GeneralInformation

Hostnames	wsip-70-182-52-65.ph.ph.cox.net autodiscover.prnmed.net webmail.prnmed.net www.webmail.prnmed.net
Domains	cox.net prnmed.net
Country	United States
City	Phoenix
Organization	Cox Communications, Inc.
ISP	Cox Communications Inc.
ASN	AS22773
Operating System	Windows

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

OpenPorts

25 80 389 443 587

-917906897 | 2024-11-13T04:36:24.068292

25 / tcp

220 webmail.prnmed.net Microsoft ESMTP MAIL Service ready at Tue, 12 Nov 2024 21:36:18 -0700
250-webmail.prnmed.net Hello [224.236.114.191]
250-SIZE
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-AUTH
250-8BITMIME
250-BINARYMIME
250 CHUNKING

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            d6:6a:55:f4:cf:40:ed:79
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http:\/\/certs.godaddy.com\/repository\/, CN=Go Daddy Secure Certificate Authority - G2
        Validity
            Not Before: Oct 22 02:36:38 2015 GMT
            Not After : Nov  1 07:00:00 2017 GMT
        Subject: OU=Domain Control Validated, CN=webmail.prnmed.net
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:a2:f6:9a:f3:2b:a0:89:42:df:fa:4b:39:c0:c2:
                    a7:21:68:74:82:cc:1a:39:0d:9b:e4:86:b3:25:ca:
                    59:93:65:ff:b8:32:bc:ab:3a:05:19:45:d8:36:d3:
                    a6:65:4d:47:76:93:62:90:4d:9e:fa:aa:c6:6c:7a:
                    a0:60:45:ae:f6:31:7a:7c:b2:2c:73:e4:16:3c:c8:
                    e8:37:a8:c5:f6:54:45:90:cb:89:a6:91:2c:7f:15:
                    5f:af:b3:19:f7:1e:d6:81:a5:a0:1f:f5:a2:e6:94:
                    5e:74:e7:45:fe:78:61:65:08:7e:65:de:83:ae:ea:
                    63:c8:00:91:a4:b2:cc:cd:1e:45:3f:e1:e1:1c:c9:
                    07:17:78:b4:1a:56:65:d8:5c:5d:31:26:87:97:97:
                    89:c1:ab:09:4a:46:d6:3a:c2:8c:a0:cf:a1:e4:91:
                    4e:b0:3e:57:45:5e:c6:8c:e1:33:d8:9f:54:d7:f4:
                    85:4f:ba:c1:c5:1e:82:14:aa:0b:ca:c3:69:ad:ad:
                    bf:b9:1b:4d:48:aa:8d:66:b4:bb:d5:81:14:f1:c6:
                    f0:df:69:0b:27:be:f4:e5:86:78:f5:66:c9:2d:e9:
                    a6:a1:cb:05:ec:65:08:70:07:65:7d:13:4c:d6:70:
                    3d:e6:18:15:75:86:d0:15:0f:1a:80:8e:55:fc:74:
                    8a:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.godaddy.com/gdig2s1-142.crl
            X509v3 Certificate Policies: 
                Policy: 2.16.840.1.114413.1.7.23.1
                  CPS: http://certificates.godaddy.com/repository/
            Authority Information Access: 
                OCSP - URI:http://ocsp.godaddy.com/
                CA Issuers - URI:http://certificates.godaddy.com/repository/gdig2.crt
            X509v3 Authority Key Identifier: 
                40:C2:BD:27:8E:CC:34:83:30:A2:33:D7:FB:6C:B3:F0:B4:2C:80:CE
            X509v3 Subject Alternative Name: 
                DNS:webmail.prnmed.net, DNS:www.webmail.prnmed.net, DNS:autodiscover.prnmed.net
            X509v3 Subject Key Identifier: 
                B2:5F:8A:08:F8:BE:8C:3D:76:9E:36:8E:7F:42:CC:0B:49:18:62:BE
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        a4:32:22:cc:ba:05:79:c3:ed:a9:f4:3d:0d:a5:d9:07:35:bd:
        bf:0f:82:3d:c4:4b:3e:51:ff:78:f6:5a:6f:78:8a:03:16:31:
        6a:54:bc:87:75:19:ad:7d:f2:86:f7:37:e7:10:c7:91:60:0e:
        a9:4e:ed:b0:b7:6e:b2:6e:bc:b1:a5:09:bf:74:fc:67:0e:4b:
        b1:a9:fb:6f:ae:4f:95:ad:89:8a:47:ab:a8:df:33:dd:1e:33:
        1b:6d:3e:14:6c:99:51:22:8f:4f:69:91:a3:22:ee:61:f6:7d:
        20:71:5d:68:a0:0f:df:c3:78:c8:b3:40:94:ef:3e:17:fa:6f:
        6f:b0:00:bc:ed:53:61:ad:dc:b4:53:68:6e:b1:c6:74:ed:4d:
        39:75:d9:15:c7:51:b5:81:30:fc:20:26:1b:25:21:55:aa:84:
        60:b7:21:9b:99:22:9e:3b:b0:ad:e5:99:f7:44:09:44:fa:74:
        3a:d0:91:19:ed:50:d2:e1:3b:d2:90:7d:0d:36:52:f6:fa:c5:
        24:5f:50:46:fb:d9:00:62:c0:96:e9:8a:8d:c8:b1:d1:cf:de:
        00:57:ec:b2:3d:97:29:af:ec:21:e3:07:45:19:2f:38:08:bd:
        0a:2a:8d:bf:05:d0:de:3a:ea:44:13:0d:a6:d2:09:48:f0:59:
        19:3d:94:62

2021487153 | 2024-11-21T16:26:31.511875

80 / tcp

Document Moved

HTTP/1.1 302 Redirect
Content-Type: text/html; charset=UTF-8
Location: https://webmail.prnmed.net/owa
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Thu, 21 Nov 2024 16:26:29 GMT
Content-Length: 153

CVE-2008-1446 CVE-2009-2521

-2081705557 | 2024-11-15T04:56:24.678845

389 / tcp

LDAP:
  CurrentTime: 20241115045624.0Z
  SubschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=prnmed,DC=local
  DsServiceName: CN=NTDS Settings,CN=PRNMED-EX01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=prnmed,DC=local
  NamingContexts:
    CN=Configuration,DC=prnmed,DC=local
    CN=Schema,CN=Configuration,DC=prnmed,DC=local
    DC=DomainDnsZones,DC=prnmed,DC=local
    DC=ForestDnsZones,DC=prnmed,DC=local
    DC=prnmed,DC=local
  DefaultNamingContext: DC=prnmed,DC=local
  SchemaNamingContext: CN=Schema,CN=Configuration,DC=prnmed,DC=local
  ConfigurationNamingContext: CN=Configuration,DC=prnmed,DC=local
  RootDomainNamingContext: DC=prnmed,DC=local
  SupportedControl:
    1.2.840.113556.1.4.1338
    1.2.840.113556.1.4.1339
    1.2.840.113556.1.4.1340
    1.2.840.113556.1.4.1341
    1.2.840.113556.1.4.1413
    1.2.840.113556.1.4.1504
    1.2.840.113556.1.4.1852
    1.2.840.113556.1.4.1907
    1.2.840.113556.1.4.1948
    1.2.840.113556.1.4.1974
    1.2.840.113556.1.4.2026
    1.2.840.113556.1.4.319
    1.2.840.113556.1.4.417
    1.2.840.113556.1.4.473
    1.2.840.113556.1.4.474
    1.2.840.113556.1.4.521
    1.2.840.113556.1.4.528
    1.2.840.113556.1.4.529
    1.2.840.113556.1.4.619
    1.2.840.113556.1.4.801
    1.2.840.113556.1.4.802
    1.2.840.113556.1.4.805
    1.2.840.113556.1.4.841
    1.2.840.113556.1.4.970
    2.16.840.1.113730.3.4.10
    2.16.840.1.113730.3.4.9
  SupportedLDAPVersion:
    2
    3
  SupportedLDAPPolicies:
    InitRecvTimeout
    MaxConnIdleTime
    MaxConnections
    MaxDatagramRecv
    MaxNotificationPerConn
    MaxPageSize
    MaxPoolThreads
    MaxQueryDuration
    MaxReceiveBuffer
    MaxResultSetSize
    MaxTempTableSize
    MaxValRange
    SystemMemoryLimitPercent
    ThreadMemoryLimit
  HighestCommittedUSN: 108175088
  SupportedSASLMechanisms:
    DIGEST-MD5
    EXTERNAL
    GSS-SPNEGO
    GSSAPI
  DnsHostName: prnmed-ex01.prnmed.local
  LdapServiceName: prnmed.local:prnmed-ex01$@PRNMED.LOCAL
  ServerName: CN=PRNMED-EX01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=prnmed,DC=local
  SupportedCapabilities:
    1.2.840.113556.1.4.1670
    1.2.840.113556.1.4.1791
    1.2.840.113556.1.4.1935
    1.2.840.113556.1.4.800
  IsSynchronized: TRUE
  IsGlobalCatalogReady: TRUE
  SupportedExtension:
    1.2.840.113556.1.4.1781
    1.3.6.1.4.1.1466.101.119.1
    1.3.6.1.4.1.1466.20037
    1.3.6.1.4.1.4203.1.11.3
  DomainFunctionality: 3
  ForestFunctionality: 3

1739343675 | 2024-11-21T14:50:14.914643

443 / tcp

Microsoft Exchange - Outlook Web Access

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 8370
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-OWA-Version: 8.3.485.1
X-UA-Compatible: IE=EmulateIE7
X-Powered-By: ASP.NET
Date: Thu, 21 Nov 2024 14:50:14 GMT


Microsoft Exchange:
  Name: Update Rollup 21 for Exchange Server 2007 SP3
  Build Number: 8.3.485.1
  Build Date: September 20, 2016

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4394841581512520677 (0x3cfd9d222e2b73e5)
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http:\/\/certs.godaddy.com\/repository\/, CN=Go Daddy Secure Certificate Authority - G2
        Validity
            Not Before: Sep  2 14:49:00 2017 GMT
            Not After : Nov  1 07:00:00 2019 GMT
        Subject: OU=Domain Control Validated, CN=webmail.prnmed.net
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:a2:f6:9a:f3:2b:a0:89:42:df:fa:4b:39:c0:c2:
                    a7:21:68:74:82:cc:1a:39:0d:9b:e4:86:b3:25:ca:
                    59:93:65:ff:b8:32:bc:ab:3a:05:19:45:d8:36:d3:
                    a6:65:4d:47:76:93:62:90:4d:9e:fa:aa:c6:6c:7a:
                    a0:60:45:ae:f6:31:7a:7c:b2:2c:73:e4:16:3c:c8:
                    e8:37:a8:c5:f6:54:45:90:cb:89:a6:91:2c:7f:15:
                    5f:af:b3:19:f7:1e:d6:81:a5:a0:1f:f5:a2:e6:94:
                    5e:74:e7:45:fe:78:61:65:08:7e:65:de:83:ae:ea:
                    63:c8:00:91:a4:b2:cc:cd:1e:45:3f:e1:e1:1c:c9:
                    07:17:78:b4:1a:56:65:d8:5c:5d:31:26:87:97:97:
                    89:c1:ab:09:4a:46:d6:3a:c2:8c:a0:cf:a1:e4:91:
                    4e:b0:3e:57:45:5e:c6:8c:e1:33:d8:9f:54:d7:f4:
                    85:4f:ba:c1:c5:1e:82:14:aa:0b:ca:c3:69:ad:ad:
                    bf:b9:1b:4d:48:aa:8d:66:b4:bb:d5:81:14:f1:c6:
                    f0:df:69:0b:27:be:f4:e5:86:78:f5:66:c9:2d:e9:
                    a6:a1:cb:05:ec:65:08:70:07:65:7d:13:4c:d6:70:
                    3d:e6:18:15:75:86:d0:15:0f:1a:80:8e:55:fc:74:
                    8a:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.godaddy.com/gdig2s1-678.crl
            X509v3 Certificate Policies: 
                Policy: 2.16.840.1.114413.1.7.23.1
                  CPS: http://certificates.godaddy.com/repository/
                Policy: 2.23.140.1.2.1
            Authority Information Access: 
                OCSP - URI:http://ocsp.godaddy.com/
                CA Issuers - URI:http://certificates.godaddy.com/repository/gdig2.crt
            X509v3 Authority Key Identifier: 
                40:C2:BD:27:8E:CC:34:83:30:A2:33:D7:FB:6C:B3:F0:B4:2C:80:CE
            X509v3 Subject Alternative Name: 
                DNS:webmail.prnmed.net, DNS:www.webmail.prnmed.net, DNS:autodiscover.prnmed.net
            X509v3 Subject Key Identifier: 
                B2:5F:8A:08:F8:BE:8C:3D:76:9E:36:8E:7F:42:CC:0B:49:18:62:BE
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        10:8a:77:25:cd:ef:6c:14:87:39:f0:ef:34:c0:7e:53:c5:2e:
        91:49:d1:14:03:ae:1f:ca:77:67:fc:39:2e:65:9f:f9:05:e0:
        aa:5e:31:7d:01:39:30:58:bb:db:c2:81:12:f9:be:2b:5c:ba:
        7f:af:06:19:77:0b:4a:d5:fc:ad:e9:ed:51:29:9e:d5:5b:b5:
        2e:0c:80:07:3b:82:b2:ad:85:0b:ce:5b:9e:49:25:57:46:01:
        bd:96:bd:2c:e5:37:fe:ed:1a:5a:70:b7:48:0c:bd:a6:5f:41:
        df:56:2c:74:53:41:35:7a:48:c3:86:95:e7:1c:86:96:90:fe:
        db:e8:c9:8f:9c:ea:9c:75:47:85:d5:3b:b0:a1:e7:6e:e9:95:
        c1:55:77:e0:0b:49:d3:0c:7b:31:ba:07:a5:63:74:a7:d9:7c:
        e2:56:44:fb:b4:d8:11:ce:f8:3b:ea:fb:e8:43:f4:b1:57:62:
        9d:8f:ba:7a:4f:b4:4b:4a:1a:d7:e7:e7:c3:ce:37:fe:d2:e0:
        bc:f3:78:14:0d:7e:2f:58:a0:03:46:92:e4:e8:d6:fc:58:76:
        b9:a6:dd:0b:21:a6:86:22:03:39:0a:42:e5:8a:68:35:75:36:
        29:76:07:fd:fd:5c:04:85:8a:df:28:72:a8:20:ef:0b:9e:db:
        07:37:b7:4a

CVE-2008-1446 CVE-2009-2521

-2052241285 | 2024-11-17T18:32:51.304520

587 / tcp

220 prnmed-ex01.prnmed.local Microsoft ESMTP MAIL Service ready at Sun, 17 Nov 2024 11:32:42 -0700
250-prnmed-ex01.prnmed.local Hello [224.60.56.230]
250-SIZE 502400000
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-X-ANONYMOUSTLS
250-AUTH GSSAPI NTLM LOGIN
250-X-EXPS GSSAPI NTLM
250-8BITMIME
250-BINARYMIME
250-CHUNKING
250-XEXCH50
250 XRDST

SMTP NTLM Info:
  OS: Windows Vista/Windows Server 2008
  OS Build: 6.0.6003
  Target Name: PRNMED
  NetBIOS Domain Name: PRNMED
  NetBIOS Computer Name: PRNMED-EX01
  DNS Domain Name: prnmed.local
  DNS Tree Name: prnmed.local
  FQDN: prnmed-ex01.prnmed.local

70.182.52.65

Last Seen: 2024-11-21

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-917906897 | 2024-11-13T04:36:24.068292
25 / tcp

Microsoft Exchange smtpd

2021487153 | 2024-11-21T16:26:31.511875
80 / tcp

Microsoft IIS httpd7.0

-2081705557 | 2024-11-15T04:56:24.678845
389 / tcp

1739343675 | 2024-11-21T14:50:14.914643
443 / tcp

Microsoft IIS httpd7.0

-2052241285 | 2024-11-17T18:32:51.304520
587 / tcp

Microsoft Exchange smtpd

Products

Pricing

Contact Us

70.182.52.65

Last Seen: 2024-11-21

Tags:

GeneralInformation

Vulnerabilities All ports Port 80 Port 443 Latest CVSS

OpenPorts

-917906897 | 2024-11-13T04:36:24.068292 25 / tcp

Microsoft Exchange smtpd

2021487153 | 2024-11-21T16:26:31.511875 80 / tcp

Microsoft IIS httpd7.0

-2081705557 | 2024-11-15T04:56:24.678845 389 / tcp

1739343675 | 2024-11-21T14:50:14.914643 443 / tcp

Microsoft IIS httpd7.0

-2052241285 | 2024-11-17T18:32:51.304520 587 / tcp

Microsoft Exchange smtpd

Products

Pricing

Contact Us

Vulnerabilities

-917906897 | 2024-11-13T04:36:24.068292
25 / tcp

2021487153 | 2024-11-21T16:26:31.511875
80 / tcp

-2081705557 | 2024-11-15T04:56:24.678845
389 / tcp

1739343675 | 2024-11-21T14:50:14.914643
443 / tcp

-2052241285 | 2024-11-17T18:32:51.304520
587 / tcp