LeakIX - Host 139.224.198.199

Host 139.224.198.199

China

Hangzhou Alibaba Advertising Co.,Ltd.

Linux x86_64

Software information

nginx nginx

tcp/8004

MySQL is publicly available

MySQL is currently open without authentication.

This results in all the database data made available publicly.

IP: 139.224.198.199
Port: 8000

First seen 2024-05-24 01:44
Last seen 2024-11-10 00:37
Open for 169 days

Severity: medium
Fingerprint: cf350410ecceb5fd5a68bcd05ed0757f20c5c933eb6ac339a7e2377ff780ee13

Databases: 27, row count: 24, size: 52.0 kB
Found table mysql.columns_priv with 0 records
Found table mysql.db with 2 records
Found table mysql.event with 0 records
Found table mysql.func with 0 records
Found table mysql.general_log with 0 records
Found table mysql.help_category with 0 records
Found table mysql.help_keyword with 0 records
Found table mysql.help_relation with 0 records
Found table mysql.help_topic with 0 records
Found table mysql.host with 0 records
Found table mysql.ndb_binlog_index with 0 records
Found table mysql.plugin with 0 records
Found table mysql.proc with 0 records
Found table mysql.procs_priv with 0 records
Found table mysql.proxies_priv with 2 records
Found table mysql.servers with 0 records
Found table mysql.slow_log with 0 records
Found table mysql.tables_priv with 0 records
Found table mysql.time_zone with 0 records
Found table mysql.time_zone_leap_second with 0 records
Found table mysql.time_zone_name with 0 records
Found table mysql.time_zone_transition with 0 records
Found table mysql.time_zone_transition_type with 0 records
Found table mysql.user with 7 records
Found table test.student with 9 records
Found table test.test_pymysql with 0 records
Found table test1.student with 4 records

Found on 2024-11-10 00:37

52.0 kBytes 24 rows

Severity: medium
Fingerprint: cf350410ecceb5fda062878e470208ad5fd103a5f2e8be639891884172f805db

Databases: 27, row count: 26, size: 52.0 kB
Found table mysql.columns_priv with 0 records
Found table mysql.db with 2 records
Found table mysql.event with 0 records
Found table mysql.func with 0 records
Found table mysql.general_log with 0 records
Found table mysql.help_category with 0 records
Found table mysql.help_keyword with 0 records
Found table mysql.help_relation with 0 records
Found table mysql.help_topic with 0 records
Found table mysql.host with 0 records
Found table mysql.ndb_binlog_index with 0 records
Found table mysql.plugin with 0 records
Found table mysql.proc with 0 records
Found table mysql.procs_priv with 0 records
Found table mysql.proxies_priv with 2 records
Found table mysql.servers with 0 records
Found table mysql.slow_log with 2 records
Found table mysql.tables_priv with 0 records
Found table mysql.time_zone with 0 records
Found table mysql.time_zone_leap_second with 0 records
Found table mysql.time_zone_name with 0 records
Found table mysql.time_zone_transition with 0 records
Found table mysql.time_zone_transition_type with 0 records
Found table mysql.user with 7 records
Found table test.student with 9 records
Found table test.test_pymysql with 0 records
Found table test1.student with 4 records

Found on 2024-07-29 21:15

52.0 kBytes 26 rows

Severity: medium
Fingerprint: cf350410ecceb5fddda49681247efaccd04bec4ece843b44d8764f38aa2b1dad

Databases: 27, row count: 23, size: 52.0 kB
Found table mysql.columns_priv with 0 records
Found table mysql.db with 2 records
Found table mysql.event with 0 records
Found table mysql.func with 0 records
Found table mysql.general_log with 0 records
Found table mysql.help_category with 0 records
Found table mysql.help_keyword with 0 records
Found table mysql.help_relation with 0 records
Found table mysql.help_topic with 0 records
Found table mysql.host with 0 records
Found table mysql.ndb_binlog_index with 0 records
Found table mysql.plugin with 0 records
Found table mysql.proc with 0 records
Found table mysql.procs_priv with 0 records
Found table mysql.proxies_priv with 2 records
Found table mysql.servers with 0 records
Found table mysql.slow_log with 2 records
Found table mysql.tables_priv with 0 records
Found table mysql.time_zone with 0 records
Found table mysql.time_zone_leap_second with 0 records
Found table mysql.time_zone_name with 0 records
Found table mysql.time_zone_transition with 0 records
Found table mysql.time_zone_transition_type with 0 records
Found table mysql.user with 7 records
Found table test.student with 9 records
Found table test.test_pymysql with 0 records
Found table test1.student with 1 records

Found on 2024-05-24 01:44

52.0 kBytes 23 rows

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 139.224.198.199
Port: 8001
URL: http://139.224.198.199:8001

First seen 2023-05-03 13:48
Last seen 2023-05-23 03:49
Open for 19 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c81c345f781c345f7f860bff9df08159ad3cd527a0e094084
```
Found 32 files trough .DS_Store spidering:

/assets
/Dockerfile
/footer.php
/header.php
/inc
/index.php
/install.php
/LICENSE
/pkxss
/README.md
/test
/test/phpinfo.txt
/test/ser.php
/test/test.php
/test/yijuhua.txt
/vul
/vul/burteforce
/vul/csrf
/vul/dir
/vul/fileinclude
/vul/infoleak
/vul/overpermission
/vul/rce
/vul/sqli
/vul/ssrf
/vul/unsafedownload
/vul/unsafeupload
/vul/unserilization
/vul/urlredirect
/vul/xss
/vul/xxe
/wiki
```
  Found on 2023-05-03 13:48
Create report
Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

IP: 139.224.198.199
Port: 8001
URL: http://139.224.198.199:8001

First seen 2023-05-03 13:48
Last seen 2023-05-23 03:49
Open for 19 days
- Severity: medium
  Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65227e39608d
```
[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/zhuifengshaonianhanlu/pikachu.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "master"]
	remote = origin
	merge = refs/heads/master
```
  Found on 2023-05-03 13:48
  
  277 Bytes
Create report

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

IP: 139.224.198.199
Port: 8004
URL: http://139.224.198.199:8004

First seen 2023-05-04 20:32
Last seen 2023-05-08 06:04
Open for 3 days

Severity: medium
Fingerprint: 2580fa947e78dd08e645819d42b7b2b2902eb81c2ff20010839dc428770148e4

HTTP/1.1 200 OK
Date: Sun, 07 May 2023 18:08:08 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 16 Dec 2015 20:43:29 GMT
ETag: "1efd-52709f5685e40"
Accept-Ranges: bytes
Content-Length: 7933
Vary: Accept-Encoding
Connection: close
Content-Type: text/html

Page title: SQL Injections[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/Audi-1/sqli-labs
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "master"]
	remote = origin
	merge = refs/heads/master

Found on 2023-05-07 18:08

260 Bytes

Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652243bd786e

[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://github.com/Audi-1/sqli-labs
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "master"]
	remote = origin
	merge = refs/heads/master

Found on 2023-05-04 20:32

260 Bytes

Create report

Open service 139.224.198.199:8000

2024-10-31 23:09
```
MySQL detected
```
Found 2024-10-31 by tcpid
Create report
Open service 139.224.198.199:8000

2024-10-30 00:50
```
MySQL detected
```
Found 2024-10-30 by tcpid
Create report

Open service 139.224.198.199:8004

2024-10-29 13:35

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Oct 2024 13:35:31 GMT
Content-Type: text/html
Content-Length: 917
Last-Modified: Sun, 14 May 2023 00:45:45 GMT
Connection: close
ETag: "64602f39-395"
Accept-Ranges: bytes

Page title: 恭喜，站点创建成功！

<!doctype html>
<html>
<head>
    <meta charset="utf-8">
    <title>恭喜，站点创建成功！</title>
    <style>
        .container {
            width: 60%;
            margin: 10% auto 0;
            background-color: #f0f0f0;
            padding: 2% 5%;
            border-radius: 10px
        }

        ul {
            padding-left: 20px;
        }

            ul li {
                line-height: 2.3
            }

        a {
            color: #20a53a
        }
    </style>
</head>
<body>
    <div class="container">
        <h1>恭喜, 站点创建成功！</h1>
        <h3>这是默认index.html，本页面由系统自动生成</h3>
        <ul>
            <li>本页面在FTP根目录下的index.html</li>
            <li>您可以修改、删除或覆盖本页面</li>
            <li>FTP相关信息，请到“面板系统后台 > FTP” 查看</li>
        </ul>
    </div>
</body>
</html>

Found 2024-10-29 by HttpPlugin

Create report

Open service 139.224.198.199:8000

2024-10-21 20:57
```
MySQL detected
```
Found 2024-10-21 by tcpid
Create report
Open service 139.224.198.199:8000

2024-10-19 22:40
```
MySQL detected
```
Found 2024-10-19 by tcpid
Create report
Open service 139.224.198.199:8000

2024-10-01 20:10
```
MySQL detected
```
Found 2024-10-01 by tcpid
Create report
Open service 139.224.198.199:8000

2024-09-27 23:12
```
MySQL detected
```
Found 2024-09-27 by tcpid
Create report

Data leak

Size

52.0 kB

Collections

Rows

Domain summary

No record

Host 139.224.198.199

China

Software information

MySQL is publicly available

MacOS file listing through .DS_Store file

Git configuration and history exposed

Git configuration and history exposed

Create report

Create report

Create report

Create report

Create report

Create report

Create report

Data leak

Domain summary