Date first seen Duration Proto Src IP Addr:Port Dst IP Addr:Port Packets Bytes Flows 2025-11-15 09:59:30.046 00:00:10.997 TCP 23.104.0.1:44316 -> 1.101.0.1:3000 11 1507 1 2025-11-15 09:59:36.664 00:00:10.134 TCP 1.101.0.1:3000 -> 22.102.0.1:48180 10 6452 1 2025-11-15 10:00:31.097 00:00:10.360 TCP 23.104.0.1:48400 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:00:36.841 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:45878 10 6452 1 2025-11-15 10:01:31.494 00:00:10.323 TCP 23.104.0.1:37060 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:01:37.077 00:00:10.134 TCP 1.101.0.1:3000 -> 22.102.0.1:49448 10 6452 1 2025-11-15 10:02:31.855 00:00:10.383 TCP 23.104.0.1:44546 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:02:37.248 00:00:10.168 TCP 1.101.0.1:3000 -> 22.102.0.1:35376 10 6452 1 2025-11-15 10:02:49.801 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-15 10:02:49.568 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-15 10:03:32.276 00:00:10.363 TCP 23.104.0.1:46346 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:03:37.457 00:00:10.178 TCP 1.101.0.1:3000 -> 22.102.0.1:51638 10 6452 1 2025-11-15 09:59:57.439 00:05:04.604 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-15 09:59:57.436 00:05:04.609 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-15 10:04:32.677 00:00:10.318 TCP 23.104.0.1:40910 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:04:37.673 00:00:10.130 TCP 1.101.0.1:3000 -> 22.102.0.1:60594 10 6452 1 2025-11-15 10:05:33.035 00:00:10.363 TCP 23.104.0.1:38564 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:05:37.843 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:49002 10 6452 1 2025-11-15 10:06:33.441 00:00:10.360 TCP 23.104.0.1:55748 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:06:38.073 00:00:10.137 TCP 1.101.0.1:3000 -> 22.102.0.1:34096 10 6452 1 2025-11-15 10:07:33.839 00:00:10.384 TCP 23.104.0.1:38206 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:07:49.568 00:00:00.021 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-15 10:07:38.247 00:00:10.136 TCP 1.101.0.1:3000 -> 22.102.0.1:34334 10 6452 1 2025-11-15 10:07:49.644 00:00:00.025 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-15 10:08:34.267 00:00:10.362 TCP 23.104.0.1:41638 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:08:38.419 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:60930 10 6452 1 2025-11-15 10:09:34.668 00:00:10.369 TCP 23.104.0.1:52838 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:09:38.634 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:59002 10 6452 1 2025-11-15 10:05:57.440 00:05:04.623 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-15 10:05:57.437 00:05:04.628 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-15 10:10:35.098 00:00:10.368 TCP 23.104.0.1:60588 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:10:38.846 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:44880 10 6452 1 2025-11-15 10:11:35.507 00:00:10.370 TCP 23.104.0.1:37088 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:11:39.082 00:00:10.127 TCP 1.101.0.1:3000 -> 22.102.0.1:57394 10 6452 1 2025-11-15 10:12:35.914 00:00:10.388 TCP 23.104.0.1:50312 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:12:49.912 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-15 10:12:39.247 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:59466 10 6452 1 2025-11-15 10:12:49.875 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-15 10:13:36.342 00:00:10.364 TCP 23.104.0.1:51652 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:13:39.458 00:00:10.183 TCP 1.101.0.1:3000 -> 22.102.0.1:40900 10 6452 1 2025-11-15 10:14:39.683 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:56668 10 6452 1 2025-11-15 10:14:36.750 00:00:10.363 TCP 23.104.0.1:46506 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:15:39.897 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:52746 10 6452 1 2025-11-15 10:15:37.172 00:00:10.371 TCP 23.104.0.1:34536 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:11:57.439 00:05:04.629 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-15 10:11:57.441 00:05:04.624 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-15 10:16:37.583 00:00:10.373 TCP 23.104.0.1:45712 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:16:40.111 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:53002 10 6452 1 2025-11-15 10:17:50.122 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-15 10:17:40.325 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:54812 10 6452 1 2025-11-15 10:17:49.976 00:00:00.024 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-15 10:17:37.995 00:00:10.366 TCP 23.104.0.1:57506 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:18:38.397 00:00:10.366 TCP 23.104.0.1:55554 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:18:40.537 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:37348 10 6452 1 2025-11-15 10:19:38.804 00:00:10.367 TCP 23.104.0.1:45370 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:19:40.749 00:00:10.183 TCP 1.101.0.1:3000 -> 22.102.0.1:44712 12 6556 1 2025-11-15 10:20:40.973 00:00:10.196 TCP 1.101.0.1:3000 -> 22.102.0.1:48952 10 6452 1 2025-11-15 10:20:39.208 00:00:10.372 TCP 23.104.0.1:56238 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:21:41.211 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:46156 10 6452 1 2025-11-15 10:21:39.618 00:00:10.322 TCP 23.104.0.1:45376 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:17:57.442 00:05:04.625 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-15 10:17:57.440 00:05:04.629 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-15 10:22:41.425 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:45280 10 6452 1 2025-11-15 10:22:50.157 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-15 10:22:49.831 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-15 10:22:39.981 00:00:10.364 TCP 23.104.0.1:54280 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:23:40.387 00:00:10.378 TCP 23.104.0.1:43528 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:23:41.637 00:00:10.135 TCP 1.101.0.1:3000 -> 22.102.0.1:34672 10 6452 1 2025-11-15 10:24:40.798 00:00:10.367 TCP 23.104.0.1:60440 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:24:41.812 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:48798 10 6452 1 2025-11-15 10:25:41.201 00:00:10.365 TCP 23.104.0.1:57112 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:25:42.033 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:49894 10 6452 1 2025-11-15 10:26:42.246 00:00:10.264 TCP 1.101.0.1:3000 -> 22.102.0.1:33392 10 6452 1 2025-11-15 10:26:41.602 00:00:11.000 TCP 23.104.0.1:34732 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:27:49.952 00:00:00.024 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-15 10:27:50.085 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-15 10:27:42.549 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:51736 10 6452 1 2025-11-15 10:27:42.642 00:00:10.368 TCP 23.104.0.1:36668 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:23:57.445 00:05:04.632 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-15 10:23:57.442 00:05:04.637 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-15 10:28:43.050 00:00:10.325 TCP 23.104.0.1:45106 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:28:42.761 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:51726 10 6452 1 2025-11-15 10:29:43.411 00:00:10.905 TCP 23.104.0.1:53650 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:29:42.967 00:00:10.189 TCP 1.101.0.1:3000 -> 22.102.0.1:58258 10 6452 1 2025-11-15 10:30:43.197 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:51260 10 6452 1 2025-11-15 10:30:44.352 00:00:10.361 TCP 23.104.0.1:60574 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:31:44.757 00:00:10.375 TCP 23.104.0.1:54022 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:31:43.405 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:55140 10 6452 1 2025-11-15 10:32:50.227 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-15 10:32:49.876 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-15 10:32:43.617 00:00:10.132 TCP 1.101.0.1:3000 -> 22.102.0.1:46462 10 6452 1 2025-11-15 10:32:45.168 00:00:10.361 TCP 23.104.0.1:59492 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:33:45.569 00:00:10.325 TCP 23.104.0.1:57932 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:33:43.787 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:36640 10 6452 1 2025-11-15 10:29:57.442 00:05:04.638 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-15 10:29:57.446 00:05:04.633 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-15 10:34:45.932 00:00:10.383 TCP 23.104.0.1:47716 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:34:44.003 00:00:10.139 TCP 1.101.0.1:3000 -> 22.102.0.1:47736 10 6452 1 2025-11-15 10:35:44.175 00:00:10.180 TCP 1.101.0.1:3000 -> 22.102.0.1:51206 10 6452 1 2025-11-15 10:35:46.356 00:00:10.372 TCP 23.104.0.1:50664 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:36:44.391 00:00:10.181 TCP 1.101.0.1:3000 -> 22.102.0.1:57306 10 6452 1 2025-11-15 10:36:46.765 00:00:10.332 TCP 23.104.0.1:60430 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:37:50.558 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-15 10:37:50.383 00:00:00.013 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-15 10:37:44.602 00:00:10.636 TCP 1.101.0.1:3000 -> 22.102.0.1:33420 10 6452 1 2025-11-15 10:37:47.133 00:00:10.602 TCP 23.104.0.1:50904 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:38:45.272 00:00:10.138 TCP 1.101.0.1:3000 -> 22.102.0.1:34818 10 6452 1 2025-11-15 10:38:47.775 00:00:10.366 TCP 23.104.0.1:33236 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:39:45.452 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:56172 10 6452 1 2025-11-15 10:39:48.191 00:00:10.364 TCP 23.104.0.1:35372 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:35:57.443 00:05:04.637 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-15 10:35:57.445 00:05:04.633 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-15 10:40:45.661 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:34140 10 6452 1 2025-11-15 10:40:48.588 00:00:10.367 TCP 23.104.0.1:59778 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:41:45.874 00:00:10.186 TCP 1.101.0.1:3000 -> 22.102.0.1:50284 10 6452 1 2025-11-15 10:41:48.988 00:00:10.376 TCP 23.104.0.1:37262 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:42:50.564 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-15 10:42:50.090 00:00:00.039 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-15 10:42:46.100 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:36052 10 6452 1 2025-11-15 10:42:49.407 00:00:10.370 TCP 23.104.0.1:59368 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:43:46.313 00:00:10.168 TCP 1.101.0.1:3000 -> 22.102.0.1:40874 10 6452 1 2025-11-15 10:43:49.819 00:00:10.329 TCP 23.104.0.1:39510 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:44:46.521 00:00:10.131 TCP 1.101.0.1:3000 -> 22.102.0.1:47526 10 6452 1 2025-11-15 10:44:50.187 00:00:10.365 TCP 23.104.0.1:59776 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:45:46.689 00:00:10.179 TCP 1.101.0.1:3000 -> 22.102.0.1:57266 10 6452 1 2025-11-15 10:45:50.591 00:00:10.441 TCP 23.104.0.1:43092 -> 1.101.0.1:3000 15 1926 1 2025-11-15 10:41:57.447 00:05:04.632 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-15 10:41:57.445 00:05:04.637 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-15 10:46:46.908 00:00:18.658 TCP 1.101.0.1:3000 -> 22.102.0.1:57636 12 10369 1 2025-11-15 10:46:51.089 00:00:14.580 TCP 23.104.0.1:35118 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:47:50.312 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-15 10:47:50.328 00:00:00.021 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-15 10:47:55.607 00:00:10.181 TCP 1.101.0.1:3000 -> 22.102.0.1:59222 10 6452 1 2025-11-15 10:47:55.709 00:00:10.361 TCP 23.104.0.1:60838 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:48:56.116 00:00:10.365 TCP 23.104.0.1:60224 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:48:55.826 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:60446 10 6452 1 2025-11-15 10:49:56.050 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:38622 10 6452 1 2025-11-15 10:49:56.520 00:00:10.319 TCP 23.104.0.1:36436 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:50:56.266 00:00:10.170 TCP 1.101.0.1:3000 -> 22.102.0.1:55014 10 6452 1 2025-11-15 10:50:56.875 00:00:10.363 TCP 23.104.0.1:53690 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:51:56.473 00:00:10.171 TCP 1.101.0.1:3000 -> 22.102.0.1:47818 10 6452 1 2025-11-15 10:47:57.446 00:05:04.636 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-15 10:47:57.449 00:05:04.631 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-15 10:51:57.288 00:00:10.365 TCP 23.104.0.1:58118 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:52:50.578 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-15 10:52:50.282 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-15 10:52:56.680 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:32836 10 6452 1 2025-11-15 10:52:57.694 00:00:10.366 TCP 23.104.0.1:42800 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:53:56.887 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:35848 10 6452 1 2025-11-15 10:53:58.109 00:00:10.364 TCP 23.104.0.1:50626 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:54:58.513 00:00:10.362 TCP 23.104.0.1:48562 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:54:57.109 00:00:10.185 TCP 1.101.0.1:3000 -> 22.102.0.1:39274 10 6452 1 2025-11-15 10:55:58.914 00:00:10.365 TCP 23.104.0.1:52906 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:55:57.347 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:59220 10 6452 1 2025-11-15 10:56:57.563 00:00:10.185 TCP 1.101.0.1:3000 -> 22.102.0.1:48226 10 6452 1 2025-11-15 10:56:59.327 00:00:10.325 TCP 23.104.0.1:43836 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:57:50.808 00:00:00.024 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-15 10:57:50.632 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-15 10:53:57.448 00:05:04.636 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-15 10:53:57.450 00:05:04.631 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-15 10:57:59.700 00:00:10.367 TCP 23.104.0.1:54700 -> 1.101.0.1:3000 11 1507 1 2025-11-15 10:57:57.785 00:00:10.180 TCP 1.101.0.1:3000 -> 22.102.0.1:50778 10 6452 1 Summary: total flows: 162, total bytes: 494829, total packets: 1559, avg bps: 1108, avg pps: 0, avg bpp: 317 Time window: 2025-11-15 09:59:30 - 2025-11-15 10:59:02 Total flows processed: 162, passed: 162, Blocks skipped: 0, Bytes read: 16912 Sys: 0.0041s User: 0.0016s Wall: 0.0029s flows/second: 56131.9 Runtime: 0.0029s