Date first seen Duration Proto Src IP Addr:Port Dst IP Addr:Port Packets Bytes Flows 2025-09-04 14:59:12.926 00:00:10.577 TCP 23.104.0.1:35656 -> 1.101.0.1:3000 11 1507 1 2025-09-04 14:55:23.563 00:05:00.691 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-09-04 14:59:28.319 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:36352 10 6452 1 2025-09-04 15:00:13.554 00:00:10.323 TCP 23.104.0.1:51248 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:00:28.529 00:00:10.181 TCP 1.101.0.1:3000 -> 22.102.0.1:40206 10 6452 1 2025-09-04 15:01:13.912 00:00:10.370 TCP 23.104.0.1:39748 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:01:28.748 00:00:10.131 TCP 1.101.0.1:3000 -> 22.102.0.1:32978 10 6452 1 2025-09-04 15:02:14.321 00:00:10.326 TCP 23.104.0.1:37000 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:02:28.916 00:00:10.171 TCP 1.101.0.1:3000 -> 22.102.0.1:44400 10 6452 1 2025-09-04 15:03:08.784 00:00:00.021 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-09-04 15:03:08.709 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-09-04 15:03:14.685 00:00:10.324 TCP 23.104.0.1:41760 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:03:29.123 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:35468 10 6452 1 2025-09-04 15:00:23.570 00:05:00.690 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-09-04 15:04:15.054 00:00:10.321 TCP 23.104.0.1:50530 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:04:29.336 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:39898 10 6452 1 2025-09-04 15:01:23.566 00:05:00.692 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-09-04 15:05:15.415 00:00:10.377 TCP 23.104.0.1:46710 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:05:29.550 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:41576 10 6452 1 2025-09-04 15:06:15.830 00:00:10.363 TCP 23.104.0.1:52876 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:06:29.761 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:46738 10 6452 1 2025-09-04 15:07:16.226 00:00:10.369 TCP 23.104.0.1:41968 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:07:29.972 00:00:10.199 TCP 1.101.0.1:3000 -> 22.102.0.1:51006 10 6452 1 2025-09-04 15:08:08.895 00:00:00.024 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-09-04 15:08:08.672 00:00:00.024 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-09-04 15:08:16.632 00:00:10.367 TCP 23.104.0.1:50260 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:08:30.214 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:52834 10 6452 1 2025-09-04 15:09:17.033 00:00:10.373 TCP 23.104.0.1:36388 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:09:30.433 00:00:10.354 TCP 1.101.0.1:3000 -> 22.102.0.1:36162 10 6452 1 2025-09-04 15:06:23.566 00:05:00.695 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-09-04 15:10:17.445 00:00:10.328 TCP 23.104.0.1:37144 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:10:30.835 00:00:10.167 TCP 1.101.0.1:3000 -> 22.102.0.1:49588 10 6452 1 2025-09-04 15:07:23.567 00:05:00.691 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-09-04 15:11:17.806 00:00:10.367 TCP 23.104.0.1:43338 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:11:31.071 00:00:10.212 TCP 1.101.0.1:3000 -> 22.102.0.1:52392 10 6452 1 2025-09-04 15:12:18.213 00:00:10.366 TCP 23.104.0.1:52098 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:12:31.319 00:00:10.170 TCP 1.101.0.1:3000 -> 22.102.0.1:51082 10 6452 1 2025-09-04 15:13:08.833 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-09-04 15:13:08.758 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-09-04 15:13:18.614 00:00:10.366 TCP 23.104.0.1:52528 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:13:31.529 00:00:10.169 TCP 1.101.0.1:3000 -> 22.102.0.1:53912 10 6452 1 2025-09-04 15:14:19.019 00:00:10.364 TCP 23.104.0.1:43988 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:14:31.741 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:49296 10 6452 1 2025-09-04 15:15:19.426 00:00:10.361 TCP 23.104.0.1:51358 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:15:31.952 00:00:10.183 TCP 1.101.0.1:3000 -> 22.102.0.1:45254 10 6452 1 2025-09-04 15:12:23.566 00:05:00.695 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-09-04 15:16:19.826 00:00:10.367 TCP 23.104.0.1:45866 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:16:32.178 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:58406 10 6452 1 2025-09-04 15:13:23.569 00:05:00.689 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-09-04 15:17:20.231 00:00:10.317 TCP 23.104.0.1:40516 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:17:32.393 00:00:10.178 TCP 1.101.0.1:3000 -> 22.102.0.1:44836 10 6452 1 2025-09-04 15:18:08.951 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-09-04 15:18:08.831 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-09-04 15:18:20.589 00:00:10.366 TCP 23.104.0.1:37136 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:18:32.608 00:00:10.137 TCP 1.101.0.1:3000 -> 22.102.0.1:57938 10 6452 1 2025-09-04 15:19:20.995 00:00:10.364 TCP 23.104.0.1:49306 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:19:32.778 00:00:10.136 TCP 1.101.0.1:3000 -> 22.102.0.1:47032 10 6452 1 2025-09-04 15:20:21.399 00:00:10.375 TCP 23.104.0.1:47874 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:20:32.953 00:00:10.204 TCP 1.101.0.1:3000 -> 22.102.0.1:34520 12 6556 1 2025-09-04 15:21:21.820 00:00:10.348 TCP 23.104.0.1:55182 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:21:33.199 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:41930 10 6452 1 2025-09-04 15:18:23.568 00:05:00.695 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-09-04 15:22:22.208 00:00:10.365 TCP 23.104.0.1:57028 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:22:33.414 00:00:10.171 TCP 1.101.0.1:3000 -> 22.102.0.1:54416 10 6452 1 2025-09-04 15:23:08.968 00:00:00.021 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-09-04 15:23:09.038 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-09-04 15:19:23.571 00:05:00.690 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-09-04 15:23:22.611 00:00:10.370 TCP 23.104.0.1:55718 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:23:33.627 00:00:10.183 TCP 1.101.0.1:3000 -> 22.102.0.1:44774 10 6452 1 2025-09-04 15:24:23.022 00:00:10.317 TCP 23.104.0.1:60644 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:24:33.859 00:00:10.187 TCP 1.101.0.1:3000 -> 22.102.0.1:45110 10 6452 1 2025-09-04 15:25:23.382 00:00:10.320 TCP 23.104.0.1:59664 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:25:34.087 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:57600 10 6452 1 2025-09-04 15:26:23.743 00:00:10.361 TCP 23.104.0.1:48848 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:26:34.302 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:50058 10 6452 1 2025-09-04 15:27:24.143 00:00:10.364 TCP 23.104.0.1:35154 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:27:34.515 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:45588 10 6452 1 2025-09-04 15:28:09.082 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-09-04 15:28:09.226 00:00:00.024 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-09-04 15:24:23.568 00:05:00.696 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-09-04 15:28:24.547 00:00:10.363 TCP 23.104.0.1:52622 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:28:34.729 00:00:10.179 TCP 1.101.0.1:3000 -> 22.102.0.1:45978 10 6452 1 2025-09-04 15:25:23.572 00:05:00.692 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-09-04 15:29:24.948 00:00:10.370 TCP 23.104.0.1:44040 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:29:34.943 00:00:10.194 TCP 1.101.0.1:3000 -> 22.102.0.1:53088 10 6452 1 2025-09-04 15:30:25.364 00:00:10.365 TCP 23.104.0.1:51592 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:30:35.177 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:40032 10 6452 1 2025-09-04 15:31:25.773 00:00:10.332 TCP 23.104.0.1:33010 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:31:35.388 00:00:10.205 TCP 1.101.0.1:3000 -> 22.102.0.1:39308 10 6452 1 2025-09-04 15:32:26.141 00:00:10.360 TCP 23.104.0.1:51600 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:32:35.628 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:33478 10 6452 1 2025-09-04 15:33:09.244 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-09-04 15:33:09.332 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-09-04 15:33:26.542 00:00:10.363 TCP 23.104.0.1:34408 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:33:35.845 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:47748 10 6452 1 2025-09-04 15:30:23.568 00:05:00.698 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-09-04 15:34:26.945 00:00:10.370 TCP 23.104.0.1:50296 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:34:36.085 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:58364 10 6452 1 2025-09-04 15:31:23.572 00:05:00.692 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-09-04 15:35:27.354 00:00:10.363 TCP 23.104.0.1:36882 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:35:36.313 00:00:10.178 TCP 1.101.0.1:3000 -> 22.102.0.1:52602 10 6452 1 2025-09-04 15:36:27.758 00:00:10.378 TCP 23.104.0.1:33686 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:36:36.529 00:00:10.142 TCP 1.101.0.1:3000 -> 22.102.0.1:50482 10 6452 1 2025-09-04 15:37:28.174 00:00:10.364 TCP 23.104.0.1:32834 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:37:36.714 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:60846 10 6452 1 2025-09-04 15:38:09.418 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-09-04 15:38:09.303 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-09-04 15:38:28.580 00:00:10.362 TCP 23.104.0.1:56172 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:38:36.924 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:60568 10 6452 1 2025-09-04 15:39:28.982 00:00:10.376 TCP 23.104.0.1:46220 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:39:37.136 00:00:10.133 TCP 1.101.0.1:3000 -> 22.102.0.1:57132 11 6492 1 2025-09-04 15:36:23.576 00:05:00.691 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-09-04 15:40:29.384 00:00:10.370 TCP 23.104.0.1:48770 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:40:37.305 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:55706 10 6452 1 2025-09-04 15:37:23.581 00:05:00.683 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-09-04 15:41:29.795 00:00:10.380 TCP 23.104.0.1:36306 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:41:37.518 00:00:10.131 TCP 1.101.0.1:3000 -> 22.102.0.1:39326 10 6452 1 2025-09-04 15:42:30.214 00:00:10.356 TCP 23.104.0.1:48226 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:42:37.689 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:58860 10 6452 1 2025-09-04 15:43:09.542 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-09-04 15:43:09.448 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-09-04 15:43:30.607 00:00:10.364 TCP 23.104.0.1:43620 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:43:37.902 00:00:10.180 TCP 1.101.0.1:3000 -> 22.102.0.1:36748 10 6452 1 2025-09-04 15:44:31.007 00:00:10.328 TCP 23.104.0.1:33966 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:44:38.121 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:33318 10 6452 1 2025-09-04 15:45:31.371 00:00:10.363 TCP 23.104.0.1:53354 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:45:38.352 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:55896 10 6452 1 2025-09-04 15:42:23.579 00:05:00.689 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-09-04 15:46:31.774 00:00:10.367 TCP 23.104.0.1:46910 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:46:38.562 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:49786 10 6452 1 2025-09-04 15:43:23.583 00:05:00.683 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-09-04 15:47:32.179 00:00:10.364 TCP 23.104.0.1:46838 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:47:38.775 00:00:10.189 TCP 1.101.0.1:3000 -> 22.102.0.1:46846 10 6452 1 2025-09-04 15:48:09.811 00:00:00.024 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-09-04 15:48:09.739 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-09-04 15:48:32.583 00:00:10.321 TCP 23.104.0.1:56148 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:48:39.008 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:42014 10 6452 1 2025-09-04 15:49:32.941 00:00:10.380 TCP 23.104.0.1:47068 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:49:39.220 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:35738 10 6452 1 2025-09-04 15:50:33.356 00:00:10.373 TCP 23.104.0.1:36306 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:50:39.433 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:52136 10 6452 1 2025-09-04 15:51:33.775 00:00:10.365 TCP 23.104.0.1:53152 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:51:39.652 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:41324 10 6452 1 2025-09-04 15:48:23.586 00:05:00.684 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-09-04 15:52:34.177 00:00:10.319 TCP 23.104.0.1:46560 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:52:39.869 00:00:10.132 TCP 1.101.0.1:3000 -> 22.102.0.1:49566 10 6452 1 2025-09-04 15:53:09.511 00:00:00.021 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-09-04 15:53:09.662 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-09-04 15:49:23.588 00:05:00.680 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-09-04 15:53:34.536 00:00:10.366 TCP 23.104.0.1:51232 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:53:40.039 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:42646 10 6452 1 2025-09-04 15:54:34.937 00:00:10.386 TCP 23.104.0.1:48878 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:54:40.250 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:50130 10 6452 1 2025-09-04 15:55:35.361 00:00:10.367 TCP 23.104.0.1:46822 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:55:40.466 00:00:10.139 TCP 1.101.0.1:3000 -> 22.102.0.1:45438 10 6452 1 2025-09-04 15:56:35.768 00:00:10.370 TCP 23.104.0.1:44696 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:56:40.650 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:45586 10 6452 1 2025-09-04 15:57:36.180 00:00:10.373 TCP 23.104.0.1:36844 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:57:40.869 00:00:10.133 TCP 1.101.0.1:3000 -> 22.102.0.1:45058 10 6452 1 2025-09-04 15:58:10.016 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-09-04 15:58:10.009 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-09-04 15:54:23.588 00:05:00.685 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-09-04 15:58:36.587 00:00:10.362 TCP 23.104.0.1:41318 -> 1.101.0.1:3000 11 1507 1 2025-09-04 15:58:41.067 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:36622 10 6452 1 Summary: total flows: 164, total bytes: 498492, total packets: 1575, avg bps: 1038, avg pps: 0, avg bpp: 316 Time window: 2025-09-04 14:55:23 - 2025-09-04 15:59:24 Total flows processed: 164, passed: 164, Blocks skipped: 0, Bytes read: 17120 Sys: 0.0018s User: 0.0036s Wall: 0.0033s flows/second: 50400.5 Runtime: 0.0033s