Date first seen Duration Proto Src IP Addr:Port Dst IP Addr:Port Packets Bytes Flows 2025-11-15 15:59:10.918 00:00:10.394 TCP 23.104.0.1:46068 -> 1.101.0.1:3000 11 1507 1 2025-11-15 15:59:30.109 00:00:10.142 TCP 1.101.0.1:3000 -> 22.102.0.1:52710 10 6452 1 2025-11-15 16:00:11.350 00:00:10.359 TCP 23.104.0.1:59930 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:00:30.288 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:37012 10 6452 1 2025-11-15 16:01:11.749 00:00:10.361 TCP 23.104.0.1:55020 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:01:30.498 00:00:10.187 TCP 1.101.0.1:3000 -> 22.102.0.1:58706 10 6452 1 2025-11-15 16:02:12.150 00:00:10.323 TCP 23.104.0.1:41202 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:02:30.726 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:44318 10 6452 1 2025-11-15 16:02:56.760 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-15 16:02:56.668 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-15 16:03:12.515 00:00:10.321 TCP 23.104.0.1:59102 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:03:30.939 00:00:10.211 TCP 1.101.0.1:3000 -> 22.102.0.1:47160 10 6452 1 2025-11-15 15:59:57.545 00:05:04.694 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-15 15:59:57.547 00:05:04.689 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-15 16:04:12.878 00:00:10.360 TCP 23.104.0.1:44388 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:04:31.188 00:00:10.178 TCP 1.101.0.1:3000 -> 22.102.0.1:40396 10 6452 1 2025-11-15 16:05:13.289 00:00:10.364 TCP 23.104.0.1:51378 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:05:31.403 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:54064 10 6452 1 2025-11-15 16:06:13.694 00:00:10.362 TCP 23.104.0.1:40580 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:06:31.620 00:00:10.553 TCP 1.101.0.1:3000 -> 22.102.0.1:52126 10 6452 1 2025-11-15 16:07:14.108 00:00:10.323 TCP 23.104.0.1:36052 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:07:32.214 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:47830 10 6452 1 2025-11-15 16:07:56.700 00:00:00.024 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-15 16:07:57.024 00:00:00.021 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-15 16:08:14.472 00:00:10.367 TCP 23.104.0.1:33802 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:08:32.429 00:00:10.194 TCP 1.101.0.1:3000 -> 22.102.0.1:51346 10 6452 1 2025-11-15 16:09:14.876 00:00:10.365 TCP 23.104.0.1:41216 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:09:32.677 00:00:10.183 TCP 1.101.0.1:3000 -> 22.102.0.1:47468 10 6452 1 2025-11-15 16:05:57.545 00:05:04.698 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-15 16:05:57.548 00:05:04.693 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-15 16:10:15.279 00:00:10.369 TCP 23.104.0.1:49736 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:10:32.902 00:00:10.181 TCP 1.101.0.1:3000 -> 22.102.0.1:57786 10 6452 1 2025-11-15 16:11:15.682 00:00:10.369 TCP 23.104.0.1:55374 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:11:33.122 00:00:10.186 TCP 1.101.0.1:3000 -> 22.102.0.1:36700 10 6452 1 2025-11-15 16:12:16.107 00:00:10.324 TCP 23.104.0.1:44674 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:12:33.348 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:54680 10 6452 1 2025-11-15 16:12:56.980 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-15 16:12:56.979 00:00:00.025 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-15 16:13:16.469 00:00:10.361 TCP 23.104.0.1:49098 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:13:33.559 00:00:10.184 TCP 1.101.0.1:3000 -> 22.102.0.1:48336 12 6556 1 2025-11-15 16:14:16.868 00:00:10.366 TCP 23.104.0.1:53788 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:14:33.779 00:00:10.182 TCP 1.101.0.1:3000 -> 22.102.0.1:58134 10 6452 1 2025-11-15 16:15:17.274 00:00:10.370 TCP 23.104.0.1:34374 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:15:33.999 00:00:10.192 TCP 1.101.0.1:3000 -> 22.102.0.1:55076 10 6452 1 2025-11-15 16:11:57.548 00:05:04.696 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-15 16:11:57.550 00:05:04.691 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-15 16:16:17.682 00:00:10.366 TCP 23.104.0.1:47240 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:16:34.231 00:00:10.180 TCP 1.101.0.1:3000 -> 22.102.0.1:49834 10 6452 1 2025-11-15 16:17:18.109 00:00:10.324 TCP 23.104.0.1:59820 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:17:34.459 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:36646 10 6452 1 2025-11-15 16:17:57.204 00:00:00.025 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-15 16:17:56.998 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-15 16:18:18.475 00:00:10.367 TCP 23.104.0.1:56436 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:18:34.674 00:00:10.184 TCP 1.101.0.1:3000 -> 22.102.0.1:38918 10 6452 1 2025-11-15 16:19:18.882 00:00:10.333 TCP 23.104.0.1:43338 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:19:34.897 00:00:10.184 TCP 1.101.0.1:3000 -> 22.102.0.1:41192 10 6452 1 2025-11-15 16:20:19.259 00:00:10.365 TCP 23.104.0.1:57600 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:20:35.119 00:00:10.343 TCP 1.101.0.1:3000 -> 22.102.0.1:58658 10 6452 1 2025-11-15 16:21:19.665 00:00:10.367 TCP 23.104.0.1:51480 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:21:35.497 00:00:10.184 TCP 1.101.0.1:3000 -> 22.102.0.1:36310 10 6452 1 2025-11-15 16:17:57.551 00:05:04.691 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-15 16:17:57.548 00:05:04.696 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-15 16:22:20.096 00:00:10.366 TCP 23.104.0.1:56408 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:22:35.720 00:00:10.182 TCP 1.101.0.1:3000 -> 22.102.0.1:36504 10 6452 1 2025-11-15 16:22:56.901 00:00:00.021 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-15 16:22:57.154 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-15 16:23:20.502 00:00:10.376 TCP 23.104.0.1:40826 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:23:35.939 00:00:10.205 TCP 1.101.0.1:3000 -> 22.102.0.1:60996 10 6452 1 2025-11-15 16:24:20.916 00:00:10.709 TCP 23.104.0.1:52912 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:24:36.185 00:00:12.605 TCP 1.101.0.1:3000 -> 22.102.0.1:54898 10 6452 1 2025-11-15 16:25:21.675 00:00:10.369 TCP 23.104.0.1:42038 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:25:38.829 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:33892 10 6452 1 2025-11-15 16:26:22.102 00:00:10.364 TCP 23.104.0.1:49524 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:26:39.060 00:00:10.171 TCP 1.101.0.1:3000 -> 22.102.0.1:45192 10 6452 1 2025-11-15 16:27:22.507 00:00:10.363 TCP 23.104.0.1:36928 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:27:39.266 00:00:10.137 TCP 1.101.0.1:3000 -> 22.102.0.1:60876 10 6452 1 2025-11-15 16:27:57.508 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-15 16:27:57.475 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-15 16:23:57.550 00:05:04.698 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-15 16:23:57.553 00:05:04.692 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-15 16:28:22.909 00:00:10.363 TCP 23.104.0.1:59966 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:28:39.442 00:00:10.179 TCP 1.101.0.1:3000 -> 22.102.0.1:47090 10 6452 1 2025-11-15 16:29:23.310 00:00:10.366 TCP 23.104.0.1:59316 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:29:39.662 00:00:10.184 TCP 1.101.0.1:3000 -> 22.102.0.1:41500 10 6452 1 2025-11-15 16:30:23.720 00:00:10.373 TCP 23.104.0.1:42986 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:30:39.876 00:00:10.189 TCP 1.101.0.1:3000 -> 22.102.0.1:54484 10 6452 1 2025-11-15 16:31:24.129 00:00:10.371 TCP 23.104.0.1:59080 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:31:40.102 00:00:10.178 TCP 1.101.0.1:3000 -> 22.102.0.1:43498 10 6452 1 2025-11-15 16:32:24.536 00:00:10.324 TCP 23.104.0.1:46514 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:32:40.312 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:44004 10 6452 1 2025-11-15 16:32:57.575 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-15 16:32:57.408 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-15 16:33:24.904 00:00:10.373 TCP 23.104.0.1:35862 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:33:40.524 00:00:10.178 TCP 1.101.0.1:3000 -> 22.102.0.1:40780 10 6452 1 2025-11-15 16:29:57.551 00:05:04.698 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-15 16:29:57.553 00:05:04.693 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-15 16:34:25.315 00:00:10.367 TCP 23.104.0.1:52156 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:34:40.736 00:00:10.131 TCP 1.101.0.1:3000 -> 22.102.0.1:50594 10 6452 1 2025-11-15 16:35:25.720 00:00:10.376 TCP 23.104.0.1:54744 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:35:40.908 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:37336 10 6452 1 2025-11-15 16:36:26.135 00:00:10.687 TCP 23.104.0.1:46978 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:36:41.123 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:33850 10 6452 1 2025-11-15 16:37:26.859 00:00:10.381 TCP 23.104.0.1:47762 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:37:41.339 00:00:10.171 TCP 1.101.0.1:3000 -> 22.102.0.1:35552 10 6452 1 2025-11-15 16:37:57.569 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-15 16:37:57.636 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-15 16:38:27.278 00:00:10.363 TCP 23.104.0.1:55438 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:38:41.546 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:43398 10 6452 1 2025-11-15 16:39:27.678 00:00:10.516 TCP 23.104.0.1:58302 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:35:57.553 00:05:04.693 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-15 16:39:41.760 00:00:21.147 TCP 1.101.0.1:3000 -> 22.102.0.1:47356 10 6452 1 2025-11-15 16:35:57.551 00:05:04.698 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-15 16:40:28.235 00:00:10.367 TCP 23.104.0.1:40830 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:40:52.962 00:00:10.219 TCP 1.101.0.1:3000 -> 22.102.0.1:59732 12 10375 1 2025-11-15 16:41:28.642 00:00:10.403 TCP 23.104.0.1:54690 -> 1.101.0.1:3000 15 1926 1 2025-11-15 16:41:53.222 00:00:10.141 TCP 1.101.0.1:3000 -> 22.102.0.1:59016 10 6452 1 2025-11-15 16:42:29.110 00:00:10.325 TCP 23.104.0.1:39556 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:42:57.655 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-15 16:42:57.753 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-15 16:42:53.402 00:00:10.219 TCP 1.101.0.1:3000 -> 22.102.0.1:47934 10 6452 1 2025-11-15 16:43:29.468 00:00:10.367 TCP 23.104.0.1:55870 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:43:53.661 00:00:10.178 TCP 1.101.0.1:3000 -> 22.102.0.1:51718 10 6452 1 2025-11-15 16:44:29.877 00:00:10.363 TCP 23.104.0.1:55594 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:44:53.875 00:00:10.185 TCP 1.101.0.1:3000 -> 22.102.0.1:54152 10 6452 1 2025-11-15 16:45:30.280 00:00:10.363 TCP 23.104.0.1:59080 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:41:57.556 00:05:04.696 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-15 16:45:54.099 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:42484 10 6452 1 2025-11-15 16:41:57.554 00:05:04.701 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-15 16:46:30.684 00:00:10.370 TCP 23.104.0.1:55196 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:46:54.309 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:56500 10 6452 1 2025-11-15 16:47:31.101 00:00:10.363 TCP 23.104.0.1:37080 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:47:57.858 00:00:00.024 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-15 16:47:57.585 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-15 16:47:54.521 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:40954 10 6452 1 2025-11-15 16:48:31.499 00:00:10.378 TCP 23.104.0.1:54560 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:48:54.739 00:00:10.182 TCP 1.101.0.1:3000 -> 22.102.0.1:41814 10 6452 1 2025-11-15 16:49:31.909 00:00:10.365 TCP 23.104.0.1:43128 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:49:54.957 00:00:10.187 TCP 1.101.0.1:3000 -> 22.102.0.1:49870 10 6452 1 2025-11-15 16:50:32.310 00:00:10.367 TCP 23.104.0.1:45444 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:50:55.186 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:48196 10 6452 1 2025-11-15 16:51:32.715 00:00:10.329 TCP 23.104.0.1:57608 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:51:55.399 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:48678 10 6452 1 2025-11-15 16:47:57.558 00:05:04.706 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-15 16:47:57.562 00:05:04.700 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-15 16:52:33.116 00:00:10.372 TCP 23.104.0.1:52194 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:52:57.610 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-15 16:52:57.718 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-15 16:52:55.611 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:47490 10 6452 1 2025-11-15 16:53:33.527 00:00:10.370 TCP 23.104.0.1:55068 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:53:55.819 00:00:10.178 TCP 1.101.0.1:3000 -> 22.102.0.1:48930 10 6452 1 2025-11-15 16:54:33.930 00:00:10.385 TCP 23.104.0.1:48014 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:54:56.041 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:39128 10 6452 1 2025-11-15 16:55:34.354 00:00:10.365 TCP 23.104.0.1:41912 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:55:56.257 00:00:11.028 TCP 1.101.0.1:3000 -> 22.102.0.1:40954 10 6452 1 2025-11-15 16:56:34.757 00:00:10.382 TCP 23.104.0.1:54492 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:56:57.323 00:00:10.181 TCP 1.101.0.1:3000 -> 22.102.0.1:49346 10 6452 1 2025-11-15 16:57:35.179 00:00:10.367 TCP 23.104.0.1:47832 -> 1.101.0.1:3000 11 1507 1 2025-11-15 16:57:57.984 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-15 16:53:57.563 00:05:04.700 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-15 16:57:58.004 00:00:00.021 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-15 16:53:57.560 00:05:04.705 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-15 16:57:57.538 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:60990 10 6452 1 2025-11-15 16:58:35.584 00:00:10.362 TCP 23.104.0.1:41166 -> 1.101.0.1:3000 11 1507 1 Summary: total flows: 163, total bytes: 496342, total packets: 1570, avg bps: 1105, avg pps: 0, avg bpp: 316 Time window: 2025-11-15 15:59:10 - 2025-11-15 16:59:02 Total flows processed: 163, passed: 163, Blocks skipped: 0, Bytes read: 17016 Sys: 0.0035s User: 0.0026s Wall: 0.0022s flows/second: 73065.3 Runtime: 0.0022s