{"ip":"80.66.83.80","total_events":19541,"verdict":{"verdict":"scanning","label":"Unrecognized scanner","detail":"1077+ ports swept","confidence":"medium","network_type":null,"why":["No exploit payloads observed.","Swept 1077 distinct ports (threshold for a sweep is 10).","Not in any known-scanner range."]},"first_seen":"2026-03-25T18:53:20","last_seen":"2026-07-05T08:08:30","events_24h":313,"events_7d":1843,"geo":{"country_code":"RU","country_name":"Russia","region":"","city":"","lat":55.7386,"lon":37.6068,"asn":216473,"org":"Bashinskii Vadim Ruslanovich"},"source_domain":null,"known_scanners":[],"scanner_tag":null,"cve_matches":[],"malware":[],"top_ports":[{"port":3390,"proto":"tcp","label":"","count":1015},{"port":3391,"proto":"tcp","label":"","count":900},{"port":3393,"proto":"tcp","label":"","count":739},{"port":3392,"proto":"tcp","label":"","count":738},{"port":3389,"proto":"tcp","label":"RDP","count":643},{"port":3388,"proto":"tcp","label":"","count":586},{"port":3395,"proto":"tcp","label":"","count":581},{"port":3394,"proto":"tcp","label":"","count":564},{"port":3399,"proto":"tcp","label":"","count":428},{"port":3397,"proto":"tcp","label":"","count":423},{"port":3398,"proto":"tcp","label":"","count":422},{"port":3396,"proto":"tcp","label":"","count":420},{"port":13389,"proto":"tcp","label":"","count":104},{"port":53389,"proto":"tcp","label":"","count":103},{"port":23389,"proto":"tcp","label":"","count":98}],"fingerprints":{"ssh_hassh":[],"tls_ja4":[],"tls_ja3":[],"ja4h":[]},"fingerprint_peers":{},"user_agents":[],"timeline":[{"date":"2026-04-06","count":46},{"date":"2026-04-07","count":248},{"date":"2026-04-08","count":200},{"date":"2026-04-09","count":188},{"date":"2026-04-10","count":130},{"date":"2026-04-11","count":120},{"date":"2026-04-12","count":98},{"date":"2026-04-13","count":108},{"date":"2026-04-14","count":122},{"date":"2026-04-15","count":110},{"date":"2026-04-16","count":114},{"date":"2026-04-17","count":116},{"date":"2026-04-18","count":124},{"date":"2026-04-19","count":96},{"date":"2026-04-20","count":110},{"date":"2026-04-21","count":106},{"date":"2026-04-22","count":66},{"date":"2026-04-23","count":94},{"date":"2026-04-24","count":94},{"date":"2026-04-25","count":110},{"date":"2026-04-26","count":98},{"date":"2026-04-27","count":110},{"date":"2026-04-28","count":108},{"date":"2026-04-29","count":106},{"date":"2026-04-30","count":94},{"date":"2026-05-01","count":88},{"date":"2026-05-02","count":106},{"date":"2026-05-03","count":118},{"date":"2026-05-04","count":344},{"date":"2026-05-05","count":288},{"date":"2026-05-06","count":297},{"date":"2026-05-07","count":301},{"date":"2026-05-08","count":281},{"date":"2026-05-09","count":289},{"date":"2026-05-10","count":289},{"date":"2026-05-11","count":306},{"date":"2026-05-12","count":303},{"date":"2026-05-13","count":298},{"date":"2026-05-14","count":327},{"date":"2026-05-15","count":300},{"date":"2026-05-16","count":272},{"date":"2026-05-17","count":242},{"date":"2026-05-18","count":131},{"date":"2026-05-19","count":130},{"date":"2026-05-20","count":248},{"date":"2026-05-21","count":254},{"date":"2026-05-22","count":259},{"date":"2026-05-23","count":123},{"date":"2026-05-24","count":389},{"date":"2026-05-25","count":271},{"date":"2026-05-26","count":125},{"date":"2026-05-28","count":234},{"date":"2026-05-29","count":279},{"date":"2026-05-30","count":288},{"date":"2026-05-31","count":295},{"date":"2026-06-01","count":285},{"date":"2026-06-02","count":288},{"date":"2026-06-03","count":313},{"date":"2026-06-04","count":279},{"date":"2026-06-05","count":267},{"date":"2026-06-06","count":233},{"date":"2026-06-07","count":249},{"date":"2026-06-08","count":253},{"date":"2026-06-09","count":236},{"date":"2026-06-10","count":250},{"date":"2026-06-11","count":233},{"date":"2026-06-12","count":236},{"date":"2026-06-13","count":260},{"date":"2026-06-14","count":213},{"date":"2026-06-15","count":192},{"date":"2026-06-16","count":275},{"date":"2026-06-17","count":266},{"date":"2026-06-18","count":242},{"date":"2026-06-19","count":223},{"date":"2026-06-20","count":262},{"date":"2026-06-21","count":275},{"date":"2026-06-22","count":302},{"date":"2026-06-23","count":262},{"date":"2026-06-24","count":279},{"date":"2026-06-25","count":273},{"date":"2026-06-26","count":303},{"date":"2026-06-27","count":262},{"date":"2026-06-28","count":301},{"date":"2026-06-29","count":275},{"date":"2026-06-30","count":311},{"date":"2026-07-01","count":140},{"date":"2026-07-02","count":278},{"date":"2026-07-03","count":252},{"date":"2026-07-04","count":294},{"date":"2026-07-05","count":138}],"recent_events":[{"timestamp":"2026-07-05T08:08:30","port":49747,"proto":"tcp","app_proto":"","app_protocol":"rdp","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0003\u0000\u0000/*�\u0000\u0000\u0000\u0000\u0000Cookie: mstshash=Administr\r\n\u0001\u0000\b\u0000\u0003\u0000\u0000\u0000","payload_hex":"0300002f2ae00000000000436f6f6b69653a206d737473686173683d41646d696e697374720d0a0100080003000000","method":"","user_agent":"","community_id":"1:Q/cCBXqyhuDxM0xgjZ+MQqfMqIk=","ja3":"","session":"d92dfe47-ca11-4ab0-90df-02735d2a2242","seq":1,"duration_ms":100,"bytes_in":47,"bytes_out":11,"enriched":{"digest":"b6d67a37a50bfeec","label":"RDP (X.224)","strings":["Cookie: mstshash=Administr"]}},{"timestamp":"2026-07-05T08:05:50","port":49187,"proto":"tcp","app_proto":"","app_protocol":"rdp","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0003\u0000\u0000/*�\u0000\u0000\u0000\u0000\u0000Cookie: mstshash=Administr\r\n\u0001\u0000\b\u0000\u0003\u0000\u0000\u0000","payload_hex":"0300002f2ae00000000000436f6f6b69653a206d737473686173683d41646d696e697374720d0a0100080003000000","method":"","user_agent":"","community_id":"1:3WJjFmPWHHTzkksqEx2H0IyyEGs=","ja3":"","session":"b88f027a-63fa-4415-9258-c9f05ff43e81","seq":1,"duration_ms":100,"bytes_in":47,"bytes_out":11,"enriched":{"digest":"b6d67a37a50bfeec","label":"RDP (X.224)","strings":["Cookie: mstshash=Administr"]}},{"timestamp":"2026-07-05T08:05:46","port":49741,"proto":"tcp","app_proto":"","app_protocol":"rdp","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0003\u0000\u0000/*�\u0000\u0000\u0000\u0000\u0000Cookie: mstshash=Administr\r\n\u0001\u0000\b\u0000\u0003\u0000\u0000\u0000","payload_hex":"0300002f2ae00000000000436f6f6b69653a206d737473686173683d41646d696e697374720d0a0100080003000000","method":"","user_agent":"","community_id":"1:tUogat8/9reBYqlICTH2hlii6p4=","ja3":"","session":"e15d6e01-30db-4c45-991e-292bf46c1aa1","seq":1,"duration_ms":100,"bytes_in":47,"bytes_out":11,"enriched":{"digest":"b6d67a37a50bfeec","label":"RDP (X.224)","strings":["Cookie: mstshash=Administr"]}},{"timestamp":"2026-07-05T08:05:43","port":49741,"proto":"tcp","app_proto":"","app_protocol":"rdp","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0003\u0000\u0000/*�\u0000\u0000\u0000\u0000\u0000Cookie: mstshash=Administr\r\n\u0001\u0000\b\u0000\u0003\u0000\u0000\u0000","payload_hex":"0300002f2ae00000000000436f6f6b69653a206d737473686173683d41646d696e697374720d0a0100080003000000","method":"","user_agent":"","community_id":"1:RVh9nnafpjFgghHDfM/I9sbziZk=","ja3":"","session":"2ca91f79-2ffb-4f87-a74d-097b3f85bf60","seq":1,"duration_ms":100,"bytes_in":47,"bytes_out":11,"enriched":{"digest":"b6d67a37a50bfeec","label":"RDP (X.224)","strings":["Cookie: mstshash=Administr"]}},{"timestamp":"2026-07-05T08:05:42","port":49741,"proto":"tcp","app_proto":"","app_protocol":"rdp","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0003\u0000\u0000/*�\u0000\u0000\u0000\u0000\u0000Cookie: mstshash=Administr\r\n\u0001\u0000\b\u0000\u0003\u0000\u0000\u0000","payload_hex":"0300002f2ae00000000000436f6f6b69653a206d737473686173683d41646d696e697374720d0a0100080003000000","method":"","user_agent":"","community_id":"1:qV7ZIa4jXkXYnjP6ydrR6sf0aJ8=","ja3":"","session":"4f34b1d5-878b-4ffb-9c68-969c5c183e95","seq":1,"duration_ms":100,"bytes_in":47,"bytes_out":11,"enriched":{"digest":"b6d67a37a50bfeec","label":"RDP (X.224)","strings":["Cookie: mstshash=Administr"]}},{"timestamp":"2026-07-05T08:05:41","port":49741,"proto":"tcp","app_proto":"","app_protocol":"rdp","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0003\u0000\u0000/*�\u0000\u0000\u0000\u0000\u0000Cookie: mstshash=Administr\r\n\u0001\u0000\b\u0000\u0003\u0000\u0000\u0000","payload_hex":"0300002f2ae00000000000436f6f6b69653a206d737473686173683d41646d696e697374720d0a0100080003000000","method":"","user_agent":"","community_id":"1:+114MjrELstbZG7QelHM7RZh81s=","ja3":"","session":"95be37fd-9f44-4d4b-b7f8-c227713ffbce","seq":1,"duration_ms":101,"bytes_in":47,"bytes_out":11,"enriched":{"digest":"b6d67a37a50bfeec","label":"RDP (X.224)","strings":["Cookie: mstshash=Administr"]}},{"timestamp":"2026-07-05T08:05:40","port":49741,"proto":"tcp","app_proto":"","app_protocol":"rdp","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0003\u0000\u0000/*�\u0000\u0000\u0000\u0000\u0000Cookie: mstshash=Administr\r\n\u0001\u0000\b\u0000\u0003\u0000\u0000\u0000","payload_hex":"0300002f2ae00000000000436f6f6b69653a206d737473686173683d41646d696e697374720d0a0100080003000000","method":"","user_agent":"","community_id":"1:u0BKKEfryx3JSuBZofgW9y/OYNM=","ja3":"","session":"3da71236-4fa2-476b-9bab-f33069c2cfca","seq":1,"duration_ms":101,"bytes_in":47,"bytes_out":11,"enriched":{"digest":"b6d67a37a50bfeec","label":"RDP (X.224)","strings":["Cookie: mstshash=Administr"]}},{"timestamp":"2026-07-05T08:03:52","port":49713,"proto":"tcp","app_proto":"","app_protocol":"rdp","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0003\u0000\u0000/*�\u0000\u0000\u0000\u0000\u0000Cookie: mstshash=Administr\r\n\u0001\u0000\b\u0000\u0003\u0000\u0000\u0000","payload_hex":"0300002f2ae00000000000436f6f6b69653a206d737473686173683d41646d696e697374720d0a0100080003000000","method":"","user_agent":"","community_id":"1:Wn69ff0Q8fs+u/HWr3IGNJirtr0=","ja3":"","session":"08bd43bf-48fc-47b2-95a3-9cb021777726","seq":1,"duration_ms":100,"bytes_in":47,"bytes_out":11,"enriched":{"digest":"b6d67a37a50bfeec","label":"RDP (X.224)","strings":["Cookie: mstshash=Administr"]}},{"timestamp":"2026-07-05T08:03:49","port":49713,"proto":"tcp","app_proto":"","app_protocol":"rdp","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0003\u0000\u0000/*�\u0000\u0000\u0000\u0000\u0000Cookie: mstshash=Administr\r\n\u0001\u0000\b\u0000\u0003\u0000\u0000\u0000","payload_hex":"0300002f2ae00000000000436f6f6b69653a206d737473686173683d41646d696e697374720d0a0100080003000000","method":"","user_agent":"","community_id":"1:5jECiiAsuaHSisYCdBxx+aTPCJo=","ja3":"","session":"5c14ef0b-64ba-45a8-a4e5-66e7eea9f323","seq":1,"duration_ms":100,"bytes_in":47,"bytes_out":11,"enriched":{"digest":"b6d67a37a50bfeec","label":"RDP (X.224)","strings":["Cookie: mstshash=Administr"]}},{"timestamp":"2026-07-05T08:03:48","port":49713,"proto":"tcp","app_proto":"","app_protocol":"rdp","host":"","headers":"","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"","summary":"\u0003\u0000\u0000/*�\u0000\u0000\u0000\u0000\u0000Cookie: mstshash=Administr\r\n\u0001\u0000\b\u0000\u0003\u0000\u0000\u0000","payload_hex":"0300002f2ae00000000000436f6f6b69653a206d737473686173683d41646d696e697374720d0a0100080003000000","method":"","user_agent":"","community_id":"1:DItTn2UA/rmXaz0EGQ8iI1ay61w=","ja3":"","session":"b73adc4f-4402-453b-989a-df49c80df4b7","seq":1,"duration_ms":101,"bytes_in":47,"bytes_out":11,"enriched":{"digest":"b6d67a37a50bfeec","label":"RDP (X.224)","strings":["Cookie: mstshash=Administr"]}}],"http_methods":[],"distinct_ports_total":1077,"top_paths":[],"distinct_paths_total":0,"top_snis":[],"top_hosts":[],"top_alpns":[],"banners":[],"credentials":[],"header_profile":null,"tags":[],"data_as_of":"2026-07-05T08:52:01.442385+00:00"}