{"ip":"117.232.137.165","total_events":92,"verdict":{"verdict":"probing","label":"Low-level probing","detail":null,"confidence":"low","network_type":null},"first_seen":"2026-03-10T20:06:46","last_seen":"2026-06-18T17:58:36","events_24h":0,"events_7d":48,"geo":{"country_code":"IN","country_name":"India","region":"Karnataka","city":"Mangaluru","lat":12.9187,"lon":74.8598,"asn":9829,"org":"National Internet Backbone"},"source_domain":"static.ill.117.232.137.165.bsnl.co.in","known_scanners":[],"scanner_tag":null,"cve_matches":[],"top_ports":[{"port":445,"proto":"tcp","label":"SMB","count":92}],"fingerprints":{"ssh_hassh":[],"tls_ja4":[],"tls_ja3":[],"ja4h":[]},"fingerprint_peers":{},"user_agents":[],"timeline":[{"date":"2026-06-09","count":24},{"date":"2026-06-18","count":48}],"recent_events":[{"timestamp":"2026-06-18T17:58:36","port":445,"proto":"tcp","app_proto":"","app_protocol":"","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0000\u0000\u0000N�SMB2\u0000\u0000\u0000\u0000\u0018\u0007�\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000��\u0000\u0000A\u0000\u000f\f\u0000\u0000\u0000\u0001\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u00014�\u0000\u0000\u0000\f\u0000B\u0000\u0000\u0000N\u0000\u0001\u0000\u000e\u0000\r\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000","payload_hex":"0000004eff534d4232000000001807c00000000000000000000000000000fffe000041000f0c00000001000000000000000134ee0000000c00420000004e0001000e000d0000000000000000000000000000","method":"","user_agent":"","community_id":"1:aF4sfi6epenujlMYsGqv54OzxQM=","ja3":"","session":"5c8d2f27-ac43-42da-a245-ef7b80ede64d","seq":4,"duration_ms":1133,"bytes_in":455,"bytes_out":60,"enriched":{"digest":"5eae6febc6763bcc","strings":["SMB2"]}},{"timestamp":"2026-06-18T17:58:35","port":445,"proto":"tcp","app_proto":"","app_protocol":"","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0000\u0000\u0000\\�SMBu\u0000\u0000\u0000\u0000\u0018\u0007�\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000��\u0000\u0000@\u0000\u0004�\u0000\\\u0000\b\u0000\u0001\u00001\u0000\u0000\\\u0000\\\u00001\u00009\u00002\u0000.\u00001\u00006\u00008\u0000.\u00005\u00006\u0000.\u00002\u00000\u0000\\\u0000I\u0000P\u0000C\u0000$\u0000\u0000\u0000?????\u0000","payload_hex":"0000005cff534d4275000000001807c00000000000000000000000000000fffe0000400004ff005c00080001003100005c005c003100390032002e003100360038002e00350036002e00320030005c00490050004300240000003f3f3f3f3f00","method":"","user_agent":"","community_id":"1:aF4sfi6epenujlMYsGqv54OzxQM=","ja3":"","session":"5c8d2f27-ac43-42da-a245-ef7b80ede64d","seq":3,"duration_ms":789,"bytes_in":373,"bytes_out":45,"enriched":{"digest":"efa66fc9f9be2f3a","strings":["SMBu","1\\\\192.168.56.20\\IPC$?????"],"iocs":{"ips":["192.168.56.20"]}}},{"timestamp":"2026-06-18T17:58:35","port":445,"proto":"tcp","app_proto":"","app_protocol":"","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0000\u0000\u0000��SMBs\u0000\u0000\u0000\u0000\u0018\u0007�\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000��\u0000\u0000@\u0000\r�\u0000�\u0000\u0004\u0011\n\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0001\u0000\u0000\u0000\u0000\u0000\u0000\u0000�\u0000\u0000\u0000K\u0000\u0000\u0000\u0000\u0000\u0000W\u0000i\u0000n\u0000d\u0000o\u0000w\u0000s\u0000 \u00002\u00000\u00000\u00000\u0000 \u00002\u00001\u00009\u00005\u0000\u0000\u0000W\u0000i\u0000n\u0000d\u0000o\u0000w\u0000s\u0000 \u00002\u00000\u00000\u00000\u0000 \u00005\u0000.\u00000\u0000\u0000\u0000","payload_hex":"00000088ff534d4273000000001807c00000000000000000000000000000fffe000040000dff00880004110a000000000000000100000000000000d40000004b000000000000570069006e0064006f007700730020003200300030003000200032003100390035000000570069006e0064006f007700730020003200300030003000200035002e0030000000","method":"","user_agent":"","community_id":"1:aF4sfi6epenujlMYsGqv54OzxQM=","ja3":"","session":"5c8d2f27-ac43-42da-a245-ef7b80ede64d","seq":2,"duration_ms":444,"bytes_in":277,"bytes_out":30,"enriched":{"digest":"ee47b9d34e56607b","strings":["SMBs","KWindows 2000 2195Windows 2000 5.0"]}},{"timestamp":"2026-06-18T17:58:35","port":445,"proto":"tcp","app_proto":"","app_protocol":"","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0000\u0000\u0000��SMBr\u0000\u0000\u0000\u0000\u0018S�\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000��\u0000\u0000@\u0000\u0000b\u0000\u0002PC NETWORK PROGRAM 1.0\u0000\u0002LANMAN1.0\u0000\u0002Windows for Workgroups 3.1a\u0000\u0002LM1.2X002\u0000\u0002LANMAN2.1\u0000\u0002NT LM 0.12\u0000","payload_hex":"00000085ff534d4272000000001853c00000000000000000000000000000fffe00004000006200025043204e4554574f524b2050524f4752414d20312e3000024c414e4d414e312e30000257696e646f777320666f7220576f726b67726f75707320332e316100024c4d312e325830303200024c414e4d414e322e3100024e54204c4d20302e313200","method":"","user_agent":"","community_id":"1:aF4sfi6epenujlMYsGqv54OzxQM=","ja3":"","session":"5c8d2f27-ac43-42da-a245-ef7b80ede64d","seq":1,"duration_ms":100,"bytes_in":137,"bytes_out":15,"enriched":{"digest":"bf5baf1504bec0a1","strings":["SMBr","PC NETWORK PROGRAM 1.0","LANMAN1.0","Windows for Workgroups 3.1a","LM1.2X002","LANMAN2.1","NT LM 0.12"]}},{"timestamp":"2026-06-18T17:58:31","port":445,"proto":"tcp","app_proto":"","app_protocol":"","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0000\u0000\u0000J�SMB%\u0000\u0000\u0000\u0000\u0018\u0001(\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0010\u0000\u0000\u0000\u0000����\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000J\u0000\u0000\u0000J\u0000\u0002\u0000#\u0000\u0000\u0000\u0007\u0000\\PIPE\\\u0000","payload_hex":"0000004aff534d42250000000018012800000000000000000000000000000000000000001000000000ffffffff0000000000000000000000004a0000004a0002002300000007005c504950455c00","method":"","user_agent":"","community_id":"1:IT9mw+EkzZzYcQ4k85McwmimCxs=","ja3":"","session":"7adec345-e8c3-4c6c-aeda-e63c54a9095b","seq":4,"duration_ms":1132,"bytes_in":364,"bytes_out":60,"enriched":{"digest":"517764f22c39500b","strings":["SMB%","\\PIPE\\"]}},{"timestamp":"2026-06-18T17:58:31","port":445,"proto":"tcp","app_proto":"","app_protocol":"","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0000\u0000\u0000[�SMBu\u0000\u0000\u0000\u0000\u0018\u0001 \u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000/K\u0000@�^\u0004�\u0000\u0000\u0000\u0000\u0000\u0001\u0000\u001c\u0000\u0000\\\\10.1.32.7\\IPC$\u0000?????\u0000TREEPATH_REPLACE__?????\u0000","payload_hex":"0000005bff534d42750000000018012000000000000000000000000000002f4b0040c55e04ff000000000001001c00005c5c31302e312e33322e375c49504324003f3f3f3f3f0054524545504154485f5245504c4143455f5f3f3f3f3f3f00","method":"","user_agent":"","community_id":"1:IT9mw+EkzZzYcQ4k85McwmimCxs=","ja3":"","session":"7adec345-e8c3-4c6c-aeda-e63c54a9095b","seq":3,"duration_ms":788,"bytes_in":286,"bytes_out":45,"enriched":{"digest":"677af34631530c06","strings":["SMBu","\\\\10.1.32.7\\IPC$","TREEPATH_REPLACE__?????","\\\\10.1.32.7\\IPC$?????TREEPATH_REPLACE__?????"],"iocs":{"ips":["10.1.32.7"]}}},{"timestamp":"2026-06-18T17:58:30","port":445,"proto":"tcp","app_proto":"","app_protocol":"","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0000\u0000\u0000c�SMBs\u0000\u0000\u0000\u0000\u0018\u0001 \u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000/K\u0000\u0000�^\r�\u0000\u0000\u0000��\u0002\u0000\u0001\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000@\u0000\u0000\u0000&\u0000\u0000.\u0000Windows 2000 2195\u0000Windows 2000 5.0\u0000","payload_hex":"00000063ff534d42730000000018012000000000000000000000000000002f4b0000c55e0dff000000dfff02000100000000000000000000000000400000002600002e0057696e646f7773203230303020323139350057696e646f7773203230303020352e3000","method":"","user_agent":"","community_id":"1:IT9mw+EkzZzYcQ4k85McwmimCxs=","ja3":"","session":"7adec345-e8c3-4c6c-aeda-e63c54a9095b","seq":2,"duration_ms":444,"bytes_in":191,"bytes_out":30,"enriched":{"digest":"247ca2c967be2946","strings":["SMBs","Windows 2000 2195","Windows 2000 5.0","@&.Windows 2000 2195Windows 2000 5.0"]}},{"timestamp":"2026-06-18T17:58:30","port":445,"proto":"tcp","app_proto":"","app_protocol":"","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0000\u0000\u0000T�SMBr\u0000\u0000\u0000\u0000\u0018\u0001(\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000/K\u0000\u0000�^\u00001\u0000\u0002LANMAN1.0\u0000\u0002LM1.2X002\u0000\u0002NT LANMAN 1.0\u0000\u0002NT LM 0.12\u0000","payload_hex":"00000054ff534d42720000000018012800000000000000000000000000002f4b0000c55e003100024c414e4d414e312e3000024c4d312e325830303200024e54204c414e4d414e20312e3000024e54204c4d20302e313200","method":"","user_agent":"","community_id":"1:IT9mw+EkzZzYcQ4k85McwmimCxs=","ja3":"","session":"7adec345-e8c3-4c6c-aeda-e63c54a9095b","seq":1,"duration_ms":100,"bytes_in":88,"bytes_out":15,"enriched":{"digest":"0468c709cd31eaf8","strings":["SMBr","LANMAN1.0","LM1.2X002","NT LANMAN 1.0","NT LM 0.12"]}},{"timestamp":"2026-06-18T15:35:27","port":445,"proto":"tcp","app_proto":"","app_protocol":"","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0000\u0000\u0000N�SMB2\u0000\u0000\u0000\u0000\u0018\u0007�\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000��\u0000\u0000A\u0000\u000f\f\u0000\u0000\u0000\u0001\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u00014�\u0000\u0000\u0000\f\u0000B\u0000\u0000\u0000N\u0000\u0001\u0000\u000e\u0000\r\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000","payload_hex":"0000004eff534d4232000000001807c00000000000000000000000000000fffe000041000f0c00000001000000000000000134ee0000000c00420000004e0001000e000d0000000000000000000000000000","method":"","user_agent":"","community_id":"1:eHz/CJ/RF+h89afv1hwkRhuoHNQ=","ja3":"","session":"36c68381-4485-4da6-b1dd-e02e9651b64f","seq":4,"duration_ms":1138,"bytes_in":455,"bytes_out":60,"enriched":{"digest":"5eae6febc6763bcc","strings":["SMB2"]}},{"timestamp":"2026-06-18T15:35:27","port":445,"proto":"tcp","app_proto":"","app_protocol":"","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0000\u0000\u0000\\�SMBu\u0000\u0000\u0000\u0000\u0018\u0007�\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000��\u0000\u0000@\u0000\u0004�\u0000\\\u0000\b\u0000\u0001\u00001\u0000\u0000\\\u0000\\\u00001\u00009\u00002\u0000.\u00001\u00006\u00008\u0000.\u00005\u00006\u0000.\u00002\u00000\u0000\\\u0000I\u0000P\u0000C\u0000$\u0000\u0000\u0000?????\u0000","payload_hex":"0000005cff534d4275000000001807c00000000000000000000000000000fffe0000400004ff005c00080001003100005c005c003100390032002e003100360038002e00350036002e00320030005c00490050004300240000003f3f3f3f3f00","method":"","user_agent":"","community_id":"1:eHz/CJ/RF+h89afv1hwkRhuoHNQ=","ja3":"","session":"36c68381-4485-4da6-b1dd-e02e9651b64f","seq":3,"duration_ms":792,"bytes_in":373,"bytes_out":45,"enriched":{"digest":"efa66fc9f9be2f3a","strings":["SMBu","1\\\\192.168.56.20\\IPC$?????"],"iocs":{"ips":["192.168.56.20"]}}}],"http_methods":[],"distinct_ports_total":1,"top_paths":[],"distinct_paths_total":0,"top_snis":[],"top_hosts":[],"top_alpns":[],"banners":[],"credentials":[],"header_profile":null,"tags":[],"data_as_of":"2026-06-21T18:40:22.526576+00:00"}