{"ip":"31.154.107.212","total_events":310,"verdict":{"verdict":"probing","label":"Low-level probing","detail":null,"confidence":"low","network_type":"residential ISP"},"first_seen":"2026-02-20T16:16:48","last_seen":"2026-06-19T00:13:59","events_24h":0,"events_7d":56,"geo":{"country_code":"IL","country_name":"Israel","region":"","city":"","lat":31.5,"lon":34.75,"asn":12400,"org":"Partner Communications Ltd."},"source_domain":"31-154-107-212.orange.net.il","known_scanners":[],"scanner_tag":{"key":"peeringdb:as12400","label":"Partner Communications","category":"isp","url":"https://www.peeringdb.com/asn/12400"},"cve_matches":[],"top_ports":[{"port":445,"proto":"tcp","label":"SMB","count":310}],"fingerprints":{"ssh_hassh":[],"tls_ja4":[],"tls_ja3":[],"ja4h":[]},"fingerprint_peers":{},"user_agents":[],"timeline":[{"date":"2026-04-04","count":30},{"date":"2026-04-10","count":10},{"date":"2026-04-14","count":10},{"date":"2026-05-01","count":20},{"date":"2026-05-24","count":8},{"date":"2026-05-30","count":8},{"date":"2026-06-13","count":8},{"date":"2026-06-16","count":32},{"date":"2026-06-18","count":16},{"date":"2026-06-19","count":8}],"recent_events":[{"timestamp":"2026-06-19T00:13:59","port":445,"proto":"tcp","app_proto":"","app_protocol":"","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0000\u0000\u0000N�SMB2\u0000\u0000\u0000\u0000\u0018\u0007�\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000��\u0000\u0000A\u0000\u000f\f\u0000\u0000\u0000\u0001\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u00014�\u0000\u0000\u0000\f\u0000B\u0000\u0000\u0000N\u0000\u0001\u0000\u000e\u0000\r\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000","payload_hex":"0000004eff534d4232000000001807c00000000000000000000000000000fffe000041000f0c00000001000000000000000134ee0000000c00420000004e0001000e000d0000000000000000000000000000","method":"","user_agent":"","community_id":"1:Vlk7U04QvIlpkPBiwlrpjuYVh1I=","ja3":"","session":"91e3c0a4-1ac4-4cc9-8567-443d02784900","seq":4,"duration_ms":657,"bytes_in":455,"bytes_out":56,"enriched":{"digest":"5eae6febc6763bcc","strings":["SMB2"]}},{"timestamp":"2026-06-19T00:13:58","port":445,"proto":"tcp","app_proto":"","app_protocol":"","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0000\u0000\u0000\\�SMBu\u0000\u0000\u0000\u0000\u0018\u0007�\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000��\u0000\u0000@\u0000\u0004�\u0000\\\u0000\b\u0000\u0001\u00001\u0000\u0000\\\u0000\\\u00001\u00009\u00002\u0000.\u00001\u00006\u00008\u0000.\u00005\u00006\u0000.\u00002\u00000\u0000\\\u0000I\u0000P\u0000C\u0000$\u0000\u0000\u0000?????\u0000","payload_hex":"0000005cff534d4275000000001807c00000000000000000000000000000fffe0000400004ff005c00080001003100005c005c003100390032002e003100360038002e00350036002e00320030005c00490050004300240000003f3f3f3f3f00","method":"","user_agent":"","community_id":"1:Vlk7U04QvIlpkPBiwlrpjuYVh1I=","ja3":"","session":"91e3c0a4-1ac4-4cc9-8567-443d02784900","seq":3,"duration_ms":471,"bytes_in":373,"bytes_out":42,"enriched":{"digest":"efa66fc9f9be2f3a","strings":["SMBu","1\\\\192.168.56.20\\IPC$?????"],"iocs":{"ips":["192.168.56.20"]}}},{"timestamp":"2026-06-19T00:13:58","port":445,"proto":"tcp","app_proto":"","app_protocol":"","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0000\u0000\u0000��SMBs\u0000\u0000\u0000\u0000\u0018\u0007�\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000��\u0000\u0000@\u0000\r�\u0000�\u0000\u0004\u0011\n\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0001\u0000\u0000\u0000\u0000\u0000\u0000\u0000�\u0000\u0000\u0000K\u0000\u0000\u0000\u0000\u0000\u0000W\u0000i\u0000n\u0000d\u0000o\u0000w\u0000s\u0000 \u00002\u00000\u00000\u00000\u0000 \u00002\u00001\u00009\u00005\u0000\u0000\u0000W\u0000i\u0000n\u0000d\u0000o\u0000w\u0000s\u0000 \u00002\u00000\u00000\u00000\u0000 \u00005\u0000.\u00000\u0000\u0000\u0000","payload_hex":"00000088ff534d4273000000001807c00000000000000000000000000000fffe000040000dff00880004110a000000000000000100000000000000d40000004b000000000000570069006e0064006f007700730020003200300030003000200032003100390035000000570069006e0064006f007700730020003200300030003000200035002e0030000000","method":"","user_agent":"","community_id":"1:Vlk7U04QvIlpkPBiwlrpjuYVh1I=","ja3":"","session":"91e3c0a4-1ac4-4cc9-8567-443d02784900","seq":2,"duration_ms":285,"bytes_in":277,"bytes_out":28,"enriched":{"digest":"ee47b9d34e56607b","strings":["SMBs","KWindows 2000 2195Windows 2000 5.0"]}},{"timestamp":"2026-06-19T00:13:58","port":445,"proto":"tcp","app_proto":"","app_protocol":"","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0000\u0000\u0000��SMBr\u0000\u0000\u0000\u0000\u0018S�\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000��\u0000\u0000@\u0000\u0000b\u0000\u0002PC NETWORK PROGRAM 1.0\u0000\u0002LANMAN1.0\u0000\u0002Windows for Workgroups 3.1a\u0000\u0002LM1.2X002\u0000\u0002LANMAN2.1\u0000\u0002NT LM 0.12\u0000","payload_hex":"00000085ff534d4272000000001853c00000000000000000000000000000fffe00004000006200025043204e4554574f524b2050524f4752414d20312e3000024c414e4d414e312e30000257696e646f777320666f7220576f726b67726f75707320332e316100024c4d312e325830303200024c414e4d414e322e3100024e54204c4d20302e313200","method":"","user_agent":"","community_id":"1:Vlk7U04QvIlpkPBiwlrpjuYVh1I=","ja3":"","session":"91e3c0a4-1ac4-4cc9-8567-443d02784900","seq":1,"duration_ms":100,"bytes_in":137,"bytes_out":14,"enriched":{"digest":"bf5baf1504bec0a1","strings":["SMBr","PC NETWORK PROGRAM 1.0","LANMAN1.0","Windows for Workgroups 3.1a","LM1.2X002","LANMAN2.1","NT LM 0.12"]}},{"timestamp":"2026-06-19T00:13:55","port":445,"proto":"tcp","app_proto":"","app_protocol":"","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0000\u0000\u0000J�SMB%\u0000\u0000\u0000\u0000\u0018\u0001(\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0010\u0000\u0000\u0000\u0000����\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000J\u0000\u0000\u0000J\u0000\u0002\u0000#\u0000\u0000\u0000\u0007\u0000\\PIPE\\\u0000","payload_hex":"0000004aff534d42250000000018012800000000000000000000000000000000000000001000000000ffffffff0000000000000000000000004a0000004a0002002300000007005c504950455c00","method":"","user_agent":"","community_id":"1:KfwNE2dyHIcCayOby5UXLllUctM=","ja3":"","session":"16c280ce-6fb3-4b42-97ca-e6f20ba44ea9","seq":4,"duration_ms":656,"bytes_in":364,"bytes_out":56,"enriched":{"digest":"517764f22c39500b","strings":["SMB%","\\PIPE\\"]}},{"timestamp":"2026-06-19T00:13:55","port":445,"proto":"tcp","app_proto":"","app_protocol":"","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0000\u0000\u0000[�SMBu\u0000\u0000\u0000\u0000\u0018\u0001 \u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000/K\u0000\b�^\u0004�\u0000\u0000\u0000\u0000\u0000\u0001\u0000\u001c\u0000\u0000\\\\192.151.14.1\\IPC$\u0000?????\u0000EPATH_REPLACE__?????\u0000","payload_hex":"0000005bff534d42750000000018012000000000000000000000000000002f4b0008c55e04ff000000000001001c00005c5c3139322e3135312e31342e315c49504324003f3f3f3f3f0045504154485f5245504c4143455f5f3f3f3f3f3f00","method":"","user_agent":"","community_id":"1:KfwNE2dyHIcCayOby5UXLllUctM=","ja3":"","session":"16c280ce-6fb3-4b42-97ca-e6f20ba44ea9","seq":3,"duration_ms":471,"bytes_in":286,"bytes_out":42,"enriched":{"digest":"d5954c6f7bf6bdd2","strings":["SMBu","\\\\192.151.14.1\\IPC$","EPATH_REPLACE__?????","\\\\192.151.14.1\\IPC$?????EPATH_REPLACE__?????"],"iocs":{"ips":["192.151.14.1"]}}},{"timestamp":"2026-06-19T00:13:54","port":445,"proto":"tcp","app_proto":"","app_protocol":"","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0000\u0000\u0000c�SMBs\u0000\u0000\u0000\u0000\u0018\u0001 \u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000/K\u0000\u0000�^\r�\u0000\u0000\u0000��\u0002\u0000\u0001\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000@\u0000\u0000\u0000&\u0000\u0000.\u0000Windows 2000 2195\u0000Windows 2000 5.0\u0000","payload_hex":"00000063ff534d42730000000018012000000000000000000000000000002f4b0000c55e0dff000000dfff02000100000000000000000000000000400000002600002e0057696e646f7773203230303020323139350057696e646f7773203230303020352e3000","method":"","user_agent":"","community_id":"1:KfwNE2dyHIcCayOby5UXLllUctM=","ja3":"","session":"16c280ce-6fb3-4b42-97ca-e6f20ba44ea9","seq":2,"duration_ms":285,"bytes_in":191,"bytes_out":28,"enriched":{"digest":"247ca2c967be2946","strings":["SMBs","Windows 2000 2195","Windows 2000 5.0","@&.Windows 2000 2195Windows 2000 5.0"]}},{"timestamp":"2026-06-19T00:13:54","port":445,"proto":"tcp","app_proto":"","app_protocol":"","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0000\u0000\u0000T�SMBr\u0000\u0000\u0000\u0000\u0018\u0001(\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000/K\u0000\u0000�^\u00001\u0000\u0002LANMAN1.0\u0000\u0002LM1.2X002\u0000\u0002NT LANMAN 1.0\u0000\u0002NT LM 0.12\u0000","payload_hex":"00000054ff534d42720000000018012800000000000000000000000000002f4b0000c55e003100024c414e4d414e312e3000024c4d312e325830303200024e54204c414e4d414e20312e3000024e54204c4d20302e313200","method":"","user_agent":"","community_id":"1:KfwNE2dyHIcCayOby5UXLllUctM=","ja3":"","session":"16c280ce-6fb3-4b42-97ca-e6f20ba44ea9","seq":1,"duration_ms":100,"bytes_in":88,"bytes_out":14,"enriched":{"digest":"0468c709cd31eaf8","strings":["SMBr","LANMAN1.0","LM1.2X002","NT LANMAN 1.0","NT LM 0.12"]}},{"timestamp":"2026-06-18T22:49:42","port":445,"proto":"tcp","app_proto":"","app_protocol":"","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0000\u0000\u0000N�SMB2\u0000\u0000\u0000\u0000\u0018\u0007�\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000��\u0000\u0000A\u0000\u000f\f\u0000\u0000\u0000\u0001\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u00014�\u0000\u0000\u0000\f\u0000B\u0000\u0000\u0000N\u0000\u0001\u0000\u000e\u0000\r\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000","payload_hex":"0000004eff534d4232000000001807c00000000000000000000000000000fffe000041000f0c00000001000000000000000134ee0000000c00420000004e0001000e000d0000000000000000000000000000","method":"","user_agent":"","community_id":"1:pnP6pdbKWsoi883+82sLgxwdSGg=","ja3":"","session":"bb5f6c24-520d-46fd-ab27-c62903330beb","seq":4,"duration_ms":960,"bytes_in":455,"bytes_out":56,"enriched":{"digest":"5eae6febc6763bcc","strings":["SMB2"]}},{"timestamp":"2026-06-18T22:49:42","port":445,"proto":"tcp","app_proto":"","app_protocol":"","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0000\u0000\u0000\\�SMBu\u0000\u0000\u0000\u0000\u0018\u0007�\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000��\u0000\u0000@\u0000\u0004�\u0000\\\u0000\b\u0000\u0001\u00001\u0000\u0000\\\u0000\\\u00001\u00009\u00002\u0000.\u00001\u00006\u00008\u0000.\u00005\u00006\u0000.\u00002\u00000\u0000\\\u0000I\u0000P\u0000C\u0000$\u0000\u0000\u0000?????\u0000","payload_hex":"0000005cff534d4275000000001807c00000000000000000000000000000fffe0000400004ff005c00080001003100005c005c003100390032002e003100360038002e00350036002e00320030005c00490050004300240000003f3f3f3f3f00","method":"","user_agent":"","community_id":"1:pnP6pdbKWsoi883+82sLgxwdSGg=","ja3":"","session":"bb5f6c24-520d-46fd-ab27-c62903330beb","seq":3,"duration_ms":669,"bytes_in":373,"bytes_out":42,"enriched":{"digest":"efa66fc9f9be2f3a","strings":["SMBu","1\\\\192.168.56.20\\IPC$?????"],"iocs":{"ips":["192.168.56.20"]}}}],"http_methods":[],"distinct_ports_total":1,"top_paths":[],"distinct_paths_total":0,"top_snis":[],"top_hosts":[],"top_alpns":[],"banners":[],"credentials":[],"header_profile":null,"tags":[],"data_as_of":"2026-06-23T04:38:10.468357+00:00"}