LeakIX - Host 82.157.55.8

Host 82.157.55.8

China

Shenzhen Tencent Computer Systems Company Limited

Linux x86_64

Software information

nginx nginx 1.24.0

tcp/80

MySQL is publicly available

MySQL is currently open without authentication.

Additionally a ransom note has been found in the dataset which indicates it has been compromised

This results in all the database data made available publicly.

IP: 82.157.55.8
Port: 3306

First seen 2024-01-11 17:47
Last seen 2024-06-25 23:02
Open for 166 days

Severity: critical
Fingerprint: cf350410ecceb5fdfda48c44b32bdadcaf384e7b28c1f1fdf196b96b5c8a035e

Databases: 29, row count: 141563, size: 3.8 MB
Found table README_TO_RECOVER_A.RECOVER_YOUR_DATA with 2 records
Found table mysql.columns_priv with 0 records
Found table mysql.db with 0 records
Found table mysql.event with 0 records
Found table mysql.func with 0 records
Found table mysql.general_log with 0 records
Found table mysql.help_category with 47 records
Found table mysql.help_keyword with 825 records
Found table mysql.help_relation with 1660 records
Found table mysql.help_topic with 603 records
Found table mysql.innodb_index_stats with 37 records
Found table mysql.innodb_table_stats with 4 records
Found table mysql.ndb_binlog_index with 0 records
Found table mysql.plugin with 0 records
Found table mysql.proc with 0 records
Found table mysql.procs_priv with 0 records
Found table mysql.proxies_priv with 2 records
Found table mysql.servers with 0 records
Found table mysql.slave_master_info with 0 records
Found table mysql.slave_relay_log_info with 0 records
Found table mysql.slave_worker_info with 0 records
Found table mysql.slow_log with 2 records
Found table mysql.tables_priv with 0 records
Found table mysql.time_zone with 1826 records
Found table mysql.time_zone_leap_second with 0 records
Found table mysql.time_zone_name with 1826 records
Found table mysql.time_zone_transition with 124862 records
Found table mysql.time_zone_transition_type with 9864 records
Found table mysql.user with 3 records

Found on 2024-06-25 23:02

3.8 MBytes 141563 rows

Severity: high
Fingerprint: cf350410ecceb5fdebd6b7609132601091326010913260109132601091326010
```
Databases: 1, row count: 2, size: 16.4 kB
Found table README_TO_RECOVER_A.RECOVER_YOUR_DATA with 2 records
```
Found on 2024-03-21 09:21

16.4 kBytes 2 rows

Create report

Open service 82.157.55.8:3306

2024-06-25 23:02
```
MySQL detected
```
Found one day ago by tcpid
Create report
Open service 82.157.55.8:3306

2024-06-23 23:10
```
MySQL detected
```
Found 2024-06-23 by tcpid
Create report
Open service 82.157.55.8:3306

2024-06-22 22:14
```
MySQL detected
```
Found 2024-06-22 by tcpid
Create report
Open service 82.157.55.8:22

2024-06-22 00:57
Found 2024-06-22 by SSHOpenPlugin
Create report
Open service 82.157.55.8:3306

2024-06-21 21:57
```
MySQL detected
```
Found 2024-06-21 by tcpid
Create report

Open service 82.157.55.8:80

2024-06-21 01:01

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Fri, 21 Jun 2024 01:01:51 GMT
Content-Type: text/html
Content-Length: 615
Last-Modified: Fri, 17 Nov 2023 08:19:21 GMT
Connection: close
ETag: "65572209-267"
Accept-Ranges: bytes

Page title: Welcome to nginx!

<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

Found 2024-06-21 by HttpPlugin

Create report

Open service 82.157.55.8:3306

2024-06-19 22:49
```
MySQL detected
```
Found 2024-06-19 by tcpid
Create report
Open service 82.157.55.8:3306

2024-06-17 22:37
```
MySQL detected
```
Found 2024-06-17 by tcpid
Create report
Open service 82.157.55.8:3306

2024-06-15 22:48
```
MySQL detected
```
Found 2024-06-15 by tcpid
Create report
Open service 82.157.55.8:3306

2024-06-14 19:47
```
MySQL detected
```
Found 2024-06-14 by tcpid
Create report

Open service 82.157.55.8:80

2024-06-14 04:05

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Fri, 14 Jun 2024 04:05:58 GMT
Content-Type: text/html
Content-Length: 615
Last-Modified: Fri, 17 Nov 2023 08:19:21 GMT
Connection: close
ETag: "65572209-267"
Accept-Ranges: bytes

Page title: Welcome to nginx!

<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

Found 2024-06-14 by HttpPlugin

Create report

Open service 82.157.55.8:3306

2024-06-11 21:52
```
MySQL detected
```
Found 2024-06-11 by tcpid
Create report

Data leak

Size

3.8 MB

Collections

Rows

141563

Domain summary

No record