{"ip":"159.89.154.198","total_events":285,"verdict":{"verdict":"scanner","label":"Recognized scanner","detail":"binaryedge","confidence":"high","network_type":"CDN"},"first_seen":"2026-05-16T00:58:43","last_seen":"2026-06-22T16:11:43","events_24h":0,"events_7d":47,"geo":{"country_code":"US","country_name":"United States","region":"California","city":"Santa Clara","lat":37.3486,"lon":-121.9732,"asn":14061,"org":"DigitalOcean, LLC"},"source_domain":"prod-barium-sfo2-11.do.binaryedge.ninja","known_scanners":["binaryedge","BinaryEdge"],"scanner_tag":{"key":"binaryedge","label":"BinaryEdge","category":"commercial","url":"https://www.binaryedge.io/"},"cve_matches":[],"top_ports":[{"port":1801,"proto":"tcp","label":"","count":47},{"port":6000,"proto":"tcp","label":"X11","count":47},{"port":49665,"proto":"tcp","label":"","count":46},{"port":10000,"proto":"tcp","label":"Webmin","count":46},{"port":8060,"proto":"tcp","label":"","count":46},{"port":4433,"proto":"tcp","label":"","count":38},{"port":2727,"proto":"tcp","label":"","count":12},{"port":8889,"proto":"tcp","label":"","count":3}],"fingerprints":{"ssh_hassh":[],"tls_ja4":["t13i311000_e8f1e7e78f70_d41ae481755e","t13i3112h1_e8f1e7e78f70_d339722ba4af"],"tls_ja3":["c12b4ccd5320bbb380ca1a9df90f771d"],"ja4h":["ge10nn0000_000000000000","op10nn0000_000000000000","ge11nn0300_dedeb29cc523"]},"fingerprint_peers":{"t13i3112h1_e8f1e7e78f70_d339722ba4af":557,"t13i311000_e8f1e7e78f70_d41ae481755e":606,"ge10nn0000_000000000000":2043,"op10nn0000_000000000000":1197,"ge11nn0300_dedeb29cc523":565},"user_agents":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36"],"timeline":[{"date":"2026-05-16","count":59},{"date":"2026-05-17","count":46},{"date":"2026-05-19","count":3},{"date":"2026-05-20","count":46},{"date":"2026-05-21","count":46},{"date":"2026-06-04","count":38},{"date":"2026-06-22","count":47}],"recent_events":[{"timestamp":"2026-06-22T16:11:43","port":6000,"proto":"tcp","app_proto":"tls","app_protocol":"tls","host":"","headers":"","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":[],"url_path":"","summary":"\u0001I20100\n","payload_hex":"014932303130300a","method":"","user_agent":"","community_id":"1:pZZmB8+qg0L3SoqAIxl5VjZOgao=","ja3":"c12b4ccd5320bbb380ca1a9df90f771d","session":"3e309cf1-2d73-4152-a445-a9d6f8e54185","seq":1,"duration_ms":151,"bytes_in":8,"bytes_out":14,"enriched":{"digest":"14b0bf5196552d7e","strings":["I20100"]}},{"timestamp":"2026-06-22T16:11:41","port":6000,"proto":"tcp","app_proto":"tls","app_protocol":"tls","host":"","headers":"","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":[],"url_path":"","summary":"\u0000\u0000\u0000\u0000\u0000","payload_hex":"0000000000","method":"","user_agent":"","community_id":"1:qAO4bE0LzC/ZOK95Hgo3XwkEV/M=","ja3":"c12b4ccd5320bbb380ca1a9df90f771d","session":"68bb87c7-4130-46d9-bf02-6b91d2c10061","seq":1,"duration_ms":151,"bytes_in":5,"bytes_out":14},{"timestamp":"2026-06-22T16:11:40","port":6000,"proto":"tcp","app_proto":"tls","app_protocol":"rdp","host":"","headers":"","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":[],"url_path":"","summary":"\u0003\u0000\u0000,'�\u0000\u0000\u0000\u0000\u0000Cookie: mstshash=Administrator\r\n\u0001\u0000\b\u0000\u0000\u0000\u0000\u0000","payload_hex":"0300002c27e00000000000436f6f6b69653a206d737473686173683d41646d696e6973747261746f720d0a0100080000000000","method":"","user_agent":"","community_id":"1:hcaQJ4MwHeIEUboecBXNVNsXSjI=","ja3":"c12b4ccd5320bbb380ca1a9df90f771d","session":"9ab5f18e-95c9-4bc7-8461-de2dd49144b0","seq":1,"duration_ms":152,"bytes_in":51,"bytes_out":14,"enriched":{"digest":"56a8af4f4fb4faa0","label":"RDP (X.224)","strings":["Cookie: mstshash=Administrator"]}},{"timestamp":"2026-06-22T16:11:38","port":6000,"proto":"tcp","app_proto":"tls","app_protocol":"dicom","host":"","headers":"","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":[],"url_path":"","summary":"\u0001\u0000\u0000\u0000\u0000�\u0000\u0001\u0000\u0000ANY-SCP\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000FINDSCU\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0010\u0000\u0000\u00151.2.840.10008.3.1.1.1 \u0000\u0000.\u0001\u0000\u0000\u00000\u0000\u0000\u00111.2.840.10008.1.1@\u0000\u0000\u00111.2.840.10008.1.2P\u0000\u0000:Q\u0000\u0000\u0004\u0000\u0000@\u0000R\u0000\u0000\u001e1.2.826.0.1.3680043.2.1396.999U\u0000\u0000\fCharruaVista","payload_hex":"0100000000cd00010000414e592d53435000000000000000000046494e44534355000000000000000000000000000000000000000000000000000000000000000000000000000000000010000015312e322e3834302e31303030382e332e312e312e312000002e0100000030000011312e322e3834302e31303030382e312e3140000011312e322e3834302e31303030382e312e325000003a51000004000040005200001e312e322e3832362e302e312e333638303034332e322e313339362e3939395500000c436861727275615669737461","method":"","user_agent":"","community_id":"1:/a36ViGzVh5aJbovOy8WxJNl7Nc=","ja3":"c12b4ccd5320bbb380ca1a9df90f771d","session":"049bddbc-86a0-4087-ab12-678bc9359f40","seq":1,"duration_ms":151,"bytes_in":211,"bytes_out":14,"enriched":{"digest":"14f9c94d13e59316","label":"DICOM","strings":["ANY-SCP","FINDSCU","1.2.840.10008.3.1.1.1","1.2.840.10008.1.1@","1.2.840.10008.1.2P","1.2.826.0.1.3680043.2.1396.999U","CharruaVista","ANY-SCPFINDSCU","1.2.840.10008.3.1.1.1 .","1.2.840.10008.1.2P:Q"]}},{"timestamp":"2026-06-22T16:11:36","port":6000,"proto":"tcp","app_proto":"tls","app_protocol":"iscsi","host":"","headers":"","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":[],"url_path":"","summary":"\u0003�\u0000\u0000\u0000\u0000\u0000_@\u0000\u00017\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0001\u0000\u0001\u0000\u0000\u0000\u0000\u0000\u0001\u0000\u0000\u0000\u0001\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000InitiatorName=iqn.1991-05.com.microsoft:beio-iscsi-probe\u0000SessionType=Discovery\u0000AuthMethod=None\u0000\u0000","payload_hex":"038100000000005f40000137000000000000000100010000000000010000000100000000000000000000000000000000496e69746961746f724e616d653d69716e2e313939312d30352e636f6d2e6d6963726f736f66743a6265696f2d69736373692d70726f62650053657373696f6e547970653d446973636f7665727900417574684d6574686f643d4e6f6e650000","method":"","user_agent":"","community_id":"1:NXLKYCHicLLlFraFEHf6OAGoUgQ=","ja3":"c12b4ccd5320bbb380ca1a9df90f771d","session":"e2c03855-7e3a-4dc3-942c-1cf6e2a8116f","seq":1,"duration_ms":151,"bytes_in":144,"bytes_out":14,"enriched":{"digest":"482810f8d0264f72","label":"iSCSI","strings":["InitiatorName=iqn.1991-05.com.microsoft:beio-iscsi-probe","SessionType=Discovery","AuthMethod=None","InitiatorName=iqn.1991-05.com.microsoft:beio-iscsi-probeSessionType=DiscoveryAut…"],"iocs":{"domains":["iqn.1991-05.com.microsoft"]}}},{"timestamp":"2026-06-22T16:11:34","port":6000,"proto":"tcp","app_proto":"tls","app_protocol":"tls","host":"","headers":"","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":[],"url_path":"","summary":"\u0000\u0000\u0000\u0001\u0000\u0000\u0000\u0001\u0000\u0000\u0000\u0004\u0000\u0000\u0000\b\u0000\u0000\u0000\u0001\u0000\u0000\u0000\u0000","payload_hex":"000000010000000100000004000000080000000100000000","method":"","user_agent":"","community_id":"1:tp5Xr2SK4oq4YzwM72uK7QMPmP4=","ja3":"c12b4ccd5320bbb380ca1a9df90f771d","session":"cf342af6-a6fb-44d2-a5e6-a6c2eb2e9ea4","seq":1,"duration_ms":151,"bytes_in":24,"bytes_out":14},{"timestamp":"2026-06-22T16:11:32","port":6000,"proto":"tcp","app_proto":"tls","app_protocol":"tls","host":"","headers":"","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":[],"url_path":"","summary":"\u0000�\u0000\u0001\u001a+<M\u0000\u0001\u0000\u0000\u0001\u0000\u0000\u0000\u0000\u0000\u0000\u0001\u0000\u0000\u0000\u0001��\u0000\u0001none\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000beio\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000","payload_hex":"009c00011a2b3c4d00010000010000000000000100000001ffff00016e6f6e650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006265696f000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000","method":"","user_agent":"","community_id":"1:Gsv23DfkR0fe5Lvt4G8CEk+huDo=","ja3":"c12b4ccd5320bbb380ca1a9df90f771d","session":"6c75b9b8-3286-484d-8411-222f35fb0a15","seq":1,"duration_ms":151,"bytes_in":156,"bytes_out":14,"enriched":{"digest":"3415c4d31123c5ba","strings":["none","beio","nonebeio"]}},{"timestamp":"2026-06-22T16:11:30","port":6000,"proto":"tcp","app_proto":"tls","app_protocol":"tls","host":"","headers":"","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":[],"url_path":"","summary":"\u0010\u0000\u0003\u0000LIORL\t\u0000\u0000����\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000c��d\u0001\u0000\u0000\u0000\u0001\u001c \u0002`\u0000h\u0000t\u0000t\u0000p\u0000:\u0000/\u0000/\u00001\u00009\u00002\u0000.\u00001\u00006\u00008\u0000.\u00001\u00000\u0000.\u00001\u00000\u00000\u0000/\u0000m\u0000s\u0000m\u0000q\u0000/\u0000p\u0000r\u0000i\u0000v\u0000a\u0000t\u0000e\u0000$\u0000/\u0000q\u0000u\u0000e\u0000u\u0000e\u0000j\u0000u\u0000m\u0000p\u0000e\u0000r\u0000\u0000\u0000\u0000\u0000\u0000\u0004\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000p\u0000o\u0000c\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u001b\u0002\u0000\u0000<\u0000s\u0000e\u0000:\u0000E\u0000n\u0000v\u0000e\u0000l\u0000o\u0000p\u0000e\u0000 \u0000x\u0000m\u0000l\u0000n\u0000s\u0000:\u0000s\u0000e\u0000=\u0000\"\u0000h\u0000t\u0000t\u0000p\u0000:\u0000/\u0000/\u0000s\u0000c\u0000h\u0000e\u0000m\u0000a\u0000s\u0000.\u0000x\u0000m\u0000l\u0000s\u0000o\u0000a\u0000p\u0000.\u0000o\u0000r\u0000g\u0000/\u0000s\u0000o\u0000a\u0000p\u0000/\u0000e\u0000n\u0000v\u0000e\u0000l\u0000o\u0000p\u0000e\u0000/\u0000\"\u0000 \u0000\r\u0000\n\u0000x\u0000m\u0000l\u0000n\u0000s\u0000=\u0000\"\u0000h\u0000t\u0000t\u0000p\u0000:\u0000/\u0000/\u0000s\u0000c\u0000h\u0000e\u0000m\u0000a\u0000s\u0000.\u0000x\u0000m\u0000l\u0000s\u0000o\u0000a\u0000p\u0000.\u0000o\u0000r\u0000g\u0000/\u0000s\u0000r\u0000m\u0000p\u0000/\u0000\"\u0000>\u0000\r\u0000\n\u0000<\u0000s\u0000e\u0000:\u0000H\u0000e\u0000a\u0000d\u0000e\u0000r\u0000>\u0000\r\u0000\n\u0000 \u0000<\u0000p\u0000a\u0000t\u0000h\u0000 \u0000x\u0000m\u0000l\u0000n\u0000s\u0000=\u0000\"\u0000h\u0000t\u0000t\u0000p\u0000:\u0000/\u0000/\u0000s\u0000c\u0000h\u0000e\u0000m\u0000a\u0000s\u0000.\u0000x\u0000m\u0000l\u0000s\u0000o\u0000a\u0000p\u0000.\u0000o\u0000r\u0000g\u0000/\u0000r\u0000p\u0000/\u0000\"\u0000 \u0000s\u0000e\u0000:\u0000m\u0000u\u0000s\u0000t\u0000U\u0000n\u0000d\u0000e\u0000r\u0000s\u0000t\u0000a\u0000n\u0000d\u0000=\u0000\"\u00001\u0000\"\u0000>\u0000\r\u0000\n\u0000 \u0000 \u0000 \u0000<\u0000a\u0000c\u0000t\u0000i\u0000o\u0000n\u0000>\u0000M\u0000S\u0000M\u0000Q\u0000:\u0000p\u0000o\u0000c\u0000<\u0000/\u0000a\u0000c\u0000t\u0000i\u0000o\u0000n\u0000>\u0000\r\u0000\n\u0000 \u0000 \u0000 \u0000<\u0000t\u0000o\u0000>\u0000h\u0000t\u0000t\u0000p\u0000:\u0000/\u0000/\u00001\u00009\u00002\u0000.\u00001\u00006\u00008\u0000.\u00001\u00000\u0000.\u00001\u00000\u00000\u0000/\u0000m\u0000s\u0000m\u0000q\u0000/\u0000p\u0000r\u0000i\u0000v\u0000a\u0000t\u0000e\u0000$\u0000/\u0000q\u0000u\u0000e\u0000u\u0000e\u0000j\u0000u\u0000m\u0000p\u0000e\u0000r\u0000<\u0000/\u0000t\u0000o\u0000>\u0000\r\u0000\n\u0000 \u0000 \u0000 \u0000<\u0000i\u0000d\u0000>\u0000u\u0000u\u0000i\u0000d\u0000:\u00001\u0000@\u00000\u00000\u00000\u00000\u00000\u00000\u00000\u00000\u0000-\u00000\u00000\u00000\u00000\u0000-\u00000\u00000\u00000\u00000\u0000-\u00000\u00000\u00000\u00000\u0000-\u00000\u00000\u00000\u00000\u00000\u00000\u00000\u00000\u00000\u00000\u00000\u00000\u0000<\u0000/\u0000i\u0000d\u0000>\u0000\r\u0000\n\u0000 \u0000<\u0000/\u0000p\u0000a\u0000t\u0000h\u0000>\u0000\r\u0000\n\u0000 \u0000<\u0000p\u0000r\u0000o\u0000p\u0000e\u0000r\u0000t\u0000i\u0000e\u0000s\u0000 \u0000s\u0000e\u0000:\u0000m\u0000u\u0000s\u0000t\u0000U\u0000n\u0000d\u0000e\u0000r\u0000s\u0000t\u0000a\u0000n\u0000d\u0000=\u0000\"\u00001\u0000\"\u0000>\u0000\r\u0000\n\u0000 \u0000 \u0000 \u0000<\u0000e\u0000x\u0000p\u0000i\u0000r\u0000e\u0000s\u0000A\u0000t\u0000>\u00002\u00000\u00006\u00000\u00000\u00006\u00000\u00009\u0000T\u00001\u00006\u00004\u00004\u00001\u00009\u0000<\u0000/\u0000e\u0000x\u0000p\u0000i\u0000r\u0000e\u0000s\u0000A\u0000t\u0000>\u0000\r\u0000\n\u0000 \u0000 \u0000 \u0000<\u0000s\u0000e\u0000n\u0000t\u0000A\u0000t\u0000>\u00002\u00000\u00002\u00003\u00000\u00007\u00002\u00004\u0000T\u00001\u00006\u00004\u00004\u00001\u00009\u0000<\u0000/\u0000s\u0000e\u0000n\u0000t\u0000A\u0000t\u0000>\u0000\r\u0000\n\u0000 \u0000<\u0000/\u0000p\u0000r\u0000o\u0000p\u0000e\u0000r\u0000t\u0000i\u0000e\u0000s\u0000>\u0000\r\u0000\n\u0000<\u0000/\u0000s\u0000e\u0000:\u0000H\u0000e\u0000a\u0000d\u0000e\u0000r\u0000>\u0000\r\u0000\n\u0000<\u0000s\u0000e\u0000:\u0000B\u0000o\u0000d\u0000y\u0000>\u0000<\u0000/\u0000s\u0000e\u0000:\u0000B\u0000o\u0000d\u0000y\u0000>\u0000\r\u0000\n\u0000<\u0000/\u0000s\u0000e\u0000:\u0000E\u0000n\u0000v\u0000e\u0000l\u0000o\u0000p\u0000e\u0000>\u0000\r\u0000\n\u0000\r\u0000\n\u0000\u0000\u0000\u0000\u0000�\u0001\u0000\u0000\f\u0004\u0000\u0000\u0007\u0000\u0000\u0000�\u0003\u0000\u0000POST /msmq HTTP/1.1\r\nContent-Length: 816\r\nContent-Type: multipart/related; boundary=\"MSMQ - SOAP boundary, 53287\"; type=text/xml\r\nHost: 192.168.10.100\r\nSOAPAction: \"MSMQMessage\"\r\nProxy-Accept: NonInteractiveClient\r\n\r\n--MSMQ - SOAP boundary, 53287\r\nContent-Type: text/xml; charset=UTF-8\r\nContent-Length: 606\r\n\r\n<se:Envelope xmlns:se=\"http://schemas.xmlsoap.org/soap/envelope/\" \r\nxmlns=\"http://schemas.xmlsoap.org/srmp/\">\r\n<se:Header>\r\n <path xmlns=\"http://schemas.xmlsoap.org/rp/\" se:mustUnderstand=\"1\">\r\n   <action>MSMQ:poc</action>\r\n   <to>http://192.168.10.100/msmq/private$/queuejumper</to>\r\n   <id>uuid:1@00000000-0000-0000-0000-000000000000</id>\r\n </path>\r\n <properties se:mustUnderstand=\"1\">\r\n   <expiresAt>20600609T164419</expiresAt>\r\n   <sentAt>20230724T164419</sentAt>\r\n </properties>\r\n</se:Header>\r\n<se:Body></se:Body>\r\n</se:Envelope>\r\n\r\n--MSMQ - SOAP boundary, 53287\r\nContent-Type: application/octet-stream\r\nContent-Length: 7\r\nContent-Id: body@ff3af301-3196-497a-a918-72147c871a13\r\n\r\nMessage\r\n--MSMQ - SOAP boundary, 53287--\u0000\f\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000","payload_hex":"100003004c494f524c090000ffffffff00000000000000000000000000000000000000000000000000000000000000000000000063aabe6401000000011c2002600068007400740070003a002f002f003100390032002e003100360038002e00310030002e003100300030002f006d0073006d0071002f00700072006900760061007400650024002f00710075006500750065006a0075006d0070006500720000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000070006f0063000000000000001b0200003c00730065003a0045006e00760065006c006f0070006500200078006d006c006e0073003a00730065003d00220068007400740070003a002f002f0073006300680065006d00610073002e0078006d006c0073006f00610070002e006f00720067002f0073006f00610070002f0065006e00760065006c006f00700065002f00220020000d000a0078006d006c006e0073003d00220068007400740070003a002f002f0073006300680065006d00610073002e0078006d006c0073006f00610070002e006f00720067002f00730072006d0070002f0022003e000d000a003c00730065003a004800650061006400650072003e000d000a0020003c007000610074006800200078006d006c006e0073003d00220068007400740070003a002f002f0073006300680065006d00610073002e0078006d006c0073006f00610070002e006f00720067002f00720070002f0022002000730065003a006d0075007300740055006e006400650072007300740061006e0064003d002200310022003e000d000a002000200020003c0061006300740069006f006e003e004d0053004d0051003a0070006f0063003c002f0061006300740069006f006e003e000d000a002000200020003c0074006f003e0068007400740070003a002f002f003100390032002e003100360038002e00310030002e003100300030002f006d0073006d0071002f00700072006900760061007400650024002f00710075006500750065006a0075006d007000650072003c002f0074006f003e000d000a002000200020003c00690064003e0075007500690064003a0031004000300030003000300030003000300030002d0030003000300030002d0030003000300030002d0030003000300030002d003000300030003000300030003000300030003000300030003c002f00690064003e000d000a0020003c002f0070006100740068003e000d000a0020003c00700072006f0070006500720074006900650073002000730065003a006d0075007300740055006e006400650072007300740061006e0064003d002200310022003e000d000a002000200020003c006500780070006900720065007300410074003e003200300036003000300036003000390054003100360034003400310039003c002f006500780070006900720065007300410074003e000d000a002000200020003c00730065006e007400410074003e003200300032003300300037003200340054003100360034003400310039003c002f00730065006e007400410074003e000d000a0020003c002f00700072006f0070006500720074006900650073003e000d000a003c002f00730065003a004800650061006400650072003e000d000a003c00730065003a0042006f00640079003e003c002f00730065003a0042006f00640079003e000d000a003c002f00730065003a0045006e00760065006c006f00700065003e000d000a000d000a0000000000f40100000c04000007000000e3030000504f5354202f6d736d7120485454502f312e310d0a436f6e74656e742d4c656e6774683a203831360d0a436f6e74656e742d547970653a206d756c7469706172742f72656c617465643b20626f756e646172793d224d534d51202d20534f415020626f756e646172792c203533323837223b20747970653d746578742f786d6c0d0a486f73743a203139322e3136382e31302e3130300d0a534f4150416374696f6e3a20224d534d514d657373616765220d0a50726f78792d4163636570743a204e6f6e496e746572616374697665436c69656e740d0a0d0a2d2d4d534d51202d20534f415020626f756e646172792c2035333238370d0a436f6e74656e742d547970653a20746578742f786d6c3b20636861727365743d5554462d380d0a436f6e74656e742d4c656e6774683a203630360d0a0d0a3c73653a456e76656c6f706520786d6c6e733a73653d22687474703a2f2f736368656d61732e786d6c736f61702e6f72672f736f61702f656e76656c6f70652f22200d0a786d6c6e733d22687474703a2f2f736368656d61732e786d6c736f61702e6f72672f73726d702f223e0d0a3c73653a4865616465723e0d0a203c7061746820786d6c6e733d22687474703a2f2f736368656d61732e786d6c736f61702e6f72672f72702f222073653a6d757374556e6465727374616e643d2231223e0d0a2020203c616374696f6e3e4d534d513a706f633c2f616374696f6e3e0d0a2020203c746f3e687474703a2f2f3139322e3136382e31302e3130302f6d736d712f70726976617465242f71756575656a756d7065723c2f746f3e0d0a2020203c69643e757569643a314030303030303030302d303030302d303030302d303030302d3030303030303030303030303c2f69643e0d0a203c2f706174683e0d0a203c70726f706572746965732073653a6d757374556e6465727374616e643d2231223e0d0a2020203c6578706972657341743e3230363030363039543136343431393c2f6578706972657341743e0d0a2020203c73656e7441743e3230323330373234543136343431393c2f73656e7441743e0d0a203c2f70726f706572746965733e0d0a3c2f73653a4865616465723e0d0a3c73653a426f64793e3c2f73653a426f64793e0d0a3c2f73653a456e76656c6f70653e0d0a0d0a2d2d4d534d51202d20534f415020626f756e646172792c2035333238370d0a436f6e74656e742d547970653a206170706c69636174696f6e2f6f637465742d73747265616d0d0a436f6e74656e742d4c656e6774683a20370d0a436f6e74656e742d49643a20626f64794066663361663330312d333139362d343937612d613931382d3732313437633837316131330d0a0d0a4d6573736167650d0a2d2d4d534d51202d20534f415020626f756e646172792c2035333238372d2d000c0000000000000000000000","method":"","user_agent":"","community_id":"1:fqtfcMQCLv+zXQH/e69MEGjFhfE=","ja3":"c12b4ccd5320bbb380ca1a9df90f771d","session":"2e3448ae-2371-4ec2-9a5d-24ec83f4c958","seq":1,"duration_ms":151,"bytes_in":2380,"bytes_out":14,"enriched":{"digest":"45c6f72bb5aeb522","strings":["LIORL","POST /msmq HTTP/1.1","Content-Length: 816","Content-Type: multipart/related; boundary=\"MSMQ - SOAP boundary, 53287\"; type=te…","Host: 192.168.10.100","SOAPAction: \"MSMQMessage\"","Proxy-Accept: NonInteractiveClient","--MSMQ - SOAP boundary, 53287","Content-Type: text/xml; charset=UTF-8","Content-Length: 606"],"iocs":{"ips":["192.168.10.100"]}}},{"timestamp":"2026-06-22T16:11:29","port":6000,"proto":"tcp","app_proto":"tls","app_protocol":"tls","host":"","headers":"","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":[],"url_path":"","summary":"\u0000\u000e87�&\b�\u001b��\u0000\u0000\u0000\u0000\u0000","payload_hex":"000e3837a52608a21ba0b10000000000","method":"","user_agent":"","community_id":"1:iMxAFlM788dmXop7KDj3DY2LrTA=","ja3":"c12b4ccd5320bbb380ca1a9df90f771d","session":"dfefe45b-cabd-414b-bbf9-a509c7b5b988","seq":1,"duration_ms":151,"bytes_in":16,"bytes_out":14},{"timestamp":"2026-06-22T16:11:27","port":6000,"proto":"tcp","app_proto":"tls","app_protocol":"corba","host":"","headers":"","body":"","sni":"","tls_cipher":"TLS_AES_128_GCM_SHA256","tls_version":"TLSv1.3","alpn":[],"url_path":"","summary":"GIOP\u0001\u0000\u0001\u0000$\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0001\u0000\u0000\u0000\u0001\u0000\u0000\u0000\u0006\u0000\u0000\u0000abcdef\u0000\u0000\u0004\u0000\u0000\u0000get\u0000\u0000\u0000\u0000\u0000","payload_hex":"47494f500100010024000000000000000100000001000000060000006162636465660000040000006765740000000000","method":"","user_agent":"","community_id":"1:OAeEQ5tvwj23a84MucGWilfuRP4=","ja3":"c12b4ccd5320bbb380ca1a9df90f771d","session":"a905a31d-3b3a-43e2-ba9d-8ff858d3ca87","seq":1,"duration_ms":151,"bytes_in":48,"bytes_out":14,"enriched":{"digest":"2172ddff8435bc68","label":"CORBA (GIOP)","strings":["GIOP","abcdef"]}}],"http_methods":[{"method":"GET","count":21},{"method":"OPTIONS","count":11}],"distinct_ports_total":8,"top_paths":[{"path":"/","count":26,"ports":8},{"path":"/nice%20ports%2C/Tri%6Eity.txt%2ebak","count":6,"ports":6}],"distinct_paths_total":2,"top_snis":[],"top_hosts":[],"top_alpns":[{"value":"http/1.1","count":3}],"banners":[],"credentials":[],"header_profile":null,"tags":[],"data_as_of":"2026-06-25T12:47:20.938240+00:00"}