Host 114.32.27.158
Taiwan
-
Open SMB file sharing detected
Malicious users exploiting this vulnerability may be able to read and/or write information to shared directories.
This may also include IPC services and lead to remote code execution.
First seen 2024-09-10 19:12
Last seen 2024-12-22 00:59
Open for 102 days-
Severity: high
Fingerprint: 22420ce026fa767de22ea8c3146a5f4672e2dc2eb664ed00fe55a3cb2ddaee10Found open SMB shares with NT AUTHORITY/ANONYMOUS LOGON Philips Order SQLBackup Michael home My Passport IPC$
Found on 2024-12-22 00:59 -
Severity: high
Fingerprint: 22420ce026fa767de22ea8c3146a5f4672e2dc2eb664ed00fe55a3cbd9cd2300Found open SMB shares with NT AUTHORITY/ANONYMOUS LOGON Philips Order SQLBackup Michael home USBBACKUP IPC$
Found on 2024-12-15 23:49
-
-
Open service 114.32.27.158:445
2024-12-22 00:59
SMB NTLMSSP handshake results: Found non-Windows 6.1 build 0
Found 10 hours ago by SmbPluginCreate report
-
Open service 114.32.27.158:445
2024-12-20 00:34
SMB NTLMSSP handshake results: Found non-Windows 6.1 build 0
Found 2 days ago by SmbPluginCreate report
-
Open service 114.32.27.158:445
2024-12-18 01:43
SMB NTLMSSP handshake results: Found non-Windows 6.1 build 0
Found 2024-12-18 by SmbPluginCreate report
-
Open service 114.32.27.158:8080
2024-12-17 21:32
HTTP/1.1 200 OK Date: Tue, 17 Dec 2024 21:32:01 GMT Server: X-Frame-Options: SAMEORIGIN Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; worker-src 'self' blob: Content-type: text/html; charset=UTF-8 Last-modified: Wed, 13 Nov 2024 19:41:12 GMT Accept-Ranges: bytes Content-length: 580 Vary: Accept-Encoding X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Connection: close <html style="background:#007cef"> <head> <meta http-equiv="expires" content="0"> <script type='text/javascript'> pr=(document.location.protocol == 'https:') ? 'https' : 'http'; pt=(location.port == '') ? '' : ':' + location.port; redirect_suffix = "/redirect.html?count="+Math.random(); if(location.hostname.indexOf(':') == -1) { location.href=pr+"://"+location.hostname+pt+redirect_suffix; } else //could be ipv6 addr { var url = ""; url=pr+"://["+ location.hostname.replace(/[\[\]]/g, '') +"]"+pt+redirect_suffix; location.href = url; } </script> </head> <body> </body> </html>Found 2024-12-17 by HttpPluginCreate report
-
Open service 114.32.27.158:445
2024-12-15 23:49
SMB NTLMSSP handshake results: Found non-Windows 6.1 build 0
Found 2024-12-15 by SmbPluginCreate report
-
Open service 114.32.27.158:445
2024-12-14 00:05
SMB NTLMSSP handshake results: Found non-Windows 6.1 build 0
Found 2024-12-14 by SmbPluginCreate report
-
Open service 114.32.27.158:445
2024-12-12 01:04
SMB NTLMSSP handshake results: Found non-Windows 6.1 build 0
Found 2024-12-12 by SmbPluginCreate report
-
Open service 114.32.27.158:445
2024-12-02 01:33
SMB NTLMSSP handshake results: Found non-Windows 6.1 build 0
Found 2024-12-02 by SmbPluginCreate report
-
Open service 114.32.27.158:445
2024-11-30 00:47
SMB NTLMSSP handshake results: Found non-Windows 6.1 build 0
Found 2024-11-30 by SmbPluginCreate report
-
Open service 114.32.27.158:445
2024-11-28 00:36
SMB NTLMSSP handshake results: Found non-Windows 6.1 build 0
Found 2024-11-28 by SmbPluginCreate report