{"ip":"34.62.24.141","total_events":10,"verdict":{"verdict":"probing","label":"Low-level probing","detail":null,"confidence":"low","network_type":null,"why":["10 event(s), fewer than 10 distinct ports, no exploit payloads.","Not in any known-scanner range."]},"first_seen":"2026-07-03T07:52:29","last_seen":"2026-07-03T07:53:27","events_24h":0,"events_7d":10,"geo":{"country_code":"BE","country_name":"Belgium","region":"Brussels Capital","city":"Brussels","lat":50.8534,"lon":4.347,"asn":396982,"org":"Google LLC"},"source_domain":"141.24.62.34.bc.googleusercontent.com","known_scanners":[],"scanner_tag":{"key":"gcp","label":"Google Cloud","category":"hosting_provider","url":"https://cloud.google.com/"},"cve_matches":[],"malware":[],"top_ports":[{"port":25,"proto":"tcp","label":"SMTP","count":10}],"fingerprints":{"ssh_hassh":[],"tls_ja4":[],"tls_ja3":[],"ja4h":["ge11nn0300_0db47b7d240d"]},"fingerprint_peers":{"ge11nn0300_0db47b7d240d":4391},"user_agents":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36"],"timeline":[{"date":"2026-07-03","count":10}],"recent_events":[{"timestamp":"2026-07-03T07:53:27","port":25,"proto":"tcp","app_proto":"","app_protocol":"","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"�\u0000\u0000(r�\u001d\u0013\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0002\u0000\u0001��\u0000\u0001�|\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000","payload_hex":"8000002872fe1d130000000000000002000186a00001977c0000000000000000000000000000000000000000","method":"","user_agent":"","community_id":"1:+IhSgYC041jrXWdbBLAl5ig/vi8=","ja3":"","session":"87b9c666-84ea-4fe8-b934-e839cea5b6a0","seq":1,"duration_ms":100,"bytes_in":44,"bytes_out":40},{"timestamp":"2026-07-03T07:53:22","port":25,"proto":"tcp","app_proto":"","app_protocol":"","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0000\u0000\u0000#\u0000\u0003\u0000\u0000\u001e3��\u0000\radminclient-5\u0000\u0000\u0000\u0001\u0000\u0006I6zg7v","payload_hex":"00000023000300001e33f481000d61646d696e636c69656e742d3500000001000649367a673776","method":"","user_agent":"","community_id":"1:tpVY0IwMdh++xWRuTlE10MIRE6M=","ja3":"","session":"0d48bcf3-7b04-43fd-8038-4048d83932fe","seq":1,"duration_ms":100,"bytes_in":39,"bytes_out":40,"enriched":{"digest":"493c302963bdca57","strings":["adminclient-5","I6zg7v"]}},{"timestamp":"2026-07-03T07:53:22","port":25,"proto":"tcp","app_proto":"","app_protocol":"","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0000\u0000\u0000C\u0000\u0012\u0000\u0000\u001e3��\u0000\u001fconsumer-Offset Explorer 2.2-18\u0000\u0012apache-kafka-java\u00062.4.0\u0000","payload_hex":"00000043001200001e33f481001f636f6e73756d65722d4f6666736574204578706c6f72657220322e322d313800126170616368652d6b61666b612d6a61766106322e342e3000","method":"","user_agent":"","community_id":"1:hOWOUNBYJRvVu+YWyf5GJNSCC90=","ja3":"","session":"92c79b5a-d7f0-470d-a1a9-af3cf0243cec","seq":1,"duration_ms":100,"bytes_in":71,"bytes_out":40,"enriched":{"digest":"5205d1d8e7086ced","strings":["consumer-Offset Explorer 2.2-18","apache-kafka-java","2.4.0"]}},{"timestamp":"2026-07-03T07:53:17","port":25,"proto":"tcp","app_proto":"","app_protocol":"","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"0:\u0002\u0004\n�ѻ`2\u0002\u0001\u0003\u0004\u0017cn=zefoipxaayunjsqbaqdi�\u0014zefoipxaayunjsqbaqdi","payload_hex":"303a02040ac1d1bb60320201030417636e3d7a65666f697078616179756e6a7371626171646980147a65666f697078616179756e6a73716261716469","method":"","user_agent":"","community_id":"1:5fyoOmTQ9FYVkeKgVwEgJBb//Qk=","ja3":"","session":"99def86b-47e5-4294-a4b2-e382629908f6","seq":1,"duration_ms":102,"bytes_in":60,"bytes_out":40,"enriched":{"digest":"1861ebe7e7fa41ab","strings":["cn=zefoipxaayunjsqbaqdi","zefoipxaayunjsqbaqdi"]}},{"timestamp":"2026-07-03T07:53:17","port":25,"proto":"tcp","app_proto":"","app_protocol":"","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0012\u0001\u0000X\u0000\u0000\u0001\u0000\u0000\u0000\u001f\u0000\u0006\u0001\u0000%\u0000\u0001\u0002\u0000&\u0000\u0001\u0003\u0000'\u0000\u0004\u0004\u0000+\u0000\u0001\u0005\u0000,\u0000$�\u0011\t\u0000\u0001\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000���\\�k�\u001f٪<\u0013K�{�\u0003\\2!$���7�b9JF,�\u0000\u0000\u0000\u0000","payload_hex":"120100580000010000001f000601002500010200260001030027000404002b000105002c0024ff11090001000000000000000000f9b8cb5c946b891fd9aa3c134bd07b88035c322124a2818637cf62394a462cc600000000","method":"","user_agent":"","community_id":"1:3o/ylct6jZ46ZknW1STLQBGGiew=","ja3":"","session":"1c69d171-0dbb-4640-9b89-898bf5318949","seq":1,"duration_ms":100,"bytes_in":88,"bytes_out":40,"enriched":{"digest":"27c376c992ab21ba","strings":["\\2!$","b9JF,"]}},{"timestamp":"2026-07-03T07:53:10","port":25,"proto":"tcp","app_proto":"","app_protocol":"tpkt","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0003\u0000\u0000\u0013\u000e�\u0000\u0000\u0000\u0000\u0000\u0001\u0000\b\u0000\u000b\u0000\u0000\u0000","payload_hex":"030000130ee00000000000010008000b000000","method":"","user_agent":"","community_id":"1:YgoPVDkhrWkqo0jJG8tm3B5gqak=","ja3":"","session":"e4f4544a-9f37-455a-9ae0-ff34b8c183b0","seq":1,"duration_ms":0,"bytes_in":19,"bytes_out":40,"enriched":{"digest":"25de8bd668f2cb15","label":"TPKT / COTP (ISO-TSAP)"}},{"timestamp":"2026-07-03T07:53:08","port":25,"proto":"tcp","app_proto":"","app_protocol":"","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0000\u001e��\u0001\u0000\u0000\u0001\u0000\u0000\u0000\u0000\u0000\u0000\u0007version\u0004bind\u0000\u0000\u0010\u0000\u0003","payload_hex":"001ecdf7010000010000000000000776657273696f6e0462696e640000100003","method":"","user_agent":"","community_id":"1:91Rr4t0kUyqfo/+Ygp2ue0tCgtg=","ja3":"","session":"ed2abe8e-fa30-47a6-9268-b12fde92e381","seq":1,"duration_ms":103,"bytes_in":32,"bytes_out":40,"enriched":{"digest":"c2fe0abe95ce2f32","strings":["version","bind"]}},{"timestamp":"2026-07-03T07:52:42","port":25,"proto":"tcp","app_proto":"","app_protocol":"","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"ճ��\"ԫ��zæ�R�Y�q�o0.��]0\u0011ā/��\u000b�\u0016���`&r�U�\u001d\u0002���9]�˜�'�/�l\u0000��&","payload_hex":"d5b39cab22d4ab81fd7ac3a6fb52ef599971da6f302e82ca5d3011c4812ff2a20b921690a7db6026729d55fa1d02948ee0395dfbcb9ceb27a62f956c00888126","method":"","user_agent":"","community_id":"1:2fTyA94pi3H8dLaGroQL58ldEXs=","ja3":"","session":"45c9a844-44c3-4176-91c5-069fbb1a2201","seq":1,"duration_ms":0,"bytes_in":64,"bytes_out":40},{"timestamp":"2026-07-03T07:52:37","port":25,"proto":"tcp","app_proto":"","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:25\",\"user-agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36\"}","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"/","summary":"","payload_hex":"474554202f20485454502f312e310d0a486f73743a20<HONEYPOT>3a32350d0a557365722d4167656e743a204d6f7a696c6c612f352e30202857696e646f7773204e542031302e303b2057696e36343b2078363429204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f3132372e302e302e30205361666172692f3533372e33360d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36","community_id":"1:FuUkix/IpPqmKidWbKwlRvaJUPw=","ja3":"","session":"898a5d2a-32b6-4ba5-beda-06982d26a62b","seq":1,"duration_ms":0,"bytes_in":189,"bytes_out":40},{"timestamp":"2026-07-03T07:52:29","port":25,"proto":"tcp","app_proto":"","app_protocol":"","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":";\u0000\u0000\u0000\u0001\u0000\u0000\u0000\u0000\u0000\u0000\u0000�\u0007\u0000\u0000\u0000\u0000\u0000\u0000admin.$cmd\u0000\u0000\u0000\u0000\u0000����\u0014\u0000\u0000\u0000\u0001hello\u0000\u0000\u0000\u0000\u0000\u0000\u0000�?\u00008\u0000\u0000\u0000\u0003\u0000\u0000\u0000\u0000\u0000\u0000\u0000�\u0007\u0000\u0000\u0000\u0000\u0000\u0000\u0000#\u0000\u0000\u0000\u0001hello\u0000\u0000\u0000\u0000\u0000\u0000\u0000�?\u0002$db\u0000\u0006\u0000\u0000\u0000admin\u0000\u0000","payload_hex":"3b0000000100000000000000d40700000000000061646d696e2e24636d640000000000ffffffff140000000168656c6c6f00000000000000f03f00380000000300000000000000dd0700000000000000230000000168656c6c6f00000000000000f03f02246462000600000061646d696e0000","method":"","user_agent":"","community_id":"1:TO5J/u0OZhxqfJG0+dgIMLSqOHk=","ja3":"","session":"3731efe0-8a54-4449-aadc-5ae83153a5b0","seq":1,"duration_ms":100,"bytes_in":115,"bytes_out":40,"enriched":{"digest":"04b55a80e4bb62fa","strings":["admin.$cmd","hello","admin"]}}],"http_methods":[{"method":"GET","count":1}],"distinct_ports_total":1,"top_paths":[{"path":"/","count":1,"ports":1}],"distinct_paths_total":1,"top_snis":[],"top_hosts":[],"top_alpns":[],"banners":[],"credentials":[],"header_profile":{"signature":["Accept-Encoding","Host","User-Agent"],"representative":[{"name":"Accept-Encoding","value":"gzip","notable":false},{"name":"Host","value":"<HONEYPOT>:25","notable":false},{"name":"User-Agent","value":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36","notable":false}],"distinct_sets":1,"events_with_headers":1},"tags":[],"data_as_of":"2026-07-05T03:20:48.273441+00:00"}