LeakIX - Host 221.236.22.26

Host 221.236.22.26

China

CHINANET SiChuan Telecom Internet Data Center

Linux x86_64

Software information

nginx nginx 1.25.4

tcp/81

MySQL is publicly available

MySQL is currently open without authentication.

Additionally a ransom note has been found in the dataset which indicates it has been compromised

This results in all the database data made available publicly.

IP: 221.236.22.26
Port: 3307

First seen 2024-03-02 05:43
Last seen 2024-04-28 17:50
Open for 57 days

Severity: critical
Fingerprint: cf350410ecceb5fdd6e747a256b6543189dc21993b1d6fdf3e37810dd33a90fe

Databases: 32, row count: 135993, size: 7.8 MB
Found table mysql.columns_priv with 0 records
Found table mysql.db with 2 records
Found table mysql.engine_cost with 2 records
Found table mysql.event with 0 records
Found table mysql.func with 0 records
Found table mysql.general_log with 2 records
Found table mysql.gtid_executed with 0 records
Found table mysql.help_category with 50 records
Found table mysql.help_keyword with 821 records
Found table mysql.help_relation with 2699 records
Found table mysql.help_topic with 470 records
Found table mysql.innodb_index_stats with 10 records
Found table mysql.innodb_table_stats with 3 records
Found table mysql.ndb_binlog_index with 0 records
Found table mysql.plugin with 0 records
Found table mysql.proc with 48 records
Found table mysql.procs_priv with 0 records
Found table mysql.proxies_priv with 1 records
Found table mysql.server_cost with 6 records
Found table mysql.servers with 0 records
Found table mysql.slave_master_info with 0 records
Found table mysql.slave_relay_log_info with 0 records
Found table mysql.slave_worker_info with 0 records
Found table mysql.slow_log with 2 records
Found table mysql.tables_priv with 2 records
Found table mysql.time_zone with 1815 records
Found table mysql.time_zone_leap_second with 0 records
Found table mysql.time_zone_name with 1285 records
Found table mysql.time_zone_transition with 119956 records
Found table mysql.time_zone_transition_type with 8813 records
Found table mysql.user with 4 records
Found table recover_your_data.recover_your_data with 2 records

Found on 2024-04-28 17:50

7.8 MBytes 135993 rows

Severity: critical
Fingerprint: cf350410ecceb5fddf8dbe116753631c38e17f9e59595d44ef05c11a035318ac

Databases: 72, row count: 137482, size: 8.5 MB
Found table mysql.columns_priv with 0 records
Found table mysql.db with 2 records
Found table mysql.engine_cost with 2 records
Found table mysql.event with 0 records
Found table mysql.func with 0 records
Found table mysql.general_log with 2 records
Found table mysql.gtid_executed with 0 records
Found table mysql.help_category with 50 records
Found table mysql.help_keyword with 895 records
Found table mysql.help_relation with 1747 records
Found table mysql.help_topic with 922 records
Found table mysql.innodb_index_stats with 144 records
Found table mysql.innodb_table_stats with 43 records
Found table mysql.ndb_binlog_index with 0 records
Found table mysql.plugin with 0 records
Found table mysql.proc with 48 records
Found table mysql.procs_priv with 0 records
Found table mysql.proxies_priv with 1 records
Found table mysql.server_cost with 6 records
Found table mysql.servers with 0 records
Found table mysql.slave_master_info with 0 records
Found table mysql.slave_relay_log_info with 0 records
Found table mysql.slave_worker_info with 0 records
Found table mysql.slow_log with 2 records
Found table mysql.tables_priv with 2 records
Found table mysql.time_zone with 2074 records
Found table mysql.time_zone_leap_second with 0 records
Found table mysql.time_zone_name with 2003 records
Found table mysql.time_zone_transition with 119956 records
Found table mysql.time_zone_transition_type with 9101 records
Found table mysql.user with 4 records
Found table recover_your_data.recover_your_data with 2 records
Found table ypay-pro-b2c.la_album with 0 records
Found table ypay-pro-b2c.la_album_cate with 0 records
Found table ypay-pro-b2c.la_article with 2 records
Found table ypay-pro-b2c.la_article_category with 2 records
Found table ypay-pro-b2c.la_article_collect with 0 records
Found table ypay-pro-b2c.la_channel with 15 records
Found table ypay-pro-b2c.la_channel_account with 0 records
Found table ypay-pro-b2c.la_cloud with 0 records
Found table ypay-pro-b2c.la_crontab with 6 records
Found table ypay-pro-b2c.la_decorate_page with 4 records
Found table ypay-pro-b2c.la_decorate_tabbar with 3 records
Found table ypay-pro-b2c.la_dev_pay_config with 3 records
Found table ypay-pro-b2c.la_dev_pay_way with 7 records
Found table ypay-pro-b2c.la_dict_data with 2 records
Found table ypay-pro-b2c.la_dict_type with 0 records
Found table ypay-pro-b2c.la_gen_table with 7 records
Found table ypay-pro-b2c.la_gen_table_column with 111 records
Found table ypay-pro-b2c.la_hot_search with 0 records
Found table ypay-pro-b2c.la_log_money with 3 records
Found table ypay-pro-b2c.la_navs with 4 records
Found table ypay-pro-b2c.la_notice_record with 18 records
Found table ypay-pro-b2c.la_notice_setting with 5 records
Found table ypay-pro-b2c.la_official_reply with 0 records
Found table ypay-pro-b2c.la_recharge_order with 0 records
Found table ypay-pro-b2c.la_refund_log with 0 records
Found table ypay-pro-b2c.la_refund_record with 0 records
Found table ypay-pro-b2c.la_system_auth_admin with 0 records
Found table ypay-pro-b2c.la_system_auth_dept with 0 records
Found table ypay-pro-b2c.la_system_auth_menu with 207 records
Found table ypay-pro-b2c.la_system_auth_perm with 0 records
Found table ypay-pro-b2c.la_system_auth_post with 0 records
Found table ypay-pro-b2c.la_system_auth_role with 0 records
Found table ypay-pro-b2c.la_system_config with 62 records
Found table ypay-pro-b2c.la_system_log_login with 9 records
Found table ypay-pro-b2c.la_system_log_operate with 6 records
Found table ypay-pro-b2c.la_user with 0 records
Found table ypay-pro-b2c.la_user_auth with 0 records
Found table ypay-pro-b2c.la_user_order with 0 records
Found table ypay-pro-b2c.la_userbasic with 0 records
Found table ypay-pro-b2c.la_vip with 0 records

Found on 2024-03-21 09:59

8.5 MBytes 137482 rows

Severity: critical
Fingerprint: cf350410ecceb5fd5745bdb951fa2174190fc2069039b3bcc1d61782003024cb

Databases: 72, row count: 136830, size: 8.5 MB
Found table mysql.columns_priv with 0 records
Found table mysql.db with 2 records
Found table mysql.engine_cost with 2 records
Found table mysql.event with 0 records
Found table mysql.func with 0 records
Found table mysql.general_log with 2 records
Found table mysql.gtid_executed with 0 records
Found table mysql.help_category with 50 records
Found table mysql.help_keyword with 1045 records
Found table mysql.help_relation with 1812 records
Found table mysql.help_topic with 788 records
Found table mysql.innodb_index_stats with 144 records
Found table mysql.innodb_table_stats with 43 records
Found table mysql.ndb_binlog_index with 0 records
Found table mysql.plugin with 0 records
Found table mysql.proc with 48 records
Found table mysql.procs_priv with 0 records
Found table mysql.proxies_priv with 1 records
Found table mysql.server_cost with 6 records
Found table mysql.servers with 0 records
Found table mysql.slave_master_info with 0 records
Found table mysql.slave_relay_log_info with 0 records
Found table mysql.slave_worker_info with 0 records
Found table mysql.slow_log with 2 records
Found table mysql.tables_priv with 2 records
Found table mysql.time_zone with 1443 records
Found table mysql.time_zone_leap_second with 0 records
Found table mysql.time_zone_name with 1614 records
Found table mysql.time_zone_transition with 119956 records
Found table mysql.time_zone_transition_type with 9401 records
Found table mysql.user with 4 records
Found table recover_your_data.recover_your_data with 2 records
Found table ypay-pro-b2c.la_album with 0 records
Found table ypay-pro-b2c.la_album_cate with 0 records
Found table ypay-pro-b2c.la_article with 2 records
Found table ypay-pro-b2c.la_article_category with 2 records
Found table ypay-pro-b2c.la_article_collect with 0 records
Found table ypay-pro-b2c.la_channel with 15 records
Found table ypay-pro-b2c.la_channel_account with 0 records
Found table ypay-pro-b2c.la_cloud with 0 records
Found table ypay-pro-b2c.la_crontab with 6 records
Found table ypay-pro-b2c.la_decorate_page with 4 records
Found table ypay-pro-b2c.la_decorate_tabbar with 3 records
Found table ypay-pro-b2c.la_dev_pay_config with 3 records
Found table ypay-pro-b2c.la_dev_pay_way with 7 records
Found table ypay-pro-b2c.la_dict_data with 2 records
Found table ypay-pro-b2c.la_dict_type with 0 records
Found table ypay-pro-b2c.la_gen_table with 7 records
Found table ypay-pro-b2c.la_gen_table_column with 111 records
Found table ypay-pro-b2c.la_hot_search with 0 records
Found table ypay-pro-b2c.la_log_money with 3 records
Found table ypay-pro-b2c.la_navs with 4 records
Found table ypay-pro-b2c.la_notice_record with 18 records
Found table ypay-pro-b2c.la_notice_setting with 5 records
Found table ypay-pro-b2c.la_official_reply with 0 records
Found table ypay-pro-b2c.la_recharge_order with 0 records
Found table ypay-pro-b2c.la_refund_log with 0 records
Found table ypay-pro-b2c.la_refund_record with 0 records
Found table ypay-pro-b2c.la_system_auth_admin with 0 records
Found table ypay-pro-b2c.la_system_auth_dept with 0 records
Found table ypay-pro-b2c.la_system_auth_menu with 207 records
Found table ypay-pro-b2c.la_system_auth_perm with 0 records
Found table ypay-pro-b2c.la_system_auth_post with 0 records
Found table ypay-pro-b2c.la_system_auth_role with 0 records
Found table ypay-pro-b2c.la_system_config with 62 records
Found table ypay-pro-b2c.la_system_log_login with 2 records
Found table ypay-pro-b2c.la_system_log_operate with 0 records
Found table ypay-pro-b2c.la_user with 0 records
Found table ypay-pro-b2c.la_user_auth with 0 records
Found table ypay-pro-b2c.la_user_order with 0 records
Found table ypay-pro-b2c.la_userbasic with 0 records
Found table ypay-pro-b2c.la_vip with 0 records

Found on 2024-03-08 04:13

8.5 MBytes 136830 rows

Severity: critical
Fingerprint: cf350410ecceb5fd71711c4d47f54af8e9e83d2abd9019b0df9350fe32ce8ca2

Databases: 32, row count: 136999, size: 7.8 MB
Found table mysql.columns_priv with 0 records
Found table mysql.db with 2 records
Found table mysql.engine_cost with 2 records
Found table mysql.event with 0 records
Found table mysql.func with 0 records
Found table mysql.general_log with 2 records
Found table mysql.gtid_executed with 0 records
Found table mysql.help_category with 50 records
Found table mysql.help_keyword with 839 records
Found table mysql.help_relation with 2699 records
Found table mysql.help_topic with 631 records
Found table mysql.innodb_index_stats with 10 records
Found table mysql.innodb_table_stats with 3 records
Found table mysql.ndb_binlog_index with 0 records
Found table mysql.plugin with 0 records
Found table mysql.proc with 48 records
Found table mysql.procs_priv with 0 records
Found table mysql.proxies_priv with 1 records
Found table mysql.server_cost with 6 records
Found table mysql.servers with 0 records
Found table mysql.slave_master_info with 0 records
Found table mysql.slave_relay_log_info with 0 records
Found table mysql.slave_worker_info with 0 records
Found table mysql.slow_log with 2 records
Found table mysql.tables_priv with 2 records
Found table mysql.time_zone with 1443 records
Found table mysql.time_zone_leap_second with 0 records
Found table mysql.time_zone_name with 1896 records
Found table mysql.time_zone_transition with 119956 records
Found table mysql.time_zone_transition_type with 9401 records
Found table mysql.user with 4 records
Found table recover_your_data.recover_your_data with 2 records

Found on 2024-03-02 05:43

7.8 MBytes 136999 rows

Create report

Open service 221.236.22.26:3307

2024-04-28 17:50
```
MySQL detected
```
Found 2024-04-28 by tcpid
Create report

Open service 221.236.22.26:80

2024-04-25 21:46

HTTP/1.1 404 NOTOK
Date: Sat, 31 Dec 2005 23:59:59 GMT
Content-Type: text/html;charset=GB2312
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0

Page title: ����վ���޷�����


<html><head><title>����վ���޷�����</title><style>.box{width:600;height:256;border:2px solid #eda225;margin:auto;padding:38}center p{font-size:28;color:#eda225}</style></head><body><div style="margin:100 0"><div class="box"><center><p>��ܰ��ʾ������վ���޷�����</p>(code:na9dnQmlL84jxy)</center><p>ԭ��һ�����ݡ��Ǿ�Ӫ�Ի�������Ϣ���񱸰������취��������δ���б��������롣</p><p>ԭ������������վ���ܺ�������Ϣ������ϵ��վ����Ա��</p><p>��ҳΪĬ����ʾҳ������վ�������������뼰ʱ������</p></div></div></body></html>�

Found 2024-04-25 by HttpPlugin

Create report

Open service 221.236.22.26:22

2024-04-25 14:40
Found 2024-04-25 by SSHOpenPlugin
Create report

Open service 221.236.22.26:80

2024-04-24 13:48

HTTP/1.1 404 NOTOK
Date: Sat, 31 Dec 2005 23:59:59 GMT
Content-Type: text/html;charset=GB2312
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0

Page title: ����վ���޷�����


<html><head><title>����վ���޷�����</title><style>.box{width:600;height:256;border:2px solid #eda225;margin:auto;padding:38}center p{font-size:28;color:#eda225}</style></head><body><div style="margin:100 0"><div class="box"><center><p>��ܰ��ʾ������վ���޷�����</p>(code:na9dnQmlL84jxy)</center><p>ԭ��һ�����ݡ��Ǿ�Ӫ�Ի�������Ϣ���񱸰������취��������δ���б��������롣</p><p>ԭ������������վ���ܺ�������Ϣ������ϵ��վ����Ա��</p><p>��ҳΪĬ����ʾҳ������վ�������������뼰ʱ������</p></div></div></body></html>�

Found 2024-04-24 by HttpPlugin

Create report

Open service 221.236.22.26:8082

2024-04-24 10:54

HTTP/1.1 200 
Content-Type: application/json
Transfer-Encoding: chunked
Date: Wed, 24 Apr 2024 10:53:12 GMT
Connection: close


{"code":404,"msg":"No handler found for GET /","data":[]}

Found 2024-04-24 by HttpPlugin

Create report

Open service 221.236.22.26:81

2024-04-24 02:48

HTTP/1.1 200 OK
Server: nginx/1.25.4
Date: Wed, 24 Apr 2024 02:47:26 GMT
Content-Type: text/html
Content-Length: 615
Last-Modified: Wed, 14 Feb 2024 16:03:00 GMT
Connection: close
ETag: "65cce434-267"
Accept-Ranges: bytes

Page title: Welcome to nginx!

<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

Found 2024-04-24 by HttpPlugin

Create report

Open service 221.236.22.26:21

2024-04-24 00:17

220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 08:16. Server port: 21.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
500 HTTP command: [get]

Found 2024-04-24 by FtpPlugin

Create report

Open service 221.236.22.26:22

2024-04-23 19:19
Found 2024-04-23 by SSHOpenPlugin
Create report
Open service 221.236.22.26:3307

2024-04-23 06:05
```
MySQL detected
```
Found 2024-04-23 by tcpid
Create report
Open service 221.236.22.26:3307

2024-04-10 13:56
```
MySQL detected
```
Found 2024-04-10 by tcpid
Create report

Data leak

Size

8.5 MB

Collections

Rows

137482

Domain summary

No record