{"ip":"181.48.91.126","total_events":2,"verdict":{"verdict":"probing","label":"Low-level probing","detail":null,"confidence":"low","network_type":null},"first_seen":"2026-05-13T13:17:29","last_seen":"2026-05-17T02:11:23","events_24h":0,"events_7d":0,"geo":{"country_code":"CO","country_name":"Colombia","region":"Antioquia","city":"Medellín","asn":14080,"org":"Telmex Colombia S.A."},"source_domain":null,"known_scanners":[],"scanner_tag":null,"cve_matches":[],"top_ports":[{"port":22,"proto":"tcp","label":"SSH","count":2}],"fingerprints":{"ssh_hassh":["f555226df1963d1d3c09daf865abdc9a"],"tls_ja4":[],"ja4h":[]},"fingerprint_peers":{"f555226df1963d1d3c09daf865abdc9a":841},"user_agents":[],"timeline":[{"date":"2026-05-13","count":1},{"date":"2026-05-17","count":1}],"recent_events":[{"timestamp":"2026-05-17T02:11:23","port":22,"proto":"tcp","app_proto":"","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"SSH-2.0-libssh_0.9.6\r\n\u0000\u0000\u0003�\u0006\u0014���\f�\u0005jd=���}��C\u0000\u0000\u0001(curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group18-sha512,diffie-hellman-group16-sha512,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,ext-info-c\u0000\u0000\u0000qssh-ed25519,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss\u0000\u0000\u0000xaes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-cbc\u0000\u0000\u0000xaes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-cbc\u0000\u0000\u0000{hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1\u0000\u0000\u0000{hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1\u0000\u0000\u0000\u0004none\u0000\u0000\u0000\u0004none\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000","method":"","user_agent":"","enriched":{"digest":"f2c4a8308d861c4f","label":"SSH","strings":["SSH-2.0-libssh_0.9.6","(curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nis…","qssh-ed25519,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256,rsa-sha…","xaes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr,…","{hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@opens…","none"],"iocs":{"domains":["libssh.org","openssh.com"]}}},{"timestamp":"2026-05-13T13:17:29","port":22,"proto":"tcp","app_proto":"","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"SSH-2.0-libssh_0.9.6\r\n\u0000\u0000\u0003�\u0006\u0014���B�FS�+ts�\u00152(\u0015\u0000\u0000\u0001(curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group18-sha512,diffie-hellman-group16-sha512,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,ext-info-c\u0000\u0000\u0000qssh-ed25519,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss\u0000\u0000\u0000xaes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-cbc\u0000\u0000\u0000xaes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-cbc\u0000\u0000\u0000{hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1\u0000\u0000\u0000{hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1\u0000\u0000\u0000\u0004none\u0000\u0000\u0000\u0004none\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000","method":"","user_agent":"","enriched":{"digest":"75de7a5850eb6ce6","label":"SSH","strings":["SSH-2.0-libssh_0.9.6","(curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nis…","qssh-ed25519,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256,rsa-sha…","xaes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr,…","{hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@opens…","none"],"iocs":{"domains":["libssh.org","openssh.com"]}}}],"http_methods":[],"distinct_ports_total":1,"top_paths":[],"distinct_paths_total":0,"top_snis":[],"top_hosts":[],"top_alpns":[],"header_profile":null,"tags":[],"data_as_of":"2026-06-04T14:46:31.526896+00:00"}