LeakIX - Host 37.143.12.173

Host 37.143.12.173

Russia

EuroByte LLC

Linux x86_64

Software information

nginx nginx

tcp/443 tcp/80

MySQL is publicly available

MySQL is currently open without authentication.

Additionally a ransom note has been found in the dataset which indicates it has been compromised

This results in all the database data made available publicly.

IP: 37.143.12.173
Port: 3306

First seen 2023-07-18 17:13
Last seen 2023-08-15 19:31
Open for 28 days

Severity: critical
Fingerprint: cf350410ecceb5fd738780d9161328d287c9d7ceeae8766d02da4254916dd427

Databases: 40, row count: 139718, size: 7.9 MB
No or default MySQL authentication found.Found table README_TO_RECOVER_GZ.README with 1 records
Found table laravel.README with 1 records
Found table mysql.columns_priv with 0 records
Found table mysql.component with 0 records
Found table mysql.db with 2 records
Found table mysql.default_roles with 0 records
Found table mysql.engine_cost with 2 records
Found table mysql.func with 0 records
Found table mysql.general_log with 2 records
Found table mysql.global_grants with 99 records
Found table mysql.gtid_executed with 0 records
Found table mysql.help_category with 53 records
Found table mysql.help_keyword with 787 records
Found table mysql.help_relation with 2431 records
Found table mysql.help_topic with 742 records
Found table mysql.innodb_index_stats with 12 records
Found table mysql.innodb_table_stats with 4 records
Found table mysql.ndb_binlog_index with 0 records
Found table mysql.password_history with 0 records
Found table mysql.plugin with 0 records
Found table mysql.procs_priv with 0 records
Found table mysql.proxies_priv with 1 records
Found table mysql.replication_asynchronous_connection_failover with 0 records
Found table mysql.replication_asynchronous_connection_failover_managed with 0 records
Found table mysql.replication_group_configuration_version with 1 records
Found table mysql.replication_group_member_actions with 2 records
Found table mysql.role_edges with 0 records
Found table mysql.server_cost with 6 records
Found table mysql.servers with 0 records
Found table mysql.slave_master_info with 0 records
Found table mysql.slave_relay_log_info with 0 records
Found table mysql.slave_worker_info with 0 records
Found table mysql.slow_log with 2 records
Found table mysql.tables_priv with 2 records
Found table mysql.time_zone with 1826 records
Found table mysql.time_zone_leap_second with 0 records
Found table mysql.time_zone_name with 2160 records
Found table mysql.time_zone_transition with 122161 records
Found table mysql.time_zone_transition_type with 9416 records
Found table mysql.user with 5 records

Found on 2023-08-15 19:31

7.9 MBytes 139718 rows

Severity: critical
Fingerprint: cf350410ecceb5fd10e9614f34617ca62cde6b5562bf14ecb3e444ae108c3dd3

Databases: 39, row count: 140341, size: 7.9 MB
No or default MySQL authentication found.Found table README_TO_RECOVER_A.RECOVER_YOUR_DATA with 2 records
Found table mysql.columns_priv with 0 records
Found table mysql.component with 0 records
Found table mysql.db with 2 records
Found table mysql.default_roles with 0 records
Found table mysql.engine_cost with 2 records
Found table mysql.func with 0 records
Found table mysql.general_log with 2 records
Found table mysql.global_grants with 99 records
Found table mysql.gtid_executed with 0 records
Found table mysql.help_category with 53 records
Found table mysql.help_keyword with 1092 records
Found table mysql.help_relation with 2427 records
Found table mysql.help_topic with 762 records
Found table mysql.innodb_index_stats with 9 records
Found table mysql.innodb_table_stats with 3 records
Found table mysql.ndb_binlog_index with 0 records
Found table mysql.password_history with 0 records
Found table mysql.plugin with 0 records
Found table mysql.procs_priv with 0 records
Found table mysql.proxies_priv with 1 records
Found table mysql.replication_asynchronous_connection_failover with 0 records
Found table mysql.replication_asynchronous_connection_failover_managed with 0 records
Found table mysql.replication_group_configuration_version with 1 records
Found table mysql.replication_group_member_actions with 2 records
Found table mysql.role_edges with 0 records
Found table mysql.server_cost with 6 records
Found table mysql.servers with 0 records
Found table mysql.slave_master_info with 0 records
Found table mysql.slave_relay_log_info with 0 records
Found table mysql.slave_worker_info with 0 records
Found table mysql.slow_log with 2 records
Found table mysql.tables_priv with 2 records
Found table mysql.time_zone with 1826 records
Found table mysql.time_zone_leap_second with 0 records
Found table mysql.time_zone_name with 1353 records
Found table mysql.time_zone_transition with 122161 records
Found table mysql.time_zone_transition_type with 10529 records
Found table mysql.user with 5 records

Found on 2023-07-27 13:09

7.9 MBytes 140341 rows

Severity: high
Fingerprint: cf350410ecceb5fdec9af01ef4c724181e09513f84e92f586182af23103ef58b

Databases: 56, row count: 140453, size: 8.2 MB
No or default MySQL authentication found.Found table laravel.cheques with 0 records
Found table laravel.failed_jobs with 0 records
Found table laravel.ips with 0 records
Found table laravel.menus with 2 records
Found table laravel.menus_roles with 1 records
Found table laravel.migrations with 19 records
Found table laravel.operations with 1 records
Found table laravel.password_reset_tokens with 0 records
Found table laravel.password_resets with 0 records
Found table laravel.permissions with 3 records
Found table laravel.personal_access_tokens with 0 records
Found table laravel.products with 0 records
Found table laravel.products_types with 13 records
Found table laravel.roles with 3 records
Found table laravel.roles_permissions with 3 records
Found table laravel.users with 1 records
Found table laravel.users_permissions with 0 records
Found table laravel.users_roles with 1 records
Found table mysql.columns_priv with 0 records
Found table mysql.component with 0 records
Found table mysql.db with 2 records
Found table mysql.default_roles with 0 records
Found table mysql.engine_cost with 2 records
Found table mysql.func with 0 records
Found table mysql.general_log with 2 records
Found table mysql.global_grants with 82 records
Found table mysql.gtid_executed with 0 records
Found table mysql.help_category with 53 records
Found table mysql.help_keyword with 1092 records
Found table mysql.help_relation with 2190 records
Found table mysql.help_topic with 499 records
Found table mysql.innodb_index_stats with 132 records
Found table mysql.innodb_table_stats with 20 records
Found table mysql.ndb_binlog_index with 0 records
Found table mysql.password_history with 0 records
Found table mysql.plugin with 0 records
Found table mysql.procs_priv with 0 records
Found table mysql.proxies_priv with 1 records
Found table mysql.replication_asynchronous_connection_failover with 0 records
Found table mysql.replication_asynchronous_connection_failover_managed with 0 records
Found table mysql.replication_group_configuration_version with 1 records
Found table mysql.replication_group_member_actions with 2 records
Found table mysql.role_edges with 0 records
Found table mysql.server_cost with 6 records
Found table mysql.servers with 0 records
Found table mysql.slave_master_info with 0 records
Found table mysql.slave_relay_log_info with 0 records
Found table mysql.slave_worker_info with 0 records
Found table mysql.slow_log with 2 records
Found table mysql.tables_priv with 2 records
Found table mysql.time_zone with 2074 records
Found table mysql.time_zone_leap_second with 0 records
Found table mysql.time_zone_name with 1549 records
Found table mysql.time_zone_transition with 122161 records
Found table mysql.time_zone_transition_type with 10529 records
Found table mysql.user with 5 records

Found on 2023-07-18 17:13

8.2 MBytes 140453 rows

Create report

Open service 37.143.12.173:22

2024-09-12 06:28
Found 2024-09-12 by SSHOpenPlugin
Create report

Open service 37.143.12.173:443

2024-09-12 04:43

HTTP/1.1 403 Forbidden
Server: nginx
Date: Thu, 12 Sep 2024 04:43:13 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 118
Connection: close
Vary: HTTPS
P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
X-Powered-CMS: Bitrix Site Manager (2c51a591c701bbc34766a032a352b0e9)
Set-Cookie: PHPSESSID=Aw6WRMVu2270fk32LpI3MeWQFv0dc6XY; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self';
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

Page title: 403 Forbidden

<html>
	<head>
		<title>403 Forbidden</title>
	</head>
	<body>
		<h1>Forbidden</h1>
		Access denied.
	</body>
</html>

Found 2024-09-12 by HttpPlugin

Create report

Open service 37.143.12.173:80

2024-09-11 03:34

HTTP/1.1 403 Forbidden
Server: nginx
Date: Wed, 11 Sep 2024 03:34:58 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 118
Connection: close
P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
X-Powered-CMS: Bitrix Site Manager (2c51a591c701bbc34766a032a352b0e9)
Set-Cookie: PHPSESSID=yK12uJUk89MEbPE4B2YEeSpBccsKligz; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self';
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

Page title: 403 Forbidden

<html>
	<head>
		<title>403 Forbidden</title>
	</head>
	<body>
		<h1>Forbidden</h1>
		Access denied.
	</body>
</html>

Found 2024-09-11 by HttpPlugin

Create report

krylovskiy-kcson.ru

Fingerprint:

d7c397626c457cb83670b3d14d7e6e3d0a5ddab31b4f1ea5fe706ac901194262

CN:

krylovskiy-kcson.ru

Key:

RSA-4096

Issuer:

R10

Not before:

2024-08-02 22:01

Not after:

2024-10-31 22:01

Data leak

Size

8.2 MB

Collections

Rows

140453

Domain summary

No record