Lookup

Explore

CVEs Payloads Campaigns AEI Index Ports User-agents

Integrations

Overview MCP Feeds API / Enrich

iAnonymous lookups: 10/min, 60/hr per source IP. Sign in (free) to lift the limit, run heavier queries, and get an API key for MCP / HTTP.

Filtered actors

query: ja4:t13i1313h2_f57a46bbacb6_fb48f8b98a29

915 unique IPs · 57.4K events · 25 countries · 1 ASNs

Activity · last 7d

peak 34.2K on 2026-06-30

Top source networks · click to refine

AS396982 Google LLC100.0%

query: ja4:t13i1313h2_f57a46bbacb6_fb48f8b98a29×window1h 24h7d30d🔒90d🔒

Turn this query into a daily email digest or an IOC feed URL.Save as feed

Sample payloads

top distinct probes matching this query

Protocol	Port	Probe / payload	Hits	Example
HTTP	9990	GET / UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0 Safari/537.36	1.2K · 915 IPs	34.47.1.107 →
HTTP	9990	GET /backup.zip UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36	16 · 16 IPs	34.40.152.103 →
HTTP	9990	GET /backup.tar.gz UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36	13 · 13 IPs	34.40.152.103 →
HTTP	9980	GET /backup.tar UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36	10 · 10 IPs	34.158.194.225 →
HTTP	9990	GET /backup.sql.bz2 UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36	9 · 9 IPs	34.40.152.103 →
HTTP	7272	GET /backup.zst UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36	8 · 8 IPs	34.14.215.57 →
HTTP	9443	GET /backup.7z UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36	8 · 8 IPs	34.18.217.21 →
HTTP	8190	GET /backup.tgz UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36	7 · 7 IPs	34.17.165.5 →
HTTP	7860	GET /backup.rar UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36	7 · 7 IPs	34.172.164.119 →
HTTP	8282	GET /backup.tar.xz UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36	7 · 7 IPs	34.151.91.57 →
HTTP	8500	GET /backup.gz UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36	7 · 7 IPs	35.244.23.180 →
HTTP	7272	GET /backups.tar.bz2 UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36	6 · 6 IPs	34.14.215.57 →

IPCountryASNTop portsEvents

34.18.217.2121.217.18.34.bc.googleusercontent.com 🇶🇦QA AS396982 Google LLC944317.5K

34.32.98.232232.98.32.34.bc.googleusercontent.com 🇩🇪DE AS396982 Google LLC824016.4K

34.16.231.217217.231.16.34.bc.googleusercontent.com 🇺🇸US AS396982 Google LLC814012.2K

34.151.91.5757.91.151.34.bc.googleusercontent.com 🇦🇺AU AS396982 Google LLC82824.4K

34.84.115.133133.115.84.34.bc.googleusercontent.com 🇯🇵JP AS396982 Google LLC41002.5K

35.236.151.222222.151.236.35.bc.googleusercontent.com 🇹🇼TW AS396982 Google LLC1080/SOCKS2.2K

35.244.23.180180.23.244.35.bc.googleusercontent.com 🇮🇳IN AS396982 Google LLC8500607

34.40.152.103103.152.40.34.bc.googleusercontent.com 🇦🇺AU AS396982 Google LLC9990325

35.244.64.150150.64.244.35.bc.googleusercontent.com 🇦🇺AU AS396982 Google LLC717114

34.50.98.111111.98.50.34.bc.googleusercontent.com 🇮🇩ID AS396982 Google LLC420014

34.14.215.5757.215.14.34.bc.googleusercontent.com 🇮🇳IN AS396982 Google LLC727213

34.178.205.208208.205.178.34.bc.googleusercontent.com 🇳🇱NL AS396982 Google LLC9989 8700 82 491544

34.7.109.204204.109.7.34.bc.googleusercontent.com 🇳🇱NL AS396982 Google LLC8000/HTTP-alt 82 9004 8088/Hadoop4

34.158.194.225225.194.158.34.bc.googleusercontent.com 🇰🇷KR AS396982 Google LLC99804

34.159.148.100100.148.159.34.bc.googleusercontent.com 🇩🇪DE AS396982 Google LLC10080 82 5432/Postgres 23794

34.40.111.210210.111.40.34.bc.googleusercontent.com 🇩🇪DE AS396982 Google LLC7272 5001 9005 80204

35.220.245.167167.245.220.35.bc.googleusercontent.com 🇭🇰HK AS396982 Google LLC4848 8190 9012 100014

34.50.18.1313.18.50.34.bc.googleusercontent.com 🇰🇷KR AS396982 Google LLC88984

34.17.165.55.165.17.34.bc.googleusercontent.com 🇮🇹IT AS396982 Google LLC81904

35.221.217.160160.217.221.35.bc.googleusercontent.com 🇹🇼TW AS396982 Google LLC90024

35.234.252.8585.252.234.35.bc.googleusercontent.com 🇨🇦CA AS396982 Google LLC9989 37778 8088/Hadoop3

34.47.252.165165.252.47.34.bc.googleusercontent.com 🇮🇳IN AS396982 Google LLC9988 9010 81503

34.50.84.3131.84.50.34.bc.googleusercontent.com 🇮🇩ID AS396982 Google LLC8300 5984/CouchDB 99993

35.240.218.9595.218.240.35.bc.googleusercontent.com 🇸🇬SG AS396982 Google LLC7272 9600/Logstash 99803

34.40.222.230230.222.40.34.bc.googleusercontent.com 🇦🇺AU AS396982 Google LLC27017/MongoDB 4200 5800/VNC-HTTP3

34.131.143.135135.143.131.34.bc.googleusercontent.com 🇮🇳IN AS396982 Google LLC3002 8270 90803

34.6.149.251251.149.6.34.bc.googleusercontent.com 🇳🇱NL AS396982 Google LLC2376/Docker 7373 843

34.92.195.194194.195.92.34.bc.googleusercontent.com 🇭🇰HK AS396982 Google LLC7002 2083 94003

35.198.253.3737.253.198.35.bc.googleusercontent.com 🇸🇬SG AS396982 Google LLC9090/Prometheus 3000/Web-alt 843

35.198.29.129129.29.198.35.bc.googleusercontent.com 🇧🇷BR AS396982 Google LLC554 80/HTTP 82903

35.243.135.192192.135.243.35.bc.googleusercontent.com 🇺🇸US AS396982 Google LLC4443 8099 99013

35.196.211.178178.211.196.35.bc.googleusercontent.com 🇺🇸US AS396982 Google LLC9090/Prometheus 5000/Web-alt 45673

35.198.67.158158.67.198.35.bc.googleusercontent.com 🇩🇪DE AS396982 Google LLC8084 8140 500803

34.21.150.193193.150.21.34.bc.googleusercontent.com 🇸🇬SG AS396982 Google LLC6443/k8s API 8150 99803

34.180.49.6262.49.180.34.bc.googleusercontent.com 🇮🇳IN AS396982 Google LLC27017/MongoDB 2376/Docker 94433

34.90.213.104104.213.90.34.bc.googleusercontent.com 🇳🇱NL AS396982 Google LLC8200 8585 5900/VNC3

34.179.135.5252.135.179.34.bc.googleusercontent.com 🇩🇪DE AS396982 Google LLC88 9988 280173

35.199.82.216216.82.199.35.bc.googleusercontent.com 🇧🇷BR AS396982 Google LLC8700 81 5800/VNC-HTTP3

34.39.67.110110.67.39.34.bc.googleusercontent.com 🇬🇧GB AS396982 Google LLC7171 8230 24433

35.228.251.177177.251.228.35.bc.googleusercontent.com 🇫🇮FI AS396982 Google LLC9001/Tor 6001 491543

34.101.93.7676.93.101.34.bc.googleusercontent.com 🇮🇩ID AS396982 Google LLC8300 7373 85853

34.47.77.167167.77.47.34.bc.googleusercontent.com 🇰🇷KR AS396982 Google LLC7272 9202 30013

34.151.179.224224.179.151.34.bc.googleusercontent.com 🇦🇺AU AS396982 Google LLC50000/SAP 34567 280173

34.96.194.222222.194.96.34.bc.googleusercontent.com 🇭🇰HK AS396982 Google LLC9989 4000 90073

34.107.14.154154.14.107.34.bc.googleusercontent.com 🇩🇪DE AS396982 Google LLC8800 12000 100013

34.50.64.5959.64.50.34.bc.googleusercontent.com 🇮🇩ID AS396982 Google LLC4848 5000/Web-alt 8008/HTTP-alt3

34.131.51.6868.51.131.34.bc.googleusercontent.com 🇮🇳IN AS396982 Google LLC9998 3128/HTTP-proxy 20873

8.228.60.132132.60.228.8.bc.googleusercontent.com 🇬🇧GB AS396982 Google LLC5601/Kibana 7575 82703

34.180.29.11.29.180.34.bc.googleusercontent.com 🇮🇳IN AS396982 Google LLC4002 8161/ActiveMQ 82803

34.131.45.130130.45.131.34.bc.googleusercontent.com 🇮🇳IN AS396982 Google LLC9902 80/HTTP 84003

Showing top 50 by event count. Window is the last 7d. Add or remove filters by clicking any value on a per-IP report.