nginx 1.18.0
tcp/80
The server is accepting NTLM anonymous credentials.
This allows for authentication bypass to access the underlying application.
https://blog.leakix.net/2022/03/bypassing-ntlm-auth-over-http/
Fingerprint: 40fea8e6a9bd2c3671ce48dbe86f199cedf3d4e141569c9ade15894c8f8d66e8
Server didn't refuse ANONYMOUS NTLM connection Found NTLM information: Running Windows 10.0 build 17763 MsvAvNbComputerName: SRVAPPENBI MsvAvNbDomainName: SRVAPPENBI MsvAvDNSComputerName: SRVAPPENBI MsvAvDNSDomainName: SRVAPPENBI 200 OK Cache-Control: no-cache,no-store,must-revalidate Content-Length: 770 Content-Type: text/html Date: Sat, 27 May 2023 03:41:57 GMT Etag: "1d44e786c439c02" Expires: 0 Last-Modified: Mon, 17 Sep 2018 12:20:22 GMT Pragma: no-cache Server: Microsoft-HTTPAPI/2.0 Set-Cookie: XSRF-TOKEN=a581c47e-6f66-46df-9ec1-609b119c695d; path=/; secure X-Frame-Options: sameorigin <!DOCTYPE html><html lang="en"><head><base href="/"><meta http-equiv="content-type" content="text/html; charset=UTF-8"><meta http-equiv="cache-control" content="no-cache"/><meta http-equiv="pragma" content="no-cache"/><meta http-equiv="expires" content="0"/><meta charset="utf-8"><link rel="icon" type="image/x-icon" href="favicon.ico?v=1.0.0"><title>Windows Admin Center</title><link href="styles.4452f718ef33eeeb82a6.bundle.css" rel="stylesheet"/></head><body><sme-root style="display: none"></sme-root><script type="text/javascript" src="inline.fa98829f38bf20925f73.bundle.js"></script><script type="text/javascript" src="scripts.44b928e8fa0a1a3dd8c0.bundle.js"></script><script type="text/javascript" src="main.ec380fff9b49d1623f20.bundle.js"></script></body></html>
Fingerprint: 40fea8e6a9bd2c3671ce48dbe86f199cedf3d4e141569c9ade15894caa70745a
Server didn't refuse ANONYMOUS NTLM connection Found NTLM information: Running Windows 10.0 build 17763 MsvAvNbComputerName: SRVAPPENBI MsvAvNbDomainName: SRVAPPENBI MsvAvDNSComputerName: SRVAPPENBI MsvAvDNSDomainName: SRVAPPENBI 200 OK Cache-Control: no-cache,no-store,must-revalidate Content-Length: 770 Content-Type: text/html Date: Wed, 17 May 2023 21:23:19 GMT Etag: "1d44e786c439c02" Expires: 0 Last-Modified: Mon, 17 Sep 2018 12:20:22 GMT Pragma: no-cache Server: Microsoft-HTTPAPI/2.0 Set-Cookie: XSRF-TOKEN=5b7da308-580f-4ae8-8577-f22df8ec9365; path=/; secure X-Frame-Options: sameorigin <!DOCTYPE html><html lang="en"><head><base href="/"><meta http-equiv="content-type" content="text/html; charset=UTF-8"><meta http-equiv="cache-control" content="no-cache"/><meta http-equiv="pragma" content="no-cache"/><meta http-equiv="expires" content="0"/><meta charset="utf-8"><link rel="icon" type="image/x-icon" href="favicon.ico?v=1.0.0"><title>Windows Admin Center</title><link href="styles.4452f718ef33eeeb82a6.bundle.css" rel="stylesheet"/></head><body><sme-root style="display: none"></sme-root><script type="text/javascript" src="inline.fa98829f38bf20925f73.bundle.js"></script><script type="text/javascript" src="scripts.44b928e8fa0a1a3dd8c0.bundle.js"></script><script type="text/javascript" src="main.ec380fff9b49d1623f20.bundle.js"></script></body></html>
Fingerprint: 40fea8e6a9bd2c3671ce48dbe86f199cedf3d4e141569c9ade15894c6756c5a9
Server didn't refuse ANONYMOUS NTLM connection Found NTLM information: Running Windows 10.0 build 17763 MsvAvNbComputerName: SRVAPPENBI MsvAvNbDomainName: SRVAPPENBI MsvAvDNSComputerName: SRVAPPENBI MsvAvDNSDomainName: SRVAPPENBI 200 OK Cache-Control: no-cache,no-store,must-revalidate Content-Length: 770 Content-Type: text/html Date: Mon, 08 May 2023 21:37:41 GMT Etag: "1d44e786c439c02" Expires: 0 Last-Modified: Mon, 17 Sep 2018 12:20:22 GMT Pragma: no-cache Server: Microsoft-HTTPAPI/2.0 Set-Cookie: XSRF-TOKEN=3342d885-8fe8-4450-95f2-d07f73816abd; path=/; secure X-Frame-Options: sameorigin <!DOCTYPE html><html lang="en"><head><base href="/"><meta http-equiv="content-type" content="text/html; charset=UTF-8"><meta http-equiv="cache-control" content="no-cache"/><meta http-equiv="pragma" content="no-cache"/><meta http-equiv="expires" content="0"/><meta charset="utf-8"><link rel="icon" type="image/x-icon" href="favicon.ico?v=1.0.0"><title>Windows Admin Center</title><link href="styles.4452f718ef33eeeb82a6.bundle.css" rel="stylesheet"/></head><body><sme-root style="display: none"></sme-root><script type="text/javascript" src="inline.fa98829f38bf20925f73.bundle.js"></script><script type="text/javascript" src="scripts.44b928e8fa0a1a3dd8c0.bundle.js"></script><script type="text/javascript" src="main.ec380fff9b49d1623f20.bundle.js"></script></body></html>
Fingerprint: 40fea8e6a9bd2c3671ce48dbe86f199cedf3d4e141569c9ade15894cb5e6a38f
Server didn't refuse ANONYMOUS NTLM connection Found NTLM information: Running Windows 10.0 build 17763 MsvAvNbComputerName: SRVAPPENBI MsvAvNbDomainName: SRVAPPENBI MsvAvDNSComputerName: SRVAPPENBI MsvAvDNSDomainName: SRVAPPENBI 200 OK Cache-Control: no-cache,no-store,must-revalidate Content-Length: 770 Content-Type: text/html Date: Thu, 04 May 2023 18:34:45 GMT Etag: "1d44e786c439c02" Expires: 0 Last-Modified: Mon, 17 Sep 2018 12:20:22 GMT Pragma: no-cache Server: Microsoft-HTTPAPI/2.0 Set-Cookie: XSRF-TOKEN=f490b333-1efa-4c46-b687-13c8b711a5e2; path=/; secure X-Frame-Options: sameorigin <!DOCTYPE html><html lang="en"><head><base href="/"><meta http-equiv="content-type" content="text/html; charset=UTF-8"><meta http-equiv="cache-control" content="no-cache"/><meta http-equiv="pragma" content="no-cache"/><meta http-equiv="expires" content="0"/><meta charset="utf-8"><link rel="icon" type="image/x-icon" href="favicon.ico?v=1.0.0"><title>Windows Admin Center</title><link href="styles.4452f718ef33eeeb82a6.bundle.css" rel="stylesheet"/></head><body><sme-root style="display: none"></sme-root><script type="text/javascript" src="inline.fa98829f38bf20925f73.bundle.js"></script><script type="text/javascript" src="scripts.44b928e8fa0a1a3dd8c0.bundle.js"></script><script type="text/javascript" src="main.ec380fff9b49d1623f20.bundle.js"></script></body></html>
Fingerprint: 40fea8e6a9bd2c3671ce48dbe86f199cedf3d4e141569c9ade15894c107f67d0
Server didn't refuse ANONYMOUS NTLM connection Found NTLM information: Running Windows 10.0 build 17763 MsvAvNbComputerName: SRVAPPENBI MsvAvNbDomainName: SRVAPPENBI MsvAvDNSComputerName: SRVAPPENBI MsvAvDNSDomainName: SRVAPPENBI 200 OK Cache-Control: no-cache,no-store,must-revalidate Content-Length: 770 Content-Type: text/html Date: Sat, 18 Mar 2023 17:44:02 GMT Etag: "1d44e786c439c02" Expires: 0 Last-Modified: Mon, 17 Sep 2018 12:20:22 GMT Pragma: no-cache Server: Microsoft-HTTPAPI/2.0 Set-Cookie: XSRF-TOKEN=9373e15e-a503-4ff7-b7b3-cd9bd5e6d1e5; path=/; secure X-Frame-Options: sameorigin <!DOCTYPE html><html lang="en"><head><base href="/"><meta http-equiv="content-type" content="text/html; charset=UTF-8"><meta http-equiv="cache-control" content="no-cache"/><meta http-equiv="pragma" content="no-cache"/><meta http-equiv="expires" content="0"/><meta charset="utf-8"><link rel="icon" type="image/x-icon" href="favicon.ico?v=1.0.0"><title>Windows Admin Center</title><link href="styles.4452f718ef33eeeb82a6.bundle.css" rel="stylesheet"/></head><body><sme-root style="display: none"></sme-root><script type="text/javascript" src="inline.fa98829f38bf20925f73.bundle.js"></script><script type="text/javascript" src="scripts.44b928e8fa0a1a3dd8c0.bundle.js"></script><script type="text/javascript" src="main.ec380fff9b49d1623f20.bundle.js"></script></body></html>
Open service 160.242.22.129:80
2024-02-29 23:57
HTTP/1.1 301 Moved Permanently Server: nginx/1.18.0 (Ubuntu) Date: Thu, 29 Feb 2024 23:57:27 GMT Content-Type: text/html Content-Length: 178 Connection: close Location: https://giramais.co.ao/ Page title: 301 Moved Permanently <html> <head><title>301 Moved Permanently</title></head> <body> <center><h1>301 Moved Permanently</h1></center> <hr><center>nginx/1.18.0 (Ubuntu)</center> </body> </html>