nginx 1.18.0
tcp/443 tcp/80
MySQL is currently open without authentication.
Additionally a ransom note has been found in the dataset which indicates it has been compromised
This results in all the database data made available publicly.
Severity: critical
Fingerprint: cf350410ecceb5fd953c6c78c81184281f403247dffc3babe69e88f1e22c9e31
Databases: 32, row count: 135803, size: 7.8 MB Found table README_TO_RECOVER_A.RECOVER_YOUR_DATA with 2 records Found table mysql.columns_priv with 0 records Found table mysql.db with 2 records Found table mysql.engine_cost with 2 records Found table mysql.event with 0 records Found table mysql.func with 0 records Found table mysql.general_log with 2 records Found table mysql.gtid_executed with 0 records Found table mysql.help_category with 50 records Found table mysql.help_keyword with 921 records Found table mysql.help_relation with 2288 records Found table mysql.help_topic with 623 records Found table mysql.innodb_index_stats with 10 records Found table mysql.innodb_table_stats with 3 records Found table mysql.ndb_binlog_index with 0 records Found table mysql.plugin with 0 records Found table mysql.proc with 48 records Found table mysql.procs_priv with 0 records Found table mysql.proxies_priv with 1 records Found table mysql.server_cost with 6 records Found table mysql.servers with 0 records Found table mysql.slave_master_info with 0 records Found table mysql.slave_relay_log_info with 0 records Found table mysql.slave_worker_info with 0 records Found table mysql.slow_log with 2 records Found table mysql.tables_priv with 2 records Found table mysql.time_zone with 1443 records Found table mysql.time_zone_leap_second with 0 records Found table mysql.time_zone_name with 1336 records Found table mysql.time_zone_transition with 119956 records Found table mysql.time_zone_transition_type with 9101 records Found table mysql.user with 5 records
Severity: critical
Fingerprint: cf350410ecceb5fd973b4365748b2a79a8858fb4436e5bc6dee459fca74c31a7
Databases: 32, row count: 135802, size: 7.8 MB Found table README_TO_RECOVER_A.RECOVER_YOUR_DATA with 2 records Found table mysql.columns_priv with 0 records Found table mysql.db with 2 records Found table mysql.engine_cost with 2 records Found table mysql.event with 0 records Found table mysql.func with 0 records Found table mysql.general_log with 2 records Found table mysql.gtid_executed with 0 records Found table mysql.help_category with 50 records Found table mysql.help_keyword with 921 records Found table mysql.help_relation with 2288 records Found table mysql.help_topic with 623 records Found table mysql.innodb_index_stats with 10 records Found table mysql.innodb_table_stats with 3 records Found table mysql.ndb_binlog_index with 0 records Found table mysql.plugin with 0 records Found table mysql.proc with 48 records Found table mysql.procs_priv with 0 records Found table mysql.proxies_priv with 1 records Found table mysql.server_cost with 6 records Found table mysql.servers with 0 records Found table mysql.slave_master_info with 0 records Found table mysql.slave_relay_log_info with 0 records Found table mysql.slave_worker_info with 0 records Found table mysql.slow_log with 2 records Found table mysql.tables_priv with 2 records Found table mysql.time_zone with 1443 records Found table mysql.time_zone_leap_second with 0 records Found table mysql.time_zone_name with 1336 records Found table mysql.time_zone_transition with 119956 records Found table mysql.time_zone_transition_type with 9101 records Found table mysql.user with 4 records
Severity: high
Fingerprint: cf350410ecceb5fdebd6b7609132601091326010913260109132601091326010
Databases: 1, row count: 2, size: 16.4 kB Found table README_TO_RECOVER_A.RECOVER_YOUR_DATA with 2 records
Open service 94.130.203.85:22
2024-06-20 00:09
Open service 94.130.203.85:3306
2024-06-19 20:16
MySQL detected
Open service 94.130.203.85:3306
2024-06-17 21:43
MySQL detected
Open service 94.130.203.85:3306
2024-06-15 22:08
MySQL detected
Open service 94.130.203.85:80
2024-06-15 21:13
HTTP/1.1 404 Not Found Server: nginx/1.18.0 (Ubuntu) Date: Sat, 15 Jun 2024 21:13:04 GMT Content-Type: text/html Content-Length: 564 Connection: close Page title: 404 Not Found <html> <head><title>404 Not Found</title></head> <body> <center><h1>404 Not Found</h1></center> <hr><center>nginx/1.18.0 (Ubuntu)</center> </body> </html> <!-- a padding to disable MSIE and Chrome friendly error page --> <!-- a padding to disable MSIE and Chrome friendly error page --> <!-- a padding to disable MSIE and Chrome friendly error page --> <!-- a padding to disable MSIE and Chrome friendly error page --> <!-- a padding to disable MSIE and Chrome friendly error page --> <!-- a padding to disable MSIE and Chrome friendly error page -->
Open service 94.130.203.85:3306
2024-06-15 14:57
MySQL detected
Open service 94.130.203.85:443
2024-06-15 06:47
HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Sat, 15 Jun 2024 06:47:02 GMT Content-Type: text/html; charset=utf-8 Content-Length: 1639 Connection: close X-Powered-By: Express Access-Control-Allow-Origin: * Access-Control-Allow-Methods: * Access-Control-Allow-Headers: * Accept-Ranges: bytes ETag: W/"667-ozd5hNY994bNHvZTnN+Wgo8/n78" Vary: Accept-Encoding Page title: EMP | ONE <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8" /> <link rel="icon" href="/favicon.ico" /> <meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="theme-color" content="#000000" /> <meta name="description" content="Web site created using create-react-app" /> <link rel="apple-touch-icon" href="/logo192.png" /> <!-- manifest.json provides metadata used when your web app is installed on a user's mobile device or desktop. See https://developers.google.com/web/fundamentals/web-app-manifest/ --> <link rel="manifest" href="/manifest.json" /> <!-- Notice the use of in the tags above. It will be replaced with the URL of the `public` folder during the build. Only files inside the `public` folder can be referenced from the HTML. Unlike "/favicon.ico" or "favicon.ico", "/favicon.ico" will work correctly both with client-side routing and a non-root public URL. Learn how to configure a non-root public URL by running `npm run build`. --> <title>EMP | ONE</title> <script defer src="/static/js/bundle.js"></script></head> <body> <div id="root"></div> <!-- This HTML file is a template. If you open it directly in the browser, you will see an empty page. You can add webfonts, meta tags, or analytics to this file. The build step will place the bundled scripts into the <body> tag. To begin the development, run `npm start` or `yarn start`. To create a production bundle, use `npm run build` or `yarn build`. --> </body> </html>
Open service 94.130.203.85:22
2024-06-12 22:29
Open service 94.130.203.85:3306
2024-06-11 22:22
MySQL detected
Open service 94.130.203.85:3306
2024-06-09 22:10
MySQL detected
Open service 94.130.203.85:3306
2024-06-07 21:17
MySQL detected
Open service 94.130.203.85:3306
2024-06-05 21:03
MySQL detected
Open service 94.130.203.85:3306
2024-06-03 21:33
MySQL detected
Open service 94.130.203.85:22
2024-06-02 13:15