{"ip":"218.203.113.130","total_events":8,"verdict":{"verdict":"probing","label":"Low-level probing","detail":null,"confidence":"low","network_type":"nsp"},"first_seen":"2026-03-02T03:32:45","last_seen":"2026-06-15T11:40:20","events_24h":0,"events_7d":0,"geo":{"country_code":"CN","country_name":"China","region":"","city":"","lat":34.7732,"lon":113.722,"asn":9808,"org":"China Mobile Communications Group Co., Ltd."},"source_domain":null,"known_scanners":[],"scanner_tag":{"key":"peeringdb:as9808","label":"China Mobile Communications Group Co., Ltd.","category":"isp","url":"https://www.peeringdb.com/asn/9808"},"cve_matches":[],"top_ports":[{"port":12999,"proto":"tcp","label":"","count":2},{"port":88,"proto":"tcp","label":"","count":1},{"port":502,"proto":"tcp","label":"","count":1},{"port":17080,"proto":"tcp","label":"","count":1},{"port":2370,"proto":"tcp","label":"","count":1},{"port":1521,"proto":"tcp","label":"Oracle","count":1},{"port":21,"proto":"tcp","label":"FTP","count":1}],"fingerprints":{"ssh_hassh":[],"tls_ja4":["t13i190800_9dc949149365_97f8aa674fd9"],"tls_ja3":[],"ja4h":["ge11nn0300_86b6b04cb9cc","ge11nn0200_79258615d613"]},"fingerprint_peers":{"t13i190800_9dc949149365_97f8aa674fd9":4293,"ge11nn0200_79258615d613":4287,"ge11nn0300_86b6b04cb9cc":5133},"user_agents":["Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36"],"timeline":[{"date":"2026-03-26","count":2},{"date":"2026-04-12","count":1},{"date":"2026-05-13","count":1},{"date":"2026-05-23","count":1},{"date":"2026-05-31","count":1},{"date":"2026-06-15","count":1}],"recent_events":[{"timestamp":"2026-06-15T11:40:20","port":88,"proto":"tcp","app_proto":"","app_protocol":"http","host":"","headers":"{\"accept\":\"*/*\",\"host\":\":88\"}","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"/","summary":"","payload_hex":"474554202f20485454502f312e310d0a486f73743a203a38380d0a4163636570743a202a2f2a0d0a0d0a","method":"GET","user_agent":"","community_id":"1:0fdwvJTRdVSjLuI3I8BlcnTGD9c=","ja3":"","session":"a1ed4515-9f55-4ab6-8995-4a36ef5d9301","seq":1,"duration_ms":100,"bytes_in":54,"bytes_out":80},{"timestamp":"2026-05-31T21:32:18","port":502,"proto":"tcp","app_proto":"","app_protocol":"","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u000b�\u0000\u0000\u0000\u0005\u0000+\u000e\u0001\u0000","payload_hex":"0ba800000005002b0e0100","method":"","user_agent":"","community_id":"1:hcFdDyuECWHtTa04AKzDv2sSvc8=","ja3":"","session":"544a2b2a-49f2-41f5-96c1-52facd7a47c7","seq":0,"duration_ms":0,"bytes_in":0,"bytes_out":0},{"timestamp":"2026-05-23T20:37:38","port":1521,"proto":"tcp","app_proto":"","app_protocol":"http","host":"","headers":"{\"accept\":\"*/*\",\"host\":\":1521\"}","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"/","summary":"","payload_hex":"474554202f20485454502f312e310d0a486f73743a203a313532310d0a4163636570743a202a2f2a0d0a0d0a","method":"GET","user_agent":"","community_id":"1:kbl/uN/tjclem3jXds4dLfDBG14=","ja3":"","session":"3d3f8138-4170-42eb-834e-424048907709","seq":0,"duration_ms":0,"bytes_in":0,"bytes_out":0},{"timestamp":"2026-05-13T21:57:55","port":17080,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"","headers":"{\"connection\":\"close\",\"host\":\":17080\",\"user-agent\":\"Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_CHACHA20_POLY1305_SHA256","tls_version":"TLSv1.3","alpn":[],"url_path":"/","summary":"","payload_hex":"474554202f20485454502f312e310d0a486f73743a203a31373038300d0a557365722d4167656e743a204d6f7a696c6c612f352e30202857696e646f7773204e5420362e3129204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f34392e302e323632332e313132205361666172692f3533372e33360d0a436f6e6e656374696f6e3a20636c6f73650d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36","community_id":"1:7xYUxX2psIo5O73FwJcwdxGhRus=","ja3":"","session":"8baf5e5e-207f-479a-970f-f078ac191866","seq":0,"duration_ms":0,"bytes_in":0,"bytes_out":0},{"timestamp":"2026-04-12T15:40:41","port":2370,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"","headers":"{\"connection\":\"close\",\"host\":\":2370\",\"user-agent\":\"Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_CHACHA20_POLY1305_SHA256","tls_version":"TLSv1.3","alpn":[],"url_path":"/favicon.ico","summary":"","payload_hex":"474554202f66617669636f6e2e69636f20485454502f312e310d0a486f73743a203a323337300d0a557365722d4167656e743a204d6f7a696c6c612f352e30202857696e646f7773204e5420362e3129204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f34392e302e323632332e313132205361666172692f3533372e33360d0a436f6e6e656374696f6e3a20636c6f73650d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36","community_id":"1:3D+enV7Q9qshXsxnc3XaKWAsC4s=","ja3":"","session":"c7d1e723-3057-421f-93af-6b95d73014ae","seq":0,"duration_ms":0,"bytes_in":0,"bytes_out":0},{"timestamp":"2026-03-26T09:28:41","port":12999,"proto":"tcp","app_proto":"","app_protocol":"","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"ET / HTTP/1.1\r\nHost: :12999\r\nAccept: */*\r\n\r\n","payload_hex":"4554202f20485454502f312e310d0a486f73743a203a31323939390d0a4163636570743a202a2f2a0d0a0d0a","method":"","user_agent":"","community_id":"1:XuBRSntVM1tGz1H3KGJuFZ99c50=","ja3":"","session":"b2552351-b108-4778-b4ce-88450c0d02c3","seq":0,"duration_ms":0,"bytes_in":0,"bytes_out":0,"enriched":{"digest":"6b53a48aae1d422d","strings":["ET / HTTP/1.1","Host: :12999","Accept: */*"]}},{"timestamp":"2026-03-26T09:28:41","port":12999,"proto":"tcp","app_proto":"","app_protocol":"","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"G","payload_hex":"47","method":"","user_agent":"","community_id":"1:XuBRSntVM1tGz1H3KGJuFZ99c50=","ja3":"","session":"b2552351-b108-4778-b4ce-88450c0d02c3","seq":0,"duration_ms":0,"bytes_in":0,"bytes_out":0},{"timestamp":"2026-03-02T03:32:45","port":21,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"","headers":"{\"connection\":\"close\",\"host\":\":21\",\"user-agent\":\"Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":[],"url_path":"/favicon.ico","summary":"","payload_hex":"474554202f66617669636f6e2e69636f20485454502f312e310d0a486f73743a203a32310d0a557365722d4167656e743a204d6f7a696c6c612f352e30202857696e646f7773204e5420362e3129204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f34392e302e323632332e313132205361666172692f3533372e33360d0a436f6e6e656374696f6e3a20636c6f73650d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36","community_id":"1:z+8G6+74OQQbBViZvV3H6kxNny4=","ja3":"","session":"8f180517-1cb5-4ec8-bf08-c787690e2c99","seq":0,"duration_ms":0,"bytes_in":0,"bytes_out":0}],"http_methods":[{"method":"GET","count":5}],"distinct_ports_total":7,"top_paths":[{"path":"/","count":3,"ports":3},{"path":"/favicon.ico","count":2,"ports":2}],"distinct_paths_total":2,"top_snis":[],"top_hosts":[],"top_alpns":[],"banners":[],"credentials":[],"header_profile":{"signature":["Connection","Host","User-Agent"],"representative":[{"name":"Connection","value":"close","notable":false},{"name":"Host","value":":17080","notable":false},{"name":"User-Agent","value":"Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36","notable":false}],"distinct_sets":2,"events_with_headers":5},"tags":[],"data_as_of":"2026-06-23T05:13:59.669037+00:00"}