{"ip":"176.97.114.211","total_events":20,"verdict":{"verdict":"probing","label":"Low-level probing","detail":null,"confidence":"low","network_type":null,"why":["20 event(s), fewer than 10 distinct ports, no exploit payloads.","Not in any known-scanner range."]},"first_seen":"2026-06-26T09:22:42","last_seen":"2026-06-28T21:13:10","events_24h":0,"events_7d":12,"geo":{"country_code":"UA","country_name":"Ukraine","region":"Kyiv City","city":"Kyiv","lat":50.458,"lon":30.5303,"asn":6698,"org":"Virtual Systems LLC"},"source_domain":"schinner.verdexus.us","known_scanners":[],"scanner_tag":null,"cve_matches":[],"malware":[],"top_ports":[{"port":2053,"proto":"tcp","label":"","count":20}],"fingerprints":{"ssh_hassh":[],"tls_ja4":[],"tls_ja3":[],"ja4h":[]},"fingerprint_peers":{},"user_agents":[],"timeline":[{"date":"2026-06-26","count":8},{"date":"2026-06-28","count":12}],"recent_events":[{"timestamp":"2026-06-28T21:13:10","port":2053,"proto":"tcp","app_proto":"","app_protocol":"tpkt","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0003\u0000\u0000\u0013\u000e�\u0000\u0000\u0000\u0000\u0000\u0001\u0000\b\u0000\u0003\u0000\u0000\u0000","payload_hex":"030000130ee000000000000100080003000000","method":"","user_agent":"","community_id":"1:WsvrOa5qbKuHEITshyE5Kpv9Ajg=","ja3":"","session":"76643f3b-bcbc-41c6-9045-acf0f49ad1f9","seq":1,"duration_ms":100,"bytes_in":19,"bytes_out":14,"enriched":{"digest":"fa962c48ab1145cc","label":"TPKT / COTP (ISO-TSAP)"}},{"timestamp":"2026-06-28T20:49:28","port":2053,"proto":"tcp","app_proto":"","app_protocol":"rdp","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0003\u0000\u0000+&�\u0000\u0000\u0000\u0000\u0000Cookie: mstshash=hello\r\n\u0001\u0000\b\u0000\u0003\u0000\u0000\u0000","payload_hex":"0300002b26e00000000000436f6f6b69653a206d737473686173683d68656c6c6f0d0a0100080003000000","method":"","user_agent":"","community_id":"1:KhWeV2JKgSJUrOjAvgtvLyXgpcE=","ja3":"","session":"d8e79662-c3de-4650-8407-ca08e7ff8e34","seq":1,"duration_ms":100,"bytes_in":43,"bytes_out":14,"enriched":{"digest":"2a9e9bfa45800f63","label":"RDP (X.224)","strings":["Cookie: mstshash=hello"]}},{"timestamp":"2026-06-28T20:35:03","port":2053,"proto":"tcp","app_proto":"","app_protocol":"rdp","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0003\u0000\u0000+&�\u0000\u0000\u0000\u0000\u0000Cookie: mstshash=hello\r\n\u0001\u0000\b\u0000\u0003\u0000\u0000\u0000","payload_hex":"0300002b26e00000000000436f6f6b69653a206d737473686173683d68656c6c6f0d0a0100080003000000","method":"","user_agent":"","community_id":"1:qEaY1ri0lAafOphySvo5QUS9vMQ=","ja3":"","session":"eb23edc4-22b2-447b-9534-5bedd8ef5dd7","seq":1,"duration_ms":100,"bytes_in":43,"bytes_out":14,"enriched":{"digest":"2a9e9bfa45800f63","label":"RDP (X.224)","strings":["Cookie: mstshash=hello"]}},{"timestamp":"2026-06-28T20:24:44","port":2053,"proto":"tcp","app_proto":"","app_protocol":"rdp","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0003\u0000\u0000+&�\u0000\u0000\u0000\u0000\u0000Cookie: mstshash=hello\r\n\u0001\u0000\b\u0000\u0003\u0000\u0000\u0000","payload_hex":"0300002b26e00000000000436f6f6b69653a206d737473686173683d68656c6c6f0d0a0100080003000000","method":"","user_agent":"","community_id":"1:PQnpzaWhm80zhO0yzfJnJPTt5mk=","ja3":"","session":"bc2d1620-a483-46b9-9fa8-393ff995c8bd","seq":1,"duration_ms":100,"bytes_in":43,"bytes_out":14,"enriched":{"digest":"2a9e9bfa45800f63","label":"RDP (X.224)","strings":["Cookie: mstshash=hello"]}},{"timestamp":"2026-06-28T20:15:29","port":2053,"proto":"tcp","app_proto":"","app_protocol":"rdp","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0003\u0000\u0000+&�\u0000\u0000\u0000\u0000\u0000Cookie: mstshash=hello\r\n\u0001\u0000\b\u0000\u0003\u0000\u0000\u0000","payload_hex":"0300002b26e00000000000436f6f6b69653a206d737473686173683d68656c6c6f0d0a0100080003000000","method":"","user_agent":"","community_id":"1:bGhFYBfYEVt5VVpdYiAya1mwZ2s=","ja3":"","session":"9ee2103e-79d5-4f66-98a2-9f747bdb0bb9","seq":1,"duration_ms":100,"bytes_in":43,"bytes_out":14,"enriched":{"digest":"2a9e9bfa45800f63","label":"RDP (X.224)","strings":["Cookie: mstshash=hello"]}},{"timestamp":"2026-06-28T20:07:17","port":2053,"proto":"tcp","app_proto":"","app_protocol":"rdp","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0003\u0000\u0000+&�\u0000\u0000\u0000\u0000\u0000Cookie: mstshash=hello\r\n\u0001\u0000\b\u0000\u0003\u0000\u0000\u0000","payload_hex":"0300002b26e00000000000436f6f6b69653a206d737473686173683d68656c6c6f0d0a0100080003000000","method":"","user_agent":"","community_id":"1:qu+oAWDOp9YQsWjYqf7x2QgMyM8=","ja3":"","session":"fc2740ce-62e1-4abb-9a2d-e80ccc55af04","seq":1,"duration_ms":100,"bytes_in":43,"bytes_out":14,"enriched":{"digest":"2a9e9bfa45800f63","label":"RDP (X.224)","strings":["Cookie: mstshash=hello"]}},{"timestamp":"2026-06-28T20:00:24","port":2053,"proto":"tcp","app_proto":"","app_protocol":"rdp","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0003\u0000\u0000+&�\u0000\u0000\u0000\u0000\u0000Cookie: mstshash=hello\r\n\u0001\u0000\b\u0000\u0003\u0000\u0000\u0000","payload_hex":"0300002b26e00000000000436f6f6b69653a206d737473686173683d68656c6c6f0d0a0100080003000000","method":"","user_agent":"","community_id":"1:UeNHFYNaRoQBKOXCWeaSMJkfGsI=","ja3":"","session":"12bdb69b-97df-4812-a355-2e4157e4c685","seq":1,"duration_ms":100,"bytes_in":43,"bytes_out":14,"enriched":{"digest":"2a9e9bfa45800f63","label":"RDP (X.224)","strings":["Cookie: mstshash=hello"]}},{"timestamp":"2026-06-28T19:53:46","port":2053,"proto":"tcp","app_proto":"","app_protocol":"rdp","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0003\u0000\u0000+&�\u0000\u0000\u0000\u0000\u0000Cookie: mstshash=hello\r\n\u0001\u0000\b\u0000\u0003\u0000\u0000\u0000","payload_hex":"0300002b26e00000000000436f6f6b69653a206d737473686173683d68656c6c6f0d0a0100080003000000","method":"","user_agent":"","community_id":"1:Gmfi+zP0vQm//g7Y9Cxfa9YI8qA=","ja3":"","session":"4f59a833-34d7-4a28-90c3-c23e3074a7b6","seq":1,"duration_ms":100,"bytes_in":43,"bytes_out":14,"enriched":{"digest":"2a9e9bfa45800f63","label":"RDP (X.224)","strings":["Cookie: mstshash=hello"]}},{"timestamp":"2026-06-28T19:47:37","port":2053,"proto":"tcp","app_proto":"","app_protocol":"rdp","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0003\u0000\u0000+&�\u0000\u0000\u0000\u0000\u0000Cookie: mstshash=hello\r\n\u0001\u0000\b\u0000\u0003\u0000\u0000\u0000","payload_hex":"0300002b26e00000000000436f6f6b69653a206d737473686173683d68656c6c6f0d0a0100080003000000","method":"","user_agent":"","community_id":"1:xsKjNp9vCMSUd8BR71IKMtWQJQs=","ja3":"","session":"b96fdd4a-a286-4a22-802d-9cd6dfb26d5a","seq":1,"duration_ms":100,"bytes_in":43,"bytes_out":14,"enriched":{"digest":"2a9e9bfa45800f63","label":"RDP (X.224)","strings":["Cookie: mstshash=hello"]}},{"timestamp":"2026-06-28T19:41:58","port":2053,"proto":"tcp","app_proto":"","app_protocol":"rdp","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0003\u0000\u0000+&�\u0000\u0000\u0000\u0000\u0000Cookie: mstshash=hello\r\n\u0001\u0000\b\u0000\u0003\u0000\u0000\u0000","payload_hex":"0300002b26e00000000000436f6f6b69653a206d737473686173683d68656c6c6f0d0a0100080003000000","method":"","user_agent":"","community_id":"1:vOqcTaAwjLBmZ15597UnJ4qjkGI=","ja3":"","session":"9263c83d-7f05-4388-b1d7-82abe1ee6fa3","seq":1,"duration_ms":100,"bytes_in":43,"bytes_out":14,"enriched":{"digest":"2a9e9bfa45800f63","label":"RDP (X.224)","strings":["Cookie: mstshash=hello"]}}],"http_methods":[],"distinct_ports_total":1,"top_paths":[],"distinct_paths_total":0,"top_snis":[],"top_hosts":[],"top_alpns":[],"banners":[],"credentials":[],"header_profile":null,"tags":[],"data_as_of":"2026-07-04T22:43:29.931947+00:00"}