LeakIX - Host 180.235.133.19

Host 180.235.133.19

Hong Kong

Asia Web Service Ltd

redhat-linux-gnu x86_64

Software information

Apache Apache 2.2.15

tcp/443 tcp/80

MySQL is publicly available

MySQL is currently open without authentication.

Additionally a ransom note has been found in the dataset which indicates it has been compromised

This results in all the database data made available publicly.

IP: 180.235.133.19
Port: 3306

First seen 2024-04-24 05:29
Last seen 2024-06-19 20:30
Open for 56 days

Severity: critical
Fingerprint: cf350410ecceb5fda0cc236e4dd1805863bdeeb757ce90060a8003ecb6eefd3e

Databases: 24, row count: 2037, size: 566.7 kB
Found table RECOVER_YOUR_DATA.RECOVER_YOUR_DATA with 2 records
Found table mysql.columns_priv with 0 records
Found table mysql.db with 3 records
Found table mysql.event with 0 records
Found table mysql.func with 0 records
Found table mysql.general_log with 2 records
Found table mysql.help_category with 40 records
Found table mysql.help_keyword with 453 records
Found table mysql.help_relation with 1009 records
Found table mysql.help_topic with 510 records
Found table mysql.host with 0 records
Found table mysql.ndb_binlog_index with 0 records
Found table mysql.plugin with 0 records
Found table mysql.proc with 0 records
Found table mysql.procs_priv with 0 records
Found table mysql.servers with 0 records
Found table mysql.slow_log with 2 records
Found table mysql.tables_priv with 0 records
Found table mysql.time_zone with 0 records
Found table mysql.time_zone_leap_second with 0 records
Found table mysql.time_zone_name with 0 records
Found table mysql.time_zone_transition with 0 records
Found table mysql.time_zone_transition_type with 0 records
Found table mysql.user with 16 records

Found on 2024-06-19 20:30

566.7 kBytes 2037 rows

Create report

Open service 180.235.133.19:3306

2024-06-19 20:30
```
MySQL detected
```
Found 15 hours ago by tcpid
Create report
Open service 180.235.133.19:3306

2024-06-17 20:21
```
MySQL detected
```
Found 3 days ago by tcpid
Create report

Open service 180.235.133.19:443

2024-06-15 08:14

HTTP/1.1 302 Found
Date: Sat, 15 Jun 2024 08:14:12 GMT
Server: Apache/2.2.15 (CentOS)
Location: http://help.ole777.com/help/
Content-Length: 293
Connection: close
Content-Type: text/html; charset=iso-8859-1

Page title: 302 Found

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://help.ole777.com/help/">here</a>.</p>
<hr>
<address>Apache/2.2.15 (CentOS) Server at 180.235.133.19 Port 443</address>
</body></html>

Found 2024-06-15 by HttpPlugin

Create report

Open service 180.235.133.19:3306

2024-06-14 18:11
```
MySQL detected
```
Found 2024-06-14 by tcpid
Create report

Open service 180.235.133.19:80

2024-06-13 13:50

HTTP/1.1 302 Found
Date: Thu, 13 Jun 2024 13:50:10 GMT
Server: Apache/2.2.15 (CentOS)
Location: http://help.ole777.com/help/
Content-Length: 292
Connection: close
Content-Type: text/html; charset=iso-8859-1

Page title: 302 Found

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://help.ole777.com/help/">here</a>.</p>
<hr>
<address>Apache/2.2.15 (CentOS) Server at 180.235.133.19 Port 80</address>
</body></html>

Found 2024-06-13 by HttpPlugin

Create report

Open service 180.235.133.19:3306

2024-06-12 18:47
```
MySQL detected
```
Found 2024-06-12 by tcpid
Create report
Open service 180.235.133.19:3306

2024-06-09 21:34
```
MySQL detected
```
Found 2024-06-09 by tcpid
Create report
Open service 180.235.133.19:3306

2024-06-07 21:34
```
MySQL detected
```
Found 2024-06-07 by tcpid
Create report
Open service 180.235.133.19:3306

2024-06-05 21:31
```
MySQL detected
```
Found 2024-06-05 by tcpid
Create report
Open service 180.235.133.19:3306

2024-06-03 21:52
```
MySQL detected
```
Found 2024-06-03 by tcpid
Create report

Open service 180.235.133.19:80

2024-06-02 12:02

HTTP/1.1 302 Found
Date: Sun, 02 Jun 2024 12:02:58 GMT
Server: Apache/2.2.15 (CentOS)
Location: http://help.ole777.com/help/
Content-Length: 292
Connection: close
Content-Type: text/html; charset=iso-8859-1

Page title: 302 Found

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://help.ole777.com/help/">here</a>.</p>
<hr>
<address>Apache/2.2.15 (CentOS) Server at 180.235.133.19 Port 80</address>
</body></html>

Found 2024-06-02 by HttpPlugin

Create report

Open service 180.235.133.19:3306

2024-06-02 10:18
```
MySQL detected
```
Found 2024-06-02 by tcpid
Create report

www.olehelp.comolehelp.com

Fingerprint:

91941834ca66ef8ca7e4556d63c7568380a495964931f16f216a2c3d22125ccb

CN:

www.olehelp.com

Key:

RSA-2048

Issuer:

Sectigo RSA Domain Validation Secure Server CA

Not before:

2023-09-08 00:00

Not after:

2024-09-08 23:59

Data leak

Size

566.7 kB

Collections

Rows

2037

Domain summary

No record