Date first seen Duration Proto Src IP Addr:Port Dst IP Addr:Port Packets Bytes Flows 2025-10-18 08:58:42.812 00:00:10.363 TCP 23.104.0.1:48512 -> 1.101.0.1:3000 11 1507 1 2025-10-18 08:59:19.331 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-10-18 08:59:19.362 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-10-18 08:59:11.887 00:00:10.182 TCP 1.101.0.1:3000 -> 22.102.0.1:60090 10 6452 1 2025-10-18 08:59:43.217 00:00:10.368 TCP 23.104.0.1:37432 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:00:12.104 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:44346 10 6452 1 2025-10-18 08:56:44.082 00:05:02.531 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-10-18 08:56:44.084 00:05:02.526 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-10-18 09:00:43.626 00:00:10.324 TCP 23.104.0.1:53618 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:01:12.316 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:59828 10 6452 1 2025-10-18 09:01:43.990 00:00:10.373 TCP 23.104.0.1:50004 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:02:12.528 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:32962 10 6452 1 2025-10-18 09:02:44.407 00:00:10.375 TCP 23.104.0.1:51286 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:03:12.742 00:00:10.182 TCP 1.101.0.1:3000 -> 22.102.0.1:40622 10 6452 1 2025-10-18 09:03:44.818 00:00:10.366 TCP 23.104.0.1:60826 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:04:19.544 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-10-18 09:04:19.405 00:00:00.020 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-10-18 09:04:12.964 00:00:10.148 TCP 1.101.0.1:3000 -> 22.102.0.1:34390 10 6452 1 2025-10-18 09:04:45.229 00:00:10.380 TCP 23.104.0.1:44092 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:05:13.155 00:00:10.184 TCP 1.101.0.1:3000 -> 22.102.0.1:33264 10 6452 1 2025-10-18 09:05:45.649 00:00:10.369 TCP 23.104.0.1:52678 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:06:13.378 00:00:10.139 TCP 1.101.0.1:3000 -> 22.102.0.1:42514 10 6452 1 2025-10-18 09:02:44.086 00:05:02.533 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-10-18 09:02:44.087 00:05:02.528 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-10-18 09:06:46.063 00:00:10.376 TCP 23.104.0.1:53090 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:07:13.563 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:57892 10 6452 1 2025-10-18 09:07:46.489 00:00:10.385 TCP 23.104.0.1:41234 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:08:13.785 00:00:10.128 TCP 1.101.0.1:3000 -> 22.102.0.1:57156 10 6452 1 2025-10-18 09:08:46.912 00:00:10.372 TCP 23.104.0.1:36332 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:09:19.879 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-10-18 09:09:19.582 00:00:00.024 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-10-18 09:09:13.949 00:00:10.149 TCP 1.101.0.1:3000 -> 22.102.0.1:59916 10 6452 1 2025-10-18 09:09:47.331 00:00:10.368 TCP 23.104.0.1:39064 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:10:14.132 00:00:10.140 TCP 1.101.0.1:3000 -> 22.102.0.1:54946 10 6452 1 2025-10-18 09:10:47.757 00:00:10.790 TCP 23.104.0.1:57362 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:11:14.312 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:36898 10 6452 1 2025-10-18 09:11:48.586 00:00:10.362 TCP 23.104.0.1:39842 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:12:14.531 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:51656 10 6452 1 2025-10-18 09:08:44.087 00:05:02.529 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-10-18 09:08:44.086 00:05:02.535 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-10-18 09:12:48.987 00:00:10.369 TCP 23.104.0.1:33600 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:13:14.740 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:45910 10 6452 1 2025-10-18 09:13:49.395 00:00:10.362 TCP 23.104.0.1:51798 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:14:19.606 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-10-18 09:14:19.656 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-10-18 09:14:14.950 00:00:10.146 TCP 1.101.0.1:3000 -> 22.102.0.1:48626 10 6452 1 2025-10-18 09:14:49.802 00:00:10.342 TCP 23.104.0.1:60560 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:15:15.133 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:55820 10 6452 1 2025-10-18 09:15:50.179 00:00:10.331 TCP 23.104.0.1:42626 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:16:15.345 00:00:10.135 TCP 1.101.0.1:3000 -> 22.102.0.1:33056 10 6452 1 2025-10-18 09:16:50.544 00:00:10.320 TCP 23.104.0.1:44976 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:17:15.517 00:00:10.493 TCP 1.101.0.1:3000 -> 22.102.0.1:43894 10 6452 1 2025-10-18 09:17:50.898 00:00:10.331 TCP 23.104.0.1:42422 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:18:16.078 00:00:10.451 TCP 1.101.0.1:3000 -> 22.102.0.1:36392 10 6452 1 2025-10-18 09:14:44.088 00:05:02.533 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-10-18 09:14:44.090 00:05:02.529 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-10-18 09:18:51.265 00:00:10.365 TCP 23.104.0.1:34660 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:19:19.695 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-10-18 09:19:19.614 00:00:00.021 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-10-18 09:19:16.567 00:00:10.353 TCP 1.101.0.1:3000 -> 22.102.0.1:56872 10 6452 1 2025-10-18 09:19:51.668 00:00:10.365 TCP 23.104.0.1:44840 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:20:16.958 00:00:10.199 TCP 1.101.0.1:3000 -> 22.102.0.1:56646 12 6556 1 2025-10-18 09:20:52.090 00:00:10.366 TCP 23.104.0.1:46368 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:21:17.187 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:56070 10 6452 1 2025-10-18 09:21:52.492 00:00:10.331 TCP 23.104.0.1:56712 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:22:17.398 00:00:10.180 TCP 1.101.0.1:3000 -> 22.102.0.1:36972 10 6452 1 2025-10-18 09:22:52.854 00:00:10.753 TCP 23.104.0.1:39460 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:23:17.616 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:39512 10 6452 1 2025-10-18 09:23:53.648 00:00:10.364 TCP 23.104.0.1:56286 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:24:19.830 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-10-18 09:24:19.884 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-10-18 09:24:17.827 00:00:10.591 TCP 1.101.0.1:3000 -> 22.102.0.1:40972 10 6452 1 2025-10-18 09:20:44.091 00:05:02.529 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-10-18 09:20:44.090 00:05:02.535 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-10-18 09:24:54.063 00:00:10.327 TCP 23.104.0.1:55274 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:25:18.458 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:52468 10 6452 1 2025-10-18 09:25:54.430 00:00:10.361 TCP 23.104.0.1:49188 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:26:18.671 00:00:10.139 TCP 1.101.0.1:3000 -> 22.102.0.1:60210 10 6452 1 2025-10-18 09:26:54.830 00:00:10.360 TCP 23.104.0.1:51866 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:27:18.850 00:00:10.134 TCP 1.101.0.1:3000 -> 22.102.0.1:34522 10 6452 1 2025-10-18 09:27:55.225 00:00:10.367 TCP 23.104.0.1:50724 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:28:19.027 00:00:10.183 TCP 1.101.0.1:3000 -> 22.102.0.1:53290 10 6452 1 2025-10-18 09:28:55.628 00:00:10.326 TCP 23.104.0.1:34214 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:29:19.981 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-10-18 09:29:19.959 00:00:00.024 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-10-18 09:29:19.254 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:40814 10 6452 1 2025-10-18 09:29:55.990 00:00:10.334 TCP 23.104.0.1:39296 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:30:19.470 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:50488 10 6452 1 2025-10-18 09:26:44.093 00:05:02.534 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-10-18 09:26:44.090 00:05:02.539 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-10-18 09:30:56.363 00:00:10.364 TCP 23.104.0.1:52968 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:31:19.687 00:00:10.171 TCP 1.101.0.1:3000 -> 22.102.0.1:48428 10 6452 1 2025-10-18 09:31:56.763 00:00:10.373 TCP 23.104.0.1:39200 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:32:19.895 00:00:10.193 TCP 1.101.0.1:3000 -> 22.102.0.1:49978 10 6452 1 2025-10-18 09:32:57.174 00:00:10.365 TCP 23.104.0.1:49602 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:33:20.135 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:52822 10 6452 1 2025-10-18 09:33:57.583 00:00:10.328 TCP 23.104.0.1:54110 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:34:20.212 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-10-18 09:34:20.468 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-10-18 09:34:20.354 00:00:10.184 TCP 1.101.0.1:3000 -> 22.102.0.1:35986 10 6452 1 2025-10-18 09:34:57.948 00:00:10.331 TCP 23.104.0.1:51668 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:35:20.578 00:00:10.180 TCP 1.101.0.1:3000 -> 22.102.0.1:35320 10 6452 1 2025-10-18 09:35:58.314 00:00:10.363 TCP 23.104.0.1:33840 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:36:20.798 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:40924 10 6452 1 2025-10-18 09:32:44.094 00:05:02.533 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-10-18 09:32:44.092 00:05:02.539 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-10-18 09:36:58.714 00:00:10.378 TCP 23.104.0.1:35226 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:37:21.012 00:00:10.138 TCP 1.101.0.1:3000 -> 22.102.0.1:51100 10 6452 1 2025-10-18 09:37:59.131 00:00:10.364 TCP 23.104.0.1:60470 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:38:21.188 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:36944 10 6452 1 2025-10-18 09:38:59.533 00:00:10.366 TCP 23.104.0.1:48642 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:39:20.159 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-10-18 09:39:20.255 00:00:00.021 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-10-18 09:39:21.400 00:00:10.130 TCP 1.101.0.1:3000 -> 22.102.0.1:39000 10 6452 1 2025-10-18 09:39:59.936 00:00:10.341 TCP 23.104.0.1:47418 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:40:21.566 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:54504 10 6452 1 2025-10-18 09:41:00.320 00:00:10.368 TCP 23.104.0.1:36532 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:41:21.780 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:38860 10 6452 1 2025-10-18 09:42:00.727 00:00:10.373 TCP 23.104.0.1:41776 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:42:21.996 00:00:10.189 TCP 1.101.0.1:3000 -> 22.102.0.1:35696 10 6452 1 2025-10-18 09:38:44.093 00:05:02.539 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-10-18 09:38:44.096 00:05:02.534 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-10-18 09:43:01.140 00:00:10.369 TCP 23.104.0.1:49246 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:43:22.220 00:00:10.178 TCP 1.101.0.1:3000 -> 22.102.0.1:56320 10 6452 1 2025-10-18 09:44:01.552 00:00:10.366 TCP 23.104.0.1:59454 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:44:20.286 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-10-18 09:44:20.217 00:00:00.021 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-10-18 09:44:22.435 00:00:10.178 TCP 1.101.0.1:3000 -> 22.102.0.1:58910 10 6452 1 2025-10-18 09:45:01.953 00:00:10.328 TCP 23.104.0.1:60410 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:45:22.651 00:00:10.181 TCP 1.101.0.1:3000 -> 22.102.0.1:48762 10 6452 1 2025-10-18 09:46:02.322 00:00:10.365 TCP 23.104.0.1:36946 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:46:22.869 00:00:10.139 TCP 1.101.0.1:3000 -> 22.102.0.1:32996 10 6452 1 2025-10-18 09:47:02.729 00:00:10.371 TCP 23.104.0.1:47096 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:47:23.072 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:36504 10 6452 1 2025-10-18 09:48:03.136 00:00:11.177 TCP 23.104.0.1:37844 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:48:23.283 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:36432 10 6452 1 2025-10-18 09:44:44.093 00:05:02.540 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-10-18 09:44:44.097 00:05:02.534 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-10-18 09:49:04.351 00:00:10.364 TCP 23.104.0.1:52694 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:49:20.244 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-10-18 09:49:20.282 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-10-18 09:49:23.493 00:00:10.170 TCP 1.101.0.1:3000 -> 22.102.0.1:57024 10 6452 1 2025-10-18 09:50:04.753 00:00:10.388 TCP 23.104.0.1:44412 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:50:23.704 00:00:10.186 TCP 1.101.0.1:3000 -> 22.102.0.1:60400 10 6452 1 2025-10-18 09:51:05.174 00:00:10.367 TCP 23.104.0.1:42880 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:51:23.914 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:59928 10 6452 1 2025-10-18 09:52:05.582 00:00:10.318 TCP 23.104.0.1:45628 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:52:24.128 00:00:10.179 TCP 1.101.0.1:3000 -> 22.102.0.1:46808 10 6452 1 2025-10-18 09:53:05.941 00:00:10.453 TCP 23.104.0.1:58630 -> 1.101.0.1:3000 15 1926 1 2025-10-18 09:53:24.345 00:00:10.161 TCP 1.101.0.1:3000 -> 22.102.0.1:59492 13 13955 1 2025-10-18 09:54:06.433 00:00:10.364 TCP 23.104.0.1:39696 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:54:20.511 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-10-18 09:54:20.456 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-10-18 09:54:24.546 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:48488 10 6452 1 2025-10-18 09:50:44.096 00:05:02.535 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-10-18 09:50:44.094 00:05:02.540 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-10-18 09:55:06.841 00:00:10.343 TCP 23.104.0.1:43550 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:55:24.767 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:56250 10 6452 1 2025-10-18 09:56:07.223 00:00:10.366 TCP 23.104.0.1:60102 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:56:24.984 00:00:10.189 TCP 1.101.0.1:3000 -> 22.102.0.1:35198 10 6452 1 2025-10-18 09:57:07.626 00:00:10.319 TCP 23.104.0.1:57282 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:57:25.209 00:00:10.179 TCP 1.101.0.1:3000 -> 22.102.0.1:54128 10 6452 1 2025-10-18 09:58:07.986 00:00:10.325 TCP 23.104.0.1:51364 -> 1.101.0.1:3000 11 1507 1 2025-10-18 09:58:25.424 00:00:10.133 TCP 1.101.0.1:3000 -> 22.102.0.1:48594 10 6452 1 Summary: total flows: 164, total bytes: 506374, total packets: 1581, avg bps: 1091, avg pps: 0, avg bpp: 320 Time window: 2025-10-18 08:56:44 - 2025-10-18 09:58:35 Total flows processed: 164, passed: 164, Blocks skipped: 0, Bytes read: 17120 Sys: 0.0050s User: 0.0010s Wall: 0.0026s flows/second: 64262.5 Runtime: 0.0026s