LeakIX - Host 43.143.207.220

Host 43.143.207.220

China

Shenzhen Tencent Computer Systems Company Limited

Linux x86_64

Software information

nginx nginx 1.10.1

tcp/80

MySQL is publicly available

MySQL is currently open without authentication.

Additionally a ransom note has been found in the dataset which indicates it has been compromised

This results in all the database data made available publicly.

IP: 43.143.207.220
Port: 3306

First seen 2024-03-02 01:34
Last seen 2024-05-12 18:24
Open for 71 days

Severity: critical
Fingerprint: cf350410ecceb5fd383542f467e5f16c2b634e0b6ddcaf5f85e8848d3864a2c2

Databases: 29, row count: 3152, size: 907.4 kB
Found table README_TO_RECOVER_A.RECOVER_YOUR_DATA with 2 records
Found table mysql.columns_priv with 0 records
Found table mysql.db with 2 records
Found table mysql.event with 0 records
Found table mysql.func with 0 records
Found table mysql.general_log with 2 records
Found table mysql.help_category with 47 records
Found table mysql.help_keyword with 825 records
Found table mysql.help_relation with 1660 records
Found table mysql.help_topic with 603 records
Found table mysql.innodb_index_stats with 0 records
Found table mysql.innodb_table_stats with 0 records
Found table mysql.ndb_binlog_index with 0 records
Found table mysql.plugin with 0 records
Found table mysql.proc with 0 records
Found table mysql.procs_priv with 0 records
Found table mysql.proxies_priv with 2 records
Found table mysql.servers with 0 records
Found table mysql.slave_master_info with 0 records
Found table mysql.slave_relay_log_info with 0 records
Found table mysql.slave_worker_info with 0 records
Found table mysql.slow_log with 2 records
Found table mysql.tables_priv with 0 records
Found table mysql.time_zone with 0 records
Found table mysql.time_zone_leap_second with 0 records
Found table mysql.time_zone_name with 0 records
Found table mysql.time_zone_transition with 0 records
Found table mysql.time_zone_transition_type with 0 records
Found table mysql.user with 7 records

Found on 2024-05-12 18:24

907.4 kBytes 3152 rows

Severity: critical
Fingerprint: cf350410ecceb5fd6869a5be561c8128c48149479d4578abc80ffa419203fcd3

Databases: 29, row count: 3151, size: 907.3 kB
Found table RECOVER_YOUR_DATA.RECOVER_YOUR_DATA with 2 records
Found table mysql.columns_priv with 0 records
Found table mysql.db with 2 records
Found table mysql.event with 0 records
Found table mysql.func with 0 records
Found table mysql.general_log with 2 records
Found table mysql.help_category with 47 records
Found table mysql.help_keyword with 825 records
Found table mysql.help_relation with 1660 records
Found table mysql.help_topic with 603 records
Found table mysql.innodb_index_stats with 0 records
Found table mysql.innodb_table_stats with 0 records
Found table mysql.ndb_binlog_index with 0 records
Found table mysql.plugin with 0 records
Found table mysql.proc with 0 records
Found table mysql.procs_priv with 0 records
Found table mysql.proxies_priv with 2 records
Found table mysql.servers with 0 records
Found table mysql.slave_master_info with 0 records
Found table mysql.slave_relay_log_info with 0 records
Found table mysql.slave_worker_info with 0 records
Found table mysql.slow_log with 2 records
Found table mysql.tables_priv with 0 records
Found table mysql.time_zone with 0 records
Found table mysql.time_zone_leap_second with 0 records
Found table mysql.time_zone_name with 0 records
Found table mysql.time_zone_transition with 0 records
Found table mysql.time_zone_transition_type with 0 records
Found table mysql.user with 6 records

Found on 2024-03-07 17:10

907.3 kBytes 3151 rows

Create report

Open service 43.143.207.220:3306

2024-05-12 18:24
```
MySQL detected
```
Found 3 days ago by tcpid
Create report
Open service 43.143.207.220:3306

2024-05-08 13:37
```
MySQL detected
```
Found 2024-05-08 by tcpid
Create report
Open service 43.143.207.220:3306

2024-04-30 19:46
```
MySQL detected
```
Found 2024-04-30 by tcpid
Create report
Open service 43.143.207.220:3306

2024-04-28 18:12
```
MySQL detected
```
Found 2024-04-28 by tcpid
Create report
Open service 43.143.207.220:22

2024-04-24 13:00
Found 2024-04-24 by SSHOpenPlugin
Create report

Open service 43.143.207.220:80

2024-04-23 10:30

HTTP/1.1 200 OK
Server: nginx/1.10.1
Date: Tue, 23 Apr 2024 10:30:11 GMT
Content-Type: text/html
Content-Length: 1582
Last-Modified: Fri, 22 Mar 2024 03:16:19 GMT
Connection: close
ETag: "65fcf803-62e"
Accept-Ranges: bytes

Page title: Welcome to zd!

<!DOCTYPE html>
<html>
<head>
<title>Welcome to zd!</title>
<meta charset="UTF-8"/>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to ZD!  hello world !!!! </h1>

<p>For online documentation and support please refer to
<a href="http://43.143.207.220/login1.html">login</a>.<br/>
<a href="https://www.yuanshen.com/#/">原神</a>.<br/>
<a href="https://sr.mihoyo.com/cloud/?from_channel=adbdsem#/">崩坏-星穹铁道</a>.<br/>
<a href="https://leetcode.cn/problemset/">leetcode</a>.<br/>
<a href="https://www.bilibili.com/">B站</a>.<br/>
<a href="https://cn.bing.com/">必应</a>.<br/>
<a href="https://www.google.com/">谷歌</a>.<br/>
<a href="https://www.bilibili.com/video/BV1it4y1W7D1?p=38&vd_source=bd3d961161786ecee79abd470f499e5e">redis</a>.<br/>
<a href="https://app7ulykyut1996.pc.xiaoe-tech.com/p/t_pc/course_pc_detail/camp_pro/course_2SxCS87KSTe0K0zRWQ2bU9HfbVR">手写linux内核课程视频</a>.<br/>
<a href="https://www.yuque.com/lishutong-docs/x86os/gr8cva">手写linux内核课程源码</a>.<br/>
<a href="https://www.bilibili.com/video/BV19y4y1b7Uo/?spm_id_from=333.337.search-card.all.click&vd_source=bd3d961161786ecee79abd470f499e5e">kafka消息队列</a>.<br/>
<a href="https://chat.openai.com/">Chatgpt</a>.<br/>
<a href="https://orcaterm.cloud.tencent.com/terminal?instanceId=lhins-80rbk8iw&region=ap-beijing&from=lh_console_login_btn">控制台</a>.<br/>
<p><em>Thank you for login.</em></p>
</body>
</html>

Found 2024-04-23 by HttpPlugin

Create report

Data leak

Size

907.4 kB

Collections

Rows

3152

Domain summary

No record