{"ip":"36.106.167.112","total_events":3,"verdict":{"verdict":"probing","label":"Low-level probing","detail":null,"confidence":"low","network_type":null},"first_seen":"2026-04-01T18:18:01","last_seen":"2026-06-03T02:36:04","events_24h":0,"events_7d":1,"geo":{"country_code":"CN","country_name":"China","region":"","city":"","asn":17638,"org":"ASN for TIANJIN Provincial Net of CT"},"source_domain":null,"known_scanners":[],"scanner_tag":null,"cve_matches":[],"top_ports":[{"port":4911,"proto":"tcp","label":"","count":1},{"port":6379,"proto":"tcp","label":"Redis","count":1},{"port":49159,"proto":"tcp","label":"","count":1}],"fingerprints":{"ssh_hassh":[],"tls_ja4":["t13i190800_9dc949149365_97f8aa674fd9","t13i130900_f57a46bbacb6_e7c285222651"],"ja4h":["ge11nn0200_79258615d613"]},"fingerprint_peers":{"t13i130900_f57a46bbacb6_e7c285222651":1895,"t13i190800_9dc949149365_97f8aa674fd9":3559,"ge11nn0200_79258615d613":3749},"user_agents":[],"timeline":[{"date":"2026-04-01","count":1},{"date":"2026-05-12","count":1},{"date":"2026-06-03","count":1}],"recent_events":[{"timestamp":"2026-06-03T02:36:04","port":6379,"proto":"tcp","app_proto":"tls","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"host\":\"<HONEYPOT>:6379\"}","body":"","sni":"","tls_cipher":"TLS_CHACHA20_POLY1305_SHA256","tls_version":"TLSv1.3","alpn":[],"url_path":"/","summary":"","method":"GET","user_agent":""},{"timestamp":"2026-05-12T15:38:07","port":49159,"proto":"tcp","app_proto":"","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0005\u0000\u0001\u0003\u0010\u0000\u0000\u0000\u0010\u0000\u0000\u0000\u0001\u0000\u0000\u0000","method":"","user_agent":"","enriched":{"digest":"d3de1a8d3c36c0c5","label":"SOCKS5"}},{"timestamp":"2026-04-01T18:18:01","port":4911,"proto":"tcp","app_proto":"tls","host":"","headers":"","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":[],"url_path":"","summary":"fox a 1 -1 fox hello\n{\nfox.version=s:1.0\nid=i:1\nhostName=s:xpvm-0omdc01xmy\nhostAddress=s:192.168.1.125\napp.name=s:Workbench\napp.version=s:3.7.44\nvm.name=s:Java HotSpot(TM) Server VM\nvm.version=s:20.4-b02\nos.name=s:Windows XP\nos.version=s:5.1\nlang=s:en\ntimeZone=s:America/Los_Angeles;-28800000;3600000;02:00:00.000,wall,march,8,on or after,sunday,undefined;02:00:00.000,wall,november,1,on or after,sunday,undefined\nhostId=s:Win-99CB-D49D-5442-07BB\nvmUuid=s:8b530bc8-76c5-4139-a2ea-0fabd394d305\nbrandId=s:vykon\n};;\n","method":"","user_agent":"","enriched":{"digest":"fe39c976bf6d2d07","strings":["fox a 1 -1 fox hello","fox.version=s:1.0","id=i:1","hostName=s:xpvm-0omdc01xmy","hostAddress=s:192.168.1.125","app.name=s:Workbench","app.version=s:3.7.44","vm.name=s:Java HotSpot(TM) Server VM","vm.version=s:20.4-b02","os.name=s:Windows XP"],"iocs":{"ips":["192.168.1.125"],"domains":["fox.version","app.name","app.version","vm.name","vm.version","os.name"]}}}],"http_methods":[{"method":"GET","count":1}],"distinct_ports_total":3,"top_paths":[{"path":"/","count":1,"ports":1}],"distinct_paths_total":1,"top_snis":[],"top_hosts":[],"top_alpns":[],"header_profile":{"signature":["Accept","Host"],"representative":[{"name":"Accept","value":"*/*","notable":false},{"name":"Host","value":"<HONEYPOT>:6379","notable":false}],"distinct_sets":1,"events_with_headers":1},"tags":[],"data_as_of":"2026-06-04T13:52:52.278127+00:00"}