Loading threats
An HTTP GET request to the Elasticsearch /_cat/indices endpoint with output formatted as JSON. This primitive indicates enumeration of index metadata, including index names, document counts, storage size, and shard allocation details. Attackers and automated scanners commonly use this endpoint to assess data exposure, identify high-value indices, and estimate cluster scale before attempting data extraction or destructive actions. The inclusion of parameters such as format=json and bytes=b suggests scripted reconnaissance intended for machine parsing and precise size analysis.
| IP Address | Risk | Events | Sessions | Country | ASN | Last Seen |
|---|---|---|---|---|---|---|
| 81.29.142.100 | 100% | 34,306 | 25,134 | 🇷🇺 RU | AS210259 | 2026-04-19 |
| 81.29.142.6 | 100% | 24,131 | 18,337 | 🇷🇺 RU | AS210259 | 2026-04-19 |
| 45.91.64.6 | 100% | 16,480 | 10,099 | 🇷🇺 RU | AS214664 | 2026-04-19 |
| 94.102.49.155 | 100% | 15,232 | 11,230 | 🇳🇱 NL | AS202425 | 2026-04-19 |
| 45.91.64.7 | 100% | 10,545 | 9,443 | 🇷🇺 RU | AS214664 | 2026-04-19 |
| 5.101.64.6 | 100% | 4,674 | 4,397 | 🇷🇺 RU | AS34665 |
| 2026-04-19 |
| 176.32.195.85 | 100% | 3,709 | 2,666 | 🇦🇲 AM | AS197834 | 2026-03-24 |
| 35.216.172.131 | 100% | 3,165 | 1,234 | 🇨🇭 CH | AS15169 | 2026-04-10 |
| 152.32.135.214 | 98% | 3,037 | 424 | 🇭🇰 HK | AS135377 | 2026-04-14 |
| 35.216.201.9 | 100% | 2,692 | 1,257 | 🇨🇭 CH | AS15169 | 2026-04-13 |
| 35.216.140.3 | 100% | 2,606 | 1,424 | 🇨🇭 CH | AS15169 | 2026-04-12 |
| 103.27.108.70 | 99% | 2,182 | 2,172 | 🇭🇰 HK | AS132883 | 2026-04-18 |
| 103.27.109.179 | 99% | 2,163 | 2,162 | 🇭🇰 HK | AS132883 | 2026-04-18 |
| 103.87.9.174 | 99% | 2,100 | 2,064 | 🇭🇰 HK | AS132883 | 2026-04-18 |
| 152.32.197.121 | 98% | 2,077 | 464 | 🇧🇷 BR | AS135377 | 2026-04-17 |
| 134.122.176.63 | 83% | 1,881 | 1,855 | 🇸🇬 SG | AS152194 | 2026-04-19 |
| 165.154.182.221 | 89% | 1,795 | 615 | 🇺🇸 US | AS135377 | 2026-04-13 |
| 159.223.169.93 | 99% | 1,781 | 1,779 | 🇺🇸 US | AS14061 | 2026-04-19 |
| 101.36.97.187 | 93% | 1,754 | 273 | 🇬🇧 GB | AS135377 | 2026-04-19 |
| 35.216.183.140 | 100% | 1,746 | 472 | 🇨🇭 CH | AS15169 | 2026-04-13 |