Search results for +plugin:ElasticSearchOpenPlugin -ip:"124.220.0.0/14" +events.leak.severity:"medium" +l9fp:"831cb76b8e05df467fdae18aba8204f0a9f4d38c7f8381d42890ea53ca4dcf89"

Found 1 result for
+plugin:ElasticSearchOpenPlugin -ip:"124.220.0.0/14" +events.leak.severity:"medium" +l9fp:"831cb76b8e05df467fdae18aba8204f0a9f4d38c7f8381d42890ea53ca4dcf89"

Looking for more results ? Register a free account

Countries

The Netherlands 1

Sources

ElasticSearchOpenPlugin 1

Network

Signet B.V. 1

IP Ranges

136.144.128.0/17 1

www.best4mage-demo.com

high

The Netherlands Signet B.V. 2023-03-24 15:21 2024-05-17 14:57
29d29d15d29d29d21c42d42d000000b7cc5a312b95f81625a914b21964a66e
831cb76b8e05df467fdae18aba8204f0a9f4d38c7f8381d42890ea53ca4dcf89
https://www.best4mage-demo.com

ASN: 20857
20 events in 419 days
Leak size: 39.5 MB
Open ports: 443

Certificate domains:

www.best4mage-demo.com

best4mage-demo.com

webmail.best4mage-demo.com

Indices: 10, document count: 230, size: 39.5 MB
Found index .geoip_databases with 39 documents (38.8 MB)
Found index actuator with 2 documents (1...

Ransom notes :


{"message": "Your DB has been back up. The only way of recovery is you must send 0.01 BTC to bc1qmheh2ukafmsa8y0hxj64lalddzxwj0sfaas7uu. Once paid please email dar0kmdb@tutanota.com with code: `aLEfI8` and we will recover your database. please read https://paste.sh/u6JYxXwk#PwdBc7jVzqo9-h12zU5hyPYP for more information"}

Analysis helper :

                
estk --url=https://www.best4mage-demo.com list

Found by ElasticSearchOpenPlugin

Countries

Sources

Network

IP Ranges

www.best4mage-demo.com

high

www.best4mage-demo.com

best4mage-demo.com

webmail.best4mage-demo.com

Create report