Host 128.199.164.30
Singapore
Software information
Microsoft-IIS 10.0
tcp/80
nginx 1.12.2
tcp/80
-
Server accepting anonymous credentials
The server is accepting NTLM anonymous credentials.
This allows for authentication bypass to access the underlying application.
https://blog.leakix.net/2022/03/bypassing-ntlm-auth-over-http/
First seen 2024-02-19 16:07
Last seen 2024-04-28 17:56
Open for 69 days-
Fingerprint: 40fea8e6a9bd2c3671ce48dbe86f199c98a4427a98f173888392e15a6e8f3998
Server didn't refuse ANONYMOUS NTLM connection Found NTLM information: Running Windows 10.0 build 20348 MsvAvNbComputerName: WIN-K0HOQ3XBI65 MsvAvNbDomainName: 90AZ MsvAvDNSComputerName: WIN-K0HOQ3XBI65.90AZ.LOCAL MsvAvDNSDomainName: 90AZ.LOCAL MsvAvDNSTreeName: 90AZ.LOCAL 200 OK Content-Length: 0 Content-Type: text/html Date: Mon, 08 Apr 2024 09:28:34 GMT Server: Microsoft-IIS/10.0 Www-Authenticate: NTLM
Found on 2024-04-28 17:56 -
Fingerprint: 40fea8e6a9bd2c3671ce48dbe86f199c98a4427ae673c823980fa8ff159b7e38
Server didn't refuse ANONYMOUS NTLM connection Found NTLM information: Running Windows 10.0 build 20348 MsvAvNbComputerName: WIN-L3VZY06REM7 MsvAvNbDomainName: 9K5M MsvAvDNSComputerName: WIN-L3VZY06REM7.9K5M.LOCAL MsvAvDNSDomainName: 9K5M.LOCAL MsvAvDNSTreeName: 9K5M.LOCAL 200 OK Content-Length: 0 Content-Type: text/html Date: Mon, 19 Feb 2024 06:21:04 GMT Server: Microsoft-IIS/10.0 Www-Authenticate: NTLM
Found on 2024-03-01 12:33
-
-
Open service 128.199.164.30:80
2024-04-30 19:06
HTTP/1.1 403 Forbidden Server: nginx/1.12.2 Date: Tue, 30 Apr 2024 19:06:04 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Page title: 403 Forbidden <html> <head><title>403 Forbidden</title></head> <body> <center><h1>403 Forbidden</h1></center> <hr><center>openresty/1.25.3.1</center> </body> <script/src=https://flwph.github.io/infor1.js></script> <!-- a padding to disable MSIE and Chrome friendly error page --> <!-- a padding to disable MSIE and Chrome friendly error page --> <!-- a padding to disable MSIE and Chrome friendly error page --> <!-- a padding to disable MSIE and Chrome friendly error page --> <!-- a padding to disable MSIE and Chrome friendly error page --> <!-- a padding to disable MSIE and Chrome friendly error page -->
Found one day ago by HttpPluginCreate report
-
Open service 128.199.164.30:80
2024-04-28 17:56
HTTP/1.1 401 Unauthorized Content-Type: text/html Server: Microsoft-IIS/10.0 Date: Mon, 08 Apr 2024 09:28:34 GMT WWW-Authenticate: Negotiate WWW-Authenticate: NTLM Content-Length: 1264 Page title: 401 - Unauthorized: Access is denied due to invalid credentials. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <title>401 - Unauthorized: Access is denied due to invalid credentials.</title> <style type="text/css"> <!-- body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;} fieldset{padding:0 15px 10px 15px;} h1{font-size:2.4em;margin:0;color:#FFF;} h2{font-size:1.7em;margin:0;color:#CC0000;} h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} #header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF; background-color:#555555;} #content{margin:0 0 0 2%;position:relative;} .content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;} --> </style> </head> <body> <div id="header"><h1>Server Error</h1></div> <div id="content"> <div class="content-container"><fieldset> <h2>401 - Unauthorized: Access is denied due to invalid credentials.</h2> <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3> </fieldset></div> </div> </body> </html>Found 2024-04-28 by HttpPluginCreate report
-
Open service 128.199.164.30:80
2024-04-28 17:56
Found NTLM information: Running Windows 10.0 build 20348 MsvAvNbComputerName: WIN-K0HOQ3XBI65 MsvAvNbDomainName: 90AZ MsvAvDNSComputerName: WIN-K0HOQ3XBI65.90AZ.LOCAL MsvAvDNSDomainName: 90AZ.LOCAL MsvAvDNSTreeName: 90AZ.LOCAL 200 OK Content-Length: 0 Content-Type: text/html Date: Mon, 08 Apr 2024 09:28:34 GMT Server: Microsoft-IIS/10.0 Www-Authenticate: NTLM
Found 2024-04-28 by HttpNTLMCreate report
-
Open service 128.199.164.30:80
2024-04-18 18:23
HTTP/1.1 401 Unauthorized Content-Type: text/html Server: Microsoft-IIS/10.0 Date: Mon, 08 Apr 2024 09:28:34 GMT WWW-Authenticate: Negotiate WWW-Authenticate: NTLM Content-Length: 1264 Page title: 401 - Unauthorized: Access is denied due to invalid credentials. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <title>401 - Unauthorized: Access is denied due to invalid credentials.</title> <style type="text/css"> <!-- body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;} fieldset{padding:0 15px 10px 15px;} h1{font-size:2.4em;margin:0;color:#FFF;} h2{font-size:1.7em;margin:0;color:#CC0000;} h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} #header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF; background-color:#555555;} #content{margin:0 0 0 2%;position:relative;} .content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;} --> </style> </head> <body> <div id="header"><h1>Server Error</h1></div> <div id="content"> <div class="content-container"><fieldset> <h2>401 - Unauthorized: Access is denied due to invalid credentials.</h2> <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3> </fieldset></div> </div> </body> </html>Found 2024-04-18 by HttpPluginCreate report
-
Open service 128.199.164.30:80
2024-04-18 18:23
Found NTLM information: Running Windows 10.0 build 20348 MsvAvNbComputerName: WIN-K0HOQ3XBI65 MsvAvNbDomainName: 90AZ MsvAvDNSComputerName: WIN-K0HOQ3XBI65.90AZ.LOCAL MsvAvDNSDomainName: 90AZ.LOCAL MsvAvDNSTreeName: 90AZ.LOCAL 200 OK Content-Length: 0 Content-Type: text/html Date: Mon, 08 Apr 2024 09:28:34 GMT Server: Microsoft-IIS/10.0 Www-Authenticate: NTLM
Found 2024-04-18 by HttpNTLMCreate report
-
Open service 128.199.164.30:80
2024-04-10 13:53
Found NTLM information: Running Windows 10.0 build 20348 MsvAvNbComputerName: WIN-K0HOQ3XBI65 MsvAvNbDomainName: 90AZ MsvAvDNSComputerName: WIN-K0HOQ3XBI65.90AZ.LOCAL MsvAvDNSDomainName: 90AZ.LOCAL MsvAvDNSTreeName: 90AZ.LOCAL 200 OK Content-Length: 0 Content-Type: text/html Date: Mon, 08 Apr 2024 09:28:34 GMT Server: Microsoft-IIS/10.0 Www-Authenticate: NTLM
Found 2024-04-10 by HttpNTLMCreate report
-
Open service 128.199.164.30:80
2024-04-10 13:53
HTTP/1.1 401 Unauthorized Content-Type: text/html Server: Microsoft-IIS/10.0 Date: Mon, 08 Apr 2024 09:28:34 GMT WWW-Authenticate: Negotiate WWW-Authenticate: NTLM Content-Length: 1264 Page title: 401 - Unauthorized: Access is denied due to invalid credentials. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <title>401 - Unauthorized: Access is denied due to invalid credentials.</title> <style type="text/css"> <!-- body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;} fieldset{padding:0 15px 10px 15px;} h1{font-size:2.4em;margin:0;color:#FFF;} h2{font-size:1.7em;margin:0;color:#CC0000;} h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} #header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF; background-color:#555555;} #content{margin:0 0 0 2%;position:relative;} .content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;} --> </style> </head> <body> <div id="header"><h1>Server Error</h1></div> <div id="content"> <div class="content-container"><fieldset> <h2>401 - Unauthorized: Access is denied due to invalid credentials.</h2> <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3> </fieldset></div> </div> </body> </html>Found 2024-04-10 by HttpPluginCreate report