LeakIX - Host 120.79.252.141

Host 120.79.252.141

China

Hangzhou Alibaba Advertising Co.,Ltd.

linux-glibc2.5 x86_64

Software information

nginx nginx

tcp/80

MySQL is publicly available

MySQL is currently open without authentication.

Additionally a ransom note has been found in the dataset which indicates it has been compromised

This results in all the database data made available publicly.

IP: 120.79.252.141
Port: 3306

First seen 2023-10-16 00:16
Last seen 2024-06-19 20:30
Open for 247 days

Severity: critical
Fingerprint: cf350410ecceb5fd676221a8cf1ea4283bdb92475eb15bab4f4645412801245c

Databases: 29, row count: 2172, size: 740.6 kB
Found table A____Z____RECOVER____DATA.README with 1 records
Found table mysql.columns_priv with 0 records
Found table mysql.db with 2 records
Found table mysql.event with 0 records
Found table mysql.func with 0 records
Found table mysql.general_log with 0 records
Found table mysql.help_category with 40 records
Found table mysql.help_keyword with 487 records
Found table mysql.help_relation with 1095 records
Found table mysql.help_topic with 537 records
Found table mysql.innodb_index_stats with 3 records
Found table mysql.innodb_table_stats with 1 records
Found table mysql.ndb_binlog_index with 0 records
Found table mysql.plugin with 0 records
Found table mysql.proc with 0 records
Found table mysql.procs_priv with 0 records
Found table mysql.proxies_priv with 2 records
Found table mysql.servers with 0 records
Found table mysql.slave_master_info with 0 records
Found table mysql.slave_relay_log_info with 0 records
Found table mysql.slave_worker_info with 0 records
Found table mysql.slow_log with 0 records
Found table mysql.tables_priv with 0 records
Found table mysql.time_zone with 0 records
Found table mysql.time_zone_leap_second with 0 records
Found table mysql.time_zone_name with 0 records
Found table mysql.time_zone_transition with 0 records
Found table mysql.time_zone_transition_type with 0 records
Found table mysql.user with 4 records

Found on 2024-06-19 20:30

740.6 kBytes 2172 rows

Severity: high
Fingerprint: cf350410ecceb5fd293ef71d37aeaf3b37aeaf3b37aeaf3b37aeaf3b37aeaf3b
```
Databases: 1, row count: 1, size: 16.4 kB
Found table A____Z____RECOVER____DATA.README with 1 records
```
Found on 2024-05-12 18:02

16.4 kBytes 1 rows

Severity: critical
Fingerprint: cf350410ecceb5fd075402a1f0c95ba7d523be82d7d077d01f0ec85e4a3c3e6e

Databases: 29, row count: 2171, size: 740.4 kB
Found table A____Z____RECOVER____DATA.README with 1 records
Found table mysql.columns_priv with 0 records
Found table mysql.db with 2 records
Found table mysql.event with 0 records
Found table mysql.func with 0 records
Found table mysql.general_log with 0 records
Found table mysql.help_category with 40 records
Found table mysql.help_keyword with 487 records
Found table mysql.help_relation with 1095 records
Found table mysql.help_topic with 537 records
Found table mysql.innodb_index_stats with 3 records
Found table mysql.innodb_table_stats with 1 records
Found table mysql.ndb_binlog_index with 0 records
Found table mysql.plugin with 0 records
Found table mysql.proc with 0 records
Found table mysql.procs_priv with 0 records
Found table mysql.proxies_priv with 2 records
Found table mysql.servers with 0 records
Found table mysql.slave_master_info with 0 records
Found table mysql.slave_relay_log_info with 0 records
Found table mysql.slave_worker_info with 0 records
Found table mysql.slow_log with 0 records
Found table mysql.tables_priv with 0 records
Found table mysql.time_zone with 0 records
Found table mysql.time_zone_leap_second with 0 records
Found table mysql.time_zone_name with 0 records
Found table mysql.time_zone_transition with 0 records
Found table mysql.time_zone_transition_type with 0 records
Found table mysql.user with 3 records

Found on 2024-02-01 18:36

740.4 kBytes 2171 rows

Create report

Open service 120.79.252.141:3306

2024-06-19 20:30
```
MySQL detected
```
Found 15 hours ago by tcpid
Create report
Open service 120.79.252.141:3306

2024-06-17 20:21
```
MySQL detected
```
Found 3 days ago by tcpid
Create report
Open service 120.79.252.141:3306

2024-06-14 20:17
```
MySQL detected
```
Found 2024-06-14 by tcpid
Create report
Open service 120.79.252.141:3306

2024-06-11 21:42
```
MySQL detected
```
Found 2024-06-11 by tcpid
Create report
Open service 120.79.252.141:3306

2024-06-09 21:05
```
MySQL detected
```
Found 2024-06-09 by tcpid
Create report
Open service 120.79.252.141:3306

2024-06-07 20:58
```
MySQL detected
```
Found 2024-06-07 by tcpid
Create report
Open service 120.79.252.141:3306

2024-06-05 21:05
```
MySQL detected
```
Found 2024-06-05 by tcpid
Create report
Open service 120.79.252.141:3306

2024-06-03 21:28
```
MySQL detected
```
Found 2024-06-03 by tcpid
Create report

Open service 120.79.252.141:80

2024-06-02 10:32

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sun, 02 Jun 2024 10:32:29 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
Access-Control-Allow-Headers: token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding
Set-Cookie: PHPSESSID=215c498e7ae24bd0f96f2065b3489f2f; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: /User/Views/index
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS

Found 2024-06-02 by HttpPlugin

Create report

Data leak

Size

740.6 kB

Collections

Rows

2172

Domain summary

No record