Date first seen Duration Proto Src IP Addr:Port Dst IP Addr:Port Packets Bytes Flows 2025-08-02 02:58:46.460 00:00:10.366 TCP 23.104.0.1:44942 -> 1.101.0.1:3000 11 1507 1 2025-08-02 02:59:01.301 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:56498 10 6452 1 2025-08-02 02:59:46.867 00:00:10.365 TCP 23.104.0.1:55022 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:00:01.516 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:55894 10 6452 1 2025-08-02 03:00:47.275 00:00:10.365 TCP 23.104.0.1:39428 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:01:01.733 00:00:10.180 TCP 1.101.0.1:3000 -> 22.102.0.1:42794 10 6452 1 2025-08-02 03:02:00.765 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-02 03:02:00.741 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-02 03:01:47.677 00:00:10.376 TCP 23.104.0.1:34280 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:02:01.954 00:00:10.334 TCP 1.101.0.1:3000 -> 22.102.0.1:33590 10 6452 1 2025-08-02 03:02:48.109 00:00:10.364 TCP 23.104.0.1:41836 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:03:02.329 00:00:10.180 TCP 1.101.0.1:3000 -> 22.102.0.1:42868 10 6452 1 2025-08-02 03:03:48.523 00:00:10.360 TCP 23.104.0.1:46786 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:04:02.546 00:00:10.178 TCP 1.101.0.1:3000 -> 22.102.0.1:33346 10 6452 1 2025-08-02 03:04:48.922 00:00:10.386 TCP 23.104.0.1:44688 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:00:04.926 00:06:00.032 TCP 179.1.22.1:179 -> 179.1.22.22:39396 14 861 1 2025-08-02 03:00:04.953 00:06:00.002 TCP 179.1.22.22:39396 -> 179.1.22.1:179 7 497 1 2025-08-02 03:05:02.767 00:00:10.179 TCP 1.101.0.1:3000 -> 22.102.0.1:51194 10 6452 1 2025-08-02 03:05:49.350 00:00:10.359 TCP 23.104.0.1:52094 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:06:02.985 00:00:10.148 TCP 1.101.0.1:3000 -> 22.102.0.1:49036 10 6452 1 2025-08-02 03:06:49.754 00:00:10.335 TCP 23.104.0.1:33286 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:07:00.937 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-02 03:07:01.050 00:00:00.048 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-02 03:07:03.175 00:00:10.132 TCP 1.101.0.1:3000 -> 22.102.0.1:42446 10 6452 1 2025-08-02 03:07:50.133 00:00:10.324 TCP 23.104.0.1:54924 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:08:03.350 00:00:10.141 TCP 1.101.0.1:3000 -> 22.102.0.1:57888 10 6452 1 2025-08-02 03:08:50.504 00:00:10.364 TCP 23.104.0.1:56838 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:09:03.526 00:00:10.132 TCP 1.101.0.1:3000 -> 22.102.0.1:35722 10 6452 1 2025-08-02 03:09:50.906 00:00:10.365 TCP 23.104.0.1:42602 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:10:03.692 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:59992 10 6452 1 2025-08-02 03:10:51.317 00:00:10.368 TCP 23.104.0.1:45150 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:11:03.905 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:34354 10 6452 1 2025-08-02 03:12:00.842 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-02 03:12:01.040 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-02 03:07:04.955 00:06:00.004 TCP 179.1.22.22:39396 -> 179.1.22.1:179 7 497 1 2025-08-02 03:11:51.750 00:00:10.332 TCP 23.104.0.1:60960 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:07:04.927 00:06:00.035 TCP 179.1.22.1:179 -> 179.1.22.22:39396 14 861 1 2025-08-02 03:12:04.118 00:00:10.169 TCP 1.101.0.1:3000 -> 22.102.0.1:54072 10 6452 1 2025-08-02 03:12:52.121 00:00:10.319 TCP 23.104.0.1:35086 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:13:04.329 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:45902 10 6452 1 2025-08-02 03:13:52.477 00:00:10.366 TCP 23.104.0.1:60548 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:14:04.542 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:49884 10 6452 1 2025-08-02 03:14:52.883 00:00:10.385 TCP 23.104.0.1:55154 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:15:04.759 00:00:13.748 TCP 1.101.0.1:3000 -> 22.102.0.1:48344 10 6452 1 2025-08-02 03:15:53.287 00:00:10.321 TCP 23.104.0.1:47720 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:16:08.546 00:00:10.179 TCP 1.101.0.1:3000 -> 22.102.0.1:41658 10 6452 1 2025-08-02 03:17:00.918 00:00:00.021 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-02 03:17:01.083 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-02 03:16:53.643 00:00:10.365 TCP 23.104.0.1:50178 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:17:08.765 00:00:10.170 TCP 1.101.0.1:3000 -> 22.102.0.1:49394 10 6452 1 2025-08-02 03:17:54.065 00:00:10.331 TCP 23.104.0.1:33916 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:18:08.972 00:00:10.151 TCP 1.101.0.1:3000 -> 22.102.0.1:38092 10 6452 1 2025-08-02 03:14:04.933 00:06:00.032 TCP 179.1.22.1:179 -> 179.1.22.22:39396 14 861 1 2025-08-02 03:18:54.446 00:00:10.321 TCP 23.104.0.1:55274 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:14:04.960 00:06:00.002 TCP 179.1.22.22:39396 -> 179.1.22.1:179 7 497 1 2025-08-02 03:19:09.164 00:00:10.134 TCP 1.101.0.1:3000 -> 22.102.0.1:44622 10 6452 1 2025-08-02 03:19:54.814 00:00:10.370 TCP 23.104.0.1:56378 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:20:09.338 00:00:10.171 TCP 1.101.0.1:3000 -> 22.102.0.1:41016 10 6452 1 2025-08-02 03:20:55.223 00:00:10.375 TCP 23.104.0.1:48852 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:21:09.549 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:42946 10 6452 1 2025-08-02 03:22:01.224 00:00:00.021 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-02 03:22:01.557 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-02 03:21:55.636 00:00:10.365 TCP 23.104.0.1:38492 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:22:09.758 00:00:10.183 TCP 1.101.0.1:3000 -> 22.102.0.1:34248 10 6452 1 2025-08-02 03:22:56.050 00:00:10.327 TCP 23.104.0.1:48922 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:23:09.981 00:00:10.200 TCP 1.101.0.1:3000 -> 22.102.0.1:44980 10 6452 1 2025-08-02 03:23:56.412 00:00:10.365 TCP 23.104.0.1:55604 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:24:10.218 00:00:10.170 TCP 1.101.0.1:3000 -> 22.102.0.1:59994 10 6452 1 2025-08-02 03:24:56.817 00:00:10.367 TCP 23.104.0.1:37072 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:25:10.430 00:00:10.546 TCP 1.101.0.1:3000 -> 22.102.0.1:53502 10 6452 1 2025-08-02 03:21:04.963 00:06:00.000 TCP 179.1.22.22:39396 -> 179.1.22.1:179 7 497 1 2025-08-02 03:21:04.936 00:06:00.031 TCP 179.1.22.1:179 -> 179.1.22.22:39396 14 861 1 2025-08-02 03:25:57.225 00:00:10.361 TCP 23.104.0.1:52226 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:26:11.037 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:54278 10 6452 1 2025-08-02 03:27:01.244 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-02 03:27:01.295 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-02 03:26:57.623 00:00:10.368 TCP 23.104.0.1:32880 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:27:11.253 00:00:10.135 TCP 1.101.0.1:3000 -> 22.102.0.1:60914 10 6452 1 2025-08-02 03:27:58.028 00:00:10.367 TCP 23.104.0.1:44570 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:28:11.426 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:58000 10 6452 1 2025-08-02 03:28:58.432 00:00:10.369 TCP 23.104.0.1:52020 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:29:11.638 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:59622 10 6452 1 2025-08-02 03:29:58.840 00:00:10.392 TCP 23.104.0.1:57780 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:30:11.853 00:00:10.190 TCP 1.101.0.1:3000 -> 22.102.0.1:55674 10 6452 1 2025-08-02 03:30:59.287 00:00:10.321 TCP 23.104.0.1:38786 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:31:12.090 00:00:10.178 TCP 1.101.0.1:3000 -> 22.102.0.1:54682 10 6452 1 2025-08-02 03:32:01.501 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-02 03:32:01.443 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-02 03:31:59.649 00:00:10.368 TCP 23.104.0.1:55532 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:32:12.315 00:00:10.182 TCP 1.101.0.1:3000 -> 22.102.0.1:34052 10 6452 1 2025-08-02 03:28:04.938 00:06:00.030 TCP 179.1.22.1:179 -> 179.1.22.22:39396 14 861 1 2025-08-02 03:28:04.967 00:05:59.999 TCP 179.1.22.22:39396 -> 179.1.22.1:179 7 497 1 2025-08-02 03:33:00.066 00:00:10.363 TCP 23.104.0.1:46998 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:33:12.537 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:54244 10 6452 1 2025-08-02 03:34:00.474 00:00:10.368 TCP 23.104.0.1:35962 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:34:12.747 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:47190 10 6452 1 2025-08-02 03:35:00.882 00:00:10.380 TCP 23.104.0.1:57982 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:35:12.963 00:00:10.190 TCP 1.101.0.1:3000 -> 22.102.0.1:33496 12 6556 1 2025-08-02 03:36:01.304 00:00:10.375 TCP 23.104.0.1:36954 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:36:13.191 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:54480 10 6452 1 2025-08-02 03:37:01.655 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-02 03:37:01.537 00:00:00.024 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-02 03:37:01.722 00:00:10.378 TCP 23.104.0.1:58668 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:37:13.407 00:00:10.178 TCP 1.101.0.1:3000 -> 22.102.0.1:47308 10 6452 1 2025-08-02 03:38:02.143 00:00:10.324 TCP 23.104.0.1:48146 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:38:13.627 00:00:10.135 TCP 1.101.0.1:3000 -> 22.102.0.1:39816 10 6452 1 2025-08-02 03:39:02.511 00:00:10.365 TCP 23.104.0.1:45954 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:39:13.810 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:36952 10 6452 1 2025-08-02 03:35:04.942 00:06:00.027 TCP 179.1.22.1:179 -> 179.1.22.22:39396 14 861 1 2025-08-02 03:35:04.966 00:06:00.000 TCP 179.1.22.22:39396 -> 179.1.22.1:179 7 497 1 2025-08-02 03:40:02.917 00:00:10.385 TCP 23.104.0.1:47850 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:40:14.038 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:36156 10 6452 1 2025-08-02 03:41:03.342 00:00:10.360 TCP 23.104.0.1:43488 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:41:14.249 00:00:10.134 TCP 1.101.0.1:3000 -> 22.102.0.1:48098 10 6452 1 2025-08-02 03:42:01.723 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-02 03:42:01.525 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-02 03:42:03.743 00:00:10.324 TCP 23.104.0.1:42322 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:42:14.429 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:45530 10 6452 1 2025-08-02 03:43:04.109 00:00:10.365 TCP 23.104.0.1:51288 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:43:14.646 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:59556 10 6452 1 2025-08-02 03:44:04.513 00:00:10.444 TCP 23.104.0.1:58040 -> 1.101.0.1:3000 15 1926 1 2025-08-02 03:44:14.861 00:00:10.224 TCP 1.101.0.1:3000 -> 22.102.0.1:42528 12 10367 1 2025-08-02 03:45:04.994 00:00:10.374 TCP 23.104.0.1:39734 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:45:15.125 00:00:10.135 TCP 1.101.0.1:3000 -> 22.102.0.1:44114 10 6452 1 2025-08-02 03:46:05.402 00:00:10.366 TCP 23.104.0.1:59562 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:46:15.295 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:43226 10 6452 1 2025-08-02 03:47:01.955 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-02 03:47:01.589 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-02 03:42:04.944 00:06:00.028 TCP 179.1.22.1:179 -> 179.1.22.22:39396 14 861 1 2025-08-02 03:42:04.968 00:06:00.002 TCP 179.1.22.22:39396 -> 179.1.22.1:179 7 497 1 2025-08-02 03:47:05.812 00:00:10.372 TCP 23.104.0.1:49450 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:47:15.512 00:00:10.154 TCP 1.101.0.1:3000 -> 22.102.0.1:35034 10 6452 1 2025-08-02 03:48:06.225 00:00:10.367 TCP 23.104.0.1:59736 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:48:15.709 00:00:10.130 TCP 1.101.0.1:3000 -> 22.102.0.1:37640 10 6452 1 2025-08-02 03:49:06.633 00:00:10.368 TCP 23.104.0.1:45212 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:49:15.880 00:00:10.181 TCP 1.101.0.1:3000 -> 22.102.0.1:60354 10 6452 1 2025-08-02 03:50:07.034 00:00:10.366 TCP 23.104.0.1:51038 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:50:16.101 00:00:10.167 TCP 1.101.0.1:3000 -> 22.102.0.1:43936 10 6452 1 2025-08-02 03:51:07.443 00:00:10.323 TCP 23.104.0.1:54384 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:51:16.309 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:36380 10 6452 1 2025-08-02 03:52:01.572 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-02 03:52:01.688 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-02 03:52:07.807 00:00:10.369 TCP 23.104.0.1:41284 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:52:16.529 00:00:10.168 TCP 1.101.0.1:3000 -> 22.102.0.1:51816 10 6452 1 2025-08-02 03:53:08.214 00:00:10.374 TCP 23.104.0.1:42802 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:53:16.739 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:42018 10 6452 1 2025-08-02 03:49:04.944 00:06:00.034 TCP 179.1.22.1:179 -> 179.1.22.22:39396 14 861 1 2025-08-02 03:49:04.969 00:06:00.006 TCP 179.1.22.22:39396 -> 179.1.22.1:179 7 497 1 2025-08-02 03:54:08.627 00:00:10.325 TCP 23.104.0.1:60894 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:54:16.954 00:00:10.181 TCP 1.101.0.1:3000 -> 22.102.0.1:57560 10 6452 1 2025-08-02 03:55:08.991 00:00:10.364 TCP 23.104.0.1:44632 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:55:17.177 00:00:10.183 TCP 1.101.0.1:3000 -> 22.102.0.1:58240 10 6452 1 2025-08-02 03:56:09.395 00:00:10.364 TCP 23.104.0.1:41664 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:56:17.404 00:00:10.189 TCP 1.101.0.1:3000 -> 22.102.0.1:43090 10 6452 1 2025-08-02 03:57:02.194 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-02 03:57:02.267 00:00:00.024 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-02 03:57:09.802 00:00:10.368 TCP 23.104.0.1:38240 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:57:17.638 00:00:10.171 TCP 1.101.0.1:3000 -> 22.102.0.1:58190 10 6452 1 2025-08-02 03:58:10.211 00:00:10.324 TCP 23.104.0.1:42350 -> 1.101.0.1:3000 11 1507 1 2025-08-02 03:58:17.850 00:00:10.209 TCP 1.101.0.1:3000 -> 22.102.0.1:34324 11 6492 1 Summary: total flows: 160, total bytes: 498930, total packets: 1509, avg bps: 1114, avg pps: 0, avg bpp: 330 Time window: 2025-08-02 02:58:46 - 2025-08-02 03:58:28 Total flows processed: 160, passed: 160, Blocks skipped: 0, Bytes read: 16704 Sys: 0.0036s User: 0.0012s Wall: 0.0028s flows/second: 57221.1 Runtime: 0.0028s