LeakIX - Host 112.175.18.96

Host 112.175.18.96

South Korea

Korea Telecom

Linux x86_64

Software information

Jetty(10.0.15)

tcp/8081

MySQL is publicly available

MySQL is currently open without authentication.

Additionally a ransom note has been found in the dataset which indicates it has been compromised

This results in all the database data made available publicly.

IP: 112.175.18.96
Port: 3306

First seen 2023-08-04 20:59
Last seen 2023-08-16 10:32
Open for 11 days

Severity: critical
Fingerprint: cf350410ecceb5fdafc90a485c81ad01ce554e4c3787aba31a32b3b985f2b690

Databases: 33, row count: 135689, size: 7.9 MB
No or default MySQL authentication found.Found table README_TO_RECOVER_GZ.README with 1 records
Found table mysql.columns_priv with 0 records
Found table mysql.db with 3 records
Found table mysql.engine_cost with 2 records
Found table mysql.event with 0 records
Found table mysql.func with 0 records
Found table mysql.general_log with 2 records
Found table mysql.gtid_executed with 0 records
Found table mysql.help_category with 43 records
Found table mysql.help_keyword with 660 records
Found table mysql.help_relation with 1837 records
Found table mysql.help_topic with 1036 records
Found table mysql.innodb_index_stats with 13 records
Found table mysql.innodb_table_stats with 4 records
Found table mysql.ndb_binlog_index with 0 records
Found table mysql.plugin with 0 records
Found table mysql.proc with 48 records
Found table mysql.procs_priv with 0 records
Found table mysql.proxies_priv with 1 records
Found table mysql.server_cost with 6 records
Found table mysql.servers with 0 records
Found table mysql.slave_master_info with 0 records
Found table mysql.slave_relay_log_info with 0 records
Found table mysql.slave_worker_info with 0 records
Found table mysql.slow_log with 2 records
Found table mysql.tables_priv with 2 records
Found table mysql.time_zone with 1815 records
Found table mysql.time_zone_leap_second with 0 records
Found table mysql.time_zone_name with 2109 records
Found table mysql.time_zone_transition with 119074 records
Found table mysql.time_zone_transition_type with 9025 records
Found table mysql.user with 5 records
Found table yfs.README with 1 records

Found on 2023-08-15 19:12

7.9 MBytes 135689 rows

Severity: high
Fingerprint: cf350410ecceb5fd92c884e25ca00ed858ff93ca884aa5d0017e865e83a61a16

Databases: 31, row count: 134110, size: 7.7 MB
No or default MySQL authentication found.Found table mysql.columns_priv with 0 records
Found table mysql.db with 2 records
Found table mysql.engine_cost with 2 records
Found table mysql.event with 0 records
Found table mysql.func with 0 records
Found table mysql.general_log with 2 records
Found table mysql.gtid_executed with 0 records
Found table mysql.help_category with 43 records
Found table mysql.help_keyword with 871 records
Found table mysql.help_relation with 1570 records
Found table mysql.help_topic with 668 records
Found table mysql.innodb_index_stats with 7 records
Found table mysql.innodb_table_stats with 2 records
Found table mysql.ndb_binlog_index with 0 records
Found table mysql.plugin with 0 records
Found table mysql.proc with 48 records
Found table mysql.procs_priv with 0 records
Found table mysql.proxies_priv with 1 records
Found table mysql.server_cost with 6 records
Found table mysql.servers with 0 records
Found table mysql.slave_master_info with 0 records
Found table mysql.slave_relay_log_info with 0 records
Found table mysql.slave_worker_info with 0 records
Found table mysql.slow_log with 2 records
Found table mysql.tables_priv with 2 records
Found table mysql.time_zone with 1429 records
Found table mysql.time_zone_leap_second with 0 records
Found table mysql.time_zone_name with 1352 records
Found table mysql.time_zone_transition with 119074 records
Found table mysql.time_zone_transition_type with 9025 records
Found table mysql.user with 4 records

Found on 2023-08-04 20:59

7.7 MBytes 134110 rows

Create report

Open service 112.175.18.96:8081

2024-06-25 21:42

HTTP/1.1 403 Forbidden
Date: Tue, 25 Jun 2024 21:42:52 GMT
Connection: close
X-Content-Type-Options: nosniff
Set-Cookie: JSESSIONID.a6cbd1c6=node01dxf96087ei5g39nnxudgmmj022775.node0; Path=/; HttpOnly
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=utf-8
X-Hudson: 1.395
X-Jenkins: 2.414.1
X-Jenkins-Session: baf5bd1e
Content-Length: 541
Server: Jetty(10.0.15)


<html><head><meta http-equiv='refresh' content='1;url=/login?from=%2F'/><script>window.location.replace('/login?from=%2F');</script></head><body style='background-color:white; color:white;'>


Authentication required
<!--
-->

</body></html>

Found one day ago by HttpPlugin

Create report

Open service 112.175.18.96:8081

2024-06-23 21:40

HTTP/1.1 403 Forbidden
Date: Sun, 23 Jun 2024 21:40:02 GMT
Connection: close
X-Content-Type-Options: nosniff
Set-Cookie: JSESSIONID.a6cbd1c6=node0119ca9tyq8r68oxudot270ywu22256.node0; Path=/; HttpOnly
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=utf-8
X-Hudson: 1.395
X-Jenkins: 2.414.1
X-Jenkins-Session: baf5bd1e
Content-Length: 541
Server: Jetty(10.0.15)


<html><head><meta http-equiv='refresh' content='1;url=/login?from=%2F'/><script>window.location.replace('/login?from=%2F');</script></head><body style='background-color:white; color:white;'>


Authentication required
<!--
-->

</body></html>

Found 2024-06-23 by HttpPlugin

Create report

Open service 112.175.18.96:3306

2024-06-22 11:05
```
MySQL detected
```
Found 2024-06-22 by tcpid
Create report

Open service 112.175.18.96:8081

2024-06-21 21:20

HTTP/1.1 403 Forbidden
Date: Fri, 21 Jun 2024 21:20:22 GMT
Connection: close
X-Content-Type-Options: nosniff
Set-Cookie: JSESSIONID.a6cbd1c6=node0r1zatllcong1164fxbjow9ibg21542.node0; Path=/; HttpOnly
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=utf-8
X-Hudson: 1.395
X-Jenkins: 2.414.1
X-Jenkins-Session: baf5bd1e
Content-Length: 541
Server: Jetty(10.0.15)


<html><head><meta http-equiv='refresh' content='1;url=/login?from=%2F'/><script>window.location.replace('/login?from=%2F');</script></head><body style='background-color:white; color:white;'>


Authentication required
<!--
-->

</body></html>

Found 2024-06-21 by HttpPlugin

Create report

Open service 112.175.18.96:8081

2024-06-20 22:51

HTTP/1.1 403 Forbidden
Date: Thu, 20 Jun 2024 22:51:56 GMT
Connection: close
X-Content-Type-Options: nosniff
Set-Cookie: JSESSIONID.a6cbd1c6=node0qijozrlm2sdi1a1qzo3pslfkp21461.node0; Path=/; HttpOnly
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=utf-8
X-Hudson: 1.395
X-Jenkins: 2.414.1
X-Jenkins-Session: baf5bd1e
Content-Length: 541
Server: Jetty(10.0.15)


<html><head><meta http-equiv='refresh' content='1;url=/login?from=%2F'/><script>window.location.replace('/login?from=%2F');</script></head><body style='background-color:white; color:white;'>


Authentication required
<!--
-->

</body></html>

Found 2024-06-20 by HttpPlugin

Create report

Open service 112.175.18.96:8081

2024-06-19 22:02

HTTP/1.1 403 Forbidden
Date: Wed, 19 Jun 2024 22:02:14 GMT
Connection: close
X-Content-Type-Options: nosniff
Set-Cookie: JSESSIONID.a6cbd1c6=node0kr59zk4qvfj3z05kyeenigam21308.node0; Path=/; HttpOnly
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=utf-8
X-Hudson: 1.395
X-Jenkins: 2.414.1
X-Jenkins-Session: baf5bd1e
Content-Length: 541
Server: Jetty(10.0.15)


<html><head><meta http-equiv='refresh' content='1;url=/login?from=%2F'/><script>window.location.replace('/login?from=%2F');</script></head><body style='background-color:white; color:white;'>


Authentication required
<!--
-->

</body></html>

Found 2024-06-19 by HttpPlugin

Create report

Open service 112.175.18.96:8081

2024-06-17 22:21

HTTP/1.1 403 Forbidden
Date: Mon, 17 Jun 2024 22:21:17 GMT
Connection: close
X-Content-Type-Options: nosniff
Set-Cookie: JSESSIONID.a6cbd1c6=node01wgrxg42ebnim1ofo7cjqhlu8k20943.node0; Path=/; HttpOnly
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=utf-8
X-Hudson: 1.395
X-Jenkins: 2.414.1
X-Jenkins-Session: baf5bd1e
Content-Length: 541
Server: Jetty(10.0.15)


<html><head><meta http-equiv='refresh' content='1;url=/login?from=%2F'/><script>window.location.replace('/login?from=%2F');</script></head><body style='background-color:white; color:white;'>


Authentication required
<!--
-->

</body></html>

Found 2024-06-17 by HttpPlugin

Create report

Open service 112.175.18.96:8081

2024-06-15 22:19

HTTP/1.1 403 Forbidden
Date: Sat, 15 Jun 2024 22:19:28 GMT
Connection: close
X-Content-Type-Options: nosniff
Set-Cookie: JSESSIONID.a6cbd1c6=node01fjyb5ff46ziwgpjj7pcgg06420482.node0; Path=/; HttpOnly
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=utf-8
X-Hudson: 1.395
X-Jenkins: 2.414.1
X-Jenkins-Session: baf5bd1e
Content-Length: 541
Server: Jetty(10.0.15)


<html><head><meta http-equiv='refresh' content='1;url=/login?from=%2F'/><script>window.location.replace('/login?from=%2F');</script></head><body style='background-color:white; color:white;'>


Authentication required
<!--
-->

</body></html>

Found 2024-06-15 by HttpPlugin

Create report

Open service 112.175.18.96:3306

2024-06-15 03:02
```
MySQL detected
```
Found 2024-06-15 by tcpid
Create report

Open service 112.175.18.96:8081

2024-06-13 18:25

HTTP/1.1 403 Forbidden
Date: Thu, 13 Jun 2024 18:25:58 GMT
Connection: close
X-Content-Type-Options: nosniff
Set-Cookie: JSESSIONID.a6cbd1c6=node01s1ssgu7hpiipejbc5xg4vk3k19731.node0; Path=/; HttpOnly
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=utf-8
X-Hudson: 1.395
X-Jenkins: 2.414.1
X-Jenkins-Session: baf5bd1e
Content-Length: 541
Server: Jetty(10.0.15)


<html><head><meta http-equiv='refresh' content='1;url=/login?from=%2F'/><script>window.location.replace('/login?from=%2F');</script></head><body style='background-color:white; color:white;'>


Authentication required
<!--
-->

</body></html>

Found 2024-06-13 by HttpPlugin

Create report

Open service 112.175.18.96:3306

2024-06-13 01:19
```
MySQL detected
```
Found 2024-06-13 by tcpid
Create report

Open service 112.175.18.96:8081

2024-06-11 20:57

HTTP/1.1 403 Forbidden
Date: Tue, 11 Jun 2024 20:57:42 GMT
Connection: close
X-Content-Type-Options: nosniff
Set-Cookie: JSESSIONID.a6cbd1c6=node0oi96iuudhdwymwjge4sc64pf19240.node0; Path=/; HttpOnly
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=utf-8
X-Hudson: 1.395
X-Jenkins: 2.414.1
X-Jenkins-Session: baf5bd1e
Content-Length: 541
Server: Jetty(10.0.15)


<html><head><meta http-equiv='refresh' content='1;url=/login?from=%2F'/><script>window.location.replace('/login?from=%2F');</script></head><body style='background-color:white; color:white;'>


Authentication required
<!--
-->

</body></html>

Found 2024-06-11 by HttpPlugin

Create report

Data leak

Size

7.9 MB

Collections

Rows

135689

Domain summary

No record