Date first seen Duration Proto Src IP Addr:Port Dst IP Addr:Port Packets Bytes Flows 2025-08-02 08:59:11.171 00:00:10.337 TCP 23.104.0.1:33656 -> 1.101.0.1:3000 11 1507 1 2025-08-02 08:59:26.758 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:54794 10 6452 1 2025-08-02 09:00:11.561 00:00:10.366 TCP 23.104.0.1:52734 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:00:26.973 00:00:10.193 TCP 1.101.0.1:3000 -> 22.102.0.1:59640 10 6452 1 2025-08-02 08:56:05.099 00:06:00.076 TCP 179.1.22.22:39396 -> 179.1.22.1:179 14 861 1 2025-08-02 08:56:05.095 00:06:00.081 TCP 179.1.22.1:179 -> 179.1.22.22:39396 14 861 1 2025-08-02 09:01:11.973 00:00:10.328 TCP 23.104.0.1:60180 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:01:27.206 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:60762 10 6452 1 2025-08-02 09:02:08.332 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-02 09:02:08.484 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-02 09:02:12.345 00:00:10.327 TCP 23.104.0.1:54554 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:02:27.417 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:60474 10 6452 1 2025-08-02 09:03:12.709 00:00:10.342 TCP 23.104.0.1:40116 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:03:27.631 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:59112 10 6452 1 2025-08-02 09:04:13.113 00:00:10.366 TCP 23.104.0.1:36636 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:04:27.846 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:57234 10 6452 1 2025-08-02 09:05:13.517 00:00:10.361 TCP 23.104.0.1:57790 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:05:28.095 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:40826 10 6452 1 2025-08-02 09:06:13.916 00:00:10.393 TCP 23.104.0.1:57642 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:06:28.306 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:47002 10 6452 1 2025-08-02 09:07:07.972 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-02 09:07:08.202 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-02 09:07:14.348 00:00:10.326 TCP 23.104.0.1:52740 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:07:28.517 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:38500 10 6452 1 2025-08-02 09:03:05.104 00:06:00.075 TCP 179.1.22.22:39396 -> 179.1.22.1:179 14 861 1 2025-08-02 09:03:05.102 00:06:00.081 TCP 179.1.22.1:179 -> 179.1.22.22:39396 14 861 1 2025-08-02 09:08:14.720 00:00:10.372 TCP 23.104.0.1:33424 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:08:28.729 00:00:10.131 TCP 1.101.0.1:3000 -> 22.102.0.1:43070 10 6452 1 2025-08-02 09:09:15.128 00:00:10.369 TCP 23.104.0.1:57130 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:09:28.908 00:00:10.182 TCP 1.101.0.1:3000 -> 22.102.0.1:40660 10 6452 1 2025-08-02 09:10:15.534 00:00:10.316 TCP 23.104.0.1:53168 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:10:29.138 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:36308 10 6452 1 2025-08-02 09:11:15.890 00:00:10.373 TCP 23.104.0.1:38234 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:11:29.348 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:58122 10 6452 1 2025-08-02 09:12:08.304 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-02 09:12:07.980 00:00:00.029 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-02 09:12:16.302 00:00:10.364 TCP 23.104.0.1:52204 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:12:29.562 00:00:10.179 TCP 1.101.0.1:3000 -> 22.102.0.1:49374 10 6452 1 2025-08-02 09:13:16.702 00:00:10.360 TCP 23.104.0.1:37214 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:13:29.793 00:00:10.132 TCP 1.101.0.1:3000 -> 22.102.0.1:55310 10 6452 1 2025-08-02 09:14:17.104 00:00:10.372 TCP 23.104.0.1:45170 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:14:29.968 00:00:10.152 TCP 1.101.0.1:3000 -> 22.102.0.1:55386 10 6452 1 2025-08-02 09:10:05.100 00:06:00.091 TCP 179.1.22.1:179 -> 179.1.22.22:39396 14 861 1 2025-08-02 09:10:05.104 00:06:00.085 TCP 179.1.22.22:39396 -> 179.1.22.1:179 14 861 1 2025-08-02 09:15:17.510 00:00:10.360 TCP 23.104.0.1:40630 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:15:30.152 00:00:10.180 TCP 1.101.0.1:3000 -> 22.102.0.1:52464 10 6452 1 2025-08-02 09:16:17.912 00:00:10.325 TCP 23.104.0.1:37580 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:16:30.359 00:00:10.183 TCP 1.101.0.1:3000 -> 22.102.0.1:41696 10 6452 1 2025-08-02 09:17:08.437 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-02 09:17:08.643 00:00:00.024 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-02 09:17:18.274 00:00:10.325 TCP 23.104.0.1:37798 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:17:30.579 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:51448 10 6452 1 2025-08-02 09:18:18.643 00:00:10.372 TCP 23.104.0.1:46488 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:18:30.795 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:50244 10 6452 1 2025-08-02 09:19:19.058 00:00:10.361 TCP 23.104.0.1:56812 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:19:31.010 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:53898 10 6452 1 2025-08-02 09:20:19.458 00:00:10.367 TCP 23.104.0.1:37148 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:20:31.221 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:32868 10 6452 1 2025-08-02 09:21:19.861 00:00:10.370 TCP 23.104.0.1:38042 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:21:31.437 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:60116 10 6452 1 2025-08-02 09:17:05.112 00:06:00.083 TCP 179.1.22.1:179 -> 179.1.22.22:39396 14 861 1 2025-08-02 09:17:05.114 00:06:00.078 TCP 179.1.22.22:39396 -> 179.1.22.1:179 14 861 1 2025-08-02 09:22:08.571 00:00:00.024 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-02 09:22:08.449 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-02 09:22:20.269 00:00:10.369 TCP 23.104.0.1:54310 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:22:31.654 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:37922 10 6452 1 2025-08-02 09:23:20.677 00:00:10.464 TCP 23.104.0.1:50524 -> 1.101.0.1:3000 15 1926 1 2025-08-02 09:23:31.866 00:00:10.162 TCP 1.101.0.1:3000 -> 22.102.0.1:47216 12 10367 1 2025-08-02 09:24:21.180 00:00:10.334 TCP 23.104.0.1:51792 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:24:32.085 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:53658 10 6452 1 2025-08-02 09:25:21.554 00:00:10.366 TCP 23.104.0.1:51704 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:25:32.296 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:50054 10 6452 1 2025-08-02 09:26:21.960 00:00:10.374 TCP 23.104.0.1:44348 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:26:32.512 00:00:10.169 TCP 1.101.0.1:3000 -> 22.102.0.1:34154 10 6452 1 2025-08-02 09:27:08.703 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-02 09:27:08.638 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-02 09:27:22.374 00:00:10.364 TCP 23.104.0.1:41404 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:27:32.719 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:35418 10 6452 1 2025-08-02 09:28:22.776 00:00:10.388 TCP 23.104.0.1:55420 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:28:32.931 00:00:10.197 TCP 1.101.0.1:3000 -> 22.102.0.1:39502 10 6452 1 2025-08-02 09:24:05.115 00:06:00.080 TCP 179.1.22.1:179 -> 179.1.22.22:39396 14 861 1 2025-08-02 09:24:05.118 00:06:00.075 TCP 179.1.22.22:39396 -> 179.1.22.1:179 14 861 1 2025-08-02 09:29:23.206 00:00:10.334 TCP 23.104.0.1:43614 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:29:33.171 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:59656 10 6452 1 2025-08-02 09:30:23.579 00:00:10.367 TCP 23.104.0.1:41682 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:30:33.386 00:00:10.132 TCP 1.101.0.1:3000 -> 22.102.0.1:37230 10 6452 1 2025-08-02 09:31:23.990 00:00:10.367 TCP 23.104.0.1:49190 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:31:33.557 00:00:10.333 TCP 1.101.0.1:3000 -> 22.102.0.1:38740 10 6452 1 2025-08-02 09:32:08.757 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-02 09:32:08.743 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-02 09:32:24.405 00:00:10.361 TCP 23.104.0.1:53900 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:32:33.930 00:00:10.198 TCP 1.101.0.1:3000 -> 22.102.0.1:57728 10 6452 1 2025-08-02 09:33:24.809 00:00:10.375 TCP 23.104.0.1:34218 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:33:34.170 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:41282 10 6452 1 2025-08-02 09:34:25.229 00:00:10.363 TCP 23.104.0.1:59592 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:34:34.383 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:38744 10 6452 1 2025-08-02 09:35:25.640 00:00:10.365 TCP 23.104.0.1:44386 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:35:34.596 00:00:10.194 TCP 1.101.0.1:3000 -> 22.102.0.1:59312 10 6452 1 2025-08-02 09:31:05.119 00:06:00.076 TCP 179.1.22.22:39396 -> 179.1.22.1:179 14 861 1 2025-08-02 09:31:05.116 00:06:00.081 TCP 179.1.22.1:179 -> 179.1.22.22:39396 14 861 1 2025-08-02 09:36:26.058 00:00:10.361 TCP 23.104.0.1:54916 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:36:34.828 00:00:10.190 TCP 1.101.0.1:3000 -> 22.102.0.1:35886 10 6452 1 2025-08-02 09:37:10.266 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-02 09:37:10.114 00:00:00.048 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-02 09:37:26.460 00:00:10.366 TCP 23.104.0.1:33964 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:37:35.091 00:00:10.184 TCP 1.101.0.1:3000 -> 22.102.0.1:40090 10 6452 1 2025-08-02 09:38:26.871 00:00:10.362 TCP 23.104.0.1:56302 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:38:35.314 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:57374 10 6452 1 2025-08-02 09:39:27.271 00:00:10.365 TCP 23.104.0.1:53186 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:39:35.526 00:00:10.171 TCP 1.101.0.1:3000 -> 22.102.0.1:51674 10 6452 1 2025-08-02 09:40:27.677 00:00:10.367 TCP 23.104.0.1:34666 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:40:35.738 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:47854 10 6452 1 2025-08-02 09:41:28.104 00:00:10.326 TCP 23.104.0.1:41054 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:41:35.950 00:00:10.187 TCP 1.101.0.1:3000 -> 22.102.0.1:37934 10 6452 1 2025-08-02 09:42:08.898 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-02 09:42:08.893 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-02 09:42:28.465 00:00:10.363 TCP 23.104.0.1:37258 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:42:36.176 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:36984 10 6452 1 2025-08-02 09:38:05.119 00:06:00.082 TCP 179.1.22.1:179 -> 179.1.22.22:39396 14 861 1 2025-08-02 09:38:05.121 00:06:00.077 TCP 179.1.22.22:39396 -> 179.1.22.1:179 14 861 1 2025-08-02 09:43:28.869 00:00:10.372 TCP 23.104.0.1:60722 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:43:36.388 00:00:10.178 TCP 1.101.0.1:3000 -> 22.102.0.1:41138 10 6452 1 2025-08-02 09:44:29.280 00:00:10.364 TCP 23.104.0.1:48560 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:44:36.605 00:00:10.179 TCP 1.101.0.1:3000 -> 22.102.0.1:50290 10 6452 1 2025-08-02 09:45:29.683 00:00:10.379 TCP 23.104.0.1:42268 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:45:36.822 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:47154 10 6452 1 2025-08-02 09:46:30.104 00:00:10.324 TCP 23.104.0.1:35060 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:46:37.037 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:54804 10 6452 1 2025-08-02 09:47:09.012 00:00:00.021 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-02 09:47:09.094 00:00:00.027 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-02 09:47:30.465 00:00:10.375 TCP 23.104.0.1:48612 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:47:37.391 00:00:10.180 TCP 1.101.0.1:3000 -> 22.102.0.1:33098 10 6452 1 2025-08-02 09:48:30.877 00:00:10.364 TCP 23.104.0.1:59772 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:48:37.611 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:36064 10 6452 1 2025-08-02 09:49:31.282 00:00:10.326 TCP 23.104.0.1:43580 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:49:37.828 00:00:10.133 TCP 1.101.0.1:3000 -> 22.102.0.1:34304 10 6452 1 2025-08-02 09:45:05.124 00:06:00.086 TCP 179.1.22.22:39396 -> 179.1.22.1:179 14 861 1 2025-08-02 09:45:05.122 00:06:00.092 TCP 179.1.22.1:179 -> 179.1.22.22:39396 14 861 1 2025-08-02 09:50:31.641 00:00:10.371 TCP 23.104.0.1:32782 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:50:38.001 00:00:10.182 TCP 1.101.0.1:3000 -> 22.102.0.1:42672 10 6452 1 2025-08-02 09:51:32.054 00:00:10.366 TCP 23.104.0.1:37412 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:51:38.219 00:00:10.132 TCP 1.101.0.1:3000 -> 22.102.0.1:54786 10 6452 1 2025-08-02 09:52:08.942 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-02 09:52:09.186 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-02 09:52:32.453 00:00:10.364 TCP 23.104.0.1:40702 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:52:38.389 00:00:10.170 TCP 1.101.0.1:3000 -> 22.102.0.1:38968 10 6452 1 2025-08-02 09:53:32.855 00:00:10.372 TCP 23.104.0.1:40972 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:53:38.594 00:00:10.129 TCP 1.101.0.1:3000 -> 22.102.0.1:50294 10 6452 1 2025-08-02 09:54:33.269 00:00:10.391 TCP 23.104.0.1:39304 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:54:38.764 00:00:10.137 TCP 1.101.0.1:3000 -> 22.102.0.1:57288 10 6452 1 2025-08-02 09:55:33.700 00:00:10.366 TCP 23.104.0.1:47562 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:55:38.945 00:00:10.185 TCP 1.101.0.1:3000 -> 22.102.0.1:52772 10 6452 1 2025-08-02 09:56:34.109 00:00:10.370 TCP 23.104.0.1:60800 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:56:39.171 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:56140 10 6452 1 2025-08-02 09:52:05.122 00:06:00.095 TCP 179.1.22.1:179 -> 179.1.22.22:39396 14 861 1 2025-08-02 09:52:05.125 00:06:00.090 TCP 179.1.22.22:39396 -> 179.1.22.1:179 14 861 1 2025-08-02 09:57:09.102 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-02 09:57:09.150 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-02 09:57:34.520 00:00:10.424 TCP 23.104.0.1:33922 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:57:39.383 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:56466 10 6452 1 2025-08-02 09:58:35.000 00:00:10.365 TCP 23.104.0.1:53060 -> 1.101.0.1:3000 11 1507 1 2025-08-02 09:58:39.597 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:42448 10 6452 1 Summary: total flows: 162, total bytes: 503420, total packets: 1590, avg bps: 1069, avg pps: 0, avg bpp: 316 Time window: 2025-08-02 08:56:05 - 2025-08-02 09:58:49 Total flows processed: 162, passed: 162, Blocks skipped: 0, Bytes read: 16912 Sys: 0.0022s User: 0.0011s Wall: 0.0019s flows/second: 83463.6 Runtime: 0.0020s