LeakIX - Host 94.237.58.237

Host 94.237.58.237

United Kingdom

UpCloud Ltd

debian-linux-gnu x86_64

Software information

nginx nginx

tcp/443 tcp/80

MySQL is publicly available

MySQL is currently open without authentication.

Additionally a ransom note has been found in the dataset which indicates it has been compromised

This results in all the database data made available publicly.

IP: 94.237.58.237
Port: 3306

First seen 2024-04-23 20:04
Last seen 2024-06-19 22:48
Open for 57 days

Severity: critical
Fingerprint: cf350410ecceb5fd9401be52f118417ed60f442a759aeb29087a392e54ac0d32

Databases: 31, row count: 140722, size: 3.5 MB
Found table README_TO_RECOVER_A.RECOVER_YOUR_DATA with 2 records
Found table mysql.column_stats with 0 records
Found table mysql.columns_priv with 0 records
Found table mysql.db with 1 records
Found table mysql.event with 0 records
Found table mysql.func with 0 records
Found table mysql.general_log with 2 records
Found table mysql.gtid_slave_pos with 0 records
Found table mysql.help_category with 39 records
Found table mysql.help_keyword with 464 records
Found table mysql.help_relation with 1028 records
Found table mysql.help_topic with 508 records
Found table mysql.host with 0 records
Found table mysql.index_stats with 0 records
Found table mysql.innodb_index_stats with 7 records
Found table mysql.innodb_table_stats with 2 records
Found table mysql.plugin with 0 records
Found table mysql.proc with 2 records
Found table mysql.procs_priv with 0 records
Found table mysql.proxies_priv with 1 records
Found table mysql.roles_mapping with 0 records
Found table mysql.servers with 0 records
Found table mysql.slow_log with 2 records
Found table mysql.table_stats with 0 records
Found table mysql.tables_priv with 0 records
Found table mysql.time_zone with 1823 records
Found table mysql.time_zone_leap_second with 0 records
Found table mysql.time_zone_name with 1823 records
Found table mysql.time_zone_transition with 125043 records
Found table mysql.time_zone_transition_type with 9970 records
Found table mysql.user with 5 records

Found on 2024-06-19 22:48

3.5 MBytes 140722 rows

Severity: critical
Fingerprint: cf350410ecceb5fde80c352198afc19dc48717eb604f38e62d1bf66b7f02f8f4

Databases: 31, row count: 140721, size: 3.5 MB
Found table README_TO_RECOVER_A.RECOVER_YOUR_DATA with 2 records
Found table mysql.column_stats with 0 records
Found table mysql.columns_priv with 0 records
Found table mysql.db with 1 records
Found table mysql.event with 0 records
Found table mysql.func with 0 records
Found table mysql.general_log with 2 records
Found table mysql.gtid_slave_pos with 0 records
Found table mysql.help_category with 39 records
Found table mysql.help_keyword with 464 records
Found table mysql.help_relation with 1028 records
Found table mysql.help_topic with 508 records
Found table mysql.host with 0 records
Found table mysql.index_stats with 0 records
Found table mysql.innodb_index_stats with 7 records
Found table mysql.innodb_table_stats with 2 records
Found table mysql.plugin with 0 records
Found table mysql.proc with 2 records
Found table mysql.procs_priv with 0 records
Found table mysql.proxies_priv with 1 records
Found table mysql.roles_mapping with 0 records
Found table mysql.servers with 0 records
Found table mysql.slow_log with 2 records
Found table mysql.table_stats with 0 records
Found table mysql.tables_priv with 0 records
Found table mysql.time_zone with 1823 records
Found table mysql.time_zone_leap_second with 0 records
Found table mysql.time_zone_name with 1823 records
Found table mysql.time_zone_transition with 125043 records
Found table mysql.time_zone_transition_type with 9970 records
Found table mysql.user with 4 records

Found on 2024-05-08 13:10

3.5 MBytes 140721 rows

Create report

Open service 94.237.58.237:3306

2024-06-19 22:48
```
MySQL detected
```
Found 13 hours ago by tcpid
Create report

Open service 94.237.58.237:27017

2024-06-19 22:38

HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.

Found 13 hours ago by HttpPlugin

Create report

Open service 94.237.58.237:3306

2024-06-17 22:12
```
MySQL detected
```
Found 3 days ago by tcpid
Create report

Open service 94.237.58.237:27017

2024-06-17 22:10

HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.

Found 3 days ago by HttpPlugin

Create report

Open service 94.237.58.237:3306

2024-06-15 23:32
```
MySQL detected
```
Found 2024-06-15 by tcpid
Create report

Open service 94.237.58.237:27017

2024-06-15 22:46

HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.

Found 2024-06-15 by HttpPlugin

Create report

Open service 94.237.58.237:3306

2024-06-15 08:21
```
MySQL detected
```
Found 2024-06-15 by tcpid
Create report

Open service 94.237.58.237:443

2024-06-14 17:47

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 14 Jun 2024 17:47:08 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Wed, 30 Jun 2021 16:35:11 GMT
Connection: close
ETag: "60dc9d3f-264"
Accept-Ranges: bytes

Page title: Welcome to nginx!

<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

Found 2024-06-14 by HttpPlugin

Create report

Open service 94.237.58.237:80

2024-06-14 00:17

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 14 Jun 2024 00:17:01 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Wed, 30 Jun 2021 16:35:11 GMT
Connection: close
ETag: "60dc9d3f-264"
Accept-Ranges: bytes

Page title: Welcome to nginx!

<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

Found 2024-06-14 by HttpPlugin

Create report

Open service 94.237.58.237:80

2024-06-13 11:35

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 13 Jun 2024 11:35:50 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Wed, 30 Jun 2021 16:35:11 GMT
Connection: close
ETag: "60dc9d3f-264"
Accept-Ranges: bytes

Page title: Welcome to nginx!

<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

Found 2024-06-13 by HttpPlugin

Create report

Open service 94.237.58.237:27017

2024-06-11 22:25

HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.

Found 2024-06-11 by HttpPlugin

Create report

Open service 94.237.58.237:3306

2024-06-11 21:28
```
MySQL detected
```
Found 2024-06-11 by tcpid
Create report

Open service 94.237.58.237:27017

2024-06-09 22:05

HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.

Found 2024-06-09 by HttpPlugin

Create report

Open service 94.237.58.237:3306

2024-06-09 21:55
```
MySQL detected
```
Found 2024-06-09 by tcpid
Create report

Open service 94.237.58.237:27017

2024-06-07 22:07

HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.

Found 2024-06-07 by HttpPlugin

Create report

Open service 94.237.58.237:3306

2024-06-07 21:56
```
MySQL detected
```
Found 2024-06-07 by tcpid
Create report
Open service 94.237.58.237:3306

2024-06-05 20:23
```
MySQL detected
```
Found 2024-06-05 by tcpid
Create report

Open service 94.237.58.237:27017

2024-06-05 20:14

HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.

Found 2024-06-05 by HttpPlugin

Create report

Open service 94.237.58.237:27017

2024-06-03 21:34

HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.

Found 2024-06-03 by HttpPlugin

Create report

Open service 94.237.58.237:3306

2024-06-03 20:07
```
MySQL detected
```
Found 2024-06-03 by tcpid
Create report

*.digitalpulseapi.devdigitalpulseapi.dev

Fingerprint:

cabb728835f78d19a78aa7f4cc1a70b78e1def95468d9bd8bbf920cc633d9ebe

CN:

*.digitalpulseapi.dev

Key:

RSA-2048

Issuer:

Not before:

2024-05-16 10:51

Not after:

2024-08-14 10:51

Data leak

Size

3.5 MB

Collections

Rows

140722

Domain summary

No record