{"ip":"34.78.23.28","total_events":436,"verdict":{"verdict":"scanning","label":"Unrecognized scanner","detail":"269+ ports swept","confidence":"medium","network_type":null},"first_seen":"2026-04-01T10:32:49","last_seen":"2026-06-25T13:28:42","events_24h":9,"events_7d":35,"geo":{"country_code":"BE","country_name":"Belgium","region":"Brussels Capital","city":"Brussels","lat":50.8534,"lon":4.347,"asn":396982,"org":"Google LLC"},"source_domain":"28.23.78.34.bc.googleusercontent.com","known_scanners":[],"scanner_tag":{"key":"gcp","label":"Google Cloud","category":"hosting_provider","url":"https://cloud.google.com/"},"cve_matches":[],"top_ports":[{"port":445,"proto":"tcp","label":"SMB","count":12},{"port":8873,"proto":"tcp","label":"","count":10},{"port":5433,"proto":"tcp","label":"","count":8},{"port":2083,"proto":"tcp","label":"","count":8},{"port":80,"proto":"tcp","label":"HTTP","count":8},{"port":27017,"proto":"tcp","label":"MongoDB","count":8},{"port":443,"proto":"tcp","label":"HTTPS","count":7},{"port":47990,"proto":"tcp","label":"","count":7},{"port":10250,"proto":"tcp","label":"","count":7},{"port":9200,"proto":"tcp","label":"Elastic","count":6},{"port":7443,"proto":"tcp","label":"","count":6},{"port":8889,"proto":"tcp","label":"","count":6},{"port":139,"proto":"tcp","label":"SMB","count":5},{"port":5432,"proto":"tcp","label":"Postgres","count":5},{"port":9002,"proto":"tcp","label":"","count":5}],"fingerprints":{"ssh_hassh":[],"tls_ja4":["t13i4311h1_c7886603b240_b26ce05bbdd6"],"tls_ja3":["f80d3d09f61892c5846c854dd84ac403"],"ja4h":["ge11nn0500_2d30dc89d981","ge11nn0300_042112399351"]},"fingerprint_peers":{"t13i4311h1_c7886603b240_b26ce05bbdd6":313,"ge11nn0300_042112399351":3357,"ge11nn0500_2d30dc89d981":1134},"user_agents":["Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0","python-requests/2.32.5"],"timeline":[{"date":"2026-04-01","count":4},{"date":"2026-04-02","count":15},{"date":"2026-04-11","count":16},{"date":"2026-04-14","count":8},{"date":"2026-04-15","count":12},{"date":"2026-04-22","count":4},{"date":"2026-04-25","count":8},{"date":"2026-04-26","count":25},{"date":"2026-04-29","count":24},{"date":"2026-05-03","count":6},{"date":"2026-05-04","count":7},{"date":"2026-05-05","count":35},{"date":"2026-05-07","count":8},{"date":"2026-05-09","count":2},{"date":"2026-05-10","count":13},{"date":"2026-05-11","count":19},{"date":"2026-05-12","count":3},{"date":"2026-05-15","count":1},{"date":"2026-05-16","count":6},{"date":"2026-05-23","count":22},{"date":"2026-05-24","count":3},{"date":"2026-05-28","count":12},{"date":"2026-05-30","count":7},{"date":"2026-05-31","count":2},{"date":"2026-06-01","count":21},{"date":"2026-06-03","count":4},{"date":"2026-06-05","count":1},{"date":"2026-06-06","count":1},{"date":"2026-06-07","count":10},{"date":"2026-06-08","count":11},{"date":"2026-06-09","count":4},{"date":"2026-06-12","count":11},{"date":"2026-06-13","count":25},{"date":"2026-06-14","count":33},{"date":"2026-06-15","count":1},{"date":"2026-06-16","count":17},{"date":"2026-06-22","count":15},{"date":"2026-06-23","count":6},{"date":"2026-06-24","count":9},{"date":"2026-06-25","count":5}],"recent_events":[{"timestamp":"2026-06-25T13:28:42","port":9200,"proto":"tcp","app_proto":"","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"host\":\"<HONEYPOT>:9200\",\"user-agent\":\"Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0\"}","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"/","summary":"","payload_hex":"474554202f20485454502f312e310d0a486f73743a20<HONEYPOT>3a393230300d0a557365722d4167656e743a204d6f7a696c6c612f352e30202857696e646f7773204e542031302e303b2072763a36382e3029204765636b6f2f32303130303130312046697265666f782f36382e300d0a4163636570743a202a2f2a0d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0","community_id":"1:Cj+uDwQkdYUrQCzqG/2S/GEFGJw=","ja3":"","session":"ed9a66b8-8083-453e-b9bb-7343ab6394f2","seq":1,"duration_ms":101,"bytes_in":137,"bytes_out":76},{"timestamp":"2026-06-25T13:28:42","port":9200,"proto":"tcp","app_proto":"","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"host\":\"<HONEYPOT>:9200\",\"user-agent\":\"Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0\"}","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"/","summary":"","payload_hex":"474554202f20485454502f312e310d0a486f73743a20<HONEYPOT>3a393230300d0a557365722d4167656e743a204d6f7a696c6c612f352e30202857696e646f7773204e542031302e303b2072763a36382e3029204765636b6f2f32303130303130312046697265666f782f36382e300d0a4163636570743a202a2f2a0d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0","community_id":"1:7kqBp2ZLMtjt7YoEp1gY0HwKimI=","ja3":"","session":"d387baee-e9a7-4b1b-abca-3671ff337e25","seq":1,"duration_ms":100,"bytes_in":137,"bytes_out":76},{"timestamp":"2026-06-25T12:42:03","port":9291,"proto":"tcp","app_proto":"","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip, deflate\",\"connection\":\"keep-alive\",\"host\":\"<HONEYPOT>:9291\",\"user-agent\":\"python-requests/2.32.5\"}","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"/","summary":"","payload_hex":"474554202f20485454502f312e310d0a486f73743a20<HONEYPOT>3a393239310d0a557365722d4167656e743a20707974686f6e2d72657175657374732f322e33322e350d0a4163636570742d456e636f64696e673a20677a69702c206465666c6174650d0a4163636570743a202a2f2a0d0a436f6e6e656374696f6e3a206b6565702d616c6976650d0a0d0a","method":"GET","user_agent":"python-requests/2.32.5","community_id":"1:wg4du0RMTnC2qdyose27fDp0Hig=","ja3":"","session":"406a9c15-82ba-441f-806b-23e72c71f796","seq":1,"duration_ms":100,"bytes_in":149,"bytes_out":76},{"timestamp":"2026-06-25T12:21:11","port":18005,"proto":"tcp","app_proto":"","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip, deflate\",\"connection\":\"keep-alive\",\"host\":\"<HONEYPOT>:18005\",\"user-agent\":\"python-requests/2.32.5\"}","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"/","summary":"","payload_hex":"474554202f20485454502f312e310d0a486f73743a20<HONEYPOT>3a31383030350d0a557365722d4167656e743a20707974686f6e2d72657175657374732f322e33322e350d0a4163636570742d456e636f64696e673a20677a69702c206465666c6174650d0a4163636570743a202a2f2a0d0a436f6e6e656374696f6e3a206b6565702d616c6976650d0a0d0a","method":"GET","user_agent":"python-requests/2.32.5","community_id":"1:C4Pfm5XRKvan3LVlKza/3watkMc=","ja3":"","session":"bfd944db-a0bd-4e75-95e4-0c62666a8f66","seq":1,"duration_ms":100,"bytes_in":149,"bytes_out":76},{"timestamp":"2026-06-25T11:56:08","port":12484,"proto":"tcp","app_proto":"","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip, deflate\",\"connection\":\"keep-alive\",\"host\":\"<HONEYPOT>:12484\",\"user-agent\":\"python-requests/2.32.5\"}","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"/","summary":"","payload_hex":"474554202f20485454502f312e310d0a486f73743a20<HONEYPOT>3a31323438340d0a557365722d4167656e743a20707974686f6e2d72657175657374732f322e33322e350d0a4163636570742d456e636f64696e673a20677a69702c206465666c6174650d0a4163636570743a202a2f2a0d0a436f6e6e656374696f6e3a206b6565702d616c6976650d0a0d0a","method":"GET","user_agent":"python-requests/2.32.5","community_id":"1:dFt/8D5psS1cnbxj1YxMAeoxFlo=","ja3":"","session":"1e989c84-6eda-46b7-891b-b547f0405d28","seq":1,"duration_ms":100,"bytes_in":149,"bytes_out":76},{"timestamp":"2026-06-24T22:41:19","port":443,"proto":"tcp","app_proto":"tls","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip, deflate\",\"connection\":\"keep-alive\",\"host\":\"<HONEYPOT>\",\"user-agent\":\"python-requests/2.32.5\"}","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":["http/1.1"],"url_path":"/","summary":"","payload_hex":"474554202f20485454502f312e310d0a486f73743a20<HONEYPOT>0d0a557365722d4167656e743a20707974686f6e2d72657175657374732f322e33322e350d0a4163636570742d456e636f64696e673a20677a69702c206465666c6174650d0a4163636570743a202a2f2a0d0a436f6e6e656374696f6e3a206b6565702d616c6976650d0a0d0a","method":"GET","user_agent":"python-requests/2.32.5","community_id":"1:T4oUzwu+bJUH119RP6x2qMhxft4=","ja3":"f80d3d09f61892c5846c854dd84ac403","session":"067fe6e1-1ae6-47e8-8872-538d0a9e65f3","seq":1,"duration_ms":104,"bytes_in":144,"bytes_out":76},{"timestamp":"2026-06-24T19:55:33","port":8873,"proto":"tcp","app_proto":"","app_protocol":"","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"@RSYNCD: 32.0 sha512 sha256 sha1 md5 md4\n","payload_hex":"405253594e43443a2033322e3020736861353132207368613235362073686131206d6435206d64340a","method":"","user_agent":"","community_id":"1:gqVHGzDDW/E9ZsHCnb9E6j/0BcI=","ja3":"","session":"2f39429e-b185-4eb4-87af-bb73a3faddba","seq":1,"duration_ms":100,"bytes_in":41,"bytes_out":11,"enriched":{"digest":"bad9adf5c8ec8f03","strings":["@RSYNCD: 32.0 sha512 sha256 sha1 md5 md4"]}},{"timestamp":"2026-06-24T19:23:19","port":5433,"proto":"tcp","app_proto":"","app_protocol":"","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0000\u0000\u0000\b\u0004�\u0016/","payload_hex":"0000000804d2162f","method":"","user_agent":"","community_id":"1:ECo0pMH+qANo/wx0dh09rx6RtIY=","ja3":"","session":"8d254ea7-fe16-42bc-83ac-769bec4ccb2b","seq":1,"duration_ms":100,"bytes_in":8,"bytes_out":11},{"timestamp":"2026-06-24T17:05:12","port":873,"proto":"tcp","app_proto":"","app_protocol":"","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"@RSYNCD: 32.0 sha512 sha256 sha1 md5 md4\n","payload_hex":"405253594e43443a2033322e3020736861353132207368613235362073686131206d6435206d64340a","method":"","user_agent":"","community_id":"1:IuGLbQ/NIiQowTfPtLr+MIehkYw=","ja3":"","session":"5cd4a4a2-fa76-4118-829a-af3a5499fdf8","seq":1,"duration_ms":100,"bytes_in":41,"bytes_out":11,"enriched":{"digest":"bad9adf5c8ec8f03","strings":["@RSYNCD: 32.0 sha512 sha256 sha1 md5 md4"]}},{"timestamp":"2026-06-24T15:18:30","port":445,"proto":"tcp","app_proto":"","app_protocol":"","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0000\u0000\u0000E�SMBr\u0000\u0000\u0000\u0000\u0018\u0001�\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000��\u0000\u0000\u0000\u0000\u0000\u0000\u0000\"\u0000\u0002NT LM 0.12\u0000\u0002SMB 2.002\u0000\u0002SMB 2.???\u0000","payload_hex":"00000045ff534d4272000000001801c8000000000000000000000000ffff000000000000002200024e54204c4d20302e31320002534d4220322e3030320002534d4220322e3f3f3f00","method":"","user_agent":"","community_id":"1:xHjq8GS44YtFkv+y6clbo1Us5Ss=","ja3":"","session":"c10eb366-8095-481b-b408-f93d47dbbd51","seq":1,"duration_ms":100,"bytes_in":73,"bytes_out":11,"enriched":{"digest":"12cfb855292c0a4d","strings":["SMBr","NT LM 0.12","SMB 2.002","SMB 2.???"]}}],"http_methods":[{"method":"GET","count":266}],"distinct_ports_total":269,"top_paths":[{"path":"/","count":266,"ports":234}],"distinct_paths_total":1,"top_snis":[],"top_hosts":[],"top_alpns":[{"value":"http/1.1","count":5}],"banners":[],"credentials":[],"header_profile":{"signature":["Accept","Accept-Encoding","Connection","Host","User-Agent"],"representative":[{"name":"Accept","value":"*/*","notable":false},{"name":"Accept-Encoding","value":"gzip, deflate","notable":false},{"name":"Connection","value":"keep-alive","notable":false},{"name":"Host","value":"<HONEYPOT>:9291","notable":false},{"name":"User-Agent","value":"python-requests/2.32.5","notable":false}],"distinct_sets":2,"events_with_headers":6},"tags":[],"data_as_of":"2026-06-25T16:27:06.266930+00:00"}