Date first seen Duration Proto Src IP Addr:Port Dst IP Addr:Port Packets Bytes Flows 2025-11-24 23:58:54.999 00:00:10.326 TCP 23.104.0.1:34522 -> 1.101.0.1:3000 11 1507 1 2025-11-24 23:59:01.170 00:00:10.187 TCP 1.101.0.1:3000 -> 22.102.0.1:33982 10 6870 1 2025-11-24 23:59:55.362 00:00:10.364 TCP 23.104.0.1:43626 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:00:01.392 00:00:10.186 TCP 1.101.0.1:3000 -> 22.102.0.1:42012 10 6870 1 2025-11-25 00:00:55.769 00:00:10.335 TCP 23.104.0.1:48820 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:01:01.615 00:00:10.134 TCP 1.101.0.1:3000 -> 22.102.0.1:32866 10 6870 1 2025-11-25 00:01:56.151 00:00:10.366 TCP 23.104.0.1:45000 -> 1.101.0.1:3000 11 1507 1 2025-11-24 23:57:07.604 00:05:55.771 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-24 23:57:07.607 00:05:55.766 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-25 00:02:01.790 00:00:10.134 TCP 1.101.0.1:3000 -> 22.102.0.1:45102 10 6870 1 2025-11-25 00:02:28.047 00:00:00.034 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-25 00:02:28.161 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-25 00:02:56.564 00:00:10.375 TCP 23.104.0.1:56462 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:03:01.963 00:00:10.199 TCP 1.101.0.1:3000 -> 22.102.0.1:49970 12 6974 1 2025-11-25 00:03:56.984 00:00:10.338 TCP 23.104.0.1:56410 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:04:02.203 00:00:10.181 TCP 1.101.0.1:3000 -> 22.102.0.1:54602 10 6870 1 2025-11-25 00:04:57.359 00:00:10.366 TCP 23.104.0.1:43494 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:05:02.426 00:00:10.182 TCP 1.101.0.1:3000 -> 22.102.0.1:43888 10 6870 1 2025-11-25 00:05:57.764 00:00:10.379 TCP 23.104.0.1:39478 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:06:02.651 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:51610 10 6870 1 2025-11-25 00:06:58.184 00:00:10.370 TCP 23.104.0.1:46550 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:07:02.873 00:00:10.155 TCP 1.101.0.1:3000 -> 22.102.0.1:41076 10 6870 1 2025-11-25 00:07:28.127 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-25 00:07:28.070 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-25 00:03:07.607 00:05:55.771 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-25 00:03:07.609 00:05:55.766 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-25 00:07:58.592 00:00:10.363 TCP 23.104.0.1:41990 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:08:03.085 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:59808 10 6870 1 2025-11-25 00:08:58.997 00:00:10.365 TCP 23.104.0.1:55876 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:09:03.297 00:00:10.184 TCP 1.101.0.1:3000 -> 22.102.0.1:53140 10 6870 1 2025-11-25 00:09:59.398 00:00:10.364 TCP 23.104.0.1:58446 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:10:03.517 00:00:10.189 TCP 1.101.0.1:3000 -> 22.102.0.1:52132 10 6870 1 2025-11-25 00:10:59.808 00:00:10.369 TCP 23.104.0.1:42328 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:11:03.746 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:41372 10 6870 1 2025-11-25 00:12:00.219 00:00:10.370 TCP 23.104.0.1:47910 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:12:03.960 00:00:10.189 TCP 1.101.0.1:3000 -> 22.102.0.1:54788 12 6974 1 2025-11-25 00:12:28.241 00:00:00.024 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-25 00:12:28.033 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-25 00:13:00.620 00:00:11.840 TCP 23.104.0.1:39076 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:13:04.186 00:00:10.557 TCP 1.101.0.1:3000 -> 22.102.0.1:60336 10 6870 1 2025-11-25 00:09:07.609 00:05:55.771 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-25 00:09:07.612 00:05:55.766 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-25 00:14:02.497 00:00:10.328 TCP 23.104.0.1:37130 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:14:04.782 00:00:10.189 TCP 1.101.0.1:3000 -> 22.102.0.1:42902 10 6870 1 2025-11-25 00:15:05.008 00:00:10.188 TCP 1.101.0.1:3000 -> 22.102.0.1:41118 10 6870 1 2025-11-25 00:15:02.863 00:00:10.376 TCP 23.104.0.1:35280 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:16:05.227 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:54430 10 6870 1 2025-11-25 00:16:03.276 00:00:10.327 TCP 23.104.0.1:55190 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:17:05.440 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:55896 10 6870 1 2025-11-25 00:17:03.644 00:00:10.367 TCP 23.104.0.1:45192 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:17:28.436 00:00:00.024 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-25 00:17:28.451 00:00:00.025 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-25 00:18:05.649 00:00:10.183 TCP 1.101.0.1:3000 -> 22.102.0.1:45258 10 6870 1 2025-11-25 00:18:04.060 00:00:10.364 TCP 23.104.0.1:53358 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:19:04.465 00:00:10.364 TCP 23.104.0.1:36508 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:19:05.868 00:00:10.195 TCP 1.101.0.1:3000 -> 22.102.0.1:59130 10 6870 1 2025-11-25 00:15:07.613 00:05:55.764 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-25 00:15:07.610 00:05:55.770 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-25 00:20:06.102 00:00:10.144 TCP 1.101.0.1:3000 -> 22.102.0.1:36534 10 6870 1 2025-11-25 00:20:04.871 00:00:10.370 TCP 23.104.0.1:58716 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:21:05.285 00:00:10.370 TCP 23.104.0.1:39632 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:21:06.284 00:00:10.195 TCP 1.101.0.1:3000 -> 22.102.0.1:52420 10 6870 1 2025-11-25 00:22:06.524 00:00:10.135 TCP 1.101.0.1:3000 -> 22.102.0.1:52492 10 6870 1 2025-11-25 00:22:05.695 00:00:10.326 TCP 23.104.0.1:60854 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:22:28.306 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-25 00:22:28.226 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-25 00:23:06.702 00:00:10.179 TCP 1.101.0.1:3000 -> 22.102.0.1:58280 10 6870 1 2025-11-25 00:23:06.066 00:00:10.324 TCP 23.104.0.1:47684 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:24:06.435 00:00:10.367 TCP 23.104.0.1:51420 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:24:06.927 00:00:10.157 TCP 1.101.0.1:3000 -> 22.102.0.1:44298 10 6870 1 2025-11-25 00:25:07.124 00:00:10.187 TCP 1.101.0.1:3000 -> 22.102.0.1:33210 10 6870 1 2025-11-25 00:25:06.846 00:00:10.394 TCP 23.104.0.1:35510 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:21:07.613 00:05:55.769 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-25 00:21:07.615 00:05:55.764 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-25 00:26:07.280 00:00:10.371 TCP 23.104.0.1:42774 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:26:07.350 00:00:10.188 TCP 1.101.0.1:3000 -> 22.102.0.1:55192 10 6870 1 2025-11-25 00:27:07.683 00:00:10.379 TCP 23.104.0.1:50170 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:27:07.579 00:00:10.185 TCP 1.101.0.1:3000 -> 22.102.0.1:34660 10 6870 1 2025-11-25 00:27:28.452 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-25 00:27:28.474 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-25 00:28:07.804 00:00:10.182 TCP 1.101.0.1:3000 -> 22.102.0.1:34980 10 6870 1 2025-11-25 00:28:08.106 00:00:10.365 TCP 23.104.0.1:34132 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:29:08.041 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:57936 10 6870 1 2025-11-25 00:29:08.511 00:00:10.327 TCP 23.104.0.1:51092 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:30:08.255 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:46144 10 6870 1 2025-11-25 00:30:08.879 00:00:10.348 TCP 23.104.0.1:55032 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:31:09.266 00:00:10.323 TCP 23.104.0.1:46108 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:31:08.474 00:00:10.170 TCP 1.101.0.1:3000 -> 22.102.0.1:54972 10 6870 1 2025-11-25 00:27:07.616 00:05:55.763 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-25 00:27:07.614 00:05:55.768 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-25 00:32:09.631 00:00:10.360 TCP 23.104.0.1:57582 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:32:08.683 00:00:10.136 TCP 1.101.0.1:3000 -> 22.102.0.1:55934 10 6870 1 2025-11-25 00:32:28.701 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-25 00:32:28.540 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-25 00:33:08.860 00:00:10.216 TCP 1.101.0.1:3000 -> 22.102.0.1:41278 10 6870 1 2025-11-25 00:33:10.036 00:00:10.367 TCP 23.104.0.1:44232 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:34:10.441 00:00:11.885 TCP 23.104.0.1:54976 -> 1.101.0.1:3000 13 1611 1 2025-11-25 00:34:09.111 00:00:13.109 TCP 1.101.0.1:3000 -> 22.102.0.1:56126 10 6870 1 2025-11-25 00:35:12.260 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:51056 10 6870 1 2025-11-25 00:35:12.365 00:00:10.323 TCP 23.104.0.1:60004 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:36:12.722 00:00:10.319 TCP 23.104.0.1:34364 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:36:12.476 00:00:10.141 TCP 1.101.0.1:3000 -> 22.102.0.1:43630 10 6870 1 2025-11-25 00:37:12.660 00:00:10.132 TCP 1.101.0.1:3000 -> 22.102.0.1:36148 10 6870 1 2025-11-25 00:37:28.463 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-25 00:37:13.109 00:00:10.366 TCP 23.104.0.1:41910 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:37:28.740 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-25 00:33:07.614 00:05:55.768 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-25 00:33:07.619 00:05:55.762 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-25 00:38:13.517 00:00:10.362 TCP 23.104.0.1:54984 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:38:12.833 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:40750 10 6870 1 2025-11-25 00:39:13.917 00:00:10.761 TCP 23.104.0.1:53104 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:39:13.061 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:37500 10 6870 1 2025-11-25 00:40:13.275 00:00:10.135 TCP 1.101.0.1:3000 -> 22.102.0.1:42298 10 6870 1 2025-11-25 00:40:14.717 00:00:10.377 TCP 23.104.0.1:36612 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:41:15.135 00:00:10.364 TCP 23.104.0.1:60800 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:41:13.445 00:00:10.181 TCP 1.101.0.1:3000 -> 22.102.0.1:57516 10 6870 1 2025-11-25 00:42:13.666 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:52496 10 6870 1 2025-11-25 00:42:15.535 00:00:10.364 TCP 23.104.0.1:52228 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:42:28.839 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-25 00:42:28.920 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-25 00:43:13.880 00:00:10.186 TCP 1.101.0.1:3000 -> 22.102.0.1:38050 10 6870 1 2025-11-25 00:43:15.940 00:00:10.371 TCP 23.104.0.1:49330 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:39:07.617 00:05:55.768 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-25 00:39:07.619 00:05:55.763 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-25 00:44:14.116 00:00:10.171 TCP 1.101.0.1:3000 -> 22.102.0.1:49878 10 6870 1 2025-11-25 00:44:16.344 00:00:10.367 TCP 23.104.0.1:47640 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:45:14.326 00:00:10.136 TCP 1.101.0.1:3000 -> 22.102.0.1:57880 10 6870 1 2025-11-25 00:45:16.752 00:00:10.321 TCP 23.104.0.1:42872 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:46:14.510 00:00:10.168 TCP 1.101.0.1:3000 -> 22.102.0.1:33820 10 6870 1 2025-11-25 00:46:17.136 00:00:10.375 TCP 23.104.0.1:54572 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:47:28.930 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-25 00:47:17.542 00:00:10.362 TCP 23.104.0.1:57350 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:47:14.725 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:47272 10 6870 1 2025-11-25 00:47:28.711 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-25 00:48:14.936 00:00:10.197 TCP 1.101.0.1:3000 -> 22.102.0.1:58654 10 6870 1 2025-11-25 00:48:17.943 00:00:10.373 TCP 23.104.0.1:34454 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:49:15.169 00:00:10.131 TCP 1.101.0.1:3000 -> 22.102.0.1:44464 10 6870 1 2025-11-25 00:49:18.354 00:00:10.322 TCP 23.104.0.1:36178 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:45:07.619 00:05:55.763 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-25 00:45:07.617 00:05:55.768 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-25 00:50:15.341 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:45768 10 6870 1 2025-11-25 00:50:18.715 00:00:10.323 TCP 23.104.0.1:60454 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:51:15.557 00:00:10.188 TCP 1.101.0.1:3000 -> 22.102.0.1:49874 10 6870 1 2025-11-25 00:51:19.110 00:00:10.365 TCP 23.104.0.1:58668 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:52:15.804 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:54540 10 6870 1 2025-11-25 00:52:28.901 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-25 00:52:28.910 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-25 00:52:19.519 00:00:10.365 TCP 23.104.0.1:46552 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:53:16.020 00:00:10.181 TCP 1.101.0.1:3000 -> 22.102.0.1:55242 10 6870 1 2025-11-25 00:53:19.921 00:00:10.384 TCP 23.104.0.1:35674 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:54:16.240 00:00:10.181 TCP 1.101.0.1:3000 -> 22.102.0.1:46866 10 6870 1 2025-11-25 00:54:20.342 00:00:10.367 TCP 23.104.0.1:54950 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:55:16.454 00:00:10.171 TCP 1.101.0.1:3000 -> 22.102.0.1:46696 10 6870 1 2025-11-25 00:55:20.747 00:00:10.322 TCP 23.104.0.1:45234 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:51:07.622 00:05:55.761 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-25 00:51:07.619 00:05:55.767 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-25 00:56:16.664 00:00:10.197 TCP 1.101.0.1:3000 -> 22.102.0.1:39964 12 10375 1 2025-11-25 00:56:21.112 00:00:10.456 TCP 23.104.0.1:35592 -> 1.101.0.1:3000 15 1926 1 2025-11-25 00:57:21.608 00:00:10.361 TCP 23.104.0.1:59754 -> 1.101.0.1:3000 11 1507 1 2025-11-25 00:57:29.033 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-25 00:57:29.174 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-25 00:57:16.905 00:00:10.181 TCP 1.101.0.1:3000 -> 22.102.0.1:56082 10 6452 1 2025-11-25 00:58:17.125 00:00:10.133 TCP 1.101.0.1:3000 -> 22.102.0.1:49794 10 6452 1 2025-11-25 00:58:22.008 00:00:10.364 TCP 23.104.0.1:35820 -> 1.101.0.1:3000 11 1507 1 Summary: total flows: 164, total bytes: 526828, total packets: 1584, avg bps: 1143, avg pps: 0, avg bpp: 332 Time window: 2025-11-24 23:57:07 - 2025-11-25 00:58:32 Total flows processed: 164, passed: 164, Blocks skipped: 0, Bytes read: 17120 Sys: 0.0040s User: 0.0024s Wall: 0.0021s flows/second: 77874.5 Runtime: 0.0021s