LeakIX - Host 103.225.168.95

Host 103.225.168.95

Thailand

CS LOXINFO Public Company Limited.

Windows

Software information

nginx nginx 1.22.1

tcp/83

Open SMB file sharing detected

Malicious users exploiting this vulnerability may be able to read and/or write information to shared directories.

This may also include IPC services and lead to remote code execution.

IP: 103.225.168.95
Port: 445

First seen 2024-06-12 18:53
Last seen 2024-12-22 01:00
Open for 192 days
- Severity: high
  Fingerprint: 22420ce026fa767d3962741c23bfd32f75afa13eb25d195ea821ba6ca821ba6c
```
Found open SMB shares with Guest login
ADMIN$
C$
D$
IPC$
```
  Found on 2024-12-22 01:00
Create report
Redis instance is public

The Redis instance is open to the public.

This could result to data leak and code execution.

IP: 103.225.168.95
Port: 6379

First seen 2024-07-17 03:05
Last seen 2024-08-04 04:15
Open for 18 days
- Severity: medium
  Fingerprint: d606b92f1b5fdf180bb9df7e0bb9df7e0bb9df7e0bb9df7e0bb9df7e0bb9df7e
```
Redis is open with 5 keys in dbs
```
  Found on 2024-08-04 04:15
  
  5 rows
- Severity: medium
  Fingerprint: d606b92f1b5fdf185732408f5732408f5732408f5732408f5732408f5732408f
```
Redis is open with 0 keys in dbs
```
  Found on 2024-07-23 23:11
Create report

Open service 103.225.168.95:445

2024-12-22 01:00

SMB NTLMSSP handshake results:
Found Windows 10.0 build 17763
NbComputerName: CSLD-CBVPS95F
NbDomainName: CSLD-CBVPS95F
DNSComputerName: CSLD-CBVPS95f
DNSDomainName: CSLD-CBVPS95f

Found 10 hours ago by SmbPlugin

Create report

Open service 103.225.168.95:445

2024-12-20 00:36

SMB NTLMSSP handshake results:
Found Windows 10.0 build 17763
NbComputerName: CSLD-CBVPS95F
NbDomainName: CSLD-CBVPS95F
DNSComputerName: CSLD-CBVPS95f
DNSDomainName: CSLD-CBVPS95f

Found 2 days ago by SmbPlugin

Create report

Open service 103.225.168.95:445

2024-12-18 01:49

SMB NTLMSSP handshake results:
Found Windows 10.0 build 17763
NbComputerName: CSLD-CBVPS95F
NbDomainName: CSLD-CBVPS95F
DNSComputerName: CSLD-CBVPS95f
DNSDomainName: CSLD-CBVPS95f

Found 2024-12-18 by SmbPlugin

Create report

Open service 103.225.168.95:445

2024-12-17 20:11

SMB NTLMSSP handshake results:
Found Windows 10.0 build 17763
NbComputerName: CSLD-CBVPS95F
NbDomainName: CSLD-CBVPS95F
DNSComputerName: CSLD-CBVPS95f
DNSDomainName: CSLD-CBVPS95f

Found 2024-12-17 by SmbPlugin

Create report

Open service 103.225.168.95:445

2024-12-15 22:52

SMB NTLMSSP handshake results:
Found Windows 10.0 build 17763
NbComputerName: CSLD-CBVPS95F
NbDomainName: CSLD-CBVPS95F
DNSComputerName: CSLD-CBVPS95f
DNSDomainName: CSLD-CBVPS95f

Found 2024-12-15 by SmbPlugin

Create report

Open service 103.225.168.95:445

2024-12-13 23:56

SMB NTLMSSP handshake results:
Found Windows 10.0 build 17763
NbComputerName: CSLD-CBVPS95F
NbDomainName: CSLD-CBVPS95F
DNSComputerName: CSLD-CBVPS95f
DNSDomainName: CSLD-CBVPS95f

Found 2024-12-13 by SmbPlugin

Create report

Open service 103.225.168.95:445

2024-12-12 00:29

SMB NTLMSSP handshake results:
Found Windows 10.0 build 17763
NbComputerName: CSLD-CBVPS95F
NbDomainName: CSLD-CBVPS95F
DNSComputerName: CSLD-CBVPS95f
DNSDomainName: CSLD-CBVPS95f

Found 2024-12-12 by SmbPlugin

Create report

Open service 103.225.168.95:445

2024-12-01 23:38

SMB NTLMSSP handshake results:
Found Windows 10.0 build 17763
NbComputerName: CSLD-CBVPS95F
NbDomainName: CSLD-CBVPS95F
DNSComputerName: CSLD-CBVPS95f
DNSDomainName: CSLD-CBVPS95f

Found 2024-12-01 by SmbPlugin

Create report

Open service 103.225.168.95:445

2024-11-29 23:10

SMB NTLMSSP handshake results:
Found Windows 10.0 build 17763
NbComputerName: CSLD-CBVPS95F
NbDomainName: CSLD-CBVPS95F
DNSComputerName: CSLD-CBVPS95f
DNSDomainName: CSLD-CBVPS95f

Found 2024-11-29 by SmbPlugin

Create report

Open service 103.225.168.95:445

2024-11-28 00:29

SMB NTLMSSP handshake results:
Found Windows 10.0 build 17763
NbComputerName: CSLD-CBVPS95F
NbDomainName: CSLD-CBVPS95F
DNSComputerName: CSLD-CBVPS95f
DNSDomainName: CSLD-CBVPS95f

Found 2024-11-28 by SmbPlugin

Create report

Open service 103.225.168.95:83

2024-11-20 12:39

HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Wed, 20 Nov 2024 12:39:17 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 653
Last-Modified: Fri, 23 Dec 2022 04:02:05 GMT
Connection: close
Vary: Accept-Encoding
ETag: "63a5283d-28d"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

Page title: Demuk Server

<!DOCTYPE html>
<html lang="en">

<head>
    <meta charset="UTF-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <link rel="shortcut icon" href="favicon.ico"/>
    <title>Demuk Server</title>
    <style>
        html {
            color-scheme: light dark;
        }

        body {
            width: 35em;
            margin: 0 auto;
            font-family: sans-serif;
        }
    </style>
</head>

<body>
    <h1>Welcome to Demuk!</h1>
    <p>
        Web engine by nginx.
        <a href="info.php" target="_blank">php info</a>
    </p>
</body>

</html>

Found 2024-11-20 by HttpPlugin

Create report

Data leak

Size

0 B

Collections

Rows

Domain summary

No record

Host 103.225.168.95

Thailand

Software information

Open SMB file sharing detected

Redis instance is public

Data leak

Domain summary