LeakIX - Host 216.104.44.109

Host 216.104.44.109

United States

SINGLEHOP-LLC

Software information

Microsoft-HTTPAPI 2.0

tcp/443 tcp/8081

Open SMB file sharing detected

Malicious users exploiting this vulnerability may be able to read and/or write information to shared directories.

This may also include IPC services and lead to remote code execution.

IP: 216.104.44.109
Port: 445

First seen 2022-06-13 19:53
Last seen 2024-09-19 23:42
Open for 829 days
- Severity: high
  Fingerprint: 22420ce026fa767d3962741c23bfd32f75afa13ebf23ba0c278028b4278028b4
```
Found open SMB shares with Guest login
ADMIN$
C$
IPC$
Users
```
  Found on 2024-09-19 23:42
Create report

Open service 216.104.44.109:445

2024-09-15 23:50

SMB NTLMSSP handshake results:
Found Windows 10.0 build 14393
NbComputerName: SV9973
NbDomainName: SV9973
DNSComputerName: sv9973.si-servers.com
DNSDomainName: sv9973.si-servers.com

Found 2024-09-15 by SmbPlugin

Create report

Open service 216.104.44.109:445

2024-09-13 23:37

SMB NTLMSSP handshake results:
Found Windows 10.0 build 14393
NbComputerName: SV9973
NbDomainName: SV9973
DNSComputerName: sv9973.si-servers.com
DNSDomainName: sv9973.si-servers.com

Found 2024-09-13 by SmbPlugin

Create report

Open service 216.104.44.109:445

2024-09-12 04:13

SMB NTLMSSP handshake results:
Found Windows 10.0 build 14393
NbComputerName: SV9973
NbDomainName: SV9973
DNSComputerName: sv9973.si-servers.com
DNSDomainName: sv9973.si-servers.com

Found 2024-09-12 by SmbPlugin

Create report

Open service 216.104.44.109:445

2024-09-11 21:05

SMB NTLMSSP handshake results:
Found Windows 10.0 build 14393
NbComputerName: SV9973
NbDomainName: SV9973
DNSComputerName: sv9973.si-servers.com
DNSDomainName: sv9973.si-servers.com

Found 2024-09-11 by SmbPlugin

Create report

Open service 216.104.44.109:8081

2024-09-10 23:56

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Tue, 10 Sep 2024 23:56:10 GMT
Connection: close
Content-Length: 334

Page title: Bad Request

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Bad Request</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Bad Request - Invalid Hostname</h2>
<hr><p>HTTP Error 400. The request hostname is invalid.</p>
</BODY></HTML>

Found 2024-09-10 by HttpPlugin

Create report

Open service 216.104.44.109:443

2024-09-10 09:13

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Tue, 10 Sep 2024 09:13:28 GMT
Connection: close
Content-Length: 315

Page title: Not Found

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Not Found</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Not Found</h2>
<hr><p>HTTP Error 404. The requested resource is not found.</p>
</BODY></HTML>

Found 2024-09-10 by HttpPlugin

Create report

Open service 216.104.44.109:3306

2024-09-10 08:24
```
MySQL detected
```
Found 2024-09-10 by tcpid
Create report

Open service 216.104.44.109:445

2024-09-09 20:16

SMB NTLMSSP handshake results:
Found Windows 10.0 build 14393
NbComputerName: SV9973
NbDomainName: SV9973
DNSComputerName: sv9973.si-servers.com
DNSDomainName: sv9973.si-servers.com

Found 2024-09-09 by SmbPlugin

Create report

Open service 216.104.44.109:445

2024-09-07 20:12

SMB NTLMSSP handshake results:
Found Windows 10.0 build 14393
NbComputerName: SV9973
NbDomainName: SV9973
DNSComputerName: sv9973.si-servers.com
DNSDomainName: sv9973.si-servers.com

Found 2024-09-07 by SmbPlugin

Create report

Open service 216.104.44.109:445

2024-08-17 22:44

SMB NTLMSSP handshake results:
Found Windows 10.0 build 14393
NbComputerName: SV9973
NbDomainName: SV9973
DNSComputerName: sv9973.si-servers.com
DNSDomainName: sv9973.si-servers.com

Found 2024-08-17 by SmbPlugin

Create report

Open service 216.104.44.109:445

2024-08-15 20:42

SMB NTLMSSP handshake results:
Found Windows 10.0 build 14393
NbComputerName: SV9973
NbDomainName: SV9973
DNSComputerName: sv9973.si-servers.com
DNSDomainName: sv9973.si-servers.com

Found 2024-08-15 by SmbPlugin

Create report

Open service 216.104.44.109:445

2024-08-13 23:13

SMB NTLMSSP handshake results:
Found Windows 10.0 build 14393
NbComputerName: SV9973
NbDomainName: SV9973
DNSComputerName: sv9973.si-servers.com
DNSDomainName: sv9973.si-servers.com

Found 2024-08-13 by SmbPlugin

Create report

Open service 216.104.44.109:445

2024-08-11 23:23

SMB NTLMSSP handshake results:
Found Windows 10.0 build 14393
NbComputerName: SV9973
NbDomainName: SV9973
DNSComputerName: sv9973.si-servers.com
DNSDomainName: sv9973.si-servers.com

Found 2024-08-11 by SmbPlugin

Create report

Open service 216.104.44.109:445

2024-08-09 20:15

SMB NTLMSSP handshake results:
Found Windows 10.0 build 14393
NbComputerName: SV9973
NbDomainName: SV9973
DNSComputerName: sv9973.si-servers.com
DNSDomainName: sv9973.si-servers.com

Found 2024-08-09 by SmbPlugin

Create report

Open service 216.104.44.109:445

2024-08-07 20:06

SMB NTLMSSP handshake results:
Found Windows 10.0 build 14393
NbComputerName: SV9973
NbDomainName: SV9973
DNSComputerName: sv9973.si-servers.com
DNSDomainName: sv9973.si-servers.com

Found 2024-08-07 by SmbPlugin

Create report

lognessweb.com

Fingerprint:

758f3912fd45047298d9f7eecbb57954a84e9344a21f94b8ae7bf5f81ea2ad4f

CN:

lognessweb.com

Key:

RSA-2048

Issuer:

R10

Not before:

2024-08-30 15:29

Not after:

2024-11-28 15:29

Domain summary

No record

Host 216.104.44.109

United States

Software information

Open SMB file sharing detected

lognessweb.com

Domain summary