{"ip":"34.21.208.191","total_events":67419,"verdict":{"verdict":"scanning","label":"Scanning for known vulnerabilities","detail":"3 exploit-path probe(s)","confidence":"medium","network_type":null},"first_seen":"2026-06-14T10:52:41","last_seen":"2026-06-14T20:54:02","events_24h":0,"events_7d":0,"geo":{"country_code":"SG","country_name":"Singapore","region":"","city":"Singapore","lat":1.2872,"lon":103.8507,"asn":396982,"org":"Google LLC"},"source_domain":"191.208.21.34.bc.googleusercontent.com","known_scanners":[],"scanner_tag":{"key":"gcp","label":"Google Cloud","category":"hosting_provider","url":"https://cloud.google.com/"},"cve_matches":[{"cve_id":"CVE-2021-28169","title":"Eclipse Jetty ConcatServlet - Information Disclosure","severity":"medium","actively_exploited":false,"match_field":"url_path","matched_pattern":"/static"}],"top_ports":[{"port":9902,"proto":"tcp","label":"","count":67419}],"fingerprints":{"ssh_hassh":[],"tls_ja4":["t13i1313h2_f57a46bbacb6_fb48f8b98a29","t13i1314h2_f57a46bbacb6_3b244d8fbcc8"],"tls_ja3":["e56c72ec790d5898f89528f5c080ca3b","bbfe3507a810aa6c11c659bd4c7b4cbd"],"ja4h":["ge11nn0400_88d30a62b7ad"]},"fingerprint_peers":{"t13i1313h2_f57a46bbacb6_fb48f8b98a29":1567,"t13i1314h2_f57a46bbacb6_3b244d8fbcc8":37,"ge11nn0400_88d30a62b7ad":8122},"user_agents":["Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36"],"timeline":[{"date":"2026-06-14","count":67419}],"recent_events":[{"timestamp":"2026-06-14T20:54:02","port":9902,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:9902\",\"user-agent\":\"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":["h2","http/1.1"],"url_path":"/admin/dev.rar","summary":"","payload_hex":"474554202f61646d696e2f6465762e72617220485454502f312e310d0a486f73743a20<HONEYPOT>3a393930320d0a557365722d4167656e743a204d6f7a696c6c612f352e3020285831313b204c696e7578207838365f363429204170706c655765624b69742f3533372e3336204368726f6d652f3132342e30205361666172692f3533372e33360d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36","community_id":"1:OGcgI1ayjGbLn6R9/BUZlulRfdw=","ja3":"bbfe3507a810aa6c11c659bd4c7b4cbd","session":"8be6a107-919a-420a-8843-8a720be3329f","seq":127,"duration_ms":356545,"bytes_in":23938,"bytes_out":9906},{"timestamp":"2026-06-14T20:54:02","port":9902,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:9902\",\"user-agent\":\"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":["h2","http/1.1"],"url_path":"/admin/dev.7z","summary":"","payload_hex":"474554202f61646d696e2f6465762e377a20485454502f312e310d0a486f73743a20<HONEYPOT>3a393930320d0a557365722d4167656e743a204d6f7a696c6c612f352e3020285831313b204c696e7578207838365f363429204170706c655765624b69742f3533372e3336204368726f6d652f3132342e30205361666172692f3533372e33360d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36","community_id":"1:OGcgI1ayjGbLn6R9/BUZlulRfdw=","ja3":"bbfe3507a810aa6c11c659bd4c7b4cbd","session":"8be6a107-919a-420a-8843-8a720be3329f","seq":126,"duration_ms":355987,"bytes_in":23754,"bytes_out":9828},{"timestamp":"2026-06-14T20:54:01","port":9902,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:9902\",\"user-agent\":\"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":["h2","http/1.1"],"url_path":"/admin/dev.tar.xz","summary":"","payload_hex":"474554202f61646d696e2f6465762e7461722e787a20485454502f312e310d0a486f73743a20<HONEYPOT>3a393930320d0a557365722d4167656e743a204d6f7a696c6c612f352e3020285831313b204c696e7578207838365f363429204170706c655765624b69742f3533372e3336204368726f6d652f3132342e30205361666172692f3533372e33360d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36","community_id":"1:OGcgI1ayjGbLn6R9/BUZlulRfdw=","ja3":"bbfe3507a810aa6c11c659bd4c7b4cbd","session":"8be6a107-919a-420a-8843-8a720be3329f","seq":125,"duration_ms":355444,"bytes_in":23571,"bytes_out":9750},{"timestamp":"2026-06-14T20:54:00","port":9902,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:9902\",\"user-agent\":\"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":["h2","http/1.1"],"url_path":"/admin/dev.tar.bz2","summary":"","payload_hex":"474554202f61646d696e2f6465762e7461722e627a3220485454502f312e310d0a486f73743a20<HONEYPOT>3a393930320d0a557365722d4167656e743a204d6f7a696c6c612f352e3020285831313b204c696e7578207838365f363429204170706c655765624b69742f3533372e3336204368726f6d652f3132342e30205361666172692f3533372e33360d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36","community_id":"1:OGcgI1ayjGbLn6R9/BUZlulRfdw=","ja3":"bbfe3507a810aa6c11c659bd4c7b4cbd","session":"8be6a107-919a-420a-8843-8a720be3329f","seq":124,"duration_ms":354885,"bytes_in":23384,"bytes_out":9672},{"timestamp":"2026-06-14T20:54:00","port":9902,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:9902\",\"user-agent\":\"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":["h2","http/1.1"],"url_path":"/admin/dev.tar","summary":"","payload_hex":"474554202f61646d696e2f6465762e74617220485454502f312e310d0a486f73743a20<HONEYPOT>3a393930320d0a557365722d4167656e743a204d6f7a696c6c612f352e3020285831313b204c696e7578207838365f363429204170706c655765624b69742f3533372e3336204368726f6d652f3132342e30205361666172692f3533372e33360d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36","community_id":"1:OGcgI1ayjGbLn6R9/BUZlulRfdw=","ja3":"bbfe3507a810aa6c11c659bd4c7b4cbd","session":"8be6a107-919a-420a-8843-8a720be3329f","seq":123,"duration_ms":354352,"bytes_in":23196,"bytes_out":9594},{"timestamp":"2026-06-14T20:53:59","port":9902,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:9902\",\"user-agent\":\"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":["h2","http/1.1"],"url_path":"/admin/dev.tgz","summary":"","payload_hex":"474554202f61646d696e2f6465762e74677a20485454502f312e310d0a486f73743a20<HONEYPOT>3a393930320d0a557365722d4167656e743a204d6f7a696c6c612f352e3020285831313b204c696e7578207838365f363429204170706c655765624b69742f3533372e3336204368726f6d652f3132342e30205361666172692f3533372e33360d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36","community_id":"1:OGcgI1ayjGbLn6R9/BUZlulRfdw=","ja3":"bbfe3507a810aa6c11c659bd4c7b4cbd","session":"8be6a107-919a-420a-8843-8a720be3329f","seq":122,"duration_ms":353817,"bytes_in":23012,"bytes_out":9516},{"timestamp":"2026-06-14T20:53:59","port":9902,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:9902\",\"user-agent\":\"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":["h2","http/1.1"],"url_path":"/admin/dev.tar.gz","summary":"","payload_hex":"474554202f61646d696e2f6465762e7461722e677a20485454502f312e310d0a486f73743a20<HONEYPOT>3a393930320d0a557365722d4167656e743a204d6f7a696c6c612f352e3020285831313b204c696e7578207838365f363429204170706c655765624b69742f3533372e3336204368726f6d652f3132342e30205361666172692f3533372e33360d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36","community_id":"1:OGcgI1ayjGbLn6R9/BUZlulRfdw=","ja3":"bbfe3507a810aa6c11c659bd4c7b4cbd","session":"8be6a107-919a-420a-8843-8a720be3329f","seq":121,"duration_ms":353279,"bytes_in":22828,"bytes_out":9438},{"timestamp":"2026-06-14T20:53:59","port":9902,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:9902\",\"user-agent\":\"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":["h2","http/1.1"],"url_path":"/admin/dev.zip","summary":"","payload_hex":"474554202f61646d696e2f6465762e7a697020485454502f312e310d0a486f73743a20<HONEYPOT>3a393930320d0a557365722d4167656e743a204d6f7a696c6c612f352e3020285831313b204c696e7578207838365f363429204170706c655765624b69742f3533372e3336204368726f6d652f3132342e30205361666172692f3533372e33360d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36","community_id":"1:b/QFbj2MmKLQwMUCp+J34NZzH/g=","ja3":"bbfe3507a810aa6c11c659bd4c7b4cbd","session":"c7e95401-b014-4a2d-b564-684c39b6feef","seq":229,"duration_ms":499668,"bytes_in":43306,"bytes_out":17862},{"timestamp":"2026-06-14T20:53:58","port":9902,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:9902\",\"user-agent\":\"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":["h2","http/1.1"],"url_path":"/admin/content.sql","summary":"","payload_hex":"474554202f61646d696e2f636f6e74656e742e73716c20485454502f312e310d0a486f73743a20<HONEYPOT>3a393930320d0a557365722d4167656e743a204d6f7a696c6c612f352e3020285831313b204c696e7578207838365f363429204170706c655765624b69742f3533372e3336204368726f6d652f3132342e30205361666172692f3533372e33360d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36","community_id":"1:WtEsXtlR2Mzd8U2F2fRJNhSw5JA=","ja3":"bbfe3507a810aa6c11c659bd4c7b4cbd","session":"930b0ee1-8ba5-4ef0-ac2d-b867e38138a8","seq":3,"duration_ms":19252,"bytes_in":571,"bytes_out":234},{"timestamp":"2026-06-14T20:53:57","port":9902,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:9902\",\"user-agent\":\"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":["h2","http/1.1"],"url_path":"/admin/content.sql.gz","summary":"","payload_hex":"474554202f61646d696e2f636f6e74656e742e73716c2e677a20485454502f312e310d0a486f73743a20<HONEYPOT>3a393930320d0a557365722d4167656e743a204d6f7a696c6c612f352e3020285831313b204c696e7578207838365f363429204170706c655765624b69742f3533372e3336204368726f6d652f3132342e30205361666172692f3533372e33360d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36","community_id":"1:sBw5iAXckTak1vEz8ZdoEFsElWM=","ja3":"bbfe3507a810aa6c11c659bd4c7b4cbd","session":"3f3c8ea3-d205-42f5-9963-15d3f141f373","seq":59,"duration_ms":237533,"bytes_in":11117,"bytes_out":4602}],"http_methods":[{"method":"GET","count":67419}],"distinct_ports_total":1,"top_paths":[{"path":"/application/terraform.gz","count":1,"ports":1},{"path":"/frontend/public_html.bz2","count":1,"ports":1},{"path":"/backups/sql_backup.sql.bz2","count":1,"ports":1},{"path":"/api/v2/configuration.zip","count":1,"ports":1},{"path":"/frontend/data_export.sql.bz2","count":1,"ports":1},{"path":"/application/wwwroot.tar.xz","count":1,"ports":1},{"path":"/backup/artifacts.sql.bz2","count":1,"ports":1},{"path":"/backups/kubernetes.sql.gz","count":1,"ports":1},{"path":"/backend/website_backup.7z","count":1,"ports":1},{"path":"/files/docker-compose.zst","count":1,"ports":1},{"path":"/application/webroot.sql.gz","count":1,"ports":1},{"path":"/api/v1/virtualenv.tar.bz2","count":1,"ports":1},{"path":"/frontend/node_modules.sql","count":1,"ports":1},{"path":"/application/backup_db.tar.xz","count":1,"ports":1},{"path":"/frontend/codebase.sql.bz2","count":1,"ports":1}],"distinct_paths_total":200,"top_snis":[],"top_hosts":[],"top_alpns":[{"value":"h2, http/1.1","count":67419}],"banners":[],"credentials":[],"header_profile":{"signature":["Accept","Accept-Encoding","Host","User-Agent"],"representative":[{"name":"Accept","value":"*/*","notable":false},{"name":"Accept-Encoding","value":"gzip","notable":false},{"name":"Host","value":"<HONEYPOT>:9902","notable":false},{"name":"User-Agent","value":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36","notable":false}],"distinct_sets":1,"events_with_headers":10},"tags":[{"tag_id":"CVE-2021-28169","tag_type":"cve","title":"Eclipse Jetty ConcatServlet - Information Disclosure","severity":"medium","actively_exploited":false,"match_field":"url_path","matched_pattern":"/static","reference_urls":["https://twitter.com/sec715/status/1406787963569065988","https://github.com/eclipse/jetty.project/security/advisories/GHSA-gwcr-j4wh-j3cq","https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E","https://nvd.nist.gov/vuln/detail/CVE-2021-28169","https://lists.apache.org/thread.html/r04a4b4553a23aff26f42635a6ae388c3b162aab30a88d12e59d05168@%3Cjira.kafka.apache.org%3E"]}],"data_as_of":"2026-07-01T00:36:49.351009+00:00"}