LeakIX - Host 62.234.15.170

Host 62.234.15.170

China

Shenzhen Tencent Computer Systems Company Limited

Ubuntu 20.04.4 LTS 3.10.0-1160.99.1.el7.x86_64

Software information

nginx nginx 1.10.3

tcp/80

MongoDB is publicly available

MongoDB is currently open without authentication.

This results in all the database data made available publicly.

IP: 62.234.15.170
Port: 27017
URL: http://62.234.15.170:27017

First seen 2024-01-18 00:11
Last seen 2024-05-12 18:44
Open for 115 days

Severity: medium
Fingerprint: 436d217a47ab4258945cb0208ddc1232640255d4a52f35e64c328d191bb6b855

Collections: 4, document count: 5, size: 1.5 kB
HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.
Found collection READ__ME_TO_RECOVER_YOUR_DATA.README  with 1 documents (373 B)
Found collection admin.system.users  with 2 documents (1.0 kB)
Found collection admin.system.version  with 2 documents (104 B)
Found collection config.system.sessions  with 0 documents (0 B)

Found on 2024-05-12 18:44

1.5 kBytes 5 rows

Severity: medium
Fingerprint: 436d217a47ab4258945cb0208ddc1232640255d4a52f35e64c328d19f94ddb1b

Collections: 4, document count: 5, size: 1.5 kB
HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.
Found collection READ__ME_TO_RECOVER_YOUR_DATA.README  with 1 documents (371 B)
Found collection admin.system.users  with 2 documents (1.0 kB)
Found collection admin.system.version  with 2 documents (104 B)
Found collection config.system.sessions  with 0 documents (0 B)

Found on 2024-05-08 13:36

1.5 kBytes 5 rows

Severity: medium
Fingerprint: 436d217a47ab425832f932644828db46ba606d501f3a824a8b822cd51013d0b5

Collections: 4, document count: 7, size: 1.7 kB
HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.
Found collection READ__ME_TO_RECOVER_YOUR_DATA.README  with 1 documents (373 B)
Found collection admin.system.users  with 2 documents (1.0 kB)
Found collection admin.system.version  with 2 documents (104 B)
Found collection config.system.sessions  with 2 documents (198 B)

Found on 2024-04-28 18:48

1.7 kBytes 7 rows

Severity: medium
Fingerprint: 436d217a47ab425832f932644828db46ba606d501f3a824a8b822cd542c76006

Collections: 4, document count: 7, size: 1.7 kB
HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.
Found collection READ__ME_TO_RECOVER_YOUR_DATA.README  with 1 documents (376 B)
Found collection admin.system.users  with 2 documents (1.0 kB)
Found collection admin.system.version  with 2 documents (104 B)
Found collection config.system.sessions  with 2 documents (198 B)

Found on 2024-04-18 18:43

1.7 kBytes 7 rows

Severity: medium
Fingerprint: 436d217a47ab4258945cb0208ddc1232640255d4a52f35e64c328d1904fead36

Collections: 4, document count: 5, size: 1.5 kB
HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.
Found collection READ__ME_TO_RECOVER_YOUR_DATA.README  with 1 documents (376 B)
Found collection admin.system.users  with 2 documents (1.0 kB)
Found collection admin.system.version  with 2 documents (104 B)
Found collection config.system.sessions  with 0 documents (0 B)

Found on 2024-04-10 14:02

1.5 kBytes 5 rows

Severity: medium
Fingerprint: 436d217a47ab4258945cb0208ddc1232640255d4a52f35e64c328d191f13f547

Collections: 4, document count: 5, size: 1.5 kB
HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.
Found collection READ__ME_TO_RECOVER_YOUR_DATA.README  with 1 documents (375 B)
Found collection admin.system.users  with 2 documents (1.0 kB)
Found collection admin.system.version  with 2 documents (104 B)
Found collection config.system.sessions  with 0 documents (0 B)

Found on 2024-03-21 09:46

1.5 kBytes 5 rows

Severity: medium
Fingerprint: 436d217a47ab4258945cb0208ddc1232640255d4a52f35e64c328d195c6add34

Collections: 4, document count: 5, size: 1.5 kB
HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.
Found collection READ__ME_TO_RECOVER_YOUR_DATA.README  with 1 documents (374 B)
Found collection admin.system.users  with 2 documents (1.0 kB)
Found collection admin.system.version  with 2 documents (104 B)
Found collection config.system.sessions  with 0 documents (0 B)

Found on 2024-03-08 04:22

1.5 kBytes 5 rows

Severity: medium
Fingerprint: 436d217a47ab425837cb90e89f1fd99a64de6a7c4b73985ecd5f72a1ec679e3d

Collections: 4, document count: 11, size: 2.1 kB
HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.
Found collection READ__ME_TO_RECOVER_YOUR_DATA.README  with 1 documents (373 B)
Found collection admin.system.users  with 2 documents (1.0 kB)
Found collection admin.system.version  with 2 documents (104 B)
Found collection config.system.sessions  with 6 documents (594 B)

Found on 2024-02-20 04:43

2.1 kBytes 11 rows

Severity: medium
Fingerprint: 436d217a47ab425832f932644828db46ba606d501f3a824a8b822cd5d74514f8

Collections: 4, document count: 7, size: 1.7 kB
HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.
Found collection READ__ME_TO_RECOVER_YOUR_DATA.README  with 1 documents (374 B)
Found collection admin.system.users  with 2 documents (1.0 kB)
Found collection admin.system.version  with 2 documents (104 B)
Found collection config.system.sessions  with 2 documents (198 B)

Found on 2024-02-15 18:43

1.7 kBytes 7 rows

Severity: medium
Fingerprint: 436d217a47ab42580f29dfa0c96b74b24f1d4554bd5f7566aed97899088347f2

Collections: 3, document count: 5, size: 730 B
HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.
Found collection READ__ME_TO_RECOVER_YOUR_DATA.README  with 1 documents (374 B)
Found collection admin.system.version  with 1 documents (59 B)
Found collection config.system.sessions  with 3 documents (297 B)

Found on 2024-01-18 00:11

730 Bytes 5 rows

Create report

ElasticSearch is publicly available

Elasticsearch and/or Kibana is currently open without authentication.

This results in all the database data made available publicly.

IP: 62.234.15.170
Port: 5601
URL: http://62.234.15.170:5601

First seen 2024-01-26 03:39

Severity: high
Fingerprint: 831cb76b8e05df463e5fec6557b137c7644245471e670897537f5ba5ff30c38e

Indices: 10, document count: 4302, size: 54.5 MB
Through Kibana endpoint
Found index .geoip_databases with 43 documents (45.5 MB)
Found index .kibana_task_manager_7.17.3_001 with 17 documents (4.3 MB)
Found index zeno_index with 1 documents (3.9 kB)
Found index .apm-custom-link with 0 documents (226 B)
Found index mall-debug-2024.01.25 with 2878 documents (869.5 kB)
Found index .apm-agent-configuration with 0 documents (226 B)
Found index pms with 35 documents (22.2 kB)
Found index .async-search with 0 documents (252 B)
Found index .kibana_7.17.3_001 with 1322 documents (3.7 MB)
Found index .tasks with 6 documents (35.9 kB)

Found on 2024-01-26 03:39

54.5 MBytes 4302 rows

Create report

ElasticSearch is publicly available

Elasticsearch and/or Kibana is currently open without authentication.

Additionaly a ransom note has been found in the dataset which indicates it has been compromised

This results in all the database data made available publicly.

IP: 62.234.15.170
Port: 9200
URL: http://62.234.15.170:9200

First seen 2023-07-27 23:04
- Severity: high
  Fingerprint: 831cb76b8e05df46e56998eb7b87b42303d6f90a03d6f90a03d6f90a03d6f90a
```
Indices: 2, document count: 43, size: 45.0 MB
Found index .geoip_databases with 42 documents (45.0 MB)
Found index read_me with 1 documents (4.5 kB)
```
  Found on 2023-07-27 23:04
  
  45.0 MBytes 43 rows
Create report

Open service 62.234.15.170:27017

2024-05-12 18:44

HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.

Found 2 days ago by HttpPlugin

Create report

Open service 62.234.15.170:27017

2024-05-08 13:36

HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.

Found 2024-05-08 by HttpPlugin

Create report

Open service 62.234.15.170:27017

2024-04-30 20:00

HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.

Found 2024-04-30 by HttpPlugin

Create report

Open service 62.234.15.170:27017

2024-04-28 18:48

HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.

Found 2024-04-28 by HttpPlugin

Create report

Open service 62.234.15.170:27017

2024-04-26 04:48

HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.

Found 2024-04-26 by HttpPlugin

Create report

Open service 62.234.15.170:3306

2024-04-25 19:53
```
MySQL detected
```
Found 2024-04-25 by tcpid
Create report

Open service 62.234.15.170:5601

2024-04-25 02:17

HTTP/1.1 503 Service Unavailable
Retry-After: 30
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
kbn-name: 785de7d6f292
kbn-license-sig: b6b8aaeeba2890a82fdbd3938c3c5c0bac9f394f939ed5a500f0194a21fedef7
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate
content-length: 86
Date: Thu, 25 Apr 2024 02:17:58 GMT
Connection: close


{"statusCode":503,"error":"Service Unavailable","message":"License is not available."}

Found 2024-04-25 by HttpPlugin

Create report

Open service 62.234.15.170:5601

2024-04-24 08:47

HTTP/1.1 503 Service Unavailable
Retry-After: 30
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
kbn-name: 785de7d6f292
kbn-license-sig: b6b8aaeeba2890a82fdbd3938c3c5c0bac9f394f939ed5a500f0194a21fedef7
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate
content-length: 86
Date: Wed, 24 Apr 2024 08:47:19 GMT
Connection: close


{"statusCode":503,"error":"Service Unavailable","message":"License is not available."}

Found 2024-04-24 by HttpPlugin

Create report

Open service 62.234.15.170:80

2024-04-24 04:52

HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Wed, 24 Apr 2024 04:52:12 GMT
Content-Type: text/html
Content-Length: 779
Last-Modified: Mon, 22 Apr 2024 12:44:00 GMT
Connection: close
ETag: "66265b90-30b"
Accept-Ranges: bytes

Page title: CRMEB

<!DOCTYPE html><html lang=zh-CN><head><meta charset=utf-8><meta http-equiv=X-UA-Compatible content="IE=edge"><title>CRMEB</title><script>var coverSupport = 'CSS' in window && typeof CSS.supports === 'function' && (CSS.supports('top: env(a)') || CSS.supports('top: constant(a)'))
            document.write('<meta name="viewport" content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0' + (coverSupport ? ', viewport-fit=cover' : '') + '" />')</script><link rel=stylesheet href=/static/index.2da1efab.css></head><body><noscript><strong>Please enable JavaScript to continue.</strong></noscript><div id=app></div><script src=/static/js/chunk-vendors.c2eed490.js></script><script src=/static/js/index.099c6a77.js></script></body></html>

Found 2024-04-24 by HttpPlugin

Create report

Open service 62.234.15.170:8081

2024-04-24 01:38

HTTP/1.1 404 
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
Content-Type: application/json
Transfer-Encoding: chunked
Date: Wed, 24 Apr 2024 01:38:30 GMT
Connection: close


{"timestamp":"2024-04-24 09:38:30","status":404,"error":"Not Found","message":"No message available","path":"/"}

Found 2024-04-24 by HttpPlugin

Create report

Open service 62.234.15.170:27017

2024-04-23 18:04

HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 85


It looks like you are trying to access MongoDB over HTTP on the native driver port.

Found 2024-04-23 by HttpPlugin

Create report

Open service 62.234.15.170:80 · fengshui5.wolongyayun.top

2024-04-21 01:10

HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Sun, 21 Apr 2024 01:10:08 GMT
Content-Type: text/html
Content-Length: 782
Last-Modified: Sun, 31 Mar 2024 08:41:44 GMT
Connection: close
ETag: "660921c8-30e"
Accept-Ranges: bytes

Page title: CRMEB

<!DOCTYPE html><html lang=zh-CN><head><meta charset=utf-8><meta http-equiv=X-UA-Compatible content="IE=edge"><title>CRMEB</title><script>var coverSupport = 'CSS' in window && typeof CSS.supports === 'function' && (CSS.supports('top: env(a)') || CSS.supports('top: constant(a)'))
            document.write('<meta name="viewport" content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0' + (coverSupport ? ', viewport-fit=cover' : '') + '" />')</script><link rel=stylesheet href=./static/index.2da1efab.css></head><body><noscript><strong>Please enable JavaScript to continue.</strong></noscript><div id=app></div><script src=./static/js/chunk-vendors.6b15e97e.js></script><script src=./static/js/index.73d7244d.js></script></body></html>

Found 2024-04-21 by HttpPlugin

Create report

Data leak

Size

54.5 MB

Collections

Rows

4302

Domain summary

fengshui5.wolongyayun.top 0

1 recorded