole ncacn_np: \\MAIL\PIPE\protected_storage ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncalrpc: LRPC-58733efbbfa8b8964c ncacn_np: \\MAIL\pipe\lsass 12345778-1234-abcd-ef00-0123456789ac version: v1.0 protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol provider: samsrv.dll ncacn_ip_tcp: 172.9.142.171:6006 ncalrpc: samss lpc ncalrpc: dsrole ncacn_np: \\MAIL\PIPE\protected_storage ncalrpc: protected_storage ncalrpc: lsasspirpc ncalrpc: lsapolicylookup ncalrpc: LSARPC_ENDPOINT ncalrpc: securityevent ncalrpc: audit ncalrpc: LRPC-58733efbbfa8b8964c ncacn_np: \\MAIL\pipe\lsass 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5 version: v1.0 annotation: DHCP Client LRPC Endpoint provider: dhcpcsvc.dll ncalrpc: dhcpcsvc ncalrpc: dhcpcsvc6 ncacn_ip_tcp: 172.9.142.171:6007 ncacn_np: \\MAIL\pipe\eventlog ncalrpc: eventlog 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6 version: v1.0 annotation: DHCPv6 Client LRPC Endpoint provider: dhcpcsvc6.dll ncalrpc: dhcpcsvc6 ncacn_ip_tcp: 172.9.142.171:6007 ncacn_np: \\MAIL\pipe\eventlog ncalrpc: eventlog 30adc50c-5cbc-46ce-9a0e-91914789e23c version: v1.0 annotation: NRP server endpoint provider: nrpsrv.dll ncacn_ip_tcp: 172.9.142.171:6007 ncacn_np: \\MAIL\pipe\eventlog ncalrpc: eventlog f6beaff7-1e19-4fbb-9f8f-b89e2018337c version: v1.0 annotation: Event log TCPIP protocol: [MS-EVEN6]: EventLog Remoting Protocol provider: wevtsvc.dll ncacn_ip_tcp: 172.9.142.171:6007 ncacn_np: \\MAIL\pipe\eventlog ncalrpc: eventlog 7d814569-35b3-4850-bb32-83035fcebf6e version: v1.0 annotation: IAS RPC server provider: ias.dll ncalrpc: RemoteAccessLrpc ncalrpc: VpnikeRpc ncalrpc: RasmanLrpc ncacn_np: \\MAIL\PIPE\ROUTER ncacn_np: \\MAIL\PIPE\srvsvc ncacn_ip_tcp: 172.9.142.171:6011 ncacn_np: \\MAIL\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE7A3E775B22314281B96283D2D3BF ncalrpc: IUserProfile2 30b044a5-a225-43f0-b3a4-e060df91f9c1 version: v1.0 provider: certprop.dll ncalrpc: RemoteAccessLrpc ncalrpc: VpnikeRpc ncalrpc: RasmanLrpc ncacn_np: \\MAIL\PIPE\ROUTER ncacn_np: \\MAIL\PIPE\srvsvc ncacn_ip_tcp: 172.9.142.171:6011 ncacn_np: \\MAIL\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE7A3E775B22314281B96283D2D3BF ncalrpc: IUserProfile2 552d076a-cb29-4e44-8b6a-d15e59e2c0af version: v1.0 annotation: IP Transition Configuration endpoint provider: iphlpsvc.dll ncacn_np: \\MAIL\PIPE\srvsvc ncacn_ip_tcp: 172.9.142.171:6011 ncacn_np: \\MAIL\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE7A3E775B22314281B96283D2D3BF ncalrpc: IUserProfile2 a398e520-d59a-4bdd-aa7a-3c1e0303a511 version: v1.0 annotation: IKE/Authip API provider: IKEEXT.DLL ncacn_np: \\MAIL\PIPE\srvsvc ncacn_ip_tcp: 172.9.142.171:6011 ncacn_np: \\MAIL\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE7A3E775B22314281B96283D2D3BF ncalrpc: IUserProfile2 98716d03-89ac-44c7-bb8c-285824e51c4a version: v1.0 annotation: XactSrv service provider: srvsvc.dll ncacn_ip_tcp: 172.9.142.171:6011 ncacn_np: \\MAIL\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE7A3E775B22314281B96283D2D3BF ncalrpc: IUserProfile2 86d35949-83c9-4044-b424-db363231fd0c version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: schedsvc.dll ncacn_ip_tcp: 172.9.142.171:6011 ncacn_np: \\MAIL\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE7A3E775B22314281B96283D2D3BF ncalrpc: IUserProfile2 378e52b0-c0a9-11cf-822d-00aa0051e40f version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: taskcomp.dll ncacn_np: \\MAIL\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE7A3E775B22314281B96283D2D3BF ncalrpc: IUserProfile2 1ff70682-0a51-30e8-076d-740be8cee98b version: v1.0 protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol provider: taskcomp.dll ncacn_np: \\MAIL\PIPE\atsvc ncalrpc: senssvc ncalrpc: OLE7A3E775B22314281B96283D2D3BF ncalrpc: IUserProfile2 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53 version: v1.0 provider: schedsvc.dll ncalrpc: senssvc ncalrpc: OLE7A3E775B22314281B96283D2D3BF ncalrpc: IUserProfile2 2eb08e3e-639f-4fba-97b1-14f878961076 version: v1.0 provider: gpsvc.dll ncalrpc: IUserProfile2 3473dd4d-2e88-4006-9cba-22570909dd10 version: v5.256 annotation: WinHttp Auto-Proxy Service ncacn_np: \\MAIL\PIPE\W32TIME_ALT ncalrpc: W32TIME_ALT ncalrpc: LRPC-b33e75778b8a87ddde ncalrpc: OLE6E4C12A4D0624536BB5557A5D275 7ea70bcf-48af-4f6a-8968-6a440754d5fa version: v1.0 annotation: NSI server endpoint provider: nsisvc.dll ncalrpc: LRPC-b33e75778b8a87ddde ncalrpc: OLE6E4C12A4D0624536BB5557A5D275 266f33b4-c7c1-4bd1-8f52-ddb8f2214ea9 version: v1.0 annotation: Wlan Service provider: wlansvc.dll ncalrpc: LRPC-90fb28e01675e977aa 25952c5d-7976-4aa1-a3cb-c35f7ae79d1b version: v1.256 annotation: Wireless Diagnostics ncalrpc: LRPC-90fb28e01675e977aa 2fb92682-6599-42dc-ae13-bd2ca89bd11c version: v1.0 annotation: Fw APIs provider: MPSSVC.dll ncalrpc: LRPC-0f2611f7de93220d53 7f9d11bf-7fb9-436b-a812-b2d50c5d4c03 version: v1.0 annotation: Fw APIs provider: MPSSVC.dll ncalrpc: LRPC-0f2611f7de93220d53 dd490425-5325-4565-b774-7e27d6c09c24 version: v1.0 annotation: Base Firewall Engine API provider: BFE.DLL ncalrpc: LRPC-0f2611f7de93220d53 4a452661-8290-4b36-8fbe-7f4093a94978 version: v1.0 annotation: Spooler function endpoint provider: spoolsv.exe ncalrpc: spoolss ncacn_ip_tcp: 172.9.142.171:6013 ncacn_np: \\MAIL\pipe\spoolss 0b6edbfa-4a24-4fc6-8a23-942b1eca65d1 version: v1.0 annotation: Spooler function endpoint protocol: [MS-PAN]: Print System Asynchronous Notification Protocol provider: spoolsv.exe ncalrpc: spoolss ncacn_ip_tcp: 172.9.142.171:6013 ncacn_np: \\MAIL\pipe\spoolss ae33069b-a2a8-46ee-a235-ddfd339be281 version: v1.0 annotation: Spooler base remote object endpoint protocol: [MS-PAN]: Print System Asynchronous Notification Protocol provider: spoolsv.exe ncalrpc: spoolss ncacn_ip_tcp: 172.9.142.171:6013 ncacn_np: \\MAIL\pipe\spoolss 76f03f96-cdfd-44fc-a22c-64950a001209 version: v1.0 annotation: Spooler function endpoint protocol: [MS-PAR]: Print System Asynchronous Remote Protocol provider: spoolsv.exe ncacn_ip_tcp: 172.9.142.171:6013 ncacn_np: \\MAIL\pipe\spoolss 88d01b61-c20b-4dc0-a4d9-1d72952e42b8 version: v1.0 annotation: Microsoft Exchange Forms Based Authentication RPC Interface ncalrpc: LRPC-949be9f80619874c4a 3cb4be69-9ba1-448c-9a44-a1f759a1878a version: v1.256 annotation: MS Exchange Recipient Update Service RPC Interface ncalrpc: LRPC-f5dd96ed246af45310 ncacn_ip_tcp: 172.9.142.171:9889 f930c514-1215-11d3-99a5-00a0c9b61b04 version: v1.0 annotation: MS Exchange System Attendant Cluster Interface ncalrpc: LRPC-f5dd96ed246af45310 ncacn_ip_tcp: 172.9.142.171:9889 83d72bf0-0d89-11ce-b13f-00aa003bac6c version: v6.0 annotation: MS Exchange System Attendant Private Interface ncalrpc: LRPC-f5dd96ed246af45310 ncacn_ip_tcp: 172.9.142.171:9889 469d6ec0-0d87-11ce-b13f-00aa003bac6c version: v16.256 annotation: MS Exchange System Attendant Public Interface ncalrpc: LRPC-f5dd96ed246af45310 ncacn_ip_tcp: 172.9.142.171:9889 50abc2a4-574d-40b3-9d66-ee4fd5fba076 version: v5.0 protocol: [MS-DNSP]: Domain Name Service (DNS) Server Management provider: dns.exe ncacn_ip_tcp: 172.9.142.171:9892 b9fadb8d-53a1-41d7-b763-88d884b6b829 version: v1.0 annotation: Microsoft Exchange Topology Information Server RPC Interface ncalrpc: LRPC-6e5db0c8bbb5703d5c ncacn_ip_tcp: 172.9.142.171:37073 1a9134dd-7b39-45ba-ad88-44d01ca47f28 version: v1.0 annotation: Message Queuing - RemoteRead V1 protocol: [MS-MQRR]: Message Queuing (MSMQ): provider: mqqm.dll ncacn_ip_tcp: 172.9.142.171:2105 ncacn_ip_tcp: 172.9.142.171:2103 ncacn_ip_tcp: 172.9.142.171:2107 ncacn_ip_tcp: 172.9.142.171:37075 ncalrpc: QMMgmtFacility$mail ncalrpc: QmReplService ncalrpc: QMsvc$mail 1088a980-eae5-11d0-8d9b-00a02453c337 version: v1.0 annotation: Message Queuing - QM2QM V1 protocol: [MS-MQQP]: Message Queuing (MSMQ): provider: mqqm.dll ncacn_ip_tcp: 172.9.142.171:2105 ncacn_ip_tcp: 172.9.142.171:2103 ncacn_ip_tcp: 172.9.142.171:2107 ncacn_ip_tcp: 172.9.142.171:37075 ncalrpc: QMMgmtFacility$mail ncalrpc: QmReplService ncalrpc: QMsvc$mail 76d12b80-3467-11d3-91ff-0090272f9ea3 version: v1.0 annotation: Message Queuing - QMRT V2 protocol: [MS-MQMP]: Message Queuing (MSMQ): provider: mqqm.dll ncacn_ip_tcp: 172.9.142.171:2105 ncacn_ip_tcp: 172.9.142.171:2103 ncacn_ip_tcp: 172.9.142.171:2107 ncacn_ip_tcp: 172.9.142.171:37075 ncalrpc: QMMgmtFacility$mail ncalrpc: QmReplService ncalrpc: QMsvc$mail fdb3a030-065f-11d1-bb9b-00a024ea5525 version: v1.0 annotation: Message Queuing - QMRT V1 protocol: [MS-MQMP]: Message Queuing (MSMQ): provider: mqqm.dll ncacn_ip_tcp: 172.9.142.171:2105 ncacn_ip_tcp: 172.9.142.171:2103 ncacn_ip_tcp: 172.9.142.171:2107 ncacn_ip_tcp: 172.9.142.171:37075 ncalrpc: QMMgmtFacility$mail ncalrpc: QmReplService ncalrpc: QMsvc$mail 938fe036-ede6-4f6c-966e-a3d7300279c8 version: v0.256 annotation: Exchange Server STORE EMSMDBPOOL Interface ncalrpc: OLE5541B3FAAF5A47EC8C6B28AB3B96 ncalrpc: MSExchangeIS_LPC ncacn_ip_http: 172.9.142.171:37084 ncacn_ip_tcp: 172.9.142.171:37083 31e68719-d4fc-401a-8788-bc56169a336b version: v0.256 annotation: Exchange Server STORE Async EMSMDBMT Interface ncalrpc: OLE5541B3FAAF5A47EC8C6B28AB3B96 ncalrpc: MSExchangeIS_LPC ncacn_ip_http: 172.9.142.171:37084 ncacn_ip_tcp: 172.9.142.171:37083 df831451-edad-415d-905f-9d3793f92db3 version: v0.20736 annotation: Exchange Server STORE EMSMDBMT Interface ncalrpc: OLE5541B3FAAF5A47EC8C6B28AB3B96 ncalrpc: MSExchangeIS_LPC ncacn_ip_http: 172.9.142.171:37084 ncacn_ip_tcp: 172.9.142.171:37083 a9e05b20-6f57-4e24-a540-52412017e6ff version: v1.0 annotation: Microsoft Information Store ncalrpc: MSExchangeIS_LPC ncacn_ip_tcp: 172.9.142.171:37083 0e4a0156-dd5d-11d2-8c2f-00c04fb6bcde version: v1.0 annotation: Microsoft Information Store ncalrpc: MSExchangeIS_LPC ncacn_ip_tcp: 172.9.142.171:37083 bf6dd426-77b4-44b3-984e-d413fc075562 version: v2.0 annotation: Microsoft Information Store ncalrpc: MSExchangeIS_LPC ncacn_ip_tcp: 172.9.142.171:37083 1453c42c-0fa6-11d2-a910-00c04f990f3b version: v1.0 annotation: Microsoft Information Store ncalrpc: MSExchangeIS_LPC ncacn_ip_tcp: 172.9.142.171:37083 10f24e8e-0fa6-11d2-a910-00c04f990f3b version: v1.0 annotation: Microsoft Information Store ncalrpc: MSExchangeIS_LPC ncacn_ip_tcp: 172.9.142.171:37083 da107c01-2b50-44d7-9d5f-bfd4fd8e95ed version: v5.0 annotation: Exchange Server STORE ADMIN Interface ncalrpc: MSExchangeIS_LPC ncacn_ip_http: 172.9.142.171:37084 ncacn_ip_tcp: 172.9.142.171:37083 99e64010-b032-11d0-97a4-00c04fd6551d version: v4.0 annotation: Exchange Server STORE ADMIN Interface ncalrpc: MSExchangeIS_LPC ncacn_ip_http: 172.9.142.171:37084 ncacn_ip_tcp: 172.9.142.171:37083 89742ace-a9ed-11cf-9c0c-08002be7ae86 version: v2.0 annotation: Exchange Server STORE ADMIN Interface ncalrpc: MSExchangeIS_LPC ncacn_ip_http: 172.9.142.171:37084 ncacn_ip_tcp: 172.9.142.171:37083 91ae6020-9e3c-11cf-8d7c-00aa00c091be version: v0.0 protocol: [MS-ICPR]: ICertPassage Remote Protocol provider: certsrv.exe ncacn_ip_tcp: 172.9.142.171:37104 ncacn_np: \\MAIL\pipe\cert ncalrpc: OLE6EFF2198D2204104BD2392A0448E 1544f5e0-613c-11d1-93df-00c04fd7bd09 version: v1.0 annotation: Microsoft Exchange RFR Interface protocol: [MS-OXABREF]: Address Book Name Service Provider Interface (NSPI) Referral Protocol ncacn_ip_http: 172.9.142.171:6002 ncacn_ip_tcp: 172.9.142.171:37126 f1f21151-7185-4170-ac8d-9bb077c29bd3 version: v1.0 ncalrpc: LRPC-90350debcf5dfb8f4a ncacn_ip_tcp: 172.9.142.171:37127 5df3c257-334b-4e96-9efb-a0619255be09 version: v1.0 annotation: 3264 MSExchangeMailSubmission ncalrpc: LRPC-e60b3182f64fb5e3e2 ncacn_ip_tcp: 172.9.142.171:37164 ncalrpc: LRPC-e60b3182f64fb5e3e2 ncacn_ip_tcp: 172.9.142.171:37164 ncalrpc: LRPC-f0c199348f688455b7 ncacn_ip_tcp: 172.9.142.171:37219 ncalrpc: LRPC-f0c199348f688455b7 ncacn_ip_tcp: 172.9.142.171:37219 d9318e75-8a8b-4abb-88e7-aceb01f09e60 version: v1.0 ncalrpc: LRPC-18fb919110450a1bca ncacn_ip_tcp: 172.9.142.171:37173 4d88f820-8c32-4453-9e30-7297e2fcf025 version: v1.0 ncalrpc: LRPC-b9bfaa7adbdcf8aeec ncacn_ip_tcp: 172.9.142.171:37178 5261574a-4572-206e-b268-6b199213b4e4 version: v0.256 protocol: [MS-OXCRPC]: Wire Format Protocol ncacn_ip_http: 172.9.142.171:6001 ncacn_ip_tcp: 172.9.142.171:37195 a4f1db00-ca47-1067-b31f-00dd010662da version: v0.20736 protocol: [MS-OXCRPC]: Wire Format Protocol ncacn_ip_http: 172.9.142.171:6001 ncacn_ip_tcp: 172.9.142.171:37195 4a020372-bb0a-4031-a5a7-7c6896522c00 version: v1.0 ncalrpc: LRPC-d62bd79378a4ed702a ncacn_ip_tcp: 172.9.142.171:37203 76c0d124-a18e-49d4-adf1-d8c6ba868ea6 version: v1.0 ncalrpc: LRPC-d62bd79378a4ed702a ncacn_ip_tcp: 172.9.142.171:37203 37fc1b02-da36-4b27-a745-bf2f58a98ff6 version: v3.0 ncalrpc: LRPC-052b1e89e4d1d2f39f ncacn_ip_tcp: 172.9.142.171:37205 f224209f-9076-40f7-98ad-5416dbfa178e version: v3.0 ncalrpc: LRPC-052b1e89e4d1d2f39f ncacn_ip_tcp: 172.9.142.171:37205 abb2ba17-588c-4c52-8dd9-c9a7030bdf26 version: v1.0 ncalrpc: LRPC-acb71c55853d25581e ncacn_ip_tcp: 172.9.142.171:37206 52d3f3f5-248c-4d74-a01f-a06e41d5cd59 version: v1.0 ncalrpc: LRPC-7b21f217ec8292369f ncacn_ip_tcp: 172.9.142.171:37209 41f5fae1-e0ac-414c-a721-0d287466cb23 version: v1.0 ncalrpc: LRPC-f0c199348f688455b7 ncacn_ip_tcp: 172.9.142.171:37219 bd5790c9-d855-42b0-990f-3dfed8c184b3 version: v1.0 ncalrpc: LRPC-f0c199348f688455b7 ncacn_ip_tcp: 172.9.142.171:37219 8384fc47-956a-4d1e-ab2a-1205014f96ec version: v1.0 ncalrpc: LRPC-f0c199348f688455b7 ncacn_ip_tcp: 172.9.142.171:37219 46ea9280-5bbf-445e-831d-41d0f60f503a version: v1.0 annotation: ADFS Web Agent Authentication Service provider: ifssvc.exe ncalrpc: ssosvc 2f5f6521-cb55-1059-b446-00df0bce31db version: v1.0 annotation: Unimodem LRPC Endpoint ncalrpc: unimdmsvc ncalrpc: tapsrvlpc ncacn_np: \\MAIL\pipe\tapsrv 12d4b7c8-77d5-11d1-8c24-00c04fa3080d version: v1.0 provider: lserver.dll ncacn_ip_tcp: 172.9.142.171:37233 ncacn_np: \\MAIL\pipe\HydraLsPipe ncalrpc: LRPC-ae6b48afcc3645238f 3d267954-eeb7-11d1-b94e-00c04fa3080d version: v1.0 provider: lserver.dll ncacn_ip_tcp: 172.9.142.171:37233 ncacn_np: \\MAIL\pipe\HydraLsPipe ncalrpc: LRPC-ae6b48afcc3645238f 367abb81-9844-35f1-ad32-98f038001003 version: v2.0 protocol: [MS-SCMR]: Service Control Manager Remote Protocol provider: services.exe ncacn_ip_tcp: 172.9.142.171:37260 12345678-1234-abcd-ef00-0123456789ab version: v1.0 annotation: IPSec Policy agent endpoint protocol: [MS-RPRN]: Print System Remote Protocol provider: spoolsv.exe ncalrpc: LRPC-19aecf8f8e79a45a20 ncacn_ip_tcp: 172.9.142.171:37261 6b5bdd1e-528c-422c-af8c-a4079be4fe48 version: v1.0 annotation: Remote Fw APIs protocol: [MS-FASP]: Firewall and Advanced Security Protocol provider: FwRemoteSvr.dll ncacn_ip_tcp: 172.9.142.171:37261 897e2e5f-93f3-4376-9c9c-fd2277495c27 version: v1.0 annotation: Frs2 Service protocol: [MS-FRS2]: Distributed File System Replication Protocol provider: dfsrmig.exe ncacn_ip_tcp: 172.9.142.171:5722 ncalrpc: OLE5CC37F585CC64B309D13E1819DA0 906b0ce0-c70b-1067-b317-00dd010662da version: v1.0 protocol: [MS-CMPO]: MSDTC Connection Manager: provider: msdtcprx.dll ncalrpc: OLE9D79FC1A5FEA4D4B91AB7BDEE5B1 ncacn_ip_tcp: 172.9.142.171:37342 ncalrpc: LRPC-a08d71ebd0f349861c ncalrpc: OLE9D79FC1A5FEA4D4B91AB7BDEE5B1 ncacn_ip_tcp: 172.9.142.171:37342 ncalrpc: LRPC-a08d71ebd0f349861c ncacn_ip_tcp: 172.9.142.171:37342 ncalrpc: LRPC-a08d71ebd0f349861c ncacn_ip_tcp: 172.9.142.171:37342 ncalrpc: LRPC-a08d71ebd0f349861c ncacn_ip_tcp: 172.9.142.171:37342 ncalrpc: LRPC-a08d71ebd0f349861c ncacn_ip_tcp: 172.9.142.171:37342 ncalrpc: LRPC-a08d71ebd0f349861c 3357951c-a1d1-47db-a278-ab945d063d03 version: v1.0 provider: LBService.dll ncacn_ip_tcp: 172.9.142.171:37386 958f92d8-da20-467a-bbe3-65e7e9b4edcf version: v1.0 annotation: TsProxyMgmt protocol: [MS-TSGU]: Terminal Services Gateway Server Management Interface ncalrpc: AAGMgmt ncacn_ip_http: 172.9.142.171:3388 44e265dd-7daf-42cd-8560-3cdb6e7a2729 version: v1.768 annotation: TsProxy protocol: [MS-TSGU]: Terminal Services Gateway Server Protocol ncalrpc: AAGMgmt ncacn_ip_http: 172.9.142.171:3388
2104113367 | 2024-05-03T01:09:58.444897636 / tcp
LDAP: CurrentTime: 20240503010328.0Z SubschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=barson,DC=co DsServiceName: CN=NTDS Settings,CN=MAIL,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=barson,DC=co NamingContexts: CN=Configuration,DC=barson,DC=co CN=Schema,CN=Configuration,DC=barson,DC=co DC=DomainDnsZones,DC=barson,DC=co DC=ForestDnsZones,DC=barson,DC=co DC=barson,DC=co DefaultNamingContext: DC=barson,DC=co SchemaNamingContext: CN=Schema,CN=Configuration,DC=barson,DC=co ConfigurationNamingContext: CN=Configuration,DC=barson,DC=co RootDomainNamingContext: DC=barson,DC=co SupportedControl: 1.2.840.113556.1.4.1338 1.2.840.113556.1.4.1339 1.2.840.113556.1.4.1340 1.2.840.113556.1.4.1341 1.2.840.113556.1.4.1413 1.2.840.113556.1.4.1504 1.2.840.113556.1.4.1852 1.2.840.113556.1.4.1907 1.2.840.113556.1.4.1948 1.2.840.113556.1.4.1974 1.2.840.113556.1.4.2026 1.2.840.113556.1.4.2064 1.2.840.113556.1.4.2065 1.2.840.113556.1.4.2066 1.2.840.113556.1.4.319 1.2.840.113556.1.4.417 1.2.840.113556.1.4.473 1.2.840.113556.1.4.474 1.2.840.113556.1.4.521 1.2.840.113556.1.4.528 1.2.840.113556.1.4.529 1.2.840.113556.1.4.619 1.2.840.113556.1.4.801 1.2.840.113556.1.4.802 1.2.840.113556.1.4.805 1.2.840.113556.1.4.841 1.2.840.113556.1.4.970 2.16.840.1.113730.3.4.10 2.16.840.1.113730.3.4.9 SupportedLDAPVersion: 2 3 SupportedLDAPPolicies: InitRecvTimeout MaxConnIdleTime MaxConnections MaxDatagramRecv MaxNotificationPerConn MaxPageSize MaxPoolThreads MaxQueryDuration MaxReceiveBuffer MaxResultSetSize MaxResultSetsPerConn MaxTempTableSize MaxValRange MinResultSets SystemMemoryLimitPercent ThreadMemoryLimit HighestCommittedUSN: 192073628 SupportedSASLMechanisms: DIGEST-MD5 EXTERNAL GSS-SPNEGO GSSAPI DnsHostName: MAIL.barson.co LdapServiceName: barson.co:mail$@BARSON.CO ServerName: CN=MAIL,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=barson,DC=co SupportedCapabilities: 1.2.840.113556.1.4.1670 1.2.840.113556.1.4.1791 1.2.840.113556.1.4.1935 1.2.840.113556.1.4.2080 1.2.840.113556.1.4.800 IsSynchronized: TRUE IsGlobalCatalogReady: TRUE SupportedExtension: 1.2.840.113556.1.4.1781 1.3.6.1.4.1.1466.101.119.1 1.3.6.1.4.1.1466.20037 1.3.6.1.4.1.4203.1.11.3 DomainFunctionality: 4 ForestFunctionality: 4
Certificate: Data: Version: 3 (0x2) Serial Number: 13:70:23:4a:00:00:00:00:00:23 Signature Algorithm: sha1WithRSAEncryption Issuer: DC=co, DC=barson, CN=barson-MAIL-CA Validity Not Before: Feb 4 19:40:35 2024 GMT Not After : Feb 3 19:40:35 2025 GMT Subject: CN=MAIL.barson.co Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:d1:27:52:f5:5b:0a:50:dc:b5:38:63:5e:a8:d8: 4c:eb:a7:35:c2:f2:f6:ae:3f:b4:74:2f:c6:ff:b4: 70:ff:1a:52:27:37:f3:7e:4d:f1:64:6a:f6:1e:bd: e4:29:02:45:d3:c8:bc:66:be:58:83:df:e2:c1:86: 93:f7:78:ce:fd:e0:5d:06:41:b1:b4:6f:11:7c:77: b4:c6:2e:37:84:b1:df:04:68:2c:5a:6b:38:49:17: 42:54:36:5e:fc:49:5e:21:4a:6e:0a:11:c0:93:a2: d2:72:92:d6:bc:ab:29:8e:8c:cb:10:a1:32:5c:e3: 65:e9:1b:0b:89:e1:f8:7b:4b:fe:b0:88:f6:f5:d9: 4b:7f:ac:20:73:28:ca:e5:1f:c3:3c:48:fc:c2:b4: d7:c5:05:f5:76:ec:8f:16:05:3c:52:d5:bc:32:0f: 67:26:7e:d1:3b:78:8c:2b:e3:83:e8:cf:5e:59:63: 27:d6:27:35:28:b4:b2:4a:c7:d0:cd:4b:40:20:be: e1:92:56:e3:5b:1e:ef:0c:f9:c6:b9:0c:a7:3d:32: c5:18:85:27:59:50:84:8b:f0:f9:81:b1:7c:a7:08: a2:92:60:86:f3:b1:39:67:fb:22:6e:73:6c:3d:2b: d2:9d:56:2c:97:fb:d3:86:50:dc:0b:ea:16:b2:c8: 85:15 Exponent: 65537 (0x10001) X509v3 extensions: 1.3.6.1.4.1.311.20.2: . .D.o.m.a.i.n.C.o.n.t.r.o.l.l.e.r X509v3 Extended Key Usage: TLS Web Client Authentication, TLS Web Server Authentication X509v3 Key Usage: critical Digital Signature, Key Encipherment S/MIME Capabilities: 0i0...*.H.. ......0...*.H.. ......0...`.H.e...*0...`.H.e...-0...`.H.e....0...`.H.e....0...+....0 ..*.H.. .. X509v3 Subject Alternative Name: othername: 1.3.6.1.4.1.311.25.1::<unsupported>, DNS:MAIL.barson.co X509v3 Subject Key Identifier: DD:A7:7E:1B:81:8F:11:AC:D7:49:8A:C9:CF:DC:C6:03:AC:35:A3:FD X509v3 Authority Key Identifier: A1:0C:7F:45:CB:92:05:A3:14:FA:80:1D:B1:6A:9A:31:EB:77:96:45 X509v3 CRL Distribution Points: Full Name: URI:ldap:///CN=barson-MAIL-CA,CN=MAIL,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=barson,DC=co?certificateRevocationList?base?objectClass=cRLDistributionPoint Authority Information Access: CA Issuers - URI:ldap:///CN=barson-MAIL-CA,CN=AIA,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=barson,DC=co?cACertificate?base?objectClass=certificationAuthority Signature Algorithm: sha1WithRSAEncryption Signature Value: 96:54:4f:bb:36:ce:bd:a4:09:f8:41:bc:01:66:71:fe:08:4e: 0f:d2:8b:2e:91:c1:86:93:74:59:6d:aa:45:17:89:90:3d:7c: fd:bc:f6:67:26:ec:96:8f:52:ef:bf:ad:60:52:cc:c1:ff:5f: 42:29:0a:04:2f:74:e4:cb:27:dc:30:dd:8c:36:b0:a3:b1:8e: 29:f3:15:2d:8c:4f:75:80:0c:20:00:34:b2:88:4a:91:28:66: 84:e8:14:61:ab:40:b3:eb:00:44:18:19:13:f9:f7:5e:ae:99: 10:07:b4:91:f6:db:4f:e1:27:7a:30:72:f2:17:70:ae:70:76: 7f:ff:5d:b3:0a:83:38:ce:b1:cf:3c:86:7e:ee:ea:7b:0e:66: 24:e9:77:88:14:12:40:d0:c4:d4:2b:95:7d:1e:4b:b9:7b:ce: cb:fc:18:b9:18:48:88:22:75:03:9f:08:6b:47:cb:46:d8:dd: 0d:f4:c7:51:91:b7:fc:8b:3b:e3:ff:e9:b1:dc:10:c7:5f:67: ed:dc:e8:39:5a:ed:da:32:b5:47:f4:d8:f4:30:51:8e:5b:25: 6e:0b:ce:bf:04:47:58:d0:bd:c6:8b:8f:1d:2d:d8:79:e0:23: fa:cd:ad:e2:05:07:ef:14:e7:4f:2a:e2:23:fb:23:ae:5d:74: bf:25:16:37
-2086905017 | 2024-04-23T19:43:17.004914995 / tcp
-ERR Connection is closed. 13\r\n
941448006 | 2024-04-28T16:51:13.6146571723 / tcp
PPTP: Firmware: 0 Hostname: Vendor: Microsoft
-557840852 | 2024-04-16T01:42:34.1702311801 / tcp
\x10Z\x0b\x00LIOR<\x02\x00\x00\xff\xff\xff\xff\x00\x00\x12\x00\x06U=Q6\xdf\xc7@\x96C\x17\\<\xe7l\xaa\x90h\x9en\x93 \xc8C\x93\x84\xab\x0fe+\x7f|\x00\x00\x00\x00\x10\x02\x00\x00ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ
1664454178 | 2024-04-27T05:31:42.6237743268 / tcp
0\x84\x00\x00\n0\x02\x01\x02d\x84\x00\x00\n\'\x04\x000\x84\x00\x00\n\x1f0\x84\x00\x00\x00&\x04\x0bcurrentTime1\x84\x00\x00\x00\x13\x04\x1120240427052525.0Z0\x84\x00\x00\x00R\x04\x11subschemaSubentry1\x84\x00\x00\x009\x047CN=Aggregate,CN=Schema,CN=Configuration,DC=barson,DC=co0\x84\x00\x00\x00\x7f\x04\rdsServiceName1\x84\x00\x00\x00j\x04hCN=NTDS Settings,CN=MAIL,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=barson,DC=co0\x84\x00\x00\x00\xbb\x04\x0enamingContexts1\x84\x00\x00\x00\xa5\x04\x0fDC=barson,DC=co\x04 CN=Configuration,DC=barson,DC=co\x04*CN=Schema,CN=Configuration,DC=barson,DC=co\x04!DC=DomainDnsZones,DC=barson,DC=co\x04!DC=ForestDnsZones,DC=barson,DC=co0\x84\x00\x00\x00-\x04\x14defaultNamingContext1\x84\x00\x00\x00\x11\x04\x0fDC=barson,DC=co0\x84\x00\x00\x00G\x04\x13schemaNamingContext1\x84\x00\x00\x00,\x04*CN=Schema,CN=Configuration,DC=barson,DC=co0\x84\x00\x00\x00D\x04\x1aconfigurationNamingContext1\x84\x00\x00\x00"\x04 CN=Configuration,DC=barson,DC=co0\x84\x00\x00\x000\x04\x17rootDomainNamingContext1\x84\x00\x00\x00\x11\x04\x0fDC=barson,DC=co0\x84\x00\x00\x02\xe1\x04\x10supportedControl1\x84\x00\x00\x02\xc9\x04\x161.2.840.113556.1.4.319\x04\x161.2.840.113556.1.4.801\x04\x161.2.840.113556.1.4.473\x04\x161.2.840.113556.1.4.528\x04\x161.2.840.113556.1.4.417\x04\x161.2.840.113556.1.4.619\x04\x161.2.840.113556.1.4.841\x04\x161.2.840.113556.1.4.529\x04\x161.2.840.113556.1.4.805\x04\x161.2.840.113556.1.4.521\x04\x161.2.840.113556.1.4.970\x04\x171.2.840.113556.1.4.1338\x04\x161.2.840.113556.1.4.474\x04\x171.2.840.113556.1.4.1339\x04\x171.2.840.113556.1.4.1340\x04\x171.2.840.113556.1.4.1413\x04\x172.16.840.1.113730.3.4.9\x04\x182.16.840.1.113730.3.4.10\x04\x171.2.840.113556.1.4.1504\x04\x171.2.840.113556.1.4.1852\x04\x161.2.840.113556.1.4.802\x04\x171.2.840.113556.1.4.1907\x04\x171.2.840.113556.1.4.1948\x04\x171.2.840.113556.1.4.1974\x04\x171.2.840.113556.1.4.1341\x04\x171.2.840.113556.1.4.2026\x04\x171.2.840.113556.1.4.2064\x04\x171.2.840.113556.1
-291269041 | 2024-04-26T16:29:54.0328433269 / tcp
LDAP: CurrentTime: 20240426162330.0Z SubschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=barson,DC=co DsServiceName: CN=NTDS Settings,CN=MAIL,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=barson,DC=co NamingContexts: CN=Configuration,DC=barson,DC=co CN=Schema,CN=Configuration,DC=barson,DC=co DC=DomainDnsZones,DC=barson,DC=co DC=ForestDnsZones,DC=barson,DC=co DC=barson,DC=co DefaultNamingContext: DC=barson,DC=co SchemaNamingContext: CN=Schema,CN=Configuration,DC=barson,DC=co ConfigurationNamingContext: CN=Configuration,DC=barson,DC=co RootDomainNamingContext: DC=barson,DC=co SupportedControl: 1.2.840.113556.1.4.1338 1.2.840.113556.1.4.1339 1.2.840.113556.1.4.1340 1.2.840.113556.1.4.1341 1.2.840.113556.1.4.1413 1.2.840.113556.1.4.1504 1.2.840.113556.1.4.1852 1.2.840.113556.1.4.1907 1.2.840.113556.1.4.1948 1.2.840.113556.1.4.1974 1.2.840.113556.1.4.2026 1.2.840.113556.1.4.2064 1.2.840.113556.1.4.2065 1.2.840.113556.1.4.2066 1.2.840.113556.1.4.319 1.2.840.113556.1.4.417 1.2.840.113556.1.4.473 1.2.840.113556.1.4.474 1.2.840.113556.1.4.521 1.2.840.113556.1.4.528 1.2.840.113556.1.4.529 1.2.840.113556.1.4.619 1.2.840.113556.1.4.801 1.2.840.113556.1.4.802 1.2.840.113556.1.4.805 1.2.840.113556.1.4.841 1.2.840.113556.1.4.970 2.16.840.1.113730.3.4.10 2.16.840.1.113730.3.4.9 SupportedLDAPVersion: 2 3 SupportedLDAPPolicies: InitRecvTimeout MaxConnIdleTime MaxConnections MaxDatagramRecv MaxNotificationPerConn MaxPageSize MaxPoolThreads MaxQueryDuration MaxReceiveBuffer MaxResultSetSize MaxResultSetsPerConn MaxTempTableSize MaxValRange MinResultSets SystemMemoryLimitPercent ThreadMemoryLimit HighestCommittedUSN: 191663256 SupportedSASLMechanisms: DIGEST-MD5 EXTERNAL GSS-SPNEGO GSSAPI DnsHostName: MAIL.barson.co LdapServiceName: barson.co:mail$@BARSON.CO ServerName: CN=MAIL,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=barson,DC=co SupportedCapabilities: 1.2.840.113556.1.4.1670 1.2.840.113556.1.4.1791 1.2.840.113556.1.4.1935 1.2.840.113556.1.4.2080 1.2.840.113556.1.4.800 IsSynchronized: TRUE IsGlobalCatalogReady: TRUE SupportedExtension: 1.2.840.113556.1.4.1781 1.3.6.1.4.1.1466.101.119.1 1.3.6.1.4.1.1466.20037 1.3.6.1.4.1.4203.1.11.3 DomainFunctionality: 4 ForestFunctionality: 4
Certificate: Data: Version: 3 (0x2) Serial Number: 13:70:23:4a:00:00:00:00:00:23 Signature Algorithm: sha1WithRSAEncryption Issuer: DC=co, DC=barson, CN=barson-MAIL-CA Validity Not Before: Feb 4 19:40:35 2024 GMT Not After : Feb 3 19:40:35 2025 GMT Subject: CN=MAIL.barson.co Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:d1:27:52:f5:5b:0a:50:dc:b5:38:63:5e:a8:d8: 4c:eb:a7:35:c2:f2:f6:ae:3f:b4:74:2f:c6:ff:b4: 70:ff:1a:52:27:37:f3:7e:4d:f1:64:6a:f6:1e:bd: e4:29:02:45:d3:c8:bc:66:be:58:83:df:e2:c1:86: 93:f7:78:ce:fd:e0:5d:06:41:b1:b4:6f:11:7c:77: b4:c6:2e:37:84:b1:df:04:68:2c:5a:6b:38:49:17: 42:54:36:5e:fc:49:5e:21:4a:6e:0a:11:c0:93:a2: d2:72:92:d6:bc:ab:29:8e:8c:cb:10:a1:32:5c:e3: 65:e9:1b:0b:89:e1:f8:7b:4b:fe:b0:88:f6:f5:d9: 4b:7f:ac:20:73:28:ca:e5:1f:c3:3c:48:fc:c2:b4: d7:c5:05:f5:76:ec:8f:16:05:3c:52:d5:bc:32:0f: 67:26:7e:d1:3b:78:8c:2b:e3:83:e8:cf:5e:59:63: 27:d6:27:35:28:b4:b2:4a:c7:d0:cd:4b:40:20:be: e1:92:56:e3:5b:1e:ef:0c:f9:c6:b9:0c:a7:3d:32: c5:18:85:27:59:50:84:8b:f0:f9:81:b1:7c:a7:08: a2:92:60:86:f3:b1:39:67:fb:22:6e:73:6c:3d:2b: d2:9d:56:2c:97:fb:d3:86:50:dc:0b:ea:16:b2:c8: 85:15 Exponent: 65537 (0x10001) X509v3 extensions: 1.3.6.1.4.1.311.20.2: . .D.o.m.a.i.n.C.o.n.t.r.o.l.l.e.r X509v3 Extended Key Usage: TLS Web Client Authentication, TLS Web Server Authentication X509v3 Key Usage: critical Digital Signature, Key Encipherment S/MIME Capabilities: 0i0...*.H.. ......0...*.H.. ......0...`.H.e...*0...`.H.e...-0...`.H.e....0...`.H.e....0...+....0 ..*.H.. .. X509v3 Subject Alternative Name: othername: 1.3.6.1.4.1.311.25.1::<unsupported>, DNS:MAIL.barson.co X509v3 Subject Key Identifier: DD:A7:7E:1B:81:8F:11:AC:D7:49:8A:C9:CF:DC:C6:03:AC:35:A3:FD X509v3 Authority Key Identifier: A1:0C:7F:45:CB:92:05:A3:14:FA:80:1D:B1:6A:9A:31:EB:77:96:45 X509v3 CRL Distribution Points: Full Name: URI:ldap:///CN=barson-MAIL-CA,CN=MAIL,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=barson,DC=co?certificateRevocationList?base?objectClass=cRLDistributionPoint Authority Information Access: CA Issuers - URI:ldap:///CN=barson-MAIL-CA,CN=AIA,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=barson,DC=co?cACertificate?base?objectClass=certificationAuthority Signature Algorithm: sha1WithRSAEncryption Signature Value: 96:54:4f:bb:36:ce:bd:a4:09:f8:41:bc:01:66:71:fe:08:4e: 0f:d2:8b:2e:91:c1:86:93:74:59:6d:aa:45:17:89:90:3d:7c: fd:bc:f6:67:26:ec:96:8f:52:ef:bf:ad:60:52:cc:c1:ff:5f: 42:29:0a:04:2f:74:e4:cb:27:dc:30:dd:8c:36:b0:a3:b1:8e: 29:f3:15:2d:8c:4f:75:80:0c:20:00:34:b2:88:4a:91:28:66: 84:e8:14:61:ab:40:b3:eb:00:44:18:19:13:f9:f7:5e:ae:99: 10:07:b4:91:f6:db:4f:e1:27:7a:30:72:f2:17:70:ae:70:76: 7f:ff:5d:b3:0a:83:38:ce:b1:cf:3c:86:7e:ee:ea:7b:0e:66: 24:e9:77:88:14:12:40:d0:c4:d4:2b:95:7d:1e:4b:b9:7b:ce: cb:fc:18:b9:18:48:88:22:75:03:9f:08:6b:47:cb:46:d8:dd: 0d:f4:c7:51:91:b7:fc:8b:3b:e3:ff:e9:b1:dc:10:c7:5f:67: ed:dc:e8:39:5a:ed:da:32:b5:47:f4:d8:f4:30:51:8e:5b:25: 6e:0b:ce:bf:04:47:58:d0:bd:c6:8b:8f:1d:2d:d8:79:e0:23: fa:cd:ad:e2:05:07:ef:14:e7:4f:2a:e2:23:fb:23:ae:5d:74: bf:25:16:37
1308377066 | 2024-05-01T02:55:58.6300763388 / tcp
ncacn_http/1.0
1304021496 | 2024-04-17T10:56:35.0344853389 / tcp
Remote Desktop Protocol \x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\t\x08\x00\x02\x00\x00\x00
1308377066 | 2024-04-24T13:21:21.0462996001 / tcp
ncacn_http/1.0
1308377066 | 2024-04-23T11:10:19.1794356002 / tcp
ncacn_http/1.0
1308377066 | 2024-04-17T04:00:13.1933456010 / tcp
ncacn_http/1.0