Host 167.172.185.161
Germany
Software information
nginx 1.19.8
tcp/443 tcp/80
-
MySQL is publicly available
MySQL is currently open without authentication.
Additionally a ransom note has been found in the dataset which indicates it has been compromised
This results in all the database data made available publicly.
First seen 2024-01-17 15:24
Last seen 2024-02-19 14:20
Open for 32 days-
Severity: critical
Fingerprint: cf350410ecceb5fda1557cf3602a5839b14180f4503896ddbe7c7c90529c38caDatabases: 39, row count: 140176, size: 7.9 MB Found table RECOVER_YOUR_DATA.RECOVER_YOUR_DATA with 2 records Found table mysql.columns_priv with 0 records Found table mysql.component with 0 records Found table mysql.db with 3 records Found table mysql.default_roles with 0 records Found table mysql.engine_cost with 2 records Found table mysql.func with 0 records Found table mysql.general_log with 2 records Found table mysql.global_grants with 86 records Found table mysql.gtid_executed with 0 records Found table mysql.help_category with 53 records Found table mysql.help_keyword with 954 records Found table mysql.help_relation with 1740 records Found table mysql.help_topic with 957 records Found table mysql.innodb_index_stats with 9 records Found table mysql.innodb_table_stats with 3 records Found table mysql.ndb_binlog_index with 0 records Found table mysql.password_history with 0 records Found table mysql.plugin with 0 records Found table mysql.procs_priv with 0 records Found table mysql.proxies_priv with 1 records Found table mysql.replication_asynchronous_connection_failover with 0 records Found table mysql.replication_asynchronous_connection_failover_managed with 0 records Found table mysql.replication_group_configuration_version with 1 records Found table mysql.replication_group_member_actions with 2 records Found table mysql.role_edges with 0 records Found table mysql.server_cost with 6 records Found table mysql.servers with 0 records Found table mysql.slave_master_info with 0 records Found table mysql.slave_relay_log_info with 0 records Found table mysql.slave_worker_info with 0 records Found table mysql.slow_log with 2 records Found table mysql.tables_priv with 2 records Found table mysql.time_zone with 2074 records Found table mysql.time_zone_leap_second with 0 records Found table mysql.time_zone_name with 1581 records Found table mysql.time_zone_transition with 122161 records Found table mysql.time_zone_transition_type with 10529 records Found table mysql.user with 6 records
Found on 2024-02-19 14:207.9 MBytes 140176 rows -
Severity: critical
Fingerprint: cf350410ecceb5fd274b04288215e9729db90981f64bfcc063a06ff73f3532fdDatabases: 39, row count: 139218, size: 7.9 MB Found table RECOVER_YOUR_DATA.RECOVER_YOUR_DATA with 2 records Found table mysql.columns_priv with 0 records Found table mysql.component with 0 records Found table mysql.db with 3 records Found table mysql.default_roles with 0 records Found table mysql.engine_cost with 2 records Found table mysql.func with 0 records Found table mysql.general_log with 2 records Found table mysql.global_grants with 73 records Found table mysql.gtid_executed with 0 records Found table mysql.help_category with 53 records Found table mysql.help_keyword with 1142 records Found table mysql.help_relation with 2153 records Found table mysql.help_topic with 466 records Found table mysql.innodb_index_stats with 9 records Found table mysql.innodb_table_stats with 3 records Found table mysql.ndb_binlog_index with 0 records Found table mysql.password_history with 0 records Found table mysql.plugin with 0 records Found table mysql.procs_priv with 0 records Found table mysql.proxies_priv with 1 records Found table mysql.replication_asynchronous_connection_failover with 0 records Found table mysql.replication_asynchronous_connection_failover_managed with 0 records Found table mysql.replication_group_configuration_version with 1 records Found table mysql.replication_group_member_actions with 2 records Found table mysql.role_edges with 0 records Found table mysql.server_cost with 6 records Found table mysql.servers with 0 records Found table mysql.slave_master_info with 0 records Found table mysql.slave_relay_log_info with 0 records Found table mysql.slave_worker_info with 0 records Found table mysql.slow_log with 2 records Found table mysql.tables_priv with 2 records Found table mysql.time_zone with 1826 records Found table mysql.time_zone_leap_second with 0 records Found table mysql.time_zone_name with 1887 records Found table mysql.time_zone_transition with 122161 records Found table mysql.time_zone_transition_type with 9416 records Found table mysql.user with 6 records
Found on 2024-01-17 15:247.9 MBytes 139218 rows
-
-
Open service 167.172.185.161:80
2024-09-12 03:31
HTTP/1.1 301 Moved Permanently Server: nginx/1.19.8 Date: Thu, 12 Sep 2024 03:31:02 GMT Content-Type: text/html Content-Length: 169 Connection: close Location: https://167.172.185.161/ Page title: 301 Moved Permanently <html> <head><title>301 Moved Permanently</title></head> <body> <center><h1>301 Moved Permanently</h1></center> <hr><center>nginx/1.19.8</center> </body> </html>
Found 2024-09-12 by HttpPluginCreate report
-
Open service 167.172.185.161:443
2024-09-11 16:26
HTTP/1.1 500 Internal Server Error Server: nginx/1.19.8 Date: Wed, 11 Sep 2024 16:26:50 GMT Content-Type: application/json; charset=utf-8 Content-Length: 22 Connection: close Access-Control-Allow-Origin: * x-frame-options: SAMEORIGIN ETag: W/"16-7foYA9OJj5K/zWpF/TktwRbZA0M" Set-Cookie: connect.sid=s%3AvllAei__AHpxmmsFdDPHY4wTiqy8vOCs.jRMnghwnOhKiYZUN5r8ZX2g4Cx%2Bx7UAzbIa8Zog6QzA; Path=/; HttpOnly "Something went wrong"
Found 2024-09-11 by HttpPluginCreate report
-
Open service 167.172.185.161:3307
2024-09-11 12:48
MySQL detected
Found 2024-09-11 by tcpidCreate report
-
Open service 167.172.185.161:22
2024-09-11 04:27
Found 2024-09-11 by SSHOpenPluginCreate report