GeneralInformation

Hostnames	autodiscover.harveast.com mail.harveast.com smtp.harveast.com
Domains	harveast.com
Cloud Provider	Azure
Cloud Region	northeurope
Cloud Service	AzureCloud
Country	Ireland
City	Dublin
Organization	Microsoft Corporation
ISP	Microsoft Corporation
ASN	AS8075
Operating System	Windows (build 6.1.7601)

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

OpenPorts

25 53 80 135 143 443 445 587 993 5986

-2039468747 | 2024-09-14T15:11:37.646821

25 / tcp

220 smtp.harveast.com
250-AZ-EXCH-1.HarvEast.lan Hello [224.92.194.224]
250-SIZE
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-X-ANONYMOUSTLS
250-AUTH NTLM LOGIN
250-X-EXPS GSSAPI NTLM
250-8BITMIME
250-BINARYMIME
250-CHUNKING
250-XEXCH50
250-XRDST
250 XSHADOW

SMTP NTLM Info:
  OS: Windows 7/Windows Server 2008 R2
  OS Build: 6.1.7601
  Target Name: HARVEAST
  NetBIOS Domain Name: HARVEAST
  NetBIOS Computer Name: AZ-EXCH-1
  DNS Domain Name: HarvEast.lan
  DNS Tree Name: HarvEast.lan
  FQDN: AZ-EXCH-1.HarvEast.lan

-985096807 | 2024-09-06T22:58:36.022394

80 / tcp

403 - Forbidden: Access is denied.

HTTP/1.1 403 Forbidden
Content-Type: text/html
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Fri, 06 Sep 2024 22:58:35 GMT
Content-Length: 1233

CVE-2010-3972 CVE-2010-2730 CVE-2010-1899

415727626 | 2024-09-12T08:07:06.497726

135 / tcp

Microsoft RPC Endpoint Mapper

d95afe70-a6d5-4259-822e-2c84da1ddb0d
  version: v1.0
  protocol: [MS-RSP]: Remote Shutdown Protocol
  provider: wininit.exe
  ncacn_ip_tcp: 10.78.78.8:6006
  ncalrpc: WindowsShutdown
  ncacn_np: \\AZ-EXCH-1\PIPE\InitShutdown
  ncalrpc: WMsgKRpc090180

76f226c3-ec14-4325-8a99-6a46348418af
  version: v1.0
  provider: winlogon.exe
  ncalrpc: WindowsShutdown
  ncacn_np: \\AZ-EXCH-1\PIPE\InitShutdown
  ncalrpc: WMsgKRpc090180
  ncalrpc: WMsgKRpc092521
  ncalrpc: WMsgKRpc0D99E9CF2
  ncalrpc: WMsgKRpc96EA15DAB

c9ac6db5-82b7-4e55-ae8a-e464ed7b4277
  version: v1.0
  annotation: Impl friendly name
  provider: sysntfy.dll
  ncalrpc: LRPC-502f87370bb34c6d93
  ncacn_np: \\AZ-EXCH-1\PIPE\srvsvc
  ncacn_ip_tcp: 10.78.78.8:6008
  ncacn_np: \\AZ-EXCH-1\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE0903590892F943F59BA62BA79C41
  ncalrpc: IUserProfile2
  ncalrpc: senssvc
  ncalrpc: OLE0903590892F943F59BA62BA79C41
  ncalrpc: IUserProfile2
  ncalrpc: OLE0903590892F943F59BA62BA79C41
  ncalrpc: IUserProfile2
  ncalrpc: IUserProfile2

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6
  version: v1.0
  annotation: DHCPv6 Client LRPC Endpoint
  provider: dhcpcsvc6.dll
  ncalrpc: dhcpcsvc6
  ncalrpc: dhcpcsvc
  ncacn_ip_tcp: 10.78.78.8:6007
  ncacn_np: \\AZ-EXCH-1\pipe\eventlog
  ncalrpc: eventlog

3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5
  version: v1.0
  annotation: DHCP Client LRPC Endpoint
  provider: dhcpcsvc.dll
  ncalrpc: dhcpcsvc
  ncacn_ip_tcp: 10.78.78.8:6007
  ncacn_np: \\AZ-EXCH-1\pipe\eventlog
  ncalrpc: eventlog

30adc50c-5cbc-46ce-9a0e-91914789e23c
  version: v1.0
  annotation: NRP server endpoint
  provider: nrpsrv.dll
  ncacn_ip_tcp: 10.78.78.8:6007
  ncacn_np: \\AZ-EXCH-1\pipe\eventlog
  ncalrpc: eventlog

f6beaff7-1e19-4fbb-9f8f-b89e2018337c
  version: v1.0
  annotation: Event log TCPIP
  protocol: [MS-EVEN6]: EventLog Remoting Protocol
  provider: wevtsvc.dll
  ncacn_ip_tcp: 10.78.78.8:6007
  ncacn_np: \\AZ-EXCH-1\pipe\eventlog
  ncalrpc: eventlog

58e604e8-9adb-4d2e-a464-3b0683fb1480
  version: v1.0
  annotation: AppInfo
  provider: appinfo.dll
  ncacn_np: \\AZ-EXCH-1\PIPE\srvsvc
  ncacn_ip_tcp: 10.78.78.8:6008
  ncacn_np: \\AZ-EXCH-1\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE0903590892F943F59BA62BA79C41
  ncalrpc: IUserProfile2

fd7a0523-dc70-43dd-9b2e-9c5ed48225b1
  version: v1.0
  annotation: AppInfo
  provider: appinfo.dll
  ncacn_np: \\AZ-EXCH-1\PIPE\srvsvc
  ncacn_ip_tcp: 10.78.78.8:6008
  ncacn_np: \\AZ-EXCH-1\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE0903590892F943F59BA62BA79C41
  ncalrpc: IUserProfile2

5f54ce7d-5b79-4175-8584-cb65313a0e98
  version: v1.0
  annotation: AppInfo
  provider: appinfo.dll
  ncacn_np: \\AZ-EXCH-1\PIPE\srvsvc
  ncacn_ip_tcp: 10.78.78.8:6008
  ncacn_np: \\AZ-EXCH-1\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE0903590892F943F59BA62BA79C41
  ncalrpc: IUserProfile2

201ef99a-7fa0-444c-9399-19ba84f12a1a
  version: v1.0
  annotation: AppInfo
  provider: appinfo.dll
  ncacn_np: \\AZ-EXCH-1\PIPE\srvsvc
  ncacn_ip_tcp: 10.78.78.8:6008
  ncacn_np: \\AZ-EXCH-1\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE0903590892F943F59BA62BA79C41
  ncalrpc: IUserProfile2

30b044a5-a225-43f0-b3a4-e060df91f9c1
  version: v1.0
  provider: certprop.dll
  ncacn_np: \\AZ-EXCH-1\PIPE\srvsvc
  ncacn_ip_tcp: 10.78.78.8:6008
  ncacn_np: \\AZ-EXCH-1\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE0903590892F943F59BA62BA79C41
  ncalrpc: IUserProfile2

98716d03-89ac-44c7-bb8c-285824e51c4a
  version: v1.0
  annotation: XactSrv service
  provider: srvsvc.dll
  ncacn_ip_tcp: 10.78.78.8:6008
  ncacn_np: \\AZ-EXCH-1\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE0903590892F943F59BA62BA79C41
  ncalrpc: IUserProfile2

552d076a-cb29-4e44-8b6a-d15e59e2c0af
  version: v1.0
  annotation: IP Transition Configuration endpoint
  provider: iphlpsvc.dll
  ncacn_ip_tcp: 10.78.78.8:6008
  ncacn_np: \\AZ-EXCH-1\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE0903590892F943F59BA62BA79C41
  ncalrpc: IUserProfile2

a398e520-d59a-4bdd-aa7a-3c1e0303a511
  version: v1.0
  annotation: IKE/Authip API
  provider: IKEEXT.DLL
  ncacn_ip_tcp: 10.78.78.8:6008
  ncacn_np: \\AZ-EXCH-1\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE0903590892F943F59BA62BA79C41
  ncalrpc: IUserProfile2

86d35949-83c9-4044-b424-db363231fd0c
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: schedsvc.dll
  ncacn_ip_tcp: 10.78.78.8:6008
  ncacn_np: \\AZ-EXCH-1\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE0903590892F943F59BA62BA79C41
  ncalrpc: IUserProfile2

378e52b0-c0a9-11cf-822d-00aa0051e40f
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\AZ-EXCH-1\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE0903590892F943F59BA62BA79C41
  ncalrpc: IUserProfile2

1ff70682-0a51-30e8-076d-740be8cee98b
  version: v1.0
  protocol: [MS-TSCH]: Task Scheduler Service Remoting Protocol
  provider: taskcomp.dll
  ncacn_np: \\AZ-EXCH-1\PIPE\atsvc
  ncalrpc: senssvc
  ncalrpc: OLE0903590892F943F59BA62BA79C41
  ncalrpc: IUserProfile2

0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53
  version: v1.0
  provider: schedsvc.dll
  ncalrpc: senssvc
  ncalrpc: OLE0903590892F943F59BA62BA79C41
  ncalrpc: IUserProfile2

2eb08e3e-639f-4fba-97b1-14f878961076
  version: v1.0
  provider: gpsvc.dll
  ncalrpc: OLE0903590892F943F59BA62BA79C41
  ncalrpc: IUserProfile2

24019106-a203-4642-b88d-82dae9158929
  version: v1.0
  provider: authui.dll
  ncalrpc: LRPC-7614a76d1788a0c45d

3473dd4d-2e88-4006-9cba-22570909dd10
  version: v5.256
  annotation: WinHttp Auto-Proxy Service
  ncacn_np: \\AZ-EXCH-1\PIPE\W32TIME_ALT
  ncalrpc: W32TIME_ALT
  ncalrpc: LRPC-9695fcddda9252b961
  ncalrpc: OLE96623223F66D4F1FBAB68EB5BA55

7ea70bcf-48af-4f6a-8968-6a440754d5fa
  version: v1.0
  annotation: NSI server endpoint
  provider: nsisvc.dll
  ncalrpc: LRPC-9695fcddda9252b961
  ncalrpc: OLE96623223F66D4F1FBAB68EB5BA55

2fb92682-6599-42dc-ae13-bd2ca89bd11c
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-527183581564d9a545

7f9d11bf-7fb9-436b-a812-b2d50c5d4c03
  version: v1.0
  annotation: Fw APIs
  provider: MPSSVC.dll
  ncalrpc: LRPC-527183581564d9a545

dd490425-5325-4565-b774-7e27d6c09c24
  version: v1.0
  annotation: Base Firewall Engine API
  provider: BFE.DLL
  ncalrpc: LRPC-527183581564d9a545

7f1343fe-50a9-4927-a778-0c5859517bac
  version: v1.0
  annotation: DfsDs service
  ncacn_np: \\AZ-EXCH-1\PIPE\wkssvc
  ncalrpc: DNSResolver

4a452661-8290-4b36-8fbe-7f4093a94978
  version: v1.0
  annotation: Spooler function endpoint
  provider: spoolsv.exe
  ncalrpc: spoolss

ae33069b-a2a8-46ee-a235-ddfd339be281
  version: v1.0
  annotation: Spooler base remote object endpoint
  protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
  provider: spoolsv.exe
  ncalrpc: spoolss

0b6edbfa-4a24-4fc6-8a23-942b1eca65d1
  version: v1.0
  annotation: Spooler function endpoint
  protocol: [MS-PAN]: Print System Asynchronous Notification Protocol
  provider: spoolsv.exe
  ncalrpc: spoolss

50abc2a4-574d-40b3-9d66-ee4fd5fba076
  version: v5.0
  protocol: [MS-DNSP]: Domain Name Service (DNS) Server Management
  provider: dns.exe
  ncacn_ip_tcp: 10.78.78.8:6029

b9fadb8d-53a1-41d7-b763-88d884b6b829
  version: v1.0
  annotation: Microsoft Exchange Topology Information Server RPC Interface
  ncalrpc: LRPC-8a92aa0c4ee4aaabde
  ncacn_ip_tcp: 10.78.78.8:21509

88d01b61-c20b-4dc0-a4d9-1d72952e42b8
  version: v1.256
  annotation: Microsoft Exchange Forms Based Authentication RPC Interface
  ncalrpc: LRPC-4db0ec7e9155779a07
  ncacn_ip_tcp: 10.78.78.8:21511

b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86
  version: v1.0
  annotation: KeyIso
  provider: keyiso.dll
  ncacn_ip_tcp: 10.78.78.8:21512
  ncalrpc: samss lpc
  ncalrpc: dsrole
  ncacn_np: \\AZ-EXCH-1\PIPE\protected_storage
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncalrpc: LRPC-6eba68d9ca357a8c79
  ncacn_np: \\AZ-EXCH-1\pipe\lsass

12345778-1234-abcd-ef00-0123456789ac
  version: v1.0
  protocol: [MS-SAMR]: Security Account Manager (SAM) Remote Protocol
  provider: samsrv.dll
  ncacn_ip_tcp: 10.78.78.8:21512
  ncalrpc: samss lpc
  ncalrpc: dsrole
  ncacn_np: \\AZ-EXCH-1\PIPE\protected_storage
  ncalrpc: protected_storage
  ncalrpc: lsasspirpc
  ncalrpc: lsapolicylookup
  ncalrpc: LSARPC_ENDPOINT
  ncalrpc: securityevent
  ncalrpc: audit
  ncalrpc: LRPC-6eba68d9ca357a8c79
  ncacn_np: \\AZ-EXCH-1\pipe\lsass

1544f5e0-613c-11d1-93df-00c04fd7bd09
  version: v1.0
  annotation: Microsoft Exchange RFR Interface
  protocol: [MS-OXABREF]: Address Book Name Service Provider Interface (NSPI) Referral Protocol
  ncacn_ip_http: 10.78.78.8:6002
  ncacn_ip_http: 10.78.78.8:6004
  ncacn_ip_tcp: 10.78.78.8:28359

f5cc5a18-4264-101a-8c59-08002b2f8426
  version: v56.0
  annotation: Microsoft Exchange NSP Interface
  protocol: [MS-NSPI]: Name Service Provider Interface (NSPI) Protocol
  provider: ntdsai.dll
  ncacn_ip_http: 10.78.78.8:6002
  ncacn_ip_http: 10.78.78.8:6004
  ncacn_ip_tcp: 10.78.78.8:28359

f1f21151-7185-4170-ac8d-9bb077c29bd3
  version: v1.0
  ncalrpc: LRPC-32cce24e9cf0b9f590
  ncacn_ip_tcp: 10.78.78.8:28369

938fe036-ede6-4f6c-966e-a3d7300279c8
  version: v0.256
  annotation: Exchange Server STORE EMSMDBPOOL Interface
  ncalrpc: OLE9F981DB6070946BDA066ABDF9A0D
  ncalrpc: MSExchangeIS_LPC
  ncacn_ip_http: 10.78.78.8:6003
  ncacn_ip_tcp: 10.78.78.8:28455

31e68719-d4fc-401a-8788-bc56169a336b
  version: v0.256
  annotation: Exchange Server STORE Async EMSMDBMT Interface
  ncalrpc: OLE9F981DB6070946BDA066ABDF9A0D
  ncalrpc: MSExchangeIS_LPC
  ncacn_ip_http: 10.78.78.8:6003
  ncacn_ip_tcp: 10.78.78.8:28455

df831451-edad-415d-905f-9d3793f92db3
  version: v0.20736
  annotation: Exchange Server STORE EMSMDBMT Interface
  ncalrpc: OLE9F981DB6070946BDA066ABDF9A0D
  ncalrpc: MSExchangeIS_LPC
  ncacn_ip_http: 10.78.78.8:6003
  ncacn_ip_tcp: 10.78.78.8:28455

a9e05b20-6f57-4e24-a540-52412017e6ff
  version: v1.0
  annotation: Microsoft Information Store
  ncalrpc: MSExchangeIS_LPC
  ncacn_ip_tcp: 10.78.78.8:28455

0e4a0156-dd5d-11d2-8c2f-00c04fb6bcde
  version: v1.0
  annotation: Microsoft Information Store
  ncalrpc: MSExchangeIS_LPC
  ncacn_ip_tcp: 10.78.78.8:28455

bf6dd426-77b4-44b3-984e-d413fc075562
  version: v2.0
  annotation: Microsoft Information Store
  ncalrpc: MSExchangeIS_LPC
  ncacn_ip_tcp: 10.78.78.8:28455

1453c42c-0fa6-11d2-a910-00c04f990f3b
  version: v1.0
  annotation: Microsoft Information Store
  ncalrpc: MSExchangeIS_LPC
  ncacn_ip_tcp: 10.78.78.8:28455

10f24e8e-0fa6-11d2-a910-00c04f990f3b
  version: v1.0
  annotation: Microsoft Information Store
  ncalrpc: MSExchangeIS_LPC
  ncacn_ip_tcp: 10.78.78.8:28455

da107c01-2b50-44d7-9d5f-bfd4fd8e95ed
  version: v5.0
  annotation: Exchange Server STORE ADMIN Interface
  ncalrpc: MSExchangeIS_LPC
  ncacn_ip_http: 10.78.78.8:6003
  ncacn_ip_tcp: 10.78.78.8:28455

99e64010-b032-11d0-97a4-00c04fd6551d
  version: v4.0
  annotation: Exchange Server STORE ADMIN Interface
  ncalrpc: MSExchangeIS_LPC
  ncacn_ip_http: 10.78.78.8:6003
  ncacn_ip_tcp: 10.78.78.8:28455

89742ace-a9ed-11cf-9c0c-08002be7ae86
  version: v2.0
  annotation: Exchange Server STORE ADMIN Interface
  ncalrpc: MSExchangeIS_LPC
  ncacn_ip_http: 10.78.78.8:6003
  ncacn_ip_tcp: 10.78.78.8:28455

367abb81-9844-35f1-ad32-98f038001003
  version: v2.0
  protocol: [MS-SCMR]: Service Control Manager Remote Protocol
  provider: services.exe
  ncacn_ip_tcp: 10.78.78.8:28658

3357951c-a1d1-47db-a278-ab945d063d03
  version: v1.0
  provider: LBService.dll
  ncacn_ip_tcp: 10.78.78.8:28668

12345678-1234-abcd-ef00-0123456789ab
  version: v1.0
  annotation: IPSec Policy agent endpoint
  protocol: [MS-RPRN]: Print System Remote Protocol
  provider: spoolsv.exe
  ncalrpc: LRPC-56f9d92664d32e1687

906b0ce0-c70b-1067-b317-00dd010662da
  version: v1.0
  protocol: [MS-CMPO]: MSDTC Connection Manager:
  provider: msdtcprx.dll
  ncacn_ip_tcp: 10.78.78.8:28681
  ncalrpc: LRPC-0436867d29b9f3a783
  ncacn_ip_tcp: 10.78.78.8:28681
  ncalrpc: LRPC-0436867d29b9f3a783
  ncacn_ip_tcp: 10.78.78.8:28681
  ncalrpc: LRPC-0436867d29b9f3a783
  ncacn_ip_tcp: 10.78.78.8:28681
  ncalrpc: LRPC-0436867d29b9f3a783
  ncacn_ip_tcp: 10.78.78.8:28682
  ncalrpc: LRPC-c262de6e2824f6edd2
  ncalrpc: OLE9ECAAD633C87409D8E4C0171D59B

12e65dd8-887f-41ef-91bf-8d816c42c2e7
  version: v1.0
  annotation: Secure Desktop LRPC interface
  provider: winlogon.exe
  ncalrpc: WMsgKRpc0D99E9CF2
  ncalrpc: WMsgKRpc96EA15DAB

b97db8b2-4c63-11cf-bff6-08002be23f2f
  version: v3.0
  annotation: Microsoft Cluster Server API
  protocol: [MS-CMRP]: Failover Cluster:
  ncalrpc: LRPC-cf81a1bc7720a07d1a
  ncacn_ip_tcp: 10.78.78.8:21809

52d3f3f5-248c-4d74-a01f-a06e41d5cd59
  version: v1.0
  ncalrpc: LRPC-875b2331b0840760c5
  ncacn_ip_tcp: 10.78.78.8:34116

4d88f820-8c32-4453-9e30-7297e2fcf025
  version: v1.0
  ncalrpc: LRPC-1b6f378c208798e429
  ncacn_ip_tcp: 10.78.78.8:34157

3cb4be69-9ba1-448c-9a44-a1f759a1878a
  version: v1.256
  annotation: MS Exchange Recipient Update Service RPC Interface
  ncalrpc: LRPC-3d7424defe9c3aeac5
  ncacn_ip_tcp: 10.78.78.8:34164

f930c514-1215-11d3-99a5-00a0c9b61b04
  version: v1.0
  annotation: MS Exchange System Attendant Cluster Interface
  ncalrpc: LRPC-3d7424defe9c3aeac5
  ncacn_ip_tcp: 10.78.78.8:34164

83d72bf0-0d89-11ce-b13f-00aa003bac6c
  version: v6.0
  annotation: MS Exchange System Attendant Private Interface
  ncalrpc: LRPC-3d7424defe9c3aeac5
  ncacn_ip_tcp: 10.78.78.8:34164

469d6ec0-0d87-11ce-b13f-00aa003bac6c
  version: v16.256
  annotation: MS Exchange System Attendant Public Interface
  ncalrpc: LRPC-3d7424defe9c3aeac5
  ncacn_ip_tcp: 10.78.78.8:34164

20434699-5e7e-47d6-95f6-698c4a0ec2f0
  version: v1.0
  ncalrpc: LRPC-72eb6c0160984f7818
  ncacn_ip_tcp: 10.78.78.8:34237

d9318e75-8a8b-4abb-88e7-aceb01f09e60
  version: v1.0
  ncalrpc: LRPC-72eb6c0160984f7818
  ncacn_ip_tcp: 10.78.78.8:34237

abb2ba17-588c-4c52-8dd9-c9a7030bdf26
  version: v2.0
  ncalrpc: LRPC-431d09942d4d497402
  ncacn_ip_tcp: 10.78.78.8:34240
  ncalrpc: OLE51BFC1A1D7C54C8EBFACE646D8EF

5261574a-4572-206e-b268-6b199213b4e4
  version: v0.256
  protocol: [MS-OXCRPC]: Wire Format Protocol
  ncacn_ip_http: 10.78.78.8:6001
  ncacn_ip_tcp: 10.78.78.8:34289

a4f1db00-ca47-1067-b31f-00dd010662da
  version: v0.20736
  protocol: [MS-OXCRPC]: Wire Format Protocol
  ncacn_ip_http: 10.78.78.8:6001
  ncacn_ip_tcp: 10.78.78.8:34289

37fc1b02-da36-4b27-a745-bf2f58a98ff6
  version: v3.0
  ncalrpc: LRPC-cfefb0bb9881b169ad
  ncacn_ip_tcp: 10.78.78.8:34361

f224209f-9076-40f7-98ad-5416dbfa178e
  version: v3.0
  ncalrpc: LRPC-cfefb0bb9881b169ad
  ncacn_ip_tcp: 10.78.78.8:34361

33440f02-5ea0-43d2-a706-d8a4dc712c83
  version: v1.0
  ncalrpc: LRPC-3a642c22593478bcbf

76c0d124-a18e-49d4-adf1-d8c6ba868ea6
  version: v1.0
  ncalrpc: LRPC-492c02fb5818c7a903
  ncacn_ip_tcp: 10.78.78.8:10407

4a020372-bb0a-4031-a5a7-7c6896522c00
  version: v1.0
  ncalrpc: LRPC-492c02fb5818c7a903
  ncacn_ip_tcp: 10.78.78.8:10407

5df3c257-334b-4e96-9efb-a0619255be09
  version: v1.0
  annotation: 23052	MSExchangeMailSubmission
  ncalrpc: LRPC-7ff7b0e15d86224b65
  ncacn_ip_tcp: 10.78.78.8:10426
  ncalrpc: LRPC-7ff7b0e15d86224b65
  ncacn_ip_tcp: 10.78.78.8:10426
  ncalrpc: LRPC-e97bacce615002a13d
  ncacn_ip_tcp: 10.78.78.8:64529
  ncalrpc: LRPC-e97bacce615002a13d
  ncacn_ip_tcp: 10.78.78.8:64529

41f5fae1-e0ac-414c-a721-0d287466cb23
  version: v1.0
  ncalrpc: OLE268296B1F2E54983AD01860C6C47
  ncalrpc: LRPC-e97bacce615002a13d
  ncacn_ip_tcp: 10.78.78.8:64529

640aa52e-d472-443a-952c-4d3fe97f480c
  version: v1.0
  ncalrpc: OLE268296B1F2E54983AD01860C6C47
  ncalrpc: LRPC-e97bacce615002a13d
  ncacn_ip_tcp: 10.78.78.8:64529

bd5790c9-d855-42b0-990f-3dfed8c184b3
  version: v1.0
  ncalrpc: OLE268296B1F2E54983AD01860C6C47
  ncalrpc: LRPC-e97bacce615002a13d
  ncacn_ip_tcp: 10.78.78.8:64529

8384fc47-956a-4d1e-ab2a-1205014f96ec
  version: v1.0
  ncalrpc: OLE268296B1F2E54983AD01860C6C47
  ncalrpc: LRPC-e97bacce615002a13d
  ncacn_ip_tcp: 10.78.78.8:64529

795009750 | 2024-09-12T10:45:58.846028

143 / tcp

* OK The Microsoft Exchange IMAP4 service is ready.
* CAPABILITY IMAP4 IMAP4rev1 AUTH=NTLM AUTH=GSSAPI AUTH=PLAIN STARTTLS UIDPLUS CHILDREN IDLE NAMESPACE LITERAL+
A001 OK CAPABILITY completed.
A002 BAD Command Error. 12
A003 BAD Command Error. 12
* BYE Microsoft Exchange Server 2010 IMAP4 server signing off.
A004 OK LOGOUT completed.

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:25:b8:fb:c6:02:3e:aa:67:51:68:7a:c0:40:26:4e:12:fc
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R11
        Validity
            Not Before: Aug 22 05:05:26 2024 GMT
            Not After : Nov 20 05:05:25 2024 GMT
        Subject: CN=mail.harveast.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (3072 bit)
                Modulus:
                    00:dd:cc:df:8d:a0:e9:67:1c:f6:ce:62:6a:4d:c4:
                    c1:9c:e8:7e:0e:ea:b2:07:48:c1:25:af:97:66:9f:
                    1a:02:eb:6c:a1:fb:01:b2:c4:a2:fc:05:6e:ca:90:
                    b6:c1:ae:39:2b:52:86:b4:01:6f:60:77:a6:3c:db:
                    b0:bb:b0:a2:20:41:86:ef:b7:da:ab:d9:68:62:84:
                    04:2d:63:c8:fb:b4:22:46:94:26:d3:ef:18:1d:25:
                    6b:4a:dd:85:4a:0c:32:53:62:d2:3a:7e:4c:84:f7:
                    f3:5d:3e:63:35:29:ec:89:8c:bf:cd:53:47:df:b6:
                    9f:2f:75:e1:a6:d8:24:dd:97:06:ff:f9:7f:8f:16:
                    7d:ad:96:16:73:9e:46:65:f6:ab:98:81:f3:18:7c:
                    08:f9:0e:63:00:cb:44:5c:38:bd:60:6f:42:b4:b3:
                    d0:6d:fc:bb:7a:cc:aa:08:f7:6b:67:32:ae:53:64:
                    d6:8d:d0:85:28:70:41:f3:a1:26:be:1b:18:6f:17:
                    03:ca:b9:11:5f:a2:65:bd:3e:a1:4a:af:99:42:1f:
                    97:0e:9b:a3:f0:d7:47:f6:22:9f:45:ff:a8:17:00:
                    74:50:af:ba:07:8f:55:4a:5d:ca:5a:34:0c:99:9b:
                    e2:57:9d:f4:60:56:1a:1f:64:67:39:d5:51:84:36:
                    16:c6:48:81:db:32:4b:ed:fa:cd:e5:45:44:3e:74:
                    d7:b5:ee:fb:3b:50:af:e4:ac:36:db:40:04:72:d2:
                    d8:35:91:ab:0b:24:c7:3f:f3:50:fc:3b:e8:fa:2e:
                    e9:be:cf:b3:55:9f:3a:df:24:8f:dd:2f:6c:2e:62:
                    cd:9d:14:8e:b4:1b:4a:71:d8:2d:c4:dd:3a:e5:fc:
                    18:e4:c0:f6:79:b7:e9:6a:05:87:fe:62:15:2a:fc:
                    de:c4:0a:78:b9:fd:d5:19:97:ad:8c:89:7f:26:e0:
                    8e:62:87:16:0c:e0:ba:b2:94:3a:48:02:cf:10:1f:
                    50:46:fc:a7:51:c9:02:92:fa:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                33:7A:F1:2C:51:87:37:E9:58:2C:A2:E8:A9:20:97:9C:AF:9D:05:F9
            X509v3 Authority Key Identifier: 
                C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9
            Authority Information Access: 
                OCSP - URI:http://r11.o.lencr.org
                CA Issuers - URI:http://r11.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:autodiscover.harveast.com, DNS:mail.harveast.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
                                ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
                    Timestamp : Aug 22 06:03:56.308 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:E4:1E:C5:69:32:FD:2D:5F:19:BD:30:
                                A1:89:81:E6:47:A9:FE:A4:67:5D:1D:6D:85:77:80:D9:
                                83:B4:46:0E:C1:02:20:14:B7:5A:B2:F4:CE:7F:CC:B6:
                                16:97:6B:88:3A:46:58:65:B9:0B:5A:FC:D6:2A:8C:A3:
                                13:14:9C:D8:A1:46:D0
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DF:E1:56:EB:AA:05:AF:B5:9C:0F:86:71:8D:A8:C0:32:
                                4E:AE:56:D9:6E:A7:F5:A5:6A:01:D1:C1:3B:BE:52:5C
                    Timestamp : Aug 22 06:03:56.496 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:CD:1F:10:8D:A9:2C:B1:87:82:90:A9:
                                95:FB:F7:61:86:B4:63:AB:CB:B6:85:0B:73:52:F6:44:
                                8C:6A:93:0F:23:02:21:00:D5:A0:D7:39:C2:7E:EA:30:
                                09:8D:19:D4:B4:95:ED:8B:3D:67:89:69:E9:3F:D8:1B:
                                C1:80:B7:1D:1F:CF:F7:18
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        ab:c5:d2:8b:cf:1e:18:7e:a8:ce:a5:cc:34:15:31:10:7b:85:
        f4:28:b7:4b:96:a3:ea:17:97:c4:71:60:a7:fd:5a:27:8d:f8:
        94:a5:4e:88:b1:de:34:8c:1c:e7:48:b6:1c:15:55:cd:d7:49:
        f7:59:01:21:bc:bc:1a:8e:e7:00:85:25:90:c5:e0:9d:4a:33:
        86:3c:17:7f:31:40:44:94:67:09:db:0c:eb:f1:17:19:91:d4:
        35:31:67:f8:f5:fa:62:9a:92:43:1a:c0:b0:34:af:10:5f:3d:
        1a:82:25:a4:26:57:c2:3b:3d:d7:66:3d:04:fb:ac:73:af:f8:
        b8:fc:77:43:28:26:2c:96:57:cc:30:3e:0a:f4:2a:c9:e6:05:
        75:f7:11:a4:e7:8d:70:6e:55:a9:1e:f4:d4:a1:ed:ae:aa:d8:
        a2:15:e2:f0:d3:48:c8:19:1b:ee:d2:34:b7:96:40:95:4c:65:
        a7:f3:0e:70:33:a9:3c:ca:20:15:71:aa:ce:cc:16:be:04:d4:
        62:68:d4:f0:a2:eb:b0:78:52:ec:0e:38:6c:6b:18:1d:25:eb:
        9c:93:cf:e6:c4:95:36:37:06:d3:90:49:f0:e7:91:0f:b0:9a:
        ef:7f:1a:c8:b2:e6:d4:30:af:61:04:97:54:c6:23:dd:a2:52:
        52:10:6b:7c

1452714602 | 2024-09-10T04:29:46.437156

443 / tcp

Outlook Web App

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Set-Cookie: OutlookSession=1a830ff55d0a44ffa260c6db237a000e; path=/; secure; HttpOnly
X-OWA-Version: 14.3.352.0
X-Powered-By: ASP.NET
Date: Tue, 10 Sep 2024 04:29:45 GMT
Content-Length: 8783


Microsoft Exchange:
  Name: Update Rollup 17 for Exchange Server 2010 SP3
  Build Number: 14.3.352.0
  Build Date: March 21, 2017

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:9f:aa:00:35:fe:33:5f:4e:c7:28:df:48:16:2e:98:95:02
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R11
        Validity
            Not Before: Aug 27 05:05:21 2024 GMT
            Not After : Nov 25 05:05:20 2024 GMT
        Subject: CN=autodiscover.harveast.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (3072 bit)
                Modulus:
                    00:b2:39:18:a1:03:0e:fe:8e:ea:96:f6:32:37:40:
                    c3:17:05:98:73:9e:c2:60:f5:c9:fa:9e:3e:75:22:
                    c2:1c:ab:bb:ab:4b:6e:dd:57:8d:15:55:36:e5:92:
                    47:40:dd:f3:d3:07:d5:d5:e3:8e:65:04:41:35:16:
                    5e:fa:cf:20:9b:bd:38:e7:ad:77:e5:6a:91:08:00:
                    83:60:eb:8d:9f:e3:ca:49:bf:89:95:55:ce:ec:a6:
                    a7:38:eb:77:c1:14:18:79:43:b3:10:f3:40:b8:81:
                    36:e5:99:28:11:d3:a6:b0:a0:ef:7e:f8:b3:a2:12:
                    18:c4:9c:81:2d:42:5f:3a:2e:0f:d7:f1:fd:c7:ab:
                    a1:40:d5:91:5d:da:6f:96:ce:93:36:5e:ee:fd:06:
                    1c:46:f9:2d:62:ec:0b:b5:7b:f4:76:47:ea:c7:f0:
                    5b:7a:ec:3a:90:ae:cf:cd:02:6f:25:95:56:bf:42:
                    90:15:a4:b0:ff:26:86:1e:fe:8b:8c:49:bd:9d:4d:
                    c6:7d:6f:39:64:80:18:69:a4:3d:29:95:43:86:f3:
                    e3:34:9e:6b:aa:cc:b7:d9:81:21:85:c8:8c:9c:23:
                    40:63:24:d6:86:c5:24:a0:87:53:9c:e5:a0:fd:a2:
                    20:b9:c0:f2:f7:c6:f3:76:71:b5:a3:b2:d3:0d:04:
                    3f:04:b9:46:34:25:6d:d8:46:21:6b:a5:fd:b0:45:
                    ba:e4:4e:27:98:54:8f:86:26:bc:ba:34:5f:30:1f:
                    f8:d5:0b:3c:67:82:0a:42:e7:ed:a7:43:d8:10:cb:
                    ca:06:94:30:bc:a1:71:cf:d4:71:e8:ba:c5:d0:6d:
                    32:a5:76:68:8a:22:4b:74:b7:71:b7:73:8c:08:f1:
                    2f:e3:e6:29:36:e9:f9:59:54:e4:5e:94:0e:72:e9:
                    d0:a7:76:fd:9c:01:b4:b5:b0:c9:82:cf:71:ff:8b:
                    ec:b5:93:9b:37:44:02:19:5c:9d:15:6e:a0:c9:1c:
                    4b:1e:21:37:8c:a5:81:a2:b4:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                90:5C:AD:D8:E4:AE:55:78:59:84:09:29:1B:F4:19:AD:38:30:7E:6E
            X509v3 Authority Key Identifier: 
                C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9
            Authority Information Access: 
                OCSP - URI:http://r11.o.lencr.org
                CA Issuers - URI:http://r11.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:autodiscover.harveast.com, DNS:mail.harveast.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
                                ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
                    Timestamp : Aug 27 06:03:52.241 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:FB:DA:C1:5B:D3:65:68:71:CA:B5:6B:
                                76:AA:D9:AA:5F:5E:82:AD:F3:C1:A7:4B:50:84:9E:17:
                                DE:A8:CE:69:94:02:21:00:AA:9B:BE:4C:13:82:9F:CF:
                                27:C5:B4:6C:28:D9:D4:8A:43:7F:68:FC:68:B8:CA:9A:
                                EF:A0:ED:46:9C:9B:65:0B
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Aug 27 06:03:52.253 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:26:19:5A:C9:04:12:81:39:74:C2:29:BD:
                                30:E2:E5:7D:55:6F:92:0B:CE:BE:7B:C4:09:D3:3B:6D:
                                78:D6:03:58:02:20:52:E0:49:38:86:27:A0:5E:2B:DC:
                                3A:67:AC:83:C9:95:04:E6:D3:32:EF:17:CC:19:C4:66:
                                C8:50:54:AF:63:85
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        80:b4:e9:3e:16:fb:c4:4d:1f:09:15:25:ca:1d:6e:ad:93:9f:
        e3:bf:5c:fb:83:b6:22:e9:bd:c3:c9:47:b7:47:8f:57:aa:e0:
        e0:f4:ac:92:89:60:c6:84:08:f8:3e:f5:92:4f:9d:f0:d1:e2:
        c5:b9:02:3e:83:e2:61:39:56:ac:7b:41:93:f8:51:b2:bd:91:
        6d:e5:0e:21:57:4d:01:2d:92:35:48:57:88:c6:9f:4f:f9:96:
        58:b9:48:ea:2a:24:10:59:c7:7e:e8:ed:f9:9e:98:64:f8:3f:
        de:ae:f8:dc:7b:16:e5:32:e6:41:02:08:a2:e5:65:cb:01:f5:
        71:53:8e:05:4b:69:eb:50:14:ce:a8:ec:b8:73:df:84:8b:63:
        34:ad:8e:9b:51:d9:41:ec:90:6a:99:27:bf:81:31:c3:94:b1:
        f8:10:5e:75:8f:6e:5d:73:ae:d9:8e:df:e6:93:e3:88:a6:7c:
        34:8e:51:58:3f:fb:a9:5f:d9:88:02:39:0c:43:dd:64:63:27:
        42:37:3a:68:7e:58:bc:fc:7a:7f:48:28:27:c6:17:14:63:9b:
        d6:87:8e:dd:35:23:4b:b1:9c:76:60:f8:20:71:69:c5:9f:61:
        c4:79:36:18:ee:20:1d:41:55:ed:d9:22:9e:9e:c5:2e:ee:0e:
        e6:ac:eb:f2

554922136 | 2024-09-05T05:29:41.457533

445 / tcp

SMB Status:
  Authentication: enabled
  SMB Version: 1
  OS: Windows Server 2008 R2 Datacenter 7601 Service Pack 1
  Software: Windows Server 2008 R2 Datacenter 6.1
  Capabilities: extended-security, infolevel-passthru, large-files, large-readx, large-writex, level2-oplocks, lock-and-read, lwio, nt-find, nt-smb, nt-status, rpc-remote-api, unicode

1896086426 | 2024-09-14T02:11:12.914832

587 / tcp

220 AZ-EXCH-1.HarvEast.lan Microsoft ESMTP MAIL Service ready at Sat, 14 Sep 2024 05:11:05 +0300
250-AZ-EXCH-1.HarvEast.lan Hello [224.151.97.60]
250-SIZE 40960000
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-AUTH GSSAPI NTLM LOGIN
250-8BITMIME
250-BINARYMIME
250 CHUNKING

SMTP NTLM Info:
  OS: Windows 7/Windows Server 2008 R2
  OS Build: 6.1.7601
  Target Name: HARVEAST
  NetBIOS Domain Name: HARVEAST
  NetBIOS Computer Name: AZ-EXCH-1
  DNS Domain Name: HarvEast.lan
  DNS Tree Name: HarvEast.lan
  FQDN: AZ-EXCH-1.HarvEast.lan

712698082 | 2024-09-11T14:02:27.821654

993 / tcp

* OK The Microsoft Exchange IMAP4 service is ready.
* CAPABILITY IMAP4 IMAP4rev1 AUTH=NTLM AUTH=GSSAPI AUTH=PLAIN UIDPLUS CHILDREN IDLE NAMESPACE LITERAL+
A001 OK CAPABILITY completed.
A002 BAD Command Error. 12
A003 BAD Command Error. 12
* BYE Microsoft Exchange Server 2010 IMAP4 server signing off.
A004 OK LOGOUT completed.

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:25:b8:fb:c6:02:3e:aa:67:51:68:7a:c0:40:26:4e:12:fc
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R11
        Validity
            Not Before: Aug 22 05:05:26 2024 GMT
            Not After : Nov 20 05:05:25 2024 GMT
        Subject: CN=mail.harveast.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (3072 bit)
                Modulus:
                    00:dd:cc:df:8d:a0:e9:67:1c:f6:ce:62:6a:4d:c4:
                    c1:9c:e8:7e:0e:ea:b2:07:48:c1:25:af:97:66:9f:
                    1a:02:eb:6c:a1:fb:01:b2:c4:a2:fc:05:6e:ca:90:
                    b6:c1:ae:39:2b:52:86:b4:01:6f:60:77:a6:3c:db:
                    b0:bb:b0:a2:20:41:86:ef:b7:da:ab:d9:68:62:84:
                    04:2d:63:c8:fb:b4:22:46:94:26:d3:ef:18:1d:25:
                    6b:4a:dd:85:4a:0c:32:53:62:d2:3a:7e:4c:84:f7:
                    f3:5d:3e:63:35:29:ec:89:8c:bf:cd:53:47:df:b6:
                    9f:2f:75:e1:a6:d8:24:dd:97:06:ff:f9:7f:8f:16:
                    7d:ad:96:16:73:9e:46:65:f6:ab:98:81:f3:18:7c:
                    08:f9:0e:63:00:cb:44:5c:38:bd:60:6f:42:b4:b3:
                    d0:6d:fc:bb:7a:cc:aa:08:f7:6b:67:32:ae:53:64:
                    d6:8d:d0:85:28:70:41:f3:a1:26:be:1b:18:6f:17:
                    03:ca:b9:11:5f:a2:65:bd:3e:a1:4a:af:99:42:1f:
                    97:0e:9b:a3:f0:d7:47:f6:22:9f:45:ff:a8:17:00:
                    74:50:af:ba:07:8f:55:4a:5d:ca:5a:34:0c:99:9b:
                    e2:57:9d:f4:60:56:1a:1f:64:67:39:d5:51:84:36:
                    16:c6:48:81:db:32:4b:ed:fa:cd:e5:45:44:3e:74:
                    d7:b5:ee:fb:3b:50:af:e4:ac:36:db:40:04:72:d2:
                    d8:35:91:ab:0b:24:c7:3f:f3:50:fc:3b:e8:fa:2e:
                    e9:be:cf:b3:55:9f:3a:df:24:8f:dd:2f:6c:2e:62:
                    cd:9d:14:8e:b4:1b:4a:71:d8:2d:c4:dd:3a:e5:fc:
                    18:e4:c0:f6:79:b7:e9:6a:05:87:fe:62:15:2a:fc:
                    de:c4:0a:78:b9:fd:d5:19:97:ad:8c:89:7f:26:e0:
                    8e:62:87:16:0c:e0:ba:b2:94:3a:48:02:cf:10:1f:
                    50:46:fc:a7:51:c9:02:92:fa:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                33:7A:F1:2C:51:87:37:E9:58:2C:A2:E8:A9:20:97:9C:AF:9D:05:F9
            X509v3 Authority Key Identifier: 
                C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9
            Authority Information Access: 
                OCSP - URI:http://r11.o.lencr.org
                CA Issuers - URI:http://r11.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:autodiscover.harveast.com, DNS:mail.harveast.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
                                ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
                    Timestamp : Aug 22 06:03:56.308 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:E4:1E:C5:69:32:FD:2D:5F:19:BD:30:
                                A1:89:81:E6:47:A9:FE:A4:67:5D:1D:6D:85:77:80:D9:
                                83:B4:46:0E:C1:02:20:14:B7:5A:B2:F4:CE:7F:CC:B6:
                                16:97:6B:88:3A:46:58:65:B9:0B:5A:FC:D6:2A:8C:A3:
                                13:14:9C:D8:A1:46:D0
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DF:E1:56:EB:AA:05:AF:B5:9C:0F:86:71:8D:A8:C0:32:
                                4E:AE:56:D9:6E:A7:F5:A5:6A:01:D1:C1:3B:BE:52:5C
                    Timestamp : Aug 22 06:03:56.496 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:CD:1F:10:8D:A9:2C:B1:87:82:90:A9:
                                95:FB:F7:61:86:B4:63:AB:CB:B6:85:0B:73:52:F6:44:
                                8C:6A:93:0F:23:02:21:00:D5:A0:D7:39:C2:7E:EA:30:
                                09:8D:19:D4:B4:95:ED:8B:3D:67:89:69:E9:3F:D8:1B:
                                C1:80:B7:1D:1F:CF:F7:18
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        ab:c5:d2:8b:cf:1e:18:7e:a8:ce:a5:cc:34:15:31:10:7b:85:
        f4:28:b7:4b:96:a3:ea:17:97:c4:71:60:a7:fd:5a:27:8d:f8:
        94:a5:4e:88:b1:de:34:8c:1c:e7:48:b6:1c:15:55:cd:d7:49:
        f7:59:01:21:bc:bc:1a:8e:e7:00:85:25:90:c5:e0:9d:4a:33:
        86:3c:17:7f:31:40:44:94:67:09:db:0c:eb:f1:17:19:91:d4:
        35:31:67:f8:f5:fa:62:9a:92:43:1a:c0:b0:34:af:10:5f:3d:
        1a:82:25:a4:26:57:c2:3b:3d:d7:66:3d:04:fb:ac:73:af:f8:
        b8:fc:77:43:28:26:2c:96:57:cc:30:3e:0a:f4:2a:c9:e6:05:
        75:f7:11:a4:e7:8d:70:6e:55:a9:1e:f4:d4:a1:ed:ae:aa:d8:
        a2:15:e2:f0:d3:48:c8:19:1b:ee:d2:34:b7:96:40:95:4c:65:
        a7:f3:0e:70:33:a9:3c:ca:20:15:71:aa:ce:cc:16:be:04:d4:
        62:68:d4:f0:a2:eb:b0:78:52:ec:0e:38:6c:6b:18:1d:25:eb:
        9c:93:cf:e6:c4:95:36:37:06:d3:90:49:f0:e7:91:0f:b0:9a:
        ef:7f:1a:c8:b2:e6:d4:30:af:61:04:97:54:c6:23:dd:a2:52:
        52:10:6b:7c

1489525118 | 2024-08-24T18:34:34.389207

5986 / tcp

Not Found

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Sat, 24 Aug 2024 18:34:34 GMT
Connection: close
Content-Length: 315


WinRM NTLM Info:
  OS: Windows Server 2008 R2
  OS Build: 6.1.7601
  Target Name: HARVEAST
  NetBIOS Domain Name: HARVEAST
  NetBIOS Computer Name: AZ-EXCH-1
  DNS Domain Name: HarvEast.lan
  DNS Tree Name: HarvEast.lan
  FQDN: AZ-EXCH-1.HarvEast.lan

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:e4:00:14:00:10:00:04:00:04:00:04:00:09:07:de
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: CN=az-exch-1.cloudapp.net
        Validity
            Not Before: Sep  2 12:00:00 2014 GMT
            Not After : Nov 19 12:00:00 2022 GMT
        Subject: CN=az-exch-1.cloudapp.net
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (1024 bit)
                Modulus:
                    00:ca:66:9c:a9:2d:1f:20:a8:0f:fe:e0:0e:15:67:
                    70:19:cc:9e:f9:6b:8b:f2:88:8b:bf:df:d5:a7:cc:
                    b0:cc:76:05:60:49:af:df:89:2d:59:cd:15:7c:10:
                    a2:16:33:6f:22:09:9f:df:13:3c:d8:1b:15:7a:47:
                    fe:57:c8:ab:57:0a:22:99:ea:6f:71:08:f7:76:b8:
                    cd:ba:a9:fc:6d:3e:34:63:9f:4d:7a:00:e3:a6:60:
                    7e:2a:11:4b:79:fe:b4:5b:78:a8:2d:25:2c:71:b3:
                    b6:40:12:fc:66:13:87:43:aa:6c:b9:ed:c9:d3:d1:
                    7a:29:3d:0e:da:f2:be:b1:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                81:CA:66:FB:78:D8:D1:95:29:A7:0B:F4:A6:7F:2E:F8:8F:88:CA:4E
            X509v3 Key Usage: 
                Digital Signature, Key Encipherment, Data Encipherment, Certificate Sign, CRL Sign
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            2.5.29.10: 
                0.....
    Signature Algorithm: sha1WithRSAEncryption
    Signature Value:
        68:de:62:25:9a:73:02:5d:7d:c6:9e:f5:e7:80:e3:2f:1d:38:
        c8:65:a8:1b:22:88:23:f0:21:a7:2e:61:27:62:3d:33:96:3c:
        df:68:70:dc:b5:2b:7b:87:18:af:48:fd:8d:02:a1:bb:3c:06:
        b5:f7:8d:5e:24:56:66:95:91:23:db:64:6d:32:57:6f:da:c0:
        69:04:fa:e0:3e:16:c0:b2:c7:85:f4:7b:fa:b3:75:ef:b1:7d:
        ec:bf:82:5e:5c:b4:d5:54:ad:87:f3:71:e9:76:4f:e8:a8:55:
        26:fc:4b:d9:88:cc:7a:64:a0:01:80:b7:e4:01:5e:18:88:9d:
        c2:f0

40.127.141.159

Last Seen: 2024-09-14

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-2039468747 | 2024-09-14T15:11:37.646821
25 / tcp

-985096807 | 2024-09-06T22:58:36.022394
80 / tcp

Microsoft IIS httpd7.5

415727626 | 2024-09-12T08:07:06.497726
135 / tcp

Microsoft RPC Endpoint Mapper

795009750 | 2024-09-12T10:45:58.846028
143 / tcp

1452714602 | 2024-09-10T04:29:46.437156
443 / tcp

Microsoft IIS httpd

554922136 | 2024-09-05T05:29:41.457533
445 / tcp

1896086426 | 2024-09-14T02:11:12.914832
587 / tcp

Microsoft Exchange smtpd

712698082 | 2024-09-11T14:02:27.821654
993 / tcp

1489525118 | 2024-08-24T18:34:34.389207
5986 / tcp

WinRM

Products

Pricing

Contact Us

40.127.141.159

Last Seen: 2024-09-14

Tags:

GeneralInformation

Vulnerabilities All ports Port 80 Latest CVSS

OpenPorts

-2039468747 | 2024-09-14T15:11:37.646821 25 / tcp

-985096807 | 2024-09-06T22:58:36.022394 80 / tcp

Microsoft IIS httpd7.5

415727626 | 2024-09-12T08:07:06.497726 135 / tcp

Microsoft RPC Endpoint Mapper

795009750 | 2024-09-12T10:45:58.846028 143 / tcp

1452714602 | 2024-09-10T04:29:46.437156 443 / tcp

Microsoft IIS httpd

554922136 | 2024-09-05T05:29:41.457533 445 / tcp

1896086426 | 2024-09-14T02:11:12.914832 587 / tcp

Microsoft Exchange smtpd

712698082 | 2024-09-11T14:02:27.821654 993 / tcp

1489525118 | 2024-08-24T18:34:34.389207 5986 / tcp

WinRM

Products

Pricing

Contact Us

Vulnerabilities

-2039468747 | 2024-09-14T15:11:37.646821
25 / tcp

-985096807 | 2024-09-06T22:58:36.022394
80 / tcp

415727626 | 2024-09-12T08:07:06.497726
135 / tcp

795009750 | 2024-09-12T10:45:58.846028
143 / tcp

1452714602 | 2024-09-10T04:29:46.437156
443 / tcp

554922136 | 2024-09-05T05:29:41.457533
445 / tcp

1896086426 | 2024-09-14T02:11:12.914832
587 / tcp

712698082 | 2024-09-11T14:02:27.821654
993 / tcp

1489525118 | 2024-08-24T18:34:34.389207
5986 / tcp