LeakIX - Host 150.158.214.34

Host 150.158.214.34

China

Shenzhen Tencent Computer Systems Company Limited

CentOS Linux 7 (Core) 5.4.0-77-generic

MongoDB is publicly available

MongoDB is currently open without authentication.

This results in all the database data made available publicly.

IP: 150.158.214.34
Port: 27017
URL: http://150.158.214.34:27017

First seen 2022-09-06 23:31
Last seen 2024-05-08 13:48
Open for 609 days

Severity: medium
Fingerprint: 436d217a47ab4258fc75df94e9b383964ce909204e6f39da5748fae5dae2ada0

Collections: 3, document count: 2, size: 432 B
HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.
Found collection READ__ME_TO_RECOVER_YOUR_DATA.README  with 1 documents (373 B)
Found collection admin.system.version  with 1 documents (59 B)
Found collection config.system.sessions  with 0 documents (0 B)

Found on 2024-05-08 13:48

432 Bytes 2 rows

Severity: medium
Fingerprint: 436d217a47ab4258e351092676fcaae8112181c2ab02ec00e2760ed7da24a4ea

Collections: 3, document count: 4, size: 630 B
HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.
Found collection READ__ME_TO_RECOVER_YOUR_DATA.README  with 1 documents (373 B)
Found collection admin.system.version  with 1 documents (59 B)
Found collection config.system.sessions  with 2 documents (198 B)

Found on 2024-04-30 19:43

630 Bytes 4 rows

Severity: medium
Fingerprint: 436d217a47ab42587e69e0cb2efce52319e3286f62a5987dc924bef21375fe64

Collections: 3, document count: 2, size: 435 B
HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.
Found collection READ__ME_TO_RECOVER_YOUR_DATA.README  with 1 documents (376 B)
Found collection admin.system.version  with 1 documents (59 B)
Found collection config.system.sessions  with 0 documents (0 B)

Found on 2024-04-18 18:43

435 Bytes 2 rows

Severity: medium
Fingerprint: 436d217a47ab42586f5662b4b118a2b6eaab9a00c0d9753aaabc7a451deb5202

Collections: 3, document count: 4, size: 632 B
HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.
Found collection READ__ME_TO_RECOVER_YOUR_DATA.README  with 1 documents (375 B)
Found collection admin.system.version  with 1 documents (59 B)
Found collection config.system.sessions  with 2 documents (198 B)

Found on 2024-03-21 10:07

632 Bytes 4 rows

Severity: medium
Fingerprint: 436d217a47ab42586278bebdd2164f75e41e1731e8ed331b78573d5c118ff400

Collections: 3, document count: 2, size: 433 B
HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.
Found collection READ__ME_TO_RECOVER_YOUR_DATA.README  with 1 documents (374 B)
Found collection admin.system.version  with 1 documents (59 B)
Found collection config.system.sessions  with 0 documents (0 B)

Found on 2024-03-07 18:30

433 Bytes 2 rows

Severity: medium
Fingerprint: 436d217a47ab42580953838fba6a859751c7c60b3f3286611359313ea5142c76

Collections: 3, document count: 4, size: 631 B
HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.
Found collection READ__ME_TO_RECOVER_YOUR_DATA.README  with 1 documents (374 B)
Found collection admin.system.version  with 1 documents (59 B)
Found collection config.system.sessions  with 2 documents (198 B)

Found on 2024-03-06 21:08

631 Bytes 4 rows

Severity: medium
Fingerprint: 436d217a47ab4258b1985e162144de78029d6c1259632d50a2563067b850f528

Collections: 3, document count: 3, size: 532 B
HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.
Found collection READ__ME_TO_RECOVER_YOUR_DATA.README  with 1 documents (374 B)
Found collection admin.system.version  with 1 documents (59 B)
Found collection config.system.sessions  with 1 documents (99 B)

Found on 2024-01-06 22:30

532 Bytes 3 rows

Severity: medium
Fingerprint: 436d217a47ab42589d9ee9a34622f93b599be30717a4e8e5d503aa2a4b79d229

Collections: 1, document count: 0, size: 0 B
HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.
Found collection READ__ME_TO_RECOVER_YOUR_DATA.README

Found on 2024-01-05 14:30

Severity: medium
Fingerprint: 436d217a47ab4258f0714f86f8e68ac8020fa5e250d608a0a4a818777311fa04

Collections: 3, document count: 2, size: 430 B
HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.
Found collection READ__ME_TO_RECOVER_YOUR_DATA.README  with 1 documents (371 B)
Found collection admin.system.version  with 1 documents (59 B)
Found collection config.system.sessions  with 0 documents (0 B)

Found on 2023-12-11 11:37

430 Bytes 2 rows

Severity: high
Fingerprint: 436d217a47ab4258a6ae427ffe2243278355775b98c1417191f78b0e68cd74f2

Collections: 3, document count: 4, size: 2.3 kB
HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.
Found collection READ_ME_TO_RECOVER_YOUR_DATA.README  with 3 documents (2.2 kB)
Found collection admin.system.version  with 1 documents (59 B)
Found collection config.system.sessions  with 0 documents (0 B)

Found on 2023-09-13 17:20

2.3 kBytes 4 rows

Severity: high
Fingerprint: 436d217a47ab4258ba43480248d5aee47a7ea0860d61fd4c4b023f8ba35d12e8

Collections: 3, document count: 8, size: 5.3 kB
HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.
Found collection READ_ME_TO_RECOVER_YOUR_DATA.README  with 7 documents (5.2 kB)
Found collection admin.system.version  with 1 documents (59 B)
Found collection config.system.sessions  with 0 documents (0 B)

Found on 2023-09-03 13:24

5.3 kBytes 8 rows

Severity: high
Fingerprint: 436d217a47ab4258af24c8dec51224a0ffd0007a9c3262a885b5efcf57f4e91e

Collections: 3, document count: 2, size: 782 B
HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.
Found collection READ_ME_TO_RECOVER_YOUR_DATA.README  with 1 documents (723 B)
Found collection admin.system.version  with 1 documents (59 B)
Found collection config.system.sessions  with 0 documents (0 B)

Found on 2023-08-23 00:17

782 Bytes 2 rows

Severity: high
Fingerprint: 436d217a47ab4258aebaed72f0c22c3403dcf9d6abaabd1c4c8598db408f3b68

Collections: 3, document count: 2, size: 504 B
HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.
Found collection READ_ME_TO_RECOVER_DATA.READ_ME_TO_RECOVER_DATA  with 1 documents (445 B)
Found collection admin.system.version  with 1 documents (59 B)
Found collection config.system.sessions  with 0 documents (0 B)

Found on 2023-08-21 07:25

504 Bytes 2 rows

Severity: high
Fingerprint: 436d217a47ab425883076b8699de7ec829e3c1e2adb0a4a0b72114773fe337d1

Collections: 3, document count: 2, size: 805 B
HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.
Found collection READ_ME_TO_RECOVER_YOUR_DATA.README  with 1 documents (746 B)
Found collection admin.system.version  with 1 documents (59 B)
Found collection config.system.sessions  with 0 documents (0 B)

Found on 2023-08-15 19:03

805 Bytes 2 rows

Severity: medium
Fingerprint: 436d217a47ab42589d9ee9a36a9b1d876a9b1d876a9b1d876a9b1d876a9b1d87
```
Collections: 1, document count: 0, size: 0 B
Found collection READ__ME_TO_RECOVER_YOUR_DATA.README 
```
Found on 2022-10-03 08:17
Severity: high
Fingerprint: 436d217a47ab42589d9ee9a34c043ff64c043ff64c043ff64c043ff64c043ff6
```
Collections: 1, document count: 0, size: 0 B
Found collection READ_ME_TO_RECOVER_YOUR_DATA.README 
```
Found on 2022-09-06 23:31

Create report

Docker registry is public

The docker registry is public and could contain private production images.

This could result in both credentials and source code leak.

IP: 150.158.214.34
Port: 5000
URL: http://150.158.214.34:5000

First seen 2023-05-06 07:49
Last seen 2024-04-28 18:44
Open for 358 days
- Fingerprint: be48c9b1d75b7b1036779b4d9421588e540d8ba6540d8ba6540d8ba6540d8ba6
```
Found 2 image(s) in docker registry:
demo : 1 tags
demo1 : 1 tags
```
  Found on 2024-04-28 18:44
- Fingerprint: be48c9b1d75b7b1036779b4d4f53dae2aa4579064d52c0cc5965c42e57a2768f
```
Found 2 image(s) in docker registry:
HTTP/1.1 200 OK
Cache-Control: no-cache
Date: Sat, 06 May 2023 07:49:29 GMT
Content-Length: 0
Connection: close


demo : 1 tags
demo1 : 1 tags
```
  Found on 2023-05-06 07:49
Create report
ElasticSearch is publicly available

Elasticsearch and/or Kibana is currently open without authentication.

Additionaly a ransom note has been found in the dataset which indicates it has been compromised

This results in all the database data made available publicly.

IP: 150.158.214.34
Port: 9200
URL: http://150.158.214.34:9200

First seen 2023-08-08 22:43
Last seen 2023-09-28 21:30
Open for 50 days
- Severity: high
  Fingerprint: 831cb76b8e05df4637d06541a27ad47fa27ad47fa27ad47fa27ad47fa27ad47f
```
Indices: 1, document count: 1, size: 4.0 kB
Found index read-me with 1 documents (4.0 kB)
```
  Found on 2023-09-28 21:30
  
  4.0 kBytes 1 rows
- Severity: high
  Fingerprint: 831cb76b8e05df46cae9690c22b984c722b984c722b984c722b984c722b984c7
```
Indices: 1, document count: 1, size: 4.3 kB
Found index read-me with 1 documents (4.3 kB)
```
  Found on 2023-08-08 22:43
  
  4.3 kBytes 1 rows
Create report
Kafka instance is public

The Kafka instance is available to the public without authentication.

An attacker could connect to the queue to extract private/confidential information in real-time.

IP: 150.158.214.34
Port: 9092

First seen 2023-05-06 16:12
Last seen 2023-05-18 04:11
Open for 11 days
- Fingerprint: 43224224eeda9da960defeaa7f7df45830d1f82d01f10d948dce81748dce8174
```
NoAuth
Found topic itheima-topic
Found topic article.es.sync.topic
Found topic wm.news.up.or.down.topic
Found topic __consumer_offsets
```
  Found on 2023-05-18 04:11
- Fingerprint: 43224224eeda9da960defeaa0efe442aaabc0cd8a93949add98eb714d98eb714
```
NoAuth
Found topic __consumer_offsets
Found topic itheima-topic
Found topic article.es.sync.topic
Found topic wm.news.up.or.down.topic
```
  Found on 2023-05-06 16:12
Create report

Open service 150.158.214.34:27017

2024-05-08 13:48

HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.

Found 2024-05-08 by HttpPlugin

Create report

Open service 150.158.214.34:27017

2024-04-30 19:43

HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.

Found 2024-04-30 by HttpPlugin

Create report

Open service 150.158.214.34:5000

2024-04-28 18:44

HTTP/1.1 200 OK
Cache-Control: no-cache
Date: Sun, 28 Apr 2024 18:45:01 GMT
Content-Length: 0
Connection: close

Found 2024-04-28 by HttpPlugin

Create report

Open service 150.158.214.34:27017

2024-04-28 18:41

HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.

Found 2024-04-28 by HttpPlugin

Create report

Open service 150.158.214.34:27017

2024-04-26 05:04

HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.

Found 2024-04-26 by HttpPlugin

Create report

Open service 150.158.214.34:3307

2024-04-25 18:47
```
MySQL detected
```
Found 2024-04-25 by tcpid
Create report

Open service 150.158.214.34:5000

2024-04-25 07:45

HTTP/1.1 200 OK
Cache-Control: no-cache
Date: Thu, 25 Apr 2024 07:45:16 GMT
Content-Length: 0
Connection: close

Found 2024-04-25 by HttpPlugin

Create report

Open service 150.158.214.34:22

2024-04-23 22:08
Found 2024-04-23 by SSHOpenPlugin
Create report

Open service 150.158.214.34:27017

2024-04-23 04:40

HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.

Found 2024-04-23 by HttpPlugin

Create report

Open service 150.158.214.34:27017

2024-04-18 18:43

HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.

Found 2024-04-18 by HttpPlugin

Create report

Open service 150.158.214.34:5000

2024-04-18 18:22

HTTP/1.1 200 OK
Cache-Control: no-cache
Date: Thu, 18 Apr 2024 18:22:26 GMT
Content-Length: 0
Connection: close

Found 2024-04-18 by HttpPlugin

Create report

Data leak

Size

5.3 kB

Collections

Rows

Domain summary

No record

Host 150.158.214.34

China

MongoDB is publicly available

Docker registry is public

ElasticSearch is publicly available

Kafka instance is public

Data leak

Domain summary