nginx
tcp/80
MySQL is currently open without authentication.
Additionally a ransom note has been found in the dataset which indicates it has been compromised
This results in all the database data made available publicly.
Severity: critical
Fingerprint: cf350410ecceb5fddfe766c3551d87c99d6e6c9eda97c03d7d09faa37f99ea17
Databases: 104, row count: 50543, size: 8.5 MB Found table RECOVER_YOUR_DATA.RECOVER_YOUR_DATA with 2 records Found table journa.achievements with 0 records Found table journa.affiliate_auth_campaign_users with 0 records Found table journa.affiliate_auth_users with 0 records Found table journa.affiliate_campaigns with 0 records Found table journa.affiliate_counts with 0 records Found table journa.affiliate_links with 0 records Found table journa.affiliate_logs with 0 records Found table journa.affiliate_prices with 0 records Found table journa.blocked_words with 0 records Found table journa.class_log_read_receipts with 0 records Found table journa.comment_comments with 0 records Found table journa.communities with 0 records Found table journa.community_post_edits with 0 records Found table journa.community_posts with 0 records Found table journa.community_users with 0 records Found table journa.exported_particulars with 0 records Found table journa.external_accounts with 0 records Found table journa.feedbacks with 3 records Found table journa.friends with 0 records Found table journa.i_learn_auth_users with 0 records Found table journa.i_learn_topic_posts with 0 records Found table journa.i_learn_topics with 0 records Found table journa.ilearn_post_favorites_collections with 0 records Found table journa.locations with 0 records Found table journa.migrations with 138 records Found table journa.model_has_permissions with 0 records Found table journa.model_has_roles with 0 records Found table journa.notices_read_receipts with 0 records Found table journa.notification_devices with 0 records Found table journa.notifications with 0 records Found table journa.oauth_access_tokens with 52 records Found table journa.oauth_auth_codes with 0 records Found table journa.oauth_clients with 2 records Found table journa.oauth_personal_access_clients with 0 records Found table journa.oauth_refresh_tokens with 0 records Found table journa.otp_tokens with 0 records Found table journa.password_resets with 0 records Found table journa.permissions with 0 records Found table journa.personal_access_tokens with 0 records Found table journa.post_archives with 26 records Found table journa.post_comments with 1527 records Found table journa.post_edits with 325 records Found table journa.post_favorites with 192 records Found table journa.post_followers with 40 records Found table journa.post_likes with 543 records Found table journa.post_reports with 18 records Found table journa.post_shares with 91 records Found table journa.post_stats with 3016 records Found table journa.post_tags with 3060 records Found table journa.post_views with 31681 records Found table journa.posts with 5473 records Found table journa.role_has_permissions with 0 records Found table journa.roles with 5 records Found table journa.standard_templates with 0 records Found table journa.table_class_log_read_receipts with 0 records Found table journa.toddlearner_contents with 6 records Found table journa.toddlearner_files with 13 records Found table journa.toddlearner_invoices with 0 records Found table journa.toddlearner_order_goods with 5 records Found table journa.toddlearner_orders with 4 records Found table journa.toddlearner_user_subscriptions with 0 records Found table journa.topic_posts with 0 records Found table journa.topics with 0 records Found table journa.user_details with 0 records Found table journa.user_notifications with 0 records Found table journa.user_points with 0 records Found table journa.user_profiles with 0 records Found table journa.user_settings with 0 records Found table journa.users with 0 records Found table multimedia.detected_faces with 0 records Found table multimedia.migrations with 4 records Found table multimedia.multimedia with 63 records Found table mysql.columns_priv with 0 records Found table mysql.db with 8 records Found table mysql.engine_cost with 2 records Found table mysql.event with 0 records Found table mysql.func with 0 records Found table mysql.general_log with 2 records Found table mysql.gtid_executed with 0 records Found table mysql.help_category with 50 records Found table mysql.help_keyword with 1003 records Found table mysql.help_relation with 2049 records Found table mysql.help_topic with 589 records Found table mysql.innodb_index_stats with 408 records Found table mysql.innodb_table_stats with 75 records Found table mysql.ndb_binlog_index with 0 records Found table mysql.plugin with 0 records Found table mysql.proc with 48 records Found table mysql.procs_priv with 0 records Found table mysql.proxies_priv with 1 records Found table mysql.server_cost with 6 records Found table mysql.servers with 0 records Found table mysql.slave_master_info with 0 records Found table mysql.slave_relay_log_info with 0 records Found table mysql.slave_worker_info with 0 records Found table mysql.slow_log with 2 records Found table mysql.tables_priv with 2 records Found table mysql.time_zone with 0 records Found table mysql.time_zone_leap_second with 0 records Found table mysql.time_zone_name with 0 records Found table mysql.time_zone_transition with 0 records Found table mysql.time_zone_transition_type with 0 records Found table mysql.user with 9 records
Severity: high
Fingerprint: cf350410ecceb5fdefe1a48ede737fad3cf660a5f2c8d81be06e8591024f78d0
Databases: 31, row count: 3658, size: 2.4 MB Found table mysql.columns_priv with 0 records Found table mysql.db with 2 records Found table mysql.engine_cost with 2 records Found table mysql.event with 0 records Found table mysql.func with 0 records Found table mysql.general_log with 2 records Found table mysql.gtid_executed with 0 records Found table mysql.help_category with 50 records Found table mysql.help_keyword with 921 records Found table mysql.help_relation with 1916 records Found table mysql.help_topic with 694 records Found table mysql.innodb_index_stats with 7 records Found table mysql.innodb_table_stats with 2 records Found table mysql.ndb_binlog_index with 0 records Found table mysql.plugin with 0 records Found table mysql.proc with 48 records Found table mysql.procs_priv with 0 records Found table mysql.proxies_priv with 1 records Found table mysql.server_cost with 6 records Found table mysql.servers with 0 records Found table mysql.slave_master_info with 0 records Found table mysql.slave_relay_log_info with 0 records Found table mysql.slave_worker_info with 0 records Found table mysql.slow_log with 2 records Found table mysql.tables_priv with 2 records Found table mysql.time_zone with 0 records Found table mysql.time_zone_leap_second with 0 records Found table mysql.time_zone_name with 0 records Found table mysql.time_zone_transition with 0 records Found table mysql.time_zone_transition_type with 0 records Found table mysql.user with 3 records
Open service 47.236.25.69:3306
2024-04-30 19:00
MySQL detected
Open service 47.236.25.69:3306
2024-04-28 17:45
MySQL detected
Open service 47.236.25.69:22
2024-04-26 00:43
Open service 47.236.25.69:80
2024-04-26 00:03
HTTP/1.1 200 OK Server: nginx Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: * Cache-Control: no-cache, private Date: Fri, 26 Apr 2024 00:03:40 GMT Set-Cookie: XSRF-TOKEN=eyJpdiI6Im84VzFsUk1UT0pwdHRxSEM2Y2FQMEE9PSIsInZhbHVlIjoiWnF3bmJENHlnTGc4TnVjUXAwK0JOR05FM25DRlpSL3RqQVFXM0swdXZpRHVPdXNsR0l6UWF3akd0ZlYxNEpjUDVBSW1nSXV1T2JNU1VVdDZDNVFxbWhMYUM0SmcrZldlcGpxODVmdGpsbTUyN01YK3c0OUMvSzV0OVlDTGdIUEUiLCJtYWMiOiI4NjNjODk1YWFlMmQyMzQ5ZTgzMWNkYTk0NTA0OTIxZWUzZjg2YTkwM2YwYjg3YjRlNTM2YmUzZjQ4MjE1MGRlIiwidGFnIjoiIn0%3D; expires=Fri, 26 Apr 2024 02:03:40 GMT; Max-Age=7200; path=/ Set-Cookie: laravel_session=eyJpdiI6IlFHeGZtNjhFWnFFQVlLakVaaXF2WXc9PSIsInZhbHVlIjoiWEFMM3dqbHVNNFVyak5YM0dCaFdQeFhWSFhscHF0Z0JsSWNzVlVzTHhLZXRKVE40K0dvSTY1L1FMekNnT2ZjSkEvK2pINXhRa29wY1VPMUN3UDNvdEdCTEdXa2FJVHJPcmxHNTFrdXE1RmZTQjM5Y2JxMFh2cXRjVEZ0WEpHTzkiLCJtYWMiOiJjMzg5NjgzODdhZTIyZGVmNzNlNDE5MDQzZjQ0Y2U3ZDIwODRmY2FkNGY3YTAyYjVjNTE1OWY1NTE2NjUwODk4IiwidGFnIjoiIn0%3D; expires=Fri, 26 Apr 2024 02:03:40 GMT; Max-Age=7200; path=/; httponly Page title: Ruiche <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <title>Ruiche</title> <!-- Fonts --> <link href="https://fonts.googleapis.com/css?family=Nunito:200,600" rel="stylesheet"> <link href="https://fonts.googleapis.com/css?family=Inter:400,500,700" rel="stylesheet"> <link href="https://fonts.googleapis.com/css2?family=Poppins&display=swap:400,500" rel="stylesheet"> <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-1BmE4kWBq78iYhFldvKuhfTAU6auU8tT94WrHftjDbrCEXSU1oBoqyl2QvZ6jIW3" crossorigin="anonymous"> <link href="../assets/css/landing-main.css" rel="stylesheet"> <link href="../assets/css/app.css" rel="stylesheet"> <link rel="stylesheet" href="../assets/font-awesome-4.7.0/css/font-awesome.min.css"> <body> <div id="react-app"></div> <script type="text/javascript" src="/js/app.js"></script> <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js" integrity="sha384-ka7Sk0Gln4gmtz2MlQnikT1wXgYsOg+OMhuP+IlRH9sENBO0LRn5q+8nbTov4+1p" crossorigin="anonymous"></script> </body> </html>
Open service 47.236.25.69:22
2024-04-23 13:18
Open service 47.236.25.69:80
2024-04-23 10:20
HTTP/1.1 200 OK Server: nginx Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: * Cache-Control: no-cache, private Date: Tue, 23 Apr 2024 10:20:31 GMT Set-Cookie: XSRF-TOKEN=eyJpdiI6ImlNdmlxQXJxY3lscTdQZzNSUTlicUE9PSIsInZhbHVlIjoiQkw2bWRMS2lLR1RIYkhVbVp3akZhYUYxeGNoWHhHdGdSbnlGU0lPdmRlRzRYYkZIZDhZY0ZCREhKcWozKzJtcjN4VzhyakpUZXVhUFI0Z3Q2NCtwOXdWd000MmdtVEJLdHhBaEdEeWFiN3ljTXoyakIzRHQ3R2xlMHp0S0thWFIiLCJtYWMiOiI0YmUyYjRkYjJhNTQ5YWMzNDlhZGI2ZWIzMzBhYzg4ZDBiODBjNmUyYjRiYmUyZTJiZWUzYjYwYWM2MGRiMjQ4IiwidGFnIjoiIn0%3D; expires=Tue, 23 Apr 2024 12:20:31 GMT; Max-Age=7200; path=/ Set-Cookie: laravel_session=eyJpdiI6InZFaGlTTDR6cFYwVDkvbUJmSHhYNkE9PSIsInZhbHVlIjoid2t6U0pmYkhRZ2Y5dk1paExFRUR1STJyc3hNYjZWc29uUGtaWmxVbmxKUjhTaHpjbUJPTU1WL0NXa1lnc2J1dUdZN2t2ZzBMaThXUWlUQ3I2WUNVbnltMGlybE9HaXBCZFhadlpwWC9QWGZRNm9hUGxkMkVSQ0hSbjJiYWtJcWYiLCJtYWMiOiI0NGNhMThhNmZhZGM2NjA1MzQxNTVmYWFjMDkwMmViY2I1NWNiOGI4M2JjYThmZDc0YTc4NTcwZDUxNjk4YmIzIiwidGFnIjoiIn0%3D; expires=Tue, 23 Apr 2024 12:20:31 GMT; Max-Age=7200; path=/; httponly Page title: Ruiche <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <title>Ruiche</title> <!-- Fonts --> <link href="https://fonts.googleapis.com/css?family=Nunito:200,600" rel="stylesheet"> <link href="https://fonts.googleapis.com/css?family=Inter:400,500,700" rel="stylesheet"> <link href="https://fonts.googleapis.com/css2?family=Poppins&display=swap:400,500" rel="stylesheet"> <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-1BmE4kWBq78iYhFldvKuhfTAU6auU8tT94WrHftjDbrCEXSU1oBoqyl2QvZ6jIW3" crossorigin="anonymous"> <link href="../assets/css/landing-main.css" rel="stylesheet"> <link href="../assets/css/app.css" rel="stylesheet"> <link rel="stylesheet" href="../assets/font-awesome-4.7.0/css/font-awesome.min.css"> <body> <div id="react-app"></div> <script type="text/javascript" src="/js/app.js"></script> <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js" integrity="sha384-ka7Sk0Gln4gmtz2MlQnikT1wXgYsOg+OMhuP+IlRH9sENBO0LRn5q+8nbTov4+1p" crossorigin="anonymous"></script> </body> </html>