Renseignement sur les menaces

Belgique

34.79.151.177

FAI Google LLC Première vue 18/05/2026 06:07 UTC Dernière vue 16/06/2026 10:08 UTC Risque Critique

Période analysée : 2026-03-18 → 2026-06-16

Activité suspecte · risque 38/100

Base IP Signaler JSON CSV Pro STIX 2.1 · JSON SOC ou contact

Réputation DNSBL WHOIS Ports

24h 7j 30j 90j

Critique · Risque max (7j) Critique

Synthèse exécutive

Profil de menace

Score de risque 85/100 Critique

Première observation 18/05/2026 06:07 UTC

Dernière observation 16/06/2026 10:08 UTC

Événements (période) 794

MITRE ATT&CK principal TA0007 179 occurrences

Activité suspecte · risque 38/100

Pourquoi listée

Synthèse décisionnelle honeypot — seuil de listing maintenu à 1 événement qualifié.

Type « port_9098_tcp » (signaux protocolaires) · confiance 55%

Confiance 55 % — Score WAF 32 · 2 tag(s) WAF

Comparaison ASN / FAI

ASN 396982 · 34.79.144.0/20 · ARIN — 8 pair(s) ASN/FAI listé(s) — activité locale élevée vs pairs · 794 événements sur la période pour cette IP.

162.216.150.49 Scanner web 16/06/2026 18:30 UTC
34.4.110.201 Sonde port 23/TCP 16/06/2026 18:30 UTC
147.185.133.225 Scanner web 16/06/2026 18:25 UTC
35.203.211.20 Scanner web 16/06/2026 18:21 UTC
162.216.150.98 Scanner web 16/06/2026 18:20 UTC
147.185.133.224 Scanner web 16/06/2026 18:20 UTC
162.216.150.116 Scanner web 16/06/2026 18:16 UTC
35.222.165.200 couchdb probe 16/06/2026 18:11 UTC

Événements (filtres)

794

Première observation

18/05/2026 06:07 UTC

Dernière observation

16/06/2026 10:08 UTC

Dernière activité (filtres)

16/06/2026 10:08 UTC

Événements 7j

115

Ports distincts (7j)

113

Classifications (7j)

105

Sévérité max (7j)

Élevée

Activité multi-protocole

Cette IP touche plusieurs services simulés (pas seulement le web).

HTTP TCP 747 TLS TCP 35 KERBEROS TCP 2 FTP TCP 2 I2P ROUTER TCP 1 RSYNC TCP 1 MYSQL TCP 1 NFS TCP 1 GITHUB WEBHOOK TCP 1 POSTGRES TCP 1 RPCBIND TCP 1

HTTP

747

TLS

KERBEROS

FTP

I2P ROUTER

RSYNC

Géolocalisation

Origine réseau déclarée

Belgique unknown unknown

FAI / réseau

Opérateur et dernière activité ban

Google LLC 598 Port 9098 port_9098_tcp

Renseignement menaces

Score capteur — surveiller, investiguer ou bloquer.

Recommandation

Stade d'attaque

Sonde / probe

Chaîne d'attaque

Découverte

Vecteur d'attaque

port 9098 tcp · via HTTP:9098 · (sonde / probe)

Détails protocole

Méthode: GET
Chemin: /
User-Agent: python-requests/2.32.5

Aperçu payload

GET / HTTP/1.1 Host: 62.3.50.33:9098 User-Agent: python-requests/2.32.5 Accept-Encoding: gzip, deflate Accept: */* Connecti

Port / service

9098 · HTTP

Service émulé

HTTP

Raison confiance

Confiance 55 % — Classification nommée non retenue — preuves insuffisantes · 2 tag(s) WAF

Technique MITRE

TA0007

Persona capteur

mail.sensor-1.internal

Recommandation

Surveiller

Rôle capteur

Renseignement menaces

Confiance

55%

Famille de menace

unknown

MITRE ATT&CK — tactiques

Reconnaissance Développement Accès Exécution Persistance Élévation Contournement Accès Découverte Mouvement Collecte Commande Exfiltration Impact

Décomposition confiance

Filtres

Les dates De/À priment sur la période. Affinez protocole, port, service et classification.

proto=Tous service=Tous port=Tous type=Tous sév.=Toutes

Période

Protocole

Port (dst)

Service

Classification

Sévérité min

Sévérité max

Réinitialiser

Timeline

794 événements filtrés — activité quotidienne

Ports 24 h

Top ports ciblés sur les dernières 24 heures

Top ports

SSH 22, RDP 3389, HTTP alternatifs…

Top classifications

Web, SSH, SAP, scans…

Heatmap attaques 7j

Intensité par jour et heure (UTC capteur)

Chronologie des événements

794 événement(s) — page 7/16

Horodatage	Proto	Port	Service	Classification	Sévérité	Risque
28/05/2026 08:45:21 UTC	TCP	3018	http	Sonde HTTP	Élevée	Moyen · 61
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 3018 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "d43409e4c56c4641b9e20e7144d60e4acf02d43f", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 146, "payload_entropy": 5.100052727928154, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 4, "anomaly_count": 1, "risk_score": 61, "campaign_key": "5f9f3b0b9c30216390fa42553d6b3fbdf4420c59", "event_fingerprint": "a1501f06830faa7499223bb29043e05cde934462", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "scanner-ua" ] }
28/05/2026 08:45:04 UTC	TCP	9050	http	Sonde HTTP	Élevée	Moyen · 61
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 9050 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "b16a7f397b7f94cdd316d70150984f41b30bd2c6", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 146, "payload_entropy": 5.105907200340986, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 4, "anomaly_count": 1, "risk_score": 61, "campaign_key": "283095bf257ae38d9b6ba15e9a89c1a2ecdd07a4", "event_fingerprint": "c2a94d1945d90b200ab17b576d1d3d7c1d3c8d7d", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "scanner-ua" ] }
28/05/2026 08:42:18 UTC	TCP	2599	http	Sonde HTTP	Élevée	Moyen · 61
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 2599 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "f1f40198dc6325f93889153afa28528f5012749f", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 146, "payload_entropy": 5.1025494948911705, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 4, "anomaly_count": 1, "risk_score": 61, "campaign_key": "9d89d9e5acdc0cc35dead05992ec30b961944d42", "event_fingerprint": "356ac883e3f6df763537a87a94dde077f63e02f0", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "scanner-ua" ] }
28/05/2026 08:41:00 UTC	TCP	8102	http	Sonde HTTP	Élevée	Moyen · 61
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 8102 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "12cd3243a8168824f53a85437c817335d54dc068", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 146, "payload_entropy": 5.1025494948911705, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 4, "anomaly_count": 1, "risk_score": 61, "campaign_key": "148982d9f66e020dfa3f6e04acb151d9b2f866ac", "event_fingerprint": "6ed93bc3070c899c951ee8705c4a7668a47a982c", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "scanner-ua" ] }
28/05/2026 08:40:51 UTC	TCP	440	http	Sonde HTTP	Élevée	Moyen · 61
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 440 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "bc09291a349f76ca1db28927b52c7f3766e47cec", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 145, "payload_entropy": 5.105825232481338, "port_category": "well_known", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 4, "anomaly_count": 1, "risk_score": 61, "campaign_key": "504fd85b2a132465bba047070a66aa8e182d01ef", "event_fingerprint": "e1ff099d34cea60fc20f0ba934e4fea7ccd44a29", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "scanner-ua" ] }
28/05/2026 08:40:24 UTC	TCP	16992	http	Sonde HTTP	Élevée	Moyen · 61
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 16992 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "ca472f7222d988e1a7cf102afdf8141c8ae0ae2a", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 147, "payload_entropy": 5.112990988765808, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 4, "anomaly_count": 1, "risk_score": 61, "campaign_key": "55bf8b0b0254c2db2b2f8df36e51c6a85111499a", "event_fingerprint": "7f37cd280682d67f2d5b50aec80f75d03d364603", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "scanner-ua" ] }
28/05/2026 08:38:31 UTC	TCP	8866	http	Sonde HTTP	Élevée	Moyen · 61
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 8866 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "805a5b456361bd761564d84d0e734179187ffcc7", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 146, "payload_entropy": 5.111077662684571, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 4, "anomaly_count": 1, "risk_score": 61, "campaign_key": "6aad13a8f2c14434dbf18f70c4bb589b2f472db8", "event_fingerprint": "3f9adda78fcd87c01d7023d21c120107845a860b", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "scanner-ua" ] }
28/05/2026 08:38:13 UTC	TCP	5010	http	Sonde HTTP	Élevée	Moyen · 61
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 5010 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "4b680d826d51d0a1f46b915bda52d89a6ba8428a", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 146, "payload_entropy": 5.0870381078604145, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 4, "anomaly_count": 1, "risk_score": 61, "campaign_key": "af9118e6f184488ab10a13d6a2c430a6421cc0a0", "event_fingerprint": "f5e7cde9b9bec643ee908217cd38784546625e94", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "scanner-ua" ] }
28/05/2026 08:37:48 UTC	TCP	9029	http	Sonde HTTP	Élevée	Moyen · 61
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 9029 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "21f12baf8279a9b0ed333d7b2961b9fa4d3098d2", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 146, "payload_entropy": 5.107719957234756, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 4, "anomaly_count": 1, "risk_score": 61, "campaign_key": "78ead447f9ce21b46b4c0fd3dde701236d79f895", "event_fingerprint": "471d44a1542d200a136a92a90b96e9017a3fe5de", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "scanner-ua" ] }
28/05/2026 08:33:38 UTC	TCP	143	http	Sonde HTTP	Élevée	Moyen · 61
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 143 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "e411c7be65d864c4f8e2b5b19854c35081064b4c", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 145, "payload_entropy": 5.089518142987543, "port_category": "well_known", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 4, "anomaly_count": 1, "risk_score": 61, "campaign_key": "38e396d9906be42e091a0daade2ec7036a8d36f6", "event_fingerprint": "c496aba0203187d656494b53f7476f0519557e5b", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "scanner-ua" ] }
28/05/2026 08:33:26 UTC	TCP	7001	http	Sonde HTTP	Élevée	Moyen · 61
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 7001 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "1e75f7b986cff91f40ab57cbc92b6aed66f05c5b", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 146, "payload_entropy": 5.105907200340986, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 4, "anomaly_count": 1, "risk_score": 61, "campaign_key": "62c3c7d226d62b48abed45e6ed1630aac1f9da16", "event_fingerprint": "c4a2d76e028b7bcacc3e750bffa620e0bce64a17", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "scanner-ua" ] }
28/05/2026 08:32:10 UTC	TCP	3311	http	Sonde HTTP	Élevée	Moyen · 63
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 3311 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "3efb2de0029115bb8e3753d1c341f72d3770f959", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 146, "payload_entropy": 5.064811309930026, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 5, "anomaly_count": 1, "risk_score": 63, "campaign_key": "a5663d206a59c1374afabc4129eb60dde2cfb706", "event_fingerprint": "4ec9be666bfbd3c29debff7e293fa76ffab837e7", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "net_slowloris", "scanner-ua" ] }
28/05/2026 08:32:08 UTC	TCP	2087	http	Sonde HTTP	Élevée	Moyen · 61
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 2087 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "f632b4de18b92074e4c6a166d9c86de50717ec9c", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 146, "payload_entropy": 5.121418587371742, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 4, "anomaly_count": 1, "risk_score": 61, "campaign_key": "3cf9a32587df5da6528b00c4fcac5506ef073b7d", "event_fingerprint": "bc57daae04790f76db3a36aacd45cba46b2acd24", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "scanner-ua" ] }
28/05/2026 08:30:46 UTC	TCP	18068	http	Sonde HTTP	Élevée	Moyen · 63
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 18068 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "230a9b6e76edf198db32534239f7dd3ca83371fe", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 147, "payload_entropy": 5.121461141812316, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 5, "anomaly_count": 1, "risk_score": 63, "campaign_key": "bdd145c1c98ddb827bf06243e3f989fdf8f5835b", "event_fingerprint": "6e6eb3a2acb9cfac556918939958aafd7c0d1a4a", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "net_slowloris", "scanner-ua" ] }
28/05/2026 08:30:41 UTC	TCP	16054	http	Sonde HTTP	Élevée	Moyen · 63
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 16054 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "9fbd90b220473c06544216edbb7a153aa4f594fb", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 147, "payload_entropy": 5.116325852681951, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 5, "anomaly_count": 1, "risk_score": 63, "campaign_key": "a8d51be2f5ccf921adf82dc35b43d4effd35eb46", "event_fingerprint": "25d96ac3750fca50ff56f8703036a3c8067d8624", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "net_slowloris", "scanner-ua" ] }
28/05/2026 08:30:30 UTC	TCP	19015	http	Sonde HTTP	Élevée	Moyen · 63
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 19015 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "01869c0127033cd2eb390642adae2c317a7c6d24", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 147, "payload_entropy": 5.107855699635443, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 5, "anomaly_count": 1, "risk_score": 63, "campaign_key": "428cfd5bb0075b957672e70ae147b64bd50725bc", "event_fingerprint": "b340522015d838e598958acdcce4f5c1e3e47c1d", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "net_slowloris", "scanner-ua" ] }
28/05/2026 08:30:02 UTC	TCP	18070	http	Sonde HTTP	Élevée	Moyen · 63
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 18070 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "3f5efc2a6c434659f1ded95de7a173a4a041ac4c", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 147, "payload_entropy": 5.129931294858822, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 5, "anomaly_count": 1, "risk_score": 63, "campaign_key": "16bfcb6a393d6a021ce6ed42a0c8b0c46c74266a", "event_fingerprint": "c52fec36a1d83ce3f2e88680c09b1a5b30403005", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "net_slowloris", "scanner-ua" ] }
28/05/2026 08:29:01 UTC	TCP	1925	http	Sonde HTTP	Élevée	Moyen · 63
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 1925 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "e9009f46cf35190afe5185c98741fa718ba16210", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 146, "payload_entropy": 5.097379032547585, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 5, "anomaly_count": 1, "risk_score": 63, "campaign_key": "d96e5c761ae2fba893c7a9b47b0abacb9941cc75", "event_fingerprint": "d51c77f1e3083b3972cb5cad2acfb9cc4f476262", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "net_slowloris", "scanner-ua" ] }
28/05/2026 08:29:00 UTC	TCP	30113	http	Sonde HTTP	Élevée	Moyen · 61
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 30113 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "840eb2bcdf7c600a0bd1e2f32d77542e98262424", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 147, "payload_entropy": 5.075509526151339, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 4, "anomaly_count": 1, "risk_score": 61, "campaign_key": "ed6628f366b6a1d5d8fc0c97d4280262b4e5213d", "event_fingerprint": "d69ad901d4205b59d3353f95ffd1bb00b0107a8d", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "scanner-ua" ] }
28/05/2026 08:28:52 UTC	TCP	4999	http	Sonde HTTP	Élevée	Moyen · 61
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 4999 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "951759b0399edb76a0b9c5c02cca8e161beacea1", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 146, "payload_entropy": 5.124776292821557, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 4, "anomaly_count": 1, "risk_score": 61, "campaign_key": "d8181bfe668c4fd2d50fd152f8f40baff452094e", "event_fingerprint": "75d91c18304f40a34ea2ce9ef12b3f6ac2e63ba4", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "scanner-ua" ] }
28/05/2026 08:28:08 UTC	TCP	12263	http	Sonde HTTP	Élevée	Moyen · 61
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 12263 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "439ae0937d2853a2ab28a5cafc116eb711cbdd23", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 147, "payload_entropy": 5.077485676188435, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 4, "anomaly_count": 1, "risk_score": 61, "campaign_key": "f821c2f66f463fe0faa2615c7034ef8b24184f91", "event_fingerprint": "a974797355a58990e831a7fca70f0ab4793d4f10", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "scanner-ua" ] }
28/05/2026 08:27:43 UTC	TCP	25105	http	Sonde HTTP	Élevée	Moyen · 61
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 25105 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "db07f5a8a719154561900d2785dd5f880892c23b", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 147, "payload_entropy": 5.085780104412065, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 4, "anomaly_count": 1, "risk_score": 61, "campaign_key": "ff99a9ad84b7a6133fb4291e2ecebeab085b7814", "event_fingerprint": "2dcea6589f42972c8f83a34e93bf3e598aaf32d5", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "scanner-ua" ] }
28/05/2026 08:25:35 UTC	TCP	11371	http	Sonde HTTP	Élevée	Moyen · 61
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 11371 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "165484441eb5fa779b853ac04d802d02474cb5eb", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 147, "payload_entropy": 5.0910911183653065, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 4, "anomaly_count": 1, "risk_score": 61, "campaign_key": "cc11dad5f1312fad0a3154c059504994147b6768", "event_fingerprint": "b126f804b467cd60bf042ba64d196096f1a264c2", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "scanner-ua" ] }
28/05/2026 08:25:25 UTC	TCP	30023	http	Sonde HTTP	Élevée	Moyen · 61
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 30023 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "8b9776b24535d9f3edaa10967a48fbdbb6ee8a8f", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 147, "payload_entropy": 5.075509526151339, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 4, "anomaly_count": 1, "risk_score": 61, "campaign_key": "da8ac7746fffc69cdc64b620585179409d437d7d", "event_fingerprint": "505c425a0b1cfca99da79744794fe618508411d2", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "scanner-ua" ] }
28/05/2026 08:24:36 UTC	TCP	8536	http	Sonde HTTP	Élevée	Moyen · 61
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 8536 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "9efa326be32d70cce573a4f667a651f387e4e7a9", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 146, "payload_entropy": 5.100052727928154, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 4, "anomaly_count": 1, "risk_score": 61, "campaign_key": "17a698452eb45b8a9f09938b675a230a69f95b4a", "event_fingerprint": "36fd13c65bfe668513f84351372fa3fefd95f333", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "scanner-ua" ] }
28/05/2026 08:23:41 UTC	TCP	2211	http	Sonde HTTP	Élevée	Moyen · 61
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 2211 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "4a355a814f2ea1198c7eda0588638ed3d9262c80", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 146, "payload_entropy": 5.069297762204367, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 4, "anomaly_count": 1, "risk_score": 61, "campaign_key": "5f5019427a5f84a9888444881f940d6ad3394bf7", "event_fingerprint": "d3453d37da0594407bb3537a5c62bbdb05a2e288", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "scanner-ua" ] }
28/05/2026 08:22:33 UTC	TCP	8494	http	Sonde HTTP	Élevée	Moyen · 61
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 8494 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "c9e4fc9e63c1e982607aa5fc132bae73c7e6c010", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 146, "payload_entropy": 5.143645385302128, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 4, "anomaly_count": 1, "risk_score": 61, "campaign_key": "58be8030ff30ea7425cb848e5c4a188878b3317b", "event_fingerprint": "d0066c2b0d87b064f9b9d3be27efff16eeae3e0c", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "scanner-ua" ] }
28/05/2026 08:22:26 UTC	TCP	8494	http	Sonde HTTP	Élevée	Moyen · 61
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 8494 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "c9e4fc9e63c1e982607aa5fc132bae73c7e6c010", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 146, "payload_entropy": 5.143645385302128, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 4, "anomaly_count": 1, "risk_score": 61, "campaign_key": "58be8030ff30ea7425cb848e5c4a188878b3317b", "event_fingerprint": "d0066c2b0d87b064f9b9d3be27efff16eeae3e0c", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "scanner-ua" ] }
28/05/2026 08:20:16 UTC	TCP	26	http	Sonde HTTP	Élevée	Moyen · 61
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 26 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "33fd58080e8f9f79a130c57aeaad23e06586318d", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 144, "payload_entropy": 5.072791169218646, "port_category": "well_known", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 4, "anomaly_count": 1, "risk_score": 61, "campaign_key": "af30230362846625afa4bf7d25a89efa114178f5", "event_fingerprint": "7889e9235f743bc7c8039eb49758d424b1911910", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "scanner-ua" ] }
28/05/2026 08:17:43 UTC	TCP	18038	http	Sonde HTTP	Élevée	Moyen · 61
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 18038 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "da1ef4c9c5db9c9397da92dc353c1acf13976143", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 147, "payload_entropy": 5.110511206612064, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 4, "anomaly_count": 1, "risk_score": 61, "campaign_key": "a31d0d368002be3d0c693c6245dc535d0bcc9e8f", "event_fingerprint": "4c029cc2990b8fba1cc112fa059118c486ecad8e", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "scanner-ua" ] }
28/05/2026 08:17:07 UTC	TCP	12219	http	Sonde HTTP	Élevée	Moyen · 61
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 12219 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "71209af046187c46ad427bc918e61e6bfa56b2ef", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 147, "payload_entropy": 5.09357090051905, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 4, "anomaly_count": 1, "risk_score": 61, "campaign_key": "a40a5974427aac6af4fe7cc6f72c11eb5b0c3947", "event_fingerprint": "5c7c5c8039eac2de6259e64dcaea08887d544bbb", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "scanner-ua" ] }
28/05/2026 08:16:05 UTC	TCP	8056	http	Sonde HTTP	Élevée	Moyen · 61
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 8056 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "294ac2acb4b21ea321d70ac0b666249ea84d8e2b", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 146, "payload_entropy": 5.111077662684571, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 4, "anomaly_count": 1, "risk_score": 61, "campaign_key": "216037946ec635d39992ea91927c2fec19e0b232", "event_fingerprint": "1fc4893f4c058be9ff7fce0664555ab281c3a07c", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "scanner-ua" ] }
28/05/2026 08:14:20 UTC	TCP	8061	http	Sonde HTTP	Élevée	Moyen · 61
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 8061 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "b9ffd028be40ebc703de87fb21296f36452dad0d", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 146, "payload_entropy": 5.111077662684571, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 4, "anomaly_count": 1, "risk_score": 61, "campaign_key": "cbb01ebab4f1794038b199aa70efaa364ddf447e", "event_fingerprint": "c290e1fa0ee4f0fcad9fb7bc41fb12a7242afe6d", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "scanner-ua" ] }
28/05/2026 08:11:15 UTC	TCP	1110	http	Sonde HTTP	Élevée	Moyen · 61
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 1110 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "f467d15de80c803720c0947535567d0e1bb61709", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 146, "payload_entropy": 5.0778259299977675, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 4, "anomaly_count": 1, "risk_score": 61, "campaign_key": "b736d88b7001e616e0c6af343e12693e39645b1e", "event_fingerprint": "a450ca17b65272887d10441a4bd0c6d53ba7e99b", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "scanner-ua" ] }
28/05/2026 08:10:42 UTC	TCP	541	http	Sonde HTTP	Élevée	Moyen · 61
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 541 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "516812c9e3b1851d234cd194df8442a488455ec2", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 145, "payload_entropy": 5.095412991072187, "port_category": "well_known", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 4, "anomaly_count": 1, "risk_score": 61, "campaign_key": "b24ad051db5b165e6ecea10f984e5cdd6945ed7a", "event_fingerprint": "6a64c4c3cb9b70a1eb57bfb3ff41eb8c5ee82aeb", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "scanner-ua" ] }
28/05/2026 08:09:45 UTC	TCP	10081	http	Sonde HTTP	Élevée	Moyen · 61
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 10081 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "3a3c6347ba52afc46c1e16979a988efe71ff0939", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 147, "payload_entropy": 5.107855699635443, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 4, "anomaly_count": 1, "risk_score": 61, "campaign_key": "b40c1a5a87e5879fb1da3770ef321a8ec5dc6e3a", "event_fingerprint": "b536138c5e178e142b9b26ef022090e26b9aa04b", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "scanner-ua" ] }
28/05/2026 08:09:33 UTC	TCP	10380	http	Sonde HTTP	Élevée	Moyen · 61
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 10380 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "0c98d2b328013fa7263e01a6814b8e3831704c5b", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 147, "payload_entropy": 5.105375917481701, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 4, "anomaly_count": 1, "risk_score": 61, "campaign_key": "40e326007de48fba973e9aa470daf6fdf50ece73", "event_fingerprint": "54abc1690ff3c13c953a0501c83dc9d97253fd53", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "scanner-ua" ] }
28/05/2026 08:08:51 UTC	TCP	12118	http	Sonde HTTP	Élevée	Moyen · 61
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 12118 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "b02d10e9fc613c486f28853c4724ed199a02ac8a", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 147, "payload_entropy": 5.09357090051905, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 4, "anomaly_count": 1, "risk_score": 61, "campaign_key": "d3e663fd4e81db9097fe7611e1c24e6031538dcc", "event_fingerprint": "5c8671fb56e07113cc335ad3775985f0e675e15a", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "scanner-ua" ] }
28/05/2026 08:07:37 UTC	TCP	8580	http	Sonde HTTP	Élevée	Moyen · 61
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 8580 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "3b92dcf65d37a1ed69493055c6ff03c3ac0cf448", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 146, "payload_entropy": 5.111077662684571, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 4, "anomaly_count": 1, "risk_score": 61, "campaign_key": "dba01eccafa5c38332fd818af2f0d0b06bee15d0", "event_fingerprint": "8e65a25fd9287765cbb3d7f55dc9831f004c2a75", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "scanner-ua" ] }
28/05/2026 08:06:13 UTC	TCP	8822	http	Sonde HTTP	Élevée	Moyen · 63
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 8822 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "cf6d187d1889911b391cb6550f41fa644865be5b", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 146, "payload_entropy": 5.096695022478339, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 5, "anomaly_count": 1, "risk_score": 63, "campaign_key": "0d6cd211400c370d4e2ec7d0b109a5ba57b17829", "event_fingerprint": "85f2b6bb6a29ad9cce0e976c11daa8cca72fefa1", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "net_slowloris", "scanner-ua" ] }
28/05/2026 08:06:09 UTC	TCP	16066	http	Sonde HTTP	Élevée	Moyen · 61
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 16066 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "f20b6e570790ea6d19e62ac0053f75bbcf7826db", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 147, "payload_entropy": 5.094250257458573, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 4, "anomaly_count": 1, "risk_score": 61, "campaign_key": "f1b5a4a27f169d126ef8566de1a4b138eba50826", "event_fingerprint": "cca74a2c8082f5246adc5de780c162bfefeff865", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "scanner-ua" ] }
28/05/2026 08:05:18 UTC	TCP	3111	http	Sonde HTTP	Élevée	Moyen · 61
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 3111 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "5afe6bd40be691c94aa692a03f43505377dc2629", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 146, "payload_entropy": 5.06680099524135, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 4, "anomaly_count": 1, "risk_score": 61, "campaign_key": "703f4f7836b94394a7fe158477fdf99ea10be090", "event_fingerprint": "bd49f0d59d8289f648227e106abf7786daad386f", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "scanner-ua" ] }
28/05/2026 08:05:07 UTC	TCP	234	http	Sonde HTTP	Élevée	Moyen · 61
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 234 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "cf0461e905cd1ea40753cfebfdaca60f7e4bacb8", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 145, "payload_entropy": 5.086137280948418, "port_category": "well_known", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 4, "anomaly_count": 1, "risk_score": 61, "campaign_key": "d0249b8ed339ab4aa55b9be70c8c4151178cc7ae", "event_fingerprint": "c9eb0a380dd56e4f4e4dd46aeb8a2b9b9b81dfbe", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "scanner-ua" ] }
28/05/2026 08:04:56 UTC	TCP	7773	http	Sonde HTTP	Élevée	Moyen · 61
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 7773 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "b77370a9a5d5b5bef7a70289d643e6e230f88670", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 146, "payload_entropy": 5.100052727928154, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 4, "anomaly_count": 1, "risk_score": 61, "campaign_key": "fef953357deab26de49f78af362dad45db626278", "event_fingerprint": "3fb6348dc71f35481bac211c7950492307c75470", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "scanner-ua" ] }
28/05/2026 08:04:08 UTC	TCP	12255	http	Sonde HTTP	Élevée	Moyen · 61
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 12255 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "6870f2e3713eb69bfa7ed72bfb5a1a39ee9f5160", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 147, "payload_entropy": 5.074830169211816, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 4, "anomaly_count": 1, "risk_score": 61, "campaign_key": "68748aa1f74b7a9e891b60d203b72fd5198bcb0c", "event_fingerprint": "6b94b93840e0c16604348d21b0b252b65cf9f5f3", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "scanner-ua" ] }
28/05/2026 08:02:50 UTC	TCP	6482	http	Sonde HTTP	Élevée	Moyen · 63
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 6482 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "4beb9928279e976a7b207dea37fb3662e8ace2ed", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 146, "payload_entropy": 5.121418587371742, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 5, "anomaly_count": 1, "risk_score": 63, "campaign_key": "a58b518335f11cc9901d36b2699f478811c2cd41", "event_fingerprint": "f58d1782cd9f89cc21892a9d2d5bf5ffaf7a96d5", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "net_slowloris", "scanner-ua" ] }
28/05/2026 08:02:32 UTC	TCP	9000	http	Sonde HTTP	Élevée	Moyen · 63
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 9000 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "064fbdc555932d23d67bf2591639f6b292b96102", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 146, "payload_entropy": 5.1025494948911705, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 5, "anomaly_count": 1, "risk_score": 63, "campaign_key": "f1598b0576310cab093a7a9bdb8f978271f4780d", "event_fingerprint": "05f33efe067250442006cc3f5838234fd3bf6a0e", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "net_slowloris", "scanner-ua" ] }
28/05/2026 08:02:02 UTC	TCP	12269	http	Sonde HTTP	Élevée	Moyen · 61
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 12269 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "c956e3f21faa04a7b5b6fbc3a1c00226363590ba", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 147, "payload_entropy": 5.102041053565556, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 4, "anomaly_count": 1, "risk_score": 61, "campaign_key": "29d82bec28576dacd72ce8cac63cec859dbebfa0", "event_fingerprint": "55bf5c1ed304d433edce47d4f72fe58aa8d40322", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "scanner-ua" ] }
28/05/2026 08:01:28 UTC	TCP	4572	http	Sonde HTTP	Élevée	Moyen · 61
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 4572 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "c376292b53d12c9b697bd0ea2b73687f91686f9b", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 146, "payload_entropy": 5.116248125028156, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 4, "anomaly_count": 1, "risk_score": 61, "campaign_key": "d21c96976b12d01a9b749272a311f0e5d0270775", "event_fingerprint": "68aef08c68cb732b3eb016abe76c7053c068eb30", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "scanner-ua" ] }
28/05/2026 08:01:17 UTC	TCP	8445	http	Sonde HTTP	Élevée	Moyen · 61
Étape — WAF 6 Recommandation — Tags 950734:sap-sapcontrol-path scanner-ua anomaly:scanner-ua http_ua_suspicious Cible HTTP GET / TLS SNI — Capteur paris-1
Preuve / Evidence Méthode GET Port 8445 Chemin / cible / Ligne de requête `GET / HTTP/1.1` User-Agent python-requests/2.32.5 Règles WAF 950734:sap-sapcontrol-path scanner-ua Meta JSON brut { "http_header_count": 5, "http_query_params": 0, "http_path_depth": 0, "http_path_ext": null, "http_ua_hash": "f343f9c1e6b4bd1214c9505270609d93a5a9cf43", "http_host_hash": "cb02367c77f38075a2cc9013ee32fc8b1cbdd795", "http_target_hash": "42099b4af021e53fd8fd4e056c2568d7c2e3ffa8", "http_referer_hash": null, "http_method": "GET", "http_ua_is_cli": true, "http_ua_is_browser": false, "bytes_in": 146, "payload_entropy": 5.124776292821557, "port_category": "registered", "org": "Google LLC", "service": "http", "app_proto": "http", "asn": 396982, "country": "BE", "tag_count": 4, "anomaly_count": 1, "risk_score": 61, "campaign_key": "4c91b09360f90c4e3677d5193ac1ec824cdc77a2", "event_fingerprint": "aeb2b66387397d696a0bd75d65ae4977dcdb08b9", "tags_list": [ "950734:sap-sapcontrol-path", "anomaly:scanner-ua", "http_ua_suspicious", "scanner-ua" ] }

34.79.151.177

Pourquoi listée

Comparaison ASN / FAI

IPs apparentées

Activité multi-protocole

Géolocalisation

FAI / réseau

Renseignement menaces

Décomposition confiance

Filtres

Timeline

Ports 24 h

Top ports

Top classifications

Heatmap attaques 7j

Chronologie des événements

Comparaison côte à côte

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence

Preuve / Evidence