{"ip":"34.45.8.2","total_events":498,"verdict":{"verdict":"scanning","label":"Scanning for known vulnerabilities","detail":"151 exploit-path probe(s)","confidence":"medium","network_type":null,"why":["151 request(s) matched a known exploit path.","Only GET/HEAD seen, no request body: scanning for the vulnerability, not delivering a payload.","Not in any known-scanner range."]},"first_seen":"2026-06-14T13:20:18","last_seen":"2026-06-14T20:14:55","events_24h":0,"events_7d":0,"geo":{"country_code":"US","country_name":"United States","region":"Iowa","city":"Council Bluffs","lat":41.2591,"lon":-95.8517,"asn":396982,"org":"Google LLC"},"source_domain":"2.8.45.34.bc.googleusercontent.com","known_scanners":[],"scanner_tag":{"key":"gcp","label":"Google Cloud","category":"hosting_provider","url":"https://cloud.google.com/"},"cve_matches":[{"cve_id":"CVE-2024-36527","title":"Puppeteer Renderer - Directory Traversal","severity":"medium","actively_exploited":false,"match_field":"url_path","matched_pattern":"/html"}],"malware":[],"top_ports":[{"port":7979,"proto":"tcp","label":"","count":166},{"port":9005,"proto":"tcp","label":"","count":166},{"port":9042,"proto":"tcp","label":"Cassandra","count":166}],"fingerprints":{"ssh_hassh":[],"tls_ja4":["t13i190800_9dc949149365_97f8aa674fd9"],"tls_ja3":["19e29534fd49dd27d09234e639c4057e"],"ja4h":["ge11nn0500_9af7e0472034"]},"fingerprint_peers":{"t13i190800_9dc949149365_97f8aa674fd9":7212,"ge11nn0500_9af7e0472034":5954},"user_agents":["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.100 Safari/537.36","BlackBerry7520/4.0.0 Profile/MIDP-2.0 Configuration/CLDC-1.1 UP.Browser/5.0.3.3 UP.Link/5.1.2.12 (Google WAP Proxy/1.0)","Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/532.5 (KHTML, like Gecko) Chrome/4.0.249.0 Safari/532.5","NokiaN73-1/3.0649.0.0.1 Series60/3.0 Profile/MIDP2.0 Configuration/CLDC-1.1","Mozilla/5.0 (iPhone; CPU iPhone OS 8_4_1 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) GSA/8.0.57838 Mobile/12H321 Safari/600.1.4","Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.75 Safari/537.36","Mozilla/5.0 (Linux; Android 8.1.0; Moto G (5S)) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36","Mediapartners-Google"],"timeline":[{"date":"2026-06-14","count":498}],"recent_events":[{"timestamp":"2026-06-14T20:14:55","port":9042,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept-charset\":\"utf-8\",\"accept-encoding\":\"gzip\",\"connection\":\"close\",\"host\":\"<HONEYPOT>:9042\",\"user-agent\":\"Mozilla/5.0 (Linux; Android 9; SM-G965F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.89 Mobile Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":[],"url_path":"/src/.env.backup","summary":"","payload_hex":"474554202f7372632f2e656e762e6261636b757020485454502f312e310d0a486f73743a20<HONEYPOT>3a393034320d0a557365722d4167656e743a204d6f7a696c6c612f352e3020284c696e75783b20416e64726f696420393b20534d2d473936354629204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f37362e302e333830392e3839204d6f62696c65205361666172692f3533372e33360d0a4163636570742d436861727365743a207574662d380d0a4163636570742d456e636f64696e673a20677a69700d0a436f6e6e656374696f6e3a20636c6f73650d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (Linux; Android 9; SM-G965F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.89 Mobile Safari/537.36","community_id":"1:e9s1g7Sk2QxsbKFaqgh2TtRDegA=","ja3":"19e29534fd49dd27d09234e639c4057e","session":"860c763a-a415-4126-bb6b-d35bc97f43d3","seq":1,"duration_ms":103,"bytes_in":257,"bytes_out":73},{"timestamp":"2026-06-14T20:14:54","port":9042,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept-charset\":\"utf-8\",\"accept-encoding\":\"gzip\",\"connection\":\"close\",\"host\":\"<HONEYPOT>:9042\",\"user-agent\":\"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36 OPR/60.0.3255.170\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":[],"url_path":"/mailer/sendgrid.env","summary":"","payload_hex":"474554202f6d61696c65722f73656e64677269642e656e7620485454502f312e310d0a486f73743a20<HONEYPOT>3a393034320d0a557365722d4167656e743a204d6f7a696c6c612f352e3020284d6163696e746f73683b20496e74656c204d6163204f5320582031305f31345f3529204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f37332e302e333638332e313033205361666172692f3533372e3336204f50522f36302e302e333235352e3137300d0a4163636570742d436861727365743a207574662d380d0a4163636570742d456e636f64696e673a20677a69700d0a436f6e6e656374696f6e3a20636c6f73650d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36 OPR/60.0.3255.170","community_id":"1:ChK1dRTRbexyHoAn4nO42yd8dk0=","ja3":"19e29534fd49dd27d09234e639c4057e","session":"43bfe2fb-d023-4efd-9709-e40a9d30cffe","seq":1,"duration_ms":602,"bytes_in":280,"bytes_out":73},{"timestamp":"2026-06-14T20:14:54","port":9042,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept-charset\":\"utf-8\",\"accept-encoding\":\"gzip\",\"connection\":\"close\",\"host\":\"<HONEYPOT>:9042\",\"user-agent\":\"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0b4pre) Gecko/20100815 Minefield/4.0b4pre\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":[],"url_path":"/email/sendgrid.env","summary":"","payload_hex":"474554202f656d61696c2f73656e64677269642e656e7620485454502f312e310d0a486f73743a20<HONEYPOT>3a393034320d0a557365722d4167656e743a204d6f7a696c6c612f352e30202857696e646f7773204e5420362e313b20574f5736343b2072763a322e30623470726529204765636b6f2f3230313030383135204d696e656669656c642f342e3062347072650d0a4163636570742d436861727365743a207574662d380d0a4163636570742d456e636f64696e673a20677a69700d0a436f6e6e656374696f6e3a20636c6f73650d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0b4pre) Gecko/20100815 Minefield/4.0b4pre","community_id":"1:nhwXSZzuiQeisnTimtTw08wVxr8=","ja3":"19e29534fd49dd27d09234e639c4057e","session":"3597be24-56a5-4821-aedc-3b68baacdcef","seq":1,"duration_ms":190,"bytes_in":222,"bytes_out":73},{"timestamp":"2026-06-14T20:14:54","port":9042,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept-charset\":\"utf-8\",\"accept-encoding\":\"gzip\",\"connection\":\"close\",\"host\":\"<HONEYPOT>:9042\",\"user-agent\":\"Mozilla/5.0 (Windows NT 10.0; WOW64; rv:40.0) Gecko/20100101 Firefox/40.0\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":[],"url_path":"/app/sendgrid.env","summary":"","payload_hex":"474554202f6170702f73656e64677269642e656e7620485454502f312e310d0a486f73743a20<HONEYPOT>3a393034320d0a557365722d4167656e743a204d6f7a696c6c612f352e30202857696e646f7773204e542031302e303b20574f5736343b2072763a34302e3029204765636b6f2f32303130303130312046697265666f782f34302e300d0a4163636570742d436861727365743a207574662d380d0a4163636570742d456e636f64696e673a20677a69700d0a436f6e6e656374696f6e3a20636c6f73650d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (Windows NT 10.0; WOW64; rv:40.0) Gecko/20100101 Firefox/40.0","community_id":"1:PIG/IPv165DHZuYCH+D4VCZ6Ffw=","ja3":"19e29534fd49dd27d09234e639c4057e","session":"4bd39a02-3151-417f-b712-ab41311d5760","seq":1,"duration_ms":190,"bytes_in":211,"bytes_out":73},{"timestamp":"2026-06-14T20:14:54","port":9042,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept-charset\":\"utf-8\",\"accept-encoding\":\"gzip\",\"connection\":\"close\",\"host\":\"<HONEYPOT>:9042\",\"user-agent\":\"Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.100 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":[],"url_path":"/backend/sendgrid.env","summary":"","payload_hex":"474554202f6261636b656e642f73656e64677269642e656e7620485454502f312e310d0a486f73743a20<HONEYPOT>3a393034320d0a557365722d4167656e743a204d6f7a696c6c612f352e30202857696e646f7773204e5420362e313b2057696e36343b2078363429204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f37362e302e333830392e313030205361666172692f3533372e33360d0a4163636570742d436861727365743a207574662d380d0a4163636570742d456e636f64696e673a20677a69700d0a436f6e6e656374696f6e3a20636c6f73650d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.100 Safari/537.36","community_id":"1:9+BmNhjjWAc+pLXTVRX5LnrZGC0=","ja3":"19e29534fd49dd27d09234e639c4057e","session":"59852993-7fd8-44b7-ae70-7a5139c355f9","seq":1,"duration_ms":190,"bytes_in":256,"bytes_out":73},{"timestamp":"2026-06-14T20:14:54","port":9042,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept-charset\":\"utf-8\",\"accept-encoding\":\"gzip\",\"connection\":\"close\",\"host\":\"<HONEYPOT>:9042\",\"user-agent\":\"Mozilla/5.0 (Windows NT 6.2; ARM; Trident/7.0; Touch; rv:11.0; WPDesktop; NOKIA; Lumia 920) like Geckoo\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":[],"url_path":"/sendgrid/.env","summary":"","payload_hex":"474554202f73656e64677269642f2e656e7620485454502f312e310d0a486f73743a20<HONEYPOT>3a393034320d0a557365722d4167656e743a204d6f7a696c6c612f352e30202857696e646f7773204e5420362e323b2041524d3b2054726964656e742f372e303b20546f7563683b2072763a31312e303b2057504465736b746f703b204e4f4b49413b204c756d69612039323029206c696b65204765636b6f6f0d0a4163636570742d436861727365743a207574662d380d0a4163636570742d456e636f64696e673a20677a69700d0a436f6e6e656374696f6e3a20636c6f73650d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (Windows NT 6.2; ARM; Trident/7.0; Touch; rv:11.0; WPDesktop; NOKIA; Lumia 920) like Geckoo","community_id":"1:JeZyqQ0m16kWg+qNEMxEFhw1MVw=","ja3":"19e29534fd49dd27d09234e639c4057e","session":"4b033186-24a5-400f-a5ca-8dd0ffa720d6","seq":1,"duration_ms":190,"bytes_in":238,"bytes_out":73},{"timestamp":"2026-06-14T20:14:54","port":9042,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept-charset\":\"utf-8\",\"accept-encoding\":\"gzip\",\"connection\":\"close\",\"host\":\"<HONEYPOT>:9042\",\"user-agent\":\"Mozilla/5.0 (Linux; Android 9; SM-G960F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":[],"url_path":"/apps/frontend/.env","summary":"","payload_hex":"474554202f617070732f66726f6e74656e642f2e656e7620485454502f312e310d0a486f73743a20<HONEYPOT>3a393034320d0a557365722d4167656e743a204d6f7a696c6c612f352e3020284c696e75783b20416e64726f696420393b20534d2d473936304629204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f37362e302e333830392e313131204d6f62696c65205361666172692f3533372e33360d0a4163636570742d436861727365743a207574662d380d0a4163636570742d456e636f64696e673a20677a69700d0a436f6e6e656374696f6e3a20636c6f73650d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (Linux; Android 9; SM-G960F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36","community_id":"1:3JavNwFq3lAq/RK2CSicRmJvOQQ=","ja3":"19e29534fd49dd27d09234e639c4057e","session":"cef9666e-078d-4516-8aa4-0f690e2dd537","seq":1,"duration_ms":190,"bytes_in":261,"bytes_out":73},{"timestamp":"2026-06-14T20:14:54","port":9042,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept-charset\":\"utf-8\",\"accept-encoding\":\"gzip\",\"connection\":\"close\",\"host\":\"<HONEYPOT>:9042\",\"user-agent\":\"Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":[],"url_path":"/cms/.env","summary":"","payload_hex":"474554202f636d732f2e656e7620485454502f312e310d0a486f73743a20<HONEYPOT>3a393034320d0a557365722d4167656e743a204d6f7a696c6c612f352e30202857696e646f7773204e542031302e3029204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f37352e302e333737302e313432205361666172692f3533372e33360d0a4163636570742d436861727365743a207574662d380d0a4163636570742d456e636f64696e673a20677a69700d0a436f6e6e656374696f6e3a20636c6f73650d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36","community_id":"1:uP+0whtJ+zoKcnQ3otXMqcrcwVw=","ja3":"19e29534fd49dd27d09234e639c4057e","session":"6504d8ef-a465-4dc1-9c07-b38858e73688","seq":1,"duration_ms":190,"bytes_in":233,"bytes_out":73},{"timestamp":"2026-06-14T20:14:54","port":9042,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept-charset\":\"utf-8\",\"accept-encoding\":\"gzip\",\"connection\":\"close\",\"host\":\"<HONEYPOT>:9042\",\"user-agent\":\"Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":[],"url_path":"/api/sendgrid.env","summary":"","payload_hex":"474554202f6170692f73656e64677269642e656e7620485454502f312e310d0a486f73743a20<HONEYPOT>3a393034320d0a557365722d4167656e743a204d6f7a696c6c612f352e30202857696e646f7773204e542031302e303b20574f57363429204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f36332e302e333233392e313332205361666172692f3533372e33360d0a4163636570742d436861727365743a207574662d380d0a4163636570742d456e636f64696e673a20677a69700d0a436f6e6e656374696f6e3a20636c6f73650d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36","community_id":"1:ttEMv9kDkHr8y30GCTY3hiR4eXg=","ja3":"19e29534fd49dd27d09234e639c4057e","session":"32e07e13-9f4f-461a-993a-650b920b6477","seq":1,"duration_ms":189,"bytes_in":248,"bytes_out":73},{"timestamp":"2026-06-14T20:14:54","port":9042,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept-charset\":\"utf-8\",\"accept-encoding\":\"gzip\",\"connection\":\"close\",\"host\":\"<HONEYPOT>:9042\",\"user-agent\":\"Mozilla/5.0 (Linux; Android 9; RMX1851) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":[],"url_path":"/temp/.env","summary":"","payload_hex":"474554202f74656d702f2e656e7620485454502f312e310d0a486f73743a20<HONEYPOT>3a393034320d0a557365722d4167656e743a204d6f7a696c6c612f352e3020284c696e75783b20416e64726f696420393b20524d583138353129204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f37362e302e333830392e313131204d6f62696c65205361666172692f3533372e33360d0a4163636570742d436861727365743a207574662d380d0a4163636570742d456e636f64696e673a20677a69700d0a436f6e6e656374696f6e3a20636c6f73650d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (Linux; Android 9; RMX1851) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36","community_id":"1:9eWYFfDMwn+GDK8Pw4LqqdskenQ=","ja3":"19e29534fd49dd27d09234e639c4057e","session":"3ba99640-a132-4c03-94f3-579c1a45e5d6","seq":1,"duration_ms":189,"bytes_in":251,"bytes_out":73}],"http_methods":[{"method":"GET","count":498}],"distinct_ports_total":3,"top_paths":[{"path":"/.env.old","count":3,"ports":3},{"path":"/api/sendgrid.env","count":3,"ports":3},{"path":"/.env.test","count":3,"ports":3},{"path":"/var/.env","count":3,"ports":3},{"path":"/.env.qa","count":3,"ports":3},{"path":"/env.old","count":3,"ports":3},{"path":"/env.txt","count":3,"ports":3},{"path":"/.env~","count":3,"ports":3},{"path":"/qa/.env","count":3,"ports":3},{"path":"/wp/.env","count":3,"ports":3},{"path":"/env","count":3,"ports":3},{"path":"/v1/.env","count":3,"ports":3},{"path":"/app/.env.dev","count":3,"ports":3},{"path":"/public/.env","count":3,"ports":3},{"path":"/staging/.env","count":3,"ports":3}],"distinct_paths_total":166,"top_snis":[],"top_hosts":[],"top_alpns":[],"banners":[],"credentials":[],"header_profile":{"signature":["Accept-Charset","Accept-Encoding","Connection","Host","User-Agent"],"representative":[{"name":"Accept-Charset","value":"utf-8","notable":false},{"name":"Accept-Encoding","value":"gzip","notable":false},{"name":"Connection","value":"close","notable":false},{"name":"Host","value":"<HONEYPOT>:9042","notable":false},{"name":"User-Agent","value":"Mozilla/5.0 (Linux; Android 9; SM-G965F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.89 Mobile Safari/537.36","notable":false}],"distinct_sets":1,"events_with_headers":10},"tags":[{"tag_id":"CVE-2024-36527","tag_type":"cve","title":"Puppeteer Renderer - Directory Traversal","severity":"medium","actively_exploited":false,"match_field":"url_path","matched_pattern":"/html","reference_urls":["https://github.com/zenato/puppeteer-renderer/issues/97","https://gist.github.com/7a6163/25fef08f75eed219c8ca21e332d6e911"]}],"data_as_of":"2026-07-03T21:14:17.964995+00:00"}