nginx 1.26.1
tcp/8080
nginx 1.27.0
tcp/443 tcp/80
MySQL is currently open without authentication.
Additionally a ransom note has been found in the dataset which indicates it has been compromised
This results in all the database data made available publicly.
Severity: critical
Fingerprint: cf350410ecceb5fd8227e14675fa5afa85a6d3791e36fa087c00206fd701ed6b
Databases: 39, row count: 139678, size: 7.9 MB Found table README_TO_RECOVER_A.RECOVER_YOUR_DATA with 2 records Found table mysql.columns_priv with 0 records Found table mysql.component with 0 records Found table mysql.db with 3 records Found table mysql.default_roles with 0 records Found table mysql.engine_cost with 2 records Found table mysql.func with 0 records Found table mysql.general_log with 2 records Found table mysql.global_grants with 89 records Found table mysql.gtid_executed with 0 records Found table mysql.help_category with 53 records Found table mysql.help_keyword with 1219 records Found table mysql.help_relation with 1837 records Found table mysql.help_topic with 728 records Found table mysql.innodb_index_stats with 9 records Found table mysql.innodb_table_stats with 3 records Found table mysql.ndb_binlog_index with 0 records Found table mysql.password_history with 0 records Found table mysql.plugin with 0 records Found table mysql.procs_priv with 0 records Found table mysql.proxies_priv with 1 records Found table mysql.replication_asynchronous_connection_failover with 0 records Found table mysql.replication_asynchronous_connection_failover_managed with 0 records Found table mysql.replication_group_configuration_version with 1 records Found table mysql.replication_group_member_actions with 2 records Found table mysql.role_edges with 0 records Found table mysql.server_cost with 6 records Found table mysql.servers with 0 records Found table mysql.slave_master_info with 0 records Found table mysql.slave_relay_log_info with 0 records Found table mysql.slave_worker_info with 0 records Found table mysql.slow_log with 2 records Found table mysql.tables_priv with 2 records Found table mysql.time_zone with 2074 records Found table mysql.time_zone_leap_second with 0 records Found table mysql.time_zone_name with 1605 records Found table mysql.time_zone_transition with 122161 records Found table mysql.time_zone_transition_type with 9871 records Found table mysql.user with 6 records
Open service 46.105.48.77:8080
2024-09-12 04:13
HTTP/1.1 200 OK Server: nginx/1.26.1 Date: Thu, 12 Sep 2024 04:13:18 GMT Content-Type: text/html Content-Length: 1482 Last-Modified: Sun, 21 Jul 2024 19:15:36 GMT Connection: close ETag: "669d5e58-5ca" Accept-Ranges: bytes Page title: Back-office App for Arcadia Solutions <!DOCTYPE html> <html lang="fr"> <head> <meta charset="utf-8" /> <link rel="icon" href="/favicon.ico" /> <meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="theme-color" content="#000000" /> <meta name="description" content="Arcadia Solutions template back office" /> <link rel="apple-touch-icon" href="/logo192.png" /> <!-- manifest.json provides metadata used when your web app is installed on a user's mobile device or desktop. See https://developers.google.com/web/fundamentals/web-app-manifest/ --> <link rel="manifest" href="/manifest.json" /> <title>Back-office App for Arcadia Solutions</title> <script type="module" crossorigin src="/index.js"></script> <link rel="stylesheet" crossorigin href="/index.css"> </head> <body> <noscript>You need to enable JavaScript to run this app.</noscript> <div id="root"></div> <!-- This HTML file is a template. If you open it directly in the browser, you will see an empty page. You can add webfonts, meta tags, or analytics to this file. The build step will place the bundled scripts into the <body> tag. To begin the development, run `npm start` or `yarn start`. To create a production bundle, use `npm run build` or `yarn build`. --> <script> window.global = window; window.process = { env: { DEBUG: undefined }, }; var exports = {}; </script> </body> </html>
Open service 46.105.48.77:80
2024-09-11 12:42
HTTP/1.1 301 Moved Permanently Server: nginx/1.27.0 Date: Wed, 11 Sep 2024 12:42:38 GMT Content-Type: text/html Content-Length: 169 Connection: close Location: https://\abby.arcadia-solution.com\/ Page title: 301 Moved Permanently <html> <head><title>301 Moved Permanently</title></head> <body> <center><h1>301 Moved Permanently</h1></center> <hr><center>nginx/1.27.0</center> </body> </html>
Open service 46.105.48.77:8000
2024-09-11 09:32
HTTP/1.1 404 Not Found Date: Wed, 11 Sep 2024 09:32:15 GMT Content-Length: 9 Content-Type: text/plain; charset=utf-8 Connection: close Not found
Open service 46.105.48.77:3306
2024-09-11 02:51
MySQL detected
Open service 46.105.48.77:22
2024-09-11 02:12
Open service 46.105.48.77:443
2024-09-10 20:40
HTTP/1.1 502 Bad Gateway Server: nginx/1.27.0 Date: Tue, 10 Sep 2024 20:40:42 GMT Content-Type: text/html Content-Length: 559 Connection: close Page title: 502 Bad Gateway <html> <head><title>502 Bad Gateway</title></head> <body> <center><h1>502 Bad Gateway</h1></center> <hr><center>nginx/1.27.0</center> </body> </html> <!-- a padding to disable MSIE and Chrome friendly error page --> <!-- a padding to disable MSIE and Chrome friendly error page --> <!-- a padding to disable MSIE and Chrome friendly error page --> <!-- a padding to disable MSIE and Chrome friendly error page --> <!-- a padding to disable MSIE and Chrome friendly error page --> <!-- a padding to disable MSIE and Chrome friendly error page -->
Open service 46.105.48.77:9443
2024-09-09 19:07
HTTP/1.1 200 OK Accept-Ranges: bytes Cache-Control: max-age=31536000 Content-Length: 19130 Content-Type: text/html; charset=utf-8 Last-Modified: Sun, 21 Apr 2024 23:50:59 GMT Vary: Accept-Encoding X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block Date: Mon, 09 Sep 2024 19:07:46 GMT Connection: close Page title: Portainer <!doctype html><html lang="en" ng-app="portainer" ng-strict-di data-edition="CE"><head><meta charset="utf-8"/><title>Portainer</title><meta name="description" content=""/><meta name="author" content="Portainer.io"/><meta http-equiv="cache-control" content="no-cache"/><meta http-equiv="expires" content="0"/><meta http-equiv="pragma" content="no-cache"/><base id="base"/><script>if (window.origin == 'file://') { // we are loading the app from a local file as in docker extension document.getElementById('base').href = 'http://localhost:49000/'; window.ddExtension = true; } else { var path = window.location.pathname.replace(/^\/+|\/+$/g, ''); var basePath = path ? '/' + path + '/' : '/'; document.getElementById('base').href = basePath; }</script><!--[if lt IE 9]> <script src="//html5shim.googlecode.com/svn/trunk/html5.js"></script> <![endif]--><link rel="apple-touch-icon" sizes="180x180" href="63a301f0574f1a696ce6.png"/><link rel="icon" type="image/png" sizes="32x32" href="2dcfc527d067d4ae3424.png"/><link rel="icon" type="image/png" sizes="16x16" href="112a479c093f4729251d.png"/><link rel="mask-icon" href="data:image/svg+xml;base64,PHN2ZyB2ZXJzaW9uPSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSI0MjAiIGhlaWdodD0iNDIwIiB2aWV3Qm94PSIwIDAgMzE1LjAwMDAwMCAzMTUuMDAwMDAwIj48cGF0aCBkPSJNMTYzIDEzLjN2Ni40bC0zOC4zIDIyLjEtMzguMiAyMi4xaC0zNGMtMi44LjEtMyAuMy0zLjIgNC41LS4yIDMuNC4xIDQuNSAxLjUgNC44LjkuMiAxNiAuMyAzMy41LjIgMTcuNCAwIDMxLjcuMiAzMS44LjUuMS4zLjIgMTAuMy40IDIyLjEuMSAxMS44LjMgMjEuOC40IDIyLjIgMCAuNSA1LjUuOCAxMiAuOGgxMS45bC0uMS0yMi44LS4xLTIyLjcgMTEuMi0uMUgxNjNWMjA0bDMuNS4xYzEuOS4xIDQuMS4yIDQuNy4zIDEgLjEgMS4zLTEzLjcgMS4zLTY1LjNWNzMuN2wzLjMtLjMgMy4yLS4yLjEgNjYuNnY2Ni43bDQuOCAzLjEgNC43IDMuMnYtNjljLS4xLTM4IC4xLTY5LjMuNC02OS43LjMtLjQgMTcuMi0uNyAzNy41LS43aDM3bC4zLTQuNi4zLTQuNi04LjMtLjMtOC4zLS40LTM3LTIxLjRjLTIwLjMtMTEuOC0zNy4yLTIxLjYtMzcuNS0yMS44LS4zLS4zLS41LTIuOC0uNi01LjYtLjEtMi45LS4yLTUuOC0uMy02LjUtLjEtLjctMS43LTEuMi00LjYtMS4ySDE2M3Y2LjN6bTAgMzQuMXYxNi41aC0yOC4yYy0yOCAwLTI4LjMgMC0yNS44LTEuOSAxLjQtMSA0LjMtMi44IDYuNS00IDIuMi0xLjEgMTMuNS03LjYgMjUtMTQuNCAxMS42LTYuOSAyMS4zLTEyLjUgMjEuOC0xMi41LjQtLjEuNyA3LjMuNyAxNi4zem0yOC42LTUuNGM3LjUgNC40IDEzLjcgOCAxMy45IDggLjEgMCA0LjUgMi41IDkuNiA1LjcgNS4yIDMuMSAxMC41IDYuMiAxMS45IDYuOSAyLjEgMS4xLTIgMS4zLTI2IDEuMWwtMjguNS0uMlY0Ny4zbC0uMS0xNi4xIDIuOCAxLjRjMS41LjggOC45IDUgMTYuNCA5LjR6bS01NS40IDQwLjVjMCA0LjktLjEgOS43LS4xIDEwLjUtLjEgMS4zLTEuNSAxLjYtNy4zIDEuNWwtNy4zLS4xLS41LTEwLjUtLjUtMTAuNiA3LjguMSA3LjkuMXY5em0tMTIuMyAyMy45Yy4xIDYuNi0uMiA4LjUtMS40IDktLjguMy0xLjUuMi0xLjYtLjItLjQtMy40LS41LTE1LS4xLTE2IC4yLS42IDEtMS4yIDEuNy0xLjIuOSAwIDEuMyAyLjMgMS40IDguNHptNi43LjRjMCA0LjUtLjMgOC4yLS44IDguMi0uNCAwLTEuMS4xLTEuNS4yLS41LjItLjgtMy43LS45LTguNSAwLTcuNS4yLTguNyAxLjUtOC41IDEuMy4zIDEuNiAxLjkgMS43IDguNnptNi45IDBjLjEgNy4yLS4xIDguMi0xLjYgOC4yLTEuNiAwLTEuOC0xLTEuNy04LjUuMS03LjMuMy04LjUgMS43LTguMyAxLjMuMyAxLjYgMS44IDEuNiA4LjZ6Ii8+PHBhdGggZD0iTTYxLjkgMTA4YzAgLjMtLjEgNS43LS4yIDEybC0uMSAxMS41IDEyLjIuMyAxMi4yLjN2LTI0LjZINzRjLTYuNiAwLTEyIC4yLTEyLjEuNXptNy4xIDExLjRjMCA4LTEgMTEuMS0yLjYgOC41LS41LS45LS44LTguNi0uNS0xNS4yLjEtLjkuOC0xLjcgMS42LTEuNyAxLjIgMCAxLjUgMS42IDEuNSA4LjR6bTctLjFjMCA4LjYtLjMgOS45LTIuMyA5LjEtLjgtLjMtMS4xLTMtMS03LjcuMi0xMCAuMS05LjcgMS44LTkuNyAxLjIgMCAxLjUgMS42IDEuNSA4LjN6bTYuOC0uM2MuMyA4LjQtLjIgMTAuNy0yLjEgOS4yLS45LS43LTEuMi0zLjYtMS4xLTguOS4yLTkuMi4xLTguNiAxLjctOC4xLjguMyAxLjMgMyAxLjUgNy44ek04OS40IDEwNy45Yy0uMi4yLS40IDUuOC0uNCAxMi4zVjEzMmgyNC41bC0uMS0xMS4zYy0uMS02LjEtLjItMTEuNy0uMy0xMi4yLS4xLTEtMjIuNy0xLjUtMjMuNy0uNnptNy4yIDExLjJjLjEgOC42LS4zIDEwLTIuMiA5LjItMS0uNC0xLjQtMi41LTEuNC04LjIgMC00LjMuMy04LjEuNy04LjUgMS44LTEuOCAyLjguNyAyLjkgNy41em02LjUtNy40Yy40IDMuOS4zIDE1LjctLjIgMTYuNS0xLjcgMi43LTIuOS0uOS0yLjktOC44IDAtNi44LjMtOC40IDEuNS04LjQuOCAwIDEuNS4zIDEuNi43em03IC41Yy41IDUuNS4zIDEzLjYtLjQgMTUuMS0xLjYgMy42LTIuNy40LTIuNy03LjkgMC02LjguMy04LjQgMS41LTguNC44IDAgMS41LjYgMS42IDEuMnpNOTQuMyAxMzQuOGwtNS4zLjN2MTJjMCA4LjguMyAxMS45IDEuMyAxMiAxLjcuMSAxNS41LjEgMTkuNyAwbDMuNS0uMS0uMS0xMC44Yy0uMS01LjktLjItMTEuNC0uMy0xMi4yLS4xLTEuNS02LjItMS45LTE4LjgtMS4yem0yLjIgMTIuM
Open service 46.105.48.77:3306
2024-08-07 20:22
MySQL detected