Date first seen Duration Proto Src IP Addr:Port Dst IP Addr:Port Packets Bytes Flows 2025-08-25 17:59:15.604 00:00:10.360 TCP 23.104.0.1:52606 -> 1.101.0.1:3000 11 1507 1 2025-08-25 17:59:16.203 00:00:10.180 TCP 1.101.0.1:3000 -> 22.102.0.1:54636 10 6452 1 2025-08-25 18:00:16.006 00:00:10.363 TCP 23.104.0.1:33250 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:00:16.423 00:00:10.179 TCP 1.101.0.1:3000 -> 22.102.0.1:58282 10 6452 1 2025-08-25 18:01:16.406 00:00:10.367 TCP 23.104.0.1:36796 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:01:16.645 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:57824 10 6452 1 2025-08-25 18:02:16.813 00:00:10.388 TCP 23.104.0.1:47532 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:02:16.866 00:00:10.188 TCP 1.101.0.1:3000 -> 22.102.0.1:35498 10 6452 1 2025-08-25 18:03:23.339 00:00:00.021 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-25 18:03:22.996 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-25 18:03:17.235 00:00:10.330 TCP 23.104.0.1:44874 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:03:17.092 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:40690 10 6452 1 2025-08-25 17:59:17.646 00:06:00.109 TCP 179.1.22.1:179 -> 179.1.22.22:39396 14 861 1 2025-08-25 17:59:17.653 00:06:00.099 TCP 179.1.22.22:39396 -> 179.1.22.1:179 14 861 1 2025-08-25 18:04:17.308 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:48170 10 6452 1 2025-08-25 18:04:17.604 00:00:10.370 TCP 23.104.0.1:59958 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:05:17.527 00:00:10.183 TCP 1.101.0.1:3000 -> 22.102.0.1:58474 10 6452 1 2025-08-25 18:05:18.017 00:00:10.368 TCP 23.104.0.1:59904 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:06:17.747 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:38688 10 6452 1 2025-08-25 18:06:18.418 00:00:10.370 TCP 23.104.0.1:38210 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:07:17.962 00:00:10.200 TCP 1.101.0.1:3000 -> 22.102.0.1:35542 10 6452 1 2025-08-25 18:07:18.823 00:00:10.363 TCP 23.104.0.1:53194 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:08:23.301 00:00:00.024 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-25 18:08:23.308 00:00:00.024 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-25 18:08:18.196 00:00:10.191 TCP 1.101.0.1:3000 -> 22.102.0.1:37104 10 6452 1 2025-08-25 18:08:19.225 00:00:10.366 TCP 23.104.0.1:34146 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:09:19.631 00:00:10.331 TCP 23.104.0.1:38404 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:09:18.426 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:43074 10 6452 1 2025-08-25 18:10:18.645 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:54530 10 6452 1 2025-08-25 18:10:20.005 00:00:10.364 TCP 23.104.0.1:41180 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:06:17.645 00:06:00.111 TCP 179.1.22.22:39396 -> 179.1.22.1:179 14 861 1 2025-08-25 18:06:17.642 00:06:00.117 TCP 179.1.22.1:179 -> 179.1.22.22:39396 14 861 1 2025-08-25 18:11:18.862 00:00:10.179 TCP 1.101.0.1:3000 -> 22.102.0.1:37410 10 6452 1 2025-08-25 18:11:20.415 00:00:10.727 TCP 23.104.0.1:46092 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:12:19.085 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:43208 10 6452 1 2025-08-25 18:12:21.190 00:00:10.326 TCP 23.104.0.1:58986 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:13:23.272 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-25 18:13:23.438 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-25 18:13:19.299 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:32972 10 6452 1 2025-08-25 18:13:21.553 00:00:10.366 TCP 23.104.0.1:43528 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:14:19.515 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:54544 10 6452 1 2025-08-25 18:14:21.959 00:00:10.370 TCP 23.104.0.1:47890 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:15:19.726 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:44398 10 6452 1 2025-08-25 18:15:22.366 00:00:10.363 TCP 23.104.0.1:53080 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:16:19.936 00:00:10.219 TCP 1.101.0.1:3000 -> 22.102.0.1:45852 12 10367 1 2025-08-25 18:16:22.764 00:00:10.443 TCP 23.104.0.1:39420 -> 1.101.0.1:3000 15 1926 1 2025-08-25 18:17:20.196 00:00:10.180 TCP 1.101.0.1:3000 -> 22.102.0.1:57324 10 6452 1 2025-08-25 18:17:23.240 00:00:10.327 TCP 23.104.0.1:40652 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:13:17.643 00:06:00.119 TCP 179.1.22.1:179 -> 179.1.22.22:39396 14 861 1 2025-08-25 18:18:23.592 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-25 18:13:17.647 00:06:00.114 TCP 179.1.22.22:39396 -> 179.1.22.1:179 14 861 1 2025-08-25 18:18:23.490 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-25 18:18:20.416 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:51522 10 6452 1 2025-08-25 18:18:23.602 00:00:10.365 TCP 23.104.0.1:57568 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:19:20.630 00:00:10.139 TCP 1.101.0.1:3000 -> 22.102.0.1:34300 10 6452 1 2025-08-25 18:19:24.005 00:00:10.323 TCP 23.104.0.1:39678 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:20:20.807 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:32826 10 6452 1 2025-08-25 18:20:24.369 00:00:10.362 TCP 23.104.0.1:35348 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:21:21.028 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:46624 10 6452 1 2025-08-25 18:21:24.765 00:00:10.368 TCP 23.104.0.1:37376 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:22:21.241 00:00:10.170 TCP 1.101.0.1:3000 -> 22.102.0.1:32850 10 6452 1 2025-08-25 18:22:25.169 00:00:10.369 TCP 23.104.0.1:58084 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:23:23.712 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-25 18:23:23.285 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-25 18:23:21.452 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:42028 10 6452 1 2025-08-25 18:23:25.573 00:00:10.361 TCP 23.104.0.1:41440 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:24:21.662 00:00:10.137 TCP 1.101.0.1:3000 -> 22.102.0.1:43034 10 6452 1 2025-08-25 18:24:25.970 00:00:10.366 TCP 23.104.0.1:34886 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:20:17.648 00:06:00.114 TCP 179.1.22.22:39396 -> 179.1.22.1:179 14 861 1 2025-08-25 18:20:17.645 00:06:00.120 TCP 179.1.22.1:179 -> 179.1.22.22:39396 14 861 1 2025-08-25 18:25:21.850 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:43392 10 6452 1 2025-08-25 18:25:26.373 00:00:10.366 TCP 23.104.0.1:55610 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:26:22.076 00:00:10.137 TCP 1.101.0.1:3000 -> 22.102.0.1:59756 10 6452 1 2025-08-25 18:26:26.779 00:00:10.368 TCP 23.104.0.1:56102 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:27:22.255 00:00:10.180 TCP 1.101.0.1:3000 -> 22.102.0.1:48630 10 6452 1 2025-08-25 18:27:27.180 00:00:10.365 TCP 23.104.0.1:51154 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:28:23.923 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-25 18:28:23.597 00:00:00.024 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-25 18:28:22.478 00:00:10.186 TCP 1.101.0.1:3000 -> 22.102.0.1:43594 10 6452 1 2025-08-25 18:28:27.586 00:00:10.367 TCP 23.104.0.1:60200 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:29:22.704 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:56634 10 6452 1 2025-08-25 18:29:27.993 00:00:10.363 TCP 23.104.0.1:33646 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:30:22.920 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:37364 10 6452 1 2025-08-25 18:30:28.391 00:00:10.364 TCP 23.104.0.1:35936 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:31:23.133 00:00:10.171 TCP 1.101.0.1:3000 -> 22.102.0.1:59596 10 6452 1 2025-08-25 18:31:28.792 00:00:10.338 TCP 23.104.0.1:52070 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:27:17.648 00:06:00.115 TCP 179.1.22.22:39396 -> 179.1.22.1:179 14 861 1 2025-08-25 18:27:17.645 00:06:00.120 TCP 179.1.22.1:179 -> 179.1.22.22:39396 14 861 1 2025-08-25 18:32:23.339 00:00:10.135 TCP 1.101.0.1:3000 -> 22.102.0.1:40072 10 6452 1 2025-08-25 18:32:29.176 00:00:10.366 TCP 23.104.0.1:60484 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:33:23.838 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-25 18:33:23.821 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-25 18:33:23.513 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:36330 10 6452 1 2025-08-25 18:33:29.578 00:00:10.366 TCP 23.104.0.1:34304 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:34:23.728 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:50542 10 6452 1 2025-08-25 18:34:29.982 00:00:10.365 TCP 23.104.0.1:42904 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:35:23.947 00:00:10.189 TCP 1.101.0.1:3000 -> 22.102.0.1:52910 10 6452 1 2025-08-25 18:35:30.385 00:00:10.328 TCP 23.104.0.1:34876 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:36:24.176 00:00:10.137 TCP 1.101.0.1:3000 -> 22.102.0.1:37992 10 6452 1 2025-08-25 18:36:30.761 00:00:10.376 TCP 23.104.0.1:41254 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:37:24.346 00:00:10.137 TCP 1.101.0.1:3000 -> 22.102.0.1:47240 10 6452 1 2025-08-25 18:37:31.171 00:00:10.370 TCP 23.104.0.1:36154 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:38:23.877 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-25 18:38:23.873 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-25 18:38:24.517 00:00:10.504 TCP 1.101.0.1:3000 -> 22.102.0.1:54340 10 6452 1 2025-08-25 18:38:31.576 00:00:10.367 TCP 23.104.0.1:44334 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:34:17.651 00:06:00.116 TCP 179.1.22.1:179 -> 179.1.22.22:39396 14 861 1 2025-08-25 18:34:17.653 00:06:00.111 TCP 179.1.22.22:39396 -> 179.1.22.1:179 14 861 1 2025-08-25 18:39:25.074 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:47112 10 6452 1 2025-08-25 18:39:31.981 00:00:10.367 TCP 23.104.0.1:53916 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:40:25.285 00:00:10.169 TCP 1.101.0.1:3000 -> 22.102.0.1:60126 10 6452 1 2025-08-25 18:40:32.386 00:00:10.361 TCP 23.104.0.1:58758 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:41:25.493 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:56296 10 6452 1 2025-08-25 18:41:32.806 00:00:10.372 TCP 23.104.0.1:50956 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:42:25.708 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:56616 10 6452 1 2025-08-25 18:42:33.215 00:00:10.365 TCP 23.104.0.1:32946 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:43:23.791 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-25 18:43:24.018 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-25 18:43:25.918 00:00:10.698 TCP 1.101.0.1:3000 -> 22.102.0.1:49750 10 6452 1 2025-08-25 18:43:33.615 00:00:10.366 TCP 23.104.0.1:55672 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:44:26.659 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:53316 10 6452 1 2025-08-25 18:44:34.023 00:00:10.395 TCP 23.104.0.1:44198 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:45:26.872 00:00:10.187 TCP 1.101.0.1:3000 -> 22.102.0.1:42948 10 6452 1 2025-08-25 18:45:34.457 00:00:10.363 TCP 23.104.0.1:60162 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:41:17.655 00:06:00.112 TCP 179.1.22.22:39396 -> 179.1.22.1:179 14 861 1 2025-08-25 18:41:17.653 00:06:00.117 TCP 179.1.22.1:179 -> 179.1.22.22:39396 14 861 1 2025-08-25 18:46:27.100 00:00:10.136 TCP 1.101.0.1:3000 -> 22.102.0.1:60826 10 6452 1 2025-08-25 18:46:34.856 00:00:10.380 TCP 23.104.0.1:35056 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:47:27.270 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:44508 10 6452 1 2025-08-25 18:47:35.276 00:00:10.361 TCP 23.104.0.1:40562 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:48:24.115 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-25 18:48:24.171 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-25 18:48:27.481 00:00:10.132 TCP 1.101.0.1:3000 -> 22.102.0.1:58472 10 6452 1 2025-08-25 18:48:35.681 00:00:10.377 TCP 23.104.0.1:40388 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:49:27.652 00:00:10.185 TCP 1.101.0.1:3000 -> 22.102.0.1:53666 10 6452 1 2025-08-25 18:49:36.104 00:00:10.365 TCP 23.104.0.1:57508 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:50:27.875 00:00:10.193 TCP 1.101.0.1:3000 -> 22.102.0.1:58786 10 6452 1 2025-08-25 18:50:36.508 00:00:10.358 TCP 23.104.0.1:58016 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:51:28.103 00:00:10.846 TCP 1.101.0.1:3000 -> 22.102.0.1:36338 10 6452 1 2025-08-25 18:51:36.900 00:00:10.378 TCP 23.104.0.1:60904 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:52:28.991 00:00:10.178 TCP 1.101.0.1:3000 -> 22.102.0.1:36834 10 6452 1 2025-08-25 18:52:37.315 00:00:10.369 TCP 23.104.0.1:54156 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:48:17.661 00:06:00.111 TCP 179.1.22.1:179 -> 179.1.22.22:39396 14 861 1 2025-08-25 18:48:17.664 00:06:00.106 TCP 179.1.22.22:39396 -> 179.1.22.1:179 14 861 1 2025-08-25 18:53:24.143 00:00:00.040 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-25 18:53:24.305 00:00:00.021 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-25 18:53:29.211 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:54770 10 6452 1 2025-08-25 18:53:37.714 00:00:10.375 TCP 23.104.0.1:47032 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:54:29.428 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:48622 10 6452 1 2025-08-25 18:54:38.123 00:00:10.362 TCP 23.104.0.1:36436 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:55:29.644 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:47712 10 6452 1 2025-08-25 18:55:38.526 00:00:10.368 TCP 23.104.0.1:39812 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:56:29.856 00:00:10.204 TCP 1.101.0.1:3000 -> 22.102.0.1:46214 12 10367 1 2025-08-25 18:56:38.935 00:00:10.463 TCP 23.104.0.1:40574 -> 1.101.0.1:3000 15 1926 1 2025-08-25 18:57:30.101 00:00:10.241 TCP 1.101.0.1:3000 -> 22.102.0.1:34910 10 6452 1 2025-08-25 18:57:39.439 00:00:10.327 TCP 23.104.0.1:45042 -> 1.101.0.1:3000 11 1507 1 2025-08-25 18:58:24.423 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-25 18:58:24.255 00:00:00.021 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-25 18:58:30.378 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:35880 10 6452 1 2025-08-25 18:58:39.808 00:00:10.368 TCP 23.104.0.1:34602 -> 1.101.0.1:3000 11 1507 1 Summary: total flows: 160, total bytes: 506032, total packets: 1568, avg bps: 1132, avg pps: 0, avg bpp: 322 Time window: 2025-08-25 17:59:15 - 2025-08-25 18:58:50 Total flows processed: 160, passed: 160, Blocks skipped: 0, Bytes read: 16704 Sys: 0.0018s User: 0.0027s Wall: 0.0021s flows/second: 75897.8 Runtime: 0.0021s