Date first seen Duration Proto Src IP Addr:Port Dst IP Addr:Port Packets Bytes Flows 2025-08-26 17:58:52.013 00:00:00.021 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-26 17:59:07.711 00:00:10.131 TCP 1.101.0.1:3000 -> 22.102.0.1:58492 10 6452 1 2025-08-26 17:59:40.997 00:00:10.367 TCP 23.104.0.1:35556 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:00:07.889 00:00:10.187 TCP 1.101.0.1:3000 -> 22.102.0.1:53420 10 6452 1 2025-08-26 18:00:41.403 00:00:10.374 TCP 23.104.0.1:52780 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:01:08.110 00:00:10.179 TCP 1.101.0.1:3000 -> 22.102.0.1:38566 10 6452 1 2025-08-26 18:01:41.820 00:00:10.390 TCP 23.104.0.1:35566 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:02:08.331 00:00:10.180 TCP 1.101.0.1:3000 -> 22.102.0.1:48456 10 6452 1 2025-08-26 18:02:42.252 00:00:10.361 TCP 23.104.0.1:52038 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:03:08.553 00:00:10.197 TCP 1.101.0.1:3000 -> 22.102.0.1:40534 10 6452 1 2025-08-26 17:58:18.340 00:06:00.167 TCP 179.1.22.1:179 -> 179.1.22.22:39396 14 861 1 2025-08-26 18:03:52.165 00:00:00.025 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-26 18:03:42.653 00:00:10.364 TCP 23.104.0.1:40466 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:03:52.309 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-26 18:04:08.791 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:34590 10 6452 1 2025-08-26 17:59:18.344 00:06:00.161 TCP 179.1.22.22:39396 -> 179.1.22.1:179 14 861 1 2025-08-26 18:04:43.068 00:00:10.364 TCP 23.104.0.1:42328 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:05:09.006 00:00:10.178 TCP 1.101.0.1:3000 -> 22.102.0.1:53676 10 6452 1 2025-08-26 18:05:43.470 00:00:10.363 TCP 23.104.0.1:57892 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:06:09.223 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:37536 10 6452 1 2025-08-26 18:06:43.873 00:00:10.329 TCP 23.104.0.1:43398 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:07:09.442 00:00:10.167 TCP 1.101.0.1:3000 -> 22.102.0.1:58830 12 6556 1 2025-08-26 18:07:44.241 00:00:10.326 TCP 23.104.0.1:55432 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:08:09.652 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:35604 10 6452 1 2025-08-26 18:08:51.935 00:00:00.024 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-26 18:08:52.161 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-26 18:08:44.603 00:00:10.365 TCP 23.104.0.1:56650 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:09:09.867 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:55342 10 6452 1 2025-08-26 18:09:45.011 00:00:10.364 TCP 23.104.0.1:51700 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:10:10.097 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:35282 10 6452 1 2025-08-26 18:05:18.342 00:06:00.166 TCP 179.1.22.1:179 -> 179.1.22.22:39396 14 861 1 2025-08-26 18:10:45.414 00:00:10.363 TCP 23.104.0.1:44636 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:06:18.344 00:06:00.161 TCP 179.1.22.22:39396 -> 179.1.22.1:179 14 861 1 2025-08-26 18:11:10.306 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:58536 10 6452 1 2025-08-26 18:11:45.814 00:00:10.335 TCP 23.104.0.1:43504 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:12:10.515 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:44996 10 6452 1 2025-08-26 18:12:46.195 00:00:10.362 TCP 23.104.0.1:54558 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:13:10.739 00:00:10.197 TCP 1.101.0.1:3000 -> 22.102.0.1:46138 10 6452 1 2025-08-26 18:13:52.107 00:00:00.047 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-26 18:13:46.598 00:00:10.324 TCP 23.104.0.1:35802 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:13:52.135 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-26 18:14:10.978 00:00:10.156 TCP 1.101.0.1:3000 -> 22.102.0.1:40042 10 6452 1 2025-08-26 18:14:46.960 00:00:10.362 TCP 23.104.0.1:45880 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:15:11.176 00:00:10.178 TCP 1.101.0.1:3000 -> 22.102.0.1:47266 10 6452 1 2025-08-26 18:15:47.360 00:00:10.365 TCP 23.104.0.1:60762 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:16:11.389 00:00:10.197 TCP 1.101.0.1:3000 -> 22.102.0.1:58878 11 6504 1 2025-08-26 18:16:47.758 00:00:10.403 TCP 23.104.0.1:40484 -> 1.101.0.1:3000 15 1926 1 2025-08-26 18:17:11.626 00:00:10.159 TCP 1.101.0.1:3000 -> 22.102.0.1:38904 12 10367 1 2025-08-26 18:12:18.343 00:06:00.166 TCP 179.1.22.1:179 -> 179.1.22.22:39396 14 861 1 2025-08-26 18:17:48.204 00:00:10.364 TCP 23.104.0.1:55252 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:13:18.350 00:06:00.158 TCP 179.1.22.22:39396 -> 179.1.22.1:179 14 861 1 2025-08-26 18:18:11.830 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:41510 10 6452 1 2025-08-26 18:18:52.347 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-26 18:18:52.188 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-26 18:18:48.613 00:00:10.375 TCP 23.104.0.1:35630 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:19:12.068 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:39870 10 6452 1 2025-08-26 18:19:49.028 00:00:10.322 TCP 23.104.0.1:39904 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:20:12.278 00:00:10.171 TCP 1.101.0.1:3000 -> 22.102.0.1:50744 10 6452 1 2025-08-26 18:20:49.393 00:00:10.369 TCP 23.104.0.1:41188 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:21:12.486 00:00:10.183 TCP 1.101.0.1:3000 -> 22.102.0.1:45902 10 6452 1 2025-08-26 18:21:49.797 00:00:10.376 TCP 23.104.0.1:49276 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:22:12.706 00:00:10.134 TCP 1.101.0.1:3000 -> 22.102.0.1:57252 10 6452 1 2025-08-26 18:22:50.215 00:00:10.372 TCP 23.104.0.1:43854 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:23:12.877 00:00:10.184 TCP 1.101.0.1:3000 -> 22.102.0.1:34844 10 6452 1 2025-08-26 18:23:52.733 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-26 18:23:52.650 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-26 18:23:50.632 00:00:10.371 TCP 23.104.0.1:47680 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:19:18.348 00:06:00.162 TCP 179.1.22.1:179 -> 179.1.22.22:39396 14 861 1 2025-08-26 18:24:13.100 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:35010 10 6452 1 2025-08-26 18:24:51.049 00:00:10.372 TCP 23.104.0.1:33840 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:20:18.352 00:06:00.156 TCP 179.1.22.22:39396 -> 179.1.22.1:179 14 861 1 2025-08-26 18:25:13.311 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:37522 10 6452 1 2025-08-26 18:25:51.459 00:00:10.323 TCP 23.104.0.1:42042 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:26:13.531 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:51030 10 6452 1 2025-08-26 18:26:51.822 00:00:10.368 TCP 23.104.0.1:47658 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:27:13.748 00:00:10.132 TCP 1.101.0.1:3000 -> 22.102.0.1:38974 10 6452 1 2025-08-26 18:27:52.224 00:00:10.365 TCP 23.104.0.1:49226 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:28:13.918 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:40536 10 6452 1 2025-08-26 18:28:52.681 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-26 18:28:52.553 00:00:00.021 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-26 18:28:52.630 00:00:10.320 TCP 23.104.0.1:45894 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:29:14.127 00:00:10.132 TCP 1.101.0.1:3000 -> 22.102.0.1:57194 10 6452 1 2025-08-26 18:29:52.994 00:00:10.369 TCP 23.104.0.1:40338 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:30:14.298 00:00:10.132 TCP 1.101.0.1:3000 -> 22.102.0.1:42332 10 6452 1 2025-08-26 18:30:53.397 00:00:10.320 TCP 23.104.0.1:44268 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:26:18.350 00:06:00.162 TCP 179.1.22.1:179 -> 179.1.22.22:39396 14 861 1 2025-08-26 18:31:14.474 00:00:10.186 TCP 1.101.0.1:3000 -> 22.102.0.1:60472 10 6452 1 2025-08-26 18:31:53.759 00:00:10.337 TCP 23.104.0.1:60062 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:27:18.353 00:06:00.160 TCP 179.1.22.22:39396 -> 179.1.22.1:179 14 861 1 2025-08-26 18:32:14.699 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:34300 10 6452 1 2025-08-26 18:32:54.130 00:00:10.324 TCP 23.104.0.1:52334 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:33:14.910 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:51306 10 6452 1 2025-08-26 18:33:52.641 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-26 18:33:52.706 00:00:00.021 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-26 18:33:54.498 00:00:10.323 TCP 23.104.0.1:33368 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:34:15.128 00:00:10.141 TCP 1.101.0.1:3000 -> 22.102.0.1:42164 10 6452 1 2025-08-26 18:34:54.857 00:00:10.375 TCP 23.104.0.1:56098 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:35:15.311 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:38678 10 6452 1 2025-08-26 18:35:55.272 00:00:10.324 TCP 23.104.0.1:54082 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:36:15.520 00:00:10.133 TCP 1.101.0.1:3000 -> 22.102.0.1:44134 10 6452 1 2025-08-26 18:36:55.634 00:00:10.361 TCP 23.104.0.1:37532 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:37:15.692 00:00:10.178 TCP 1.101.0.1:3000 -> 22.102.0.1:47320 10 6452 1 2025-08-26 18:37:56.062 00:00:10.366 TCP 23.104.0.1:33106 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:33:18.359 00:06:00.159 TCP 179.1.22.1:179 -> 179.1.22.22:39396 14 861 1 2025-08-26 18:38:15.906 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:42088 10 6452 1 2025-08-26 18:38:52.834 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-26 18:38:52.769 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-26 18:38:56.466 00:00:10.363 TCP 23.104.0.1:35626 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:34:18.363 00:06:00.153 TCP 179.1.22.22:39396 -> 179.1.22.1:179 14 861 1 2025-08-26 18:39:16.115 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:51398 10 6452 1 2025-08-26 18:39:56.870 00:00:10.324 TCP 23.104.0.1:47748 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:40:16.330 00:00:10.135 TCP 1.101.0.1:3000 -> 22.102.0.1:53086 10 6452 1 2025-08-26 18:40:57.233 00:00:10.364 TCP 23.104.0.1:40438 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:41:16.510 00:00:10.189 TCP 1.101.0.1:3000 -> 22.102.0.1:55468 10 6452 1 2025-08-26 18:41:57.648 00:00:12.697 TCP 23.104.0.1:42506 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:42:16.746 00:00:10.170 TCP 1.101.0.1:3000 -> 22.102.0.1:45020 10 6452 1 2025-08-26 18:43:00.386 00:00:10.319 TCP 23.104.0.1:35302 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:43:16.953 00:00:10.366 TCP 1.101.0.1:3000 -> 22.102.0.1:33858 10 6452 1 2025-08-26 18:43:53.143 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-26 18:43:53.266 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-26 18:44:00.744 00:00:10.366 TCP 23.104.0.1:49508 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:44:17.363 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:41030 10 6452 1 2025-08-26 18:45:01.146 00:00:10.329 TCP 23.104.0.1:51288 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:40:18.360 00:06:00.161 TCP 179.1.22.1:179 -> 179.1.22.22:39396 14 861 1 2025-08-26 18:45:17.573 00:00:10.128 TCP 1.101.0.1:3000 -> 22.102.0.1:35210 10 6452 1 2025-08-26 18:46:01.511 00:00:10.365 TCP 23.104.0.1:50734 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:41:18.363 00:06:00.155 TCP 179.1.22.22:39396 -> 179.1.22.1:179 14 861 1 2025-08-26 18:46:17.744 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:36364 10 6452 1 2025-08-26 18:47:01.913 00:00:10.367 TCP 23.104.0.1:40284 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:47:17.958 00:00:10.183 TCP 1.101.0.1:3000 -> 22.102.0.1:37426 10 6452 1 2025-08-26 18:48:02.317 00:00:10.369 TCP 23.104.0.1:54386 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:48:18.184 00:00:10.179 TCP 1.101.0.1:3000 -> 22.102.0.1:52304 10 6452 1 2025-08-26 18:48:52.994 00:00:00.024 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-26 18:48:52.993 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-26 18:49:02.722 00:00:10.375 TCP 23.104.0.1:55028 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:49:18.401 00:00:10.183 TCP 1.101.0.1:3000 -> 22.102.0.1:55480 10 6452 1 2025-08-26 18:50:03.136 00:00:10.554 TCP 23.104.0.1:43818 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:50:18.624 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:50208 10 6452 1 2025-08-26 18:51:03.727 00:00:10.369 TCP 23.104.0.1:58338 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:51:18.836 00:00:10.699 TCP 1.101.0.1:3000 -> 22.102.0.1:60054 10 6452 1 2025-08-26 18:52:04.148 00:00:10.375 TCP 23.104.0.1:50194 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:47:18.378 00:06:00.142 TCP 179.1.22.1:179 -> 179.1.22.22:39396 14 861 1 2025-08-26 18:52:19.572 00:00:10.137 TCP 1.101.0.1:3000 -> 22.102.0.1:49300 10 6452 1 2025-08-26 18:53:04.560 00:00:10.323 TCP 23.104.0.1:33482 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:48:18.381 00:06:00.141 TCP 179.1.22.22:39396 -> 179.1.22.1:179 14 861 1 2025-08-26 18:53:19.741 00:00:10.132 TCP 1.101.0.1:3000 -> 22.102.0.1:60776 10 6452 1 2025-08-26 18:53:52.853 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-08-26 18:53:52.889 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-08-26 18:54:04.921 00:00:10.387 TCP 23.104.0.1:34828 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:54:19.912 00:00:10.147 TCP 1.101.0.1:3000 -> 22.102.0.1:35982 10 6452 1 2025-08-26 18:55:05.347 00:00:10.363 TCP 23.104.0.1:39254 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:55:20.108 00:00:10.183 TCP 1.101.0.1:3000 -> 22.102.0.1:53658 10 6452 1 2025-08-26 18:56:05.751 00:00:10.385 TCP 23.104.0.1:45744 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:56:20.334 00:00:10.171 TCP 1.101.0.1:3000 -> 22.102.0.1:34138 10 6452 1 2025-08-26 18:57:06.177 00:00:10.342 TCP 23.104.0.1:40282 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:57:20.542 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:60304 10 6452 1 2025-08-26 18:58:06.556 00:00:10.322 TCP 23.104.0.1:33780 -> 1.101.0.1:3000 11 1507 1 2025-08-26 18:58:20.757 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:41994 10 6452 1 Summary: total flows: 158, total bytes: 500095, total packets: 1551, avg bps: 1107, avg pps: 0, avg bpp: 322 Time window: 2025-08-26 17:58:18 - 2025-08-26 18:58:30 Total flows processed: 158, passed: 158, Blocks skipped: 0, Bytes read: 16496 Sys: 0.0033s User: 0.0017s Wall: 0.0026s flows/second: 61213.7 Runtime: 0.0026s