2106029661 | 2024-03-31T04:34:43.898967
25 /
tcp
220 ex.mail.ovh.net Microsoft ESMTP MAIL Service ready at Sun, 31 Mar 2024 06:34:35 +0200
250-ex.mail.ovh.net Hello [224.125.198.107]
250-SIZE 104857600
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-AUTH NTLM
250-8BITMIME
250-BINARYMIME
250 CHUNKING
SMTP NTLM Info:
OS: Windows 10 (version 1607)/Windows Server 2016 (version 1607)
OS Build: 10.0.14393
Target Name: INDIV
NetBIOS Domain Name: INDIV
NetBIOS Computer Name: CAS21
DNS Domain Name: indiv.local
DNS Tree Name: indiv.local
FQDN: CAS21.indiv.local
-856919827 | 2024-04-17T23:26:11.983507
80 /
tcp
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Location: https://51.195.55.114/
Server: Microsoft-IIS/10.0
Date: Wed, 17 Apr 2024 23:26:11 GMT
Content-Length: 145
-371045384 | 2024-04-17T23:26:16.009259
443 /
tcp
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Location: https://cluster1.adfs.ovh.net/adfs/ls/?wa=wsignin1.0&wtrealm=https%3a%2f%2f51.195.55.114%2fowa%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fowa%252f&wct=2024-04-17T23%3a26%3a15Z
Server: Microsoft-IIS/10.0
request-id: 28e3908f-59b1-4616-902d-52b94659787f
X-OWA-Version: 15.1.2507.37
X-Powered-By: ASP.NET
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-FEServer: CAS21
Date: Wed, 17 Apr 2024 23:26:15 GMT
Content-Length: 303
Microsoft Exchange:
Build Number: 15.1.2507.37
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:a1:51:fd:0d:7f:d8:47:ed:d7:f5:e2:3d:5a:4b:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
Validity
Not Before: Dec 11 00:00:00 2023 GMT
Not After : Dec 10 23:59:59 2024 GMT
Subject: CN=ex.mail.ovh.net
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (4096 bit)
Modulus:
00:a3:80:ff:62:84:60:76:31:99:cf:8c:df:84:88:
b0:df:4a:23:37:cb:c8:a7:88:28:19:ca:f2:a9:56:
ec:47:6b:d1:7f:de:fd:04:41:76:85:60:61:96:0c:
cf:a6:00:d1:2f:db:cf:0e:06:b2:e6:13:9c:e8:83:
6a:6d:23:8d:ea:bd:74:ea:c2:bd:8a:5e:b1:18:9a:
cd:8d:7b:f4:d5:1f:79:a4:51:ba:52:91:ee:14:05:
9d:87:75:88:50:fd:42:b8:61:23:c4:03:f1:4e:0b:
62:aa:3a:c5:d8:ee:ef:07:a8:46:44:4b:fd:6c:83:
47:1e:38:2b:c4:78:31:b8:43:f7:53:32:de:5e:00:
3e:5a:c4:1e:2a:44:b6:90:8b:28:00:ae:34:42:e6:
bb:8b:10:2b:76:37:89:7f:b9:8e:8a:e0:25:c2:a2:
48:4e:7c:45:be:1e:21:d1:6b:42:af:7c:6c:2e:6c:
e8:23:a1:ee:95:85:a0:14:c2:1c:12:78:85:6a:cf:
be:7d:bf:2b:d5:e9:d4:d3:8c:88:0d:b1:e2:74:43:
81:49:c2:64:8d:00:59:c7:bb:bb:2a:42:23:c9:43:
8e:ee:e2:23:d9:64:da:f0:19:c3:2f:f2:17:ff:95:
98:23:da:7a:f0:c3:68:a0:b2:c7:96:94:11:2b:9c:
82:d5:76:c3:54:2e:43:e2:d5:3b:45:5c:ad:ad:a4:
c5:69:72:0e:ea:c5:bc:0f:ba:59:78:ba:2d:bf:35:
14:2e:bc:e1:97:a9:b7:80:e0:6d:bf:20:31:04:7c:
18:00:1e:b9:aa:04:4c:7e:f4:fa:d8:a3:61:04:07:
5b:ae:f0:b3:33:b1:b3:40:49:b4:90:8e:c9:62:00:
8d:19:9b:ad:c8:78:e7:8c:50:a3:39:f4:7f:58:cc:
5e:b0:5a:b3:b8:f1:96:9c:02:7c:43:1a:76:77:59:
c8:ca:57:4a:2e:6c:64:8e:08:15:3a:ed:e7:03:fc:
55:2f:e2:9f:6f:f1:36:fa:18:35:30:90:2b:8b:c8:
f9:3e:6c:62:0f:8d:fa:5f:7b:75:d6:45:03:63:01:
e4:25:c6:3b:1a:2a:4b:01:21:51:f5:b3:33:ad:d8:
90:36:15:13:8d:e7:eb:8d:1a:80:95:ff:bc:17:3b:
15:b5:e6:69:2f:66:55:b8:17:d7:8d:1e:75:a9:77:
ec:d9:36:19:b3:55:21:ad:b5:48:33:28:c3:24:e1:
a5:ce:bc:41:64:37:f4:71:11:54:96:bb:bb:fe:92:
55:24:8c:45:d0:91:bd:14:42:b7:7c:c7:ea:6e:8d:
f5:9b:a9:42:a6:66:42:d8:a5:4c:c0:1b:cb:36:22:
1c:9f:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Authority Key Identifier:
8D:8C:5E:C4:54:AD:8A:E1:77:E9:9B:F9:9B:05:E1:B8:01:8D:61:E1
X509v3 Subject Key Identifier:
40:FA:A4:50:DE:DB:42:8C:6F:E5:7F:BB:1A:EB:32:02:63:75:AB:F9
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Certificate Policies:
Policy: 1.3.6.1.4.1.6449.1.2.2.7
CPS: https://sectigo.com/CPS
Policy: 2.23.140.1.2.1
Authority Information Access:
CA Issuers - URI:http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt
OCSP - URI:http://ocsp.sectigo.com
X509v3 Subject Alternative Name:
DNS:ex.mail.ovh.net, DNS:www.ex.mail.ovh.net
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
Timestamp : Dec 11 14:43:30.397 2023 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:68:CB:6F:34:86:E2:D6:FD:B7:14:81:02:
C5:20:C8:25:62:A3:FD:47:85:24:10:66:E8:2A:90:F3:
AD:11:57:48:02:20:5A:0C:F8:95:F3:F6:5A:AB:DD:D8:
D1:37:3F:23:60:4A:4A:1A:83:A2:9C:3E:FD:66:A9:06:
8A:C7:F3:14:99:9C
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
Timestamp : Dec 11 14:43:30.553 2023 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:14:CC:8E:CC:BB:86:4D:F2:40:7B:27:96:
37:8D:DA:EB:51:5E:CB:4F:EE:22:D4:64:FC:FB:FD:17:
4B:92:99:DC:02:20:65:73:20:F6:6E:8F:8B:DD:55:19:
5F:08:66:92:7C:33:5A:D5:26:49:6C:2B:D6:C7:4B:0C:
A7:F2:29:18:A5:69
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
Timestamp : Dec 11 14:43:30.437 2023 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:5B:82:DF:5D:C5:8F:C5:52:23:CB:F1:37:
69:E1:32:59:AB:E2:F4:64:0F:28:44:1E:09:E8:D1:35:
57:63:89:88:02:20:27:42:42:9F:35:3F:6B:27:DF:4C:
65:82:3A:7D:96:89:CF:C9:F7:B2:11:09:1E:E4:08:C3:
CE:E4:53:10:97:E8
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
77:2d:2c:1a:14:5a:2b:85:c9:73:05:6a:e6:19:36:67:21:62:
86:e8:05:ac:53:60:f4:b0:39:95:96:7a:82:1c:cf:be:64:f8:
3e:fe:99:70:14:d0:fb:2b:1a:07:ec:48:39:f2:12:a3:0e:4c:
c0:ab:2a:f5:f6:64:3f:b4:f5:aa:fd:50:db:86:b3:0f:f1:1a:
35:55:dc:b8:11:b0:00:de:7f:f4:25:a8:b6:65:75:a1:ec:d6:
63:c3:30:9c:3f:5c:04:ac:79:6e:88:9b:95:63:45:46:8b:99:
ba:d2:2a:e6:e4:9b:84:fa:91:28:6f:65:11:4f:42:d7:a7:e4:
9c:c9:2c:c5:66:29:68:cd:81:64:04:5a:c5:f8:d7:ae:6d:c3:
fd:54:2e:d3:55:c6:a9:4a:e8:6a:86:54:d3:1d:44:d2:66:22:
32:37:b4:fe:85:05:2c:e3:66:94:25:1a:3d:85:94:85:25:a5:
a2:d2:4f:44:85:9b:64:a0:ff:23:b8:ec:7f:15:15:36:30:2a:
ed:2e:ff:aa:3f:5f:29:87:f2:4a:ba:5e:78:d8:2e:34:b9:d6:
21:14:aa:c2:eb:6e:a4:9f:78:66:9c:1c:15:83:4a:cc:aa:85:
4e:db:c3:fe:79:1e:3f:2a:3d:92:c7:05:f6:56:1b:f1:aa:ad:
10:fc:a9:e5
1547145133 | 2024-04-08T03:08:08.921938
587 /
tcp
220 ex.mail.ovh.net Microsoft ESMTP MAIL Service ready at Mon, 8 Apr 2024 05:07:55 +0200
250-ex.mail.ovh.net Hello [224.221.151.194]
250-SIZE 104857600
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-AUTH GSSAPI NTLM
250-8BITMIME
250-BINARYMIME
250 CHUNKING
SMTP NTLM Info:
OS: Windows 10 (version 1607)/Windows Server 2016 (version 1607)
OS Build: 10.0.14393
Target Name: INDIV
NetBIOS Domain Name: INDIV
NetBIOS Computer Name: CAS21
DNS Domain Name: indiv.local
DNS Tree Name: indiv.local
FQDN: CAS21.indiv.local
1107593961 | 2024-04-15T22:18:05.986176
995 /
tcp
+OK The Microsoft Exchange POP3 service is ready.
+OK
TOP
UIDL
SASL PLAIN
USER
.
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:a1:51:fd:0d:7f:d8:47:ed:d7:f5:e2:3d:5a:4b:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
Validity
Not Before: Dec 11 00:00:00 2023 GMT
Not After : Dec 10 23:59:59 2024 GMT
Subject: CN=ex.mail.ovh.net
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (4096 bit)
Modulus:
00:a3:80:ff:62:84:60:76:31:99:cf:8c:df:84:88:
b0:df:4a:23:37:cb:c8:a7:88:28:19:ca:f2:a9:56:
ec:47:6b:d1:7f:de:fd:04:41:76:85:60:61:96:0c:
cf:a6:00:d1:2f:db:cf:0e:06:b2:e6:13:9c:e8:83:
6a:6d:23:8d:ea:bd:74:ea:c2:bd:8a:5e:b1:18:9a:
cd:8d:7b:f4:d5:1f:79:a4:51:ba:52:91:ee:14:05:
9d:87:75:88:50:fd:42:b8:61:23:c4:03:f1:4e:0b:
62:aa:3a:c5:d8:ee:ef:07:a8:46:44:4b:fd:6c:83:
47:1e:38:2b:c4:78:31:b8:43:f7:53:32:de:5e:00:
3e:5a:c4:1e:2a:44:b6:90:8b:28:00:ae:34:42:e6:
bb:8b:10:2b:76:37:89:7f:b9:8e:8a:e0:25:c2:a2:
48:4e:7c:45:be:1e:21:d1:6b:42:af:7c:6c:2e:6c:
e8:23:a1:ee:95:85:a0:14:c2:1c:12:78:85:6a:cf:
be:7d:bf:2b:d5:e9:d4:d3:8c:88:0d:b1:e2:74:43:
81:49:c2:64:8d:00:59:c7:bb:bb:2a:42:23:c9:43:
8e:ee:e2:23:d9:64:da:f0:19:c3:2f:f2:17:ff:95:
98:23:da:7a:f0:c3:68:a0:b2:c7:96:94:11:2b:9c:
82:d5:76:c3:54:2e:43:e2:d5:3b:45:5c:ad:ad:a4:
c5:69:72:0e:ea:c5:bc:0f:ba:59:78:ba:2d:bf:35:
14:2e:bc:e1:97:a9:b7:80:e0:6d:bf:20:31:04:7c:
18:00:1e:b9:aa:04:4c:7e:f4:fa:d8:a3:61:04:07:
5b:ae:f0:b3:33:b1:b3:40:49:b4:90:8e:c9:62:00:
8d:19:9b:ad:c8:78:e7:8c:50:a3:39:f4:7f:58:cc:
5e:b0:5a:b3:b8:f1:96:9c:02:7c:43:1a:76:77:59:
c8:ca:57:4a:2e:6c:64:8e:08:15:3a:ed:e7:03:fc:
55:2f:e2:9f:6f:f1:36:fa:18:35:30:90:2b:8b:c8:
f9:3e:6c:62:0f:8d:fa:5f:7b:75:d6:45:03:63:01:
e4:25:c6:3b:1a:2a:4b:01:21:51:f5:b3:33:ad:d8:
90:36:15:13:8d:e7:eb:8d:1a:80:95:ff:bc:17:3b:
15:b5:e6:69:2f:66:55:b8:17:d7:8d:1e:75:a9:77:
ec:d9:36:19:b3:55:21:ad:b5:48:33:28:c3:24:e1:
a5:ce:bc:41:64:37:f4:71:11:54:96:bb:bb:fe:92:
55:24:8c:45:d0:91:bd:14:42:b7:7c:c7:ea:6e:8d:
f5:9b:a9:42:a6:66:42:d8:a5:4c:c0:1b:cb:36:22:
1c:9f:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Authority Key Identifier:
8D:8C:5E:C4:54:AD:8A:E1:77:E9:9B:F9:9B:05:E1:B8:01:8D:61:E1
X509v3 Subject Key Identifier:
40:FA:A4:50:DE:DB:42:8C:6F:E5:7F:BB:1A:EB:32:02:63:75:AB:F9
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Certificate Policies:
Policy: 1.3.6.1.4.1.6449.1.2.2.7
CPS: https://sectigo.com/CPS
Policy: 2.23.140.1.2.1
Authority Information Access:
CA Issuers - URI:http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt
OCSP - URI:http://ocsp.sectigo.com
X509v3 Subject Alternative Name:
DNS:ex.mail.ovh.net, DNS:www.ex.mail.ovh.net
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
Timestamp : Dec 11 14:43:30.397 2023 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:68:CB:6F:34:86:E2:D6:FD:B7:14:81:02:
C5:20:C8:25:62:A3:FD:47:85:24:10:66:E8:2A:90:F3:
AD:11:57:48:02:20:5A:0C:F8:95:F3:F6:5A:AB:DD:D8:
D1:37:3F:23:60:4A:4A:1A:83:A2:9C:3E:FD:66:A9:06:
8A:C7:F3:14:99:9C
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
Timestamp : Dec 11 14:43:30.553 2023 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:14:CC:8E:CC:BB:86:4D:F2:40:7B:27:96:
37:8D:DA:EB:51:5E:CB:4F:EE:22:D4:64:FC:FB:FD:17:
4B:92:99:DC:02:20:65:73:20:F6:6E:8F:8B:DD:55:19:
5F:08:66:92:7C:33:5A:D5:26:49:6C:2B:D6:C7:4B:0C:
A7:F2:29:18:A5:69
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
Timestamp : Dec 11 14:43:30.437 2023 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:5B:82:DF:5D:C5:8F:C5:52:23:CB:F1:37:
69:E1:32:59:AB:E2:F4:64:0F:28:44:1E:09:E8:D1:35:
57:63:89:88:02:20:27:42:42:9F:35:3F:6B:27:DF:4C:
65:82:3A:7D:96:89:CF:C9:F7:B2:11:09:1E:E4:08:C3:
CE:E4:53:10:97:E8
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
77:2d:2c:1a:14:5a:2b:85:c9:73:05:6a:e6:19:36:67:21:62:
86:e8:05:ac:53:60:f4:b0:39:95:96:7a:82:1c:cf:be:64:f8:
3e:fe:99:70:14:d0:fb:2b:1a:07:ec:48:39:f2:12:a3:0e:4c:
c0:ab:2a:f5:f6:64:3f:b4:f5:aa:fd:50:db:86:b3:0f:f1:1a:
35:55:dc:b8:11:b0:00:de:7f:f4:25:a8:b6:65:75:a1:ec:d6:
63:c3:30:9c:3f:5c:04:ac:79:6e:88:9b:95:63:45:46:8b:99:
ba:d2:2a:e6:e4:9b:84:fa:91:28:6f:65:11:4f:42:d7:a7:e4:
9c:c9:2c:c5:66:29:68:cd:81:64:04:5a:c5:f8:d7:ae:6d:c3:
fd:54:2e:d3:55:c6:a9:4a:e8:6a:86:54:d3:1d:44:d2:66:22:
32:37:b4:fe:85:05:2c:e3:66:94:25:1a:3d:85:94:85:25:a5:
a2:d2:4f:44:85:9b:64:a0:ff:23:b8:ec:7f:15:15:36:30:2a:
ed:2e:ff:aa:3f:5f:29:87:f2:4a:ba:5e:78:d8:2e:34:b9:d6:
21:14:aa:c2:eb:6e:a4:9f:78:66:9c:1c:15:83:4a:cc:aa:85:
4e:db:c3:fe:79:1e:3f:2a:3d:92:c7:05:f6:56:1b:f1:aa:ad:
10:fc:a9:e5