LeakIX - Host 184.169.147.237

Host 184.169.147.237

United States

AMAZON-02

Linux x86_64

MySQL is publicly available

MySQL is currently open without authentication.

Additionally a ransom note has been found in the dataset which indicates it has been compromised

This results in all the database data made available publicly.

IP: 184.169.147.237
Port: 3306

First seen 2023-07-17 20:05
Last seen 2023-09-22 20:53
Open for 67 days

Severity: critical
Fingerprint: cf350410ecceb5fd9b54bd7eeef5b3402926923bc4233ddaab71deefe81446d4

Databases: 112, row count: 2811169, size: 924.9 MB
Found table README_TO_RECOVER_GZ.README with 1 records
Found table analytics.ARP_Udata with 2976 records
Found table analytics.Ether_Type_Name with 3584 records
Found table analytics.ICMP_Anomaly with 18920 records
Found table analytics.ICMP_PREDICTION_DATA with 73235 records
Found table analytics.ICMP_Udata with 0 records
Found table analytics.ICMP_time_summary with 10271 records
Found table analytics.IP_NIP_Udata with 114 records
Found table analytics.IP_Protocol_Name with 257 records
Found table analytics.MODBUS_PREDICTION_DATA with 5093 records
Found table analytics.MODBUS_Udata with 0 records
Found table analytics.MODBUS_time_summary with 19 records
Found table analytics.Port_Names with 6267 records
Found table analytics.Protocol_Anomaly_Table with 55 records
Found table analytics.README with 1 records
Found table analytics.TCP_Anomaly with 4 records
Found table analytics.TCP_PREDICTION_DATA with 19964 records
Found table analytics.TCP_Udata with 0 records
Found table analytics.TCP_time_summary with 186 records
Found table analytics.Threshold_Data with 3 records
Found table analytics.UDP_Anomaly with 12546 records
Found table analytics.UDP_PREDICTION_DATA with 430901 records
Found table analytics.UDP_Udata with 0 records
Found table analytics.UDP_time_summary with 19403 records
Found table analytics.deviceList with 4 records
Found table belden_wireless.ALERT_Chl_busyPct with 93775 records
Found table belden_wireless.ALERT_LATEST_DIAGNOSTICS_EVENT_107 with 8 records
Found table belden_wireless.DIAGNOSTICS_EVENT_106 with 312465 records
Found table belden_wireless.DIAGNOSTICS_EVENT_107 with 312465 records
Found table belden_wireless.DIAGNOSTICS_EVENT_108 with 62715 records
Found table belden_wireless.DIAGNOSTICS_EVENT_109 with 94000 records
Found table belden_wireless.DIAGNOSTICS_EVENT_110 with 62658 records
Found table belden_wireless.DIAGNOSTICS_EVENT_111 with 61082 records
Found table belden_wireless.DIAGNOSTICS_EVENT_112 with 312405 records
Found table belden_wireless.DIAGNOSTICS_EVENT_113 with 62715 records
Found table belden_wireless.DIAGNOSTICS_EVENT_115 with 35938 records
Found table belden_wireless.DIAGNOSTICS_EVENT_116 with 34941 records
Found table belden_wireless.DIAGNOSTICS_EVENT_117 with 377 records
Found table belden_wireless.DIAGNOSTICS_EVENT_118 with 26792 records
Found table belden_wireless.DIAGNOSTICS_EVENT_120 with 0 records
Found table belden_wireless.DIAGNOSTICS_EVENT_121 with 107333 records
Found table belden_wireless.INFO_EVENT_114 with 187 records
Found table belden_wireless.INFO_EVENT_4097 with 900 records
Found table belden_wireless.INFO_EVENT_4097_4098 with 8697 records
Found table belden_wireless.INFO_EVENT_4098 with 8640 records
Found table belden_wireless.INFO_EVENT_87 with 180 records
Found table belden_wireless.LATEST_DIAGNOSTICS_EVENT_106 with 40 records
Found table belden_wireless.LATEST_DIAGNOSTICS_EVENT_108 with 40 records
Found table belden_wireless.LATEST_DIAGNOSTICS_EVENT_110 with 40 records
Found table belden_wireless.LATEST_DIAGNOSTICS_EVENT_111 with 40 records
Found table belden_wireless.LATEST_DIAGNOSTICS_EVENT_115 with 16 records
Found table belden_wireless.LATEST_DIAGNOSTICS_EVENT_116 with 16 records
Found table belden_wireless.LATEST_INFO_EVENT_4097 with 16 records
Found table belden_wireless.LATEST_INFO_EVENT_4098 with 16 records
Found table belden_wireless.LATEST_ROAM_EVENT_50 with 4 records
Found table belden_wireless.LATEST_ROAM_EVENT_81 with 3 records
Found table belden_wireless.LATEST_ROAM_EVENT_91_PER_DEVICEID_PERROAMSTATUS with 6 records
Found table belden_wireless.ROAM_EVENT_44 with 0 records
Found table belden_wireless.ROAM_EVENT_47 with 0 records
Found table belden_wireless.ROAM_EVENT_49 with 8 records
Found table belden_wireless.ROAM_EVENT_50 with 0 records
Found table belden_wireless.ROAM_EVENT_81 with 0 records
Found table belden_wireless.ROAM_EVENT_91_PER_DEVICEID_PERROAMSTATUS with 0 records
Found table belden_wireless.Wireless_Threshold_Data with 7 records
Found table belden_wireless.alert_long_roam with 0 records
Found table belden_wireless.alert_loss_of_link with 0 records
Found table belden_wireless.alert_sudden_change_rssi with 282397 records
Found table belden_wireless.avg_roam_time_alert with 0 records
Found table belden_wireless.device_peer_prediction_data with 252 records
Found table belden_wireless.device_prediction_data with 773 records
Found table belden_wireless.excessive_tx_failures_alert with 40 records
Found table belden_wireless.oui_names with 33580 records
Found table belden_wireless.rx_missing_alert with 106 records
Found table belden_wireless.window_count with 152181 records
Found table mysql.columns_priv with 0 records
Found table mysql.component with 0 records
Found table mysql.db with 2 records
Found table mysql.default_roles with 0 records
Found table mysql.engine_cost with 2 records
Found table mysql.func with 0 records
Found table mysql.general_log with 2 records
Found table mysql.global_grants with 121 records
Found table mysql.gtid_executed with 0 records
Found table mysql.help_category with 53 records
Found table mysql.help_keyword with 1142 records
Found table mysql.help_relation with 1497 records
Found table mysql.help_topic with 650 records
Found table mysql.innodb_index_stats with 469 records
Found table mysql.innodb_table_stats with 109 records
Found table mysql.ndb_binlog_index with 0 records
Found table mysql.password_history with 0 records
Found table mysql.plugin with 0 records
Found table mysql.procs_priv with 0 records
Found table mysql.proxies_priv with 1 records
Found table mysql.replication_asynchronous_connection_failover with 0 records
Found table mysql.replication_asynchronous_connection_failover_managed with 0 records
Found table mysql.replication_group_configuration_version with 1 records
Found table mysql.replication_group_member_actions with 2 records
Found table mysql.role_edges with 0 records
Found table mysql.server_cost with 6 records
Found table mysql.servers with 0 records
Found table mysql.slave_master_info with 0 records
Found table mysql.slave_relay_log_info with 0 records
Found table mysql.slave_worker_info with 0 records
Found table mysql.slow_log with 2 records
Found table mysql.tables_priv with 2 records
Found table mysql.time_zone with 1828 records
Found table mysql.time_zone_leap_second with 0 records
Found table mysql.time_zone_name with 1743 records
Found table mysql.time_zone_transition with 121720 records
Found table mysql.time_zone_transition_type with 10153 records
Found table mysql.user with 6 records

Found on 2023-09-22 20:53

924.9 MBytes 2811169 rows

Severity: critical
Fingerprint: cf350410ecceb5fdaa7c34688f920a5a2a2f975cff327cf31e6725c8430e2102

Databases: 64, row count: 481243, size: 403.3 MB
Found table README_TO_RECOVER_GZ.README with 1 records
Found table analytics.ARP_Udata with 2959 records
Found table analytics.Ether_Type_Name with 3584 records
Found table analytics.ICMP_Anomaly with 18920 records
Found table analytics.ICMP_PREDICTION_DATA with 17636 records
Found table analytics.ICMP_Udata with 0 records
Found table analytics.ICMP_time_summary with 4729 records
Found table analytics.IP_NIP_Udata with 114 records
Found table analytics.IP_Protocol_Name with 257 records
Found table analytics.MODBUS_PREDICTION_DATA with 5093 records
Found table analytics.MODBUS_Udata with 0 records
Found table analytics.MODBUS_time_summary with 19 records
Found table analytics.Port_Names with 6267 records
Found table analytics.Protocol_Anomaly_Table with 55 records
Found table analytics.README with 1 records
Found table analytics.TCP_Anomaly with 4 records
Found table analytics.TCP_PREDICTION_DATA with 14765 records
Found table analytics.TCP_Udata with 0 records
Found table analytics.TCP_time_summary with 188 records
Found table analytics.Threshold_Data with 3 records
Found table analytics.UDP_Anomaly with 12300 records
Found table analytics.UDP_PREDICTION_DATA with 244740 records
Found table analytics.UDP_Udata with 0 records
Found table analytics.UDP_time_summary with 10092 records
Found table analytics.deviceList with 4 records
Found table belden_wireless.README with 1 records
Found table mysql.columns_priv with 0 records
Found table mysql.component with 0 records
Found table mysql.db with 2 records
Found table mysql.default_roles with 0 records
Found table mysql.engine_cost with 2 records
Found table mysql.func with 0 records
Found table mysql.general_log with 2 records
Found table mysql.global_grants with 121 records
Found table mysql.gtid_executed with 0 records
Found table mysql.help_category with 53 records
Found table mysql.help_keyword with 1142 records
Found table mysql.help_relation with 1497 records
Found table mysql.help_topic with 650 records
Found table mysql.innodb_index_stats with 469 records
Found table mysql.innodb_table_stats with 109 records
Found table mysql.ndb_binlog_index with 0 records
Found table mysql.password_history with 0 records
Found table mysql.plugin with 0 records
Found table mysql.procs_priv with 0 records
Found table mysql.proxies_priv with 1 records
Found table mysql.replication_asynchronous_connection_failover with 0 records
Found table mysql.replication_asynchronous_connection_failover_managed with 0 records
Found table mysql.replication_group_configuration_version with 1 records
Found table mysql.replication_group_member_actions with 2 records
Found table mysql.role_edges with 0 records
Found table mysql.server_cost with 6 records
Found table mysql.servers with 0 records
Found table mysql.slave_master_info with 0 records
Found table mysql.slave_relay_log_info with 0 records
Found table mysql.slave_worker_info with 0 records
Found table mysql.slow_log with 2 records
Found table mysql.tables_priv with 2 records
Found table mysql.time_zone with 1828 records
Found table mysql.time_zone_leap_second with 0 records
Found table mysql.time_zone_name with 1743 records
Found table mysql.time_zone_transition with 121720 records
Found table mysql.time_zone_transition_type with 10153 records
Found table mysql.user with 6 records

Found on 2023-09-19 10:36

403.3 MBytes 481243 rows

Severity: high
Fingerprint: cf350410ecceb5fd20a95c10b42f06bde7658ddc4ae5b6aa6d5a39928664b165

Databases: 61, row count: 343932, size: 245.2 MB
No or default MySQL authentication found.Found table analytics.ARP_Udata with 12718 records
Found table analytics.Ether_Type_Name with 3584 records
Found table analytics.ICMP_Anomaly with 4223 records
Found table analytics.ICMP_PREDICTION_DATA with 12289 records
Found table analytics.ICMP_Udata with 0 records
Found table analytics.ICMP_time_summary with 2074 records
Found table analytics.IP_NIP_Udata with 312 records
Found table analytics.IP_Protocol_Name with 257 records
Found table analytics.MODBUS_PREDICTION_DATA with 1169 records
Found table analytics.MODBUS_Udata with 0 records
Found table analytics.MODBUS_time_summary with 1073 records
Found table analytics.Port_Names with 6272 records
Found table analytics.Protocol_Anomaly_Table with 55 records
Found table analytics.TCP_Anomaly with 61708 records
Found table analytics.TCP_PREDICTION_DATA with 79838 records
Found table analytics.TCP_Udata with 0 records
Found table analytics.TCP_time_summary with 2149 records
Found table analytics.Threshold_Data with 3 records
Found table analytics.UDP_Anomaly with 69 records
Found table analytics.UDP_PREDICTION_DATA with 13433 records
Found table analytics.UDP_Udata with 0 records
Found table analytics.UDP_time_summary with 2080 records
Found table analytics.deviceList with 2 records
Found table mysql.columns_priv with 0 records
Found table mysql.component with 0 records
Found table mysql.db with 2 records
Found table mysql.default_roles with 0 records
Found table mysql.engine_cost with 2 records
Found table mysql.func with 0 records
Found table mysql.general_log with 2 records
Found table mysql.global_grants with 143 records
Found table mysql.gtid_executed with 0 records
Found table mysql.help_category with 53 records
Found table mysql.help_keyword with 1092 records
Found table mysql.help_relation with 2396 records
Found table mysql.help_topic with 947 records
Found table mysql.innodb_index_stats with 163 records
Found table mysql.innodb_table_stats with 43 records
Found table mysql.ndb_binlog_index with 0 records
Found table mysql.password_history with 0 records
Found table mysql.plugin with 0 records
Found table mysql.procs_priv with 0 records
Found table mysql.proxies_priv with 1 records
Found table mysql.replication_asynchronous_connection_failover with 0 records
Found table mysql.replication_asynchronous_connection_failover_managed with 0 records
Found table mysql.replication_group_configuration_version with 1 records
Found table mysql.replication_group_member_actions with 2 records
Found table mysql.role_edges with 0 records
Found table mysql.server_cost with 6 records
Found table mysql.servers with 0 records
Found table mysql.slave_master_info with 0 records
Found table mysql.slave_relay_log_info with 0 records
Found table mysql.slave_worker_info with 0 records
Found table mysql.slow_log with 2 records
Found table mysql.tables_priv with 2 records
Found table mysql.time_zone with 1443 records
Found table mysql.time_zone_leap_second with 0 records
Found table mysql.time_zone_name with 1628 records
Found table mysql.time_zone_transition with 122161 records
Found table mysql.time_zone_transition_type with 10529 records
Found table mysql.user with 6 records

Found on 2023-07-17 20:05

245.2 MBytes 343932 rows

Create report

Kafka instance is public

The Kafka instance is available to the public without authentication.

An attacker could connect to the queue to extract private/confidential information in real-time.

IP: 184.169.147.237
Port: 9092

First seen 2023-05-08 09:09
Last seen 2023-05-26 22:59
Open for 18 days
- Fingerprint: 43224224eeda9da960defeaac7a65de2cba1f2330ad913b9c68c253b8907f4e7
```
NoAuth
Found topic ICMP_Udata
Found topic Protocol_Anomaly
Found topic UDP_Udata
Found topic TCP_Udata
Found topic IP_NIP_Udata
Found topic ARP_Udata
Found topic __consumer_offsets
```
  Found on 2023-05-26 22:59
- Fingerprint: 43224224eeda9da960defeaa9ff0435279d9db0c18e2803ce73fbfa8a1c6c929
```
NoAuth
Found topic IP_NIP_Udata
Found topic ARP_Udata
Found topic __consumer_offsets
Found topic ICMP_Udata
Found topic Protocol_Anomaly
Found topic UDP_Udata
Found topic TCP_Udata
```
  Found on 2023-05-22 09:03
- Fingerprint: 43224224eeda9da960defeaa403ad7a6f83b4ac6154670100db17b807d8f106b
```
NoAuth
Found topic TCP_Udata
Found topic IP_NIP_Udata
Found topic ARP_Udata
Found topic __consumer_offsets
Found topic ICMP_Udata
Found topic Protocol_Anomaly
Found topic UDP_Udata
```
  Found on 2023-05-08 09:09
Create report

Data leak

Size

924.9 MB

Collections

112

Rows

2811169

Domain summary

No record

Host 184.169.147.237

United States

MySQL is publicly available

Kafka instance is public

Data leak

Domain summary