Date first seen Duration Proto Src IP Addr:Port Dst IP Addr:Port Packets Bytes Flows 2025-09-08 14:59:12.920 00:00:10.389 TCP 23.104.0.1:36600 -> 1.101.0.1:3000 11 1507 1 2025-09-08 14:59:32.216 00:00:10.167 TCP 1.101.0.1:3000 -> 22.102.0.1:49532 10 6452 1 2025-09-08 15:00:11.404 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-09-08 15:00:11.451 00:00:00.024 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-09-08 15:00:13.349 00:00:10.362 TCP 23.104.0.1:58928 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:00:32.423 00:00:10.186 TCP 1.101.0.1:3000 -> 22.102.0.1:57570 10 6452 1 2025-09-08 15:01:13.748 00:00:10.364 TCP 23.104.0.1:54122 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:01:32.641 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:42616 10 6452 1 2025-09-08 15:02:14.162 00:00:10.363 TCP 23.104.0.1:44146 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:02:32.852 00:00:10.201 TCP 1.101.0.1:3000 -> 22.102.0.1:46688 10 6452 1 2025-09-08 15:03:14.569 00:00:10.860 TCP 23.104.0.1:41722 -> 1.101.0.1:3000 11 1507 1 2025-09-08 14:59:25.443 00:05:00.813 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-09-08 15:03:33.087 00:00:10.130 TCP 1.101.0.1:3000 -> 22.102.0.1:49454 10 6452 1 2025-09-08 15:04:15.470 00:00:10.365 TCP 23.104.0.1:43790 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:00:25.443 00:05:00.814 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-09-08 15:04:33.257 00:00:10.559 TCP 1.101.0.1:3000 -> 22.102.0.1:60714 10 6452 1 2025-09-08 15:05:11.536 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-09-08 15:05:11.413 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-09-08 15:05:15.877 00:00:10.322 TCP 23.104.0.1:36942 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:05:33.866 00:00:10.185 TCP 1.101.0.1:3000 -> 22.102.0.1:45970 10 6452 1 2025-09-08 15:06:16.238 00:00:10.365 TCP 23.104.0.1:38068 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:06:34.092 00:00:10.131 TCP 1.101.0.1:3000 -> 22.102.0.1:49336 10 6452 1 2025-09-08 15:07:16.640 00:00:10.363 TCP 23.104.0.1:57820 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:07:34.267 00:00:10.189 TCP 1.101.0.1:3000 -> 22.102.0.1:47968 12 6556 1 2025-09-08 15:08:17.053 00:00:10.327 TCP 23.104.0.1:50052 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:08:34.493 00:00:10.139 TCP 1.101.0.1:3000 -> 22.102.0.1:51806 10 6452 1 2025-09-08 15:09:17.418 00:00:10.612 TCP 23.104.0.1:39282 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:05:25.446 00:05:00.810 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-09-08 15:09:34.671 00:00:10.171 TCP 1.101.0.1:3000 -> 22.102.0.1:42898 10 6452 1 2025-09-08 15:10:11.681 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-09-08 15:10:11.836 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-09-08 15:06:25.444 00:05:00.814 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-09-08 15:10:18.095 00:00:10.363 TCP 23.104.0.1:46108 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:10:34.882 00:00:10.193 TCP 1.101.0.1:3000 -> 22.102.0.1:37192 10 6452 1 2025-09-08 15:11:18.499 00:00:10.370 TCP 23.104.0.1:37256 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:11:35.112 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:54728 10 6452 1 2025-09-08 15:12:18.911 00:00:10.327 TCP 23.104.0.1:56638 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:12:35.327 00:00:10.171 TCP 1.101.0.1:3000 -> 22.102.0.1:39440 10 6452 1 2025-09-08 15:13:19.275 00:00:10.369 TCP 23.104.0.1:60234 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:13:35.536 00:00:10.178 TCP 1.101.0.1:3000 -> 22.102.0.1:51076 10 6452 1 2025-09-08 15:14:19.678 00:00:10.365 TCP 23.104.0.1:54994 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:14:35.755 00:00:10.131 TCP 1.101.0.1:3000 -> 22.102.0.1:46280 10 6452 1 2025-09-08 15:15:11.812 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-09-08 15:15:11.861 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-09-08 15:11:25.447 00:05:00.809 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-09-08 15:15:20.108 00:00:10.375 TCP 23.104.0.1:39802 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:15:35.928 00:00:10.217 TCP 1.101.0.1:3000 -> 22.102.0.1:51426 10 6452 1 2025-09-08 15:12:25.445 00:05:00.813 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-09-08 15:16:20.523 00:00:10.327 TCP 23.104.0.1:47788 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:16:36.185 00:00:10.135 TCP 1.101.0.1:3000 -> 22.102.0.1:42534 10 6452 1 2025-09-08 15:17:20.900 00:00:10.364 TCP 23.104.0.1:55370 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:17:36.359 00:00:10.170 TCP 1.101.0.1:3000 -> 22.102.0.1:60326 10 6452 1 2025-09-08 15:18:21.305 00:00:10.357 TCP 23.104.0.1:36038 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:18:36.567 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:59124 10 6452 1 2025-09-08 15:19:21.700 00:00:10.366 TCP 23.104.0.1:59478 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:19:36.781 00:00:10.171 TCP 1.101.0.1:3000 -> 22.102.0.1:48602 10 6452 1 2025-09-08 15:20:11.846 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-09-08 15:20:11.735 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-09-08 15:20:22.112 00:00:10.403 TCP 23.104.0.1:47254 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:20:36.995 00:00:10.134 TCP 1.101.0.1:3000 -> 22.102.0.1:60604 10 6452 1 2025-09-08 15:17:25.450 00:05:00.808 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-09-08 15:21:22.568 00:00:10.365 TCP 23.104.0.1:48582 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:21:37.173 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:41274 10 6452 1 2025-09-08 15:18:25.447 00:05:00.813 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-09-08 15:22:22.972 00:00:10.589 TCP 23.104.0.1:52752 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:22:37.383 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:44816 10 6452 1 2025-09-08 15:23:23.598 00:00:10.443 TCP 23.104.0.1:33684 -> 1.101.0.1:3000 15 1926 1 2025-09-08 15:23:37.596 00:00:10.209 TCP 1.101.0.1:3000 -> 22.102.0.1:47322 12 10367 1 2025-09-08 15:24:24.103 00:00:10.362 TCP 23.104.0.1:46946 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:24:37.848 00:00:10.268 TCP 1.101.0.1:3000 -> 22.102.0.1:34516 11 6504 1 2025-09-08 15:25:11.870 00:00:00.024 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-09-08 15:25:11.741 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-09-08 15:25:24.504 00:00:10.326 TCP 23.104.0.1:41740 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:25:38.156 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:36258 10 6452 1 2025-09-08 15:26:24.866 00:00:10.491 TCP 23.104.0.1:54188 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:26:38.366 00:00:10.179 TCP 1.101.0.1:3000 -> 22.102.0.1:55074 10 6452 1 2025-09-08 15:23:25.452 00:05:00.807 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-09-08 15:27:25.397 00:00:10.366 TCP 23.104.0.1:50620 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:27:38.583 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:41378 10 6452 1 2025-09-08 15:24:25.449 00:05:00.814 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-09-08 15:28:25.804 00:00:10.362 TCP 23.104.0.1:35530 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:28:38.798 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:33996 10 6452 1 2025-09-08 15:29:26.204 00:00:10.856 TCP 23.104.0.1:43586 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:29:39.017 00:00:10.181 TCP 1.101.0.1:3000 -> 22.102.0.1:47240 10 6452 1 2025-09-08 15:30:12.060 00:00:00.050 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-09-08 15:30:12.077 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-09-08 15:30:27.103 00:00:10.362 TCP 23.104.0.1:34362 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:30:39.233 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:38234 10 6452 1 2025-09-08 15:31:27.507 00:00:10.362 TCP 23.104.0.1:58838 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:31:39.450 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:46974 10 6452 1 2025-09-08 15:32:27.910 00:00:10.324 TCP 23.104.0.1:41712 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:32:39.665 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:59316 10 6452 1 2025-09-08 15:29:25.453 00:05:00.808 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-09-08 15:33:28.275 00:00:10.363 TCP 23.104.0.1:48010 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:33:39.882 00:00:10.149 TCP 1.101.0.1:3000 -> 22.102.0.1:40362 10 6452 1 2025-09-08 15:30:25.450 00:05:00.814 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-09-08 15:34:28.680 00:00:10.323 TCP 23.104.0.1:42350 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:34:40.093 00:00:10.179 TCP 1.101.0.1:3000 -> 22.102.0.1:41386 10 6452 1 2025-09-08 15:35:12.555 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-09-08 15:35:12.674 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-09-08 15:35:29.053 00:00:10.362 TCP 23.104.0.1:46026 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:35:40.316 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:58010 10 6452 1 2025-09-08 15:36:29.453 00:00:10.363 TCP 23.104.0.1:51336 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:36:40.533 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:58892 10 6452 1 2025-09-08 15:37:29.855 00:00:10.371 TCP 23.104.0.1:43732 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:37:40.746 00:00:10.183 TCP 1.101.0.1:3000 -> 22.102.0.1:53186 10 6452 1 2025-09-08 15:38:30.264 00:00:10.321 TCP 23.104.0.1:42954 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:38:40.967 00:00:10.195 TCP 1.101.0.1:3000 -> 22.102.0.1:46928 10 6452 1 2025-09-08 15:35:25.454 00:05:00.811 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-09-08 15:39:30.628 00:00:10.367 TCP 23.104.0.1:53880 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:39:41.198 00:00:10.180 TCP 1.101.0.1:3000 -> 22.102.0.1:38964 10 6452 1 2025-09-08 15:40:12.031 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-09-08 15:40:12.231 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-09-08 15:36:25.452 00:05:00.815 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-09-08 15:40:31.034 00:00:10.365 TCP 23.104.0.1:48838 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:40:41.415 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:38178 12 6556 1 2025-09-08 15:41:31.443 00:00:10.366 TCP 23.104.0.1:38874 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:41:41.636 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:59184 10 6452 1 2025-09-08 15:42:31.848 00:00:10.376 TCP 23.104.0.1:56814 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:42:41.853 00:00:10.184 TCP 1.101.0.1:3000 -> 22.102.0.1:48494 10 6452 1 2025-09-08 15:43:32.265 00:00:10.932 TCP 23.104.0.1:41136 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:43:42.078 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:55246 10 6452 1 2025-09-08 15:44:33.239 00:00:10.365 TCP 23.104.0.1:60312 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:44:42.290 00:00:10.134 TCP 1.101.0.1:3000 -> 22.102.0.1:44842 10 6452 1 2025-09-08 15:45:12.472 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-09-08 15:45:12.402 00:00:00.025 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-09-08 15:41:25.457 00:05:00.811 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-09-08 15:45:33.649 00:00:10.364 TCP 23.104.0.1:59738 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:45:42.462 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:35648 10 6452 1 2025-09-08 15:42:25.455 00:05:00.817 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-09-08 15:46:34.082 00:00:10.367 TCP 23.104.0.1:47012 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:46:42.676 00:00:10.131 TCP 1.101.0.1:3000 -> 22.102.0.1:38556 10 6452 1 2025-09-08 15:47:34.492 00:00:10.373 TCP 23.104.0.1:33620 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:47:42.847 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:59900 10 6452 1 2025-09-08 15:48:34.901 00:00:10.330 TCP 23.104.0.1:37514 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:48:43.077 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:37542 10 6452 1 2025-09-08 15:49:35.269 00:00:10.358 TCP 23.104.0.1:36574 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:49:43.295 00:00:10.179 TCP 1.101.0.1:3000 -> 22.102.0.1:48854 10 6452 1 2025-09-08 15:50:12.461 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-09-08 15:50:12.506 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-09-08 15:50:35.667 00:00:10.365 TCP 23.104.0.1:36732 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:50:43.512 00:00:10.137 TCP 1.101.0.1:3000 -> 22.102.0.1:42330 10 6452 1 2025-09-08 15:47:25.460 00:05:00.810 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-09-08 15:51:36.102 00:00:10.365 TCP 23.104.0.1:47892 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:51:43.684 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:57160 10 6452 1 2025-09-08 15:48:25.459 00:05:00.814 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-09-08 15:52:36.506 00:00:10.367 TCP 23.104.0.1:46960 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:52:43.903 00:00:10.158 TCP 1.101.0.1:3000 -> 22.102.0.1:37454 10 6452 1 2025-09-08 15:53:36.921 00:00:10.657 TCP 23.104.0.1:37622 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:53:44.094 00:00:10.958 TCP 1.101.0.1:3000 -> 22.102.0.1:57904 10 6452 1 2025-09-08 15:54:37.627 00:00:10.375 TCP 23.104.0.1:48104 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:54:45.091 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:55350 10 6452 1 2025-09-08 15:55:12.315 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-09-08 15:55:12.642 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-09-08 15:55:38.048 00:00:10.324 TCP 23.104.0.1:47192 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:55:45.306 00:00:10.180 TCP 1.101.0.1:3000 -> 22.102.0.1:44654 10 6452 1 2025-09-08 15:56:38.415 00:00:10.328 TCP 23.104.0.1:36966 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:56:45.531 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:47232 10 6452 1 2025-09-08 15:53:25.461 00:05:00.809 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-09-08 15:57:38.791 00:00:10.363 TCP 23.104.0.1:42280 -> 1.101.0.1:3000 11 1507 1 2025-09-08 15:57:45.760 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:37818 10 6452 1 2025-09-08 15:54:25.459 00:05:00.814 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-09-08 15:58:39.200 00:00:10.361 TCP 23.104.0.1:37088 -> 1.101.0.1:3000 11 1507 1 Summary: total flows: 163, total bytes: 496490, total packets: 1573, avg bps: 1099, avg pps: 0, avg bpp: 315 Time window: 2025-09-08 14:59:12 - 2025-09-08 15:59:26 Total flows processed: 163, passed: 163, Blocks skipped: 0, Bytes read: 17016 Sys: 0.0029s User: 0.0020s Wall: 0.0020s flows/second: 80139.7 Runtime: 0.0021s