LeakIX - Host 170.187.204.162

Host 170.187.204.162

United States

Akamai Connected Cloud

Linux x86_64

Software information

nginx nginx 1.17.8

tcp/443 tcp/80

MySQL is publicly available

MySQL is currently open without authentication.

Additionally a ransom note has been found in the dataset which indicates it has been compromised

This results in all the database data made available publicly.

IP: 170.187.204.162
Port: 3306

First seen 2023-07-17 21:37
Last seen 2024-06-19 22:50
Open for 338 days

Severity: critical
Fingerprint: cf350410ecceb5fd71aa8a55756b5a8980d011844db8a24d7ee85f4084328c9e

Databases: 34, row count: 140878, size: 7.7 MB
Found table README_TO_RECOVER_A.RECOVER_YOUR_DATA with 2 records
Found table mysql.columns_priv with 0 records
Found table mysql.component with 0 records
Found table mysql.db with 3 records
Found table mysql.default_roles with 0 records
Found table mysql.engine_cost with 2 records
Found table mysql.func with 0 records
Found table mysql.general_log with 2 records
Found table mysql.global_grants with 49 records
Found table mysql.gtid_executed with 0 records
Found table mysql.help_category with 44 records
Found table mysql.help_keyword with 606 records
Found table mysql.help_relation with 1608 records
Found table mysql.help_topic with 959 records
Found table mysql.innodb_index_stats with 13 records
Found table mysql.innodb_table_stats with 4 records
Found table mysql.password_history with 0 records
Found table mysql.plugin with 0 records
Found table mysql.procs_priv with 0 records
Found table mysql.proxies_priv with 1 records
Found table mysql.role_edges with 0 records
Found table mysql.server_cost with 6 records
Found table mysql.servers with 0 records
Found table mysql.slave_master_info with 0 records
Found table mysql.slave_relay_log_info with 0 records
Found table mysql.slave_worker_info with 0 records
Found table mysql.slow_log with 2 records
Found table mysql.tables_priv with 2 records
Found table mysql.time_zone with 1881 records
Found table mysql.time_zone_leap_second with 0 records
Found table mysql.time_zone_name with 2438 records
Found table mysql.time_zone_transition with 124366 records
Found table mysql.time_zone_transition_type with 8884 records
Found table mysql.user with 6 records

Found on 2024-06-19 22:50

7.7 MBytes 140878 rows

Severity: critical
Fingerprint: cf350410ecceb5fd3a88edbeb5e6b6d52bb20390675b71f18f42427432d28361

Databases: 34, row count: 140363, size: 7.7 MB
No or default MySQL authentication found.Found table README_TO_RECOVER_A.RECOVER_YOUR_DATA with 2 records
Found table mysql.columns_priv with 0 records
Found table mysql.component with 0 records
Found table mysql.db with 3 records
Found table mysql.default_roles with 0 records
Found table mysql.engine_cost with 2 records
Found table mysql.func with 0 records
Found table mysql.general_log with 2 records
Found table mysql.global_grants with 49 records
Found table mysql.gtid_executed with 0 records
Found table mysql.help_category with 44 records
Found table mysql.help_keyword with 678 records
Found table mysql.help_relation with 1608 records
Found table mysql.help_topic with 711 records
Found table mysql.innodb_index_stats with 13 records
Found table mysql.innodb_table_stats with 4 records
Found table mysql.password_history with 0 records
Found table mysql.plugin with 0 records
Found table mysql.procs_priv with 0 records
Found table mysql.proxies_priv with 1 records
Found table mysql.role_edges with 0 records
Found table mysql.server_cost with 6 records
Found table mysql.servers with 0 records
Found table mysql.slave_master_info with 0 records
Found table mysql.slave_relay_log_info with 0 records
Found table mysql.slave_worker_info with 0 records
Found table mysql.slow_log with 2 records
Found table mysql.tables_priv with 2 records
Found table mysql.time_zone with 1881 records
Found table mysql.time_zone_leap_second with 0 records
Found table mysql.time_zone_name with 1465 records
Found table mysql.time_zone_transition with 124366 records
Found table mysql.time_zone_transition_type with 9518 records
Found table mysql.user with 6 records

Found on 2023-08-15 19:34

7.7 MBytes 140363 rows

Severity: critical
Fingerprint: cf350410ecceb5fd283c1c2c91df09536286b21e942fdd2bab56744abcd10654

Databases: 34, row count: 141876, size: 7.7 MB
No or default MySQL authentication found.Found table README_TO_RECOVER_A.RECOVER_YOUR_DATA with 2 records
Found table mysql.columns_priv with 0 records
Found table mysql.component with 0 records
Found table mysql.db with 3 records
Found table mysql.default_roles with 0 records
Found table mysql.engine_cost with 2 records
Found table mysql.func with 0 records
Found table mysql.general_log with 2 records
Found table mysql.global_grants with 49 records
Found table mysql.gtid_executed with 0 records
Found table mysql.help_category with 44 records
Found table mysql.help_keyword with 666 records
Found table mysql.help_relation with 1837 records
Found table mysql.help_topic with 592 records
Found table mysql.innodb_index_stats with 13 records
Found table mysql.innodb_table_stats with 4 records
Found table mysql.password_history with 0 records
Found table mysql.plugin with 0 records
Found table mysql.procs_priv with 0 records
Found table mysql.proxies_priv with 1 records
Found table mysql.role_edges with 0 records
Found table mysql.server_cost with 6 records
Found table mysql.servers with 0 records
Found table mysql.slave_master_info with 0 records
Found table mysql.slave_relay_log_info with 0 records
Found table mysql.slave_worker_info with 0 records
Found table mysql.slow_log with 2 records
Found table mysql.tables_priv with 2 records
Found table mysql.time_zone with 1525 records
Found table mysql.time_zone_leap_second with 0 records
Found table mysql.time_zone_name with 2601 records
Found table mysql.time_zone_transition with 124366 records
Found table mysql.time_zone_transition_type with 10153 records
Found table mysql.user with 6 records

Found on 2023-07-17 21:37

7.7 MBytes 141876 rows

Create report

Open service 170.187.204.162:443

2024-06-20 00:07

HTTP/1.1 404 Not Found
Server: nginx/1.17.8
Date: Thu, 20 Jun 2024 00:07:37 GMT
Content-Type: text/html
Content-Length: 555
Connection: close
Vary: Accept-Encoding
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15724800; includeSubDomains

Page title: 404 Not Found

<html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.17.8</center>
</body>
</html>
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->

Found 15 hours ago by HttpPlugin

Create report

Open service 170.187.204.162:3306

2024-06-19 22:50
```
MySQL detected
```
Found 16 hours ago by tcpid
Create report

Open service 170.187.204.162:443 · jenkins.inaicai3choo4ie1.top

2024-06-18 16:11

HTTP/1.1 403 Forbidden
Server: nginx/1.17.8
Date: Tue, 18 Jun 2024 16:11:52 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 541
Connection: close
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Set-Cookie: JSESSIONID.f417593e=node010yhf34813el11pq9g36jg5xdj6299.node0; Path=/; Secure; HttpOnly
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Hudson: 1.395
X-Jenkins: 2.277.3
X-Jenkins-Session: 8c8e2e7d
X-Hudson-CLI-Port: 50000
X-Jenkins-CLI-Port: 50000
X-Jenkins-CLI2-Port: 50000
Strict-Transport-Security: max-age=15724800; includeSubDomains


<html><head><meta http-equiv='refresh' content='1;url=/login?from=%2F'/><script>window.location.replace('/login?from=%2F');</script></head><body style='background-color:white; color:white;'>


Authentication required
<!--
-->

</body></html>

Found 2 days ago by HttpPlugin

Create report

Open service 170.187.204.162:443 · git.inaicai3choo4ie1.top

2024-06-18 07:30

HTTP/1.1 302 Found
Server: nginx/1.17.8
Date: Tue, 18 Jun 2024 07:30:45 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 111
Connection: close
Cache-Control: no-cache
Location: http://git.inaicai3choo4ie1.top/users/sign_in
Referrer-Policy: strict-origin-when-cross-origin
Set-Cookie: experimentation_subject_id=eyJfcmFpbHMiOnsibWVzc2FnZSI6IkltUXlZamhqTW1ZMkxXTmlZall0TkRsa015MDRObU5sTFRFME9USXlNVFUxWlRJd1lpST0iLCJleHAiOm51bGwsInB1ciI6ImNvb2tpZS5leHBlcmltZW50YXRpb25fc3ViamVjdF9pZCJ9fQ%3D%3D--954ac3ebfc99d7939782cf1203f64577049bf796; domain=.inaicai3choo4ie1.top; path=/; expires=Sat, 18 Jun 2044 07:30:45 -0000; HttpOnly
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: DENY
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: OWBtfbQqZT1
X-Runtime: 0.050983
X-Ua-Compatible: IE=edge
X-Xss-Protection: 1; mode=block
Strict-Transport-Security: max-age=15724800; includeSubDomains
Referrer-Policy: strict-origin-when-cross-origin


<html><body>You are being <a href="http://git.inaicai3choo4ie1.top/users/sign_in">redirected</a>.</body></html>

Found 2 days ago by HttpPlugin

Create report

Open service 170.187.204.162:80 · git.inaicai3choo4ie1.top

2024-06-18 07:30

HTTP/1.1 308 Permanent Redirect
Server: nginx/1.17.8
Date: Tue, 18 Jun 2024 07:30:42 GMT
Content-Type: text/html
Content-Length: 171
Connection: close
Location: https://git.inaicai3choo4ie1.top/

Page title: 308 Permanent Redirect

<html>
<head><title>308 Permanent Redirect</title></head>
<body>
<center><h1>308 Permanent Redirect</h1></center>
<hr><center>nginx/1.17.8</center>
</body>
</html>

Found 2 days ago by HttpPlugin

Create report

Open service 170.187.204.162:3306

2024-06-17 22:42
```
MySQL detected
```
Found 3 days ago by tcpid
Create report

Open service 170.187.204.162:443 · jenkins.inaicai3choo4ie1.top

2024-06-16 22:45

HTTP/1.1 403 Forbidden
Server: nginx/1.17.8
Date: Sun, 16 Jun 2024 22:45:30 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 541
Connection: close
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Set-Cookie: JSESSIONID.f417593e=node0asx7byrhywlh1sbcbk4xf64m96264.node0; Path=/; Secure; HttpOnly
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Hudson: 1.395
X-Jenkins: 2.277.3
X-Jenkins-Session: 8c8e2e7d
X-Hudson-CLI-Port: 50000
X-Jenkins-CLI-Port: 50000
X-Jenkins-CLI2-Port: 50000
Strict-Transport-Security: max-age=15724800; includeSubDomains


<html><head><meta http-equiv='refresh' content='1;url=/login?from=%2F'/><script>window.location.replace('/login?from=%2F');</script></head><body style='background-color:white; color:white;'>


Authentication required
<!--
-->

</body></html>

Found 2024-06-16 by HttpPlugin

Create report

Open service 170.187.204.162:3306

2024-06-15 23:26
```
MySQL detected
```
Found 2024-06-15 by tcpid
Create report
Open service 170.187.204.162:22

2024-06-15 16:07
Found 2024-06-15 by SSHOpenPlugin
Create report
Open service 170.187.204.162:3306

2024-06-15 04:36
```
MySQL detected
```
Found 2024-06-15 by tcpid
Create report

Open service 170.187.204.162:80

2024-06-14 21:21

HTTP/1.1 404 Not Found
Server: nginx/1.17.8
Date: Fri, 14 Jun 2024 21:21:17 GMT
Content-Type: text/html
Content-Length: 555
Connection: close
Vary: Accept-Encoding
Vary: Accept-Encoding

Page title: 404 Not Found

<html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.17.8</center>
</body>
</html>
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->

Found 2024-06-14 by HttpPlugin

Create report

Open service 170.187.204.162:80

2024-06-13 11:06

HTTP/1.1 404 Not Found
Server: nginx/1.17.8
Date: Thu, 13 Jun 2024 11:06:28 GMT
Content-Type: text/html
Content-Length: 555
Connection: close
Vary: Accept-Encoding
Vary: Accept-Encoding

Page title: 404 Not Found

<html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.17.8</center>
</body>
</html>
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->

Found 2024-06-13 by HttpPlugin

Create report

Open service 170.187.204.162:443 · jenkins.inaicai3choo4ie1.top

2024-06-12 02:13

HTTP/1.1 403 Forbidden
Server: nginx/1.17.8
Date: Wed, 12 Jun 2024 02:13:58 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 541
Connection: close
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Set-Cookie: JSESSIONID.f417593e=node05xhvvfvaejt7j3k86b7epsoz6230.node0; Path=/; Secure; HttpOnly
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Hudson: 1.395
X-Jenkins: 2.277.3
X-Jenkins-Session: 8c8e2e7d
X-Hudson-CLI-Port: 50000
X-Jenkins-CLI-Port: 50000
X-Jenkins-CLI2-Port: 50000
Strict-Transport-Security: max-age=15724800; includeSubDomains


<html><head><meta http-equiv='refresh' content='1;url=/login?from=%2F'/><script>window.location.replace('/login?from=%2F');</script></head><body style='background-color:white; color:white;'>


Authentication required
<!--
-->

</body></html>

Found 2024-06-12 by HttpPlugin

Create report

Open service 170.187.204.162:3306

2024-06-11 21:34
```
MySQL detected
```
Found 2024-06-11 by tcpid
Create report

Open service 170.187.204.162:443 · jenkins.inaicai3choo4ie1.top

2024-06-10 01:50

HTTP/1.1 403 Forbidden
Server: nginx/1.17.8
Date: Mon, 10 Jun 2024 01:50:51 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 541
Connection: close
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Set-Cookie: JSESSIONID.f417593e=node01p1u3lyjyb9gjpwsb81uxtctj6205.node0; Path=/; Secure; HttpOnly
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Hudson: 1.395
X-Jenkins: 2.277.3
X-Jenkins-Session: 8c8e2e7d
X-Hudson-CLI-Port: 50000
X-Jenkins-CLI-Port: 50000
X-Jenkins-CLI2-Port: 50000
Strict-Transport-Security: max-age=15724800; includeSubDomains


<html><head><meta http-equiv='refresh' content='1;url=/login?from=%2F'/><script>window.location.replace('/login?from=%2F');</script></head><body style='background-color:white; color:white;'>


Authentication required
<!--
-->

</body></html>

Found 2024-06-10 by HttpPlugin

Create report

Open service 170.187.204.162:3306

2024-06-09 22:19
```
MySQL detected
```
Found 2024-06-09 by tcpid
Create report

Open service 170.187.204.162:443 · jenkins.inaicai3choo4ie1.top

2024-06-08 19:14

HTTP/1.1 403 Forbidden
Server: nginx/1.17.8
Date: Sat, 08 Jun 2024 19:14:47 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 541
Connection: close
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Set-Cookie: JSESSIONID.f417593e=node0u0ws9z2yo29j1el4ihqyj0i3t6181.node0; Path=/; Secure; HttpOnly
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Hudson: 1.395
X-Jenkins: 2.277.3
X-Jenkins-Session: 8c8e2e7d
X-Hudson-CLI-Port: 50000
X-Jenkins-CLI-Port: 50000
X-Jenkins-CLI2-Port: 50000
Strict-Transport-Security: max-age=15724800; includeSubDomains


<html><head><meta http-equiv='refresh' content='1;url=/login?from=%2F'/><script>window.location.replace('/login?from=%2F');</script></head><body style='background-color:white; color:white;'>


Authentication required
<!--
-->

</body></html>

Found 2024-06-08 by HttpPlugin

Create report

Open service 170.187.204.162:3306

2024-06-07 21:46
```
MySQL detected
```
Found 2024-06-07 by tcpid
Create report

Open service 170.187.204.162:443 · jenkins.inaicai3choo4ie1.top

2024-06-06 03:02

HTTP/1.1 403 Forbidden
Server: nginx/1.17.8
Date: Thu, 06 Jun 2024 03:02:09 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 541
Connection: close
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Set-Cookie: JSESSIONID.f417593e=node01v9fb086q04m176oe90abcze56147.node0; Path=/; Secure; HttpOnly
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Hudson: 1.395
X-Jenkins: 2.277.3
X-Jenkins-Session: 8c8e2e7d
X-Hudson-CLI-Port: 50000
X-Jenkins-CLI-Port: 50000
X-Jenkins-CLI2-Port: 50000
Strict-Transport-Security: max-age=15724800; includeSubDomains


<html><head><meta http-equiv='refresh' content='1;url=/login?from=%2F'/><script>window.location.replace('/login?from=%2F');</script></head><body style='background-color:white; color:white;'>


Authentication required
<!--
-->

</body></html>

Found 2024-06-06 by HttpPlugin

Create report

Open service 170.187.204.162:3306

2024-06-05 21:43
```
MySQL detected
```
Found 2024-06-05 by tcpid
Create report

Open service 170.187.204.162:443 · jenkins.inaicai3choo4ie1.top

2024-06-04 08:12

HTTP/1.1 403 Forbidden
Server: nginx/1.17.8
Date: Tue, 04 Jun 2024 08:12:54 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 541
Connection: close
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Set-Cookie: JSESSIONID.f417593e=node07dmqu7yuwlg71j3tac97u2uu96119.node0; Path=/; Secure; HttpOnly
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Hudson: 1.395
X-Jenkins: 2.277.3
X-Jenkins-Session: 8c8e2e7d
X-Hudson-CLI-Port: 50000
X-Jenkins-CLI-Port: 50000
X-Jenkins-CLI2-Port: 50000
Strict-Transport-Security: max-age=15724800; includeSubDomains


<html><head><meta http-equiv='refresh' content='1;url=/login?from=%2F'/><script>window.location.replace('/login?from=%2F');</script></head><body style='background-color:white; color:white;'>


Authentication required
<!--
-->

</body></html>

Found 2024-06-04 by HttpPlugin

Create report

Open service 170.187.204.162:3306

2024-06-03 20:05
```
MySQL detected
```
Found 2024-06-03 by tcpid
Create report

Open service 170.187.204.162:80

2024-06-02 14:09

HTTP/1.1 404 Not Found
Server: nginx/1.17.8
Date: Sun, 02 Jun 2024 14:09:08 GMT
Content-Type: text/html
Content-Length: 555
Connection: close
Vary: Accept-Encoding
Vary: Accept-Encoding

Page title: 404 Not Found

<html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.17.8</center>
</body>
</html>
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->

Found 2024-06-02 by HttpPlugin

Create report

Open service 170.187.204.162:443 · jenkins.inaicai3choo4ie1.top

2024-06-02 10:38

HTTP/1.1 403 Forbidden
Server: nginx/1.17.8
Date: Sun, 02 Jun 2024 10:38:50 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 541
Connection: close
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Set-Cookie: JSESSIONID.f417593e=node0dm86bv196xvusv5dfre2z9k46098.node0; Path=/; Secure; HttpOnly
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Hudson: 1.395
X-Jenkins: 2.277.3
X-Jenkins-Session: 8c8e2e7d
X-Hudson-CLI-Port: 50000
X-Jenkins-CLI-Port: 50000
X-Jenkins-CLI2-Port: 50000
Strict-Transport-Security: max-age=15724800; includeSubDomains


<html><head><meta http-equiv='refresh' content='1;url=/login?from=%2F'/><script>window.location.replace('/login?from=%2F');</script></head><body style='background-color:white; color:white;'>


Authentication required
<!--
-->

</body></html>

Found 2024-06-02 by HttpPlugin

Create report

ingress.local

Fingerprint:

1f5376981fa05f8a75a7cac5a34fcf18af8856638f7cf6a42a48db736ebba1ea

CN:

Kubernetes Ingress Controller Fake Certificate

Key:

RSA-2048

Issuer:

Kubernetes Ingress Controller Fake Certificate

Not before:

2023-12-29 13:50

Not after:

2024-12-28 13:50

jenkins.inaicai3choo4ie1.top

Fingerprint:

110fac5f9de513089c85a392257d733e6763c223daa71853dac5eb2c36a8740f

CN:

jenkins.inaicai3choo4ie1.top

Key:

RSA-2048

Issuer:

Not before:

2024-05-23 05:56

Not after:

2024-08-21 05:56

git.inaicai3choo4ie1.top

Fingerprint:

3c7791982223ca3cd27f5895ecf33a26d73229d019685a542a41540dd9ee8c33

CN:

git.inaicai3choo4ie1.top

Key:

RSA-2048

Issuer:

R11

Not before:

2024-06-18 06:30

Not after:

2024-09-16 06:30

Data leak

Size

7.7 MB

Collections

Rows

141876

Domain summary

jenkins.inaicai3choo4ie1.top 7 git.inaicai3choo4ie1.top 1

2 recorded