Date first seen Duration Proto Src IP Addr:Port Dst IP Addr:Port Packets Bytes Flows 2025-10-25 14:59:27.003 00:00:10.357 TCP 1.101.0.1:3000 -> 23.104.0.1:50656 10 6870 1 2025-10-25 15:00:27.405 00:00:10.378 TCP 1.101.0.1:3000 -> 23.104.0.1:53226 10 6870 1 2025-10-25 15:01:27.819 00:00:10.368 TCP 1.101.0.1:3000 -> 23.104.0.1:49900 10 6870 1 2025-10-25 14:57:49.865 00:05:00.283 TCP 179.21.23.21:38570 -> 179.21.23.23:179 12 738 1 2025-10-25 14:57:49.863 00:05:00.288 TCP 179.21.23.23:179 -> 179.21.23.21:38570 12 738 1 2025-10-25 15:02:28.224 00:00:10.372 TCP 1.101.0.1:3000 -> 23.104.0.1:52058 10 6870 1 2025-10-25 15:02:49.271 00:00:00.022 ICMP 21.0.198.2:0 -> 27.107.0.1:8.0 3 252 1 2025-10-25 15:02:49.269 00:00:00.023 ICMP 21.0.198.2:0 -> 32.102.0.1:8.0 3 252 1 2025-10-25 15:02:49.178 00:00:00.023 ICMP 1.0.198.2:0 -> 23.107.0.1:8.0 3 252 1 2025-10-25 15:02:49.146 00:00:00.023 ICMP 21.0.198.2:0 -> 23.107.0.1:8.0 3 252 1 2025-10-25 15:02:49.231 00:00:00.022 ICMP 23.107.0.1:0 -> 21.0.198.2:0.0 3 252 1 2025-10-25 15:03:28.637 00:00:10.363 TCP 1.101.0.1:3000 -> 23.104.0.1:36046 10 6870 1 2025-10-25 15:04:29.039 00:00:10.365 TCP 1.101.0.1:3000 -> 23.104.0.1:43968 10 6870 1 2025-10-25 15:05:29.443 00:00:10.447 TCP 1.101.0.1:3000 -> 23.104.0.1:37310 12 10793 1 2025-10-25 15:06:29.930 00:00:10.378 TCP 1.101.0.1:3000 -> 23.104.0.1:46620 10 6870 1 2025-10-25 15:07:30.345 00:00:10.368 TCP 1.101.0.1:3000 -> 23.104.0.1:32938 10 6870 1 2025-10-25 15:07:49.515 00:00:00.022 ICMP 21.0.198.2:0 -> 27.107.0.1:8.0 3 252 1 2025-10-25 15:07:49.518 00:00:00.023 ICMP 21.0.198.2:0 -> 32.102.0.1:8.0 3 252 1 2025-10-25 15:07:49.467 00:00:00.022 ICMP 1.0.198.2:0 -> 23.107.0.1:8.0 3 252 1 2025-10-25 15:07:49.366 00:00:00.021 ICMP 21.0.198.2:0 -> 23.107.0.1:8.0 3 252 1 2025-10-25 15:07:49.449 00:00:00.021 ICMP 23.107.0.1:0 -> 21.0.198.2:0.0 3 252 1 2025-10-25 15:03:49.864 00:05:00.289 TCP 179.21.23.23:179 -> 179.21.23.21:38570 12 738 1 2025-10-25 15:03:49.867 00:05:00.284 TCP 179.21.23.21:38570 -> 179.21.23.23:179 12 738 1 2025-10-25 15:08:30.753 00:00:10.330 TCP 1.101.0.1:3000 -> 23.104.0.1:35720 10 6870 1 2025-10-25 15:09:31.120 00:00:10.368 TCP 1.101.0.1:3000 -> 23.104.0.1:56232 10 6870 1 2025-10-25 15:10:31.525 00:00:10.371 TCP 1.101.0.1:3000 -> 23.104.0.1:46312 10 6870 1 2025-10-25 15:11:31.932 00:00:10.347 TCP 1.101.0.1:3000 -> 23.104.0.1:54630 10 6870 1 2025-10-25 15:12:32.320 00:00:10.364 TCP 1.101.0.1:3000 -> 23.104.0.1:39894 10 6870 1 2025-10-25 15:12:49.526 00:00:00.025 ICMP 21.0.198.2:0 -> 27.107.0.1:8.0 3 252 1 2025-10-25 15:12:49.529 00:00:00.022 ICMP 21.0.198.2:0 -> 32.102.0.1:8.0 3 252 1 2025-10-25 15:12:49.554 00:00:00.020 ICMP 1.0.198.2:0 -> 23.107.0.1:8.0 3 252 1 2025-10-25 15:12:49.462 00:00:00.023 ICMP 21.0.198.2:0 -> 23.107.0.1:8.0 3 252 1 2025-10-25 15:12:49.549 00:00:00.022 ICMP 23.107.0.1:0 -> 21.0.198.2:0.0 3 252 1 2025-10-25 15:13:32.728 00:00:10.369 TCP 1.101.0.1:3000 -> 23.104.0.1:49354 10 6870 1 2025-10-25 15:09:49.871 00:05:00.281 TCP 179.21.23.21:38570 -> 179.21.23.23:179 12 738 1 2025-10-25 15:09:49.868 00:05:00.286 TCP 179.21.23.23:179 -> 179.21.23.21:38570 12 738 1 2025-10-25 15:14:33.138 00:00:10.365 TCP 1.101.0.1:3000 -> 23.104.0.1:43830 10 6870 1 2025-10-25 15:15:33.541 00:00:10.366 TCP 1.101.0.1:3000 -> 23.104.0.1:39672 10 6870 1 2025-10-25 15:16:33.947 00:00:10.380 TCP 1.101.0.1:3000 -> 23.104.0.1:37214 10 6870 1 2025-10-25 15:17:34.367 00:00:10.363 TCP 1.101.0.1:3000 -> 23.104.0.1:56494 10 6870 1 2025-10-25 15:17:49.398 00:00:00.023 ICMP 21.0.198.2:0 -> 27.107.0.1:8.0 3 252 1 2025-10-25 15:17:49.594 00:00:00.022 ICMP 21.0.198.2:0 -> 32.102.0.1:8.0 3 252 1 2025-10-25 15:17:49.497 00:00:00.024 ICMP 1.0.198.2:0 -> 23.107.0.1:8.0 3 252 1 2025-10-25 15:17:49.602 00:00:00.023 ICMP 21.0.198.2:0 -> 23.107.0.1:8.0 3 252 1 2025-10-25 15:17:49.685 00:00:00.023 ICMP 23.107.0.1:0 -> 21.0.198.2:0.0 3 252 1 2025-10-25 15:18:34.768 00:00:10.373 TCP 1.101.0.1:3000 -> 23.104.0.1:47538 10 6870 1 2025-10-25 15:15:49.871 00:05:00.283 TCP 179.21.23.23:179 -> 179.21.23.21:38570 12 738 1 2025-10-25 15:19:35.184 00:00:10.371 TCP 1.101.0.1:3000 -> 23.104.0.1:38266 10 6870 1 2025-10-25 15:15:49.876 00:05:00.277 TCP 179.21.23.21:38570 -> 179.21.23.23:179 12 738 1 2025-10-25 15:20:35.586 00:00:10.369 TCP 1.101.0.1:3000 -> 23.104.0.1:38494 10 6870 1 2025-10-25 15:21:35.993 00:00:10.365 TCP 1.101.0.1:3000 -> 23.104.0.1:52468 10 6870 1 2025-10-25 15:22:49.644 00:00:00.022 ICMP 21.0.198.2:0 -> 27.107.0.1:8.0 3 252 1 2025-10-25 15:22:49.825 00:00:00.022 ICMP 21.0.198.2:0 -> 32.102.0.1:8.0 3 252 1 2025-10-25 15:22:49.575 00:00:00.024 ICMP 1.0.198.2:0 -> 23.107.0.1:8.0 3 252 1 2025-10-25 15:22:49.639 00:00:00.022 ICMP 21.0.198.2:0 -> 23.107.0.1:8.0 3 252 1 2025-10-25 15:22:36.395 00:00:10.325 TCP 1.101.0.1:3000 -> 23.104.0.1:33922 10 6870 1 2025-10-25 15:22:49.721 00:00:00.022 ICMP 23.107.0.1:0 -> 21.0.198.2:0.0 3 252 1 2025-10-25 15:23:36.756 00:00:10.389 TCP 1.101.0.1:3000 -> 23.104.0.1:58314 10 6870 1 2025-10-25 15:24:37.182 00:00:10.369 TCP 1.101.0.1:3000 -> 23.104.0.1:51440 10 6870 1 2025-10-25 15:25:37.587 00:00:10.363 TCP 1.101.0.1:3000 -> 23.104.0.1:34952 10 6870 1 2025-10-25 15:21:49.877 00:05:00.280 TCP 179.21.23.23:179 -> 179.21.23.21:38570 12 738 1 2025-10-25 15:21:49.879 00:05:00.275 TCP 179.21.23.21:38570 -> 179.21.23.23:179 12 738 1 2025-10-25 15:26:37.989 00:00:10.369 TCP 1.101.0.1:3000 -> 23.104.0.1:37612 10 6870 1 2025-10-25 15:27:49.666 00:00:00.024 ICMP 23.107.0.1:0 -> 21.0.198.2:0.0 3 252 1 2025-10-25 15:27:49.619 00:00:00.021 ICMP 1.0.198.2:0 -> 23.107.0.1:8.0 3 252 1 2025-10-25 15:27:49.585 00:00:00.023 ICMP 21.0.198.2:0 -> 23.107.0.1:8.0 3 252 1 2025-10-25 15:27:38.395 00:00:10.363 TCP 1.101.0.1:3000 -> 23.104.0.1:49756 10 6870 1 2025-10-25 15:27:49.828 00:00:00.023 ICMP 21.0.198.2:0 -> 27.107.0.1:8.0 3 252 1 2025-10-25 15:27:49.681 00:00:00.023 ICMP 21.0.198.2:0 -> 32.102.0.1:8.0 3 252 1 2025-10-25 15:28:38.798 00:00:10.364 TCP 1.101.0.1:3000 -> 23.104.0.1:37494 10 6870 1 2025-10-25 15:29:39.196 00:00:10.369 TCP 1.101.0.1:3000 -> 23.104.0.1:42652 10 6870 1 2025-10-25 15:30:39.607 00:00:10.751 TCP 1.101.0.1:3000 -> 23.104.0.1:43954 10 6870 1 2025-10-25 15:27:49.882 00:05:00.275 TCP 179.21.23.23:179 -> 179.21.23.21:38570 12 738 1 2025-10-25 15:27:49.884 00:05:00.270 TCP 179.21.23.21:38570 -> 179.21.23.23:179 12 738 1 2025-10-25 15:31:40.396 00:00:10.327 TCP 1.101.0.1:3000 -> 23.104.0.1:58192 10 6870 1 2025-10-25 15:32:49.864 00:00:00.022 ICMP 21.0.198.2:0 -> 27.107.0.1:8.0 3 252 1 2025-10-25 15:32:49.669 00:00:00.021 ICMP 21.0.198.2:0 -> 32.102.0.1:8.0 3 252 1 2025-10-25 15:32:49.896 00:00:00.022 ICMP 1.0.198.2:0 -> 23.107.0.1:8.0 3 252 1 2025-10-25 15:32:49.787 00:00:00.021 ICMP 21.0.198.2:0 -> 23.107.0.1:8.0 3 252 1 2025-10-25 15:32:49.870 00:00:00.021 ICMP 23.107.0.1:0 -> 21.0.198.2:0.0 3 252 1 2025-10-25 15:32:40.772 00:00:10.373 TCP 1.101.0.1:3000 -> 23.104.0.1:43574 10 6870 1 2025-10-25 15:33:41.183 00:00:10.373 TCP 1.101.0.1:3000 -> 23.104.0.1:38390 10 6870 1 2025-10-25 15:34:41.591 00:00:10.366 TCP 1.101.0.1:3000 -> 23.104.0.1:34142 10 6870 1 2025-10-25 15:35:41.997 00:00:10.365 TCP 1.101.0.1:3000 -> 23.104.0.1:54368 10 6870 1 2025-10-25 15:36:42.398 00:00:10.365 TCP 1.101.0.1:3000 -> 23.104.0.1:46474 10 6870 1 2025-10-25 15:37:49.930 00:00:00.022 ICMP 23.107.0.1:0 -> 21.0.198.2:0.0 3 252 1 2025-10-25 15:37:49.848 00:00:00.021 ICMP 21.0.198.2:0 -> 27.107.0.1:8.0 3 252 1 2025-10-25 15:37:49.918 00:00:00.023 ICMP 21.0.198.2:0 -> 32.102.0.1:8.0 3 252 1 2025-10-25 15:37:49.794 00:00:00.024 ICMP 1.0.198.2:0 -> 23.107.0.1:8.0 3 252 1 2025-10-25 15:37:49.848 00:00:00.021 ICMP 21.0.198.2:0 -> 23.107.0.1:8.0 3 252 1 2025-10-25 15:33:49.883 00:05:00.278 TCP 179.21.23.23:179 -> 179.21.23.21:38570 12 738 1 2025-10-25 15:33:49.888 00:05:00.273 TCP 179.21.23.21:38570 -> 179.21.23.23:179 12 738 1 2025-10-25 15:37:42.805 00:00:10.334 TCP 1.101.0.1:3000 -> 23.104.0.1:50258 10 6870 1 2025-10-25 15:38:43.176 00:00:10.325 TCP 1.101.0.1:3000 -> 23.104.0.1:42232 10 6870 1 2025-10-25 15:39:43.549 00:00:10.361 TCP 1.101.0.1:3000 -> 23.104.0.1:44830 10 6870 1 2025-10-25 15:40:43.950 00:00:10.446 TCP 1.101.0.1:3000 -> 23.104.0.1:35426 12 10369 1 2025-10-25 15:41:44.434 00:00:10.323 TCP 1.101.0.1:3000 -> 23.104.0.1:53336 10 6452 1 2025-10-25 15:42:49.928 00:00:00.022 ICMP 23.107.0.1:0 -> 21.0.198.2:0.0 3 252 1 2025-10-25 15:42:49.602 00:00:00.021 ICMP 1.0.198.2:0 -> 23.107.0.1:8.0 3 252 1 2025-10-25 15:42:49.846 00:00:00.022 ICMP 21.0.198.2:0 -> 23.107.0.1:8.0 3 252 1 2025-10-25 15:42:50.103 00:00:00.022 ICMP 21.0.198.2:0 -> 27.107.0.1:8.0 3 252 1 2025-10-25 15:42:50.007 00:00:00.034 ICMP 21.0.198.2:0 -> 32.102.0.1:8.0 3 252 1 2025-10-25 15:42:44.798 00:00:10.364 TCP 1.101.0.1:3000 -> 23.104.0.1:51880 10 6452 1 2025-10-25 15:39:49.885 00:05:00.285 TCP 179.21.23.23:179 -> 179.21.23.21:38570 12 738 1 2025-10-25 15:39:49.887 00:05:00.280 TCP 179.21.23.21:38570 -> 179.21.23.23:179 12 738 1 2025-10-25 15:43:45.201 00:00:10.362 TCP 1.101.0.1:3000 -> 23.104.0.1:49226 10 6452 1 2025-10-25 15:44:45.597 00:00:10.323 TCP 1.101.0.1:3000 -> 23.104.0.1:56746 10 6452 1 2025-10-25 15:45:45.961 00:00:10.373 TCP 1.101.0.1:3000 -> 23.104.0.1:50718 10 6452 1 2025-10-25 15:46:46.375 00:00:10.367 TCP 1.101.0.1:3000 -> 23.104.0.1:48962 10 6452 1 2025-10-25 15:47:50.289 00:00:00.022 ICMP 23.107.0.1:0 -> 21.0.198.2:0.0 3 252 1 2025-10-25 15:47:50.332 00:00:00.023 ICMP 21.0.198.2:0 -> 27.107.0.1:8.0 3 252 1 2025-10-25 15:47:50.202 00:00:00.023 ICMP 21.0.198.2:0 -> 32.102.0.1:8.0 3 252 1 2025-10-25 15:47:50.347 00:00:00.024 ICMP 1.0.198.2:0 -> 23.107.0.1:8.0 3 252 1 2025-10-25 15:47:50.206 00:00:00.023 ICMP 21.0.198.2:0 -> 23.107.0.1:8.0 3 252 1 2025-10-25 15:47:46.782 00:00:10.365 TCP 1.101.0.1:3000 -> 23.104.0.1:60942 10 6452 1 2025-10-25 15:48:47.186 00:00:10.369 TCP 1.101.0.1:3000 -> 23.104.0.1:46800 10 6452 1 2025-10-25 15:45:49.889 00:05:00.282 TCP 179.21.23.23:179 -> 179.21.23.21:38570 12 738 1 2025-10-25 15:45:49.892 00:05:00.277 TCP 179.21.23.21:38570 -> 179.21.23.23:179 12 738 1 2025-10-25 15:49:47.593 00:00:10.325 TCP 1.101.0.1:3000 -> 23.104.0.1:42708 10 6452 1 2025-10-25 15:50:47.958 00:00:10.370 TCP 1.101.0.1:3000 -> 23.104.0.1:37052 10 6452 1 2025-10-25 15:51:48.372 00:00:10.332 TCP 1.101.0.1:3000 -> 23.104.0.1:59884 10 6452 1 2025-10-25 15:52:50.525 00:00:00.021 ICMP 23.107.0.1:0 -> 21.0.198.2:0.0 3 252 1 2025-10-25 15:52:50.219 00:00:00.022 ICMP 21.0.198.2:0 -> 27.107.0.1:8.0 3 252 1 2025-10-25 15:52:50.324 00:00:00.014 ICMP 21.0.198.2:0 -> 32.102.0.1:8.0 3 252 1 2025-10-25 15:52:50.142 00:00:00.022 ICMP 1.0.198.2:0 -> 23.107.0.1:8.0 3 252 1 2025-10-25 15:52:50.442 00:00:00.022 ICMP 21.0.198.2:0 -> 23.107.0.1:8.0 3 252 1 2025-10-25 15:52:48.732 00:00:10.376 TCP 1.101.0.1:3000 -> 23.104.0.1:39186 10 6452 1 2025-10-25 15:53:49.148 00:00:10.370 TCP 1.101.0.1:3000 -> 23.104.0.1:39404 10 6452 1 2025-10-25 15:54:49.556 00:00:10.360 TCP 1.101.0.1:3000 -> 23.104.0.1:33218 10 6452 1 2025-10-25 15:51:49.895 00:05:00.275 TCP 179.21.23.21:38570 -> 179.21.23.23:179 12 738 1 2025-10-25 15:51:49.892 00:05:00.280 TCP 179.21.23.23:179 -> 179.21.23.21:38570 12 738 1 2025-10-25 15:55:49.956 00:00:10.380 TCP 1.101.0.1:3000 -> 23.104.0.1:47004 10 6452 1 2025-10-25 15:56:50.366 00:00:10.323 TCP 1.101.0.1:3000 -> 23.104.0.1:51642 10 6452 1 2025-10-25 15:57:50.290 00:00:00.021 ICMP 21.0.198.2:0 -> 27.107.0.1:8.0 3 252 1 2025-10-25 15:57:50.371 00:00:00.023 ICMP 21.0.198.2:0 -> 32.102.0.1:8.0 3 252 1 2025-10-25 15:57:50.054 00:00:00.023 ICMP 1.0.198.2:0 -> 23.107.0.1:8.0 3 252 1 2025-10-25 15:57:50.415 00:00:00.022 ICMP 21.0.198.2:0 -> 23.107.0.1:8.0 3 252 1 2025-10-25 15:57:50.498 00:00:00.022 ICMP 23.107.0.1:0 -> 21.0.198.2:0.0 3 252 1 2025-10-25 15:57:50.727 00:00:10.368 TCP 1.101.0.1:3000 -> 23.104.0.1:36510 10 6452 1 Summary: total flows: 139, total bytes: 435526, total packets: 1014, avg bps: 964, avg pps: 0, avg bpp: 429 Time window: 2025-10-25 14:57:49 - 2025-10-25 15:58:01 Total flows processed: 139, passed: 139, Blocks skipped: 0, Bytes read: 14520 Sys: 0.0035s User: 0.0012s Wall: 0.0020s flows/second: 70701.9 Runtime: 0.0020s