nginx 1.17.10
tcp/8000 tcp/8001
nginx 1.18.0
tcp/443 tcp/80 tcp/88
MySQL is currently open without authentication.
This results in all the database data made available publicly.
Severity: high
Fingerprint: cf350410ecceb5fd1b69fde69c967f15c4428cd806250a463b70ccaca77d7d53
Databases: 54, row count: 136511, size: 8.2 MB Found table mysql.columns_priv with 0 records Found table mysql.db with 3 records Found table mysql.engine_cost with 2 records Found table mysql.event with 0 records Found table mysql.func with 0 records Found table mysql.general_log with 2 records Found table mysql.gtid_executed with 0 records Found table mysql.help_category with 50 records Found table mysql.help_keyword with 821 records Found table mysql.help_relation with 1269 records Found table mysql.help_topic with 505 records Found table mysql.innodb_index_stats with 260 records Found table mysql.innodb_table_stats with 25 records Found table mysql.ndb_binlog_index with 0 records Found table mysql.plugin with 0 records Found table mysql.proc with 48 records Found table mysql.procs_priv with 0 records Found table mysql.proxies_priv with 1 records Found table mysql.server_cost with 6 records Found table mysql.servers with 0 records Found table mysql.slave_master_info with 0 records Found table mysql.slave_relay_log_info with 0 records Found table mysql.slave_worker_info with 0 records Found table mysql.slow_log with 2 records Found table mysql.tables_priv with 2 records Found table mysql.time_zone with 2074 records Found table mysql.time_zone_leap_second with 0 records Found table mysql.time_zone_name with 1850 records Found table mysql.time_zone_transition with 119956 records Found table mysql.time_zone_transition_type with 9401 records Found table mysql.user with 5 records Found table uralensis.Config with 0 records Found table uralensis.auth_group with 0 records Found table uralensis.auth_group_permissions with 0 records Found table uralensis.auth_permission with 76 records Found table uralensis.auth_user with 1 records Found table uralensis.auth_user_groups with 0 records Found table uralensis.auth_user_user_permissions with 76 records Found table uralensis.authentication_customuser with 0 records Found table uralensis.dashboard_activity with 0 records Found table uralensis.dashboard_adminsettings with 0 records Found table uralensis.dashboard_annotation with 0 records Found table uralensis.dashboard_externaldomains with 0 records Found table uralensis.dashboard_folder with 1 records Found table uralensis.dashboard_slide with 9 records Found table uralensis.dashboard_slidegroup with 0 records Found table uralensis.dashboard_slidetags with 0 records Found table uralensis.dashboard_slideviewusers with 4 records Found table uralensis.dashboard_subtag with 0 records Found table uralensis.dashboard_tag with 0 records Found table uralensis.django_admin_log with 0 records Found table uralensis.django_content_type with 19 records Found table uralensis.django_migrations with 40 records Found table uralensis.django_session with 3 records
Open service 49.13.119.16:8001
2024-06-20 19:53
HTTP/1.1 302 Found Server: nginx/1.17.10 Date: Thu, 20 Jun 2024 19:53:17 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.2.19 Location: http://49.13.119.16/adminer/
Open service 49.13.119.16:443
2024-06-20 16:27
HTTP/1.1 302 Found Server: nginx/1.18.0 (Ubuntu) Date: Thu, 20 Jun 2024 16:27:14 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Location: /valet-sites
Open service 49.13.119.16:3306
2024-06-20 00:56
MySQL detected
Open service 49.13.119.16:80
2024-06-15 21:12
HTTP/1.1 302 Found Server: nginx/1.18.0 (Ubuntu) Date: Sat, 15 Jun 2024 21:12:37 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Location: /valet-sites
Open service 49.13.119.16:8000
2024-06-15 08:58
HTTP/1.1 200 OK Server: nginx/1.17.10 Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.2.19 Cache-Control: no-cache, private Date: Sat, 15 Jun 2024 08:58:32 GMT Access-Control-Allow-Origin: * Set-Cookie: XSRF-TOKEN=eyJpdiI6InppUWNVRjlhK0I5Ly9EYTlXNGhnQkE9PSIsInZhbHVlIjoiQ1ZCQTBZZEpScHhFczFkSmQ4dU96alpIYzJ2QTlnNkI4VGt3VGJKYXFqV3EvUE1rWlVzeHJMWTdEV3F0dURHYkNIejBCQnJLWnVBUDRuMTJRc2RyaGhVSC9tb2xrc2pVSG5OTjdYU1Rnc2loVUN4VVpxaHpjaTFQK0NUUVhFZm4iLCJtYWMiOiJlY2RiZWUxYTNlZjU1NzlmOWU1MDFmNzYzYjFiODAxZjBkZjE0OTBhYTFjZTlhZDM5MGRmNjZiZDhlYzY2NzM2IiwidGFnIjoiIn0%3D; expires=Sat, 15 Jun 2024 10:58:32 GMT; Max-Age=7200; path=/; samesite=lax Set-Cookie: drink_warehouse_session=eyJpdiI6IlZWVzhYT0JIc0t5YmhNT0tqZkI2TUE9PSIsInZhbHVlIjoiN0xuYk5wM0szTitUbzl0dWtZdmZTTmZ4bWhYV1h5aG5mMDk1WXpaelIzc1BvazZsdWs4ZzRiRGlYSVRPcS9mSGpSWEVzb3hGWER0T2h1SlV0VUsyNDZ4S0dvcEIzNERmaGp2WktHQVl1cW1TZk00SjFGWU9ib2tRTG93VHZ0eXUiLCJtYWMiOiJkZDc3MDk0MGUwZGFkNzlhYzc3YTgwMzA2N2U4NTI3OTQwOGUyM2UzMjljYjljMGUyYTIxZjUzYjMyMzVlYzhlIiwidGFnIjoiIn0%3D; expires=Sat, 15 Jun 2024 10:58:32 GMT; Max-Age=7200; path=/; httponly; samesite=lax Page title: Laravel <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <title>Laravel</title> <!-- Fonts --> <link href="https://fonts.googleapis.com/css2?family=Nunito:wght@400;600;700&display=swap" rel="stylesheet"> <!-- Styles --> <style> /*! normalize.css v8.0.1 | MIT License | github.com/necolas/normalize.css */html{line-height:1.15;-webkit-text-size-adjust:100%}body{margin:0}a{background-color:transparent}[hidden]{display:none}html{font-family:system-ui,-apple-system,BlinkMacSystemFont,Segoe UI,Roboto,Helvetica Neue,Arial,Noto Sans,sans-serif,Apple Color Emoji,Segoe UI Emoji,Segoe UI Symbol,Noto Color Emoji;line-height:1.5}*,:after,:before{box-sizing:border-box;border:0 solid #e2e8f0}a{color:inherit;text-decoration:inherit}svg,video{display:block;vertical-align:middle}video{max-width:100%;height:auto}.bg-white{--bg-opacity:1;background-color:#fff;background-color:rgba(255,255,255,var(--bg-opacity))}.bg-gray-100{--bg-opacity:1;background-color:#f7fafc;background-color:rgba(247,250,252,var(--bg-opacity))}.border-gray-200{--border-opacity:1;border-color:#edf2f7;border-color:rgba(237,242,247,var(--border-opacity))}.border-t{border-top-width:1px}.flex{display:flex}.grid{display:grid}.hidden{display:none}.items-center{align-items:center}.justify-center{justify-content:center}.font-semibold{font-weight:600}.h-5{height:1.25rem}.h-8{height:2rem}.h-16{height:4rem}.text-sm{font-size:.875rem}.text-lg{font-size:1.125rem}.leading-7{line-height:1.75rem}.mx-auto{margin-left:auto;margin-right:auto}.ml-1{margin-left:.25rem}.mt-2{margin-top:.5rem}.mr-2{margin-right:.5rem}.ml-2{margin-left:.5rem}.mt-4{margin-top:1rem}.ml-4{margin-left:1rem}.mt-8{margin-top:2rem}.ml-12{margin-left:3rem}.-mt-px{margin-top:-1px}.max-w-6xl{max-width:72rem}.min-h-screen{min-height:100vh}.overflow-hidden{overflow:hidden}.p-6{padding:1.5rem}.py-4{padding-top:1rem;padding-bottom:1rem}.px-6{padding-left:1.5rem;padding-right:1.5rem}.pt-8{padding-top:2rem}.fixed{position:fixed}.relative{position:relative}.top-0{top:0}.right-0{right:0}.shadow{box-shadow:0 1px 3px 0 rgba(0,0,0,.1),0 1px 2px 0 rgba(0,0,0,.06)}.text-center{text-align:center}.text-gray-200{--text-opacity:1;color:#edf2f7;color:rgba(237,242,247,var(--text-opacity))}.text-gray-300{--text-opacity:1;color:#e2e8f0;color:rgba(226,232,240,var(--text-opacity))}.text-gray-400{--text-opacity:1;color:#cbd5e0;color:rgba(203,213,224,var(--text-opacity))}.text-gray-500{--text-opacity:1;color:#a0aec0;color:rgba(160,174,192,var(--text-opacity))}.text-gray-600{--text-opacity:1;color:#718096;color:rgba(113,128,150,var(--text-opacity))}.text-gray-700{--text-opacity:1;color:#4a5568;color:rgba(74,85,104,var(--text-opacity))}.text-gray-900{--text-opacity:1;color:#1a202c;color:rgba(26,32,44,var(--text-opacity))}.underline{text-decoration:underline}.antialiased{-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale}.w-5{width:1.25rem}.w-8{width:2rem}.w-auto{width:auto}.grid-cols-1{grid-template-columns:repeat(1,minmax(0,1fr))}@media (min-width:640px){.sm\:rounded-lg{border-radius:.5rem}.sm\:block{display:block}.sm\:items-center{align-items:center}.sm\:justify-start{justify-content:flex-start}.sm\:justify-between{justify-content:space-between}.sm\:h-20{height:5rem}.sm\:ml-0{margin-left:0}.sm\:px-6{padding-left:1.5rem;padding-right:1.5rem}.sm\:pt-0{padding-top:0}.sm\:text-left{text-align:left}.sm\:text-right{text-align:right}}@media (min-width:768px){.md\:border-t-0{border-top-width:0}.md\:border-l{border-left-width:1px}.md\:grid-cols-2{grid-template-columns:repeat(2,minmax(0,1fr))}}@media (min-width:1024px){.lg\:px-8{padding-left:2rem;padding-right:2rem}}@media (prefers-color-scheme:dark){.dark\:bg-gray-800{--bg-opacity:1;background-color:#2d3748;background-color:rgba(45,55,72,var(--bg-opacity))}.dark\:bg-gray-900{--bg-opacity:1;background-color:#1a202c;background-color:rgba(26,32,44,var(--bg-opacity))}.dark\:border-gray-700{--border-opacity:1;border-color:#4a5568;border-color:r
Open service 49.13.119.16:22
2024-06-15 06:31
Open service 49.13.119.16:88
2024-06-14 11:38
HTTP/1.1 302 Found Server: nginx/1.18.0 (Ubuntu) Date: Fri, 14 Jun 2024 11:38:15 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Location: /valet-sites
Open service 49.13.119.16:88
2024-06-13 05:45
HTTP/1.1 302 Found Server: nginx/1.18.0 (Ubuntu) Date: Thu, 13 Jun 2024 05:45:14 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Location: /valet-sites
Open service 49.13.119.16:443
2024-06-13 05:12
HTTP/1.1 302 Found Server: nginx/1.18.0 (Ubuntu) Date: Thu, 13 Jun 2024 05:12:11 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Location: /valet-sites