LeakIX - Host 191.7.31.5

Host 191.7.31.5

Brazil

NEMESIS Provedor de Acesso as Redes de Comunicacao

Software information

Apache Apache

tcp/443

Microsoft-HTTPAPI 2.0

tcp/80

Open SMB file sharing detected

Malicious users exploiting this vulnerability may be able to read and/or write information to shared directories.

This may also include IPC services and lead to remote code execution.

IP: 191.7.31.5
Port: 445

First seen 2022-11-08 04:26
Last seen 2024-04-28 17:49
Open for 537 days
- Severity: high
  Fingerprint: 22420ce026fa767d3962741c23bfd32f75afa13e95e992b5a52a4adbaef29d48
```
Found open SMB shares with Guest login
ADMIN$
C$
HP LaserJet Pro MFP M127fn
IPC$
print$
```
  Found on 2024-04-28 17:49
Create report

Open service 191.7.31.5:445

2024-04-28 17:49

SMB NTLMSSP handshake results:
Found Windows 10.0 build 14393
NbComputerName: POSTOJR
NbDomainName: POSTOJR
DNSComputerName: PostoJR
DNSDomainName: PostoJR

Found 6 hours ago by SmbPlugin

Create report

Open service 191.7.31.5:445

2024-04-25 13:44

SMB NTLMSSP handshake results:
Found Windows 10.0 build 14393
NbComputerName: POSTOJR
NbDomainName: POSTOJR
DNSComputerName: PostoJR
DNSDomainName: PostoJR

Found 2024-04-25 by SmbPlugin

Create report

Open service 191.7.31.5:80

2024-04-24 16:51

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Wed, 24 Apr 2024 16:51:20 GMT
Connection: close
Content-Length: 315

Page title: Not Found

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Not Found</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Not Found</h2>
<hr><p>HTTP Error 404. The requested resource is not found.</p>
</BODY></HTML>

Found 2024-04-24 by HttpPlugin

Create report

Open service 191.7.31.5:80

2024-04-24 00:09

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Wed, 24 Apr 2024 00:08:55 GMT
Connection: close
Content-Length: 315

Page title: Not Found

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Not Found</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Not Found</h2>
<hr><p>HTTP Error 404. The requested resource is not found.</p>
</BODY></HTML>

Found 2024-04-24 by HttpPlugin

Create report

Open service 191.7.31.5:445

2024-04-23 15:45

SMB NTLMSSP handshake results:
Found Windows 10.0 build 14393
NbComputerName: POSTOJR
NbDomainName: POSTOJR
DNSComputerName: PostoJR
DNSDomainName: PostoJR

Found 2024-04-23 by SmbPlugin

Create report

Open service 191.7.31.5:443

2024-04-22 21:39

HTTP/1.1 200 OK
Date: Mon, 22 Apr 2024 19:09:11 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Mon, 22 Jun 2020 17:10:21 GMT
Accept-Ranges: bytes
Content-Length: 1115
Connection: close
Content-Type: text/html

Page title: TLS Web Interface

<!DOCTYPE html>
<html>
  <head>
    <link rel="SHORTCUT ICON" href="favicon.ico"> 
    <!-- Properties can be specified to influence deferred binding -->
    <meta name='gwt:property' content='locale=en'>
    <meta http-equiv="Tls 450 " content="text/html; charset=UTF-8">
	<meta http-equiv="X-UA-Compatible" content="IE=9">
	
    <link id="advancedTheme" type="text/css" rel="stylesheet" href="./webui/advanced/themes/classic/theme.css"/>
    

    <title>TLS Web Interface</title>
    
    <script type="text/javascript" language="javascript" src="webui/webui.nocache.js"></script>
  </head>

  <body dir="ltr">
  
    <iframe src="javascript:''" id="__gwt_historyFrame" tabIndex='-1' style="position:absolute;width:0;height:0;border:0"></iframe>
    
    <noscript>
      <div style="width: 22em; position: absolute; left: 50%; margin-left: -11em; color: red; background-color: white; border: 1px solid red; padding: 4px; font-family: sans-serif">
        Your web browser must have JavaScript enabled
        in order for this application to display correctly.
      </div>
    </noscript>
  
  </body>
</html>

Found 2024-04-22 by HttpPlugin

Create report

Open service 191.7.31.5:445

2024-04-18 18:30

SMB NTLMSSP handshake results:
Found Windows 10.0 build 14393
NbComputerName: POSTOJR
NbDomainName: POSTOJR
DNSComputerName: PostoJR
DNSDomainName: PostoJR

Found 2024-04-18 by SmbPlugin

Create report

Open service 191.7.31.5:445

2024-04-10 14:46

SMB NTLMSSP handshake results:
Found Windows 10.0 build 14393
NbComputerName: POSTOJR
NbDomainName: POSTOJR
DNSComputerName: PostoJR
DNSDomainName: PostoJR

Found 2024-04-10 by SmbPlugin

Create report

Open service 191.7.31.5:445

2024-03-21 10:37

SMB NTLMSSP handshake results:
Found Windows 10.0 build 14393
NbComputerName: POSTOJR
NbDomainName: POSTOJR
DNSComputerName: PostoJR
DNSDomainName: PostoJR

Found 2024-03-21 by SmbPlugin

Create report

Fingerprint:

34698db9473a27552a48991cf08385949df5ffc1f2e05416222780c9e29d5474

CN:

tls4.localdomain

Key:

RSA-2048

Issuer:

tls4.localdomain

Not before:

2017-02-27 16:06

Not after:

2037-02-27 16:06

Domain summary

No record

Host 191.7.31.5

Brazil

Software information

Open SMB file sharing detected

Domain summary