LeakIX - Host 45.144.28.20

Host 45.144.28.20

The Netherlands

Stark Industries Solutions Ltd

Win64 x86_64

Software information

nginx nginx

tcp/443 tcp/80 tcp/8083

MySQL is publicly available

MySQL is currently open without authentication.

Additionally a ransom note has been found in the dataset which indicates it has been compromised

This results in all the database data made available publicly.

IP: 45.144.28.20
Port: 3306

First seen 2023-07-19 09:09
Last seen 2023-09-22 21:16
Open for 65 days

Severity: critical
Fingerprint: cf350410ecceb5fd7425767b2b9a710b99441906e1a9b24b0f69d6211a7c494c

Databases: 29, row count: 47604, size: 1.8 MB
Found table README_TO_RECOVER_A.RECOVER_YOUR_DATA with 2 records
Found table mysql.columns_priv with 0 records
Found table mysql.db with 1 records
Found table mysql.event with 0 records
Found table mysql.func with 0 records
Found table mysql.general_log with 2 records
Found table mysql.help_category with 47 records
Found table mysql.help_keyword with 825 records
Found table mysql.help_relation with 1660 records
Found table mysql.help_topic with 603 records
Found table mysql.innodb_index_stats with 3 records
Found table mysql.innodb_table_stats with 1 records
Found table mysql.ndb_binlog_index with 0 records
Found table mysql.plugin with 0 records
Found table mysql.proc with 0 records
Found table mysql.procs_priv with 0 records
Found table mysql.proxies_priv with 1 records
Found table mysql.servers with 0 records
Found table mysql.slave_master_info with 0 records
Found table mysql.slave_relay_log_info with 0 records
Found table mysql.slave_worker_info with 0 records
Found table mysql.slow_log with 2 records
Found table mysql.tables_priv with 0 records
Found table mysql.time_zone with 595 records
Found table mysql.time_zone_leap_second with 0 records
Found table mysql.time_zone_name with 595 records
Found table mysql.time_zone_transition with 40014 records
Found table mysql.time_zone_transition_type with 3250 records
Found table mysql.user with 3 records

Found on 2023-09-10 10:29

1.8 MBytes 47604 rows

Severity: high
Fingerprint: cf350410ecceb5fd93bf97b8fbfc1a17d34f3f549609340ac3a6e1463a6e07fb

Databases: 28, row count: 47602, size: 1.8 MB
Found table mysql.columns_priv with 0 records
Found table mysql.db with 1 records
Found table mysql.event with 0 records
Found table mysql.func with 0 records
Found table mysql.general_log with 2 records
Found table mysql.help_category with 47 records
Found table mysql.help_keyword with 825 records
Found table mysql.help_relation with 1660 records
Found table mysql.help_topic with 603 records
Found table mysql.innodb_index_stats with 3 records
Found table mysql.innodb_table_stats with 1 records
Found table mysql.ndb_binlog_index with 0 records
Found table mysql.plugin with 0 records
Found table mysql.proc with 0 records
Found table mysql.procs_priv with 0 records
Found table mysql.proxies_priv with 1 records
Found table mysql.servers with 0 records
Found table mysql.slave_master_info with 0 records
Found table mysql.slave_relay_log_info with 0 records
Found table mysql.slave_worker_info with 0 records
Found table mysql.slow_log with 2 records
Found table mysql.tables_priv with 0 records
Found table mysql.time_zone with 595 records
Found table mysql.time_zone_leap_second with 0 records
Found table mysql.time_zone_name with 595 records
Found table mysql.time_zone_transition with 40014 records
Found table mysql.time_zone_transition_type with 3250 records
Found table mysql.user with 3 records

Found on 2023-09-07 00:43

1.8 MBytes 47602 rows

Severity: high
Fingerprint: cf350410ecceb5fd93bf97b8ef0183aa993b161ffc84e4cd9210d583240f4ce8

Databases: 28, row count: 47602, size: 1.8 MB
No or default MySQL authentication found.Found table mysql.columns_priv with 0 records
Found table mysql.db with 1 records
Found table mysql.event with 0 records
Found table mysql.func with 0 records
Found table mysql.general_log with 2 records
Found table mysql.help_category with 47 records
Found table mysql.help_keyword with 825 records
Found table mysql.help_relation with 1660 records
Found table mysql.help_topic with 603 records
Found table mysql.innodb_index_stats with 3 records
Found table mysql.innodb_table_stats with 1 records
Found table mysql.ndb_binlog_index with 0 records
Found table mysql.plugin with 0 records
Found table mysql.proc with 0 records
Found table mysql.procs_priv with 0 records
Found table mysql.proxies_priv with 1 records
Found table mysql.servers with 0 records
Found table mysql.slave_master_info with 0 records
Found table mysql.slave_relay_log_info with 0 records
Found table mysql.slave_worker_info with 0 records
Found table mysql.slow_log with 2 records
Found table mysql.tables_priv with 0 records
Found table mysql.time_zone with 595 records
Found table mysql.time_zone_leap_second with 0 records
Found table mysql.time_zone_name with 595 records
Found table mysql.time_zone_transition with 40014 records
Found table mysql.time_zone_transition_type with 3250 records
Found table mysql.user with 3 records

Found on 2023-07-27 18:57

1.8 MBytes 47602 rows

Severity: critical
Fingerprint: cf350410ecceb5fd7425767b5007340a4bca03093632f94ebf016044e8c6d2c5

Databases: 29, row count: 47604, size: 1.8 MB
No or default MySQL authentication found.Found table README_TO_RECOVER_A.RECOVER_YOUR_DATA with 2 records
Found table mysql.columns_priv with 0 records
Found table mysql.db with 1 records
Found table mysql.event with 0 records
Found table mysql.func with 0 records
Found table mysql.general_log with 2 records
Found table mysql.help_category with 47 records
Found table mysql.help_keyword with 825 records
Found table mysql.help_relation with 1660 records
Found table mysql.help_topic with 603 records
Found table mysql.innodb_index_stats with 3 records
Found table mysql.innodb_table_stats with 1 records
Found table mysql.ndb_binlog_index with 0 records
Found table mysql.plugin with 0 records
Found table mysql.proc with 0 records
Found table mysql.procs_priv with 0 records
Found table mysql.proxies_priv with 1 records
Found table mysql.servers with 0 records
Found table mysql.slave_master_info with 0 records
Found table mysql.slave_relay_log_info with 0 records
Found table mysql.slave_worker_info with 0 records
Found table mysql.slow_log with 2 records
Found table mysql.tables_priv with 0 records
Found table mysql.time_zone with 595 records
Found table mysql.time_zone_leap_second with 0 records
Found table mysql.time_zone_name with 595 records
Found table mysql.time_zone_transition with 40014 records
Found table mysql.time_zone_transition_type with 3250 records
Found table mysql.user with 3 records

Found on 2023-07-19 09:09

1.8 MBytes 47604 rows

Create report

Open service 45.144.28.20:22

2024-09-15 23:52
Found 2024-09-15 by SSHOpenPlugin
Create report
Open service 45.144.28.20:22

2024-09-13 23:40
Found 2024-09-13 by SSHOpenPlugin
Create report
Open service 45.144.28.20:22

2024-09-12 06:03
Found 2024-09-12 by SSHOpenPlugin
Create report

Open service 45.144.28.20:80

2024-09-11 06:14

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Sep 2024 06:14:45 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 2588
Connection: close
Vary: Accept-Encoding
Last-Modified: Tue, 20 Aug 2024 15:09:58 GMT
ETag: "a1c-6201ed1a4e02e"
Accept-Ranges: bytes
Vary: Accept-Encoding

Page title: Success!

<!DOCTYPE html>
<html lang="en">
	<head>
		<meta charset="utf-8" />
		<meta name="viewport" content="width=device-width, initial-scale=1" />
		<title>Success!</title>
		<style>
			body {
				background-color: #f5f5f5;
				margin-top: 8%;
				color: #5d5d5d;
				font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Helvetica Neue", Arial,
					"Noto Sans", sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol",
					"Noto Color Emoji";
				text-shadow: 0px 1px 1px rgba(255, 255, 255, 0.75);
				text-align: center;
			}

			h1 {
				font-size: 2.45em;
				font-weight: 700;
				color: #5d5d5d;
				letter-spacing: -0.02em;
				margin-bottom: 30px;
				margin-top: 30px;
			}

			.container {
				width: 100%;
				margin-right: auto;
				margin-left: auto;
			}

			.animate__animated {
				animation-duration: 1s;
				animation-fill-mode: both;
			}

			.animate__fadeIn {
				animation-name: fadeIn;
			}

			.info {
				color: #5594cf;
				fill: #5594cf;
			}

			.error {
				color: #c92127;
				fill: #c92127;
			}

			.warning {
				color: #ffcc33;
				fill: #ffcc33;
			}

			.success {
				color: #5aba47;
				fill: #5aba47;
			}

			.icon-large {
				height: 132px;
				width: 132px;
			}

			.description-text {
				color: #707070;
				letter-spacing: -0.01em;
				font-size: 1.25em;
				line-height: 20px;
			}

			.footer {
				margin-top: 40px;
				font-size: 0.7em;
			}

			.animate__delay-1s {
				animation-delay: 1s;
			}

			@keyframes fadeIn {
				from {
					opacity: 0;
				}
				to {
					opacity: 1;
				}
			}
		</style>
	</head>
	<body>
		<div class="container">
			<div class="row">
				<div class="col">
					<div class="animate__animated animate__fadeIn">
						<i class="success">
							<svg
								class="success icon-large fa-check-circle"
								xmlns="http://www.w3.org/2000/svg"
								viewBox="0 0 512 512"
							>
								<path
									d="M504 256c0 136.967-111.033 248-248 248S8 392.967 8 256 119.033 8 256 8s248 111.033 248 248zM227.314 387.314l184-184c6.248-6.248 6.248-16.379 0-22.627l-22.627-22.627c-6.248-6.249-16.379-6.249-22.628 0L216 308.118l-70.059-70.059c-6.248-6.248-16.379-6.248-22.628 0l-22.627 22.627c-6.248 6.248-6.248 16.379 0 22.627l104 104c6.249 6.249 16.379 6.249 22.628.001z"
								></path>
							</svg>
						</i>
					</div>
					<h1 class="animate__animated animate__fadeIn">Success!</h1>
					<div class="description-text animate__animated animate__fadeIn animate__delay-1s">
						<p>Your new web server is ready to use.</p>
					</div>
				</div>
			</div>
		</div>
	</body>
</html>

Found 2024-09-11 by HttpPlugin

Create report

Open service 45.144.28.20:8083

2024-09-10 18:03

HTTP/1.1 302 Found
Server: nginx
Date: Tue, 10 Sep 2024 18:03:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Set-Cookie: PHPSESSID=lp7ojq9gh27fqfn8qho0dog8qp; path=/; secure; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: /login/
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Found 2024-09-10 by HttpPlugin

Create report

Open service 45.144.28.20:443

2024-09-10 14:48

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 10 Sep 2024 14:48:25 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: http://45.144.28.20/

Page title: 301 Moved Permanently

<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx</center>
</body>
</html>

Found 2024-09-10 by HttpPlugin

Create report

Open service 45.144.28.20:21

2024-09-09 23:32

220 Welcome! Please note that all activity is logged.
500 HTTP protocol commands not allowed.

Found 2024-09-09 by FtpPlugin

Create report

Fingerprint:

5a850bfd9916c1996ca86348c41e6d4a210c7da4692a523136cde3d3e3107050

CN:

hostname.domain.tld

Key:

RSA-4096

Issuer:

hostname.domain.tld

Not before:

2024-08-20 15:10

Not after:

2025-08-20 15:10

Data leak

Size

1.8 MB

Collections

Rows

47604

Domain summary

No record