Kind ID Labels Position asn asn:48090 asn=48,090, org=Techoff Srv Limited asn asn:47890 asn=47,890, org=Unmanaged Ltd asn asn:14618 asn=14,618, org=Amazon.com, Inc. asn asn:6167 asn=6,167, org=Verizon Business asn asn:138915 asn=138,915, org=Kaopu Cloud HK Limited asn asn:4837 asn=4,837, org=CHINA UNICOM China169 Backbone asn asn:131392 asn=131,392, org=GMO-Z.com Runsystem Joint Stock Company asn asn:132203 asn=132,203, org=Tencent Building, Kejizhongyi Avenue asn asn:54641 asn=54,641, org=InMotion Hosting, Inc. asn asn:16276 asn=16,276, org=OVH SAS asn asn:206264 asn=206,264, org=Amarutu Technology Ltd asn asn:197834 asn=197,834, org=Ucom CJSC asn asn:200019 asn=200,019, org=Alexhost Srl asn asn:34665 asn=34,665, org=Petersburg Internet Network ltd. asn asn:3215 asn=3,215, org=Orange asn asn:34660 asn=34,660, org=Roebuck Group Limited asn asn:26832 asn=26,832, org=Rica Web Services asn asn:4766 asn=4,766, org=Korea Telecom asn asn:8075 asn=8,075, org=Microsoft Corporation asn asn:209366 asn=209,366, org=SEMrush CY LTD asn asn:31863 asn=31,863, org=Centrilogic, Inc. asn asn:209413 asn=209,413, org=Dedik Services Limited asn asn:63949 asn=63,949, org=Akamai Connected Cloud asn asn:214940 asn=214,940, org=Kprohost LLC asn asn:272809 asn=272,809, org=THUNDERNET, C.A. asn asn:134763 asn=134,763, org=CHINANET Guangdong province network asn asn:41231 asn=41,231, org=Canonical Group Limited asn asn:16509 asn=16,509, org=Amazon.com, Inc. asn asn:138421 asn=138,421, org=China Unicom asn asn:328436 asn=328,436, org=Flashnet-Technologies-Limited asn asn:3737 asn=3,737, org=PenTeleData Inc. asn asn:55720 asn=55,720, org=Gigabit Hosting Sdn Bhd behavior_group BSG-BEACON-0ab20e8498f9 behavior=BEACON, confidence=0.9, detection_rationale=timing_cv=0.00 (≤0.5); byte_cv=0.20 (≤0.6), dst_ip=172.234.197.23, dst_port=23, interval_cv=0, mean_interval=3,600, member_count=3, src_ip=223.25.245.241, summary=Beacon: 223.25.245.241 → 172.234.197.23:23, 3 sessions, interval CV=0.00, mean 126B, total_bytes=378, total_packets=7, unique_hosts=0, unique_ports=0 behavior_group BSG-DATA_EXFIL-7425ff9cf798 behavior=DATA_EXFIL, confidence=0.85, detection_rationale=total_bytes=239942; large_volume (≥100KB); high_rate (444337 B/s), dst_ip=, member_count=1, src_ip=3.90.73.206, summary=Exfil suspect: 3.90.73.206 → 1 destinations, 239,942B total, max 239,942B/session, total_bytes=239,942, total_packets=215, unique_hosts=1, unique_ports=0 behavior_group BSG-DATA_EXFIL-46b47582f37b behavior=DATA_EXFIL, confidence=0.5, detection_rationale=total_bytes=15484, dst_ip=, member_count=1, src_ip=163.44.192.46, summary=Exfil suspect: 163.44.192.46 → 1 destinations, 15,484B total, max 15,484B/session, total_bytes=15,484, total_packets=36, unique_hosts=1, unique_ports=0 behavior_group BSG-FAILED_HANDSHAKE-de4a8c24b2b9 behavior=FAILED_HANDSHAKE, confidence=0.6, detection_rationale=failed_sessions=3, dst_ip=172.234.197.23, member_count=3, src_ip=223.25.245.241, summary=Failed handshakes: 223.25.245.241 → 172.234.197.23, 3 attempts on 1 ports, total_bytes=378, total_packets=7, unique_hosts=0, unique_ports=1 behavior_group BSG-DATA_EXFIL-b6d7f24ac366 behavior=DATA_EXFIL, confidence=0.5, detection_rationale=total_bytes=24897, dst_ip=, member_count=1, src_ip=40.77.167.27, summary=Exfil suspect: 40.77.167.27 → 1 destinations, 24,897B total, max 24,897B/session, total_bytes=24,897, total_packets=47, unique_hosts=1, unique_ports=0 behavior_group BSG-DATA_EXFIL-505d7e19f7ae behavior=DATA_EXFIL, confidence=0.65, detection_rationale=total_bytes=31811; high_rate (102616 B/s), dst_ip=, member_count=1, src_ip=185.191.171.15, summary=Exfil suspect: 185.191.171.15 → 1 destinations, 31,811B total, max 31,811B/session, total_bytes=31,811, total_packets=43, unique_hosts=1, unique_ports=0 behavior_group BSG-DATA_EXFIL-93085dcb8f6d behavior=DATA_EXFIL, confidence=0.5, detection_rationale=total_bytes=36871, dst_ip=, member_count=1, src_ip=172.234.197.23, summary=Exfil suspect: 172.234.197.23 → 1 destinations, 36,871B total, max 36,871B/session, total_bytes=36,871, total_packets=50, unique_hosts=1, unique_ports=0 behavior_group BSG-DATA_EXFIL-2cdb34e6536b behavior=DATA_EXFIL, confidence=0.5, detection_rationale=total_bytes=15178, dst_ip=, member_count=1, src_ip=198.46.83.219, summary=Exfil suspect: 198.46.83.219 → 1 destinations, 15,178B total, max 15,178B/session, total_bytes=15,178, total_packets=32, unique_hosts=1, unique_ports=0 behavior_group BSG-BEACON-8d2f08349810 behavior=BEACON, confidence=0.9, detection_rationale=timing_cv=0.00 (≤0.5); byte_cv=0.00 (≤0.6), dst_ip=172.234.197.23, dst_port=0, interval_cv=0, mean_interval=3,600, member_count=3, src_ip=16.79.76.70, summary=Beacon: 16.79.76.70 → 172.234.197.23:0, 3 sessions, interval CV=0.00, mean 164B, total_bytes=492, total_packets=6, unique_hosts=0, unique_ports=0 behavior_group BSG-BEACON-a8a8c3c8a37f behavior=BEACON, confidence=0.9, detection_rationale=timing_cv=0.00 (≤0.5); byte_cv=0.00 (≤0.6), dst_ip=172.234.197.23, dst_port=0, interval_cv=0, mean_interval=7,200, member_count=9, src_ip=103.155.16.117, summary=Beacon: 103.155.16.117 → 172.234.197.23:0, 9 sessions, interval CV=0.00, mean 84B, total_bytes=756, total_packets=18, unique_hosts=0, unique_ports=0 behavior_group BSG-BEACON-f6c2b3d0e42d behavior=BEACON, confidence=0.75, detection_rationale=byte_cv=0.06 (≤0.6); count=47, dst_ip=172.232.0.17, dst_port=53, interval_cv=1.302, mean_interval=1,331.1, member_count=47, src_ip=172.234.197.23, summary=Beacon: 172.234.197.23 → 172.232.0.17:53, 47 sessions, interval CV=1.30, mean 294B, total_bytes=13,803, total_packets=94, unique_hosts=0, unique_ports=0 behavior_group BSG-BEACON-8b76394cb6b8 behavior=BEACON, confidence=0.9, detection_rationale=timing_cv=0.45 (≤0.5); byte_cv=0.00 (≤0.6), dst_ip=172.234.197.23, dst_port=0, interval_cv=0.455, mean_interval=19,800, member_count=3, src_ip=54.226.218.70, summary=Beacon: 54.226.218.70 → 172.234.197.23:0, 3 sessions, interval CV=0.45, mean 164B, total_bytes=492, total_packets=6, unique_hosts=0, unique_ports=0 dns_name dns:172-234-197-23.ip.linodeusercontent.com.members.linode.com answer_count=0, qname=172-234-197-23.ip.linodeusercontent.com.members.linode.com dns_name dns:api.snapcraft.io answer_count=4, qname=api.snapcraft.io dns_name dns:172-234-197-23.ip.linodeusercontent.com answer_count=0, qname=172-234-197-23.ip.linodeusercontent.com flow flow:67f51b6f6cc8 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=54.241.179.48 flow flow:9c31613afb86 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=51.224.218.166 flow flow:0433b793a6a9 bytes=6,689, dst_ip=172.234.197.23, dst_port=443, pkts=27, proto=tcp, src_ip=14.152.83.244 flow flow:6f2c7341f532 bytes=6,545, dst_ip=172.234.197.23, dst_port=22, pkts=43, proto=tcp, src_ip=193.32.162.145 flow flow:a4f2cd6ce2f7 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=13.229.125.1 flow flow:f00abcc0a031 bytes=84, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=103.155.16.117 flow flow:b93906f68dc6 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=3.106.231.97 flow flow:47789e6304b7 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=35.94.23.128 flow flow:0f6e4fea1ebd bytes=313, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:1914bb7cc20f bytes=1,228, dst_ip=172.234.197.23, dst_port=80, pkts=10, proto=tcp, src_ip=14.17.85.204 flow flow:b9750851265c bytes=5,220, dst_ip=172.234.197.23, dst_port=22, pkts=25, proto=tcp, src_ip=2.57.122.195 flow flow:fdaecc52e5ee bytes=172, dst_ip=45.148.10.152, dst_port=5,216, pkts=2, proto=tcp, src_ip=172.234.197.23 flow flow:1ac8f7e99dc5 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=108.137.154.183 flow flow:a54692a6979d bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=51.224.129.180 flow flow:0a210060d8d3 bytes=148, dst_ip=172.234.197.23, dst_port=23, pkts=2, proto=tcp, src_ip=64.67.249.9 flow flow:68d73048dbea bytes=313, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:1476cc4b8aee bytes=668, dst_ip=45.148.10.147, dst_port=0, pkts=8, proto=icmp, src_ip=172.234.197.23 flow flow:e279718cda39 bytes=313, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:bf7082b9fe5b bytes=313, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:240148ce3c78 bytes=282, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:5c0f3e09f588 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=108.136.231.22 flow flow:5d860602bc50 bytes=8,862, dst_ip=172.234.197.23, dst_port=443, pkts=26, proto=tcp, src_ip=3.218.103.254 flow flow:a4dceb0b502c bytes=238, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:9177236cf88d bytes=1,321, dst_ip=172.234.197.23, dst_port=80, pkts=7, proto=tcp, src_ip=5.61.209.107 flow flow:d5469b65364f bytes=7,850, dst_ip=172.234.197.23, dst_port=443, pkts=45, proto=tcp, src_ip=97.139.12.85 flow flow:cefb768f4cb3 bytes=15,178, dst_ip=172.234.197.23, dst_port=443, pkts=32, proto=tcp, src_ip=198.46.83.219 flow flow:449957d41315 bytes=286, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:8914df23a392 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=16.79.76.70 flow flow:b5b053f5b810 bytes=7,850, dst_ip=172.234.197.23, dst_port=443, pkts=45, proto=tcp, src_ip=97.139.12.85 flow flow:f56c5e5e9322 bytes=100, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=103.220.165.12 flow flow:b4f49eacb030 bytes=282, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:87683189dc49 bytes=162, dst_ip=172.234.197.23, dst_port=443, pkts=3, proto=tcp, src_ip=52.167.144.25 flow flow:cac7868c82f6 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=34.220.135.241 flow flow:b19deaa51995 bytes=84, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=103.155.16.117 flow flow:3b21f9ede7cb bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=108.137.123.21 flow flow:50c32187e8b2 bytes=2,144, dst_ip=172.234.197.23, dst_port=22, pkts=10, proto=tcp, src_ip=91.208.162.73 flow flow:4e35f51811d2 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=16.78.103.11 flow flow:31f2ff459e84 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=54.226.218.70 flow flow:d71d4a109401 bytes=6,416, dst_ip=172.234.197.23, dst_port=443, pkts=22, proto=tcp, src_ip=43.173.187.143 flow flow:8f6806f92230 bytes=6,390, dst_ip=172.234.197.23, dst_port=22, pkts=36, proto=tcp, src_ip=92.118.39.235 flow flow:7d522f305779 bytes=84, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=103.155.16.117 flow flow:ada534975ef5 bytes=162, dst_ip=172.234.197.23, dst_port=443, pkts=3, proto=tcp, src_ip=52.167.144.238 flow flow:347478b466ec bytes=6,622, dst_ip=172.234.197.23, dst_port=443, pkts=25, proto=tcp, src_ip=14.17.85.204 flow flow:c79e28885a99 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=51.224.53.243 flow flow:dacca5c8e7bb bytes=313, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:f41eff2de618 bytes=164, dst_ip=45.148.10.152, dst_port=0, pkts=2, proto=icmp, src_ip=172.234.197.23 flow flow:c1307952a890 bytes=2,456, dst_ip=172.234.197.23, dst_port=80, pkts=10, proto=tcp, src_ip=176.32.193.16 flow flow:dd59f847be17 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=108.137.71.172 flow flow:d0120672e787 bytes=108, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=3.208.12.253 flow flow:3aad6ec6ad00 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=54.183.164.11 flow flow:efc18dad92a7 bytes=15,484, dst_ip=172.234.197.23, dst_port=443, pkts=36, proto=tcp, src_ip=163.44.192.46 flow flow:c83cc26ea37b bytes=180, dst_ip=185.125.190.56, dst_port=123, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:e7f03b7f94f5 bytes=313, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:bc4fd3adbda3 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=98.94.57.86 flow flow:2a8a3c10eeb4 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=35.94.23.128 flow flow:7a21319f1899 bytes=142, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=15.188.52.238 flow flow:2c5b04db8ee1 bytes=282, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:aa986cd7cb40 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=34.236.245.217 flow flow:d7d8a1790678 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=51.224.123.234 flow flow:deecfe5e0bc4 bytes=344, dst_ip=45.148.10.152, dst_port=9,804, pkts=4, proto=tcp, src_ip=172.234.197.23 flow flow:e91875dd2345 bytes=84, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=103.155.16.117 flow flow:9bafda49b279 bytes=108, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=172.98.199.111 flow flow:d2aa3d958328 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=18.138.243.16 flow flow:c4d1a49ae7bc bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=18.234.252.238 flow flow:7ccaed7bf0ec bytes=8,181, dst_ip=172.234.197.23, dst_port=22, pkts=33, proto=tcp, src_ip=209.209.8.82 flow flow:a4bc84010efc bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=108.136.195.128 flow flow:1420d4c280cb bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=108.136.137.0 flow flow:ddc8dae32fdb bytes=262, dst_ip=193.32.162.145, dst_port=52,018, pkts=3, proto=tcp, src_ip=172.234.197.23 flow flow:7027314e9f62 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=54.237.9.199 flow flow:a697fcd98900 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=54.226.218.70 flow flow:d4725abe1473 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=35.183.94.19 flow flow:f4c8b73f57c1 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=43.218.39.46 flow flow:862efb2879b2 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=34.219.28.57 flow flow:d9cdb794d862 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=51.224.214.156 flow flow:ca25ffe5ec8f bytes=1,126, dst_ip=172.234.197.23, dst_port=80, pkts=10, proto=tcp, src_ip=95.215.0.144 flow flow:8fe003d62716 bytes=172, dst_ip=45.148.10.152, dst_port=5,216, pkts=2, proto=tcp, src_ip=172.234.197.23 flow flow:4501038c119d bytes=1,353, dst_ip=172.234.197.23, dst_port=80, pkts=10, proto=tcp, src_ip=3.220.15.173 flow flow:91a8bb2e3817 bytes=148, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=90.116.59.40 flow flow:82009e6c5a65 bytes=200, dst_ip=193.32.162.145, dst_port=0, pkts=2, proto=icmp, src_ip=172.234.197.23 flow flow:13082bd88fab bytes=5,821, dst_ip=172.234.197.23, dst_port=22, pkts=25, proto=tcp, src_ip=45.148.10.121 flow flow:ef50ec85480c bytes=166, dst_ip=172.234.197.23, dst_port=80, pkts=3, proto=tcp, src_ip=5.61.209.107 flow flow:143398f9d784 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=13.216.252.177 flow flow:a0f73d4e1f2a bytes=313, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:e90db41f61c8 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=51.224.52.77 flow flow:3edb10e0cdca bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=108.131.123.151 flow flow:d14770a59a64 bytes=120, dst_ip=45.148.10.141, dst_port=10,780, pkts=2, proto=tcp, src_ip=172.234.197.23 flow flow:e92d3e642b06 bytes=282, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:997b1d1ade09 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=52.51.234.60 flow flow:67f123b1e51e bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=34.236.245.217 flow flow:88eb6a459897 bytes=282, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:af37c97c4639 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=51.224.39.182 flow flow:071ff969f1cc bytes=108, dst_ip=172.234.197.23, dst_port=23, pkts=2, proto=tcp, src_ip=223.25.245.241 flow flow:ac0bc411b526 bytes=5,887, dst_ip=172.234.197.23, dst_port=22, pkts=26, proto=tcp, src_ip=45.148.10.121 flow flow:17c4296b579c bytes=1,106, dst_ip=193.32.162.145, dst_port=0, pkts=11, proto=icmp, src_ip=172.234.197.23 flow flow:81d4435dcab9 bytes=24,897, dst_ip=172.234.197.23, dst_port=443, pkts=47, proto=tcp, src_ip=40.77.167.27 flow flow:864eba4ee2ee bytes=282, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:c644cbc5ffa7 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=16.79.76.70 flow flow:8c87e0881ac0 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=3.104.120.189 flow flow:f206044f5767 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=18.237.240.13 flow flow:59bb0f5fedd5 bytes=7,274, dst_ip=172.234.197.23, dst_port=22, pkts=46, proto=tcp, src_ip=45.148.10.152 flow flow:cf8bff248bec bytes=282, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:7d4c3dac7600 bytes=108, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=178.23.161.163 flow flow:43d572801c27 bytes=282, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:111895f8c52f bytes=313, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:8cb617b63f06 bytes=504, dst_ip=45.148.10.152, dst_port=0, pkts=6, proto=icmp, src_ip=172.234.197.23 flow flow:209d30a51090 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=18.144.72.27 flow flow:6515448ed902 bytes=172, dst_ip=45.148.10.141, dst_port=10,780, pkts=2, proto=tcp, src_ip=172.234.197.23 flow flow:902d38098299 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=3.251.186.69 flow flow:84372b4c9378 bytes=313, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:499a3d14e92e bytes=282, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:04c331b9aa65 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=16.174.52.201 flow flow:246187f1174b bytes=5,562, dst_ip=172.234.197.23, dst_port=22, pkts=28, proto=tcp, src_ip=45.148.10.147 flow flow:7f613a18875c bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=54.215.156.188 flow flow:b7472ecf01c2 bytes=340, dst_ip=172.234.197.23, dst_port=161, pkts=4, proto=udp, src_ip=90.116.59.40 flow flow:1f053fd054db bytes=282, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:f7a277f9998b bytes=697, dst_ip=172.234.197.23, dst_port=21, pkts=10, proto=tcp, src_ip=3.143.162.210 flow flow:00a34ff0c16c bytes=313, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:18c0bf5b5d25 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=44.203.55.60 flow flow:f79f487f8e0c bytes=282, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:5869fb9669a2 bytes=282, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:6708a909811e bytes=313, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:b581f8c2c972 bytes=313, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:70c9f2036cf5 bytes=186, dst_ip=172.234.197.23, dst_port=80, pkts=3, proto=tcp, src_ip=20.168.120.150 flow flow:de22e91ae119 bytes=292, dst_ip=2.57.122.196, dst_port=39,260, pkts=4, proto=tcp, src_ip=172.234.197.23 flow flow:ea0949f415db bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=108.136.246.109 flow flow:729bae75cfd4 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=51.224.16.78 flow flow:fea41e664fcc bytes=148, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=221.206.225.58 flow flow:b75117e25fa7 bytes=282, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:83a5cffc6703 bytes=36,871, dst_ip=185.125.188.57, dst_port=443, pkts=50, proto=tcp, src_ip=172.234.197.23 flow flow:02ba1d809494 bytes=84, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=103.155.16.117 flow flow:5299471ea6cc bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=51.224.17.95 flow flow:2858185efdfa bytes=172, dst_ip=92.118.39.197, dst_port=44,658, pkts=2, proto=tcp, src_ip=172.234.197.23 flow flow:2c469eb17471 bytes=313, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:a9c7d9bac1f3 bytes=630, dst_ip=172.234.197.23, dst_port=21, pkts=9, proto=tcp, src_ip=20.65.193.94 flow flow:5f0f49123cd7 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=108.137.154.183 flow flow:d7061fe3c5a3 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=15.223.242.221 flow flow:e9ca18248257 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=44.249.3.1 flow flow:4bcf7225434d bytes=239,942, dst_ip=172.234.197.23, dst_port=443, pkts=215, proto=tcp, src_ip=3.90.73.206 flow flow:daf8c45d27ff bytes=5,981, dst_ip=172.234.197.23, dst_port=22, pkts=25, proto=tcp, src_ip=45.148.10.121 flow flow:c4b1d3f380b6 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=16.79.76.70 flow flow:6420ca6cc39b bytes=282, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:5c9d8237757d bytes=313, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:9078e73eea61 bytes=282, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:aaa209123031 bytes=282, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:d51d769f00c1 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=3.96.140.112 flow flow:8ef69fa14005 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=54.226.218.70 flow flow:0e6bae8384da bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=3.101.144.161 flow flow:3ea8fd323e82 bytes=2,456, dst_ip=172.234.197.23, dst_port=80, pkts=10, proto=tcp, src_ip=176.32.193.16 flow flow:bfefd9b465ef bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=54.164.23.84 flow flow:9d2fb1b9d74b bytes=108, dst_ip=172.234.197.23, dst_port=23, pkts=2, proto=tcp, src_ip=223.25.245.241 flow flow:61b4219f0b78 bytes=162, dst_ip=172.234.197.23, dst_port=443, pkts=3, proto=tcp, src_ip=40.77.167.16 flow flow:c9956253cbcb bytes=8,309, dst_ip=172.234.197.23, dst_port=22, pkts=33, proto=tcp, src_ip=51.75.149.221 flow flow:696377210741 bytes=1,248, dst_ip=172.234.197.23, dst_port=80, pkts=10, proto=tcp, src_ip=43.173.132.115 flow flow:ee2c146df182 bytes=282, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:c853014c7a67 bytes=282, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:441658b54583 bytes=6,477, dst_ip=172.234.197.23, dst_port=443, pkts=23, proto=tcp, src_ip=43.173.132.82 flow flow:7360796cbd65 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=108.137.71.172 flow flow:0c8d25d61ca7 bytes=313, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:f36b30ec8519 bytes=313, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:27bcaa9bf1c4 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=13.250.21.18 flow flow:3b056e5c7d7c bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=108.136.231.22 flow flow:9e88bfc6625e bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=54.175.222.82 flow flow:fd30f5960ad1 bytes=5,239, dst_ip=172.234.197.23, dst_port=443, pkts=23, proto=tcp, src_ip=54.227.57.227 flow flow:a70ab2b95ecc bytes=282, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:df901ac482e6 bytes=282, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:8089546c59de bytes=282, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:fdac2758196c bytes=2,056, dst_ip=45.148.10.147, dst_port=7,012, pkts=22, proto=tcp, src_ip=172.234.197.23 flow flow:12d4f4983f25 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=44.242.252.153 flow flow:7ac69d00b687 bytes=313, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:818abf6f6b6e bytes=1,277, dst_ip=172.234.197.23, dst_port=80, pkts=10, proto=tcp, src_ip=176.32.193.16 flow flow:77ae47f39855 bytes=313, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:d55b3af6cdbc bytes=228, dst_ip=172.234.197.23, dst_port=443, pkts=4, proto=tcp, src_ip=102.69.167.14 flow flow:474e5f3dc582 bytes=1,277, dst_ip=172.234.197.23, dst_port=80, pkts=10, proto=tcp, src_ip=176.32.193.16 flow flow:8c9867a7b467 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=108.136.220.138 flow flow:e0e919fe14b3 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=51.224.145.152 flow flow:20071b12f135 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=98.80.70.116 flow flow:6bb1f29d53ff bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=3.234.246.186 flow flow:e67e9c201483 bytes=148, dst_ip=172.234.197.23, dst_port=23, pkts=2, proto=tcp, src_ip=82.86.130.0 flow flow:7bdb3d54a400 bytes=891, dst_ip=172.234.197.23, dst_port=21, pkts=12, proto=tcp, src_ip=20.65.193.94 flow flow:3a67dd09e08a bytes=282, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:cb8bc80eaf8c bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=40.176.180.255 flow flow:97464cc05f7f bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=34.220.135.241 flow flow:2a7f096a8297 bytes=164, dst_ip=2.57.122.196, dst_port=0, pkts=2, proto=icmp, src_ip=172.234.197.23 flow flow:6a69e6dcd7fc bytes=220, dst_ip=172.234.197.23, dst_port=443, pkts=4, proto=tcp, src_ip=176.65.144.135 flow flow:02b1e8c8b192 bytes=84, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=103.155.16.117 flow flow:9e8a34432524 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=15.135.73.27 flow flow:84d2eb801f56 bytes=282, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:4353ee1ddb3a bytes=84, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=103.155.16.117 flow flow:78d03e128aff bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=18.234.252.238 flow flow:484583ddd05a bytes=313, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:4ddbe4acc504 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=32.195.50.176 flow flow:a1891ca4ab53 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=13.57.230.145 flow flow:9523977fdba3 bytes=5,019, dst_ip=172.234.197.23, dst_port=443, pkts=22, proto=tcp, src_ip=77.83.39.42 flow flow:cfd758aa33d2 bytes=282, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:3a4e544a1ba4 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=98.92.23.232 flow flow:eb9431ab1705 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=51.224.137.27 flow flow:a17816cafef4 bytes=5,320, dst_ip=172.234.197.23, dst_port=443, pkts=10, proto=tcp, src_ip=43.172.194.114 flow flow:1ef937ba29a6 bytes=148, dst_ip=172.234.197.23, dst_port=443, pkts=2, proto=tcp, src_ip=43.172.194.114 flow flow:e08081e26cd8 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=40.177.170.83 flow flow:415bdf268435 bytes=282, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:18ab509ee72d bytes=4,957, dst_ip=172.234.197.23, dst_port=22, pkts=25, proto=tcp, src_ip=221.156.137.102 flow flow:9cedce8d570a bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=98.94.57.86 flow flow:7823764fbd64 bytes=282, dst_ip=172.232.0.17, dst_port=53, pkts=2, proto=udp, src_ip=172.234.197.23 flow flow:c75009f6f6e4 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=51.224.8.1 flow flow:2895eed54cf1 bytes=84, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=103.155.16.117 flow flow:a4908bd16700 bytes=162, dst_ip=172.234.197.23, dst_port=23, pkts=3, proto=tcp, src_ip=223.25.245.241 flow flow:cbb57221e330 bytes=84, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=103.155.16.117 flow flow:670bf8372bed bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=108.136.195.128 flow flow:bb7c34388958 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=108.136.220.138 flow flow:d4d65fc2478f bytes=31,811, dst_ip=172.234.197.23, dst_port=443, pkts=43, proto=tcp, src_ip=185.191.171.15 flow flow:2ebe3dee9f01 bytes=164, dst_ip=172.234.197.23, dst_port=0, pkts=2, proto=icmp, src_ip=34.254.182.37 geo_point geo_48.85580_2.34940 city=Paris, country=FR [48.8558, 2.3494, 0.0000] 🌐 geo_point geo_34.77320_113.72200 city=, country=CN [34.7732, 113.7220, 0.0000] 🌐 geo_point geo_40.25000_45.00000 city=, country=AM [40.2500, 45.0000, 0.0000] 🌐 geo_point geo_37.75100_-97.82200 city=, country=US [37.7510, -97.8220, 0.0000] 🌐 geo_point geo_-4.58330_55.66670 city=, country=SC [-4.5833, 55.6667, 0.0000] 🌐 geo_point geo_45.49950_-73.58480 city=Montreal, country=CA [45.4995, -73.5848, 0.0000] 🌐 geo_point geo_3.13990_101.70090 city=Kuala Lumpur, country=MY [3.1399, 101.7009, 0.0000] 🌐 geo_point geo_16.16670_107.83330 city=, country=VN [16.1667, 107.8333, 0.0000] 🌐 geo_point geo_48.85820_2.33870 city=, country=FR [48.8582, 2.3387, 0.0000] 🌐 geo_point geo_39.96250_-83.00610 city=Columbus, country=US [39.9625, -83.0061, 0.0000] 🌐 geo_point geo_52.51960_13.40690 city=Berlin, country=DE [52.5196, 13.4069, 0.0000] 🌐 geo_point geo_29.42270_-98.49270 city=San Antonio, country=US [29.4227, -98.4927, 0.0000] 🌐 geo_point geo_41.88350_-87.63050 city=Chicago, country=US [41.8835, -87.6305, 0.0000] 🌐 geo_point geo_29.81190_-95.52070 city=Houston, country=US [29.8119, -95.5207, 0.0000] 🌐 geo_point geo_53.33820_-6.25910 city=Dublin, country=IE [53.3382, -6.2591, 0.0000] 🌐 geo_point geo_55.73860_37.60680 city=, country=RU [55.7386, 37.6068, 0.0000] 🌐 geo_point geo_39.04690_-77.49030 city=Ashburn, country=US [39.0469, -77.4903, 0.0000] 🌐 geo_point geo_51.05000_-114.08790 city=Calgary, country=CA [51.0500, -114.0879, 0.0000] 🌐 geo_point geo_1.36670_103.80000 city=, country=SG [1.3667, 103.8000, 0.0000] 🌐 geo_point geo_37.33880_-121.89160 city=San Jose, country=US [37.3388, -121.8916, 0.0000] 🌐 geo_point geo_-33.86720_151.19970 city=Sydney, country=AU [-33.8672, 151.1997, 0.0000] 🌐 geo_point geo_45.84010_-119.70500 city=Boardman, country=US [45.8401, -119.7050, 0.0000] 🌐 geo_point geo_52.37590_4.89750 city=Amsterdam, country=NL [52.3759, 4.8975, 0.0000] 🌐 geo_point geo_47.01880_28.81280 city=, country=MD [47.0188, 28.8128, 0.0000] 🌐 geo_point geo_45.99680_24.99700 city=, country=RO [45.9968, 24.9970, 0.0000] 🌐 geo_point geo_1.29390_103.84610 city=Singapore, country=SG [1.2939, 103.8461, 0.0000] 🌐 geo_point geo_41.57750_-75.25520 city=Honesdale, country=US [41.5775, -75.2552, 0.0000] 🌐 geo_point geo_43.72160_7.11800 city=Vence, country=FR [43.7216, 7.1180, 0.0000] 🌐 geo_point geo_45.46050_-73.63050 city=Montreal, country=CA [45.4605, -73.6305, 0.0000] 🌐 geo_point geo_34.57110_126.60100 city=Haenam-gun, country=KR [34.5711, 126.6010, 0.0000] 🌐 geo_point geo_51.49640_-0.12240 city=, country=GB [51.4964, -0.1224, 0.0000] 🌐 geo_point geo_50.45220_30.52870 city=, country=UA [50.4522, 30.5287, 0.0000] 🌐 geo_point geo_10.48730_-66.87380 city=Caracas, country=VE [10.4873, -66.8738, 0.0000] 🌐 geo_point geo_33.45320_-112.07480 city=Phoenix, country=US [33.4532, -112.0748, 0.0000] 🌐 geo_point geo_-6.21140_106.84460 city=Jakarta, country=ID [-6.2114, 106.8446, 0.0000] 🌐 geo_point geo_36.66940_-78.38770 city=Boydton, country=US [36.6694, -78.3877, 0.0000] 🌐 geo_point geo_51.29930_9.49100 city=, country=DE [51.2993, 9.4910, 0.0000] 🌐 geo_point geo_-6.82270_39.29100 city=, country=TZ [-6.8227, 39.2910, 0.0000] 🌐 host host:13.57.230.145 bytes=164, city=San Jose, country=US, ip=13.57.230.145, org=Amazon.com, Inc. [37.3388, -121.8916, 0.0000] 🌐 host host:45.148.10.121 bytes=5,981, city=Amsterdam, country=NL, ip=45.148.10.121, org=Techoff Srv Limited [52.3759, 4.8975, 0.0000] 🌐 host host:3.101.144.161 bytes=164, city=San Jose, country=US, ip=3.101.144.161, org=Amazon.com, Inc. [37.3388, -121.8916, 0.0000] 🌐 host host:34.254.182.37 bytes=164, city=Dublin, country=IE, ip=34.254.182.37, org=Amazon.com, Inc. [53.3382, -6.2591, 0.0000] 🌐 host host:51.224.17.95 bytes=164, city=Berlin, country=DE, ip=51.224.17.95, org=Amazon.com, Inc. [52.5196, 13.4069, 0.0000] 🌐 host host:35.94.23.128 bytes=164, city=Boardman, country=US, ip=35.94.23.128, org=Amazon.com, Inc. [45.8401, -119.7050, 0.0000] 🌐 host host:45.148.10.147 bytes=5,562, city=Amsterdam, country=NL, ip=45.148.10.147, org=Techoff Srv Limited [52.3759, 4.8975, 0.0000] 🌐 host host:209.209.8.82 bytes=8,181, city=Montreal, country=CA, ip=209.209.8.82, org=Rica Web Services [45.4605, -73.6305, 0.0000] 🌐 host host:3.251.186.69 bytes=164, city=Dublin, country=IE, ip=3.251.186.69, org=Amazon.com, Inc. [53.3382, -6.2591, 0.0000] 🌐 host host:64.67.249.9 bytes=148, city=Honesdale, country=US, ip=64.67.249.9, org=PenTeleData Inc. [41.5775, -75.2552, 0.0000] 🌐 host host:52.51.234.60 bytes=164, city=Dublin, country=IE, ip=52.51.234.60, org=Amazon.com, Inc. [53.3382, -6.2591, 0.0000] 🌐 host host:77.83.39.42 bytes=5,019, city=, country=UA, ip=77.83.39.42, org=Kprohost LLC [50.4522, 30.5287, 0.0000] 🌐 host host:43.173.132.82 bytes=6,477, city=Singapore, country=SG, ip=43.173.132.82, org=Tencent Building, Kejizhongyi Avenue [1.2939, 103.8461, 0.0000] 🌐 host host:51.224.218.166 bytes=164, city=Berlin, country=DE, ip=51.224.218.166, org=Amazon.com, Inc. [52.5196, 13.4069, 0.0000] 🌐 host host:44.249.3.1 bytes=164, city=Boardman, country=US, ip=44.249.3.1, org=Amazon.com, Inc. [45.8401, -119.7050, 0.0000] 🌐 host host:90.116.59.40 bytes=148, city=Vence, country=FR, ip=90.116.59.40, org=Orange [43.7216, 7.1180, 0.0000] 🌐 host host:92.118.39.235 bytes=6,390, city=, country=RO, ip=92.118.39.235, org=Unmanaged Ltd [45.9968, 24.9970, 0.0000] 🌐 host host:16.174.52.201 bytes=164, city=Calgary, country=CA, ip=16.174.52.201, org=Amazon.com, Inc. [51.0500, -114.0879, 0.0000] 🌐 host host:32.195.50.176 bytes=164, city=, country=US, ip=32.195.50.176, org= [37.7510, -97.8220, 0.0000] 🌐 host host:108.136.137.0 bytes=164, city=Jakarta, country=ID, ip=108.136.137.0, org=Amazon.com, Inc. [-6.2114, 106.8446, 0.0000] 🌐 host host:54.227.57.227 bytes=5,239, city=Ashburn, country=US, ip=54.227.57.227, org=Amazon.com, Inc. [39.0469, -77.4903, 0.0000] 🌐 host host:20.65.193.94 bytes=630, city=San Antonio, country=US, ip=20.65.193.94, org=Microsoft Corporation [29.4227, -98.4927, 0.0000] 🌐 host host:54.241.179.48 bytes=164, city=San Jose, country=US, ip=54.241.179.48, org=Amazon.com, Inc. [37.3388, -121.8916, 0.0000] 🌐 host host:221.206.225.58 bytes=148, city=, country=CN, ip=221.206.225.58, org=CHINA UNICOM China169 Backbone [34.7732, 113.7220, 0.0000] 🌐 host host:51.75.149.221 bytes=8,309, city=, country=FR, ip=51.75.149.221, org=OVH SAS [48.8582, 2.3387, 0.0000] 🌐 host host:176.65.144.135 bytes=220, city=, country=DE, ip=176.65.144.135, org=Dedik Services Limited [51.2993, 9.4910, 0.0000] 🌐 host host:176.32.193.16 bytes=1,277, city=, country=AM, ip=176.32.193.16, org=Ucom CJSC [40.2500, 45.0000, 0.0000] 🌐 host host:3.104.120.189 bytes=164, city=Sydney, country=AU, ip=3.104.120.189, org=Amazon.com, Inc. [-33.8672, 151.1997, 0.0000] 🌐 host host:34.236.245.217 bytes=164, city=Ashburn, country=US, ip=34.236.245.217, org=Amazon.com, Inc. [39.0469, -77.4903, 0.0000] 🌐 host host:108.136.220.138 bytes=164, city=Jakarta, country=ID, ip=108.136.220.138, org=Amazon.com, Inc. [-6.2114, 106.8446, 0.0000] 🌐 host host:18.237.240.13 bytes=164, city=Boardman, country=US, ip=18.237.240.13, org=Amazon.com, Inc. [45.8401, -119.7050, 0.0000] 🌐 host host:185.191.171.15 bytes=31,811, city=, country=GB, ip=185.191.171.15, org=SEMrush CY LTD [51.4964, -0.1224, 0.0000] 🌐 host host:13.229.125.1 bytes=164, city=Singapore, country=SG, ip=13.229.125.1, org=Amazon.com, Inc. [1.2939, 103.8461, 0.0000] 🌐 host host:92.118.39.197 bytes=172, city=, country=RO, ip=92.118.39.197, org=Unmanaged Ltd [45.9968, 24.9970, 0.0000] 🌐 host host:51.224.53.243 bytes=164, city=Berlin, country=DE, ip=51.224.53.243, org=Amazon.com, Inc. [52.5196, 13.4069, 0.0000] 🌐 host host:44.203.55.60 bytes=164, city=Ashburn, country=US, ip=44.203.55.60, org=Amazon.com, Inc. [39.0469, -77.4903, 0.0000] 🌐 host host:18.138.243.16 bytes=164, city=Singapore, country=SG, ip=18.138.243.16, org=Amazon.com, Inc. [1.2939, 103.8461, 0.0000] 🌐 host host:44.242.252.153 bytes=164, city=Boardman, country=US, ip=44.242.252.153, org=Amazon.com, Inc. [45.8401, -119.7050, 0.0000] 🌐 host host:15.188.52.238 bytes=142, city=Paris, country=FR, ip=15.188.52.238, org=Amazon.com, Inc. [48.8558, 2.3494, 0.0000] 🌐 host host:54.237.9.199 bytes=164, city=Ashburn, country=US, ip=54.237.9.199, org=Amazon.com, Inc. [39.0469, -77.4903, 0.0000] 🌐 host host:35.183.94.19 bytes=164, city=Montreal, country=CA, ip=35.183.94.19, org=Amazon.com, Inc. [45.4995, -73.5848, 0.0000] 🌐 host host:2.57.122.196 bytes=292, city=, country=RO, ip=2.57.122.196, org=Unmanaged Ltd [45.9968, 24.9970, 0.0000] 🌐 host host:54.226.218.70 bytes=164, city=Ashburn, country=US, ip=54.226.218.70, org=Amazon.com, Inc. [39.0469, -77.4903, 0.0000] 🌐 host host:52.167.144.25 bytes=162, city=Boydton, country=US, ip=52.167.144.25, org=Microsoft Corporation [36.6694, -78.3877, 0.0000] 🌐 host host:40.176.180.255 bytes=164, city=Calgary, country=CA, ip=40.176.180.255, org=Amazon.com, Inc. [51.0500, -114.0879, 0.0000] 🌐 host host:40.77.167.16 bytes=162, city=Boydton, country=US, ip=40.77.167.16, org=Microsoft Corporation [36.6694, -78.3877, 0.0000] 🌐 host host:108.131.123.151 bytes=164, city=Dublin, country=IE, ip=108.131.123.151, org=Amazon.com, Inc. [53.3382, -6.2591, 0.0000] 🌐 host host:82.86.130.0 bytes=148, city=Caracas, country=VE, ip=82.86.130.0, org=THUNDERNET, C.A. [10.4873, -66.8738, 0.0000] 🌐 host host:98.80.70.116 bytes=164, city=Ashburn, country=US, ip=98.80.70.116, org=Amazon.com, Inc. [39.0469, -77.4903, 0.0000] 🌐 host host:3.234.246.186 bytes=164, city=Ashburn, country=US, ip=3.234.246.186, org=Amazon.com, Inc. [39.0469, -77.4903, 0.0000] 🌐 host host:103.220.165.12 bytes=100, city=, country=CN, ip=103.220.165.12, org=China Unicom [34.7732, 113.7220, 0.0000] 🌐 host host:108.136.246.109 bytes=164, city=Jakarta, country=ID, ip=108.136.246.109, org=Amazon.com, Inc. [-6.2114, 106.8446, 0.0000] 🌐 host host:3.96.140.112 bytes=164, city=Montreal, country=CA, ip=3.96.140.112, org=Amazon.com, Inc. [45.4995, -73.5848, 0.0000] 🌐 host host:40.77.167.27 bytes=24,897, city=Boydton, country=US, ip=40.77.167.27, org=Microsoft Corporation [36.6694, -78.3877, 0.0000] 🌐 host host:51.224.52.77 bytes=164, city=Berlin, country=DE, ip=51.224.52.77, org=Amazon.com, Inc. [52.5196, 13.4069, 0.0000] 🌐 host host:108.136.231.22 bytes=164, city=Jakarta, country=ID, ip=108.136.231.22, org=Amazon.com, Inc. [-6.2114, 106.8446, 0.0000] 🌐 host host:95.215.0.144 bytes=1,126, city=, country=RU, ip=95.215.0.144, org=Petersburg Internet Network ltd. [55.7386, 37.6068, 0.0000] 🌐 host host:16.78.103.11 bytes=164, city=Jakarta, country=ID, ip=16.78.103.11, org=Amazon.com, Inc. [-6.2114, 106.8446, 0.0000] 🌐 host host:221.156.137.102 bytes=4,957, city=Haenam-gun, country=KR, ip=221.156.137.102, org=Korea Telecom [34.5711, 126.6010, 0.0000] 🌐 host host:178.23.161.163 bytes=108, city=, country=GB, ip=178.23.161.163, org=Roebuck Group Limited [51.4964, -0.1224, 0.0000] 🌐 host host:14.152.83.244 bytes=6,689, city=, country=CN, ip=14.152.83.244, org=CHINANET Guangdong province network [34.7732, 113.7220, 0.0000] 🌐 host host:20.168.120.150 bytes=186, city=Phoenix, country=US, ip=20.168.120.150, org=Microsoft Corporation [33.4532, -112.0748, 0.0000] 🌐 host host:3.106.231.97 bytes=164, city=Sydney, country=AU, ip=3.106.231.97, org=Amazon.com, Inc. [-33.8672, 151.1997, 0.0000] 🌐 host host:13.250.21.18 bytes=164, city=Singapore, country=SG, ip=13.250.21.18, org=Amazon.com, Inc. [1.2939, 103.8461, 0.0000] 🌐 host host:98.92.23.232 bytes=164, city=Ashburn, country=US, ip=98.92.23.232, org=Amazon.com, Inc. [39.0469, -77.4903, 0.0000] 🌐 host host:172.98.199.111 bytes=108, city=, country=US, ip=172.98.199.111, org=Centrilogic, Inc. [37.7510, -97.8220, 0.0000] 🌐 host host:43.173.132.115 bytes=1,248, city=Singapore, country=SG, ip=43.173.132.115, org=Tencent Building, Kejizhongyi Avenue [1.2939, 103.8461, 0.0000] 🌐 host host:54.215.156.188 bytes=164, city=San Jose, country=US, ip=54.215.156.188, org=Amazon.com, Inc. [37.3388, -121.8916, 0.0000] 🌐 host host:51.224.129.180 bytes=164, city=Berlin, country=DE, ip=51.224.129.180, org=Amazon.com, Inc. [52.5196, 13.4069, 0.0000] 🌐 host host:43.172.194.114 bytes=148, city=, country=SG, ip=43.172.194.114, org=Tencent Building, Kejizhongyi Avenue [1.3667, 103.8000, 0.0000] 🌐 host host:18.234.252.238 bytes=164, city=Ashburn, country=US, ip=18.234.252.238, org=Amazon.com, Inc. [39.0469, -77.4903, 0.0000] 🌐 host host:45.148.10.141 bytes=172, city=Amsterdam, country=NL, ip=45.148.10.141, org=Techoff Srv Limited [52.3759, 4.8975, 0.0000] 🌐 host host:91.208.162.73 bytes=2,144, city=, country=MD, ip=91.208.162.73, org=Alexhost Srl [47.0188, 28.8128, 0.0000] 🌐 host host:103.155.16.117 bytes=84, city=Singapore, country=SG, ip=103.155.16.117, org=Kaopu Cloud HK Limited [1.2939, 103.8461, 0.0000] 🌐 host host:51.224.123.234 bytes=164, city=Berlin, country=DE, ip=51.224.123.234, org=Amazon.com, Inc. [52.5196, 13.4069, 0.0000] 🌐 host host:102.69.167.14 bytes=228, city=, country=TZ, ip=102.69.167.14, org=Flashnet-Technologies-Limited [-6.8227, 39.2910, 0.0000] 🌐 host host:163.44.192.46 bytes=15,484, city=, country=VN, ip=163.44.192.46, org=GMO-Z.com Runsystem Joint Stock Company [16.1667, 107.8333, 0.0000] 🌐 host host:223.25.245.241 bytes=108, city=Kuala Lumpur, country=MY, ip=223.25.245.241, org=Gigabit Hosting Sdn Bhd [3.1399, 101.7009, 0.0000] 🌐 host host:3.90.73.206 bytes=239,942, city=Ashburn, country=US, ip=3.90.73.206, org=Amazon.com, Inc. [39.0469, -77.4903, 0.0000] 🌐 host host:108.137.71.172 bytes=164, city=Jakarta, country=ID, ip=108.137.71.172, org=Amazon.com, Inc. [-6.2114, 106.8446, 0.0000] 🌐 host host:3.220.15.173 bytes=1,353, city=Ashburn, country=US, ip=3.220.15.173, org=Amazon.com, Inc. [39.0469, -77.4903, 0.0000] 🌐 host host:5.61.209.107 bytes=1,321, city=, country=SC, ip=5.61.209.107, org=Amarutu Technology Ltd [-4.5833, 55.6667, 0.0000] 🌐 host host:16.79.76.70 bytes=164, city=Jakarta, country=ID, ip=16.79.76.70, org=Amazon.com, Inc. [-6.2114, 106.8446, 0.0000] 🌐 host host:15.135.73.27 bytes=164, city=Sydney, country=AU, ip=15.135.73.27, org=Amazon.com, Inc. [-33.8672, 151.1997, 0.0000] 🌐 host host:51.224.137.27 bytes=164, city=Berlin, country=DE, ip=51.224.137.27, org=Amazon.com, Inc. [52.5196, 13.4069, 0.0000] 🌐 host host:198.46.83.219 bytes=15,178, city=, country=US, ip=198.46.83.219, org=InMotion Hosting, Inc. [37.7510, -97.8220, 0.0000] 🌐 host host:15.223.242.221 bytes=164, city=Montreal, country=CA, ip=15.223.242.221, org=Amazon.com, Inc. [45.4995, -73.5848, 0.0000] 🌐 host host:193.32.162.145 bytes=262, city=, country=RO, ip=193.32.162.145, org=Unmanaged Ltd [45.9968, 24.9970, 0.0000] 🌐 host host:3.218.103.254 bytes=8,862, city=Ashburn, country=US, ip=3.218.103.254, org=Amazon.com, Inc. [39.0469, -77.4903, 0.0000] 🌐 host host:108.136.195.128 bytes=164, city=Jakarta, country=ID, ip=108.136.195.128, org=Amazon.com, Inc. [-6.2114, 106.8446, 0.0000] 🌐 host host:98.94.57.86 bytes=164, city=Ashburn, country=US, ip=98.94.57.86, org=Amazon.com, Inc. [39.0469, -77.4903, 0.0000] 🌐 host host:45.148.10.152 bytes=7,274, city=Amsterdam, country=NL, ip=45.148.10.152, org=Techoff Srv Limited [52.3759, 4.8975, 0.0000] 🌐 host host:43.173.187.143 bytes=6,416, city=Singapore, country=SG, ip=43.173.187.143, org=Tencent Building, Kejizhongyi Avenue [1.2939, 103.8461, 0.0000] 🌐 host host:18.144.72.27 bytes=164, city=San Jose, country=US, ip=18.144.72.27, org=Amazon.com, Inc. [37.3388, -121.8916, 0.0000] 🌐 host host:34.219.28.57 bytes=164, city=Boardman, country=US, ip=34.219.28.57, org=Amazon.com, Inc. [45.8401, -119.7050, 0.0000] 🌐 host host:172.234.197.23 bytes=164, city=Chicago, country=US, ip=172.234.197.23, org=Akamai Connected Cloud [41.8835, -87.6305, 0.0000] 🌐 host host:2.57.122.195 bytes=5,220, city=, country=RO, ip=2.57.122.195, org=Unmanaged Ltd [45.9968, 24.9970, 0.0000] 🌐 host host:54.164.23.84 bytes=164, city=Ashburn, country=US, ip=54.164.23.84, org=Amazon.com, Inc. [39.0469, -77.4903, 0.0000] 🌐 host host:3.143.162.210 bytes=697, city=Columbus, country=US, ip=3.143.162.210, org=Amazon.com, Inc. [39.9625, -83.0061, 0.0000] 🌐 host host:51.224.145.152 bytes=164, city=Berlin, country=DE, ip=51.224.145.152, org=Amazon.com, Inc. [52.5196, 13.4069, 0.0000] 🌐 host host:3.208.12.253 bytes=108, city=Ashburn, country=US, ip=3.208.12.253, org=Amazon.com, Inc. [39.0469, -77.4903, 0.0000] 🌐 host host:108.137.154.183 bytes=164, city=Jakarta, country=ID, ip=108.137.154.183, org=Amazon.com, Inc. [-6.2114, 106.8446, 0.0000] 🌐 host host:51.224.39.182 bytes=164, city=Berlin, country=DE, ip=51.224.39.182, org=Amazon.com, Inc. [52.5196, 13.4069, 0.0000] 🌐 host host:51.224.214.156 bytes=164, city=Berlin, country=DE, ip=51.224.214.156, org=Amazon.com, Inc. [52.5196, 13.4069, 0.0000] 🌐 host host:108.137.123.21 bytes=164, city=Jakarta, country=ID, ip=108.137.123.21, org=Amazon.com, Inc. [-6.2114, 106.8446, 0.0000] 🌐 host host:51.224.8.1 bytes=164, city=Berlin, country=DE, ip=51.224.8.1, org=Amazon.com, Inc. [52.5196, 13.4069, 0.0000] 🌐 host host:172.232.0.17 bytes=282, city=Chicago, country=US, ip=172.232.0.17, org=Akamai Connected Cloud [41.8835, -87.6305, 0.0000] 🌐 host host:43.218.39.46 bytes=164, city=Jakarta, country=ID, ip=43.218.39.46, org=Amazon.com, Inc. [-6.2114, 106.8446, 0.0000] 🌐 host host:13.216.252.177 bytes=164, city=Ashburn, country=US, ip=13.216.252.177, org=Amazon.com, Inc. [39.0469, -77.4903, 0.0000] 🌐 host host:185.125.188.57 bytes=36,871, city=, country=GB, ip=185.125.188.57, org=Canonical Group Limited [51.4964, -0.1224, 0.0000] 🌐 host host:52.167.144.238 bytes=162, city=Boydton, country=US, ip=52.167.144.238, org=Microsoft Corporation [36.6694, -78.3877, 0.0000] 🌐 host host:40.177.170.83 bytes=164, city=Calgary, country=CA, ip=40.177.170.83, org=Amazon.com, Inc. [51.0500, -114.0879, 0.0000] 🌐 host host:14.17.85.204 bytes=1,228, city=, country=CN, ip=14.17.85.204, org=CHINANET Guangdong province network [34.7732, 113.7220, 0.0000] 🌐 host host:54.183.164.11 bytes=164, city=San Jose, country=US, ip=54.183.164.11, org=Amazon.com, Inc. [37.3388, -121.8916, 0.0000] 🌐 host host:185.125.190.56 bytes=180, city=, country=GB, ip=185.125.190.56, org=Canonical Group Limited [51.4964, -0.1224, 0.0000] 🌐 host host:51.224.16.78 bytes=164, city=Berlin, country=DE, ip=51.224.16.78, org=Amazon.com, Inc. [52.5196, 13.4069, 0.0000] 🌐 host host:54.175.222.82 bytes=164, city=Ashburn, country=US, ip=54.175.222.82, org=Amazon.com, Inc. [39.0469, -77.4903, 0.0000] 🌐 host host:97.139.12.85 bytes=7,850, city=Houston, country=US, ip=97.139.12.85, org=Verizon Business [29.8119, -95.5207, 0.0000] 🌐 host host:34.220.135.241 bytes=164, city=Boardman, country=US, ip=34.220.135.241, org=Amazon.com, Inc. [45.8401, -119.7050, 0.0000] 🌐 http_host http_host:172-234-197-23.ip.linodeusercontent.com host=172-234-197-23.ip.linodeusercontent.com http_host http_host:172.234.197.23:80 host=172.234.197.23:80 org org:Alexhost Srl name=Alexhost Srl org org:Techoff Srv Limited name=Techoff Srv Limited org org:Flashnet-Technologies-Limited name=Flashnet-Technologies-Limited org org:Petersburg Internet Network ltd. name=Petersburg Internet Network ltd. org org:Gigabit Hosting Sdn Bhd name=Gigabit Hosting Sdn Bhd org org:Microsoft Corporation name=Microsoft Corporation org org:Kprohost LLC name=Kprohost LLC org org:Ucom CJSC name=Ucom CJSC org org:Korea Telecom name=Korea Telecom org org:OVH SAS name=OVH SAS org org:GMO-Z.com Runsystem Joint Stock Company name=GMO-Z.com Runsystem Joint Stock Company org org:Verizon Business name=Verizon Business org org:CHINA UNICOM China169 Backbone name=CHINA UNICOM China169 Backbone org org:Roebuck Group Limited name=Roebuck Group Limited org org:PenTeleData Inc. name=PenTeleData Inc. org org:Amarutu Technology Ltd name=Amarutu Technology Ltd org org:Kaopu Cloud HK Limited name=Kaopu Cloud HK Limited org org:Centrilogic, Inc. name=Centrilogic, Inc. org org:SEMrush CY LTD name=SEMrush CY LTD org org:Dedik Services Limited name=Dedik Services Limited org org:Amazon.com, Inc. name=Amazon.com, Inc. org org:Orange name=Orange org org:China Unicom name=China Unicom org org:Tencent Building, Kejizhongyi Avenue name=Tencent Building, Kejizhongyi Avenue org org:Rica Web Services name=Rica Web Services org org:CHINANET Guangdong province network name=CHINANET Guangdong province network org org:Canonical Group Limited name=Canonical Group Limited org org:InMotion Hosting, Inc. name=InMotion Hosting, Inc. org org:Unmanaged Ltd name=Unmanaged Ltd org org:THUNDERNET, C.A. name=THUNDERNET, C.A. org org:Akamai Connected Cloud name=Akamai Connected Cloud pcap_artifact PCAP:capture_20260505070001:d46e44b86a91 file_size=15,534, filename=capture_20260505070001.pcap, ingested_at=2026-05-05T14:51:28.924967+00:00 pcap_artifact PCAP:capture_20260505190001:a68bf0af3b16 file_size=72,787, filename=capture_20260505190001.pcap, ingested_at=2026-05-05T19:46:56.979749+00:00 pcap_artifact PCAP:capture_20260505100001:0afa64859e55 file_size=42,732, filename=capture_20260505100001.pcap, ingested_at=2026-05-05T14:51:33.691301+00:00 pcap_artifact PCAP:capture_20260505180001:aab19cafbf97 file_size=7,550, filename=capture_20260505180001.pcap, ingested_at=2026-05-05T19:46:55.312244+00:00 pcap_artifact PCAP:capture_20260505170001:ca2a90108bf2 file_size=39,107, filename=capture_20260505170001.pcap, ingested_at=2026-05-05T19:46:51.657479+00:00 pcap_artifact PCAP:capture_20260505040001:c68ba2795dc5 file_size=31,567, filename=capture_20260505040001.pcap, ingested_at=2026-05-05T14:51:21.671319+00:00 pcap_artifact PCAP:capture_20260505160001:6505a8988bcf file_size=4,477, filename=capture_20260505160001.pcap, ingested_at=2026-05-05T19:46:49.231993+00:00 pcap_artifact PCAP:capture_20260505080001:5463efd5fe26 file_size=8,534, filename=capture_20260505080001.pcap, ingested_at=2026-05-05T14:51:30.539197+00:00 pcap_artifact PCAP:capture_20260505050001:0fc1e088277c file_size=17,452, filename=capture_20260505050001.pcap, ingested_at=2026-05-05T14:51:24.314935+00:00 pcap_artifact PCAP:capture_20260505090001:ea2436abde7d file_size=2,841, filename=capture_20260505090001.pcap, ingested_at=2026-05-05T14:51:32.000700+00:00 pcap_artifact PCAP:capture_20260505150001:90690819257f file_size=10,557, filename=capture_20260505150001.pcap, ingested_at=2026-05-05T19:46:45.732046+00:00 pcap_artifact PCAP:capture_20260505120001:a76e4bb2d022 file_size=28,626, filename=capture_20260505120001.pcap, ingested_at=2026-05-05T14:51:37.934127+00:00 pcap_artifact PCAP:capture_20260505020001:067b836e5bc3 file_size=273,507, filename=capture_20260505020001.pcap, ingested_at=2026-05-05T14:51:15.712351+00:00 pcap_artifact PCAP:capture_20260505030001:d2373b68f2f5 file_size=2,759, filename=capture_20260505030001.pcap, ingested_at=2026-05-05T14:51:19.656221+00:00 pcap_artifact PCAP:capture_20260505060001:b302658bbfdf file_size=18,435, filename=capture_20260505060001.pcap, ingested_at=2026-05-05T14:51:25.555489+00:00 pcap_artifact PCAP:capture_20260505110001:22e0b6152bd2 file_size=2,931, filename=capture_20260505110001.pcap, ingested_at=2026-05-05T14:51:36.290969+00:00 pcap_artifact PCAP:capture_20260505140001:dd53632b8c6a file_size=4,684, filename=capture_20260505140001.pcap, ingested_at=2026-05-05T14:51:42.889513+00:00 pcap_artifact PCAP:capture_20260505130001:240b5e116134 file_size=10,725, filename=capture_20260505130001.pcap, ingested_at=2026-05-05T14:51:41.313341+00:00 port_hub port:udp:123 port=123, proto=udp port_hub port:tcp:5216 port=5,216, proto=tcp port_hub port:tcp:22 port=22, proto=tcp port_hub port:tcp:10780 port=10,780, proto=tcp port_hub port:tcp:44658 port=44,658, proto=tcp port_hub port:tcp:443 port=443, proto=tcp port_hub port:udp:53 port=53, proto=udp port_hub port:tcp:7012 port=7,012, proto=tcp port_hub port:udp:161 port=161, proto=udp port_hub port:tcp:80 port=80, proto=tcp port_hub port:tcp:21 port=21, proto=tcp port_hub port:tcp:39260 port=39,260, proto=tcp port_hub port:tcp:52018 port=52,018, proto=tcp port_hub port:tcp:23 port=23, proto=tcp port_hub port:tcp:9804 port=9,804, proto=tcp protocol_event pe:dns:SESSION-e8b84e125934745e event_type=DNS_EXCHANGE, query_count=2, session=SESSION-e8b84e125934745e protocol_event pe:tls:SESSION-51b92cc6a561b81c event_type=TLS_SESSION, packet_count=23, session=SESSION-51b92cc6a561b81c protocol_event pe:dns:SESSION-78559549ed9cd601 event_type=DNS_EXCHANGE, query_count=2, session=SESSION-78559549ed9cd601 protocol_event pe:dns:SESSION-1d2c12c54a6b8ee9 event_type=DNS_EXCHANGE, query_count=2, session=SESSION-1d2c12c54a6b8ee9 protocol_event pe:syn:SESSION-51b92cc6a561b81c count=2, event_type=TCP_SYN, session=SESSION-51b92cc6a561b81c protocol_event pe:dns:SESSION-402c59976f95ccac event_type=DNS_EXCHANGE, query_count=2, session=SESSION-402c59976f95ccac protocol_event pe:syn:SESSION-63111ebd98e3d381 count=2, event_type=TCP_SYN, session=SESSION-63111ebd98e3d381 protocol_event pe:rst:SESSION-2021040869dcdfdd count=1, event_type=TCP_RST, session=SESSION-2021040869dcdfdd protocol_event pe:dns:SESSION-130a446aad655720 event_type=DNS_EXCHANGE, query_count=2, session=SESSION-130a446aad655720 protocol_event pe:dns:SESSION-efccaa85823f0759 event_type=DNS_EXCHANGE, query_count=2, session=SESSION-efccaa85823f0759 protocol_event pe:dns:SESSION-e7bb0cf91212e19f event_type=DNS_EXCHANGE, query_count=2, session=SESSION-e7bb0cf91212e19f protocol_event pe:dns:SESSION-6809ae9f3f9de168 event_type=DNS_EXCHANGE, query_count=2, session=SESSION-6809ae9f3f9de168 protocol_event pe:syn:SESSION-b43027ed299d5e94 count=2, event_type=TCP_SYN, session=SESSION-b43027ed299d5e94 protocol_event pe:syn:SESSION-d9301b2feb39e9c2 count=2, event_type=TCP_SYN, session=SESSION-d9301b2feb39e9c2 protocol_event pe:syn:SESSION-4b55405f668ce999 count=3, event_type=TCP_SYN, session=SESSION-4b55405f668ce999 protocol_event pe:syn:SESSION-465f690015b6602c count=2, event_type=TCP_SYN, session=SESSION-465f690015b6602c protocol_event pe:dns:SESSION-b568c3afd6c80cc2 event_type=DNS_EXCHANGE, query_count=2, session=SESSION-b568c3afd6c80cc2 protocol_event pe:syn:SESSION-98342a2659e39b9d count=2, event_type=TCP_SYN, session=SESSION-98342a2659e39b9d protocol_event pe:dns:SESSION-4232e9525181ac54 event_type=DNS_EXCHANGE, query_count=2, session=SESSION-4232e9525181ac54 protocol_event pe:rst:SESSION-51b92cc6a561b81c count=2, event_type=TCP_RST, session=SESSION-51b92cc6a561b81c protocol_event pe:syn:SESSION-191d76488f4c196e count=2, event_type=TCP_SYN, session=SESSION-191d76488f4c196e protocol_event pe:syn:SESSION-56d5cf7074baf3bc count=2, event_type=TCP_SYN, session=SESSION-56d5cf7074baf3bc protocol_event pe:rst:SESSION-bc16ba907b8bbcb6 count=1, event_type=TCP_RST, session=SESSION-bc16ba907b8bbcb6 protocol_event pe:dns:SESSION-1e693ff8754b6a4b event_type=DNS_EXCHANGE, query_count=2, session=SESSION-1e693ff8754b6a4b protocol_event pe:rst:SESSION-98342a2659e39b9d count=2, event_type=TCP_RST, session=SESSION-98342a2659e39b9d protocol_event pe:dns:SESSION-2f184aa4f616a204 event_type=DNS_EXCHANGE, query_count=2, session=SESSION-2f184aa4f616a204 protocol_event pe:syn:SESSION-611c18e845c3945c count=2, event_type=TCP_SYN, session=SESSION-611c18e845c3945c protocol_event pe:dns:SESSION-131ee87a5c640c47 event_type=DNS_EXCHANGE, query_count=2, session=SESSION-131ee87a5c640c47 protocol_event pe:dns:SESSION-ac2fa7388db2f6bf event_type=DNS_EXCHANGE, query_count=2, session=SESSION-ac2fa7388db2f6bf protocol_event pe:dns:SESSION-5adc8934d941c10d event_type=DNS_EXCHANGE, query_count=2, session=SESSION-5adc8934d941c10d protocol_event pe:dns:SESSION-d1d3131167e5d8a7 event_type=DNS_EXCHANGE, query_count=2, session=SESSION-d1d3131167e5d8a7 protocol_event pe:syn:SESSION-112a52c8741e1f24 count=2, event_type=TCP_SYN, session=SESSION-112a52c8741e1f24 protocol_event pe:tls:SESSION-5d116249fba5ef1a event_type=TLS_SESSION, packet_count=27, session=SESSION-5d116249fba5ef1a protocol_event pe:syn:SESSION-ad1c4ddd91bc1148 count=2, event_type=TCP_SYN, session=SESSION-ad1c4ddd91bc1148 protocol_event pe:tls:SESSION-8946fc29c6b46f6d event_type=TLS_SESSION, packet_count=2, session=SESSION-8946fc29c6b46f6d protocol_event pe:dns:SESSION-caf3f25f6cd1d8cf event_type=DNS_EXCHANGE, query_count=2, session=SESSION-caf3f25f6cd1d8cf protocol_event pe:syn:SESSION-6161ce1063e366a2 count=2, event_type=TCP_SYN, session=SESSION-6161ce1063e366a2 protocol_event pe:syn:SESSION-0f3749824ac9c29c count=2, event_type=TCP_SYN, session=SESSION-0f3749824ac9c29c protocol_event pe:rst:SESSION-e141fc3b52ba9773 count=1, event_type=TCP_RST, session=SESSION-e141fc3b52ba9773 protocol_event pe:tls:SESSION-8ead85dcd9724179 event_type=TLS_SESSION, packet_count=22, session=SESSION-8ead85dcd9724179 protocol_event pe:rst:SESSION-465f690015b6602c count=6, event_type=TCP_RST, session=SESSION-465f690015b6602c protocol_event pe:dns:SESSION-93e42c11b9b89aaf event_type=DNS_EXCHANGE, query_count=2, session=SESSION-93e42c11b9b89aaf protocol_event pe:rst:SESSION-bded1de08c6daa39 count=1, event_type=TCP_RST, session=SESSION-bded1de08c6daa39 protocol_event pe:syn:SESSION-8a0948676ddea69b count=2, event_type=TCP_SYN, session=SESSION-8a0948676ddea69b protocol_event pe:tls:SESSION-98342a2659e39b9d event_type=TLS_SESSION, packet_count=4, session=SESSION-98342a2659e39b9d protocol_event pe:rst:SESSION-5b835c6ebb995a7d count=1, event_type=TCP_RST, session=SESSION-5b835c6ebb995a7d protocol_event pe:tls:SESSION-68a988002611253d event_type=TLS_SESSION, packet_count=4, session=SESSION-68a988002611253d protocol_event pe:syn:SESSION-9fa74c25b929bca8 count=2, event_type=TCP_SYN, session=SESSION-9fa74c25b929bca8 protocol_event pe:rst:SESSION-1b302403caa89fec count=2, event_type=TCP_RST, session=SESSION-1b302403caa89fec protocol_event pe:dns:SESSION-deeca4dda77866b3 event_type=DNS_EXCHANGE, query_count=2, session=SESSION-deeca4dda77866b3 protocol_event pe:dns:SESSION-b6b6a46eb2435b2c event_type=DNS_EXCHANGE, query_count=2, session=SESSION-b6b6a46eb2435b2c protocol_event pe:rst:SESSION-6161ce1063e366a2 count=1, event_type=TCP_RST, session=SESSION-6161ce1063e366a2 protocol_event pe:dns:SESSION-107f79b0182e896e event_type=DNS_EXCHANGE, query_count=2, session=SESSION-107f79b0182e896e protocol_event pe:dns:SESSION-9afa0bd447632398 event_type=DNS_EXCHANGE, query_count=2, session=SESSION-9afa0bd447632398 protocol_event pe:syn:SESSION-548e9314b3086ca9 count=2, event_type=TCP_SYN, session=SESSION-548e9314b3086ca9 protocol_event pe:syn:SESSION-46e00213b472fe9e count=2, event_type=TCP_SYN, session=SESSION-46e00213b472fe9e protocol_event pe:dns:SESSION-6692457516fa5526 event_type=DNS_EXCHANGE, query_count=2, session=SESSION-6692457516fa5526 protocol_event pe:dns:SESSION-dd448a4428bf165c event_type=DNS_EXCHANGE, query_count=2, session=SESSION-dd448a4428bf165c protocol_event pe:tls:SESSION-1b302403caa89fec event_type=TLS_SESSION, packet_count=22, session=SESSION-1b302403caa89fec protocol_event pe:syn:SESSION-d71c53edb899393c count=2, event_type=TCP_SYN, session=SESSION-d71c53edb899393c protocol_event pe:syn:SESSION-72c5bb311769f34b count=2, event_type=TCP_SYN, session=SESSION-72c5bb311769f34b protocol_event pe:syn:SESSION-3135be41546fd909 count=2, event_type=TCP_SYN, session=SESSION-3135be41546fd909 protocol_event pe:rst:SESSION-8b97840b2be2c63a count=3, event_type=TCP_RST, session=SESSION-8b97840b2be2c63a protocol_event pe:dns:SESSION-bf6c403a1523c050 event_type=DNS_EXCHANGE, query_count=2, session=SESSION-bf6c403a1523c050 protocol_event pe:tls:SESSION-9ade459513e3d982 event_type=TLS_SESSION, packet_count=3, session=SESSION-9ade459513e3d982 protocol_event pe:syn:SESSION-8aabcfb1a6ed4c81 count=2, event_type=TCP_SYN, session=SESSION-8aabcfb1a6ed4c81 protocol_event pe:dns:SESSION-3cb9fec0c3ece4aa event_type=DNS_EXCHANGE, query_count=2, session=SESSION-3cb9fec0c3ece4aa protocol_event pe:syn:SESSION-8ead85dcd9724179 count=2, event_type=TCP_SYN, session=SESSION-8ead85dcd9724179 protocol_event pe:tls:SESSION-0f3749824ac9c29c event_type=TLS_SESSION, packet_count=36, session=SESSION-0f3749824ac9c29c protocol_event pe:rst:SESSION-70f85f1f9f609263 count=2, event_type=TCP_RST, session=SESSION-70f85f1f9f609263 protocol_event pe:tls:SESSION-48ed044b56920c72 event_type=TLS_SESSION, packet_count=45, session=SESSION-48ed044b56920c72 protocol_event pe:rst:SESSION-0c918e04b6432491 count=2, event_type=TCP_RST, session=SESSION-0c918e04b6432491 protocol_event pe:tls:SESSION-d71c53edb899393c event_type=TLS_SESSION, packet_count=26, session=SESSION-d71c53edb899393c protocol_event pe:tls:SESSION-503ee5928994b704 event_type=TLS_SESSION, packet_count=3, session=SESSION-503ee5928994b704 protocol_event pe:dns:SESSION-61543d8dbebdc6d7 event_type=DNS_EXCHANGE, query_count=2, session=SESSION-61543d8dbebdc6d7 protocol_event pe:dns:SESSION-351bebcca5b56074 event_type=DNS_EXCHANGE, query_count=2, session=SESSION-351bebcca5b56074 protocol_event pe:syn:SESSION-e07d35bac2ad33a9 count=2, event_type=TCP_SYN, session=SESSION-e07d35bac2ad33a9 protocol_event pe:dns:SESSION-cef22d690e31564a event_type=DNS_EXCHANGE, query_count=2, session=SESSION-cef22d690e31564a protocol_event pe:syn:SESSION-68a988002611253d count=2, event_type=TCP_SYN, session=SESSION-68a988002611253d protocol_event pe:rst:SESSION-d71c53edb899393c count=3, event_type=TCP_RST, session=SESSION-d71c53edb899393c protocol_event pe:tls:SESSION-50c6d66a0af15d0e event_type=TLS_SESSION, packet_count=45, session=SESSION-50c6d66a0af15d0e protocol_event pe:syn:SESSION-f439a23db4014944 count=2, event_type=TCP_SYN, session=SESSION-f439a23db4014944 protocol_event pe:syn:SESSION-397b8da33a6c27f3 count=2, event_type=TCP_SYN, session=SESSION-397b8da33a6c27f3 protocol_event pe:tls:SESSION-70f85f1f9f609263 event_type=TLS_SESSION, packet_count=43, session=SESSION-70f85f1f9f609263 protocol_event pe:dns:SESSION-a31522683ce309bc event_type=DNS_EXCHANGE, query_count=2, session=SESSION-a31522683ce309bc protocol_event pe:syn:SESSION-bc16ba907b8bbcb6 count=2, event_type=TCP_SYN, session=SESSION-bc16ba907b8bbcb6 protocol_event pe:dns:SESSION-3b6cf36e237801e9 event_type=DNS_EXCHANGE, query_count=2, session=SESSION-3b6cf36e237801e9 protocol_event pe:syn:SESSION-27730b26534ba822 count=2, event_type=TCP_SYN, session=SESSION-27730b26534ba822 protocol_event pe:syn:SESSION-4cb056730b02c5bb count=2, event_type=TCP_SYN, session=SESSION-4cb056730b02c5bb protocol_event pe:syn:SESSION-1b302403caa89fec count=2, event_type=TCP_SYN, session=SESSION-1b302403caa89fec protocol_event pe:dns:SESSION-56879d86cd26b6ef event_type=DNS_EXCHANGE, query_count=2, session=SESSION-56879d86cd26b6ef protocol_event pe:dns:SESSION-1defc2388cac2cd2 event_type=DNS_EXCHANGE, query_count=2, session=SESSION-1defc2388cac2cd2 protocol_event pe:rst:SESSION-23e5b3a7fc499179 count=1, event_type=TCP_RST, session=SESSION-23e5b3a7fc499179 protocol_event pe:dns:SESSION-ba31b8d0bcea573c event_type=DNS_EXCHANGE, query_count=2, session=SESSION-ba31b8d0bcea573c protocol_event pe:syn:SESSION-57778c1262cf6bf7 count=2, event_type=TCP_SYN, session=SESSION-57778c1262cf6bf7 protocol_event pe:tls:SESSION-57778c1262cf6bf7 event_type=TLS_SESSION, packet_count=32, session=SESSION-57778c1262cf6bf7 protocol_event pe:syn:SESSION-979c324e14d478b9 count=2, event_type=TCP_SYN, session=SESSION-979c324e14d478b9 protocol_event pe:dns:SESSION-3a0ab566655bad9d event_type=DNS_EXCHANGE, query_count=2, session=SESSION-3a0ab566655bad9d protocol_event pe:tls:SESSION-8b97840b2be2c63a event_type=TLS_SESSION, packet_count=215, session=SESSION-8b97840b2be2c63a protocol_event pe:dns:SESSION-77b93124c5875168 event_type=DNS_EXCHANGE, query_count=2, session=SESSION-77b93124c5875168 protocol_event pe:dns:SESSION-6f371d3a9290449b event_type=DNS_EXCHANGE, query_count=2, session=SESSION-6f371d3a9290449b protocol_event pe:dns:SESSION-62076c76868b2a30 event_type=DNS_EXCHANGE, query_count=2, session=SESSION-62076c76868b2a30 protocol_event pe:dns:SESSION-a7c7f0449e4b7651 event_type=DNS_EXCHANGE, query_count=2, session=SESSION-a7c7f0449e4b7651 protocol_event pe:syn:SESSION-27c72543b60227ab count=2, event_type=TCP_SYN, session=SESSION-27c72543b60227ab protocol_event pe:tls:SESSION-9926ec2fae98e9c0 event_type=TLS_SESSION, packet_count=3, session=SESSION-9926ec2fae98e9c0 protocol_event pe:syn:SESSION-70f85f1f9f609263 count=2, event_type=TCP_SYN, session=SESSION-70f85f1f9f609263 protocol_event pe:tls:SESSION-6161ce1063e366a2 event_type=TLS_SESSION, packet_count=50, session=SESSION-6161ce1063e366a2 protocol_event pe:syn:SESSION-4561579556c17060 count=2, event_type=TCP_SYN, session=SESSION-4561579556c17060 protocol_event pe:dns:SESSION-13b1fe82d9169e1f event_type=DNS_EXCHANGE, query_count=2, session=SESSION-13b1fe82d9169e1f protocol_event pe:syn:SESSION-5b835c6ebb995a7d count=2, event_type=TCP_SYN, session=SESSION-5b835c6ebb995a7d protocol_event pe:rst:SESSION-68a988002611253d count=2, event_type=TCP_RST, session=SESSION-68a988002611253d protocol_event pe:dns:SESSION-1b628a0e5420bcdd event_type=DNS_EXCHANGE, query_count=2, session=SESSION-1b628a0e5420bcdd protocol_event pe:tls:SESSION-52ca69764e41f269 event_type=TLS_SESSION, packet_count=47, session=SESSION-52ca69764e41f269 protocol_event pe:tls:SESSION-15c7d6c96ae38709 event_type=TLS_SESSION, packet_count=10, session=SESSION-15c7d6c96ae38709 protocol_event pe:dns:SESSION-d4533a7174934c47 event_type=DNS_EXCHANGE, query_count=2, session=SESSION-d4533a7174934c47 protocol_event pe:syn:SESSION-90d5b2c6338c7815 count=2, event_type=TCP_SYN, session=SESSION-90d5b2c6338c7815 protocol_event pe:dns:SESSION-060979a79a050070 event_type=DNS_EXCHANGE, query_count=2, session=SESSION-060979a79a050070 protocol_event pe:syn:SESSION-8e771e83ba0229e5 count=2, event_type=TCP_SYN, session=SESSION-8e771e83ba0229e5 protocol_event pe:dns:SESSION-bf64150f37119f69 event_type=DNS_EXCHANGE, query_count=2, session=SESSION-bf64150f37119f69 protocol_event pe:dns:SESSION-74617fa0c31efafc event_type=DNS_EXCHANGE, query_count=2, session=SESSION-74617fa0c31efafc protocol_event pe:dns:SESSION-ade3dd550bd4e9f2 event_type=DNS_EXCHANGE, query_count=2, session=SESSION-ade3dd550bd4e9f2 protocol_event pe:syn:SESSION-5d116249fba5ef1a count=2, event_type=TCP_SYN, session=SESSION-5d116249fba5ef1a protocol_event pe:syn:SESSION-52ca69764e41f269 count=2, event_type=TCP_SYN, session=SESSION-52ca69764e41f269 protocol_event pe:syn:SESSION-8b97840b2be2c63a count=2, event_type=TCP_SYN, session=SESSION-8b97840b2be2c63a protocol_event pe:rst:SESSION-fe5bbf504191ff53 count=8, event_type=TCP_RST, session=SESSION-fe5bbf504191ff53 protocol_event pe:syn:SESSION-9a676d2d880584b3 count=2, event_type=TCP_SYN, session=SESSION-9a676d2d880584b3 protocol_event pe:tls:SESSION-f439a23db4014944 event_type=TLS_SESSION, packet_count=25, session=SESSION-f439a23db4014944 protocol_event pe:rst:SESSION-46e00213b472fe9e count=1, event_type=TCP_RST, session=SESSION-46e00213b472fe9e protocol_event pe:syn:SESSION-8946fc29c6b46f6d count=2, event_type=TCP_SYN, session=SESSION-8946fc29c6b46f6d protocol_event pe:syn:SESSION-c70914c01a4dbe00 count=2, event_type=TCP_SYN, session=SESSION-c70914c01a4dbe00 protocol_event pe:dns:SESSION-34c8aa9a9627cd8c event_type=DNS_EXCHANGE, query_count=2, session=SESSION-34c8aa9a9627cd8c protocol_event pe:rst:SESSION-1ab153b83d2eab1a count=2, event_type=TCP_RST, session=SESSION-1ab153b83d2eab1a protocol_event pe:rst:SESSION-a6e96bbd4b535e66 count=1, event_type=TCP_RST, session=SESSION-a6e96bbd4b535e66 protocol_event pe:tls:SESSION-4561579556c17060 event_type=TLS_SESSION, packet_count=23, session=SESSION-4561579556c17060 protocol_event pe:syn:SESSION-989e93673dd1c7a6 count=2, event_type=TCP_SYN, session=SESSION-989e93673dd1c7a6 service svc:http name=http service svc:https name=https service svc:ssh name=ssh service svc:dns name=dns session SESSION-bf0cece70f740446 dst_ip=172.234.197.23, duration_sec=0, end_time=1,778,000,404.693, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=44.203.55.60, start_time=1,778,000,404.693, tcp_flags=, time_bucket=1,778,000,400, total_bytes=164, window_sec=30 session SESSION-d31575fe565d4abe dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,989,604.273, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=108.136.220.138, start_time=1,777,989,604.273, tcp_flags=, time_bucket=1,777,989,600, total_bytes=164, window_sec=30 session SESSION-127b261c8003bb4e dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,989,608.104, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=103.155.16.117, start_time=1,777,989,608.104, tcp_flags=, time_bucket=1,777,989,600, total_bytes=84, window_sec=30 session SESSION-58df57d6c05e2900 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,950,035.531, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=18.237.240.13, start_time=1,777,950,035.531, tcp_flags=, time_bucket=1,777,950,030, total_bytes=164, window_sec=30 session SESSION-ba31b8d0bcea573c dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,777,996,801.471, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=47,441, start_time=1,777,996,801.47, tcp_flags=, time_bucket=1,777,996,800, total_bytes=313, window_sec=30 session SESSION-1defc2388cac2cd2 dst_ip=172.232.0.17, dst_port=53, duration_sec=0.01, end_time=1,777,975,201.618, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=54,065, start_time=1,777,975,201.613, tcp_flags=, time_bucket=1,777,975,200, total_bytes=282, window_sec=30 session SESSION-6f371d3a9290449b dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,778,007,613.866, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=54,737, start_time=1,778,007,613.865, tcp_flags=, time_bucket=1,778,007,600, total_bytes=282, window_sec=30 session SESSION-3135be41546fd909 dst_ip=172.234.197.23, dst_port=23, duration_sec=21.38, end_time=1,777,957,253.101, expected_protocol=telnet, packet_count=2, proto=TCP, protocol_anomaly_score=0.75, protocol_violations=tcp_syn_only,risk_port, protocols=TCP, src_ip=223.25.245.241, src_port=65,101, start_time=1,777,957,231.717, tcp_flags=S, time_bucket=1,777,957,230, total_bytes=108, window_sec=30 session SESSION-989e93673dd1c7a6 dst_ip=172.234.197.23, dst_port=80, duration_sec=1.67, end_time=1,778,000,454.061, expected_protocol=http, packet_count=10, proto=TCP, protocol_anomaly_score=0, protocol_violations=, protocols=TCP, src_ip=14.17.85.204, src_port=47,556, start_time=1,778,000,452.395, tcp_flags=F,S,P,A, time_bucket=1,778,000,430, total_bytes=1,228, window_sec=30 session SESSION-1095603b3aa14df8 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,968,008.93, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=103.155.16.117, start_time=1,777,968,008.929, tcp_flags=, time_bucket=1,777,968,000, total_bytes=84, window_sec=30 session SESSION-503ee5928994b704 dst_ip=172.234.197.23, dst_port=443, duration_sec=0.02, end_time=1,777,946,405.694, expected_protocol=https, packet_count=3, proto=TCP, protocol_anomaly_score=0.35, protocol_violations=missing_tls, protocols=TCP, src_ip=52.167.144.25, src_port=35,894, start_time=1,777,946,405.67, tcp_flags=F,A, time_bucket=1,777,946,400, total_bytes=162, window_sec=30 session SESSION-8aabcfb1a6ed4c81 dst_ip=172.234.197.23, dst_port=21, duration_sec=0.12, end_time=1,777,975,225.276, expected_protocol=ftp-ctrl, packet_count=9, proto=TCP, protocol_anomaly_score=0.1, protocol_violations=risk_port, protocols=TCP, src_ip=20.65.193.94, src_port=39,002, start_time=1,777,975,225.152, tcp_flags=F,S,P,A, time_bucket=1,777,975,200, total_bytes=630, window_sec=30 session SESSION-2021040869dcdfdd dst_ip=45.148.10.141, dst_port=10,780, duration_sec=0.11, end_time=1,777,950,042.324, expected_protocol=unregistered:10780, packet_count=2, proto=TCP, protocol_anomaly_score=0, protocol_violations=, protocols=TCP, src_ip=172.234.197.23, src_port=22, start_time=1,777,950,042.218, tcp_flags=F,R,A, time_bucket=1,777,950,030, total_bytes=120, window_sec=30 session SESSION-402c59976f95ccac dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,778,007,631.279, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=54,219, start_time=1,778,007,631.279, tcp_flags=, time_bucket=1,778,007,630, total_bytes=238, window_sec=30 session SESSION-77b93124c5875168 dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,777,968,001.99, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=36,629, start_time=1,777,968,001.989, tcp_flags=, time_bucket=1,777,968,000, total_bytes=313, window_sec=30 session SESSION-191d76488f4c196e dst_ip=172.234.197.23, dst_port=80, duration_sec=0.31, end_time=1,777,960,833.798, expected_protocol=http, packet_count=10, proto=TCP, protocol_anomaly_score=0, protocol_violations=, protocols=TCP, src_ip=176.32.193.16, src_port=51,498, start_time=1,777,960,833.484, tcp_flags=F,S,P,A, time_bucket=1,777,960,830, total_bytes=1,277, window_sec=30 session SESSION-f2f43512ce4c14ed dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,960,814.722, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=18.234.252.238, start_time=1,777,960,814.722, tcp_flags=, time_bucket=1,777,960,800, total_bytes=164, window_sec=30 session SESSION-0498ff25329732f2 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,989,605.036, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=35.183.94.19, start_time=1,777,989,605.036, tcp_flags=, time_bucket=1,777,989,600, total_bytes=164, window_sec=30 session SESSION-061c5d7701fcd16d dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,996,824.71, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=108.137.123.21, start_time=1,777,996,824.71, tcp_flags=, time_bucket=1,777,996,800, total_bytes=164, window_sec=30 session SESSION-aa62e4b4c4a55af9 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,975,207.722, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=103.155.16.117, start_time=1,777,975,207.722, tcp_flags=, time_bucket=1,777,975,200, total_bytes=84, window_sec=30 session SESSION-2033321e15534edb dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,989,614.007, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=15.135.73.27, start_time=1,777,989,614.007, tcp_flags=, time_bucket=1,777,989,600, total_bytes=164, window_sec=30 session SESSION-b9fd2ab104092b15 dst_ip=193.32.162.145, dst_port=52,018, duration_sec=2.84, end_time=1,777,978,848.483, expected_protocol=unregistered:52018, packet_count=3, proto=TCP, protocol_anomaly_score=0, protocol_violations=, protocols=TCP, src_ip=172.234.197.23, src_port=22, start_time=1,777,978,845.64, tcp_flags=F,P,A, time_bucket=1,777,978,830, total_bytes=262, window_sec=30 session SESSION-3820313968d4d6ce dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,989,604.461, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=3.96.140.112, start_time=1,777,989,604.461, tcp_flags=, time_bucket=1,777,989,600, total_bytes=164, window_sec=30 session SESSION-7fc0a71c681adeed dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,960,804.227, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=54.226.218.70, start_time=1,777,960,804.227, tcp_flags=, time_bucket=1,777,960,800, total_bytes=164, window_sec=30 session SESSION-e61b6efe4b200a74 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,989,645.757, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=51.224.52.77, start_time=1,777,989,645.757, tcp_flags=, time_bucket=1,777,989,630, total_bytes=164, window_sec=30 session SESSION-2b43b3e6a216d624 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,982,415.387, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=3.251.186.69, start_time=1,777,982,415.387, tcp_flags=, time_bucket=1,777,982,400, total_bytes=164, window_sec=30 session SESSION-107f79b0182e896e dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,777,953,603.382, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=58,552, start_time=1,777,953,603.382, tcp_flags=, time_bucket=1,777,953,600, total_bytes=282, window_sec=30 session SESSION-61a5fc231a349cb0 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,971,614.394, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=34.236.245.217, start_time=1,777,971,614.394, tcp_flags=, time_bucket=1,777,971,600, total_bytes=164, window_sec=30 session SESSION-2d50da4497affda3 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,946,423.722, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=40.176.180.255, start_time=1,777,946,423.722, tcp_flags=, time_bucket=1,777,946,400, total_bytes=164, window_sec=30 session SESSION-27c72543b60227ab dst_ip=172.234.197.23, dst_port=80, duration_sec=10.35, end_time=1,777,960,843.464, expected_protocol=http, packet_count=10, proto=TCP, protocol_anomaly_score=0, protocol_violations=, protocols=TCP, src_ip=95.215.0.144, src_port=49,400, start_time=1,777,960,833.113, tcp_flags=F,S,P,A, time_bucket=1,777,960,830, total_bytes=1,126, window_sec=30 session SESSION-ed1e912c8c4b23b2 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,975,228.455, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=18.144.72.27, start_time=1,777,975,228.455, tcp_flags=, time_bucket=1,777,975,200, total_bytes=164, window_sec=30 session SESSION-57457c1f3a91d689 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,946,424.343, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=16.174.52.201, start_time=1,777,946,424.343, tcp_flags=, time_bucket=1,777,946,400, total_bytes=164, window_sec=30 session SESSION-62076c76868b2a30 dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,777,971,601.766, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=36,807, start_time=1,777,971,601.765, tcp_flags=, time_bucket=1,777,971,600, total_bytes=313, window_sec=30 session SESSION-8946fc29c6b46f6d dst_ip=172.234.197.23, dst_port=443, duration_sec=0, end_time=1,778,000,459.927, expected_protocol=https, packet_count=2, proto=TCP, protocol_anomaly_score=0.35, protocol_violations=missing_tls, protocols=TCP, src_ip=43.172.194.114, src_port=53,474, start_time=1,778,000,459.927, tcp_flags=S,A, time_bucket=1,778,000,430, total_bytes=148, window_sec=30 session SESSION-72c5bb311769f34b dst_ip=172.234.197.23, dst_port=80, duration_sec=0.3, end_time=1,777,960,833.484, expected_protocol=http, packet_count=10, proto=TCP, protocol_anomaly_score=0.2, protocol_violations=missing_expected_dpi, protocols=TCP, src_ip=176.32.193.16, src_port=51,492, start_time=1,777,960,833.181, tcp_flags=F,S,P,A, time_bucket=1,777,960,830, total_bytes=2,456, window_sec=30 session SESSION-63111ebd98e3d381 dst_ip=172.234.197.23, dst_port=80, duration_sec=0.32, end_time=1,777,960,834.439, expected_protocol=http, packet_count=10, proto=TCP, protocol_anomaly_score=0, protocol_violations=, protocols=TCP, src_ip=176.32.193.16, src_port=51,524, start_time=1,777,960,834.122, tcp_flags=F,S,P,A, time_bucket=1,777,960,830, total_bytes=1,277, window_sec=30 session SESSION-dec6c651a66747be dst_ip=193.32.162.145, duration_sec=2.71, end_time=1,777,978,848.483, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=172.234.197.23, start_time=1,777,978,845.768, tcp_flags=, time_bucket=1,777,978,830, total_bytes=200, window_sec=30 session SESSION-ac2fa7388db2f6bf dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,778,007,601.842, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=47,184, start_time=1,778,007,601.84, tcp_flags=, time_bucket=1,778,007,600, total_bytes=282, window_sec=30 session SESSION-c77a971c95d4b988 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,982,404.907, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=178.23.161.163, start_time=1,777,982,404.907, tcp_flags=, time_bucket=1,777,982,400, total_bytes=108, window_sec=30 session SESSION-c28f30a8568677bd dst_ip=172.234.197.23, duration_sec=0, end_time=1,778,000,421.896, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=54.237.9.199, start_time=1,778,000,421.896, tcp_flags=, time_bucket=1,778,000,400, total_bytes=164, window_sec=30 session SESSION-d097d27b59e40ce0 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,978,814.944, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=34.219.28.57, start_time=1,777,978,814.944, tcp_flags=, time_bucket=1,777,978,800, total_bytes=164, window_sec=30 session SESSION-112a52c8741e1f24 dst_ip=172.234.197.23, dst_port=80, duration_sec=0.21, end_time=1,777,996,855.022, expected_protocol=http, packet_count=7, proto=TCP, protocol_anomaly_score=0, protocol_violations=, protocols=TCP, src_ip=5.61.209.107, src_port=49,978, start_time=1,777,996,854.814, tcp_flags=S,P,A, time_bucket=1,777,996,830, total_bytes=1,321, window_sec=30 session SESSION-90b1be10321455be dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,996,844.224, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=172.98.199.111, start_time=1,777,996,844.223, tcp_flags=, time_bucket=1,777,996,830, total_bytes=108, window_sec=30 session SESSION-05bdfdcf2ab1c7e8 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,982,415.54, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=52.51.234.60, start_time=1,777,982,415.54, tcp_flags=, time_bucket=1,777,982,400, total_bytes=164, window_sec=30 session SESSION-9ac8120baa6b4cb5 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,996,814.49, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=16.79.76.70, start_time=1,777,996,814.49, tcp_flags=, time_bucket=1,777,996,800, total_bytes=164, window_sec=30 session SESSION-0f3749824ac9c29c dst_ip=172.234.197.23, dst_port=443, duration_sec=3.88, end_time=1,777,957,206.001, expected_protocol=https, packet_count=36, proto=TCP, protocol_anomaly_score=0.35, protocol_violations=missing_tls, protocols=TCP, src_ip=163.44.192.46, src_port=35,156, start_time=1,777,957,202.117, tcp_flags=F,S,P,A, time_bucket=1,777,957,200, total_bytes=15,484, window_sec=30 session SESSION-351bebcca5b56074 dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,777,989,601.777, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=58,784, start_time=1,777,989,601.776, tcp_flags=, time_bucket=1,777,989,600, total_bytes=313, window_sec=30 session SESSION-93e42c11b9b89aaf dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,777,993,201.654, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=53,466, start_time=1,777,993,201.653, tcp_flags=, time_bucket=1,777,993,200, total_bytes=282, window_sec=30 session SESSION-a6e96bbd4b535e66 dst_ip=92.118.39.197, dst_port=44,658, duration_sec=0.17, end_time=1,777,953,627.253, expected_protocol=unregistered:44658, packet_count=2, proto=TCP, protocol_anomaly_score=0, protocol_violations=, protocols=TCP, src_ip=172.234.197.23, src_port=22, start_time=1,777,953,627.08, tcp_flags=P,R,A, time_bucket=1,777,953,600, total_bytes=172, window_sec=30 session SESSION-e141fc3b52ba9773 dst_ip=45.148.10.152, dst_port=5,216, duration_sec=0.11, end_time=1,777,982,404.657, expected_protocol=unregistered:5216, packet_count=2, proto=TCP, protocol_anomaly_score=0, protocol_violations=, protocols=TCP, src_ip=172.234.197.23, src_port=22, start_time=1,777,982,404.552, tcp_flags=P,R,A, time_bucket=1,777,982,400, total_bytes=172, window_sec=30 session SESSION-56879d86cd26b6ef dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,778,000,401.243, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=54,551, start_time=1,778,000,401.241, tcp_flags=, time_bucket=1,778,000,400, total_bytes=313, window_sec=30 session SESSION-8cba4d8c2dc8cc78 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,989,645.644, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=51.224.17.95, start_time=1,777,989,645.644, tcp_flags=, time_bucket=1,777,989,630, total_bytes=164, window_sec=30 session SESSION-a6d1a441427f8628 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,960,808.151, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=103.155.16.117, start_time=1,777,960,808.151, tcp_flags=, time_bucket=1,777,960,800, total_bytes=84, window_sec=30 session SESSION-bded1de08c6daa39 dst_ip=45.148.10.152, dst_port=5,216, duration_sec=0.11, end_time=1,777,982,446.129, expected_protocol=unregistered:5216, packet_count=2, proto=TCP, protocol_anomaly_score=0, protocol_violations=, protocols=TCP, src_ip=172.234.197.23, src_port=22, start_time=1,777,982,446.024, tcp_flags=P,R,A, time_bucket=1,777,982,430, total_bytes=172, window_sec=30 session SESSION-0c918e04b6432491 dst_ip=45.148.10.152, dst_port=9,804, duration_sec=10.35, end_time=1,777,946,443.315, expected_protocol=unregistered:9804, packet_count=4, proto=TCP, protocol_anomaly_score=0, protocol_violations=, protocols=TCP, src_ip=172.234.197.23, src_port=22, start_time=1,777,946,432.968, tcp_flags=P,R,A, time_bucket=1,777,946,430, total_bytes=344, window_sec=30 session SESSION-8a0948676ddea69b dst_ip=172.234.197.23, dst_port=22, duration_sec=3.56, end_time=1,777,964,443.325, expected_protocol=ssh, packet_count=25, proto=TCP, protocol_anomaly_score=0, protocol_violations=, protocols=TCP, src_ip=45.148.10.121, src_port=57,644, start_time=1,777,964,439.769, tcp_flags=F,S,P,A, time_bucket=1,777,964,430, total_bytes=5,821, window_sec=30 session SESSION-9a676d2d880584b3 dst_ip=172.234.197.23, dst_port=80, duration_sec=0.32, end_time=1,777,960,834.122, expected_protocol=http, packet_count=10, proto=TCP, protocol_anomaly_score=0.2, protocol_violations=missing_expected_dpi, protocols=TCP, src_ip=176.32.193.16, src_port=51,510, start_time=1,777,960,833.803, tcp_flags=F,S,P,A, time_bucket=1,777,960,830, total_bytes=2,456, window_sec=30 session SESSION-9afa0bd447632398 dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,777,953,601.533, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=38,850, start_time=1,777,953,601.531, tcp_flags=, time_bucket=1,777,953,600, total_bytes=313, window_sec=30 session SESSION-e3c6dfcfc9e8d03b dst_ip=45.148.10.152, duration_sec=5.08, end_time=1,777,946,427.699, expected_protocol=unregistered:0, packet_count=6, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=172.234.197.23, start_time=1,777,946,422.622, tcp_flags=, time_bucket=1,777,946,400, total_bytes=504, window_sec=30 session SESSION-c839aa3bca1a3481 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,975,204.73, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=3.101.144.161, start_time=1,777,975,204.73, tcp_flags=, time_bucket=1,777,975,200, total_bytes=164, window_sec=30 session SESSION-b0bace154ed8e7e1 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,993,249.075, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=103.220.165.12, start_time=1,777,993,249.074, tcp_flags=, time_bucket=1,777,993,230, total_bytes=100, window_sec=30 session SESSION-6f591a82d04e2f23 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,993,214.433, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=108.137.154.183, start_time=1,777,993,214.433, tcp_flags=, time_bucket=1,777,993,200, total_bytes=164, window_sec=30 session SESSION-4561579556c17060 dst_ip=172.234.197.23, dst_port=443, duration_sec=0.96, end_time=1,778,000,452.291, expected_protocol=https, packet_count=23, proto=TCP, protocol_anomaly_score=0, protocol_violations=, protocols=TCP, src_ip=43.173.132.82, src_port=15,864, start_time=1,778,000,451.333, tcp_flags=S,P,A, time_bucket=1,778,000,430, total_bytes=6,477, window_sec=30 session SESSION-51b92cc6a561b81c dst_ip=172.234.197.23, dst_port=443, duration_sec=0.17, end_time=1,777,993,202.246, expected_protocol=https, packet_count=23, proto=TCP, protocol_anomaly_score=0, protocol_violations=, protocols=TCP, src_ip=54.227.57.227, src_port=37,869, start_time=1,777,993,202.079, tcp_flags=P,A,F,S,R, time_bucket=1,777,993,200, total_bytes=5,239, window_sec=30 session SESSION-4e95e7fae8b1b86f dst_ip=45.148.10.147, duration_sec=20.48, end_time=1,777,986,057.263, expected_protocol=unregistered:0, packet_count=8, proto=ICMP, protocol_anomaly_score=0.4, protocol_violations=constant_size_c2, protocols=ICMP, src_ip=172.234.197.23, start_time=1,777,986,036.782, tcp_flags=, time_bucket=1,777,986,030, total_bytes=668, window_sec=30 session SESSION-28f120320728a3d1 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,950,008.824, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=34.220.135.241, start_time=1,777,950,008.824, tcp_flags=, time_bucket=1,777,950,000, total_bytes=164, window_sec=30 session SESSION-ad1c4ddd91bc1148 dst_ip=172.234.197.23, dst_port=80, duration_sec=0.03, end_time=1,777,993,202.077, expected_protocol=http, packet_count=10, proto=TCP, protocol_anomaly_score=0, protocol_violations=, protocols=TCP, src_ip=3.220.15.173, src_port=34,012, start_time=1,777,993,202.044, tcp_flags=F,S,P,A, time_bucket=1,777,993,200, total_bytes=1,353, window_sec=30 session SESSION-b568c3afd6c80cc2 dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,777,946,402.041, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=45,934, start_time=1,777,946,402.041, tcp_flags=, time_bucket=1,777,946,400, total_bytes=282, window_sec=30 session SESSION-a74e44c20494fb3b dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,993,231.805, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=51.224.16.78, start_time=1,777,993,231.805, tcp_flags=, time_bucket=1,777,993,230, total_bytes=164, window_sec=30 session SESSION-5d116249fba5ef1a dst_ip=172.234.197.23, dst_port=443, duration_sec=0.87, end_time=1,778,000,450.827, expected_protocol=https, packet_count=27, proto=TCP, protocol_anomaly_score=0.35, protocol_violations=missing_tls, protocols=TCP, src_ip=14.152.83.244, src_port=4,568, start_time=1,778,000,449.952, tcp_flags=S,P,A, time_bucket=1,778,000,430, total_bytes=6,689, window_sec=30 session SESSION-4438addf6227fee0 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,978,808.801, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=35.94.23.128, start_time=1,777,978,808.801, tcp_flags=, time_bucket=1,777,978,800, total_bytes=164, window_sec=30 session SESSION-bf64150f37119f69 dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,777,982,455.565, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=54,637, start_time=1,777,982,455.564, tcp_flags=, time_bucket=1,777,982,430, total_bytes=282, window_sec=30 session SESSION-1e3d17faf58f794a dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,950,028.72, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=35.94.23.128, start_time=1,777,950,028.72, tcp_flags=, time_bucket=1,777,950,000, total_bytes=164, window_sec=30 session SESSION-646f3d4a14565942 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,989,634.247, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=3.106.231.97, start_time=1,777,989,634.247, tcp_flags=, time_bucket=1,777,989,630, total_bytes=164, window_sec=30 session SESSION-c260bd1d3b6a172d dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,993,231.814, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=51.224.123.234, start_time=1,777,993,231.814, tcp_flags=, time_bucket=1,777,993,230, total_bytes=164, window_sec=30 session SESSION-4b55405f668ce999 dst_ip=172.234.197.23, dst_port=23, duration_sec=9.23, end_time=1,777,953,650.56, expected_protocol=telnet, packet_count=3, proto=TCP, protocol_anomaly_score=0.75, protocol_violations=tcp_syn_only,risk_port, protocols=TCP, src_ip=223.25.245.241, src_port=65,101, start_time=1,777,953,641.334, tcp_flags=S, time_bucket=1,777,953,630, total_bytes=162, window_sec=30 session SESSION-bf6c403a1523c050 dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,777,968,022.469, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=54,109, start_time=1,777,968,022.469, tcp_flags=, time_bucket=1,777,968,000, total_bytes=282, window_sec=30 session SESSION-4d8ee5a4e3d2c6cb dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,996,803.214, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=108.137.71.172, start_time=1,777,996,803.214, tcp_flags=, time_bucket=1,777,996,800, total_bytes=164, window_sec=30 session SESSION-060979a79a050070 dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,777,964,402.037, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=59,996, start_time=1,777,964,402.037, tcp_flags=, time_bucket=1,777,964,400, total_bytes=282, window_sec=30 session SESSION-dd448a4428bf165c dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,777,953,608.48, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=54,063, start_time=1,777,953,608.476, tcp_flags=, time_bucket=1,777,953,600, total_bytes=282, window_sec=30 session SESSION-9fa74c25b929bca8 dst_ip=172.234.197.23, dst_port=23, duration_sec=15.17, end_time=1,777,950,059.899, expected_protocol=telnet, packet_count=2, proto=TCP, protocol_anomaly_score=0.75, protocol_violations=tcp_syn_only,risk_port, protocols=TCP, src_ip=223.25.245.241, src_port=65,101, start_time=1,777,950,044.728, tcp_flags=S, time_bucket=1,777,950,030, total_bytes=108, window_sec=30 session SESSION-979c324e14d478b9 dst_ip=172.234.197.23, dst_port=22, duration_sec=13.97, end_time=1,777,982,459.984, expected_protocol=ssh, packet_count=43, proto=TCP, protocol_anomaly_score=0, protocol_violations=, protocols=TCP, src_ip=193.32.162.145, src_port=43,638, start_time=1,777,982,446.013, tcp_flags=F,S,P,A, time_bucket=1,777,982,430, total_bytes=6,545, window_sec=30 session SESSION-875c1cab19c3d13a dst_ip=185.125.190.56, dst_port=123, duration_sec=0.09, end_time=1,777,953,658.049, expected_protocol=ntp, packet_count=2, proto=UDP, protocol_anomaly_score=0.5, protocol_violations=oversized_ntp, protocols=UDP, src_ip=172.234.197.23, src_port=47,973, start_time=1,777,953,657.963, tcp_flags=, time_bucket=1,777,953,630, total_bytes=180, window_sec=30 session SESSION-3a0ab566655bad9d dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,777,953,601.53, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=55,276, start_time=1,777,953,601.53, tcp_flags=, time_bucket=1,777,953,600, total_bytes=282, window_sec=30 session SESSION-90a018f42a197b8f dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,982,457.409, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=221.206.225.58, start_time=1,777,982,457.409, tcp_flags=, time_bucket=1,777,982,430, total_bytes=148, window_sec=30 session SESSION-bc16ba907b8bbcb6 dst_ip=172.234.197.23, dst_port=80, duration_sec=0.05, end_time=1,777,975,219.17, expected_protocol=http, packet_count=3, proto=TCP, protocol_anomaly_score=0, protocol_violations=, protocols=TCP, src_ip=20.168.120.150, src_port=53,339, start_time=1,777,975,219.121, tcp_flags=S,R,A, time_bucket=1,777,975,200, total_bytes=186, window_sec=30 session SESSION-1b302403caa89fec dst_ip=172.234.197.23, dst_port=443, duration_sec=0.48, end_time=1,777,975,256.357, expected_protocol=https, packet_count=22, proto=TCP, protocol_anomaly_score=0.35, protocol_violations=missing_tls, protocols=TCP, src_ip=77.83.39.42, src_port=60,528, start_time=1,777,975,255.88, tcp_flags=P,A,F,S,R, time_bucket=1,777,975,230, total_bytes=5,019, window_sec=30 session SESSION-f439a23db4014944 dst_ip=172.234.197.23, dst_port=443, duration_sec=0.91, end_time=1,778,000,453.897, expected_protocol=https, packet_count=25, proto=TCP, protocol_anomaly_score=0.35, protocol_violations=missing_tls, protocols=TCP, src_ip=14.17.85.204, src_port=17,920, start_time=1,778,000,452.982, tcp_flags=S,P,A, time_bucket=1,778,000,430, total_bytes=6,622, window_sec=30 session SESSION-68a988002611253d dst_ip=172.234.197.23, dst_port=443, duration_sec=0.11, end_time=1,777,989,634.525, expected_protocol=https, packet_count=4, proto=TCP, protocol_anomaly_score=0.35, protocol_violations=missing_tls, protocols=TCP, src_ip=176.65.144.135, src_port=48,777, start_time=1,777,989,634.412, tcp_flags=S,R,A, time_bucket=1,777,989,630, total_bytes=220, window_sec=30 session SESSION-3b6cf36e237801e9 dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,777,946,402.043, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=42,891, start_time=1,777,946,402.042, tcp_flags=, time_bucket=1,777,946,400, total_bytes=313, window_sec=30 session SESSION-2defdff48f63b22c dst_ip=172.234.197.23, duration_sec=0, end_time=1,778,000,415.036, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=13.216.252.177, start_time=1,778,000,415.036, tcp_flags=, time_bucket=1,778,000,400, total_bytes=164, window_sec=30 session SESSION-89000dcfeb876779 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,989,603.949, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=43.218.39.46, start_time=1,777,989,603.949, tcp_flags=, time_bucket=1,777,989,600, total_bytes=164, window_sec=30 session SESSION-23e5b3a7fc499179 dst_ip=45.148.10.141, dst_port=10,780, duration_sec=0.11, end_time=1,777,950,018.098, expected_protocol=unregistered:10780, packet_count=2, proto=TCP, protocol_anomaly_score=0, protocol_violations=, protocols=TCP, src_ip=172.234.197.23, src_port=22, start_time=1,777,950,017.992, tcp_flags=P,R,A, time_bucket=1,777,950,000, total_bytes=172, window_sec=30 session SESSION-9c2035d5cf324c6c dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,950,004.635, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=44.249.3.1, start_time=1,777,950,004.635, tcp_flags=, time_bucket=1,777,950,000, total_bytes=164, window_sec=30 session SESSION-e07d35bac2ad33a9 dst_ip=172.234.197.23, dst_port=80, duration_sec=0.4, end_time=1,778,000,451.249, expected_protocol=http, packet_count=10, proto=TCP, protocol_anomaly_score=0, protocol_violations=, protocols=TCP, src_ip=43.173.132.115, src_port=36,068, start_time=1,778,000,450.847, tcp_flags=F,S,P,A, time_bucket=1,778,000,430, total_bytes=1,248, window_sec=30 session SESSION-98342a2659e39b9d dst_ip=172.234.197.23, dst_port=443, duration_sec=0.24, end_time=1,777,993,214.403, expected_protocol=https, packet_count=4, proto=TCP, protocol_anomaly_score=0.35, protocol_violations=missing_tls, protocols=TCP, src_ip=102.69.167.14, src_port=52,811, start_time=1,777,993,214.167, tcp_flags=S,R,A, time_bucket=1,777,993,200, total_bytes=228, window_sec=30 session SESSION-d71c53edb899393c dst_ip=172.234.197.23, dst_port=443, duration_sec=0.15, end_time=1,777,953,650.782, expected_protocol=https, packet_count=26, proto=TCP, protocol_anomaly_score=0, protocol_violations=, protocols=TCP, src_ip=3.218.103.254, src_port=24,950, start_time=1,777,953,650.628, tcp_flags=P,A,F,S,R, time_bucket=1,777,953,630, total_bytes=8,862, window_sec=30 session SESSION-c70914c01a4dbe00 dst_ip=172.234.197.23, dst_port=22, duration_sec=4.19, end_time=1,778,004,053.087, expected_protocol=ssh, packet_count=25, proto=TCP, protocol_anomaly_score=0, protocol_violations=, protocols=TCP, src_ip=221.156.137.102, src_port=34,634, start_time=1,778,004,048.892, tcp_flags=F,S,P,A, time_bucket=1,778,004,030, total_bytes=4,957, window_sec=30 session SESSION-0ef20795a6ca0fb9 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,971,623.86, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=98.94.57.86, start_time=1,777,971,623.86, tcp_flags=, time_bucket=1,777,971,600, total_bytes=164, window_sec=30 session SESSION-8ead85dcd9724179 dst_ip=172.234.197.23, dst_port=443, duration_sec=0.99, end_time=1,778,000,449.709, expected_protocol=https, packet_count=22, proto=TCP, protocol_anomaly_score=0, protocol_violations=, protocols=TCP, src_ip=43.173.187.143, src_port=3,855, start_time=1,778,000,448.717, tcp_flags=S,P,A, time_bucket=1,778,000,430, total_bytes=6,416, window_sec=30 session SESSION-6692457516fa5526 dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,777,957,201.238, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=32,997, start_time=1,777,957,201.238, tcp_flags=, time_bucket=1,777,957,200, total_bytes=282, window_sec=30 session SESSION-50c6d66a0af15d0e dst_ip=172.234.197.23, dst_port=443, duration_sec=24.18, end_time=1,777,953,658.495, expected_protocol=https, packet_count=45, proto=TCP, protocol_anomaly_score=0.35, protocol_violations=missing_tls, protocols=TCP, src_ip=97.139.12.85, src_port=54,445, start_time=1,777,953,634.311, tcp_flags=P,A, time_bucket=1,777,953,630, total_bytes=7,850, window_sec=30 session SESSION-131ee87a5c640c47 dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,777,968,022.467, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=60,024, start_time=1,777,968,022.467, tcp_flags=, time_bucket=1,777,968,000, total_bytes=282, window_sec=30 session SESSION-d1099e585fa36f54 dst_ip=172.234.197.23, duration_sec=0, end_time=1,778,000,435.153, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=3.234.246.186, start_time=1,778,000,435.153, tcp_flags=, time_bucket=1,778,000,430, total_bytes=164, window_sec=30 session SESSION-350ead9028071be5 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,946,427.344, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=51.224.137.27, start_time=1,777,946,427.344, tcp_flags=, time_bucket=1,777,946,400, total_bytes=164, window_sec=30 session SESSION-61543d8dbebdc6d7 dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,777,978,801.415, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=51,218, start_time=1,777,978,801.413, tcp_flags=, time_bucket=1,777,978,800, total_bytes=282, window_sec=30 session SESSION-46e00213b472fe9e dst_ip=172.234.197.23, dst_port=22, duration_sec=13.93, end_time=1,777,964,422.288, expected_protocol=ssh, packet_count=36, proto=TCP, protocol_anomaly_score=0, protocol_violations=, protocols=TCP, src_ip=92.118.39.235, src_port=63,364, start_time=1,777,964,408.363, tcp_flags=S,P,R,A, time_bucket=1,777,964,400, total_bytes=6,390, window_sec=30 session SESSION-b1bdedd7fe5eb84a dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,989,603.773, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=108.136.137.0, start_time=1,777,989,603.773, tcp_flags=, time_bucket=1,777,989,600, total_bytes=164, window_sec=30 session SESSION-7304341864ad48aa dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,989,615.106, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=3.104.120.189, start_time=1,777,989,615.106, tcp_flags=, time_bucket=1,777,989,600, total_bytes=164, window_sec=30 session SESSION-a31522683ce309bc dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,777,986,001.986, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=33,896, start_time=1,777,986,001.985, tcp_flags=, time_bucket=1,777,986,000, total_bytes=313, window_sec=30 session SESSION-8c4d2ca278b8fb92 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,960,850.337, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=3.208.12.253, start_time=1,777,960,850.337, tcp_flags=, time_bucket=1,777,960,830, total_bytes=108, window_sec=30 session SESSION-3cb9fec0c3ece4aa dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,777,968,001.988, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=48,596, start_time=1,777,968,001.987, tcp_flags=, time_bucket=1,777,968,000, total_bytes=282, window_sec=30 session SESSION-4d83414e8bebcdc6 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,975,204.109, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=54.241.179.48, start_time=1,777,975,204.109, tcp_flags=, time_bucket=1,777,975,200, total_bytes=164, window_sec=30 session SESSION-b43027ed299d5e94 dst_ip=172.234.197.23, dst_port=22, duration_sec=0.92, end_time=1,778,007,635.972, expected_protocol=ssh, packet_count=25, proto=TCP, protocol_anomaly_score=0, protocol_violations=, protocols=TCP, src_ip=45.148.10.121, src_port=47,328, start_time=1,778,007,635.049, tcp_flags=F,S,P,A, time_bucket=1,778,007,630, total_bytes=5,981, window_sec=30 session SESSION-1d2c12c54a6b8ee9 dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,778,007,631.278, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=36,811, start_time=1,778,007,631.277, tcp_flags=, time_bucket=1,778,007,630, total_bytes=286, window_sec=30 session SESSION-e437667b37d516f6 dst_ip=172.234.197.23, duration_sec=0, end_time=1,778,000,404.911, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=54.226.218.70, start_time=1,778,000,404.911, tcp_flags=, time_bucket=1,778,000,400, total_bytes=164, window_sec=30 session SESSION-d4533a7174934c47 dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,778,000,401.24, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=35,286, start_time=1,778,000,401.239, tcp_flags=, time_bucket=1,778,000,400, total_bytes=282, window_sec=30 session SESSION-11c263cc995487fb dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,946,408.41, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=103.155.16.117, start_time=1,777,946,408.41, tcp_flags=, time_bucket=1,777,946,400, total_bytes=84, window_sec=30 session SESSION-ade3dd550bd4e9f2 dst_ip=172.232.0.17, dst_port=53, duration_sec=0.01, end_time=1,777,960,801.338, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=36,391, start_time=1,777,960,801.333, tcp_flags=, time_bucket=1,777,960,800, total_bytes=313, window_sec=30 session SESSION-d32f4151344dedfe dst_ip=172.234.197.23, dst_port=22, duration_sec=0.6, end_time=1,777,953,602.226, expected_protocol=ssh, packet_count=10, proto=TCP, protocol_anomaly_score=0, protocol_violations=, protocols=TCP, src_ip=91.208.162.73, src_port=36,182, start_time=1,777,953,601.629, tcp_flags=F,P,A, time_bucket=1,777,953,600, total_bytes=2,144, window_sec=30 session SESSION-611c18e845c3945c dst_ip=172.234.197.23, dst_port=22, duration_sec=7.18, end_time=1,777,986,026.217, expected_protocol=ssh, packet_count=28, proto=TCP, protocol_anomaly_score=0, protocol_violations=, protocols=TCP, src_ip=45.148.10.147, src_port=7,012, start_time=1,777,986,019.034, tcp_flags=S,P,A, time_bucket=1,777,986,000, total_bytes=5,562, window_sec=30 session SESSION-8bf36fc000fb49e9 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,989,604.05, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=15.223.242.221, start_time=1,777,989,604.05, tcp_flags=, time_bucket=1,777,989,600, total_bytes=164, window_sec=30 session SESSION-397b8da33a6c27f3 dst_ip=172.234.197.23, dst_port=22, duration_sec=0.46, end_time=1,777,946,459.176, expected_protocol=ssh, packet_count=33, proto=TCP, protocol_anomaly_score=0, protocol_violations=, protocols=TCP, src_ip=209.209.8.82, src_port=42,486, start_time=1,777,946,458.716, tcp_flags=F,S,P,A, time_bucket=1,777,946,430, total_bytes=8,181, window_sec=30 session SESSION-0280199fcf3ea167 dst_ip=172.234.197.23, duration_sec=0, end_time=1,778,000,435.246, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=32.195.50.176, start_time=1,778,000,435.246, tcp_flags=, time_bucket=1,778,000,430, total_bytes=164, window_sec=30 session SESSION-07763fb491da65b8 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,971,628.992, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=98.92.23.232, start_time=1,777,971,628.992, tcp_flags=, time_bucket=1,777,971,600, total_bytes=164, window_sec=30 session SESSION-53f109edd419cdc2 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,993,214.057, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=16.79.76.70, start_time=1,777,993,214.057, tcp_flags=, time_bucket=1,777,993,200, total_bytes=164, window_sec=30 session SESSION-83e825ce567e05ed dst_ip=172.234.197.23, duration_sec=0, end_time=1,778,000,418.694, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=51.224.214.156, start_time=1,778,000,418.694, tcp_flags=, time_bucket=1,778,000,400, total_bytes=164, window_sec=30 session SESSION-e8b84e125934745e dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,777,946,447.705, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=54,276, start_time=1,777,946,447.704, tcp_flags=, time_bucket=1,777,946,430, total_bytes=282, window_sec=30 session SESSION-9aeac7580a27fcbd dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,971,614.011, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=18.234.252.238, start_time=1,777,971,614.011, tcp_flags=, time_bucket=1,777,971,600, total_bytes=164, window_sec=30 session SESSION-57778c1262cf6bf7 dst_ip=172.234.197.23, dst_port=443, duration_sec=11.89, end_time=1,777,982,459.723, expected_protocol=https, packet_count=32, proto=TCP, protocol_anomaly_score=0, protocol_violations=, protocols=TCP, src_ip=198.46.83.219, src_port=55,368, start_time=1,777,982,447.834, tcp_flags=S,P,A, time_bucket=1,777,982,430, total_bytes=15,178, window_sec=30 session SESSION-5bda29cf97a00bbc dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,964,413.862, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=54.183.164.11, start_time=1,777,964,413.862, tcp_flags=, time_bucket=1,777,964,400, total_bytes=164, window_sec=30 session SESSION-6809ae9f3f9de168 dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,778,004,002.046, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=50,991, start_time=1,778,004,002.045, tcp_flags=, time_bucket=1,778,004,000, total_bytes=282, window_sec=30 session SESSION-1b628a0e5420bcdd dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,777,989,601.775, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=35,428, start_time=1,777,989,601.772, tcp_flags=, time_bucket=1,777,989,600, total_bytes=282, window_sec=30 session SESSION-70f85f1f9f609263 dst_ip=172.234.197.23, dst_port=443, duration_sec=0.31, end_time=1,777,975,249.358, expected_protocol=https, packet_count=43, proto=TCP, protocol_anomaly_score=0, protocol_violations=, protocols=TCP, src_ip=185.191.171.15, src_port=50,600, start_time=1,777,975,249.048, tcp_flags=P,A,F,S,R, time_bucket=1,777,975,230, total_bytes=31,811, window_sec=30 session SESSION-48ed044b56920c72 dst_ip=172.234.197.23, dst_port=443, duration_sec=25.19, end_time=1,777,953,628.502, expected_protocol=https, packet_count=45, proto=TCP, protocol_anomaly_score=0.35, protocol_violations=missing_tls, protocols=TCP, src_ip=97.139.12.85, src_port=54,445, start_time=1,777,953,603.311, tcp_flags=P,A, time_bucket=1,777,953,600, total_bytes=7,850, window_sec=30 session SESSION-fe5bbf504191ff53 dst_ip=45.148.10.147, dst_port=7,012, duration_sec=26.95, end_time=1,777,986,057.263, expected_protocol=unregistered:7012, packet_count=22, proto=TCP, protocol_anomaly_score=0, protocol_violations=, protocols=TCP, src_ip=172.234.197.23, src_port=22, start_time=1,777,986,030.318, tcp_flags=P,R,A, time_bucket=1,777,986,030, total_bytes=2,056, window_sec=30 session SESSION-452ff9a5651efd47 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,982,409.238, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=103.155.16.117, start_time=1,777,982,409.238, tcp_flags=, time_bucket=1,777,982,400, total_bytes=84, window_sec=30 session SESSION-7b3c407fbcf7cdbc dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,993,203.852, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=108.136.220.138, start_time=1,777,993,203.852, tcp_flags=, time_bucket=1,777,993,200, total_bytes=164, window_sec=30 session SESSION-465f690015b6602c dst_ip=172.234.197.23, dst_port=22, duration_sec=24.92, end_time=1,777,946,427.699, expected_protocol=ssh, packet_count=46, proto=TCP, protocol_anomaly_score=0, protocol_violations=, protocols=TCP, src_ip=45.148.10.152, src_port=9,804, start_time=1,777,946,402.782, tcp_flags=S,P,R,A, time_bucket=1,777,946,400, total_bytes=7,274, window_sec=30 session SESSION-de964f7a2c974cbf dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,946,427.685, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=51.224.8.1, start_time=1,777,946,427.685, tcp_flags=, time_bucket=1,777,946,400, total_bytes=164, window_sec=30 session SESSION-5b835c6ebb995a7d dst_ip=172.234.197.23, dst_port=80, duration_sec=0.09, end_time=1,777,996,854.544, expected_protocol=http, packet_count=3, proto=TCP, protocol_anomaly_score=0, protocol_violations=, protocols=TCP, src_ip=5.61.209.107, src_port=53,644, start_time=1,777,996,854.449, tcp_flags=S,R,A, time_bucket=1,777,996,830, total_bytes=166, window_sec=30 session SESSION-caf3f25f6cd1d8cf dst_ip=172.232.0.17, dst_port=53, duration_sec=0.01, end_time=1,777,950,001.762, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=37,667, start_time=1,777,950,001.754, tcp_flags=, time_bucket=1,777,950,000, total_bytes=313, window_sec=30 session SESSION-48258acdb44fa51f dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,993,231.98, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=51.224.145.152, start_time=1,777,993,231.98, tcp_flags=, time_bucket=1,777,993,230, total_bytes=164, window_sec=30 session SESSION-34afdab6201869ee dst_ip=172.234.197.23, duration_sec=0, end_time=1,778,000,418.629, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=51.224.53.243, start_time=1,778,000,418.629, tcp_flags=, time_bucket=1,778,000,400, total_bytes=164, window_sec=30 session SESSION-50cc8118c4877f59 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,953,608.164, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=103.155.16.117, start_time=1,777,953,608.164, tcp_flags=, time_bucket=1,777,953,600, total_bytes=84, window_sec=30 session SESSION-8e4203692cceeb60 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,989,624.245, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=108.137.154.183, start_time=1,777,989,624.245, tcp_flags=, time_bucket=1,777,989,600, total_bytes=164, window_sec=30 session SESSION-5ad6262f0c135833 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,993,203.565, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=16.78.103.11, start_time=1,777,993,203.565, tcp_flags=, time_bucket=1,777,993,200, total_bytes=164, window_sec=30 session SESSION-ecf6e9133d59e7ac dst_ip=172.234.197.23, dst_port=161, duration_sec=8.99, end_time=1,777,982,449.171, expected_protocol=snmp, packet_count=4, proto=UDP, protocol_anomaly_score=0.15, protocol_violations=risk_port, protocols=UDP, src_ip=90.116.59.40, src_port=50,120, start_time=1,777,982,440.18, tcp_flags=, time_bucket=1,777,982,430, total_bytes=340, window_sec=30 session SESSION-27730b26534ba822 dst_ip=172.234.197.23, dst_port=22, duration_sec=2.88, end_time=1,777,968,024.361, expected_protocol=ssh, packet_count=26, proto=TCP, protocol_anomaly_score=0, protocol_violations=, protocols=TCP, src_ip=45.148.10.121, src_port=54,950, start_time=1,777,968,021.479, tcp_flags=F,S,P,A, time_bucket=1,777,968,000, total_bytes=5,887, window_sec=30 session SESSION-14856778af95572f dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,989,623.912, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=16.79.76.70, start_time=1,777,989,623.912, tcp_flags=, time_bucket=1,777,989,600, total_bytes=164, window_sec=30 session SESSION-9926ec2fae98e9c0 dst_ip=172.234.197.23, dst_port=443, duration_sec=0.02, end_time=1,777,971,606.58, expected_protocol=https, packet_count=3, proto=TCP, protocol_anomaly_score=0.35, protocol_violations=missing_tls, protocols=TCP, src_ip=40.77.167.16, src_port=58,786, start_time=1,777,971,606.56, tcp_flags=F,A, time_bucket=1,777,971,600, total_bytes=162, window_sec=30 session SESSION-a1a638f4047dcf86 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,960,824.955, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=98.94.57.86, start_time=1,777,960,824.955, tcp_flags=, time_bucket=1,777,960,800, total_bytes=164, window_sec=30 session SESSION-cef22d690e31564a dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,778,007,601.844, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=57,746, start_time=1,778,007,601.843, tcp_flags=, time_bucket=1,778,007,600, total_bytes=313, window_sec=30 session SESSION-1ab153b83d2eab1a dst_ip=2.57.122.196, dst_port=39,260, duration_sec=0.37, end_time=1,777,960,835.901, expected_protocol=unregistered:39260, packet_count=4, proto=TCP, protocol_anomaly_score=0, protocol_violations=, protocols=TCP, src_ip=172.234.197.23, src_port=22, start_time=1,777,960,835.528, tcp_flags=F,P,R,A, time_bucket=1,777,960,830, total_bytes=292, window_sec=30 session SESSION-d96f4e3d10a0a4f0 dst_ip=172.234.197.23, duration_sec=0, end_time=1,778,004,008.169, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=103.155.16.117, start_time=1,778,004,008.169, tcp_flags=, time_bucket=1,778,004,000, total_bytes=84, window_sec=30 session SESSION-3a3df56f9d8e37a3 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,978,808.46, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=34.220.135.241, start_time=1,777,978,808.46, tcp_flags=, time_bucket=1,777,978,800, total_bytes=164, window_sec=30 session SESSION-90d5b2c6338c7815 dst_ip=172.234.197.23, dst_port=23, duration_sec=1, end_time=1,777,993,259.128, expected_protocol=telnet, packet_count=2, proto=TCP, protocol_anomaly_score=0.75, protocol_violations=tcp_syn_only,risk_port, protocols=TCP, src_ip=82.86.130.0, src_port=17,598, start_time=1,777,993,258.13, tcp_flags=S, time_bucket=1,777,993,230, total_bytes=148, window_sec=30 session SESSION-790ab337f0cfab7f dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,971,614.19, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=54.226.218.70, start_time=1,777,971,614.19, tcp_flags=, time_bucket=1,777,971,600, total_bytes=164, window_sec=30 session SESSION-8b97840b2be2c63a dst_ip=172.234.197.23, dst_port=443, duration_sec=0.54, end_time=1,777,946,448.059, expected_protocol=https, packet_count=215, proto=TCP, protocol_anomaly_score=0, protocol_violations=, protocols=TCP, src_ip=3.90.73.206, src_port=6,279, start_time=1,777,946,447.52, tcp_flags=P,A,F,S,R, time_bucket=1,777,946,430, total_bytes=239,942, window_sec=30 session SESSION-ebddabcb2fea4fd6 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,971,604.072, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=54.175.222.82, start_time=1,777,971,604.072, tcp_flags=, time_bucket=1,777,971,600, total_bytes=164, window_sec=30 session SESSION-efccaa85823f0759 dst_ip=172.232.0.17, dst_port=53, duration_sec=0.02, end_time=1,777,964,402.057, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=45,590, start_time=1,777,964,402.038, tcp_flags=, time_bucket=1,777,964,400, total_bytes=313, window_sec=30 session SESSION-d8e778a85b00d06e dst_ip=172.234.197.23, duration_sec=0, end_time=1,778,004,025.473, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=13.229.125.1, start_time=1,778,004,025.473, tcp_flags=, time_bucket=1,778,004,000, total_bytes=164, window_sec=30 session SESSION-d9301b2feb39e9c2 dst_ip=172.234.197.23, dst_port=23, duration_sec=0.99, end_time=1,777,982,402.601, expected_protocol=telnet, packet_count=2, proto=TCP, protocol_anomaly_score=0.75, protocol_violations=tcp_syn_only,risk_port, protocols=TCP, src_ip=64.67.249.9, src_port=54,939, start_time=1,777,982,401.611, tcp_flags=S, time_bucket=1,777,982,400, total_bytes=148, window_sec=30 session SESSION-78559549ed9cd601 dst_ip=172.232.0.17, dst_port=53, duration_sec=0.02, end_time=1,777,960,801.332, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=57,180, start_time=1,777,960,801.31, tcp_flags=, time_bucket=1,777,960,800, total_bytes=282, window_sec=30 session SESSION-b50611c61b5691e4 dst_ip=45.148.10.152, duration_sec=10.24, end_time=1,777,946,443.315, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=172.234.197.23, start_time=1,777,946,433.075, tcp_flags=, time_bucket=1,777,946,430, total_bytes=164, window_sec=30 session SESSION-52ca69764e41f269 dst_ip=172.234.197.23, dst_port=443, duration_sec=12.74, end_time=1,778,007,626.356, expected_protocol=https, packet_count=47, proto=TCP, protocol_anomaly_score=0, protocol_violations=, protocols=TCP, src_ip=40.77.167.27, src_port=59,868, start_time=1,778,007,613.617, tcp_flags=F,S,P,A, time_bucket=1,778,007,600, total_bytes=24,897, window_sec=30 session SESSION-deeca4dda77866b3 dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,777,950,001.753, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=35,505, start_time=1,777,950,001.751, tcp_flags=, time_bucket=1,777,950,000, total_bytes=282, window_sec=30 session SESSION-13b1fe82d9169e1f dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,777,975,249.283, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=56,884, start_time=1,777,975,249.282, tcp_flags=, time_bucket=1,777,975,230, total_bytes=282, window_sec=30 session SESSION-6161ce1063e366a2 dst_ip=185.125.188.57, dst_port=443, duration_sec=5.89, end_time=1,778,007,637.165, expected_protocol=https, packet_count=50, proto=TCP, protocol_anomaly_score=0, protocol_violations=, protocols=TCP, src_ip=172.234.197.23, src_port=56,486, start_time=1,778,007,631.28, tcp_flags=P,A,F,S,R, time_bucket=1,778,007,630, total_bytes=36,871, window_sec=30 session SESSION-1c60438f798d31fe dst_ip=193.32.162.145, duration_sec=11.19, end_time=1,777,982,459.984, expected_protocol=unregistered:0, packet_count=11, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=172.234.197.23, start_time=1,777,982,448.793, tcp_flags=, time_bucket=1,777,982,430, total_bytes=1,106, window_sec=30 session SESSION-f596d13006651bf7 dst_ip=2.57.122.196, duration_sec=0.19, end_time=1,777,960,835.901, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=172.234.197.23, start_time=1,777,960,835.707, tcp_flags=, time_bucket=1,777,960,830, total_bytes=164, window_sec=30 session SESSION-a7c7f0449e4b7651 dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,777,978,801.417, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=43,039, start_time=1,777,978,801.416, tcp_flags=, time_bucket=1,777,978,800, total_bytes=313, window_sec=30 session SESSION-7bf928e13fe138b3 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,978,835.32, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=44.242.252.153, start_time=1,777,978,835.32, tcp_flags=, time_bucket=1,777,978,830, total_bytes=164, window_sec=30 session SESSION-a7c22f8d88658920 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,964,424.705, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=13.57.230.145, start_time=1,777,964,424.705, tcp_flags=, time_bucket=1,777,964,400, total_bytes=164, window_sec=30 session SESSION-449dd50fe1669698 dst_ip=172.234.197.23, duration_sec=0, end_time=1,778,004,019.14, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=18.138.243.16, start_time=1,778,004,019.14, tcp_flags=, time_bucket=1,778,004,000, total_bytes=164, window_sec=30 session SESSION-6fe8225e15e40fbf dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,960,825.14, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=34.236.245.217, start_time=1,777,960,825.14, tcp_flags=, time_bucket=1,777,960,800, total_bytes=164, window_sec=30 session SESSION-548e9314b3086ca9 dst_ip=172.234.197.23, dst_port=21, duration_sec=0.04, end_time=1,778,007,605.623, expected_protocol=ftp-ctrl, packet_count=10, proto=TCP, protocol_anomaly_score=0.1, protocol_violations=risk_port, protocols=TCP, src_ip=3.143.162.210, src_port=44,962, start_time=1,778,007,605.58, tcp_flags=F,S,P,A, time_bucket=1,778,007,600, total_bytes=697, window_sec=30 session SESSION-5adc8934d941c10d dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,777,957,201.24, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=59,564, start_time=1,777,957,201.239, tcp_flags=, time_bucket=1,777,957,200, total_bytes=313, window_sec=30 session SESSION-56d5cf7074baf3bc dst_ip=172.234.197.23, dst_port=22, duration_sec=3.51, end_time=1,777,960,857.597, expected_protocol=ssh, packet_count=25, proto=TCP, protocol_anomaly_score=0, protocol_violations=, protocols=TCP, src_ip=2.57.122.195, src_port=40,070, start_time=1,777,960,854.089, tcp_flags=S,P,A, time_bucket=1,777,960,830, total_bytes=5,220, window_sec=30 session SESSION-8e771e83ba0229e5 dst_ip=172.234.197.23, dst_port=21, duration_sec=0.13, end_time=1,777,975,225.365, expected_protocol=ftp-ctrl, packet_count=12, proto=TCP, protocol_anomaly_score=0.1, protocol_violations=risk_port, protocols=TCP, src_ip=20.65.193.94, src_port=39,012, start_time=1,777,975,225.236, tcp_flags=F,S,P,A, time_bucket=1,777,975,200, total_bytes=891, window_sec=30 session SESSION-34c8aa9a9627cd8c dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,777,975,201.62, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=45,262, start_time=1,777,975,201.618, tcp_flags=, time_bucket=1,777,975,200, total_bytes=313, window_sec=30 session SESSION-594ac66539708081 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,960,809.257, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=98.80.70.116, start_time=1,777,960,809.257, tcp_flags=, time_bucket=1,777,960,800, total_bytes=164, window_sec=30 session SESSION-677fabd73fc2f293 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,946,423.861, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=40.177.170.83, start_time=1,777,946,423.861, tcp_flags=, time_bucket=1,777,946,400, total_bytes=164, window_sec=30 session SESSION-b6b6a46eb2435b2c dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,777,993,201.656, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=59,844, start_time=1,777,993,201.655, tcp_flags=, time_bucket=1,777,993,200, total_bytes=313, window_sec=30 session SESSION-15c7d6c96ae38709 dst_ip=172.234.197.23, dst_port=443, duration_sec=0.45, end_time=1,778,000,460.583, expected_protocol=https, packet_count=10, proto=TCP, protocol_anomaly_score=0, protocol_violations=, protocols=TCP, src_ip=43.172.194.114, src_port=53,474, start_time=1,778,000,460.128, tcp_flags=P,A, time_bucket=1,778,000,460, total_bytes=5,320, window_sec=30 session SESSION-74617fa0c31efafc dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,777,986,001.985, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=41,633, start_time=1,777,986,001.985, tcp_flags=, time_bucket=1,777,986,000, total_bytes=282, window_sec=30 session SESSION-efbf980a3a22c61a dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,946,427.71, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=51.224.218.166, start_time=1,777,946,427.71, tcp_flags=, time_bucket=1,777,946,400, total_bytes=164, window_sec=30 session SESSION-1e693ff8754b6a4b dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,777,996,801.469, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=57,362, start_time=1,777,996,801.467, tcp_flags=, time_bucket=1,777,996,800, total_bytes=282, window_sec=30 session SESSION-22dca0f7e254df40 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,996,803.516, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=108.136.246.109, start_time=1,777,996,803.516, tcp_flags=, time_bucket=1,777,996,800, total_bytes=164, window_sec=30 session SESSION-bb030de157a28a92 dst_ip=172.234.197.23, duration_sec=0, end_time=1,778,000,418.556, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=51.224.129.180, start_time=1,778,000,418.556, tcp_flags=, time_bucket=1,778,000,400, total_bytes=164, window_sec=30 session SESSION-4cb056730b02c5bb dst_ip=172.234.197.23, dst_port=22, duration_sec=1.51, end_time=1,777,946,420.894, expected_protocol=ssh, packet_count=33, proto=TCP, protocol_anomaly_score=0, protocol_violations=, protocols=TCP, src_ip=51.75.149.221, src_port=53,112, start_time=1,777,946,419.383, tcp_flags=F,S,P,A, time_bucket=1,777,946,400, total_bytes=8,309, window_sec=30 session SESSION-99de2182f7bfe8f5 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,982,440.073, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=90.116.59.40, start_time=1,777,982,440.073, tcp_flags=, time_bucket=1,777,982,430, total_bytes=148, window_sec=30 session SESSION-e7bb0cf91212e19f dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,777,982,401.213, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=59,768, start_time=1,777,982,401.21, tcp_flags=, time_bucket=1,777,982,400, total_bytes=313, window_sec=30 session SESSION-e8fcb9ba93456c79 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,960,805.974, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=54.164.23.84, start_time=1,777,960,805.974, tcp_flags=, time_bucket=1,777,960,800, total_bytes=164, window_sec=30 session SESSION-9ade459513e3d982 dst_ip=172.234.197.23, dst_port=443, duration_sec=0.02, end_time=1,777,986,008.819, expected_protocol=https, packet_count=3, proto=TCP, protocol_anomaly_score=0.35, protocol_violations=missing_tls, protocols=TCP, src_ip=52.167.144.238, src_port=35,651, start_time=1,777,986,008.798, tcp_flags=F,A, time_bucket=1,777,986,000, total_bytes=162, window_sec=30 session SESSION-b4a7b7ee8c37c82a dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,982,425.697, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=34.254.182.37, start_time=1,777,982,425.697, tcp_flags=, time_bucket=1,777,982,400, total_bytes=164, window_sec=30 session SESSION-3da8c2fb5a75575f dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,996,814.382, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=108.136.231.22, start_time=1,777,996,814.382, tcp_flags=, time_bucket=1,777,996,800, total_bytes=164, window_sec=30 session SESSION-3936b227c1331c5d dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,993,203.91, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=108.136.231.22, start_time=1,777,993,203.91, tcp_flags=, time_bucket=1,777,993,200, total_bytes=164, window_sec=30 session SESSION-cc46316b9ac69b28 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,996,814.641, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=108.136.195.128, start_time=1,777,996,814.641, tcp_flags=, time_bucket=1,777,996,800, total_bytes=164, window_sec=30 session SESSION-d1d3131167e5d8a7 dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,778,004,002.048, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=53,918, start_time=1,778,004,002.047, tcp_flags=, time_bucket=1,778,004,000, total_bytes=313, window_sec=30 session SESSION-5c246eb449f8b019 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,986,028.074, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=15.188.52.238, start_time=1,777,986,028.074, tcp_flags=, time_bucket=1,777,986,000, total_bytes=142, window_sec=30 session SESSION-2f184aa4f616a204 dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,777,971,601.765, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=34,513, start_time=1,777,971,601.764, tcp_flags=, time_bucket=1,777,971,600, total_bytes=282, window_sec=30 session SESSION-88397ed3e95acb70 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,989,604.075, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=108.137.71.172, start_time=1,777,989,604.075, tcp_flags=, time_bucket=1,777,989,600, total_bytes=164, window_sec=30 session SESSION-a4e2d049e521c4ea dst_ip=172.234.197.23, duration_sec=0, end_time=1,778,004,004.98, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=13.250.21.18, start_time=1,778,004,004.98, tcp_flags=, time_bucket=1,778,004,000, total_bytes=164, window_sec=30 session SESSION-4232e9525181ac54 dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,777,968,022.47, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=47,900, start_time=1,777,968,022.469, tcp_flags=, time_bucket=1,777,968,000, total_bytes=313, window_sec=30 session SESSION-73606a287fbab643 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,982,404.464, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=108.131.123.151, start_time=1,777,982,404.464, tcp_flags=, time_bucket=1,777,982,400, total_bytes=164, window_sec=30 session SESSION-22e21c154242e139 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,993,204.044, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=108.136.195.128, start_time=1,777,993,204.044, tcp_flags=, time_bucket=1,777,993,200, total_bytes=164, window_sec=30 session SESSION-7c9d5254fc0fecbf dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,989,645.69, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=51.224.39.182, start_time=1,777,989,645.69, tcp_flags=, time_bucket=1,777,989,630, total_bytes=164, window_sec=30 session SESSION-ec5c8fa8037e3562 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,996,808.445, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=103.155.16.117, start_time=1,777,996,808.445, tcp_flags=, time_bucket=1,777,996,800, total_bytes=84, window_sec=30 session SESSION-746daed3b62f60f5 dst_ip=172.234.197.23, duration_sec=0, end_time=1,777,964,414.123, expected_protocol=unregistered:0, packet_count=2, proto=ICMP, protocol_anomaly_score=0, protocol_violations=, protocols=ICMP, src_ip=54.215.156.188, start_time=1,777,964,414.123, tcp_flags=, time_bucket=1,777,964,400, total_bytes=164, window_sec=30 session SESSION-130a446aad655720 dst_ip=172.232.0.17, dst_port=53, duration_sec=0, end_time=1,777,982,401.21, expected_protocol=dns, packet_count=2, proto=UDP, protocol_anomaly_score=0, protocol_violations=, protocols=UDP, src_ip=172.234.197.23, src_port=60,570, start_time=1,777,982,401.209, tcp_flags=, time_bucket=1,777,982,400, total_bytes=282, window_sec=30 tls_sni tls_sni:172-234-197-23.ip.linodeusercontent.com sni=172-234-197-23.ip.linodeusercontent.com tls_sni tls_sni:api.snapcraft.io sni=api.snapcraft.io