{"ip":"195.128.248.33","total_events":2750,"verdict":{"verdict":"malicious","label":"Exploit attempts observed","detail":"45 exploit-path hits","confidence":"high","network_type":null,"why":["45 request(s) matched a known exploit path.","Body-carrying methods (POST/PUT/PATCH/DELETE) seen: payload delivery, not just recon.","5+ hits raise confidence to high.","Not in any known-scanner range."]},"first_seen":"2026-06-30T02:35:45","last_seen":"2026-07-07T09:24:53","events_24h":0,"events_7d":1144,"geo":{"country_code":"UA","country_name":"Ukraine","region":"Kyiv City","city":"Kyiv","lat":50.458,"lon":30.5303,"asn":6698,"org":"Virtual Systems LLC"},"source_domain":"dedicated.vsys.host","known_scanners":[],"scanner_tag":null,"cve_matches":[{"cve_id":"CVE-2020-9425","title":"rConfig <3.9.4 - Sensitive Information Disclosure","severity":"high","actively_exploited":false,"match_field":"url_path","matched_pattern":"/settings.php"},{"cve_id":"CVE-2023-7164","title":"WordPress BackWPup < 4.0.4 - Backup File Disclosure","severity":"high","actively_exploited":false,"match_field":"url_path","matched_pattern":"/wp-content/uploads"},{"cve_id":"CVE-2024-4836","title":"Edito CMS - Sensitive Data Leak","severity":"high","actively_exploited":false,"match_field":"url_path","matched_pattern":"/config.php"},{"cve_id":"CVE-2020-15895","title":"D-Link DIR-816L 2.x - Cross-Site Scripting","severity":"medium","actively_exploited":false,"match_field":"url_path","matched_pattern":"/info.php"},{"cve_id":"CVE-2021-24237","title":"WordPress Realteo <=1.2.3 - Cross-Site Scripting","severity":"medium","actively_exploited":false,"match_field":"url_path","matched_pattern":"/properties"},{"cve_id":"CVE-2021-28164","title":"Eclipse Jetty - Information Disclosure","severity":"medium","actively_exploited":false,"match_field":"url_path","matched_pattern":"/WEB-INF/web.xml"},{"cve_id":"CVE-2021-37598","title":"WP Cerber < 8.9.3 - Broken Access Control","severity":"medium","actively_exploited":false,"match_field":"url_path","matched_pattern":"/wp-json"},{"cve_id":"CVE-2024-36527","title":"Puppeteer Renderer - Directory Traversal","severity":"medium","actively_exploited":false,"match_field":"url_path","matched_pattern":"/html"},{"cve_id":"CVE-2025-30208","title":"Vite - Arbitrary File Read","severity":"medium","actively_exploited":false,"match_field":"url_path","matched_pattern":"/etc/passwd"},{"cve_id":"CVE-2025-31486","title":"Vite server.fs.deny Bypass - Local File Inclusion","severity":"medium","actively_exploited":false,"match_field":"url_path","matched_pattern":"/etc/passwd"}],"malware":[],"top_ports":[{"port":443,"proto":"tcp","label":"HTTPS","count":2674},{"port":80,"proto":"tcp","label":"HTTP","count":76}],"fingerprints":{"ssh_hassh":[],"tls_ja4":["t13i3111h1_e8f1e7e78f70_b26ce05bbdd6","t13i3111h1_e8f1e7e78f70_d41ae481755e","t13i311000_e8f1e7e78f70_d41ae481755e"],"tls_ja3":["755cbaaa441626ab9e759e8982278df5","c12b4ccd5320bbb380ca1a9df90f771d","78f0dc5ac5b19daf131a133cfdee9691"],"ja4h":["ge11nn0600_30d3780c3555","ge11nn0500_2d30dc89d981","po11nn0600_e990ab6c2a6b","ge11nn0400_cf1edba2959c","he11nn0400_cf1edba2959c"]},"fingerprint_peers":{"t13i3111h1_e8f1e7e78f70_b26ce05bbdd6":11,"t13i3111h1_e8f1e7e78f70_d41ae481755e":6,"t13i311000_e8f1e7e78f70_d41ae481755e":510,"he11nn0400_cf1edba2959c":2,"ge11nn0600_30d3780c3555":2,"ge11nn0500_2d30dc89d981":1172,"po11nn0600_e990ab6c2a6b":1,"ge11nn0400_cf1edba2959c":4},"user_agents":["python-requests/2.34.2","Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36","Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36","Mozilla/5.0"],"timeline":[{"date":"2026-06-30","count":1606},{"date":"2026-07-07","count":1144}],"recent_events":[{"timestamp":"2026-07-07T09:24:53","port":443,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip, deflate\",\"connection\":\"close\",\"host\":\"<HONEYPOT>\",\"range\":\"bytes=0-15\",\"user-agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":["http/1.1"],"url_path":"/prod-api/actuator/heapdump","summary":"","payload_hex":"474554202f70726f642d6170692f6163747561746f722f6865617064756d7020485454502f312e310d0a486f73743a20<HONEYPOT>0d0a557365722d4167656e743a204d6f7a696c6c612f352e30202857696e646f7773204e542031302e303b2057696e36343b2078363429204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f3133302e302e302e30205361666172692f3533372e33360d0a52616e67653a2062797465733d302d31350d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69702c206465666c6174650d0a436f6e6e656374696f6e3a20636c6f73650d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36","community_id":"1:xa+mjAgcA+cK3EpCkAlqaZHH2qs=","ja3":"755cbaaa441626ab9e759e8982278df5","session":"6ee385eb-f580-43eb-8bd9-7f39fc29c9c1","seq":1,"duration_ms":467,"bytes_in":272,"bytes_out":79},{"timestamp":"2026-07-07T09:24:53","port":443,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip, deflate\",\"connection\":\"close\",\"host\":\"<HONEYPOT>\",\"range\":\"bytes=0-15\",\"user-agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_CHACHA20_POLY1305_SHA256","tls_version":"TLSv1.3","alpn":["http/1.1"],"url_path":"/prod-api/actuator/heapdump","summary":"","payload_hex":"474554202f70726f642d6170692f6163747561746f722f6865617064756d7020485454502f312e310d0a486f73743a20<HONEYPOT>0d0a557365722d4167656e743a204d6f7a696c6c612f352e30202857696e646f7773204e542031302e303b2057696e36343b2078363429204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f3133302e302e302e30205361666172692f3533372e33360d0a52616e67653a2062797465733d302d31350d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69702c206465666c6174650d0a436f6e6e656374696f6e3a20636c6f73650d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36","community_id":"1:XiXrgcx2zwyY9J6xUiz6D9x5aDY=","ja3":"755cbaaa441626ab9e759e8982278df5","session":"b9cb98af-c82b-46d8-934f-53b3e36eefdf","seq":1,"duration_ms":465,"bytes_in":272,"bytes_out":79},{"timestamp":"2026-07-07T09:24:51","port":443,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip, deflate\",\"connection\":\"close\",\"host\":\"<HONEYPOT>\",\"range\":\"bytes=0-15\",\"user-agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":["http/1.1"],"url_path":"/nacos/actuator/heapdump","summary":"","payload_hex":"474554202f6e61636f732f6163747561746f722f6865617064756d7020485454502f312e310d0a486f73743a20<HONEYPOT>0d0a557365722d4167656e743a204d6f7a696c6c612f352e30202857696e646f7773204e542031302e303b2057696e36343b2078363429204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f3133302e302e302e30205361666172692f3533372e33360d0a52616e67653a2062797465733d302d31350d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69702c206465666c6174650d0a436f6e6e656374696f6e3a20636c6f73650d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36","community_id":"1:v9fVRBu5r7aYLDr7dlSX8CpENwI=","ja3":"755cbaaa441626ab9e759e8982278df5","session":"5d5ad012-9fd0-4838-9997-0f8168c3520a","seq":1,"duration_ms":264,"bytes_in":269,"bytes_out":79},{"timestamp":"2026-07-07T09:24:51","port":443,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip, deflate\",\"connection\":\"close\",\"host\":\"<HONEYPOT>\",\"range\":\"bytes=0-15\",\"user-agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_CHACHA20_POLY1305_SHA256","tls_version":"TLSv1.3","alpn":["http/1.1"],"url_path":"/nacos/actuator/heapdump","summary":"","payload_hex":"474554202f6e61636f732f6163747561746f722f6865617064756d7020485454502f312e310d0a486f73743a20<HONEYPOT>0d0a557365722d4167656e743a204d6f7a696c6c612f352e30202857696e646f7773204e542031302e303b2057696e36343b2078363429204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f3133302e302e302e30205361666172692f3533372e33360d0a52616e67653a2062797465733d302d31350d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69702c206465666c6174650d0a436f6e6e656374696f6e3a20636c6f73650d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36","community_id":"1:svhgfl7u6W4QUrb3dUAgF6UlTuk=","ja3":"755cbaaa441626ab9e759e8982278df5","session":"c9d0f846-5773-4721-a3e2-f70d36f9fdf0","seq":1,"duration_ms":263,"bytes_in":269,"bytes_out":79},{"timestamp":"2026-07-07T09:24:49","port":443,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip, deflate\",\"connection\":\"close\",\"host\":\"<HONEYPOT>\",\"range\":\"bytes=0-15\",\"user-agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":["http/1.1"],"url_path":"/admin/actuator/heapdump","summary":"","payload_hex":"474554202f61646d696e2f6163747561746f722f6865617064756d7020485454502f312e310d0a486f73743a20<HONEYPOT>0d0a557365722d4167656e743a204d6f7a696c6c612f352e30202857696e646f7773204e542031302e303b2057696e36343b2078363429204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f3133302e302e302e30205361666172692f3533372e33360d0a52616e67653a2062797465733d302d31350d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69702c206465666c6174650d0a436f6e6e656374696f6e3a20636c6f73650d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36","community_id":"1:EXB0kC5udd9dYlqy5ywz0zX9u9w=","ja3":"755cbaaa441626ab9e759e8982278df5","session":"a758ff00-7ea3-465c-a9b6-124d8e746d1e","seq":1,"duration_ms":204,"bytes_in":269,"bytes_out":79},{"timestamp":"2026-07-07T09:24:49","port":443,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip, deflate\",\"connection\":\"close\",\"host\":\"<HONEYPOT>\",\"range\":\"bytes=0-15\",\"user-agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_CHACHA20_POLY1305_SHA256","tls_version":"TLSv1.3","alpn":["http/1.1"],"url_path":"/admin/actuator/heapdump","summary":"","payload_hex":"474554202f61646d696e2f6163747561746f722f6865617064756d7020485454502f312e310d0a486f73743a20<HONEYPOT>0d0a557365722d4167656e743a204d6f7a696c6c612f352e30202857696e646f7773204e542031302e303b2057696e36343b2078363429204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f3133302e302e302e30205361666172692f3533372e33360d0a52616e67653a2062797465733d302d31350d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69702c206465666c6174650d0a436f6e6e656374696f6e3a20636c6f73650d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36","community_id":"1:zgpqN9wBIpQsGi7p/meWGUxYS8E=","ja3":"755cbaaa441626ab9e759e8982278df5","session":"50cbf319-54db-44ca-846a-637bc0121900","seq":1,"duration_ms":205,"bytes_in":269,"bytes_out":79},{"timestamp":"2026-07-07T09:24:46","port":443,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip, deflate\",\"connection\":\"close\",\"host\":\"<HONEYPOT>\",\"range\":\"bytes=0-15\",\"user-agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":["http/1.1"],"url_path":"/gateway/actuator/heapdump","summary":"","payload_hex":"474554202f676174657761792f6163747561746f722f6865617064756d7020485454502f312e310d0a486f73743a20<HONEYPOT>0d0a557365722d4167656e743a204d6f7a696c6c612f352e30202857696e646f7773204e542031302e303b2057696e36343b2078363429204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f3133302e302e302e30205361666172692f3533372e33360d0a52616e67653a2062797465733d302d31350d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69702c206465666c6174650d0a436f6e6e656374696f6e3a20636c6f73650d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36","community_id":"1:XfYTrVnYvm3tx8CbgpjAvKoR+kc=","ja3":"755cbaaa441626ab9e759e8982278df5","session":"42620973-520d-4473-908d-145fe18ccbf3","seq":1,"duration_ms":189,"bytes_in":271,"bytes_out":79},{"timestamp":"2026-07-07T09:24:46","port":443,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip, deflate\",\"connection\":\"close\",\"host\":\"<HONEYPOT>\",\"range\":\"bytes=0-15\",\"user-agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_CHACHA20_POLY1305_SHA256","tls_version":"TLSv1.3","alpn":["http/1.1"],"url_path":"/gateway/actuator/heapdump","summary":"","payload_hex":"474554202f676174657761792f6163747561746f722f6865617064756d7020485454502f312e310d0a486f73743a20<HONEYPOT>0d0a557365722d4167656e743a204d6f7a696c6c612f352e30202857696e646f7773204e542031302e303b2057696e36343b2078363429204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f3133302e302e302e30205361666172692f3533372e33360d0a52616e67653a2062797465733d302d31350d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69702c206465666c6174650d0a436f6e6e656374696f6e3a20636c6f73650d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36","community_id":"1:eqfn+LgA5CEXmbUxtb9Zv1j2ta0=","ja3":"755cbaaa441626ab9e759e8982278df5","session":"b636717c-bf8a-47ca-beed-9a2fcdfb04c8","seq":1,"duration_ms":191,"bytes_in":271,"bytes_out":79},{"timestamp":"2026-07-07T09:24:44","port":443,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip, deflate\",\"connection\":\"close\",\"host\":\"<HONEYPOT>\",\"range\":\"bytes=0-15\",\"user-agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":["http/1.1"],"url_path":"/monitor/heapdump","summary":"","payload_hex":"474554202f6d6f6e69746f722f6865617064756d7020485454502f312e310d0a486f73743a20<HONEYPOT>0d0a557365722d4167656e743a204d6f7a696c6c612f352e30202857696e646f7773204e542031302e303b2057696e36343b2078363429204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f3133302e302e302e30205361666172692f3533372e33360d0a52616e67653a2062797465733d302d31350d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69702c206465666c6174650d0a436f6e6e656374696f6e3a20636c6f73650d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36","community_id":"1:M8scFSoSQZ9T1ugPBjfU5FUN0Hk=","ja3":"755cbaaa441626ab9e759e8982278df5","session":"02c4fc8d-05a0-4b55-b02c-c8933a62af10","seq":1,"duration_ms":203,"bytes_in":262,"bytes_out":79},{"timestamp":"2026-07-07T09:24:44","port":443,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip, deflate\",\"connection\":\"close\",\"host\":\"<HONEYPOT>\",\"range\":\"bytes=0-15\",\"user-agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_CHACHA20_POLY1305_SHA256","tls_version":"TLSv1.3","alpn":["http/1.1"],"url_path":"/monitor/heapdump","summary":"","payload_hex":"474554202f6d6f6e69746f722f6865617064756d7020485454502f312e310d0a486f73743a20<HONEYPOT>0d0a557365722d4167656e743a204d6f7a696c6c612f352e30202857696e646f7773204e542031302e303b2057696e36343b2078363429204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f3133302e302e302e30205361666172692f3533372e33360d0a52616e67653a2062797465733d302d31350d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69702c206465666c6174650d0a436f6e6e656374696f6e3a20636c6f73650d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36","community_id":"1:pJr5QLCrE0d5dtrYgG2iAJ6vj8I=","ja3":"755cbaaa441626ab9e759e8982278df5","session":"b4417774-fe2c-4685-911d-221cc153e7b6","seq":1,"duration_ms":204,"bytes_in":262,"bytes_out":79}],"http_methods":[{"method":"GET","count":2721},{"method":"POST","count":21},{"method":"HEAD","count":8}],"distinct_ports_total":2,"top_paths":[{"path":"/","count":91,"ports":2},{"path":"/wp-config.php.bak","count":20,"ports":1},{"path":"/.env","count":20,"ports":1},{"path":"/appsettings.json","count":19,"ports":1},{"path":"/application.yml","count":19,"ports":1},{"path":"/config/application.yml","count":19,"ports":1},{"path":"/application.properties","count":18,"ports":1},{"path":"/.env.production","count":18,"ports":1},{"path":"/admin/actuator/heapdump","count":17,"ports":2},{"path":"/manage/heapdump","count":17,"ports":2},{"path":"/heapdump","count":16,"ports":2},{"path":"/.env.local","count":16,"ports":1},{"path":"/config.js","count":16,"ports":1},{"path":"/.env.staging","count":16,"ports":1},{"path":"/nacos/actuator/heapdump","count":15,"ports":2}],"distinct_paths_total":200,"top_snis":[],"top_hosts":[],"top_alpns":[{"value":"http/1.1","count":775}],"banners":[],"credentials":[],"header_profile":{"signature":["Accept","Accept-Encoding","Connection","Host","Range","User-Agent"],"representative":[{"name":"Accept","value":"*/*","notable":false},{"name":"Accept-Encoding","value":"gzip, deflate","notable":false},{"name":"Connection","value":"close","notable":false},{"name":"Host","value":"<HONEYPOT>","notable":false},{"name":"Range","value":"bytes=0-15","notable":false},{"name":"User-Agent","value":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36","notable":false}],"distinct_sets":1,"events_with_headers":10},"tags":[{"tag_id":"CVE-2020-9425","tag_type":"cve","title":"rConfig <3.9.4 - Sensitive Information Disclosure","severity":"high","actively_exploited":false,"match_field":"url_path","matched_pattern":"/settings.php","reference_urls":["https://blog.hivint.com/rconfig-3-9-3-unauthenticated-sensitive-information-disclosure-ead4ed88f153","https://github.com/rconfig/rconfig/commit/20f4e3d87e84663d922b937842fddd9af1b68dd9","https://nvd.nist.gov/vuln/detail/CVE-2020-9425","https://github.com/ARPSyndicate/cvemon","https://github.com/ARPSyndicate/kenzer-templates"]},{"tag_id":"CVE-2023-7164","tag_type":"cve","title":"WordPress BackWPup < 4.0.4 - Backup File Disclosure","severity":"high","actively_exploited":false,"match_field":"url_path","matched_pattern":"/wp-content/uploads","reference_urls":["https://wpscan.com/vulnerability/79b07f37-2c6b-4846-bb28-91a1e5bf112e/","https://research.cleantalk.org/cve-2023-7164/","https://nvd.nist.gov/vuln/detail/CVE-2023-7164"]},{"tag_id":"CVE-2024-4836","tag_type":"cve","title":"Edito CMS - Sensitive Data Leak","severity":"high","actively_exploited":false,"match_field":"url_path","matched_pattern":"/config.php","reference_urls":["https://cert.pl/en/posts/2024/07/CVE-2024-4836/","https://github.com/sleep46/CVE-2024-4836_Check","https://nvd.nist.gov/vuln/detail/CVE-2024-4836"]},{"tag_id":"CVE-2020-15895","tag_type":"cve","title":"D-Link DIR-816L 2.x - Cross-Site Scripting","severity":"medium","actively_exploited":false,"match_field":"url_path","matched_pattern":"/info.php","reference_urls":["https://research.loginsoft.com/bugs/multiple-vulnerabilities-discovered-in-the-d-link-firmware-dir-816l/","https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10169","https://nvd.nist.gov/vuln/detail/CVE-2020-15895","https://github.com/ARPSyndicate/kenzer-templates"]},{"tag_id":"CVE-2021-24237","tag_type":"cve","title":"WordPress Realteo <=1.2.3 - Cross-Site Scripting","severity":"medium","actively_exploited":false,"match_field":"url_path","matched_pattern":"/properties","reference_urls":["https://wpscan.com/vulnerability/087b27c4-289e-410f-af74-828a608a4e1e","https://m0ze.ru/vulnerability/[2021-03-20]-[WordPress]-[CWE-79]-Realteo-WordPress-Plugin-v1.2.3.txt","https://nvd.nist.gov/vuln/detail/CVE-2021-24237","https://m0ze.ru/vulnerability/[2021-03-20]-[WordPress]-[CWE-79]-Findeo-WordPress-Theme-v1.3.0.txt","https://www.docs.purethemes.net/findeo/knowledge-base/changelog-findeo/"]},{"tag_id":"CVE-2021-28164","tag_type":"cve","title":"Eclipse Jetty - Information Disclosure","severity":"medium","actively_exploited":false,"match_field":"url_path","matched_pattern":"/WEB-INF/web.xml","reference_urls":["https://github.com/eclipse/jetty.project/security/advisories/GHSA-v7ff-8wcx-gmc5","https://github.com/vulhub/vulhub/tree/1239bca12c75630bb2033b728140ed5224dcc6d8/jetty","https://lists.apache.org/thread.html/r780c3c210a05c5bf7b4671303f46afc3fe56758e92864e1a5f0590d0@%3Cjira.kafka.apache.org%3E","http://packetstormsecurity.com/files/164590/Jetty-9.4.37.v20210219-Information-Disclosure.html","https://nvd.nist.gov/vuln/detail/cve-2021-28164"]},{"tag_id":"CVE-2021-37598","tag_type":"cve","title":"WP Cerber < 8.9.3 - Broken Access Control","severity":"medium","actively_exploited":false,"match_field":"url_path","matched_pattern":"/wp-json","reference_urls":["https://github.com/mandiant/Vulnerability-Disclosures/blob/master/FEYE-2021-0024/FEYE-2021-0024.md","https://nvd.nist.gov/vuln/detail/CVE-2021-37598"]},{"tag_id":"CVE-2024-36527","tag_type":"cve","title":"Puppeteer Renderer - Directory Traversal","severity":"medium","actively_exploited":false,"match_field":"url_path","matched_pattern":"/html","reference_urls":["https://github.com/zenato/puppeteer-renderer/issues/97","https://gist.github.com/7a6163/25fef08f75eed219c8ca21e332d6e911"]},{"tag_id":"CVE-2025-30208","tag_type":"cve","title":"Vite - Arbitrary File Read","severity":"medium","actively_exploited":false,"match_field":"url_path","matched_pattern":"/etc/passwd","reference_urls":["https://github.com/vitejs/vite/security/advisories/GHSA-x574-m823-4x7w","https://nvd.nist.gov/vuln/detail/CVE-2025-30208"]},{"tag_id":"CVE-2025-31486","tag_type":"cve","title":"Vite server.fs.deny Bypass - Local File Inclusion","severity":"medium","actively_exploited":false,"match_field":"url_path","matched_pattern":"/etc/passwd","reference_urls":["https://github.com/advisories/GHSA-xcj6-pq6g-qj4x","https://github.com/vitejs/vite/blob/037f801075ec35bb6e52145d659f71a23813c48f/packages/vite/src/node/plugins/asset.ts#L285-L290","https://github.com/vitejs/vite/commit/62d7e81ee189d65899bb65f3263ddbd85247b647","https://github.com/vitejs/vite/security/advisories/GHSA-xcj6-pq6g-qj4x","https://nvd.nist.gov/vuln/detail/CVE-2025-31486"]}],"data_as_of":"2026-07-09T05:21:19.683387+00:00"}