Date first seen Duration Proto Src IP Addr:Port Dst IP Addr:Port Packets Bytes Flows 2025-10-19 04:58:51.937 00:00:10.337 TCP 23.104.0.1:42386 -> 1.101.0.1:3000 11 1507 1 2025-10-19 04:59:43.403 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-10-19 04:59:28.890 00:00:10.185 TCP 1.101.0.1:3000 -> 22.102.0.1:54256 10 6452 1 2025-10-19 04:59:43.597 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-10-19 04:59:52.310 00:00:10.366 TCP 23.104.0.1:37466 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:00:29.110 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:37992 10 6452 1 2025-10-19 04:56:44.477 00:05:02.600 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-10-19 04:56:44.479 00:05:02.596 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-10-19 05:00:52.717 00:00:10.372 TCP 23.104.0.1:34290 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:01:29.323 00:00:10.148 TCP 1.101.0.1:3000 -> 22.102.0.1:49636 10 6452 1 2025-10-19 05:01:53.129 00:00:10.373 TCP 23.104.0.1:56034 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:02:29.503 00:00:10.138 TCP 1.101.0.1:3000 -> 22.102.0.1:39284 10 6452 1 2025-10-19 05:02:53.540 00:00:10.379 TCP 23.104.0.1:53958 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:03:29.689 00:00:10.182 TCP 1.101.0.1:3000 -> 22.102.0.1:52460 10 6452 1 2025-10-19 05:03:53.957 00:00:10.362 TCP 23.104.0.1:54154 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:04:29.910 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:57746 10 6452 1 2025-10-19 05:04:43.641 00:00:00.021 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-10-19 05:04:43.770 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-10-19 05:04:54.359 00:00:10.321 TCP 23.104.0.1:49896 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:05:30.129 00:00:10.182 TCP 1.101.0.1:3000 -> 22.102.0.1:36362 10 6452 1 2025-10-19 05:05:54.713 00:00:10.368 TCP 23.104.0.1:45008 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:06:30.352 00:00:10.134 TCP 1.101.0.1:3000 -> 22.102.0.1:34652 10 6452 1 2025-10-19 05:02:44.482 00:05:02.595 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-10-19 05:02:44.479 00:05:02.600 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-10-19 05:06:55.121 00:00:10.324 TCP 23.104.0.1:41312 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:07:30.527 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:32948 10 6452 1 2025-10-19 05:07:55.485 00:00:10.368 TCP 23.104.0.1:42520 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:08:30.745 00:00:10.187 TCP 1.101.0.1:3000 -> 22.102.0.1:46108 10 6452 1 2025-10-19 05:08:55.888 00:00:10.371 TCP 23.104.0.1:37408 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:09:30.977 00:00:10.159 TCP 1.101.0.1:3000 -> 22.102.0.1:58500 10 6452 1 2025-10-19 05:09:43.727 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-10-19 05:09:43.783 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-10-19 05:09:56.294 00:00:10.368 TCP 23.104.0.1:42278 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:10:31.175 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:39262 10 6452 1 2025-10-19 05:10:56.695 00:00:10.365 TCP 23.104.0.1:34034 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:11:31.386 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:36448 10 6452 1 2025-10-19 05:11:57.104 00:00:10.368 TCP 23.104.0.1:38086 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:12:31.595 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:43454 10 6452 1 2025-10-19 05:08:44.480 00:05:02.601 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-10-19 05:08:44.482 00:05:02.596 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-10-19 05:12:57.507 00:00:10.364 TCP 23.104.0.1:47784 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:13:31.809 00:00:10.387 TCP 1.101.0.1:3000 -> 22.102.0.1:51092 10 6452 1 2025-10-19 05:13:57.909 00:00:10.365 TCP 23.104.0.1:34286 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:14:32.230 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:56566 10 6452 1 2025-10-19 05:14:43.496 00:00:00.020 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-10-19 05:14:43.580 00:00:00.029 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-10-19 05:14:58.320 00:00:10.362 TCP 23.104.0.1:33638 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:15:32.449 00:00:10.181 TCP 1.101.0.1:3000 -> 22.102.0.1:47358 10 6452 1 2025-10-19 05:15:58.721 00:00:11.428 TCP 23.104.0.1:41230 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:16:32.669 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:44852 10 6452 1 2025-10-19 05:17:00.187 00:00:10.363 TCP 23.104.0.1:50662 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:17:32.879 00:00:10.131 TCP 1.101.0.1:3000 -> 22.102.0.1:35848 10 6452 1 2025-10-19 05:18:00.589 00:00:10.367 TCP 23.104.0.1:46898 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:18:33.077 00:00:10.182 TCP 1.101.0.1:3000 -> 22.102.0.1:50114 10 6452 1 2025-10-19 05:14:44.480 00:05:02.612 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-10-19 05:14:44.482 00:05:02.607 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-10-19 05:19:00.990 00:00:10.520 TCP 23.104.0.1:40932 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:19:43.848 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-10-19 05:19:43.694 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-10-19 05:19:33.296 00:00:10.179 TCP 1.101.0.1:3000 -> 22.102.0.1:34540 10 6452 1 2025-10-19 05:20:01.552 00:00:10.354 TCP 23.104.0.1:60366 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:20:33.519 00:00:10.223 TCP 1.101.0.1:3000 -> 22.102.0.1:33638 10 6452 1 2025-10-19 05:21:01.959 00:00:10.366 TCP 23.104.0.1:55088 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:21:33.803 00:00:17.216 TCP 1.101.0.1:3000 -> 22.102.0.1:49400 10 6452 1 2025-10-19 05:22:02.365 00:00:10.369 TCP 23.104.0.1:52486 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:22:41.076 00:00:10.184 TCP 1.101.0.1:3000 -> 22.102.0.1:60056 10 6452 1 2025-10-19 05:23:02.768 00:00:10.369 TCP 23.104.0.1:53176 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:23:41.298 00:00:10.192 TCP 1.101.0.1:3000 -> 22.102.0.1:59542 10 6452 1 2025-10-19 05:24:03.175 00:00:10.365 TCP 23.104.0.1:55450 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:24:43.931 00:00:00.021 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-10-19 05:24:43.848 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-10-19 05:20:44.485 00:05:02.602 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-10-19 05:24:41.534 00:00:10.141 TCP 1.101.0.1:3000 -> 22.102.0.1:42200 10 6452 1 2025-10-19 05:20:44.482 00:05:02.607 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-10-19 05:25:03.579 00:00:10.365 TCP 23.104.0.1:53082 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:25:41.711 00:00:10.134 TCP 1.101.0.1:3000 -> 22.102.0.1:34206 10 6452 1 2025-10-19 05:26:03.984 00:00:10.325 TCP 23.104.0.1:37626 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:26:41.883 00:00:10.183 TCP 1.101.0.1:3000 -> 22.102.0.1:46480 10 6452 1 2025-10-19 05:27:04.355 00:00:10.367 TCP 23.104.0.1:54494 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:27:42.106 00:00:10.180 TCP 1.101.0.1:3000 -> 22.102.0.1:52190 10 6452 1 2025-10-19 05:28:04.755 00:00:10.327 TCP 23.104.0.1:34174 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:28:42.321 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:46698 10 6452 1 2025-10-19 05:29:05.122 00:00:10.368 TCP 23.104.0.1:57592 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:29:44.137 00:00:00.024 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-10-19 05:29:43.984 00:00:00.025 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-10-19 05:29:42.541 00:00:10.170 TCP 1.101.0.1:3000 -> 22.102.0.1:52596 10 6452 1 2025-10-19 05:30:05.528 00:00:10.376 TCP 23.104.0.1:56354 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:26:44.484 00:05:02.607 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-10-19 05:26:44.486 00:05:02.602 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-10-19 05:30:42.753 00:00:10.187 TCP 1.101.0.1:3000 -> 22.102.0.1:48856 10 6452 1 2025-10-19 05:31:05.925 00:00:10.392 TCP 23.104.0.1:50368 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:31:42.976 00:00:10.242 TCP 1.101.0.1:3000 -> 22.102.0.1:42808 10 6452 1 2025-10-19 05:32:06.356 00:00:10.363 TCP 23.104.0.1:43176 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:32:43.257 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:58566 10 6452 1 2025-10-19 05:33:06.761 00:00:10.372 TCP 23.104.0.1:59954 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:33:43.464 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:35748 10 6452 1 2025-10-19 05:34:07.173 00:00:10.364 TCP 23.104.0.1:46140 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:34:43.966 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-10-19 05:34:43.867 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-10-19 05:34:43.678 00:00:10.179 TCP 1.101.0.1:3000 -> 22.102.0.1:47882 10 6452 1 2025-10-19 05:35:07.576 00:00:10.365 TCP 23.104.0.1:43832 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:35:43.894 00:00:10.179 TCP 1.101.0.1:3000 -> 22.102.0.1:42948 10 6452 1 2025-10-19 05:36:07.979 00:00:10.370 TCP 23.104.0.1:52490 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:32:44.485 00:05:02.606 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-10-19 05:32:44.488 00:05:02.602 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-10-19 05:36:44.113 00:00:10.185 TCP 1.101.0.1:3000 -> 22.102.0.1:48656 10 6452 1 2025-10-19 05:37:08.380 00:00:10.364 TCP 23.104.0.1:42262 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:37:44.334 00:00:10.182 TCP 1.101.0.1:3000 -> 22.102.0.1:39582 10 6452 1 2025-10-19 05:38:08.782 00:00:10.366 TCP 23.104.0.1:40664 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:38:44.553 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:59528 10 6452 1 2025-10-19 05:39:09.182 00:00:10.363 TCP 23.104.0.1:52032 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:39:44.379 00:00:00.021 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-10-19 05:39:44.252 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-10-19 05:39:44.768 00:00:10.185 TCP 1.101.0.1:3000 -> 22.102.0.1:46618 10 6452 1 2025-10-19 05:40:09.584 00:00:10.344 TCP 23.104.0.1:37620 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:40:44.992 00:00:10.183 TCP 1.101.0.1:3000 -> 22.102.0.1:53250 10 6452 1 2025-10-19 05:41:09.967 00:00:10.328 TCP 23.104.0.1:45996 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:41:45.212 00:00:10.180 TCP 1.101.0.1:3000 -> 22.102.0.1:53750 10 6452 1 2025-10-19 05:42:10.338 00:00:10.362 TCP 23.104.0.1:50788 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:38:44.491 00:05:02.599 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-10-19 05:38:44.489 00:05:02.604 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-10-19 05:42:45.434 00:00:10.549 TCP 1.101.0.1:3000 -> 22.102.0.1:53566 10 6452 1 2025-10-19 05:43:10.742 00:00:10.329 TCP 23.104.0.1:43132 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:43:46.039 00:00:10.178 TCP 1.101.0.1:3000 -> 22.102.0.1:33070 10 6452 1 2025-10-19 05:44:11.111 00:00:10.329 TCP 23.104.0.1:36908 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:44:44.457 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-10-19 05:44:44.335 00:00:00.024 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-10-19 05:44:46.253 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:60968 10 6452 1 2025-10-19 05:45:11.478 00:00:10.329 TCP 23.104.0.1:48546 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:45:46.468 00:00:10.131 TCP 1.101.0.1:3000 -> 22.102.0.1:33236 10 6452 1 2025-10-19 05:46:11.844 00:00:10.343 TCP 23.104.0.1:48420 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:46:46.637 00:00:10.179 TCP 1.101.0.1:3000 -> 22.102.0.1:40892 10 6452 1 2025-10-19 05:47:12.224 00:00:10.368 TCP 23.104.0.1:37436 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:47:46.858 00:00:10.189 TCP 1.101.0.1:3000 -> 22.102.0.1:51748 10 6452 1 2025-10-19 05:48:12.629 00:00:10.367 TCP 23.104.0.1:43238 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:44:44.490 00:05:02.606 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-10-19 05:44:44.493 00:05:02.601 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-10-19 05:48:47.084 00:00:10.184 TCP 1.101.0.1:3000 -> 22.102.0.1:32802 10 6452 1 2025-10-19 05:49:13.035 00:00:10.359 TCP 23.104.0.1:53332 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:49:44.339 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-10-19 05:49:44.622 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-10-19 05:49:47.304 00:00:10.188 TCP 1.101.0.1:3000 -> 22.102.0.1:35284 10 6452 1 2025-10-19 05:50:13.429 00:00:10.364 TCP 23.104.0.1:52918 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:50:47.529 00:00:10.141 TCP 1.101.0.1:3000 -> 22.102.0.1:53790 10 6452 1 2025-10-19 05:51:13.837 00:00:10.391 TCP 23.104.0.1:33872 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:51:47.704 00:00:10.178 TCP 1.101.0.1:3000 -> 22.102.0.1:45296 10 6452 1 2025-10-19 05:52:14.263 00:00:10.366 TCP 23.104.0.1:42508 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:52:47.922 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:60462 10 6452 1 2025-10-19 05:53:14.668 00:00:10.324 TCP 23.104.0.1:33596 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:53:48.135 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:55010 10 6452 1 2025-10-19 05:54:15.027 00:00:10.407 TCP 23.104.0.1:56250 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:54:44.374 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-10-19 05:54:44.592 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-10-19 05:50:44.491 00:05:02.606 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-10-19 05:50:44.494 00:05:02.602 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-10-19 05:54:48.351 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:59124 10 6452 1 2025-10-19 05:55:15.471 00:00:10.362 TCP 23.104.0.1:38466 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:55:48.569 00:00:10.180 TCP 1.101.0.1:3000 -> 22.102.0.1:55984 10 6452 1 2025-10-19 05:56:15.873 00:00:10.367 TCP 23.104.0.1:54062 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:56:48.785 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:48412 10 6452 1 2025-10-19 05:57:16.281 00:00:11.018 TCP 23.104.0.1:58114 -> 1.101.0.1:3000 11 1507 1 2025-10-19 05:57:49.001 00:00:10.186 TCP 1.101.0.1:3000 -> 22.102.0.1:53822 10 6452 1 2025-10-19 05:58:17.339 00:00:10.325 TCP 23.104.0.1:52122 -> 1.101.0.1:3000 11 1507 1 Summary: total flows: 163, total bytes: 491896, total packets: 1562, avg bps: 1062, avg pps: 0, avg bpp: 314 Time window: 2025-10-19 04:56:44 - 2025-10-19 05:58:27 Total flows processed: 163, passed: 163, Blocks skipped: 0, Bytes read: 17016 Sys: 0.0054s User: 0.0000s Wall: 0.0027s flows/second: 61392.9 Runtime: 0.0027s