{"ip":"45.156.128.53","total_events":199,"verdict":{"verdict":"scanner","label":"Recognized scanner","detail":"bitsight","confidence":"high","network_type":null},"first_seen":"2026-02-20T21:16:28","last_seen":"2026-06-25T11:57:57","events_24h":2,"events_7d":11,"geo":{"country_code":"PT","country_name":"Portugal","region":"","city":"","lat":38.7057,"lon":-9.1359,"asn":211680,"org":"Sistemas Informaticos, S.A."},"source_domain":"sh-ams-nl-gp1-wk111c.internet-census.org","known_scanners":["bitsight","Internet Census"],"scanner_tag":{"key":"internet-census","label":"Internet Census","category":"research","url":"https://internet-census.org/"},"cve_matches":[],"top_ports":[{"port":53,"proto":"tcp","label":"DNS","count":7},{"port":8001,"proto":"tcp","label":"","count":7},{"port":4369,"proto":"tcp","label":"","count":6},{"port":81,"proto":"tcp","label":"","count":5},{"port":143,"proto":"tcp","label":"IMAP","count":5},{"port":5269,"proto":"tcp","label":"XMPP-S2S","count":5},{"port":25105,"proto":"tcp","label":"","count":4},{"port":50001,"proto":"tcp","label":"","count":4},{"port":2480,"proto":"tcp","label":"","count":4},{"port":8098,"proto":"tcp","label":"","count":4},{"port":554,"proto":"tcp","label":"","count":4},{"port":5672,"proto":"tcp","label":"","count":4},{"port":4949,"proto":"tcp","label":"","count":4},{"port":4242,"proto":"tcp","label":"","count":4},{"port":7548,"proto":"tcp","label":"","count":3}],"fingerprints":{"ssh_hassh":[],"tls_ja4":["t12i330500_5172cef6ed69_021165082e1c"],"tls_ja3":[],"ja4h":["ge11nn0400_88d30a62b7ad"]},"fingerprint_peers":{"t12i330500_5172cef6ed69_021165082e1c":220,"ge11nn0400_88d30a62b7ad":7555},"user_agents":["Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.6312.86 Safari/537.36 BitSightBot/1.0","Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.6312.86 Safari/537.36","Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.117 Safari/537.36"],"timeline":[{"date":"2026-04-01","count":2},{"date":"2026-04-03","count":1},{"date":"2026-04-07","count":7},{"date":"2026-04-08","count":1},{"date":"2026-04-10","count":2},{"date":"2026-04-12","count":7},{"date":"2026-04-13","count":3},{"date":"2026-04-14","count":1},{"date":"2026-04-15","count":5},{"date":"2026-04-18","count":6},{"date":"2026-04-20","count":3},{"date":"2026-04-21","count":4},{"date":"2026-04-22","count":5},{"date":"2026-04-25","count":2},{"date":"2026-04-27","count":5},{"date":"2026-04-29","count":3},{"date":"2026-05-01","count":4},{"date":"2026-05-02","count":2},{"date":"2026-05-03","count":3},{"date":"2026-05-04","count":2},{"date":"2026-05-05","count":2},{"date":"2026-05-09","count":3},{"date":"2026-05-10","count":1},{"date":"2026-05-11","count":2},{"date":"2026-05-12","count":1},{"date":"2026-05-14","count":3},{"date":"2026-05-15","count":2},{"date":"2026-05-16","count":2},{"date":"2026-05-19","count":1},{"date":"2026-05-20","count":3},{"date":"2026-05-23","count":2},{"date":"2026-05-24","count":2},{"date":"2026-05-26","count":3},{"date":"2026-05-27","count":2},{"date":"2026-05-30","count":1},{"date":"2026-06-04","count":1},{"date":"2026-06-05","count":1},{"date":"2026-06-07","count":4},{"date":"2026-06-08","count":1},{"date":"2026-06-11","count":2},{"date":"2026-06-12","count":4},{"date":"2026-06-14","count":3},{"date":"2026-06-15","count":1},{"date":"2026-06-16","count":2},{"date":"2026-06-19","count":3},{"date":"2026-06-20","count":1},{"date":"2026-06-21","count":4},{"date":"2026-06-22","count":1},{"date":"2026-06-25","count":2}],"recent_events":[{"timestamp":"2026-06-25T11:57:57","port":5560,"proto":"tcp","app_proto":"","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:5560\",\"user-agent\":\"Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.6312.86 Safari/537.36\"}","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"/favicon.ico","summary":"","payload_hex":"474554202f66617669636f6e2e69636f20485454502f312e310d0a486f73743a20<HONEYPOT>3a353536300d0a557365722d4167656e743a204d6f7a696c6c612f352e30204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f3132332e302e363331322e3836205361666172692f3533372e33360d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.6312.86 Safari/537.36","community_id":"1:6nR12MZswIkruENXBDEm/qYH42o=","ja3":"","session":"bac801c2-5a9b-4449-8018-53e6b1005cda","seq":1,"duration_ms":100,"bytes_in":189,"bytes_out":78},{"timestamp":"2026-06-25T09:12:45","port":53,"proto":"tcp","app_proto":"","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:53\",\"user-agent\":\"Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.6312.86 Safari/537.36\"}","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"/","summary":"","payload_hex":"474554202f20485454502f312e310d0a486f73743a20<HONEYPOT>3a35330d0a557365722d4167656e743a204d6f7a696c6c612f352e30204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f3132332e302e363331322e3836205361666172692f3533372e33360d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.6312.86 Safari/537.36","community_id":"1:veAvatBb4LouOpA67Z4uU48uf8o=","ja3":"","session":"5fd91445-c6e8-48fa-8f36-02ad7e3efb6f","seq":1,"duration_ms":100,"bytes_in":178,"bytes_out":78},{"timestamp":"2026-06-22T22:47:30","port":32764,"proto":"tcp","app_proto":"","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:32764\",\"user-agent\":\"Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.6312.86 Safari/537.36\"}","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"/","summary":"","payload_hex":"474554202f20485454502f312e310d0a486f73743a20<HONEYPOT>3a33323736340d0a557365722d4167656e743a204d6f7a696c6c612f352e30204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f3132332e302e363331322e3836205361666172692f3533372e33360d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.6312.86 Safari/537.36","community_id":"1:XETkIXa5I3shX4knwGGhe29GuG0=","ja3":"","session":"881c8738-062a-4bca-8591-d4913658c580","seq":1,"duration_ms":100,"bytes_in":179,"bytes_out":78},{"timestamp":"2026-06-21T20:32:47","port":3389,"proto":"tcp","app_proto":"","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:3389\",\"user-agent\":\"Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.6312.86 Safari/537.36\"}","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"/favicon.ico","summary":"","payload_hex":"474554202f66617669636f6e2e69636f20485454502f312e310d0a486f73743a20<HONEYPOT>3a333338390d0a557365722d4167656e743a204d6f7a696c6c612f352e30204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f3132332e302e363331322e3836205361666172692f3533372e33360d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.6312.86 Safari/537.36","community_id":"1:Iej9kezOJv8KM6RgONZzAPp6lEU=","ja3":"","session":"64527bc1-1d4a-44c2-8c97-7ed6dac9ec7e","seq":1,"duration_ms":100,"bytes_in":189,"bytes_out":78},{"timestamp":"2026-06-21T20:32:21","port":3389,"proto":"tcp","app_proto":"","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:3389\",\"user-agent\":\"Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.6312.86 Safari/537.36\"}","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"/","summary":"","payload_hex":"474554202f20485454502f312e310d0a486f73743a20<HONEYPOT>3a333338390d0a557365722d4167656e743a204d6f7a696c6c612f352e30204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f3132332e302e363331322e3836205361666172692f3533372e33360d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.6312.86 Safari/537.36","community_id":"1:jEsK5EdrlF6ddBGxM/JreXVfsRM=","ja3":"","session":"dc89aca7-49d0-4500-a934-fb938b9bd06c","seq":1,"duration_ms":101,"bytes_in":178,"bytes_out":78},{"timestamp":"2026-06-21T10:49:04","port":5672,"proto":"tcp","app_proto":"","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:5672\",\"user-agent\":\"Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.6312.86 Safari/537.36\"}","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"/favicon.ico","summary":"","payload_hex":"474554202f66617669636f6e2e69636f20485454502f312e310d0a486f73743a20<HONEYPOT>3a353637320d0a557365722d4167656e743a204d6f7a696c6c612f352e30204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f3132332e302e363331322e3836205361666172692f3533372e33360d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.6312.86 Safari/537.36","community_id":"1:Kgfilf2TNYWYOUiYwozjp2faq6k=","ja3":"","session":"b52b7ed8-0455-491d-b373-2bf20dc4a28e","seq":1,"duration_ms":100,"bytes_in":189,"bytes_out":78},{"timestamp":"2026-06-21T10:48:48","port":5672,"proto":"tcp","app_proto":"","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:5672\",\"user-agent\":\"Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.6312.86 Safari/537.36\"}","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"/","summary":"","payload_hex":"474554202f20485454502f312e310d0a486f73743a20<HONEYPOT>3a353637320d0a557365722d4167656e743a204d6f7a696c6c612f352e30204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f3132332e302e363331322e3836205361666172692f3533372e33360d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.6312.86 Safari/537.36","community_id":"1:koWkMaH1ZvRAnlkcomzBb8AZWqQ=","ja3":"","session":"3e88bb25-a264-4ffd-a9a1-4f6b1d1b8446","seq":1,"duration_ms":100,"bytes_in":178,"bytes_out":78},{"timestamp":"2026-06-20T03:35:56","port":5269,"proto":"tcp","app_proto":"","app_protocol":"soap","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"<?xml version='1.0'?><stream:stream xmlns:stream='http://etherx.jabber.org/streams' xmlns='jabber:client' xml:lang='en' to='<HONEYPOT>' version='1.0'>","payload_hex":"3c3f786d6c2076657273696f6e3d27312e30273f3e3c73747265616d3a73747265616d20786d6c6e733a73747265616d3d27687474703a2f2f6574686572782e6a61626265722e6f72672f73747265616d732720786d6c6e733d276a61626265723a636c69656e742720786d6c3a6c616e673d27656e2720746f3d27<HONEYPOT>272076657273696f6e3d27312e30273e","method":"","user_agent":"","community_id":"1:1u/33nNkm/2uw8uWUh1RgDMvjjQ=","ja3":"","session":"d040a2b6-8bf1-4373-b216-614fafd0fdc1","seq":1,"duration_ms":100,"bytes_in":152,"bytes_out":13,"enriched":{"digest":"7615f5965b66104d","label":"SOAP/XML","strings":["<?xml version='1.0'?><stream:stream xmlns:stream='http://etherx.jabber.org/strea…"],"iocs":{"urls":["http://etherx.jabber.org/strea…"],"domains":["etherx.jabber.org"],"paths":["/etherx.jabber.org/strea"]}}},{"timestamp":"2026-06-19T07:11:51","port":62078,"proto":"tcp","app_proto":"","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:62078\",\"user-agent\":\"Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.6312.86 Safari/537.36\"}","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"/favicon.ico","summary":"","payload_hex":"474554202f66617669636f6e2e69636f20485454502f312e310d0a486f73743a20<HONEYPOT>3a36323037380d0a557365722d4167656e743a204d6f7a696c6c612f352e30204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f3132332e302e363331322e3836205361666172692f3533372e33360d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.6312.86 Safari/537.36","community_id":"1:zUSFq7+gKJptqBjfOFGf7Yn+dmY=","ja3":"","session":"3a94f617-7ec6-4e88-bcab-886b5fbd1815","seq":1,"duration_ms":100,"bytes_in":190,"bytes_out":78},{"timestamp":"2026-06-19T00:50:40","port":2761,"proto":"tcp","app_proto":"","app_protocol":"http","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:2761\",\"user-agent\":\"Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.6312.86 Safari/537.36\"}","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"/","summary":"","payload_hex":"474554202f20485454502f312e310d0a486f73743a20<HONEYPOT>3a323736310d0a557365722d4167656e743a204d6f7a696c6c612f352e30204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f3132332e302e363331322e3836205361666172692f3533372e33360d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a","method":"GET","user_agent":"Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.6312.86 Safari/537.36","community_id":"1:nfFbAu5B7Fy07IBRbL1AV0G+480=","ja3":"","session":"d30bd900-44f8-4164-b072-89c58cf28c83","seq":1,"duration_ms":101,"bytes_in":179,"bytes_out":78}],"http_methods":[{"method":"GET","count":92}],"distinct_ports_total":87,"top_paths":[{"path":"/favicon.ico","count":47,"ports":40},{"path":"/","count":44,"ports":43},{"path":"/jmx?Hadoop:service=NameNode","count":1,"ports":1}],"distinct_paths_total":3,"top_snis":[],"top_hosts":[],"top_alpns":[],"banners":[],"credentials":[],"header_profile":{"signature":["Accept","Accept-Encoding","Host","User-Agent"],"representative":[{"name":"Accept","value":"*/*","notable":false},{"name":"Accept-Encoding","value":"gzip","notable":false},{"name":"Host","value":"<HONEYPOT>:5560","notable":false},{"name":"User-Agent","value":"Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.6312.86 Safari/537.36","notable":false}],"distinct_sets":1,"events_with_headers":9},"tags":[],"data_as_of":"2026-06-25T12:47:21.966671+00:00"}