Host 114.32.84.245
Taiwan
Software information
Apache 2.4.62
tcp/443 tcp/80 tcp/8089
-
Open SMB file sharing detected
Malicious users exploiting this vulnerability may be able to read and/or write information to shared directories.
This may also include IPC services and lead to remote code execution.
First seen 2022-06-13 20:01
Last seen 2024-09-19 23:29
Open for 829 days-
Severity: high
Fingerprint: 22420ce026fa767de22ea8c3df372350d40013922645c7572645c7572645c757Found open SMB shares with NT AUTHORITY/ANONYMOUS LOGON print$ IPC$ nobody
Found on 2024-09-19 23:29 -
Severity: high
Fingerprint: 22420ce026fa767de22ea8c3df372350d4001392d4001392d4001392d4001392Found open SMB shares with NT AUTHORITY/ANONYMOUS LOGON print$ IPC$
Found on 2022-06-13 20:01
-
-
Open service 114.32.84.245:445
2024-09-15 23:51
SMB NTLMSSP handshake results: Found non-Windows 6.1 build 0
Found 2024-09-15 by SmbPluginCreate report
-
Open service 114.32.84.245:445
2024-09-13 23:34
SMB NTLMSSP handshake results: Found non-Windows 6.1 build 0
Found 2024-09-13 by SmbPluginCreate report
-
Open service 114.32.84.245:21
2024-09-12 06:35
220 (vsFTPd 3.0.3) 530 Please login with USER and PASS. 530 Please login with USER and PASS. 530 Please login with USER and PASS. 530 Please login with USER and PASS. 530 Please login with USER and PASS. 530 Please login with USER and PASS.
Found 2024-09-12 by FtpPluginCreate report
-
Open service 114.32.84.245:445
2024-09-12 01:02
SMB NTLMSSP handshake results: Found non-Windows 6.1 build 0
Found 2024-09-12 by SmbPluginCreate report
-
Open service 114.32.84.245:80
2024-09-12 00:23
HTTP/1.1 403 Forbidden Date: Thu, 12 Sep 2024 00:23:40 GMT Server: Apache/2.4.62 (Debian) Content-Length: 278 Connection: close Content-Type: text/html; charset=iso-8859-1 Page title: 403 Forbidden <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>403 Forbidden</title> </head><body> <h1>Forbidden</h1> <p>You don't have permission to access this resource.</p> <hr> <address>Apache/2.4.62 (Debian) Server at 114.32.84.245 Port 80</address> </body></html>
Found 2024-09-12 by HttpPluginCreate report
-
Open service 114.32.84.245:445
2024-09-11 09:48
SMB NTLMSSP handshake results: Found non-Windows 6.1 build 0
Found 2024-09-11 by SmbPluginCreate report
-
Open service 114.32.84.245:8080
2024-09-10 05:40
HTTP/1.1 302 Found Connection: close Location: http://114.32.84.245/steve/manager/home
Found 2024-09-10 by HttpPluginCreate report
-
Open service 114.32.84.245:8089
2024-09-10 04:35
HTTP/1.1 403 Forbidden Date: Tue, 10 Sep 2024 04:35:55 GMT Server: Apache/2.4.62 (Debian) Content-Length: 278 Connection: close Content-Type: text/html; charset=iso-8859-1 Page title: 403 Forbidden <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>403 Forbidden</title> </head><body> <h1>Forbidden</h1> <p>You don't have permission to access this resource.</p> <hr> <address>Apache/2.4.62 (Debian) Server at 114.32.84.245 Port 80</address> </body></html>
Found 2024-09-10 by HttpPluginCreate report
-
Open service 114.32.84.245:443
2024-09-09 22:32
HTTP/1.1 200 OK Date: Mon, 09 Sep 2024 22:32:10 GMT Server: Apache/2.4.62 (Debian) Last-Modified: Sun, 15 May 2022 05:58:07 GMT ETag: "131-5df06977c30c2" Accept-Ranges: bytes Content-Length: 305 Vary: Accept-Encoding Connection: close Content-Type: text/html <html> <body> <div id="root">Test</div> <script> var host = 'wss://foluswen.com:8018/websocket.php'; var socket = new WebSocket(host); socket.onmessage = function(e) { document.getElementById('root').innerHTML = e.data; }; </script> </body> </html>Found 2024-09-09 by HttpPluginCreate report