nginx
tcp/5000
MySQL is currently open without authentication.
Additionally a ransom note has been found in the dataset which indicates it has been compromised
This results in all the database data made available publicly.
Severity: critical
Fingerprint: cf350410ecceb5fd632b5a3b9d243a9a71176846185c98fce31c94e653ca4d20
Databases: 32, row count: 140137, size: 3.5 MB Found table mysql.db with 3 records Found table mysql.host with 0 records Found table mysql.user with 7 records Found table mysql.roles_mapping with 0 records Found table mysql.func with 0 records Found table mysql.plugin with 0 records Found table mysql.servers with 0 records Found table mysql.tables_priv with 0 records Found table mysql.columns_priv with 0 records Found table mysql.help_topic with 508 records Found table mysql.help_category with 39 records Found table mysql.help_relation with 1028 records Found table mysql.help_keyword with 464 records Found table mysql.time_zone_name with 1823 records Found table mysql.time_zone with 1823 records Found table mysql.time_zone_leap_second with 0 records Found table mysql.proc with 2 records Found table mysql.procs_priv with 0 records Found table mysql.general_log with 2 records Found table mysql.slow_log with 2 records Found table mysql.event with 0 records Found table mysql.innodb_table_stats with 7 records Found table mysql.innodb_index_stats with 35 records Found table mysql.transaction_registry with 0 records Found table mysql.proxies_priv with 2 records Found table mysql.table_stats with 0 records Found table mysql.column_stats with 0 records Found table mysql.index_stats with 0 records Found table mysql.gtid_slave_pos with 0 records Found table mysql.time_zone_transition with 124439 records Found table mysql.time_zone_transition_type with 9951 records Found table Z_README_TO_RECOVER.RECOVER_YOUR_DATA with 2 records
Severity: critical
Fingerprint: cf350410ecceb5fd4e16ce54303e713b49485481671a22b1ca8e0cdf3dedb723
Databases: 37, row count: 141796, size: 3.7 MB Found table mysql.db with 3 records Found table mysql.host with 0 records Found table mysql.user with 7 records Found table mysql.roles_mapping with 0 records Found table mysql.func with 0 records Found table mysql.plugin with 0 records Found table mysql.servers with 0 records Found table mysql.tables_priv with 0 records Found table mysql.columns_priv with 0 records Found table mysql.help_topic with 508 records Found table mysql.help_category with 39 records Found table mysql.help_relation with 1028 records Found table mysql.help_keyword with 464 records Found table mysql.time_zone_name with 1823 records Found table mysql.time_zone with 1823 records Found table mysql.time_zone_leap_second with 0 records Found table mysql.proc with 2 records Found table mysql.procs_priv with 0 records Found table mysql.general_log with 2 records Found table mysql.slow_log with 2 records Found table mysql.event with 0 records Found table mysql.innodb_table_stats with 7 records Found table mysql.innodb_index_stats with 35 records Found table mysql.transaction_registry with 0 records Found table mysql.proxies_priv with 2 records Found table mysql.table_stats with 0 records Found table mysql.column_stats with 0 records Found table mysql.index_stats with 0 records Found table mysql.gtid_slave_pos with 0 records Found table mysql.time_zone_transition with 124439 records Found table mysql.time_zone_transition_type with 9951 records Found table Z_README_TO_RECOVER.RECOVER_YOUR_DATA with 2 records Found table sdvx.MusicType with 0 records Found table sdvx.User with 4 records Found table sdvx.Grade with 0 records Found table sdvx.Score with 0 records Found table sdvx.Music with 1655 records
Open service 121.136.251.155:5000
2024-06-14 18:13
HTTP/1.1 200 OK Server: nginx Date: Fri, 14 Jun 2024 18:13:41 GMT Content-Type: text/html; charset="UTF-8" Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Cache-control: no-store X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Content-Security-Policy: base-uri 'self'; connect-src data: ws: wss: *; default-src 'self' 'unsafe-eval' data: blob: https://*.synology.com https://www.synology.cn/ https://help.synology.cn/; font-src 'self' data: https://*.googleapis.com https://*.gstatic.com; form-action 'self'; frame-ancestors 'self' https://gofile.me http://gofile.me; frame-src 'self' data: blob: https://*.synology.com https://*.synology.cn http://*.synology.com http://*.synology.cn; img-src 'self' data: blob: https://*.google.com https://*.googleapis.com http://*.googlecode.com https://*.gstatic.com; media-src 'self' data: about: https://*.synology.com https://help.synology.cn; script-src 'self' 'unsafe-eval' data: blob: https://*.synology.com https://www.synology.cn/ https://help.synology.cn https://*.google.com https://*.googleapis.com; style-src 'self' 'unsafe-inline' https://*.googleapis.com; Page title: DSM mobile - JINSERVER <!DOCTYPE HTML> <html manifest=""> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no"> <title>DSM mobile - JINSERVER</title> <link href="/scripts/sencha-touch-2.4.1/resources/css/cupertino.css?v=42218" rel="stylesheet" type="text/css"> <link href="mobile/ui/style.css?v=42218" rel="stylesheet" type="text/css"> <link rel="shortcut icon" href="webman/favicon.ico?v=42218"> <script type="text/javascript" src="webapi/entry.cgi?api=SYNO.Core.Desktop.SessionData&version=1&method=getjs_mobile&SynoToken="></script> <script type="text/javascript" src="/scripts/sencha-touch-2.4.1/touch.js?v=42218"></script> <script src="webapi/entry.cgi?api=SYNO.Core.Desktop.JSUIString&version=1&method=getjs&lang=enu&v=42218"></script> <script src="webapi/entry.cgi?api=SYNO.Core.Desktop.UIString&version=1&method=getjs&lang=enu&v=42218"></script> <script src="webapi/entry.cgi?api=SYNO.Core.Desktop.Defs&version=1&method=getjs&v=42218&SynoToken="></script> <script type="text/javascript" src="mobile/ui/mobile.js?v=42218"></script> <script type="text/javascript" src="/synoSDSjslib/webapierrorcode.js?v=42218"></script> </head> <body class="syno-mobile-body"> <div class="x-mask x-loading-mask syno-mask" id="syno-mobile-preinit-mask" style="width:100%; height: 100%;"> <div class="syno-mask-ct" id="syno-mask-ct"> <div class="syno-mask-inner" id="syno-mask-loading"> <div class="syno-loading-icon"></div> <div class="syno-message x-mask-message syno-mask-message">Loading...</div> </div> <div id="syno-non-admin-redirect" style="visibility: hidden;"> <div class="syno-upper-part"><span id="syno-non-admin-redirect-desc"></span></div> <div class="syno-lower-part"><a id="syno-non-admin-redirect-button" class="x-syno-button" href="/?forceDesktop=2"></a></div> </div> </div> </div> </body> </html>
Open service 121.136.251.155:3306
2024-06-11 20:52
MySQL detected
Open service 121.136.251.155:3306
2024-06-09 21:41
MySQL detected
Open service 121.136.251.155:3306
2024-06-07 21:45
MySQL detected
Open service 121.136.251.155:3306
2024-06-05 21:52
MySQL detected
Open service 121.136.251.155:3306
2024-06-03 22:21
MySQL detected
Open service 121.136.251.155:3306
2024-06-02 10:41
MySQL detected
Open service 121.136.251.155:3306
2024-06-01 21:46
MySQL detected
Open service 121.136.251.155:5000
2024-05-31 22:15
HTTP/1.1 200 OK Server: nginx Date: Fri, 31 May 2024 22:15:27 GMT Content-Type: text/html; charset="UTF-8" Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Cache-control: no-store X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Content-Security-Policy: base-uri 'self'; connect-src data: ws: wss: *; default-src 'self' 'unsafe-eval' data: blob: https://*.synology.com https://www.synology.cn/ https://help.synology.cn/; font-src 'self' data: https://*.googleapis.com https://*.gstatic.com; form-action 'self'; frame-ancestors 'self' https://gofile.me http://gofile.me; frame-src 'self' data: blob: https://*.synology.com https://*.synology.cn http://*.synology.com http://*.synology.cn; img-src 'self' data: blob: https://*.google.com https://*.googleapis.com http://*.googlecode.com https://*.gstatic.com; media-src 'self' data: about: https://*.synology.com https://help.synology.cn; script-src 'self' 'unsafe-eval' data: blob: https://*.synology.com https://www.synology.cn/ https://help.synology.cn https://*.google.com https://*.googleapis.com; style-src 'self' 'unsafe-inline' https://*.googleapis.com; Page title: DSM mobile - JINSERVER <!DOCTYPE HTML> <html manifest=""> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no"> <title>DSM mobile - JINSERVER</title> <link href="/scripts/sencha-touch-2.4.1/resources/css/cupertino.css?v=42218" rel="stylesheet" type="text/css"> <link href="mobile/ui/style.css?v=42218" rel="stylesheet" type="text/css"> <link rel="shortcut icon" href="webman/favicon.ico?v=42218"> <script type="text/javascript" src="webapi/entry.cgi?api=SYNO.Core.Desktop.SessionData&version=1&method=getjs_mobile&SynoToken="></script> <script type="text/javascript" src="/scripts/sencha-touch-2.4.1/touch.js?v=42218"></script> <script src="webapi/entry.cgi?api=SYNO.Core.Desktop.JSUIString&version=1&method=getjs&lang=enu&v=42218"></script> <script src="webapi/entry.cgi?api=SYNO.Core.Desktop.UIString&version=1&method=getjs&lang=enu&v=42218"></script> <script src="webapi/entry.cgi?api=SYNO.Core.Desktop.Defs&version=1&method=getjs&v=42218&SynoToken="></script> <script type="text/javascript" src="mobile/ui/mobile.js?v=42218"></script> <script type="text/javascript" src="/synoSDSjslib/webapierrorcode.js?v=42218"></script> </head> <body class="syno-mobile-body"> <div class="x-mask x-loading-mask syno-mask" id="syno-mobile-preinit-mask" style="width:100%; height: 100%;"> <div class="syno-mask-ct" id="syno-mask-ct"> <div class="syno-mask-inner" id="syno-mask-loading"> <div class="syno-loading-icon"></div> <div class="syno-message x-mask-message syno-mask-message">Loading...</div> </div> <div id="syno-non-admin-redirect" style="visibility: hidden;"> <div class="syno-upper-part"><span id="syno-non-admin-redirect-desc"></span></div> <div class="syno-lower-part"><a id="syno-non-admin-redirect-button" class="x-syno-button" href="/?forceDesktop=2"></a></div> </div> </div> </div> </body> </html>
Open service 121.136.251.155:3306
2024-05-31 20:19
MySQL detected
Open service 121.136.251.155:3306
2024-05-29 20:54
MySQL detected
Open service 121.136.251.155:3306
2024-05-28 22:54
MySQL detected
Open service 121.136.251.155:3306
2024-05-27 21:41
MySQL detected
Open service 121.136.251.155:5000
2024-05-27 16:35
HTTP/1.1 200 OK Server: nginx Date: Mon, 27 May 2024 16:35:44 GMT Content-Type: text/html; charset="UTF-8" Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Cache-control: no-store X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Content-Security-Policy: base-uri 'self'; connect-src data: ws: wss: *; default-src 'self' 'unsafe-eval' data: blob: https://*.synology.com https://www.synology.cn/ https://help.synology.cn/; font-src 'self' data: https://*.googleapis.com https://*.gstatic.com; form-action 'self'; frame-ancestors 'self' https://gofile.me http://gofile.me; frame-src 'self' data: blob: https://*.synology.com https://*.synology.cn http://*.synology.com http://*.synology.cn; img-src 'self' data: blob: https://*.google.com https://*.googleapis.com http://*.googlecode.com https://*.gstatic.com; media-src 'self' data: about: https://*.synology.com https://help.synology.cn; script-src 'self' 'unsafe-eval' data: blob: https://*.synology.com https://www.synology.cn/ https://help.synology.cn https://*.google.com https://*.googleapis.com; style-src 'self' 'unsafe-inline' https://*.googleapis.com; Page title: DSM mobile - JINSERVER <!DOCTYPE HTML> <html manifest=""> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no"> <title>DSM mobile - JINSERVER</title> <link href="/scripts/sencha-touch-2.4.1/resources/css/cupertino.css?v=42218" rel="stylesheet" type="text/css"> <link href="mobile/ui/style.css?v=42218" rel="stylesheet" type="text/css"> <link rel="shortcut icon" href="webman/favicon.ico?v=42218"> <script type="text/javascript" src="webapi/entry.cgi?api=SYNO.Core.Desktop.SessionData&version=1&method=getjs_mobile&SynoToken="></script> <script type="text/javascript" src="/scripts/sencha-touch-2.4.1/touch.js?v=42218"></script> <script src="webapi/entry.cgi?api=SYNO.Core.Desktop.JSUIString&version=1&method=getjs&lang=enu&v=42218"></script> <script src="webapi/entry.cgi?api=SYNO.Core.Desktop.UIString&version=1&method=getjs&lang=enu&v=42218"></script> <script src="webapi/entry.cgi?api=SYNO.Core.Desktop.Defs&version=1&method=getjs&v=42218&SynoToken="></script> <script type="text/javascript" src="mobile/ui/mobile.js?v=42218"></script> <script type="text/javascript" src="/synoSDSjslib/webapierrorcode.js?v=42218"></script> </head> <body class="syno-mobile-body"> <div class="x-mask x-loading-mask syno-mask" id="syno-mobile-preinit-mask" style="width:100%; height: 100%;"> <div class="syno-mask-ct" id="syno-mask-ct"> <div class="syno-mask-inner" id="syno-mask-loading"> <div class="syno-loading-icon"></div> <div class="syno-message x-mask-message syno-mask-message">Loading...</div> </div> <div id="syno-non-admin-redirect" style="visibility: hidden;"> <div class="syno-upper-part"><span id="syno-non-admin-redirect-desc"></span></div> <div class="syno-lower-part"><a id="syno-non-admin-redirect-button" class="x-syno-button" href="/?forceDesktop=2"></a></div> </div> </div> </div> </body> </html>