Microsoft-IIS 7.5
tcp/80
The server is accepting NTLM anonymous credentials.
This allows for authentication bypass to access the underlying application.
https://blog.leakix.net/2022/03/bypassing-ntlm-auth-over-http/
Fingerprint: 40fea8e6a9bd2c3671ce48dbe86f199c655c5c9cca7a3ca80bd2c8c360ae0b01
Server didn't refuse ANONYMOUS NTLM connection Found NTLM information: Running Windows 5.2 build 3790 MsvAvNbComputerName: WIN-10C9162EFW4 MsvAvNbDomainName: 35B1 MsvAvDNSComputerName: WIN-10C9162EFW4.35B1.LOCAL MsvAvDNSDomainName: 35B1.LOCAL MsvAvDNSTreeName: 35B1.LOCAL 200 OK Content-Length: 85 Content-Type: text/html Date: Mon, 04 Nov 2024 15:21:27 GMT Server: Microsoft-IIS/7.5 Www-Authenticate: NTLM <img src='file://///10.0.0.197/pictures/logo.jpg' alt='Loading' height='1' width='1'>
Open service 129.151.89.233:80 · www.ms.murphygroup.link
2024-12-20 15:11
Found NTLM information: Running Windows 5.2 build 3790 MsvAvNbComputerName: WIN-10C9162EFW4 MsvAvNbDomainName: 35B1 MsvAvDNSComputerName: WIN-10C9162EFW4.35B1.LOCAL MsvAvDNSDomainName: 35B1.LOCAL MsvAvDNSTreeName: 35B1.LOCAL 200 OK Content-Length: 85 Content-Type: text/html Date: Mon, 04 Nov 2024 15:21:27 GMT Server: Microsoft-IIS/7.5 Www-Authenticate: NTLM <img src='file://///10.0.0.197/pictures/logo.jpg' alt='Loading' height='1' width='1'>
Open service 129.151.89.233:80 · www.ms.murphygroup.link
2024-12-20 15:11
HTTP/1.1 401 Unauthorized Server: Microsoft-IIS/7.5 Date: Mon, 04 Nov 2024 15:21:27 GMT Content-Type: text/html WWW-Authenticate: NTLM Content-Length: 0
Open service 129.151.89.233:80 · www.ms.murphygroup.link
2024-12-18 13:51
HTTP/1.1 401 Unauthorized Server: Microsoft-IIS/7.5 Date: Mon, 04 Nov 2024 15:21:27 GMT Content-Type: text/html WWW-Authenticate: NTLM Content-Length: 0
Open service 129.151.89.233:80 · www.ms.murphygroup.link
2024-12-18 13:51
Found NTLM information: Running Windows 5.2 build 3790 MsvAvNbComputerName: WIN-10C9162EFW4 MsvAvNbDomainName: 35B1 MsvAvDNSComputerName: WIN-10C9162EFW4.35B1.LOCAL MsvAvDNSDomainName: 35B1.LOCAL MsvAvDNSTreeName: 35B1.LOCAL 200 OK Content-Length: 85 Content-Type: text/html Date: Mon, 04 Nov 2024 15:21:27 GMT Server: Microsoft-IIS/7.5 Www-Authenticate: NTLM <img src='file://///10.0.0.197/pictures/logo.jpg' alt='Loading' height='1' width='1'>
Open service 129.151.89.233:80 · www.ms.murphygroup.link
2024-12-14 10:00
Found NTLM information: Running Windows 5.2 build 3790 MsvAvNbComputerName: WIN-10C9162EFW4 MsvAvNbDomainName: 35B1 MsvAvDNSComputerName: WIN-10C9162EFW4.35B1.LOCAL MsvAvDNSDomainName: 35B1.LOCAL MsvAvDNSTreeName: 35B1.LOCAL 200 OK Content-Length: 85 Content-Type: text/html Date: Mon, 04 Nov 2024 15:21:27 GMT Server: Microsoft-IIS/7.5 Www-Authenticate: NTLM <img src='file://///10.0.0.197/pictures/logo.jpg' alt='Loading' height='1' width='1'>
Open service 129.151.89.233:80 · www.ms.murphygroup.link
2024-12-14 10:00
HTTP/1.1 401 Unauthorized Server: Microsoft-IIS/7.5 Date: Mon, 04 Nov 2024 15:21:27 GMT Content-Type: text/html WWW-Authenticate: NTLM Content-Length: 0
Open service 129.151.89.233:80 · www.ms.murphygroup.link
2024-12-12 12:50
Found NTLM information: Running Windows 5.2 build 3790 MsvAvNbComputerName: WIN-10C9162EFW4 MsvAvNbDomainName: 35B1 MsvAvDNSComputerName: WIN-10C9162EFW4.35B1.LOCAL MsvAvDNSDomainName: 35B1.LOCAL MsvAvDNSTreeName: 35B1.LOCAL 200 OK Content-Length: 85 Content-Type: text/html Date: Mon, 04 Nov 2024 15:21:27 GMT Server: Microsoft-IIS/7.5 Www-Authenticate: NTLM <img src='file://///10.0.0.197/pictures/logo.jpg' alt='Loading' height='1' width='1'>
Open service 129.151.89.233:80 · www.ms.murphygroup.link
2024-12-12 12:50
HTTP/1.1 401 Unauthorized Server: Microsoft-IIS/7.5 Date: Mon, 04 Nov 2024 15:21:27 GMT Content-Type: text/html WWW-Authenticate: NTLM Content-Length: 0
Open service 129.151.89.233:80 · www.ms.murphygroup.link
2024-12-03 00:41
Found NTLM information: Running Windows 5.2 build 3790 MsvAvNbComputerName: WIN-10C9162EFW4 MsvAvNbDomainName: 35B1 MsvAvDNSComputerName: WIN-10C9162EFW4.35B1.LOCAL MsvAvDNSDomainName: 35B1.LOCAL MsvAvDNSTreeName: 35B1.LOCAL 200 OK Content-Length: 85 Content-Type: text/html Date: Mon, 04 Nov 2024 15:21:27 GMT Server: Microsoft-IIS/7.5 Www-Authenticate: NTLM <img src='file://///10.0.0.197/pictures/logo.jpg' alt='Loading' height='1' width='1'>
Open service 129.151.89.233:80 · www.ms.murphygroup.link
2024-12-03 00:41
HTTP/1.1 401 Unauthorized Server: Microsoft-IIS/7.5 Date: Mon, 04 Nov 2024 15:21:27 GMT Content-Type: text/html WWW-Authenticate: NTLM Content-Length: 0
Open service 129.151.89.233:80 · www.ms.murphygroup.link
2024-12-01 00:25
HTTP/1.1 401 Unauthorized Server: Microsoft-IIS/7.5 Date: Mon, 04 Nov 2024 15:21:27 GMT Content-Type: text/html WWW-Authenticate: NTLM Content-Length: 0
Open service 129.151.89.233:80 · www.ms.murphygroup.link
2024-12-01 00:25
Found NTLM information: Running Windows 5.2 build 3790 MsvAvNbComputerName: WIN-10C9162EFW4 MsvAvNbDomainName: 35B1 MsvAvDNSComputerName: WIN-10C9162EFW4.35B1.LOCAL MsvAvDNSDomainName: 35B1.LOCAL MsvAvDNSTreeName: 35B1.LOCAL 200 OK Content-Length: 85 Content-Type: text/html Date: Mon, 04 Nov 2024 15:21:27 GMT Server: Microsoft-IIS/7.5 Www-Authenticate: NTLM <img src='file://///10.0.0.197/pictures/logo.jpg' alt='Loading' height='1' width='1'>
Open service 129.151.89.233:80 · www.ms.murphygroup.link
2024-11-28 22:25
Found NTLM information: Running Windows 5.2 build 3790 MsvAvNbComputerName: WIN-10C9162EFW4 MsvAvNbDomainName: 35B1 MsvAvDNSComputerName: WIN-10C9162EFW4.35B1.LOCAL MsvAvDNSDomainName: 35B1.LOCAL MsvAvDNSTreeName: 35B1.LOCAL 200 OK Content-Length: 85 Content-Type: text/html Date: Mon, 04 Nov 2024 15:21:27 GMT Server: Microsoft-IIS/7.5 Www-Authenticate: NTLM <img src='file://///10.0.0.197/pictures/logo.jpg' alt='Loading' height='1' width='1'>
Open service 129.151.89.233:80 · www.ms.murphygroup.link
2024-11-28 22:25
HTTP/1.1 401 Unauthorized Server: Microsoft-IIS/7.5 Date: Mon, 04 Nov 2024 15:21:27 GMT Content-Type: text/html WWW-Authenticate: NTLM Content-Length: 0
Open service 129.151.89.233:80 · www.ms.murphygroup.link
2024-11-26 20:55
HTTP/1.1 401 Unauthorized Server: Microsoft-IIS/7.5 Date: Mon, 04 Nov 2024 15:21:27 GMT Content-Type: text/html WWW-Authenticate: NTLM Content-Length: 0
Open service 129.151.89.233:80 · www.ms.murphygroup.link
2024-11-26 20:55
Found NTLM information: Running Windows 5.2 build 3790 MsvAvNbComputerName: WIN-10C9162EFW4 MsvAvNbDomainName: 35B1 MsvAvDNSComputerName: WIN-10C9162EFW4.35B1.LOCAL MsvAvDNSDomainName: 35B1.LOCAL MsvAvDNSTreeName: 35B1.LOCAL 200 OK Content-Length: 85 Content-Type: text/html Date: Mon, 04 Nov 2024 15:21:27 GMT Server: Microsoft-IIS/7.5 Www-Authenticate: NTLM <img src='file://///10.0.0.197/pictures/logo.jpg' alt='Loading' height='1' width='1'>
Open service 129.151.89.233:80 · www.ms.murphygroup.link
2024-11-21 00:50
HTTP/1.1 401 Unauthorized Server: Microsoft-IIS/7.5 Date: Mon, 04 Nov 2024 15:21:27 GMT Content-Type: text/html WWW-Authenticate: NTLM Content-Length: 0
Open service 129.151.89.233:80 · www.ms.murphygroup.link
2024-11-21 00:50
Found NTLM information: Running Windows 5.2 build 3790 MsvAvNbComputerName: WIN-10C9162EFW4 MsvAvNbDomainName: 35B1 MsvAvDNSComputerName: WIN-10C9162EFW4.35B1.LOCAL MsvAvDNSDomainName: 35B1.LOCAL MsvAvDNSTreeName: 35B1.LOCAL 200 OK Content-Length: 85 Content-Type: text/html Date: Mon, 04 Nov 2024 15:21:27 GMT Server: Microsoft-IIS/7.5 Www-Authenticate: NTLM <img src='file://///10.0.0.197/pictures/logo.jpg' alt='Loading' height='1' width='1'>