Notes. The second and third columns report the number and percentage of threat agents in a specific cluster, respectively. The last seven columns correspond to the following characteristics: Recon.Scanning, Availability.DDoS, duration, max. idleness, min. idleness, a number of ISP, and a number of unique targets.