Date first seen Duration Proto Src IP Addr:Port Dst IP Addr:Port Packets Bytes Flows 2025-11-25 08:58:50.566 00:00:10.372 TCP 23.104.0.1:42062 -> 1.101.0.1:3000 11 1507 1 2025-11-25 08:59:27.504 00:00:10.228 TCP 1.101.0.1:3000 -> 22.102.0.1:52086 10 6452 1 2025-11-25 08:59:50.978 00:00:10.381 TCP 23.104.0.1:58324 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:00:27.775 00:00:10.312 TCP 1.101.0.1:3000 -> 22.102.0.1:49368 10 6452 1 2025-11-25 09:00:51.398 00:00:10.443 TCP 23.104.0.1:39858 -> 1.101.0.1:3000 15 1926 1 2025-11-25 09:01:28.125 00:00:10.165 TCP 1.101.0.1:3000 -> 22.102.0.1:41008 12 10375 1 2025-11-25 09:01:51.872 00:00:10.363 TCP 23.104.0.1:40456 -> 1.101.0.1:3000 11 1507 1 2025-11-25 08:57:07.819 00:05:55.701 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-25 08:57:07.821 00:05:55.695 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-25 09:02:38.677 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-25 09:02:28.329 00:00:10.568 TCP 1.101.0.1:3000 -> 22.102.0.1:58078 10 6452 1 2025-11-25 09:02:38.845 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-25 09:02:52.273 00:00:10.362 TCP 23.104.0.1:49232 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:03:28.941 00:00:10.197 TCP 1.101.0.1:3000 -> 22.102.0.1:48392 10 6452 1 2025-11-25 09:03:52.675 00:00:10.366 TCP 23.104.0.1:53516 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:04:29.175 00:00:10.180 TCP 1.101.0.1:3000 -> 22.102.0.1:49286 10 6452 1 2025-11-25 09:04:53.105 00:00:10.366 TCP 23.104.0.1:53884 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:05:29.392 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:57986 10 6452 1 2025-11-25 09:05:53.511 00:00:10.370 TCP 23.104.0.1:35458 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:06:29.609 00:00:10.178 TCP 1.101.0.1:3000 -> 22.102.0.1:43226 10 6452 1 2025-11-25 09:06:53.924 00:00:10.377 TCP 23.104.0.1:60690 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:07:29.827 00:00:10.171 TCP 1.101.0.1:3000 -> 22.102.0.1:51888 10 6452 1 2025-11-25 09:07:39.030 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-25 09:07:38.951 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-25 09:03:07.821 00:05:55.699 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-25 09:07:54.341 00:00:10.364 TCP 23.104.0.1:46322 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:03:07.823 00:05:55.694 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-25 09:08:30.037 00:00:10.170 TCP 1.101.0.1:3000 -> 22.102.0.1:36446 10 6452 1 2025-11-25 09:08:54.744 00:00:10.371 TCP 23.104.0.1:45036 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:09:30.250 00:00:10.171 TCP 1.101.0.1:3000 -> 22.102.0.1:59414 10 6452 1 2025-11-25 09:09:55.149 00:00:10.923 TCP 23.104.0.1:58804 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:10:30.462 00:00:10.132 TCP 1.101.0.1:3000 -> 22.102.0.1:43214 10 6452 1 2025-11-25 09:10:56.106 00:00:10.368 TCP 23.104.0.1:60982 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:11:30.635 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:35734 10 6452 1 2025-11-25 09:11:56.513 00:00:10.370 TCP 23.104.0.1:39376 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:12:39.084 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-25 09:12:30.846 00:00:10.178 TCP 1.101.0.1:3000 -> 22.102.0.1:57142 10 6452 1 2025-11-25 09:12:38.828 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-25 09:12:56.919 00:00:10.363 TCP 23.104.0.1:42372 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:13:31.090 00:00:10.140 TCP 1.101.0.1:3000 -> 22.102.0.1:60518 10 6452 1 2025-11-25 09:09:07.824 00:05:55.698 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-25 09:09:07.826 00:05:55.693 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-25 09:13:57.285 00:00:10.370 TCP 23.104.0.1:45298 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:14:31.269 00:00:10.130 TCP 1.101.0.1:3000 -> 22.102.0.1:33770 10 6452 1 2025-11-25 09:14:57.687 00:00:10.324 TCP 23.104.0.1:47482 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:15:31.438 00:00:10.185 TCP 1.101.0.1:3000 -> 22.102.0.1:59460 10 6452 1 2025-11-25 09:15:58.061 00:00:10.365 TCP 23.104.0.1:39832 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:16:31.663 00:00:10.313 TCP 1.101.0.1:3000 -> 22.102.0.1:42478 10 6452 1 2025-11-25 09:16:58.465 00:00:10.360 TCP 23.104.0.1:58158 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:17:39.176 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-25 09:17:39.105 00:00:00.043 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-25 09:17:32.026 00:00:10.187 TCP 1.101.0.1:3000 -> 22.102.0.1:36284 10 6452 1 2025-11-25 09:17:58.862 00:00:10.374 TCP 23.104.0.1:48300 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:18:32.251 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:34594 10 6452 1 2025-11-25 09:18:59.273 00:00:10.366 TCP 23.104.0.1:50064 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:19:32.465 00:00:10.187 TCP 1.101.0.1:3000 -> 22.102.0.1:60024 10 6452 1 2025-11-25 09:15:07.825 00:05:55.701 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-25 09:15:07.827 00:05:55.695 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-25 09:19:59.673 00:00:10.370 TCP 23.104.0.1:55624 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:20:32.693 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:58552 10 6452 1 2025-11-25 09:21:00.101 00:00:10.368 TCP 23.104.0.1:44608 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:21:32.903 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:46318 10 6452 1 2025-11-25 09:22:00.508 00:00:10.333 TCP 23.104.0.1:45708 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:22:39.154 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-25 09:22:39.221 00:00:00.021 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-25 09:22:33.129 00:00:10.171 TCP 1.101.0.1:3000 -> 22.102.0.1:36872 10 6452 1 2025-11-25 09:23:00.881 00:00:10.381 TCP 23.104.0.1:57448 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:23:33.339 00:00:10.179 TCP 1.101.0.1:3000 -> 22.102.0.1:58384 10 6452 1 2025-11-25 09:24:01.300 00:00:10.374 TCP 23.104.0.1:56440 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:24:33.555 00:00:10.189 TCP 1.101.0.1:3000 -> 22.102.0.1:51474 10 6452 1 2025-11-25 09:25:01.709 00:00:10.387 TCP 23.104.0.1:49166 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:25:33.789 00:00:10.178 TCP 1.101.0.1:3000 -> 22.102.0.1:59280 10 6452 1 2025-11-25 09:21:07.828 00:05:55.696 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-25 09:21:07.826 00:05:55.701 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-25 09:26:02.144 00:00:10.366 TCP 23.104.0.1:43240 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:26:34.005 00:00:10.184 TCP 1.101.0.1:3000 -> 22.102.0.1:35958 10 6452 1 2025-11-25 09:27:02.549 00:00:10.370 TCP 23.104.0.1:57546 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:27:39.519 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-25 09:27:39.646 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-25 09:27:34.231 00:00:10.188 TCP 1.101.0.1:3000 -> 22.102.0.1:38366 10 6452 1 2025-11-25 09:28:02.959 00:00:10.417 TCP 23.104.0.1:34724 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:28:34.458 00:00:10.185 TCP 1.101.0.1:3000 -> 22.102.0.1:43542 10 6452 1 2025-11-25 09:29:03.417 00:00:10.333 TCP 23.104.0.1:49872 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:29:34.680 00:00:10.147 TCP 1.101.0.1:3000 -> 22.102.0.1:38712 10 6452 1 2025-11-25 09:30:03.790 00:00:10.370 TCP 23.104.0.1:37374 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:30:34.864 00:00:10.141 TCP 1.101.0.1:3000 -> 22.102.0.1:38710 10 6452 1 2025-11-25 09:31:04.199 00:00:10.368 TCP 23.104.0.1:34856 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:31:35.068 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:50470 10 6452 1 2025-11-25 09:27:07.829 00:05:55.698 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-25 09:27:07.832 00:05:55.694 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-25 09:32:04.602 00:00:10.369 TCP 23.104.0.1:44626 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:32:39.430 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-25 09:32:39.357 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-25 09:32:35.285 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:33090 10 6452 1 2025-11-25 09:33:05.007 00:00:10.368 TCP 23.104.0.1:38318 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:33:35.494 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:34710 10 6452 1 2025-11-25 09:34:05.411 00:00:10.367 TCP 23.104.0.1:42360 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:34:35.708 00:00:10.134 TCP 1.101.0.1:3000 -> 22.102.0.1:42428 10 6452 1 2025-11-25 09:35:05.815 00:00:10.368 TCP 23.104.0.1:33750 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:35:35.878 00:00:10.194 TCP 1.101.0.1:3000 -> 22.102.0.1:56252 10 6452 1 2025-11-25 09:36:06.220 00:00:10.369 TCP 23.104.0.1:55148 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:36:36.103 00:00:10.184 TCP 1.101.0.1:3000 -> 22.102.0.1:38878 10 6452 1 2025-11-25 09:37:06.623 00:00:10.364 TCP 23.104.0.1:58446 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:37:39.775 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-25 09:37:39.439 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-25 09:37:36.323 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:35070 10 6452 1 2025-11-25 09:33:07.831 00:05:55.694 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-25 09:33:07.830 00:05:55.699 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-25 09:38:07.024 00:00:10.365 TCP 23.104.0.1:33982 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:38:36.537 00:00:10.184 TCP 1.101.0.1:3000 -> 22.102.0.1:55020 10 6452 1 2025-11-25 09:39:07.428 00:00:10.325 TCP 23.104.0.1:39380 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:39:36.761 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:38902 10 6452 1 2025-11-25 09:40:07.800 00:00:10.362 TCP 23.104.0.1:49500 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:40:36.982 00:00:10.157 TCP 1.101.0.1:3000 -> 22.102.0.1:46774 10 6452 1 2025-11-25 09:41:08.203 00:00:10.358 TCP 23.104.0.1:33320 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:41:37.174 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:45564 10 6452 1 2025-11-25 09:42:08.601 00:00:10.368 TCP 23.104.0.1:33074 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:42:39.576 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-25 09:42:39.549 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-25 09:42:37.391 00:00:10.168 TCP 1.101.0.1:3000 -> 22.102.0.1:53486 10 6452 1 2025-11-25 09:43:09.010 00:00:10.370 TCP 23.104.0.1:53858 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:43:37.595 00:00:10.195 TCP 1.101.0.1:3000 -> 22.102.0.1:37968 10 6452 1 2025-11-25 09:39:07.831 00:05:55.699 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-25 09:39:07.832 00:05:55.695 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-25 09:44:09.416 00:00:10.367 TCP 23.104.0.1:43172 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:44:37.828 00:00:10.179 TCP 1.101.0.1:3000 -> 22.102.0.1:48782 10 6452 1 2025-11-25 09:45:09.822 00:00:10.363 TCP 23.104.0.1:41998 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:45:38.067 00:00:10.181 TCP 1.101.0.1:3000 -> 22.102.0.1:51918 10 6452 1 2025-11-25 09:46:10.223 00:00:10.363 TCP 23.104.0.1:40346 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:46:38.282 00:00:10.135 TCP 1.101.0.1:3000 -> 22.102.0.1:56396 10 6452 1 2025-11-25 09:47:10.622 00:00:10.366 TCP 23.104.0.1:36436 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:47:39.715 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-25 09:47:39.607 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-25 09:47:38.452 00:00:10.180 TCP 1.101.0.1:3000 -> 22.102.0.1:37310 10 6452 1 2025-11-25 09:48:11.030 00:00:10.365 TCP 23.104.0.1:46768 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:48:38.671 00:00:10.182 TCP 1.101.0.1:3000 -> 22.102.0.1:49348 10 6452 1 2025-11-25 09:49:11.437 00:00:10.324 TCP 23.104.0.1:60372 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:49:38.893 00:00:10.182 TCP 1.101.0.1:3000 -> 22.102.0.1:48828 10 6452 1 2025-11-25 09:45:07.832 00:05:55.701 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-25 09:45:07.834 00:05:55.697 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-25 09:50:11.799 00:00:10.366 TCP 23.104.0.1:37852 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:50:39.109 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:59360 10 6452 1 2025-11-25 09:51:12.200 00:00:10.363 TCP 23.104.0.1:46960 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:51:39.325 00:00:10.377 TCP 1.101.0.1:3000 -> 22.102.0.1:36194 10 6452 1 2025-11-25 09:52:12.599 00:00:10.328 TCP 23.104.0.1:56086 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:52:39.877 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-25 09:52:39.828 00:00:00.016 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-25 09:52:39.752 00:00:10.178 TCP 1.101.0.1:3000 -> 22.102.0.1:34006 10 6452 1 2025-11-25 09:53:12.967 00:00:10.368 TCP 23.104.0.1:50200 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:53:39.968 00:00:10.523 TCP 1.101.0.1:3000 -> 22.102.0.1:56412 10 6452 1 2025-11-25 09:54:13.374 00:00:10.367 TCP 23.104.0.1:52380 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:54:40.532 00:00:10.180 TCP 1.101.0.1:3000 -> 22.102.0.1:58956 10 6452 1 2025-11-25 09:55:13.777 00:00:10.364 TCP 23.104.0.1:54658 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:55:40.752 00:00:10.161 TCP 1.101.0.1:3000 -> 22.102.0.1:42910 10 6452 1 2025-11-25 09:51:07.835 00:05:55.697 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-25 09:51:07.833 00:05:55.701 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-25 09:56:14.185 00:00:10.325 TCP 23.104.0.1:47522 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:56:40.961 00:00:10.143 TCP 1.101.0.1:3000 -> 22.102.0.1:49158 10 6452 1 2025-11-25 09:57:14.548 00:00:10.371 TCP 23.104.0.1:54440 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:57:40.106 00:00:00.042 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-25 09:57:40.262 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-25 09:57:41.140 00:00:10.171 TCP 1.101.0.1:3000 -> 22.102.0.1:53644 10 6452 1 2025-11-25 09:58:14.955 00:00:10.383 TCP 23.104.0.1:49196 -> 1.101.0.1:3000 11 1507 1 2025-11-25 09:58:41.352 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:39834 10 6452 1 Summary: total flows: 164, total bytes: 502690, total packets: 1578, avg bps: 1085, avg pps: 0, avg bpp: 318 Time window: 2025-11-25 08:57:07 - 2025-11-25 09:58:51 Total flows processed: 164, passed: 164, Blocks skipped: 0, Bytes read: 17120 Sys: 0.0093s User: 0.0021s Wall: 0.0089s flows/second: 18509.9 Runtime: 0.0089s