LeakIX - Host 101.201.220.218

Host 101.201.220.218

China

Hangzhou Alibaba Advertising Co.,Ltd.

CentOS Linux 8 (Core) 4.18.0-193.28.1.el8_2.x86_64

Software information

nginx nginx 1.23.1

tcp/80

MySQL is publicly available

MySQL is currently open without authentication.

This results in all the database data made available publicly.

IP: 101.201.220.218
Port: 3308

First seen 2023-07-26 19:53
Last seen 2024-04-30 19:24
Open for 278 days

Severity: high
Fingerprint: cf350410ecceb5fdbad612100b646d942c7a07f61511e9335cbb219e1a70ad3b

Databases: 66, row count: 136301, size: 8.4 MB
Found table chat_x.QRTZ_BLOB_TRIGGERS with 0 records
Found table chat_x.QRTZ_CALENDARS with 0 records
Found table chat_x.QRTZ_CRON_TRIGGERS with 0 records
Found table chat_x.QRTZ_FIRED_TRIGGERS with 0 records
Found table chat_x.QRTZ_JOB_DETAILS with 0 records
Found table chat_x.QRTZ_LOCKS with 0 records
Found table chat_x.QRTZ_PAUSED_TRIGGER_GRPS with 0 records
Found table chat_x.QRTZ_SCHEDULER_STATE with 0 records
Found table chat_x.QRTZ_SIMPLE_TRIGGERS with 0 records
Found table chat_x.QRTZ_SIMPROP_TRIGGERS with 0 records
Found table chat_x.QRTZ_TRIGGERS with 0 records
Found table chat_x.gen_table with 0 records
Found table chat_x.gen_table_column with 0 records
Found table chat_x.sys_config with 6 records
Found table chat_x.sys_dept with 10 records
Found table chat_x.sys_dict_data with 29 records
Found table chat_x.sys_dict_type with 10 records
Found table chat_x.sys_job with 3 records
Found table chat_x.sys_job_log with 0 records
Found table chat_x.sys_logininfor with 73 records
Found table chat_x.sys_menu with 89 records
Found table chat_x.sys_notice with 2 records
Found table chat_x.sys_oper_log with 25 records
Found table chat_x.sys_post with 4 records
Found table chat_x.sys_role with 3 records
Found table chat_x.sys_role_dept with 3 records
Found table chat_x.sys_role_menu with 89 records
Found table chat_x.sys_user with 4 records
Found table chat_x.sys_user_post with 3 records
Found table chat_x.sys_user_role with 4 records
Found table mysql.columns_priv with 0 records
Found table mysql.db with 2 records
Found table mysql.engine_cost with 2 records
Found table mysql.event with 0 records
Found table mysql.func with 0 records
Found table mysql.general_log with 2 records
Found table mysql.gtid_executed with 0 records
Found table mysql.help_category with 50 records
Found table mysql.help_keyword with 1003 records
Found table mysql.help_relation with 2219 records
Found table mysql.help_topic with 621 records
Found table mysql.innodb_index_stats with 185 records
Found table mysql.innodb_table_stats with 37 records
Found table mysql.ndb_binlog_index with 0 records
Found table mysql.plugin with 0 records
Found table mysql.proc with 48 records
Found table mysql.procs_priv with 0 records
Found table mysql.proxies_priv with 1 records
Found table mysql.server_cost with 6 records
Found table mysql.servers with 0 records
Found table mysql.slave_master_info with 0 records
Found table mysql.slave_relay_log_info with 0 records
Found table mysql.slave_worker_info with 0 records
Found table mysql.slow_log with 2 records
Found table mysql.tables_priv with 2 records
Found table mysql.time_zone with 1821 records
Found table mysql.time_zone_leap_second with 0 records
Found table mysql.time_zone_name with 1937 records
Found table mysql.time_zone_transition with 119515 records
Found table mysql.time_zone_transition_type with 8472 records
Found table mysql.user with 4 records
Found table security_x.sys_role with 4 records
Found table security_x.sys_user with 2 records
Found table security_x.sys_user_role with 4 records
Found table test.student with 2 records
Found table test.student_details with 3 records

Found on 2024-04-30 19:24

8.4 MBytes 136301 rows

Severity: high
Fingerprint: cf350410ecceb5fdeadb6d70fd2c3c2ffa878e0d9cde44244e3a9b8b58471505

Databases: 66, row count: 136297, size: 8.4 MB
No or default MySQL authentication found.Found table chat_x.QRTZ_BLOB_TRIGGERS with 0 records
Found table chat_x.QRTZ_CALENDARS with 0 records
Found table chat_x.QRTZ_CRON_TRIGGERS with 0 records
Found table chat_x.QRTZ_FIRED_TRIGGERS with 0 records
Found table chat_x.QRTZ_JOB_DETAILS with 0 records
Found table chat_x.QRTZ_LOCKS with 0 records
Found table chat_x.QRTZ_PAUSED_TRIGGER_GRPS with 0 records
Found table chat_x.QRTZ_SCHEDULER_STATE with 0 records
Found table chat_x.QRTZ_SIMPLE_TRIGGERS with 0 records
Found table chat_x.QRTZ_SIMPROP_TRIGGERS with 0 records
Found table chat_x.QRTZ_TRIGGERS with 0 records
Found table chat_x.gen_table with 0 records
Found table chat_x.gen_table_column with 0 records
Found table chat_x.sys_config with 6 records
Found table chat_x.sys_dept with 10 records
Found table chat_x.sys_dict_data with 29 records
Found table chat_x.sys_dict_type with 10 records
Found table chat_x.sys_job with 3 records
Found table chat_x.sys_job_log with 0 records
Found table chat_x.sys_logininfor with 69 records
Found table chat_x.sys_menu with 89 records
Found table chat_x.sys_notice with 2 records
Found table chat_x.sys_oper_log with 25 records
Found table chat_x.sys_post with 4 records
Found table chat_x.sys_role with 3 records
Found table chat_x.sys_role_dept with 3 records
Found table chat_x.sys_role_menu with 89 records
Found table chat_x.sys_user with 4 records
Found table chat_x.sys_user_post with 3 records
Found table chat_x.sys_user_role with 4 records
Found table mysql.columns_priv with 0 records
Found table mysql.db with 2 records
Found table mysql.engine_cost with 2 records
Found table mysql.event with 0 records
Found table mysql.func with 0 records
Found table mysql.general_log with 2 records
Found table mysql.gtid_executed with 0 records
Found table mysql.help_category with 50 records
Found table mysql.help_keyword with 1003 records
Found table mysql.help_relation with 2219 records
Found table mysql.help_topic with 621 records
Found table mysql.innodb_index_stats with 185 records
Found table mysql.innodb_table_stats with 37 records
Found table mysql.ndb_binlog_index with 0 records
Found table mysql.plugin with 0 records
Found table mysql.proc with 48 records
Found table mysql.procs_priv with 0 records
Found table mysql.proxies_priv with 1 records
Found table mysql.server_cost with 6 records
Found table mysql.servers with 0 records
Found table mysql.slave_master_info with 0 records
Found table mysql.slave_relay_log_info with 0 records
Found table mysql.slave_worker_info with 0 records
Found table mysql.slow_log with 2 records
Found table mysql.tables_priv with 2 records
Found table mysql.time_zone with 1821 records
Found table mysql.time_zone_leap_second with 0 records
Found table mysql.time_zone_name with 1937 records
Found table mysql.time_zone_transition with 119515 records
Found table mysql.time_zone_transition_type with 8472 records
Found table mysql.user with 4 records
Found table security_x.sys_role with 4 records
Found table security_x.sys_user with 2 records
Found table security_x.sys_user_role with 4 records
Found table test.student with 2 records
Found table test.student_details with 3 records

Found on 2023-07-26 19:53

8.4 MBytes 136297 rows

Create report

ElasticSearch is publicly available

Elasticsearch and/or Kibana is currently open without authentication.

This results in all the database data made available publicly.

IP: 101.201.220.218
Port: 5601
URL: http://101.201.220.218:5601

First seen 2022-11-15 12:10
- Severity: medium
  Fingerprint: 831cb76b8e05df4617c4d220b4bac1104ace108f07602167c21501f44032e26f
```
Indices: 5, document count: 12, size: 86.1 kB
Through Kibana endpoint
Found index test-index with 0 documents (283 B)
Found index item with 0 documents (1.4 kB)
Found index .kibana_task_manager_1 with 2 documents (44.5 kB)
Found index .apm-agent-configuration with 0 documents (283 B)
Found index .kibana_1 with 10 documents (39.7 kB)
```
  Found on 2022-11-15 12:10
  
  86.1 kBytes 12 rows
Create report

Open service 101.201.220.218:3308

2024-04-30 19:24
```
MySQL detected
```
Found one day ago by tcpid
Create report

Open service 101.201.220.218:8080

2024-04-25 01:32

HTTP/1.1 200 
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Type: text/plain;charset=UTF-8
Content-Length: 92
Date: Thu, 25 Apr 2024 01:32:30 GMT
Connection: close


欢迎使用RuoYi后台管理框架，当前版本：v3.8.5，请通过前端地址访问。

Found 2024-04-25 by HttpPlugin

Create report

Open service 101.201.220.218:80

2024-04-24 07:22

HTTP/1.1 200 OK
Server: nginx/1.23.1
Date: Wed, 24 Apr 2024 07:22:50 GMT
Content-Type: text/html
Content-Length: 12608
Last-Modified: Wed, 19 Apr 2023 02:11:40 GMT
Connection: close
ETag: "643f4ddc-3140"
Accept-Ranges: bytes

Page title: 若依管理系统

<!DOCTYPE html><html><head><meta charset=utf-8><meta http-equiv=X-UA-Compatible content="IE=edge,chrome=1"><meta name=renderer content=webkit><meta name=viewport content="width=device-width,initial-scale=1,maximum-scale=1,user-scalable=no"><link rel=icon href=/favicon.ico><title>若依管理系统</title><!--[if lt IE 11]><script>window.location.href='/html/ie.html';</script><![endif]--><style>html,
    body,
    #app {
      height: 100%;
      margin: 0px;
      padding: 0px;
    }
    .chromeframe {
      margin: 0.2em 0;
      background: #ccc;
      color: #000;
      padding: 0.2em 0;
    }

    #loader-wrapper {
      position: fixed;
      top: 0;
      left: 0;
      width: 100%;
      height: 100%;
      z-index: 999999;
    }

    #loader {
      display: block;
      position: relative;
      left: 50%;
      top: 50%;
      width: 150px;
      height: 150px;
      margin: -75px 0 0 -75px;
      border-radius: 50%;
      border: 3px solid transparent;
      border-top-color: #FFF;
      -webkit-animation: spin 2s linear infinite;
      -ms-animation: spin 2s linear infinite;
      -moz-animation: spin 2s linear infinite;
      -o-animation: spin 2s linear infinite;
      animation: spin 2s linear infinite;
      z-index: 1001;
    }

    #loader:before {
      content: "";
      position: absolute;
      top: 5px;
      left: 5px;
      right: 5px;
      bottom: 5px;
      border-radius: 50%;
      border: 3px solid transparent;
      border-top-color: #FFF;
      -webkit-animation: spin 3s linear infinite;
      -moz-animation: spin 3s linear infinite;
      -o-animation: spin 3s linear infinite;
      -ms-animation: spin 3s linear infinite;
      animation: spin 3s linear infinite;
    }

    #loader:after {
      content: "";
      position: absolute;
      top: 15px;
      left: 15px;
      right: 15px;
      bottom: 15px;
      border-radius: 50%;
      border: 3px solid transparent;
      border-top-color: #FFF;
      -moz-animation: spin 1.5s linear infinite;
      -o-animation: spin 1.5s linear infinite;
      -ms-animation: spin 1.5s linear infinite;
      -webkit-animation: spin 1.5s linear infinite;
      animation: spin 1.5s linear infinite;
    }


    @-webkit-keyframes spin {
      0% {
        -webkit-transform: rotate(0deg);
        -ms-transform: rotate(0deg);
        transform: rotate(0deg);
      }
      100% {
        -webkit-transform: rotate(360deg);
        -ms-transform: rotate(360deg);
        transform: rotate(360deg);
      }
    }

    @keyframes spin {
      0% {
        -webkit-transform: rotate(0deg);
        -ms-transform: rotate(0deg);
        transform: rotate(0deg);
      }
      100% {
        -webkit-transform: rotate(360deg);
        -ms-transform: rotate(360deg);
        transform: rotate(360deg);
      }
    }


    #loader-wrapper .loader-section {
      position: fixed;
      top: 0;
      width: 51%;
      height: 100%;
      background: #7171C6;
      z-index: 1000;
      -webkit-transform: translateX(0);
      -ms-transform: translateX(0);
      transform: translateX(0);
    }

    #loader-wrapper .loader-section.section-left {
      left: 0;
    }

    #loader-wrapper .loader-section.section-right {
      right: 0;
    }


    .loaded #loader-wrapper .loader-section.section-left {
      -webkit-transform: translateX(-100%);
      -ms-transform: translateX(-100%);
      transform: translateX(-100%);
      -webkit-transition: all 0.7s 0.3s cubic-bezier(0.645, 0.045, 0.355, 1.000);
      transition: all 0.7s 0.3s cubic-bezier(0.645, 0.045, 0.355, 1.000);
    }

    .loaded #loader-wrapper .loader-section.section-right {
      -webkit-transform: translateX(100%);
      -ms-transform: translateX(100%);
      transform: translateX(100%);
      -webkit-transition: all 0.7s 0.3s cubic-bezier(0.645, 0.045, 0.355, 1.000);
      transition: all 0.7s 0.3s cubic-bezier(0.645, 0.045, 0.355, 1.000);
    }

    .loaded #loader {
      opac

Found 2024-04-24 by HttpPlugin

Create report

Open service 101.201.220.218:22

2024-04-24 02:22
Found 2024-04-24 by SSHOpenPlugin
Create report

Open service 101.201.220.218:8080

2024-04-23 13:26

HTTP/1.1 200 
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Type: text/plain;charset=UTF-8
Content-Length: 92
Date: Tue, 23 Apr 2024 13:26:44 GMT
Connection: close


欢迎使用RuoYi后台管理框架，当前版本：v3.8.5，请通过前端地址访问。

Found 2024-04-23 by HttpPlugin

Create report

Open service 101.201.220.218:3308

2024-04-18 19:04
```
MySQL detected
```
Found 2024-04-18 by tcpid
Create report
Open service 101.201.220.218:3308

2024-04-10 14:30
```
MySQL detected
```
Found 2024-04-10 by tcpid
Create report

Data leak

Size

8.4 MB

Collections

Rows

136301

Domain summary

No record

Host 101.201.220.218

China

Software information

MySQL is publicly available

ElasticSearch is publicly available

Create report

Create report

Create report

Create report

Create report

Create report

Create report

Data leak

Domain summary