+plugin:ElasticSearchOpenPlugin -ip:"124.220.0.0/14" +events.leak.severity:"medium" +country:"Hong Kong" +asn:"8075"
Indices: 1, document count: 1, size: 5.0 kB
Through Kibana endpoint
Found index read_me with 1 documents (5.0 kB)
Analysis helper :
estk --url=http://65.52.191.123:5601 list
Found by ElasticSearchOpenPlugin
Indices: 1, document count: 1, size: 5.0 kB
Found index read_me with 1 documents (5.0 kB)
Ransom notes :
{"text":"Your DB has been back up. The only way of recovery is you must send 0.0057 BTC to 127ZBzXyLJFc7ShMmzkYFDhSiXXSnR8Jfr. Once paid please email databaserestore32@onionmail.org with code: `omoRmq` and we will recover your database. please read https://cutmyurl.com/3caF8EkT for more information"}
Analysis helper :
estk --url=http://168.63.150.216:9200 list
Found by ElasticSearchOpenPlugin
Indices: 8, document count: 2055054, size: 3.3 GB
Found index pending_vpbank with 389 documents (1.6 MB)
Found index pending_momo with 1586507 do...
Ransom notes :
{"@timestamp": "2099-11-15T13:12:00", "message": "All indexs has been dropped. But we backup all indexs. The only method of recoveribing database is to pay 0.021 BTC. Transfer to this BTC address 15BdJyWiWRcNQY4xBuhJrmjqz7ZQD6zAcT . You can buy bitcoin here, does not take much time to buy https://localbitcoins.com or https://buy.moonpay.io/ . After paying write to me in the mail with your DB IP: recmydata@onionmail.org and you will receive a link to download your database dump.\n"}
Analysis helper :
estk --url=http://137.116.162.52:9200 list
Found by ElasticSearchOpenPlugin
Indices: 2, document count: 2, size: 12.7 kB
Found index .kibana_1 with 1 documents (7.6 kB)
Found index read-me with 1 documents (5.1 kB)
Ransom notes :
{"message": "Your DB has been back up. The only way of recovery is you must send 0.01 BTC to bc1qaua9cwrp0g2nqg2txn86e7k376v0xm4m0yfcfq. Once paid please email dar0kmdb@tutanota.com with code: `Y8N85w` and we will recover your database. please read https://paste.sh/u6JYxXwk#PwdBc7jVzqo9-h12zU5hyPYP for more information"}
Analysis helper :
estk --url=http://13.94.16.10:9200 list
Found by ElasticSearchOpenPlugin
Indices: 11, document count: 10, size: 63.0 kB
Through Kibana endpoint
Found index ztp with 1 documents (8.5 kB)
Found index minio with 1 documen...
Analysis helper :
estk --url=http://13.94.16.10:5601 list
Found by ElasticSearchOpenPlugin
Indices: 1, document count: 1, size: 5.0 kB
Through Kibana endpoint
Found index read_me with 1 documents (5.0 kB)
Analysis helper :
estk --url=http://168.63.150.216:5601 list
Found by ElasticSearchOpenPlugin
Indices: 1, document count: 1, size: 5.0 kB
Found index read_me with 1 documents (5.0 kB)
Ransom notes :
{"text":"Your DB has been back up. The only way of recovery is you must send 0.0057 BTC to 127ZBzXyLJFc7ShMmzkYFDhSiXXSnR8Jfr. Once paid please email databaserestore32@onionmail.org with code: `omoRmq` and we will recover your database. please read https://cutmyurl.com/3caF8EkT for more information"}
Analysis helper :
estk --url=http://65.52.191.123:9200 list
Found by ElasticSearchOpenPlugin
Indices: 11, document count: 150771, size: 101.5 MB
Found index suite-auth with 1 documents (6.5 kB)
Found index api with 1 documents (6.8 kB)
Fo...
Ransom notes :
{"@timestamp": "2099-11-15T13:12:00", "message": "All indexs has been dropped. But we backup all indexs. The only method of recoveribing database is to pay 0.01 BTC. Transfer to this BTC address 1JrA4F2fKesuqWhEph3WuGYy32ymFLtb2k . You can buy bitcoin here, does not take much time to buy https://localbitcoins.com or https://buy.moonpay.io/ . After paying write to me in the mail with your DB IP: mrsec@cock.li and you will receive a link to download your database dump.\n"}
Analysis helper :
estk --url=http://20.239.131.144:9200 list
Found by ElasticSearchOpenPlugin
Indices: 6, document count: 77, size: 199.3 MB
Found index .geoip_databases with 33 documents (35.9 MB)
Found index .kibana_7.16.3_001 with 26 do...
Ransom notes :
{"message":"All your data is backed up. You must pay 0.0057 BTC to 1tpwVPxbRNtQuzKonhzdEsJL8n562uwAr In 48 hours, your data will be publicly disclosed and deleted. (more information: go to http://iplis.ru/data05)After paying send mail to us: rambler+44o8g@onionmail.org and we will provide a link for you to download your data. Your DBCODE is: 54O8G"}
Analysis helper :
estk --url=http://104.208.109.174:9200 list
Found by ElasticSearchOpenPlugin
Indices: 6, document count: 557, size: 329.6 kB
Through Kibana endpoint
Found index nginx-access-2023.07.06 with 520 documents (248.1 kB)
Found i...
Analysis helper :
estk --url=http://20.239.20.117:5601 list
Found by ElasticSearchOpenPlugin
Indices: 4, document count: 45, size: 42.4 MB
Through Kibana endpoint
Found index .geoip_databases with 43 documents (42.4 MB)
Found index intern...
Analysis helper :
estk --url=http://20.24.72.185:5601 list
Found by ElasticSearchOpenPlugin
Indices: 2, document count: 2, size: 10.6 kB
Found index read-me with 1 documents (4.0 kB)
Found index .kibana_1 with 1 documents (6.6 kB)
Ransom notes :
{"message": "Your DB has been back up. The only way of recovery is you must send 0.01 BTC to bc1qaua9cwrp0g2nqg2txn86e7k376v0xm4m0yfcfq. Once paid please email dar0kmdb@tutanota.com with code: `Y8N85w` and we will recover your database. please read https://paste.sh/u6JYxXwk#PwdBc7jVzqo9-h12zU5hyPYP for more information"}
Analysis helper :
estk --url=http://52.184.84.89:9200 list
Found by ElasticSearchOpenPlugin
Indices: 2, document count: 42, size: 40.4 MB
Found index .geoip_databases with 41 documents (40.4 MB)
Found index read-me with 1 documents (4.5 ...
Ransom notes :
{"message": "Your DB has been back up. The only way of recovery is you must send 0.01 BTC to bc1qaua9cwrp0g2nqg2txn86e7k376v0xm4m0yfcfq. Once paid please email dar0kmdb@tutanota.com with code: `WCR6wZ` and we will recover your database. please read https://paste.sh/u6JYxXwk#PwdBc7jVzqo9-h12zU5hyPYP for more information"}
Analysis helper :
estk --url=http://20.24.72.185:9200 list
Found by ElasticSearchOpenPlugin
Indices: 85, document count: 85515, size: 35.0 MB
Through Kibana endpoint
Found index 208e9341-8ffe-4d18-b6de-c3e1dc2e8de8_sync_manager_context-2...
Analysis helper :
estk --url=https://psu1.eastasia.cloudapp.azure.com list
Found by ElasticSearchOpenPlugin
Indices: 4, document count: 32025, size: 19.4 MB
Through Kibana endpoint
Found index kibana_sample_data_ecommerce with 4675 documents (4.1 MB)
Fo...
Analysis helper :
estk --url=http://20.2.209.150:5601 list
Found by ElasticSearchOpenPlugin
Indices: 5, document count: 27, size: 88.2 kB
Through Kibana endpoint
Found index context-index with 2 documents (10.9 kB)
Found index sms-logs-i...
Analysis helper :
estk --url=http://20.239.74.208:5601 list
Found by ElasticSearchOpenPlugin
Indices: 2, document count: 0, size: 0 B
Found index .kibana_1 with documents ()
Found index read-me with documents ()
Analysis helper :
estk --url=http://20.205.138.196:9200 list
Found by ElasticSearchOpenPlugin
Indices: 1, document count: 1, size: 5.1 kB
Found index read-me with 1 documents (5.1 kB)
Ransom notes :
{"message": "Your DB has been back up. The only way of recovery is you must send 0.01 BTC to bc1qaua9cwrp0g2nqg2txn86e7k376v0xm4m0yfcfq. Once paid please email dar0kmdb@tutanota.com with code: `5vSOMN` and we will recover your database. please read https://paste.sh/u6JYxXwk#PwdBc7jVzqo9-h12zU5hyPYP for more information"}
Analysis helper :
estk --url=http://52.229.163.119:9200 list
Found by ElasticSearchOpenPlugin
Indices: 2, document count: 3, size: 14.2 kB
Through Kibana endpoint
Found index read-me with 1 documents (5.4 kB)
Found index .kibana_1 with 2 d...
Analysis helper :
estk --url=http://52.229.163.119:5601 list
Found by ElasticSearchOpenPlugin
Indices: 1, document count: 1, size: 5.1 kB
Found index read-me with 1 documents (5.1 kB)
Ransom notes :
{"message": "Your DB has been back up. The only way of recovery is you must send 0.01 BTC to bc1qmheh2ukafmsa8y0hxj64lalddzxwj0sfaas7uu. Once paid please email dar0kmdb@tutanota.com with code: `aLEfI8` and we will recover your database. please read https://paste.sh/u6JYxXwk#PwdBc7jVzqo9-h12zU5hyPYP for more information"}
Analysis helper :
estk --url=http://20.2.128.136:9200 list
Found by ElasticSearchOpenPlugin