{"ip":"35.234.81.66","total_events":68690,"verdict":{"verdict":"scanning","label":"Scanning for known vulnerabilities","detail":"3 exploit-path probe(s)","confidence":"medium","network_type":null},"first_seen":"2026-06-14T10:52:25","last_seen":"2026-06-14T21:01:01","events_24h":0,"events_7d":32282,"geo":{"country_code":"DE","country_name":"Germany","region":"Hesse","city":"Frankfurt am Main","lat":50.1169,"lon":8.6837,"asn":396982,"org":"Google LLC"},"source_domain":"66.81.234.35.bc.googleusercontent.com","known_scanners":[],"scanner_tag":{"key":"gcp","label":"Google Cloud","category":"hosting_provider","url":"https://cloud.google.com/"},"cve_matches":[{"cve_id":"CVE-2021-28169","title":"Eclipse Jetty ConcatServlet - Information Disclosure","severity":"medium","actively_exploited":false,"match_field":"url_path","matched_pattern":"/static"}],"top_ports":[{"port":8091,"proto":"tcp","label":"","count":68690}],"fingerprints":{"ssh_hassh":[],"tls_ja4":["t13i1313h2_f57a46bbacb6_fb48f8b98a29","t13i1314h2_f57a46bbacb6_3b244d8fbcc8"],"tls_ja3":["e56c72ec790d5898f89528f5c080ca3b","bbfe3507a810aa6c11c659bd4c7b4cbd"],"ja4h":["ge11nn0400_88d30a62b7ad"]},"fingerprint_peers":{"t13i1313h2_f57a46bbacb6_fb48f8b98a29":699,"t13i1314h2_f57a46bbacb6_3b244d8fbcc8":21,"ge11nn0400_88d30a62b7ad":7424},"user_agents":["Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36"],"timeline":[{"date":"2026-06-14","count":68690}],"recent_events":[{"timestamp":"2026-06-14T21:01:01","port":8091,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:8091\",\"user-agent\":\"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":["h2","http/1.1"],"url_path":"/admin/tmp.7z","summary":"","payload_hex":"474554202f61646d696e2f746d702e377a20485454502f312e310d0a486f73743a20<HONEYPOT>3a383039310d0a557365722d4167656e743a204d6f7a696c6c612f352e3020285831313b204c696e7578207838365f363429204170706c655765624b69742f3533372e3336204368726f6d652f3132342e30205361666172692f3533372e33360d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36","community_id":"1:Vqktgv1IOBrSzaXchLcPiHc9siw=","ja3":"bbfe3507a810aa6c11c659bd4c7b4cbd","session":"23dd5174-14b4-4d86-a241-872693bbdc70","seq":4482,"duration_ms":2441416,"bytes_in":837921,"bytes_out":345114},{"timestamp":"2026-06-14T21:01:01","port":8091,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:8091\",\"user-agent\":\"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":["h2","http/1.1"],"url_path":"/admin/tmp.tar.xz","summary":"","payload_hex":"474554202f61646d696e2f746d702e7461722e787a20485454502f312e310d0a486f73743a20<HONEYPOT>3a383039310d0a557365722d4167656e743a204d6f7a696c6c612f352e3020285831313b204c696e7578207838365f363429204170706c655765624b69742f3533372e3336204368726f6d652f3132342e30205361666172692f3533372e33360d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36","community_id":"1:Vqktgv1IOBrSzaXchLcPiHc9siw=","ja3":"bbfe3507a810aa6c11c659bd4c7b4cbd","session":"23dd5174-14b4-4d86-a241-872693bbdc70","seq":4481,"duration_ms":2440885,"bytes_in":837739,"bytes_out":345037},{"timestamp":"2026-06-14T21:01:00","port":8091,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:8091\",\"user-agent\":\"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":["h2","http/1.1"],"url_path":"/admin/tmp.tar.bz2","summary":"","payload_hex":"474554202f61646d696e2f746d702e7461722e627a3220485454502f312e310d0a486f73743a20<HONEYPOT>3a383039310d0a557365722d4167656e743a204d6f7a696c6c612f352e3020285831313b204c696e7578207838365f363429204170706c655765624b69742f3533372e3336204368726f6d652f3132342e30205361666172692f3533372e33360d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36","community_id":"1:Vqktgv1IOBrSzaXchLcPiHc9siw=","ja3":"bbfe3507a810aa6c11c659bd4c7b4cbd","session":"23dd5174-14b4-4d86-a241-872693bbdc70","seq":4480,"duration_ms":2440351,"bytes_in":837553,"bytes_out":344960},{"timestamp":"2026-06-14T21:01:00","port":8091,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:8091\",\"user-agent\":\"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":["h2","http/1.1"],"url_path":"/admin/tmp.tar","summary":"","payload_hex":"474554202f61646d696e2f746d702e74617220485454502f312e310d0a486f73743a20<HONEYPOT>3a383039310d0a557365722d4167656e743a204d6f7a696c6c612f352e3020285831313b204c696e7578207838365f363429204170706c655765624b69742f3533372e3336204368726f6d652f3132342e30205361666172692f3533372e33360d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36","community_id":"1:Vqktgv1IOBrSzaXchLcPiHc9siw=","ja3":"bbfe3507a810aa6c11c659bd4c7b4cbd","session":"23dd5174-14b4-4d86-a241-872693bbdc70","seq":4479,"duration_ms":2439812,"bytes_in":837366,"bytes_out":344883},{"timestamp":"2026-06-14T21:00:59","port":8091,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:8091\",\"user-agent\":\"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":["h2","http/1.1"],"url_path":"/admin/tmp.tgz","summary":"","payload_hex":"474554202f61646d696e2f746d702e74677a20485454502f312e310d0a486f73743a20<HONEYPOT>3a383039310d0a557365722d4167656e743a204d6f7a696c6c612f352e3020285831313b204c696e7578207838365f363429204170706c655765624b69742f3533372e3336204368726f6d652f3132342e30205361666172692f3533372e33360d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36","community_id":"1:Vqktgv1IOBrSzaXchLcPiHc9siw=","ja3":"bbfe3507a810aa6c11c659bd4c7b4cbd","session":"23dd5174-14b4-4d86-a241-872693bbdc70","seq":4478,"duration_ms":2439266,"bytes_in":837183,"bytes_out":344806},{"timestamp":"2026-06-14T21:00:58","port":8091,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:8091\",\"user-agent\":\"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":["h2","http/1.1"],"url_path":"/admin/tmp.tar.gz","summary":"","payload_hex":"474554202f61646d696e2f746d702e7461722e677a20485454502f312e310d0a486f73743a20<HONEYPOT>3a383039310d0a557365722d4167656e743a204d6f7a696c6c612f352e3020285831313b204c696e7578207838365f363429204170706c655765624b69742f3533372e3336204368726f6d652f3132342e30205361666172692f3533372e33360d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36","community_id":"1:Vqktgv1IOBrSzaXchLcPiHc9siw=","ja3":"bbfe3507a810aa6c11c659bd4c7b4cbd","session":"23dd5174-14b4-4d86-a241-872693bbdc70","seq":4477,"duration_ms":2438725,"bytes_in":837000,"bytes_out":344729},{"timestamp":"2026-06-14T21:00:58","port":8091,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:8091\",\"user-agent\":\"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":["h2","http/1.1"],"url_path":"/admin/tmp.zip","summary":"","payload_hex":"474554202f61646d696e2f746d702e7a697020485454502f312e310d0a486f73743a20<HONEYPOT>3a383039310d0a557365722d4167656e743a204d6f7a696c6c612f352e3020285831313b204c696e7578207838365f363429204170706c655765624b69742f3533372e3336204368726f6d652f3132342e30205361666172692f3533372e33360d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36","community_id":"1:Vqktgv1IOBrSzaXchLcPiHc9siw=","ja3":"bbfe3507a810aa6c11c659bd4c7b4cbd","session":"23dd5174-14b4-4d86-a241-872693bbdc70","seq":4476,"duration_ms":2438204,"bytes_in":836814,"bytes_out":344652},{"timestamp":"2026-06-14T21:00:57","port":8091,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:8091\",\"user-agent\":\"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":["h2","http/1.1"],"url_path":"/admin/var.sql","summary":"","payload_hex":"474554202f61646d696e2f7661722e73716c20485454502f312e310d0a486f73743a20<HONEYPOT>3a383039310d0a557365722d4167656e743a204d6f7a696c6c612f352e3020285831313b204c696e7578207838365f363429204170706c655765624b69742f3533372e3336204368726f6d652f3132342e30205361666172692f3533372e33360d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36","community_id":"1:Vqktgv1IOBrSzaXchLcPiHc9siw=","ja3":"bbfe3507a810aa6c11c659bd4c7b4cbd","session":"23dd5174-14b4-4d86-a241-872693bbdc70","seq":4475,"duration_ms":2437670,"bytes_in":836631,"bytes_out":344575},{"timestamp":"2026-06-14T21:00:57","port":8091,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:8091\",\"user-agent\":\"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":["h2","http/1.1"],"url_path":"/admin/var.sql.bz2","summary":"","payload_hex":"474554202f61646d696e2f7661722e73716c2e627a3220485454502f312e310d0a486f73743a20<HONEYPOT>3a383039310d0a557365722d4167656e743a204d6f7a696c6c612f352e3020285831313b204c696e7578207838365f363429204170706c655765624b69742f3533372e3336204368726f6d652f3132342e30205361666172692f3533372e33360d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36","community_id":"1:Vqktgv1IOBrSzaXchLcPiHc9siw=","ja3":"bbfe3507a810aa6c11c659bd4c7b4cbd","session":"23dd5174-14b4-4d86-a241-872693bbdc70","seq":4474,"duration_ms":2437153,"bytes_in":836448,"bytes_out":344498},{"timestamp":"2026-06-14T21:00:56","port":8091,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:8091\",\"user-agent\":\"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":["h2","http/1.1"],"url_path":"/admin/var.sql.gz","summary":"","payload_hex":"474554202f61646d696e2f7661722e73716c2e677a20485454502f312e310d0a486f73743a20<HONEYPOT>3a383039310d0a557365722d4167656e743a204d6f7a696c6c612f352e3020285831313b204c696e7578207838365f363429204170706c655765624b69742f3533372e3336204368726f6d652f3132342e30205361666172692f3533372e33360d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36","community_id":"1:Vqktgv1IOBrSzaXchLcPiHc9siw=","ja3":"bbfe3507a810aa6c11c659bd4c7b4cbd","session":"23dd5174-14b4-4d86-a241-872693bbdc70","seq":4473,"duration_ms":2436642,"bytes_in":836261,"bytes_out":344421}],"http_methods":[{"method":"GET","count":68690}],"distinct_ports_total":1,"top_paths":[{"path":"/backups/administrator.tgz","count":1,"ports":1},{"path":"/application/images.tar.xz","count":1,"ports":1},{"path":"/api/v3/error_log.tar.bz2","count":1,"ports":1},{"path":"/admin/development.tar.gz","count":1,"ports":1},{"path":"/services/microservice.tgz","count":1,"ports":1},{"path":"/v3/website_backup.tar.gz","count":1,"ports":1},{"path":"/server/website_backup.zst","count":1,"ports":1},{"path":"/frontend/attachments.tar.bz2","count":1,"ports":1},{"path":"/backend/site_backup.sql.bz2","count":1,"ports":1},{"path":"/application/attachments.tar.xz","count":1,"ports":1},{"path":"/server/elasticdump.sql.gz","count":1,"ports":1},{"path":"/application/db_backup.sql.gz","count":1,"ports":1},{"path":"/backups/concrete5.tar.xz","count":1,"ports":1},{"path":"/backup/application.tar.bz2","count":1,"ports":1},{"path":"/storage/pre-prod.tar.bz2","count":1,"ports":1}],"distinct_paths_total":200,"top_snis":[],"top_hosts":[],"top_alpns":[{"value":"h2, http/1.1","count":68690}],"banners":[],"credentials":[],"header_profile":{"signature":["Accept","Accept-Encoding","Host","User-Agent"],"representative":[{"name":"Accept","value":"*/*","notable":false},{"name":"Accept-Encoding","value":"gzip","notable":false},{"name":"Host","value":"<HONEYPOT>:8091","notable":false},{"name":"User-Agent","value":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36","notable":false}],"distinct_sets":1,"events_with_headers":10},"tags":[{"tag_id":"CVE-2021-28169","tag_type":"cve","title":"Eclipse Jetty ConcatServlet - Information Disclosure","severity":"medium","actively_exploited":false,"match_field":"url_path","matched_pattern":"/static","reference_urls":["https://twitter.com/sec715/status/1406787963569065988","https://github.com/eclipse/jetty.project/security/advisories/GHSA-gwcr-j4wh-j3cq","https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E","https://nvd.nist.gov/vuln/detail/CVE-2021-28169","https://lists.apache.org/thread.html/r04a4b4553a23aff26f42635a6ae388c3b162aab30a88d12e59d05168@%3Cjira.kafka.apache.org%3E"]}],"data_as_of":"2026-06-21T16:15:42.107249+00:00"}