LeakIX - Host 79.174.85.5

Host 79.174.85.5

Russia

Domain names registrar REG.RU, Ltd

Server accepting anonymous credentials

The server is accepting NTLM anonymous credentials.

This allows for authentication bypass to access the underlying application.

https://blog.leakix.net/2022/03/bypassing-ntlm-auth-over-http/

IP: 79.174.85.5
Port: 80
URL: http://79.174.85.5

First seen 2024-09-09 17:01
Last seen 2024-10-23 22:45
Open for 44 days
- Fingerprint: 40fea8e6a9bd2c3671ce48dbe86f199c98a4427a9581a673ea654baf6a977d18
```
Server didn't refuse ANONYMOUS NTLM connection
Found NTLM information:
Running Windows 10.0 build 20348
MsvAvNbComputerName: WIN-S2YSNQRK1ZY
MsvAvNbDomainName: KVTI
MsvAvDNSComputerName: WIN-S2YSNQRK1ZY.KVTI.LOCAL
MsvAvDNSDomainName: KVTI.LOCAL
MsvAvDNSTreeName: KVTI.LOCAL

200 OK
Content-Length: 0
Content-Type: text/html
Date: Fri, 23 Aug 2024 11:10:29 GMT
Server: Microsoft-IIS/10.0
Www-Authenticate: NTLM
```
  Found on 2024-10-23 22:45
Create report

Domain summary

No record

© 2024 LeakIX
About LeakIX - Credits - Take-down and blacklist requests - Security issues - Terms and conditions - Cookie policy - Legal notice