{"ip":"43.248.108.211","total_events":3,"verdict":{"verdict":"probing","label":"Low-level probing","detail":null,"confidence":"low","network_type":"nsp"},"first_seen":"2026-06-10T10:36:46","last_seen":"2026-06-15T02:22:51","events_24h":0,"events_7d":1,"geo":{"country_code":"CN","country_name":"China","region":"","city":"","lat":34.7732,"lon":113.722,"asn":4837,"org":"CHINA UNICOM China169 Backbone"},"source_domain":null,"known_scanners":[],"scanner_tag":{"key":"peeringdb:as4837","label":"China Unicom","category":"isp","url":"https://www.peeringdb.com/asn/4837"},"cve_matches":[],"top_ports":[{"port":8030,"proto":"tcp","label":"","count":1},{"port":12323,"proto":"tcp","label":"","count":1},{"port":9200,"proto":"tcp","label":"Elastic","count":1}],"fingerprints":{"ssh_hassh":[],"tls_ja4":[],"tls_ja3":[],"ja4h":["ge11nn0300_86b6b04cb9cc"]},"fingerprint_peers":{"ge11nn0300_86b6b04cb9cc":4801},"user_agents":["Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36"],"timeline":[{"date":"2026-06-10","count":1},{"date":"2026-06-11","count":1},{"date":"2026-06-15","count":1}],"recent_events":[{"timestamp":"2026-06-15T02:22:51","port":8030,"proto":"tcp","app_proto":"","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"connection\":\"close\",\"host\":\"<HONEYPOT>:8030\",\"user-agent\":\"Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36\"}","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"/","summary":"","payload_hex":"474554202f20485454502f312e310d0a486f73743a20<HONEYPOT>3a383033300d0a557365722d4167656e743a204d6f7a696c6c612f352e30202857696e646f7773204e5420362e3129204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f34392e302e323632332e313132205361666172692f3533372e33360d0a436f6e6e656374696f6e3a20636c6f73650d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36","community_id":"1:hCUp7eqo82zRiVE3kB0F6/MKgmg=","ja3":"","session":"65fbac10-a236-4aff-847a-3f8e23b8ce29","seq":1,"duration_ms":100,"bytes_in":179,"bytes_out":79},{"timestamp":"2026-06-11T16:55:31","port":12323,"proto":"tcp","app_proto":"","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"connection\":\"close\",\"host\":\"<HONEYPOT>:12323\",\"user-agent\":\"Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36\"}","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"/favicon.ico","summary":"","payload_hex":"474554202f66617669636f6e2e69636f20485454502f312e310d0a486f73743a20<HONEYPOT>3a31323332330d0a557365722d4167656e743a204d6f7a696c6c612f352e30202857696e646f7773204e5420362e3129204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f34392e302e323632332e313132205361666172692f3533372e33360d0a436f6e6e656374696f6e3a20636c6f73650d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36","community_id":"1:NFUMffgYByDh4O2lHujkiStaIOo=","ja3":"","session":"ca7c33c7-e821-41de-bbbc-0bd51bee9647","seq":1,"duration_ms":100,"bytes_in":191,"bytes_out":79},{"timestamp":"2026-06-10T10:36:46","port":9200,"proto":"tcp","app_proto":"","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"connection\":\"close\",\"host\":\"<HONEYPOT>:9200\",\"user-agent\":\"Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36\"}","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"/","summary":"","payload_hex":"474554202f20485454502f312e310d0a486f73743a20<HONEYPOT>3a393230300d0a557365722d4167656e743a204d6f7a696c6c612f352e30202857696e646f7773204e5420362e3129204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f34392e302e323632332e313132205361666172692f3533372e33360d0a436f6e6e656374696f6e3a20636c6f73650d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36","community_id":"1:vfIujyPRyQ6mmqaV1rtIRT/Pn40=","ja3":"","session":"55f5ba08-625f-4411-8b5d-216012feded8","seq":1,"duration_ms":100,"bytes_in":178,"bytes_out":79}],"http_methods":[{"method":"GET","count":3}],"distinct_ports_total":3,"top_paths":[{"path":"/","count":2,"ports":2},{"path":"/favicon.ico","count":1,"ports":1}],"distinct_paths_total":2,"top_snis":[],"top_hosts":[],"top_alpns":[],"banners":[],"credentials":[],"header_profile":{"signature":["Connection","Host","User-Agent"],"representative":[{"name":"Connection","value":"close","notable":false},{"name":"Host","value":"<HONEYPOT>:8030","notable":false},{"name":"User-Agent","value":"Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36","notable":false}],"distinct_sets":1,"events_with_headers":3},"tags":[],"data_as_of":"2026-06-21T09:10:30.241936+00:00"}