{"ip":"35.244.23.180","total_events":13181,"verdict":{"verdict":"scanning","label":"Scanning for known vulnerabilities","detail":"6 exploit-path probe(s)","confidence":"medium","network_type":null},"first_seen":"2026-06-29T01:14:50","last_seen":"2026-06-29T03:28:42","events_24h":0,"events_7d":13181,"geo":{"country_code":"IN","country_name":"India","region":"Maharashtra","city":"Mumbai","lat":19.0748,"lon":72.8856,"asn":396982,"org":"Google LLC"},"source_domain":"180.23.244.35.bc.googleusercontent.com","known_scanners":[],"scanner_tag":{"key":"gcp","label":"Google Cloud","category":"hosting_provider","url":"https://cloud.google.com/"},"cve_matches":[{"cve_id":"CVE-2022-24288","title":"Apache Airflow OS Command Injection","severity":"high","actively_exploited":false,"match_field":"url_path","matched_pattern":"/code"},{"cve_id":"CVE-2021-28169","title":"Eclipse Jetty ConcatServlet - Information Disclosure","severity":"medium","actively_exploited":false,"match_field":"url_path","matched_pattern":"/static"}],"top_ports":[{"port":8500,"proto":"tcp","label":"","count":13181}],"fingerprints":{"ssh_hassh":[],"tls_ja4":["t13i1313h2_f57a46bbacb6_fb48f8b98a29","t13i1314h2_f57a46bbacb6_3b244d8fbcc8"],"tls_ja3":["e56c72ec790d5898f89528f5c080ca3b","bbfe3507a810aa6c11c659bd4c7b4cbd"],"ja4h":["ge11nn0400_88d30a62b7ad"]},"fingerprint_peers":{"t13i1313h2_f57a46bbacb6_fb48f8b98a29":1567,"t13i1314h2_f57a46bbacb6_3b244d8fbcc8":37,"ge11nn0400_88d30a62b7ad":8122},"user_agents":["Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36"],"timeline":[{"date":"2026-06-29","count":13181}],"recent_events":[{"timestamp":"2026-06-29T03:28:42","port":8500,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:8500\",\"user-agent\":\"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":["h2","http/1.1"],"url_path":"/storage/website_backup.gz","summary":"","payload_hex":"474554202f73746f726167652f776562736974655f6261636b75702e677a20485454502f312e310d0a486f73743a20<HONEYPOT>3a383530300d0a557365722d4167656e743a204d6f7a696c6c612f352e3020285831313b204c696e7578207838365f363429204170706c655765624b69742f3533372e3336204368726f6d652f3132342e30205361666172692f3533372e33360d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36","community_id":"1:/+92YYQjZ1hYZTAMoaV4RhGGejs=","ja3":"bbfe3507a810aa6c11c659bd4c7b4cbd","session":"2f962beb-65df-499b-9f29-4c2aa177a266","seq":1378,"duration_ms":862262,"bytes_in":258806,"bytes_out":107484},{"timestamp":"2026-06-29T03:28:41","port":8500,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:8500\",\"user-agent\":\"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":["h2","http/1.1"],"url_path":"/storage/website_backup.rar","summary":"","payload_hex":"474554202f73746f726167652f776562736974655f6261636b75702e72617220485454502f312e310d0a486f73743a20<HONEYPOT>3a383530300d0a557365722d4167656e743a204d6f7a696c6c612f352e3020285831313b204c696e7578207838365f363429204170706c655765624b69742f3533372e3336204368726f6d652f3132342e30205361666172692f3533372e33360d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36","community_id":"1:/+92YYQjZ1hYZTAMoaV4RhGGejs=","ja3":"bbfe3507a810aa6c11c659bd4c7b4cbd","session":"2f962beb-65df-499b-9f29-4c2aa177a266","seq":1377,"duration_ms":861668,"bytes_in":258611,"bytes_out":107406},{"timestamp":"2026-06-29T03:28:41","port":8500,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:8500\",\"user-agent\":\"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":["h2","http/1.1"],"url_path":"/storage/website_backup.7z","summary":"","payload_hex":"474554202f73746f726167652f776562736974655f6261636b75702e377a20485454502f312e310d0a486f73743a20<HONEYPOT>3a383530300d0a557365722d4167656e743a204d6f7a696c6c612f352e3020285831313b204c696e7578207838365f363429204170706c655765624b69742f3533372e3336204368726f6d652f3132342e30205361666172692f3533372e33360d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36","community_id":"1:/+92YYQjZ1hYZTAMoaV4RhGGejs=","ja3":"bbfe3507a810aa6c11c659bd4c7b4cbd","session":"2f962beb-65df-499b-9f29-4c2aa177a266","seq":1376,"duration_ms":861032,"bytes_in":258415,"bytes_out":107328},{"timestamp":"2026-06-29T03:28:40","port":8500,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:8500\",\"user-agent\":\"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":["h2","http/1.1"],"url_path":"/storage/website_backup.tar.xz","summary":"","payload_hex":"474554202f73746f726167652f776562736974655f6261636b75702e7461722e787a20485454502f312e310d0a486f73743a20<HONEYPOT>3a383530300d0a557365722d4167656e743a204d6f7a696c6c612f352e3020285831313b204c696e7578207838365f363429204170706c655765624b69742f3533372e3336204368726f6d652f3132342e30205361666172692f3533372e33360d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36","community_id":"1:/+92YYQjZ1hYZTAMoaV4RhGGejs=","ja3":"bbfe3507a810aa6c11c659bd4c7b4cbd","session":"2f962beb-65df-499b-9f29-4c2aa177a266","seq":1375,"duration_ms":860396,"bytes_in":258220,"bytes_out":107250},{"timestamp":"2026-06-29T03:28:39","port":8500,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:8500\",\"user-agent\":\"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":["h2","http/1.1"],"url_path":"/storage/website_backup.tar.bz2","summary":"","payload_hex":"474554202f73746f726167652f776562736974655f6261636b75702e7461722e627a3220485454502f312e310d0a486f73743a20<HONEYPOT>3a383530300d0a557365722d4167656e743a204d6f7a696c6c612f352e3020285831313b204c696e7578207838365f363429204170706c655765624b69742f3533372e3336204368726f6d652f3132342e30205361666172692f3533372e33360d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36","community_id":"1:/+92YYQjZ1hYZTAMoaV4RhGGejs=","ja3":"bbfe3507a810aa6c11c659bd4c7b4cbd","session":"2f962beb-65df-499b-9f29-4c2aa177a266","seq":1374,"duration_ms":859774,"bytes_in":258021,"bytes_out":107172},{"timestamp":"2026-06-29T03:28:39","port":8500,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:8500\",\"user-agent\":\"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":["h2","http/1.1"],"url_path":"/storage/website_backup.tar","summary":"","payload_hex":"474554202f73746f726167652f776562736974655f6261636b75702e74617220485454502f312e310d0a486f73743a20<HONEYPOT>3a383530300d0a557365722d4167656e743a204d6f7a696c6c612f352e3020285831313b204c696e7578207838365f363429204170706c655765624b69742f3533372e3336204368726f6d652f3132342e30205361666172692f3533372e33360d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36","community_id":"1:/+92YYQjZ1hYZTAMoaV4RhGGejs=","ja3":"bbfe3507a810aa6c11c659bd4c7b4cbd","session":"2f962beb-65df-499b-9f29-4c2aa177a266","seq":1373,"duration_ms":859158,"bytes_in":257821,"bytes_out":107094},{"timestamp":"2026-06-29T03:28:38","port":8500,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:8500\",\"user-agent\":\"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":["h2","http/1.1"],"url_path":"/storage/website_backup.tgz","summary":"","payload_hex":"474554202f73746f726167652f776562736974655f6261636b75702e74677a20485454502f312e310d0a486f73743a20<HONEYPOT>3a383530300d0a557365722d4167656e743a204d6f7a696c6c612f352e3020285831313b204c696e7578207838365f363429204170706c655765624b69742f3533372e3336204368726f6d652f3132342e30205361666172692f3533372e33360d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36","community_id":"1:/+92YYQjZ1hYZTAMoaV4RhGGejs=","ja3":"bbfe3507a810aa6c11c659bd4c7b4cbd","session":"2f962beb-65df-499b-9f29-4c2aa177a266","seq":1372,"duration_ms":858540,"bytes_in":257625,"bytes_out":107016},{"timestamp":"2026-06-29T03:28:38","port":8500,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:8500\",\"user-agent\":\"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":["h2","http/1.1"],"url_path":"/storage/website_backup.tar.gz","summary":"","payload_hex":"474554202f73746f726167652f776562736974655f6261636b75702e7461722e677a20485454502f312e310d0a486f73743a20<HONEYPOT>3a383530300d0a557365722d4167656e743a204d6f7a696c6c612f352e3020285831313b204c696e7578207838365f363429204170706c655765624b69742f3533372e3336204368726f6d652f3132342e30205361666172692f3533372e33360d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36","community_id":"1:/+92YYQjZ1hYZTAMoaV4RhGGejs=","ja3":"bbfe3507a810aa6c11c659bd4c7b4cbd","session":"2f962beb-65df-499b-9f29-4c2aa177a266","seq":1371,"duration_ms":857920,"bytes_in":257429,"bytes_out":106938},{"timestamp":"2026-06-29T03:28:37","port":8500,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:8500\",\"user-agent\":\"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":["h2","http/1.1"],"url_path":"/storage/website_backup.zip","summary":"","payload_hex":"474554202f73746f726167652f776562736974655f6261636b75702e7a697020485454502f312e310d0a486f73743a20<HONEYPOT>3a383530300d0a557365722d4167656e743a204d6f7a696c6c612f352e3020285831313b204c696e7578207838365f363429204170706c655765624b69742f3533372e3336204368726f6d652f3132342e30205361666172692f3533372e33360d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36","community_id":"1:/+92YYQjZ1hYZTAMoaV4RhGGejs=","ja3":"bbfe3507a810aa6c11c659bd4c7b4cbd","session":"2f962beb-65df-499b-9f29-4c2aa177a266","seq":1370,"duration_ms":857300,"bytes_in":257230,"bytes_out":106860},{"timestamp":"2026-06-29T03:28:36","port":8500,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:8500\",\"user-agent\":\"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":["h2","http/1.1"],"url_path":"/storage/site_backup.sql","summary":"","payload_hex":"474554202f73746f726167652f736974655f6261636b75702e73716c20485454502f312e310d0a486f73743a20<HONEYPOT>3a383530300d0a557365722d4167656e743a204d6f7a696c6c612f352e3020285831313b204c696e7578207838365f363429204170706c655765624b69742f3533372e3336204368726f6d652f3132342e30205361666172692f3533372e33360d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36","community_id":"1:/+92YYQjZ1hYZTAMoaV4RhGGejs=","ja3":"bbfe3507a810aa6c11c659bd4c7b4cbd","session":"2f962beb-65df-499b-9f29-4c2aa177a266","seq":1369,"duration_ms":856688,"bytes_in":257034,"bytes_out":106782}],"http_methods":[{"method":"GET","count":13181}],"distinct_ports_total":1,"top_paths":[{"path":"/files/storage.7z","count":1,"ports":1},{"path":"/files/spring.tar.xz","count":1,"ports":1},{"path":"/backups/dataset.zip","count":1,"ports":1},{"path":"/files/sql_backup.tar.xz","count":1,"ports":1},{"path":"/backup/magento.bz2","count":1,"ports":1},{"path":"/backup/opencart.sql.gz","count":1,"ports":1},{"path":"/files/docker-compose.gz","count":1,"ports":1},{"path":"/backup/vendor.tar","count":1,"ports":1},{"path":"/files/import.sql.bz2","count":1,"ports":1},{"path":"/backup/sessions.tar.bz2","count":1,"ports":1},{"path":"/backup/drupal.bz2","count":1,"ports":1},{"path":"/files/elasticdump.tgz","count":1,"ports":1},{"path":"/files/wp-includes.bz2","count":1,"ports":1},{"path":"/files/uploads.sql.gz","count":1,"ports":1},{"path":"/backups/rails.sql.gz","count":1,"ports":1}],"distinct_paths_total":200,"top_snis":[],"top_hosts":[],"top_alpns":[{"value":"h2, http/1.1","count":13181}],"banners":[],"credentials":[],"header_profile":{"signature":["Accept","Accept-Encoding","Host","User-Agent"],"representative":[{"name":"Accept","value":"*/*","notable":false},{"name":"Accept-Encoding","value":"gzip","notable":false},{"name":"Host","value":"<HONEYPOT>:8500","notable":false},{"name":"User-Agent","value":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36","notable":false}],"distinct_sets":1,"events_with_headers":10},"tags":[{"tag_id":"CVE-2022-24288","tag_type":"cve","title":"Apache Airflow OS Command Injection","severity":"high","actively_exploited":false,"match_field":"url_path","matched_pattern":"/code","reference_urls":["https://github.com/advisories/GHSA-3v7g-4pg3-7r6j","https://nvd.nist.gov/vuln/detail/CVE-2022-24288","https://lists.apache.org/thread/dbw5ozcmr0h0lhs0yjph7xdc64oht23t","https://github.com/ARPSyndicate/kenzer-templates","https://github.com/Hax0rG1rl/my_cve_and_bounty_poc"]},{"tag_id":"CVE-2021-28169","tag_type":"cve","title":"Eclipse Jetty ConcatServlet - Information Disclosure","severity":"medium","actively_exploited":false,"match_field":"url_path","matched_pattern":"/static","reference_urls":["https://twitter.com/sec715/status/1406787963569065988","https://github.com/eclipse/jetty.project/security/advisories/GHSA-gwcr-j4wh-j3cq","https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E","https://nvd.nist.gov/vuln/detail/CVE-2021-28169","https://lists.apache.org/thread.html/r04a4b4553a23aff26f42635a6ae388c3b162aab30a88d12e59d05168@%3Cjira.kafka.apache.org%3E"]}],"data_as_of":"2026-07-01T00:37:34.565195+00:00"}