Date first seen Duration Proto Src IP Addr:Port Dst IP Addr:Port Packets Bytes Flows 2025-11-28 08:58:54.422 00:00:10.993 TCP 23.104.0.1:37780 -> 1.101.0.1:3000 11 1507 1 2025-11-28 08:59:05.345 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-28 08:59:05.458 00:00:00.021 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-28 08:59:06.963 00:00:10.192 TCP 1.101.0.1:3000 -> 22.102.0.1:40706 12 6556 1 2025-11-28 08:56:04.846 00:05:04.615 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-28 08:59:55.455 00:00:10.361 TCP 23.104.0.1:45146 -> 1.101.0.1:3000 11 1507 1 2025-11-28 08:56:04.851 00:05:04.609 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-28 09:00:07.196 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:33500 10 6452 1 2025-11-28 09:00:55.856 00:00:10.328 TCP 23.104.0.1:35184 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:01:07.412 00:00:10.204 TCP 1.101.0.1:3000 -> 22.102.0.1:45902 10 6452 1 2025-11-28 09:01:56.221 00:00:10.371 TCP 23.104.0.1:42654 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:02:07.651 00:00:10.178 TCP 1.101.0.1:3000 -> 22.102.0.1:35726 10 6452 1 2025-11-28 09:02:56.631 00:00:10.323 TCP 23.104.0.1:45912 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:03:07.869 00:00:10.180 TCP 1.101.0.1:3000 -> 22.102.0.1:37478 10 6452 1 2025-11-28 09:04:05.715 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-28 09:04:05.405 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-28 09:03:56.989 00:00:10.365 TCP 23.104.0.1:42322 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:04:08.089 00:00:10.137 TCP 1.101.0.1:3000 -> 22.102.0.1:39020 10 6452 1 2025-11-28 09:04:57.396 00:00:10.372 TCP 23.104.0.1:43558 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:05:08.267 00:00:10.130 TCP 1.101.0.1:3000 -> 22.102.0.1:49392 10 6452 1 2025-11-28 09:02:04.850 00:05:04.613 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-28 09:02:04.854 00:05:04.608 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-28 09:05:57.808 00:00:10.385 TCP 23.104.0.1:55510 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:06:08.438 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:44940 10 6452 1 2025-11-28 09:06:58.232 00:00:10.363 TCP 23.104.0.1:59460 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:07:08.650 00:00:10.169 TCP 1.101.0.1:3000 -> 22.102.0.1:43616 10 6452 1 2025-11-28 09:07:58.633 00:00:10.364 TCP 23.104.0.1:32912 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:08:08.866 00:00:10.193 TCP 1.101.0.1:3000 -> 22.102.0.1:38674 10 6452 1 2025-11-28 09:09:05.622 00:00:00.021 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-28 09:09:05.562 00:00:00.034 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-28 09:08:59.036 00:00:10.364 TCP 23.104.0.1:44860 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:09:09.100 00:00:10.187 TCP 1.101.0.1:3000 -> 22.102.0.1:47222 10 6452 1 2025-11-28 09:09:59.435 00:00:10.410 TCP 23.104.0.1:52796 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:10:09.324 00:00:10.720 TCP 1.101.0.1:3000 -> 22.102.0.1:39134 10 6452 1 2025-11-28 09:10:59.881 00:00:10.335 TCP 23.104.0.1:59198 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:11:10.086 00:00:10.178 TCP 1.101.0.1:3000 -> 22.102.0.1:51362 10 6452 1 2025-11-28 09:08:04.854 00:05:04.610 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-28 09:12:00.252 00:00:10.362 TCP 23.104.0.1:40356 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:08:04.856 00:05:04.605 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-28 09:12:10.301 00:00:10.195 TCP 1.101.0.1:3000 -> 22.102.0.1:50026 10 6452 1 2025-11-28 09:13:00.648 00:00:10.363 TCP 23.104.0.1:36944 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:13:10.531 00:00:10.179 TCP 1.101.0.1:3000 -> 22.102.0.1:37934 10 6452 1 2025-11-28 09:14:05.661 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-28 09:14:05.568 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-28 09:14:01.058 00:00:10.330 TCP 23.104.0.1:52826 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:14:10.756 00:00:10.181 TCP 1.101.0.1:3000 -> 22.102.0.1:47256 10 6452 1 2025-11-28 09:15:01.428 00:00:10.369 TCP 23.104.0.1:33800 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:15:10.976 00:00:10.201 TCP 1.101.0.1:3000 -> 22.102.0.1:53186 10 6452 1 2025-11-28 09:16:01.832 00:00:10.440 TCP 23.104.0.1:58134 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:16:11.209 00:00:10.190 TCP 1.101.0.1:3000 -> 22.102.0.1:34388 10 6452 1 2025-11-28 09:17:02.310 00:00:10.358 TCP 23.104.0.1:53552 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:17:11.436 00:00:10.185 TCP 1.101.0.1:3000 -> 22.102.0.1:52032 10 6452 1 2025-11-28 09:14:04.857 00:05:04.605 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-28 09:14:04.855 00:05:04.610 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-28 09:18:02.709 00:00:10.369 TCP 23.104.0.1:40164 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:18:11.658 00:00:10.128 TCP 1.101.0.1:3000 -> 22.102.0.1:42856 10 6452 1 2025-11-28 09:19:05.717 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-28 09:19:05.774 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-28 09:19:03.129 00:00:10.367 TCP 23.104.0.1:42312 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:19:11.825 00:00:10.186 TCP 1.101.0.1:3000 -> 22.102.0.1:36170 10 6452 1 2025-11-28 09:20:03.534 00:00:10.365 TCP 23.104.0.1:51330 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:20:12.069 00:00:10.184 TCP 1.101.0.1:3000 -> 22.102.0.1:51226 10 6452 1 2025-11-28 09:21:03.936 00:00:10.383 TCP 23.104.0.1:50178 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:21:12.290 00:00:10.180 TCP 1.101.0.1:3000 -> 22.102.0.1:45266 10 6452 1 2025-11-28 09:22:04.367 00:00:10.331 TCP 23.104.0.1:42924 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:22:12.509 00:00:10.183 TCP 1.101.0.1:3000 -> 22.102.0.1:37420 10 6452 1 2025-11-28 09:23:04.745 00:00:10.364 TCP 23.104.0.1:49366 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:23:12.725 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:57822 10 6452 1 2025-11-28 09:24:05.724 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-28 09:24:05.908 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-28 09:20:04.857 00:05:04.609 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-28 09:20:04.859 00:05:04.605 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-28 09:24:05.151 00:00:10.361 TCP 23.104.0.1:54114 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:24:12.940 00:00:10.192 TCP 1.101.0.1:3000 -> 22.102.0.1:35114 10 6452 1 2025-11-28 09:25:05.558 00:00:10.361 TCP 23.104.0.1:56062 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:25:13.171 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:40358 10 6452 1 2025-11-28 09:26:05.959 00:00:10.324 TCP 23.104.0.1:51320 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:26:13.387 00:00:10.136 TCP 1.101.0.1:3000 -> 22.102.0.1:55740 10 6452 1 2025-11-28 09:27:06.329 00:00:10.328 TCP 23.104.0.1:34474 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:27:13.559 00:00:10.180 TCP 1.101.0.1:3000 -> 22.102.0.1:49756 10 6452 1 2025-11-28 09:28:06.706 00:00:10.363 TCP 23.104.0.1:48570 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:28:13.780 00:00:10.182 TCP 1.101.0.1:3000 -> 22.102.0.1:60640 10 6452 1 2025-11-28 09:29:06.434 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-28 09:29:06.484 00:00:00.021 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-28 09:29:07.112 00:00:10.364 TCP 23.104.0.1:60676 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:29:14.000 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:34564 10 6452 1 2025-11-28 09:26:04.860 00:05:04.609 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-28 09:26:04.862 00:05:04.604 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-28 09:30:07.515 00:00:10.365 TCP 23.104.0.1:47806 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:30:14.218 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:60274 10 6452 1 2025-11-28 09:31:07.919 00:00:10.385 TCP 23.104.0.1:56182 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:31:14.431 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:52284 10 6452 1 2025-11-28 09:32:08.341 00:00:10.365 TCP 23.104.0.1:38458 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:32:14.655 00:00:10.187 TCP 1.101.0.1:3000 -> 22.102.0.1:41076 10 6452 1 2025-11-28 09:33:08.745 00:00:10.366 TCP 23.104.0.1:44040 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:33:14.881 00:00:10.132 TCP 1.101.0.1:3000 -> 22.102.0.1:33848 10 6452 1 2025-11-28 09:34:06.156 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-28 09:34:05.940 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-28 09:34:09.147 00:00:10.376 TCP 23.104.0.1:40102 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:34:15.077 00:00:10.130 TCP 1.101.0.1:3000 -> 22.102.0.1:56170 10 6452 1 2025-11-28 09:35:09.570 00:00:10.367 TCP 23.104.0.1:44032 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:35:15.246 00:00:10.192 TCP 1.101.0.1:3000 -> 22.102.0.1:38740 10 6452 1 2025-11-28 09:32:04.862 00:05:04.610 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-28 09:32:04.865 00:05:04.605 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-28 09:36:09.973 00:00:10.368 TCP 23.104.0.1:51800 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:36:15.486 00:00:10.168 TCP 1.101.0.1:3000 -> 22.102.0.1:49320 10 6452 1 2025-11-28 09:37:10.378 00:00:10.366 TCP 23.104.0.1:49060 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:37:15.700 00:00:10.170 TCP 1.101.0.1:3000 -> 22.102.0.1:46520 10 6452 1 2025-11-28 09:38:10.784 00:00:10.374 TCP 23.104.0.1:41502 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:38:15.908 00:00:10.178 TCP 1.101.0.1:3000 -> 22.102.0.1:46590 10 6452 1 2025-11-28 09:39:06.083 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-28 09:39:06.335 00:00:00.024 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-28 09:39:11.198 00:00:10.332 TCP 23.104.0.1:34148 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:39:16.129 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:35544 10 6452 1 2025-11-28 09:40:11.572 00:00:10.324 TCP 23.104.0.1:47622 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:40:16.351 00:00:10.178 TCP 1.101.0.1:3000 -> 22.102.0.1:37034 10 6452 1 2025-11-28 09:41:11.941 00:00:10.382 TCP 23.104.0.1:56392 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:41:16.569 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:37436 10 6452 1 2025-11-28 09:38:04.863 00:05:04.609 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-28 09:38:04.866 00:05:04.604 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-28 09:42:12.359 00:00:10.360 TCP 23.104.0.1:57298 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:42:16.785 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:34356 10 6452 1 2025-11-28 09:43:12.761 00:00:10.337 TCP 23.104.0.1:40726 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:43:16.998 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:53200 10 6452 1 2025-11-28 09:44:06.458 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-28 09:44:06.161 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-28 09:44:13.136 00:00:10.368 TCP 23.104.0.1:37566 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:44:17.214 00:00:10.178 TCP 1.101.0.1:3000 -> 22.102.0.1:39414 10 6452 1 2025-11-28 09:45:13.545 00:00:10.326 TCP 23.104.0.1:50346 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:45:17.428 00:00:10.184 TCP 1.101.0.1:3000 -> 22.102.0.1:49636 10 6452 1 2025-11-28 09:46:13.905 00:00:10.371 TCP 23.104.0.1:52672 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:46:17.649 00:00:10.671 TCP 1.101.0.1:3000 -> 22.102.0.1:46670 10 6452 1 2025-11-28 09:47:14.314 00:00:10.365 TCP 23.104.0.1:60826 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:47:18.358 00:00:10.143 TCP 1.101.0.1:3000 -> 22.102.0.1:51954 10 6452 1 2025-11-28 09:44:04.865 00:05:04.609 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-28 09:44:04.867 00:05:04.604 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-28 09:48:14.716 00:00:10.374 TCP 23.104.0.1:50852 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:48:18.547 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:37430 10 6452 1 2025-11-28 09:49:06.493 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-28 09:49:06.703 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-28 09:49:15.127 00:00:10.359 TCP 23.104.0.1:51814 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:49:18.761 00:00:10.171 TCP 1.101.0.1:3000 -> 22.102.0.1:52786 10 6452 1 2025-11-28 09:50:15.524 00:00:10.360 TCP 23.104.0.1:43638 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:50:18.968 00:00:10.188 TCP 1.101.0.1:3000 -> 22.102.0.1:38352 10 6452 1 2025-11-28 09:51:15.921 00:00:10.369 TCP 23.104.0.1:39422 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:51:19.195 00:00:10.171 TCP 1.101.0.1:3000 -> 22.102.0.1:39744 10 6452 1 2025-11-28 09:52:16.335 00:00:10.362 TCP 23.104.0.1:41490 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:52:19.406 00:00:10.180 TCP 1.101.0.1:3000 -> 22.102.0.1:37948 10 6452 1 2025-11-28 09:53:16.742 00:00:10.360 TCP 23.104.0.1:38682 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:53:19.625 00:00:10.183 TCP 1.101.0.1:3000 -> 22.102.0.1:45702 10 6452 1 2025-11-28 09:54:06.593 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-28 09:50:04.865 00:05:04.610 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-28 09:54:06.747 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-28 09:50:04.868 00:05:04.604 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-28 09:54:19.845 00:00:10.183 TCP 1.101.0.1:3000 -> 22.102.0.1:45998 10 6452 1 2025-11-28 09:54:17.139 00:00:10.363 TCP 23.104.0.1:40888 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:55:20.083 00:00:10.181 TCP 1.101.0.1:3000 -> 22.102.0.1:43716 10 6452 1 2025-11-28 09:55:17.546 00:00:10.370 TCP 23.104.0.1:34368 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:56:20.300 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:39794 10 6452 1 2025-11-28 09:56:17.955 00:00:10.364 TCP 23.104.0.1:41442 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:57:18.361 00:00:10.376 TCP 23.104.0.1:60308 -> 1.101.0.1:3000 11 1507 1 2025-11-28 09:57:20.518 00:00:10.170 TCP 1.101.0.1:3000 -> 22.102.0.1:49176 10 6452 1 2025-11-28 09:58:20.727 00:00:10.130 TCP 1.101.0.1:3000 -> 22.102.0.1:43492 10 6452 1 2025-11-28 09:58:18.777 00:00:10.365 TCP 23.104.0.1:59570 -> 1.101.0.1:3000 11 1507 1 Summary: total flows: 164, total bytes: 498452, total packets: 1574, avg bps: 1064, avg pps: 0, avg bpp: 316 Time window: 2025-11-28 08:56:04 - 2025-11-28 09:58:30 Total flows processed: 164, passed: 164, Blocks skipped: 0, Bytes read: 17120 Sys: 0.0051s User: 0.0017s Wall: 0.0026s flows/second: 63987.5 Runtime: 0.0026s