Date first seen Duration Proto Src IP Addr:Port Dst IP Addr:Port Packets Bytes Flows 2025-10-16 04:59:03.945 00:00:10.333 TCP 23.104.0.1:36202 -> 1.101.0.1:3000 11 1507 1 2025-10-16 04:59:16.306 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:49380 10 6452 1 2025-10-16 05:00:04.312 00:00:10.366 TCP 23.104.0.1:58496 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:00:16.521 00:00:10.135 TCP 1.101.0.1:3000 -> 22.102.0.1:33634 10 6452 1 2025-10-16 04:56:42.933 00:05:02.588 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-10-16 04:56:42.930 00:05:02.593 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-10-16 05:01:04.713 00:00:10.339 TCP 23.104.0.1:40066 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:01:16.699 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:40496 10 6452 1 2025-10-16 05:02:05.107 00:00:10.366 TCP 23.104.0.1:37634 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:02:16.914 00:00:10.581 TCP 1.101.0.1:3000 -> 22.102.0.1:38884 10 6452 1 2025-10-16 05:03:16.775 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-10-16 05:03:05.508 00:00:10.324 TCP 23.104.0.1:51288 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:03:16.853 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-10-16 05:03:17.537 00:00:10.182 TCP 1.101.0.1:3000 -> 22.102.0.1:42716 10 6452 1 2025-10-16 05:04:05.872 00:00:10.328 TCP 23.104.0.1:58764 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:04:17.753 00:00:10.181 TCP 1.101.0.1:3000 -> 22.102.0.1:40178 10 6452 1 2025-10-16 05:05:06.233 00:00:10.326 TCP 23.104.0.1:51582 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:05:17.975 00:00:10.202 TCP 1.101.0.1:3000 -> 22.102.0.1:43052 10 6452 1 2025-10-16 05:06:06.597 00:00:10.329 TCP 23.104.0.1:35316 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:06:18.216 00:00:10.171 TCP 1.101.0.1:3000 -> 22.102.0.1:42142 10 6452 1 2025-10-16 05:02:42.936 00:05:02.586 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-10-16 05:02:42.934 00:05:02.592 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-10-16 05:07:06.964 00:00:10.370 TCP 23.104.0.1:34168 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:07:18.429 00:00:10.163 TCP 1.101.0.1:3000 -> 22.102.0.1:42790 10 6452 1 2025-10-16 05:08:16.748 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-10-16 05:08:16.970 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-10-16 05:08:07.374 00:00:10.373 TCP 23.104.0.1:55946 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:08:18.632 00:00:10.171 TCP 1.101.0.1:3000 -> 22.102.0.1:60292 10 6452 1 2025-10-16 05:09:07.786 00:00:10.325 TCP 23.104.0.1:52296 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:09:18.845 00:00:10.181 TCP 1.101.0.1:3000 -> 22.102.0.1:33864 10 6452 1 2025-10-16 05:10:08.147 00:00:10.367 TCP 23.104.0.1:49434 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:10:19.085 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:35238 10 6452 1 2025-10-16 05:11:08.553 00:00:10.362 TCP 23.104.0.1:36866 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:11:19.296 00:00:10.130 TCP 1.101.0.1:3000 -> 22.102.0.1:40672 10 6452 1 2025-10-16 05:12:08.954 00:00:10.339 TCP 23.104.0.1:39018 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:12:19.465 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:40972 10 6452 1 2025-10-16 05:08:42.939 00:05:02.586 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-10-16 05:08:42.936 00:05:02.591 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-10-16 05:13:17.032 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-10-16 05:13:17.095 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-10-16 05:13:09.332 00:00:10.322 TCP 23.104.0.1:35134 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:13:19.678 00:00:10.179 TCP 1.101.0.1:3000 -> 22.102.0.1:43970 10 6452 1 2025-10-16 05:14:09.691 00:00:10.368 TCP 23.104.0.1:34592 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:14:19.896 00:00:10.183 TCP 1.101.0.1:3000 -> 22.102.0.1:36268 10 6452 1 2025-10-16 05:15:10.107 00:00:10.363 TCP 23.104.0.1:38104 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:15:20.116 00:00:10.186 TCP 1.101.0.1:3000 -> 22.102.0.1:34582 10 6452 1 2025-10-16 05:16:10.510 00:00:10.418 TCP 23.104.0.1:51024 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:16:20.336 00:00:10.186 TCP 1.101.0.1:3000 -> 22.102.0.1:52404 10 6452 1 2025-10-16 05:17:10.968 00:00:10.370 TCP 23.104.0.1:57916 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:17:20.558 00:00:10.144 TCP 1.101.0.1:3000 -> 22.102.0.1:36600 10 6452 1 2025-10-16 05:18:16.962 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-10-16 05:18:17.044 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-10-16 05:18:11.379 00:00:10.332 TCP 23.104.0.1:41842 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:18:20.740 00:00:10.180 TCP 1.101.0.1:3000 -> 22.102.0.1:34172 10 6452 1 2025-10-16 05:14:42.940 00:05:02.587 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-10-16 05:14:42.937 00:05:02.593 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-10-16 05:19:11.758 00:00:10.383 TCP 23.104.0.1:55048 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:19:20.957 00:00:10.156 TCP 1.101.0.1:3000 -> 22.102.0.1:57422 10 6452 1 2025-10-16 05:20:12.177 00:00:10.325 TCP 23.104.0.1:39680 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:20:21.153 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:34290 10 6452 1 2025-10-16 05:21:12.533 00:00:10.364 TCP 23.104.0.1:45562 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:21:21.364 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:46618 10 6452 1 2025-10-16 05:22:12.937 00:00:10.388 TCP 23.104.0.1:34014 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:22:21.579 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:39932 10 6452 1 2025-10-16 05:23:17.278 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-10-16 05:23:17.333 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-10-16 05:23:13.360 00:00:12.226 TCP 23.104.0.1:54192 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:23:21.792 00:00:10.135 TCP 1.101.0.1:3000 -> 22.102.0.1:35838 10 6452 1 2025-10-16 05:24:15.624 00:00:10.367 TCP 23.104.0.1:41762 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:24:21.966 00:00:10.187 TCP 1.101.0.1:3000 -> 22.102.0.1:54784 10 6452 1 2025-10-16 05:20:42.940 00:05:02.591 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-10-16 05:20:42.937 00:05:02.596 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-10-16 05:25:16.032 00:00:10.364 TCP 23.104.0.1:58362 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:25:22.189 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:48086 10 6452 1 2025-10-16 05:26:16.436 00:00:10.397 TCP 23.104.0.1:55734 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:26:22.406 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:51062 10 6452 1 2025-10-16 05:27:16.876 00:00:10.367 TCP 23.104.0.1:53148 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:27:22.618 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:33322 10 6452 1 2025-10-16 05:28:17.381 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-10-16 05:28:17.415 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-10-16 05:28:17.284 00:00:10.364 TCP 23.104.0.1:49648 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:28:22.828 00:00:10.140 TCP 1.101.0.1:3000 -> 22.102.0.1:49050 10 6452 1 2025-10-16 05:29:17.685 00:00:10.373 TCP 23.104.0.1:38256 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:29:23.010 00:00:10.168 TCP 1.101.0.1:3000 -> 22.102.0.1:54102 10 6452 1 2025-10-16 05:30:18.110 00:00:10.362 TCP 23.104.0.1:36424 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:30:23.220 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:51896 10 6452 1 2025-10-16 05:26:42.941 00:05:02.596 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-10-16 05:26:42.943 00:05:02.591 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-10-16 05:31:18.512 00:00:10.323 TCP 23.104.0.1:37010 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:31:23.429 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:35988 10 6452 1 2025-10-16 05:32:18.875 00:00:10.332 TCP 23.104.0.1:39274 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:32:23.642 00:00:10.181 TCP 1.101.0.1:3000 -> 22.102.0.1:43152 10 6452 1 2025-10-16 05:33:17.599 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-10-16 05:33:17.382 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-10-16 05:33:19.257 00:00:10.602 TCP 23.104.0.1:55484 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:33:23.860 00:00:10.515 TCP 1.101.0.1:3000 -> 22.102.0.1:58668 10 6452 1 2025-10-16 05:34:19.898 00:00:10.388 TCP 23.104.0.1:37444 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:34:24.413 00:00:10.178 TCP 1.101.0.1:3000 -> 22.102.0.1:45788 10 6452 1 2025-10-16 05:35:20.325 00:00:10.367 TCP 23.104.0.1:52622 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:35:24.632 00:00:10.181 TCP 1.101.0.1:3000 -> 22.102.0.1:36304 10 6452 1 2025-10-16 05:36:20.734 00:00:10.363 TCP 23.104.0.1:39982 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:36:24.848 00:00:10.201 TCP 1.101.0.1:3000 -> 22.102.0.1:48180 10 6452 1 2025-10-16 05:32:42.946 00:05:02.590 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-10-16 05:32:42.943 00:05:02.595 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-10-16 05:37:21.136 00:00:10.365 TCP 23.104.0.1:58506 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:37:25.089 00:00:10.188 TCP 1.101.0.1:3000 -> 22.102.0.1:41264 10 6452 1 2025-10-16 05:38:17.574 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-10-16 05:38:17.491 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-10-16 05:38:21.540 00:00:10.364 TCP 23.104.0.1:50038 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:38:25.313 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:44966 10 6452 1 2025-10-16 05:39:21.940 00:00:10.378 TCP 23.104.0.1:38826 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:39:25.523 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:57614 10 6452 1 2025-10-16 05:40:25.736 00:00:10.183 TCP 1.101.0.1:3000 -> 22.102.0.1:60040 10 6452 1 2025-10-16 05:40:22.355 00:00:10.326 TCP 23.104.0.1:57668 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:41:22.718 00:00:10.327 TCP 23.104.0.1:33624 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:41:25.955 00:00:10.194 TCP 1.101.0.1:3000 -> 22.102.0.1:33266 10 6452 1 2025-10-16 05:42:23.108 00:00:10.367 TCP 23.104.0.1:49782 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:42:26.184 00:00:10.130 TCP 1.101.0.1:3000 -> 22.102.0.1:45198 10 6452 1 2025-10-16 05:38:42.945 00:05:02.597 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-10-16 05:38:42.948 00:05:02.592 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-10-16 05:43:17.530 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-10-16 05:43:17.723 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-10-16 05:43:23.514 00:00:10.329 TCP 23.104.0.1:53698 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:43:26.354 00:00:10.179 TCP 1.101.0.1:3000 -> 22.102.0.1:43954 10 6452 1 2025-10-16 05:44:23.883 00:00:10.383 TCP 23.104.0.1:44166 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:44:26.573 00:00:10.179 TCP 1.101.0.1:3000 -> 22.102.0.1:39700 10 6452 1 2025-10-16 05:45:24.306 00:00:10.362 TCP 23.104.0.1:39848 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:45:26.788 00:00:11.007 TCP 1.101.0.1:3000 -> 22.102.0.1:48684 10 6452 1 2025-10-16 05:46:24.718 00:00:10.328 TCP 23.104.0.1:60278 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:46:27.834 00:00:10.852 TCP 1.101.0.1:3000 -> 22.102.0.1:58090 10 6452 1 2025-10-16 05:47:25.103 00:00:10.323 TCP 23.104.0.1:35100 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:47:28.725 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:51578 10 6452 1 2025-10-16 05:48:18.395 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-10-16 05:48:18.456 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-10-16 05:48:25.462 00:00:10.372 TCP 23.104.0.1:59998 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:48:28.935 00:00:10.192 TCP 1.101.0.1:3000 -> 22.102.0.1:58490 10 6452 1 2025-10-16 05:44:42.950 00:05:02.597 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-10-16 05:44:42.947 00:05:02.602 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-10-16 05:49:25.887 00:00:10.384 TCP 23.104.0.1:42240 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:49:29.168 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:49918 10 6452 1 2025-10-16 05:50:26.313 00:00:10.377 TCP 23.104.0.1:56556 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:50:29.380 00:00:10.136 TCP 1.101.0.1:3000 -> 22.102.0.1:43686 10 6452 1 2025-10-16 05:51:26.724 00:00:10.369 TCP 23.104.0.1:33896 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:51:29.553 00:00:10.170 TCP 1.101.0.1:3000 -> 22.102.0.1:34182 10 6452 1 2025-10-16 05:52:27.132 00:00:10.365 TCP 23.104.0.1:46250 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:52:29.760 00:00:10.182 TCP 1.101.0.1:3000 -> 22.102.0.1:40728 10 6452 1 2025-10-16 05:53:17.908 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-10-16 05:53:17.816 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-10-16 05:53:29.981 00:00:10.194 TCP 1.101.0.1:3000 -> 22.102.0.1:43704 10 6452 1 2025-10-16 05:53:27.533 00:00:10.362 TCP 23.104.0.1:47298 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:54:30.216 00:00:10.145 TCP 1.101.0.1:3000 -> 22.102.0.1:57334 10 6452 1 2025-10-16 05:54:27.931 00:00:10.375 TCP 23.104.0.1:39240 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:50:42.950 00:05:02.600 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-10-16 05:50:42.953 00:05:02.595 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-10-16 05:55:28.346 00:00:10.366 TCP 23.104.0.1:40090 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:55:30.404 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:60558 10 6452 1 2025-10-16 05:56:30.622 00:00:17.507 TCP 1.101.0.1:3000 -> 22.102.0.1:39730 10 6452 1 2025-10-16 05:56:28.745 00:00:19.362 TCP 23.104.0.1:52434 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:57:38.154 00:00:10.369 TCP 23.104.0.1:41396 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:57:38.186 00:00:10.130 TCP 1.101.0.1:3000 -> 22.102.0.1:36042 10 6452 1 2025-10-16 05:58:18.773 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-10-16 05:58:18.706 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-10-16 05:58:38.564 00:00:10.366 TCP 23.104.0.1:52298 -> 1.101.0.1:3000 11 1507 1 2025-10-16 05:58:38.358 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:58978 10 6452 1 Summary: total flows: 164, total bytes: 498348, total packets: 1572, avg bps: 1069, avg pps: 0, avg bpp: 317 Time window: 2025-10-16 04:56:42 - 2025-10-16 05:58:48 Total flows processed: 164, passed: 164, Blocks skipped: 0, Bytes read: 17120 Sys: 0.0044s User: 0.0011s Wall: 0.0021s flows/second: 76745.0 Runtime: 0.0022s