{"ip":"101.255.21.88","exported_at":"2026-06-18T02:27:20+00:00","period_days":30,"metrics":{"events7d":0,"distinct_ports":0,"distinct_classifications":0,"max_severity":null,"last_sensor_id":"paris-1","max_waf_score":null,"max_risk_score":0,"attack_stage":null,"attack_chain_stage":null,"threat_family":[],"recommended_action":null,"confidence":null,"risk_breakdown":[],"mitre_tactics":[],"mitre_technique":null,"top_mitre_technique":null,"top_mitre_count":null,"executive_one_liner_fr":null,"campaign_hint_fr":null,"confidence_breakdown":[],"persona_hostname":null,"correlation_flags":[],"correlation_flags_labels_fr":[],"confidence_pct":null,"confidence_hint_fr":null,"sensor_role_label_fr":null,"tags_summary_labels_fr":[],"tags_summary":[],"attack_vector":null,"protocol_details":[],"protocol_summary_fr":null,"evidence_snippet":null,"target_port_label":null,"emulator_service":null,"confidence_reason":null,"classification_reason":null,"classification_reason_label_fr":null,"confidence_factors_fr":null,"payload_preview":null},"events":[{"id":7732056,"ip":"101.255.21.88","ts":"2026-05-26 02:39:10.000000","proto":"tcp","src_port":59180,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7732046,"ip":"101.255.21.88","ts":"2026-05-26 02:38:53.000000","proto":"tcp","src_port":56091,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7732040,"ip":"101.255.21.88","ts":"2026-05-26 02:38:36.000000","proto":"tcp","src_port":53211,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7732034,"ip":"101.255.21.88","ts":"2026-05-26 02:38:19.000000","proto":"tcp","src_port":50127,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7732025,"ip":"101.255.21.88","ts":"2026-05-26 02:38:02.000000","proto":"tcp","src_port":63620,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7732022,"ip":"101.255.21.88","ts":"2026-05-26 02:37:45.000000","proto":"tcp","src_port":60615,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7732017,"ip":"101.255.21.88","ts":"2026-05-26 02:37:28.000000","proto":"tcp","src_port":57469,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7732005,"ip":"101.255.21.88","ts":"2026-05-26 02:37:11.000000","proto":"tcp","src_port":54409,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731996,"ip":"101.255.21.88","ts":"2026-05-26 02:36:54.000000","proto":"tcp","src_port":51497,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731992,"ip":"101.255.21.88","ts":"2026-05-26 02:36:38.000000","proto":"tcp","src_port":64995,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731989,"ip":"101.255.21.88","ts":"2026-05-26 02:36:21.000000","proto":"tcp","src_port":62080,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731987,"ip":"101.255.21.88","ts":"2026-05-26 02:36:04.000000","proto":"tcp","src_port":59233,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731983,"ip":"101.255.21.88","ts":"2026-05-26 02:35:47.000000","proto":"tcp","src_port":56356,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731978,"ip":"101.255.21.88","ts":"2026-05-26 02:35:30.000000","proto":"tcp","src_port":53470,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731967,"ip":"101.255.21.88","ts":"2026-05-26 02:35:13.000000","proto":"tcp","src_port":50589,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731963,"ip":"101.255.21.88","ts":"2026-05-26 02:34:56.000000","proto":"tcp","src_port":64079,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731954,"ip":"101.255.21.88","ts":"2026-05-26 02:34:39.000000","proto":"tcp","src_port":61195,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731946,"ip":"101.255.21.88","ts":"2026-05-26 02:34:22.000000","proto":"tcp","src_port":58411,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731940,"ip":"101.255.21.88","ts":"2026-05-26 02:34:05.000000","proto":"tcp","src_port":55454,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731932,"ip":"101.255.21.88","ts":"2026-05-26 02:33:48.000000","proto":"tcp","src_port":52571,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731931,"ip":"101.255.21.88","ts":"2026-05-26 02:33:32.000000","proto":"tcp","src_port":49724,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731929,"ip":"101.255.21.88","ts":"2026-05-26 02:33:15.000000","proto":"tcp","src_port":63153,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731921,"ip":"101.255.21.88","ts":"2026-05-26 02:32:58.000000","proto":"tcp","src_port":60367,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731916,"ip":"101.255.21.88","ts":"2026-05-26 02:32:41.000000","proto":"tcp","src_port":57497,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731872,"ip":"101.255.21.88","ts":"2026-05-26 02:32:24.000000","proto":"tcp","src_port":54602,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731864,"ip":"101.255.21.88","ts":"2026-05-26 02:32:07.000000","proto":"tcp","src_port":51722,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731857,"ip":"101.255.21.88","ts":"2026-05-26 02:31:50.000000","proto":"tcp","src_port":65386,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731849,"ip":"101.255.21.88","ts":"2026-05-26 02:31:33.000000","proto":"tcp","src_port":62498,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731843,"ip":"101.255.21.88","ts":"2026-05-26 02:31:16.000000","proto":"tcp","src_port":59604,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731841,"ip":"101.255.21.88","ts":"2026-05-26 02:30:59.000000","proto":"tcp","src_port":56713,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731832,"ip":"101.255.21.88","ts":"2026-05-26 02:30:42.000000","proto":"tcp","src_port":53918,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731830,"ip":"101.255.21.88","ts":"2026-05-26 02:30:25.000000","proto":"tcp","src_port":51126,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731827,"ip":"101.255.21.88","ts":"2026-05-26 02:30:09.000000","proto":"tcp","src_port":64605,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731825,"ip":"101.255.21.88","ts":"2026-05-26 02:29:52.000000","proto":"tcp","src_port":61700,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731821,"ip":"101.255.21.88","ts":"2026-05-26 02:29:35.000000","proto":"tcp","src_port":58781,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731815,"ip":"101.255.21.88","ts":"2026-05-26 02:29:18.000000","proto":"tcp","src_port":55983,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731796,"ip":"101.255.21.88","ts":"2026-05-26 02:29:01.000000","proto":"tcp","src_port":53188,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731794,"ip":"101.255.21.88","ts":"2026-05-26 02:28:44.000000","proto":"tcp","src_port":50290,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731786,"ip":"101.255.21.88","ts":"2026-05-26 02:28:27.000000","proto":"tcp","src_port":63769,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731782,"ip":"101.255.21.88","ts":"2026-05-26 02:28:10.000000","proto":"tcp","src_port":60874,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731771,"ip":"101.255.21.88","ts":"2026-05-26 02:27:53.000000","proto":"tcp","src_port":58106,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731760,"ip":"101.255.21.88","ts":"2026-05-26 02:27:36.000000","proto":"tcp","src_port":55220,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731758,"ip":"101.255.21.88","ts":"2026-05-26 02:27:19.000000","proto":"tcp","src_port":52309,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731754,"ip":"101.255.21.88","ts":"2026-05-26 02:27:03.000000","proto":"tcp","src_port":49297,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731744,"ip":"101.255.21.88","ts":"2026-05-26 02:26:46.000000","proto":"tcp","src_port":62664,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731735,"ip":"101.255.21.88","ts":"2026-05-26 02:26:29.000000","proto":"tcp","src_port":59761,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731723,"ip":"101.255.21.88","ts":"2026-05-26 02:26:12.000000","proto":"tcp","src_port":56973,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731716,"ip":"101.255.21.88","ts":"2026-05-26 02:25:55.000000","proto":"tcp","src_port":54113,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731715,"ip":"101.255.21.88","ts":"2026-05-26 02:25:38.000000","proto":"tcp","src_port":51196,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116},{"id":7731713,"ip":"101.255.21.88","ts":"2026-05-26 02:25:21.000000","proto":"tcp","src_port":64658,"dst_port":135,"service":"msrpc","classification":"msrpc","waf_score":null,"waf_tags":null,"http_method":null,"http_target":null,"sensor_id":"paris-1","meta":"{\u0022bytes_in\u0022: 116, \u0022payload_entropy\u0022: 4.051188106860829, \u0022port_category\u0022: \u0022well_known\u0022, \u0022org\u0022: \u0022PT Remala Abadi\u0022, \u0022service\u0022: \u0022msrpc\u0022, \u0022app_proto\u0022: \u0022msrpc\u0022, \u0022asn\u0022: 38511, \u0022country\u0022: \u0022ID\u0022, \u0022tag_count\u0022: 0, \u0022anomaly_count\u0022: 0, \u0022risk_score\u0022: 0, \u0022campaign_key\u0022: \u00224ca75bafedc497ca4fec409b1a394b80b467a571\u0022, \u0022event_fingerprint\u0022: \u0022ee04cb302187f8727d545b1eea4782a6fc19fb64\u0022}","tls_sni":null,"tls_ja3_hash":null,"tls_ja3":null,"http_version":null,"http_host":null,"http_user_agent":null,"http_referer":null,"tags":"[]","anomalies":"[]","severity":0,"bytes_in":116}],"total_events":511}