+asn:"8075" -ip:"40.112.0.0/13" +events.leak.severity:"high" +ip:"104.208.0.0/13"
[core]
repositoryformatversion = 0
filemode = true
bare = false
logallrefupdates = true
[remote "origin"]
url = https://devsdh@dev.azure.com...
Found by GitConfigHttpPlugin
Indices: 3, document count: 11, size: 46.0 kB
Found index read_me with 1 documents (5.1 kB)
Found index cgi-bin with 0 documents (283 B)
Found in...
Ransom notes :
{"text":"Your DB has been back up. The only way of recovery is you must send 0.002 BTC to 127ZBzXyLJFc7ShMmzkYFDhSiXXSnR8Jfr. Once paid please email databaserestore32@onionmail.org with code: `omoRmq` and we will recover your database. please read https://cutmyurl.com/3caF8EkT for more information"}
Analysis helper :
estk --url=http://104.211.190.127 list
Found by ElasticSearchOpenPlugin
[core]
repositoryformatversion = 0
filemode = true
bare = false
logallrefupdates = true
[remote "origin"]
url = https://devsdh@dev.azure.com...
Found by GitConfigHttpPlugin
[core]
repositoryformatversion = 0
filemode = false
bare = false
logallrefupdates = true
symlinks = false
ignorecase = true
[remote "origin...
Found by GitConfigHttpPlugin
Found 83 files trough .DS_Store spidering:
/acceptDecline.php
/cache
/cache/csv
/cache/dashlets
/cache/feeds
/cache/htmlclean
/cache/images
/cac...
Found by DotDsStoreOpenPlugin
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Mon, 08 May 2023 04:37:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Co...
Found by GitConfigHttpPlugin
HTTP/1.1 200 OK
Date: Sat, 06 May 2023 13:48:59 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Powered-By: PHP/5.6.40
Set-Cookie: PHPSESSID...
Found by GitConfigHttpPlugin
Indices: 7, document count: 3886402, size: 2.8 GB
Through Kibana endpoint
Found index pcnadecorationrptviewfullstg with 3886325 documents (2.6 GB...
Analysis helper :
estk --url=http://104.211.1.200:5601 list
Found by ElasticSearchOpenPlugin
Found open SMB shares with Guest login
ADMIN$
C$
D$
E
E$
IPC$
Users
Found by SmbPlugin
HTTP/1.1 500 Internal Server Error
Date: Fri, 05 May 2023 18:16:38 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.6.40
X-Powered-By: PHP/5.6.40
Expir...
Found by GitConfigHttpPlugin
HTTP/1.1 200 OK
Date: Sun, 07 May 2023 00:08:01 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Fri, 11 Dec 2020 09:28:10 GMT
ETag: "b3c2-5b...
Found by GitConfigHttpPlugin
Indices: 2, document count: 37, size: 35.8 MB
Found index .geoip_databases with 36 documents (35.8 MB)
Found index read_me with 1 documents (4.5 ...
Ransom notes :
{"message":"All your data is backed up. You must pay 0.0063 BTC to 1tpwVPxbRNtQuzKonhzdEsJL8n562uwAr In 48 hours, your data will be publicly disclosed and deleted. (more information: go to http://iplis.ru/data05)After paying send mail to us: rambler+4lfrm@onionmail.org and we will provide a link for you to download your data. Your DBCODE is: 5LFRM"}
Analysis helper :
estk --url=http://104.210.35.150:9200 list
Found by ElasticSearchOpenPlugin
[core]
repositoryformatversion = 0
filemode = true
bare = false
logallrefupdates = true
[remote "origin"]
url = ssh://git@bitbucket.org/shal...
Found by GitConfigHttpPlugin
[core]
repositoryformatversion = 0
filemode = true
bare = false
logallrefupdates = true
[remote "origin"]
url = https://gkohli@bitbucket.org...
Found by GitConfigHttpPlugin
Found 42 files trough .DS_Store spidering:
/.git
/.quarantine
/.tmb
/apple-app-site-association
/auto_git.php
/db_backup
/git
/gitautodeploy.php...
Found by DotDsStoreOpenPlugin
[core]
repositoryformatversion = 0
filemode = true
bare = false
logallrefupdates = true
ignorecase = true
precomposeunicode = true
[remote ...
Found by GitConfigHttpPlugin
Databases: 7, row count: 9563, size: 562.5 kB
Found table kids.hxtokids_child with 7611 records
Found table kids.hxtokids_guardian with 523 recor...
Found by MysqlOpenPlugin
[core]
repositoryformatversion = 0
filemode = true
bare = false
logallrefupdates = true
[remote "origin"]
url = https://devsdh@dev.azure.com...
Found by GitConfigHttpPlugin
Found 44 files trough .DS_Store spidering:
/.well-known
/api
/api/archive
/api/classes
/api/cms
/api/lib
/api/phpthumb
/api/plist
/api/upload
/a...
Found by DotDsStoreOpenPlugin
Found open SMB shares with Guest login
ADMIN$
C$
D$
DATA
F$
IPC$
共有フォルダ
Found by SmbPlugin