LeakIX - Host 103.163.139.231

Host 103.163.139.231

Indonesia

PT. Beon Intermedia

Software information

nginx nginx

tcp/443 tcp/80

MongoDB is publicly available

MongoDB is currently open without authentication.

This results in all the database data made available publicly.

IP: 103.163.139.231
Port: 27017

First seen 2021-06-28 04:49
Last seen 2024-06-19 21:32
Open for 1087 days

Severity: medium
Fingerprint: 436d217a47ab425871d9e9db5d919e93d6ef751f0ab6066dcb5062a2b2a9f0ca

Collections: 3, document count: 2, size: 440 B
HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.
Found collection READ__ME_TO_RECOVER_YOUR_DATA.README  with 1 documents (381 B)
Found collection admin.system.version  with 1 documents (59 B)
Found collection config.system.sessions  with 0 documents (0 B)

Found on 2024-06-19 21:32

440 Bytes 2 rows

Severity: medium
Fingerprint: 436d217a47ab4258fc75df94e9b383964ce909204e6f39da5748fae5dae2ada0

Collections: 3, document count: 2, size: 432 B
HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.
Found collection READ__ME_TO_RECOVER_YOUR_DATA.README  with 1 documents (373 B)
Found collection admin.system.version  with 1 documents (59 B)
Found collection config.system.sessions  with 0 documents (0 B)

Found on 2024-06-17 22:20

432 Bytes 2 rows

Severity: medium
Fingerprint: 436d217a47ab4258e351092676fcaae8112181c2ab02ec00e2760ed7da24a4ea

Collections: 3, document count: 4, size: 630 B
HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.
Found collection READ__ME_TO_RECOVER_YOUR_DATA.README  with 1 documents (373 B)
Found collection admin.system.version  with 1 documents (59 B)
Found collection config.system.sessions  with 2 documents (198 B)

Found on 2024-05-28 23:08

630 Bytes 4 rows

Severity: medium
Fingerprint: 436d217a47ab42586179c5523a84d5140b3fbb76da4db4bce5c34a7ba65efc0d

Collections: 2, document count: 1, size: 373 B
HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.
Found collection READ__ME_TO_RECOVER_YOUR_DATA.README  with 1 documents (373 B)
Found collection admin.system.version

Found on 2024-05-27 11:10

373 Bytes 1 rows

Severity: medium
Fingerprint: 436d217a47ab42587e69e0cb2efce52319e3286f62a5987dc924bef21375fe64

Collections: 3, document count: 2, size: 435 B
HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.
Found collection READ__ME_TO_RECOVER_YOUR_DATA.README  with 1 documents (376 B)
Found collection admin.system.version  with 1 documents (59 B)
Found collection config.system.sessions  with 0 documents (0 B)

Found on 2024-04-18 19:04

435 Bytes 2 rows

Severity: medium
Fingerprint: 436d217a47ab4258586766625cbc2f4453a831268b22a16cf4a7f12bdab04acc

Collections: 3, document count: 2, size: 434 B
HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.
Found collection READ__ME_TO_RECOVER_YOUR_DATA.README  with 1 documents (375 B)
Found collection admin.system.version  with 1 documents (59 B)
Found collection config.system.sessions  with 0 documents (0 B)

Found on 2024-03-21 10:27

434 Bytes 2 rows

Severity: medium
Fingerprint: 436d217a47ab42580953838fba6a859751c7c60b3f3286611359313ea5142c76

Collections: 3, document count: 4, size: 631 B
HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.
Found collection READ__ME_TO_RECOVER_YOUR_DATA.README  with 1 documents (374 B)
Found collection admin.system.version  with 1 documents (59 B)
Found collection config.system.sessions  with 2 documents (198 B)

Found on 2024-03-08 04:57

631 Bytes 4 rows

Severity: medium
Fingerprint: 436d217a47ab4258bf3ab4022db512e49f9c0c86bcd3e94c3d3f0b8ba02409a9

Collections: 3, document count: 6, size: 827 B
HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.
Found collection READ__ME_TO_RECOVER_YOUR_DATA.README  with 1 documents (372 B)
Found collection admin.system.version  with 1 documents (59 B)
Found collection config.system.sessions  with 4 documents (396 B)

Found on 2024-03-06 20:48

827 Bytes 6 rows

Severity: medium
Fingerprint: 436d217a47ab42586278bebdd2164f75e41e1731e8ed331b78573d5c118ff400

Collections: 3, document count: 2, size: 433 B
HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.
Found collection READ__ME_TO_RECOVER_YOUR_DATA.README  with 1 documents (374 B)
Found collection admin.system.version  with 1 documents (59 B)
Found collection config.system.sessions  with 0 documents (0 B)

Found on 2024-02-15 13:55

433 Bytes 2 rows

Severity: medium
Fingerprint: 436d217a47ab42587d0289c7d661dd0fe5e0d4a35ee03b692eca94b6d7a3ca61

Collections: 3, document count: 8, size: 1.0 kB
HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.
Found collection READ__ME_TO_RECOVER_YOUR_DATA.README  with 1 documents (373 B)
Found collection admin.system.version  with 1 documents (59 B)
Found collection config.system.sessions  with 6 documents (594 B)

Found on 2024-01-28 03:26

1.0 kBytes 8 rows

Severity: high
Fingerprint: 436d217a47ab4258f57044a3fe845435fe845435fe845435fe845435fe845435
```
Collections: 1, document count: 5, size: 3.7 kB
Found collection READ_ME_TO_RECOVER_YOUR_DATA.README  with 5 documents (3.7 kB)
```
Found on 2022-10-23 13:49

3.7 kBytes 5 rows
Severity: medium
Fingerprint: 436d217a47ab42589d9ee9a36a9b1d876a9b1d876a9b1d876a9b1d876a9b1d87
```
Collections: 1, document count: 0, size: 0 B
Found collection READ__ME_TO_RECOVER_YOUR_DATA.README 
```
Found on 2022-09-16 00:19
Severity: medium
Fingerprint: 436d217a47ab4258db427e0bbc7d0634bc7d0634bc7d0634bc7d0634bc7d0634
```
Collections: 1, document count: 1, size: 744 B
Found collection READ__ME_TO_RECOVER_YOUR_DATA.README  with 1 documents (744 B)
```
Found on 2021-10-31 23:41

744 Bytes 1 rows

Severity: medium
Fingerprint: 436d217a47ab425862bab5819e64f171913eff55913eff55913eff55913eff55

Collections: 2, document count: 1, size: 738 B
Found collection READ__ME_TO_RECOVER_YOUR_DATA.README  with 1 documents (738 B)
Found collection admin.system.version

Found on 2021-07-28 23:48

738 Bytes 1 rows

Fingerprint: 436d217a47ab425806b3ff89eb2ac0c6dff5e14ac399f9bbc399f9bbc399f9bb

Collections: 3, document count: 2, size: 792 B
Found collection DATA_RECOVERY.README  with 1 documents (733 B)
Found collection admin.system.version  with 1 documents (59 B)
Found collection config.system.sessions  with 0 documents (0 B)

Found on 2021-06-28 04:49

792 Bytes 2 rows

Create report

Found php information file

PHPinfo page has been found in this directory. The PHPinfo page outputs a large amount of information about the current state of PHP.

This includes information about PHP compilation options and extensions, the PHP version, server information and environment (if compiled as a module), the PHP environment, OS version information, paths, master and local values of configuration options, HTTP headers, and the PHP License.

Environment variables may contain credentials.

https://www.acunetix.com/vulnerabilities/web/phpinfo-page/

IP: 103.163.139.231
Port: 80
URL: http://103.163.139.231/info.php

First seen 2021-07-12 00:00

Fingerprint: 2c44e2a6278fb0134173d6fa964e40a9cd82f5caf528302ad6b98e229883d978

Found PHP info page:
$_SERVER['TEMP'] = /tmp
$_SERVER['TMPDIR'] = /tmp
$_SERVER['TMP'] = /tmp
$_SERVER['PATH'] = /usr/local/bin:/usr/bin:/bin
$_SERVER['HOSTNAME'] = no value
$_SERVER['USER'] = nginx
$_SERVER['HOME'] = /var/cache/nginx
$_SERVER['HTTP_CONNECTION'] = close
$_SERVER['HTTP_ACCEPT_ENCODING'] = gzip
$_SERVER['HTTP_USER_AGENT'] = Go-http-client/1.1
$_SERVER['HTTP_HOST'] = 103.163.139.231
$_SERVER['SCRIPT_FILENAME'] = /var/www/html/info.php
$_SERVER['REDIRECT_STATUS'] = 200
$_SERVER['SERVER_NAME'] = 103.163.139.231
$_SERVER['SERVER_PORT'] = 80
$_SERVER['SERVER_ADDR'] = 103.163.139.231
$_SERVER['REMOTE_PORT'] = 48714
$_SERVER['REMOTE_ADDR'] = 161.35.86.181
$_SERVER['SERVER_SOFTWARE'] = nginx/1.20.0
$_SERVER['GATEWAY_INTERFACE'] = CGI/1.1
$_SERVER['REQUEST_SCHEME'] = http
$_SERVER['SERVER_PROTOCOL'] = HTTP/1.1
$_SERVER['DOCUMENT_ROOT'] = /var/www/html
$_SERVER['DOCUMENT_URI'] = /info.php
$_SERVER['REQUEST_URI'] = /info.php
$_SERVER['SCRIPT_NAME'] = /info.php
$_SERVER['CONTENT_LENGTH'] = no value
$_SERVER['CONTENT_TYPE'] = no value
$_SERVER['REQUEST_METHOD'] = GET
$_SERVER['QUERY_STRING'] = no value
$_SERVER['FCGI_ROLE'] = RESPONDER
$_SERVER['PHP_SELF'] = /info.php
$_SERVER['REQUEST_TIME_FLOAT'] = 1626048033.5904
$_SERVER['REQUEST_TIME'] = 1626048033

Found on 2021-07-12 00:00

Create report

Open service 103.163.139.231:27017

2024-06-19 21:32

HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.

Found 14 hours ago by HttpPlugin

Create report

Open service 103.163.139.231:27017

2024-06-17 22:20

HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.

Found 3 days ago by HttpPlugin

Create report

Open service 103.163.139.231:27017

2024-06-15 23:06

HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.

Found 2024-06-15 by HttpPlugin

Create report

Open service 103.163.139.231:80

2024-06-15 14:59

HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 15 Jun 2024 14:59:41 GMT
Content-Type: text/html
Content-Length: 548
Connection: close
Vary: Accept-Encoding

Page title: 404 Not Found

<html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx</center>
</body>
</html>
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->

Found 2024-06-15 by HttpPlugin

Create report

Open service 103.163.139.231:443

2024-06-15 06:17

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 15 Jun 2024 06:17:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=08f0713328e752e07d799bf61268aa32; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache

Page title: Welcome

<html>
<meta content="text/html;charset=utf-8" http-equiv="Content-Type">
<meta content="utf-8" http-equiv="encoding">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" type="text/css" href="css/loginStyle.css">
<title>Welcome</title>
<div class="header">
    <a href="#" class="logo"><img src="picture/transparent_tight.png" height="89"></a> 
  </div>
</div> 
<body>
<div class="page">
  <h2 align=center>Login</h2>  
  <div class="card">
 <form action = "" method = "post" autocomplete="off">
  <p><span>Token Codes</span><br/>
   <input type="text" autocomplete="off" name="username" /></p>
<div class="vertical-center">
<p>
   <input type="submit" value="login"/></p>
  <!--<p><a class="btn" href="#">Go to Top</a></p>-->
</form>
<div style = " color:#cc0000; margin-top:10px">
</div>

</div>
</div><!-- .box -->

</div><!-- .page -->
  
</body>
</html>

Found 2024-06-15 by HttpPlugin

Create report

Open service 103.163.139.231:27017

2024-06-14 20:34

HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.

Found 2024-06-14 by HttpPlugin

Create report

Open service 103.163.139.231:22

2024-06-14 02:10
Found 2024-06-14 by SSHOpenPlugin
Create report

Open service 103.163.139.231:27017

2024-06-11 21:51

HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.

Found 2024-06-11 by HttpPlugin

Create report

Open service 103.163.139.231:27017

2024-06-09 22:14

HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.

Found 2024-06-09 by HttpPlugin

Create report

Open service 103.163.139.231:27017

2024-06-07 20:10

HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.

Found 2024-06-07 by HttpPlugin

Create report

Open service 103.163.139.231:27017

2024-06-05 21:34
Found 2024-06-05 by HttpPlugin
Create report

Open service 103.163.139.231:27017

2024-06-03 20:33

HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.

Found 2024-06-03 by HttpPlugin

Create report

Open service 103.163.139.231:443

2024-06-02 18:51

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Jun 2024 18:51:48 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=01f2786ad48770242688a083c64dc8b8; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache

Page title: Welcome

<html>
<meta content="text/html;charset=utf-8" http-equiv="Content-Type">
<meta content="utf-8" http-equiv="encoding">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" type="text/css" href="css/loginStyle.css">
<title>Welcome</title>
<div class="header">
    <a href="#" class="logo"><img src="picture/transparent_tight.png" height="89"></a> 
  </div>
</div> 
<body>
<div class="page">
  <h2 align=center>Login</h2>  
  <div class="card">
 <form action = "" method = "post" autocomplete="off">
  <p><span>Token Codes</span><br/>
   <input type="text" autocomplete="off" name="username" /></p>
<div class="vertical-center">
<p>
   <input type="submit" value="login"/></p>
  <!--<p><a class="btn" href="#">Go to Top</a></p>-->
</form>
<div style = " color:#cc0000; margin-top:10px">
</div>

</div>
</div><!-- .box -->

</div><!-- .page -->
  
</body>
</html>

Found 2024-06-02 by HttpPlugin

Create report

tbm.able-id.com

Fingerprint:

741dd927d421d5d496776a5594a7b6d831be754d552ab40a773f2eeb15faf3cb

CN:

tbm.able-id.com

Key:

RSA-2048

Issuer:

Not before:

2024-04-18 11:19

Not after:

2024-07-17 11:19

Data leak

Size

1.0 kB

Collections

Rows

Domain summary

No record