Date first seen Duration Proto Src IP Addr:Port Dst IP Addr:Port Packets Bytes Flows 2025-11-28 10:58:43.584 00:00:10.369 TCP 23.104.0.1:34484 -> 1.101.0.1:3000 11 1507 1 2025-11-28 10:59:07.841 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-28 10:59:07.813 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-28 10:59:35.946 00:00:10.195 TCP 1.101.0.1:3000 -> 22.102.0.1:41468 10 6452 1 2025-11-28 10:59:44.002 00:00:10.358 TCP 23.104.0.1:39496 -> 1.101.0.1:3000 11 1507 1 2025-11-28 10:56:04.895 00:05:04.595 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-28 10:56:04.893 00:05:04.599 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-28 11:00:36.184 00:00:10.180 TCP 1.101.0.1:3000 -> 22.102.0.1:36624 10 6452 1 2025-11-28 11:00:44.398 00:00:10.362 TCP 23.104.0.1:53580 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:01:36.412 00:00:10.179 TCP 1.101.0.1:3000 -> 22.102.0.1:44272 10 6452 1 2025-11-28 11:01:44.797 00:00:10.380 TCP 23.104.0.1:57786 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:02:36.630 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:38156 10 6452 1 2025-11-28 11:02:45.219 00:00:10.323 TCP 23.104.0.1:42424 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:03:36.840 00:00:10.191 TCP 1.101.0.1:3000 -> 22.102.0.1:43766 10 6452 1 2025-11-28 11:03:45.580 00:00:10.362 TCP 23.104.0.1:49782 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:04:07.866 00:00:00.020 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-28 11:04:07.974 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-28 11:04:37.079 00:00:10.194 TCP 1.101.0.1:3000 -> 22.102.0.1:60168 10 6452 1 2025-11-28 11:04:45.979 00:00:10.370 TCP 23.104.0.1:59658 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:05:37.301 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:59536 10 6452 1 2025-11-28 11:05:46.388 00:00:10.361 TCP 23.104.0.1:38960 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:02:04.894 00:05:04.601 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-28 11:02:04.897 00:05:04.596 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-28 11:06:37.517 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:40108 10 6452 1 2025-11-28 11:06:46.787 00:00:10.363 TCP 23.104.0.1:56398 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:07:37.726 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:43838 10 6452 1 2025-11-28 11:07:47.187 00:00:10.936 TCP 23.104.0.1:57420 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:08:37.944 00:00:10.198 TCP 1.101.0.1:3000 -> 22.102.0.1:54546 10 6452 1 2025-11-28 11:08:48.164 00:00:10.324 TCP 23.104.0.1:33988 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:09:08.160 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-28 11:09:08.088 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-28 11:09:38.180 00:00:10.189 TCP 1.101.0.1:3000 -> 22.102.0.1:34262 10 6452 1 2025-11-28 11:09:48.528 00:00:10.326 TCP 23.104.0.1:50574 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:10:38.407 00:00:10.181 TCP 1.101.0.1:3000 -> 22.102.0.1:41394 10 6452 1 2025-11-28 11:10:48.893 00:00:10.326 TCP 23.104.0.1:56428 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:11:38.625 00:00:10.198 TCP 1.101.0.1:3000 -> 22.102.0.1:34134 12 10369 1 2025-11-28 11:11:49.257 00:00:10.397 TCP 23.104.0.1:58106 -> 1.101.0.1:3000 15 1926 1 2025-11-28 11:08:04.898 00:05:04.595 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-28 11:08:04.895 00:05:04.601 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-28 11:12:38.857 00:00:10.187 TCP 1.101.0.1:3000 -> 22.102.0.1:47654 10 6452 1 2025-11-28 11:12:49.691 00:00:10.364 TCP 23.104.0.1:32956 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:13:39.087 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:38396 10 6452 1 2025-11-28 11:13:50.106 00:00:10.323 TCP 23.104.0.1:42246 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:14:08.103 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-28 11:14:08.101 00:00:00.041 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-28 11:14:39.300 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:36370 10 6452 1 2025-11-28 11:14:50.470 00:00:10.359 TCP 23.104.0.1:57742 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:15:39.516 00:00:10.193 TCP 1.101.0.1:3000 -> 22.102.0.1:41070 10 6452 1 2025-11-28 11:15:50.868 00:00:10.364 TCP 23.104.0.1:53424 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:16:39.745 00:00:10.376 TCP 1.101.0.1:3000 -> 22.102.0.1:35440 10 6452 1 2025-11-28 11:16:51.271 00:00:11.786 TCP 23.104.0.1:46116 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:17:40.165 00:00:10.169 TCP 1.101.0.1:3000 -> 22.102.0.1:49494 10 6452 1 2025-11-28 11:17:53.106 00:00:10.323 TCP 23.104.0.1:55230 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:14:04.899 00:05:04.596 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-28 11:14:04.896 00:05:04.601 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-28 11:18:40.379 00:00:10.181 TCP 1.101.0.1:3000 -> 22.102.0.1:53194 10 6452 1 2025-11-28 11:18:53.465 00:00:10.324 TCP 23.104.0.1:54086 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:19:08.062 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-28 11:19:08.002 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-28 11:19:40.596 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:50870 10 6452 1 2025-11-28 11:19:53.829 00:00:10.341 TCP 23.104.0.1:34112 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:20:40.812 00:00:10.181 TCP 1.101.0.1:3000 -> 22.102.0.1:60126 10 6452 1 2025-11-28 11:20:54.210 00:00:10.361 TCP 23.104.0.1:49216 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:21:41.037 00:00:10.432 TCP 1.101.0.1:3000 -> 22.102.0.1:34606 10 6452 1 2025-11-28 11:21:54.609 00:00:10.375 TCP 23.104.0.1:51448 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:22:41.511 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:49254 10 6452 1 2025-11-28 11:22:55.026 00:00:10.362 TCP 23.104.0.1:47706 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:23:41.723 00:00:10.166 TCP 1.101.0.1:3000 -> 22.102.0.1:41810 10 6452 1 2025-11-28 11:20:04.899 00:05:04.602 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-28 11:24:08.249 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-28 11:23:55.424 00:00:10.365 TCP 23.104.0.1:53764 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:24:08.530 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-28 11:20:04.900 00:05:04.598 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-28 11:24:41.937 00:00:10.198 TCP 1.101.0.1:3000 -> 22.102.0.1:48018 10 6452 1 2025-11-28 11:24:55.826 00:00:10.366 TCP 23.104.0.1:45674 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:25:42.178 00:00:10.131 TCP 1.101.0.1:3000 -> 22.102.0.1:60726 10 6452 1 2025-11-28 11:25:56.232 00:00:10.368 TCP 23.104.0.1:51328 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:26:42.349 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:36190 10 6452 1 2025-11-28 11:26:56.636 00:00:10.370 TCP 23.104.0.1:53200 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:27:42.562 00:00:10.140 TCP 1.101.0.1:3000 -> 22.102.0.1:33728 10 6452 1 2025-11-28 11:27:57.048 00:00:10.326 TCP 23.104.0.1:56638 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:28:42.740 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:44022 10 6452 1 2025-11-28 11:29:08.498 00:00:00.021 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-28 11:29:08.314 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-28 11:28:57.410 00:00:10.366 TCP 23.104.0.1:48340 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:29:42.958 00:00:10.165 TCP 1.101.0.1:3000 -> 22.102.0.1:58970 10 6452 1 2025-11-28 11:26:04.901 00:05:04.601 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-28 11:29:57.812 00:00:10.368 TCP 23.104.0.1:55080 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:26:04.903 00:05:04.596 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-28 11:30:43.165 00:00:10.192 TCP 1.101.0.1:3000 -> 22.102.0.1:60036 10 6452 1 2025-11-28 11:30:58.217 00:00:10.369 TCP 23.104.0.1:33838 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:31:43.399 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:54044 10 6452 1 2025-11-28 11:31:58.619 00:00:10.368 TCP 23.104.0.1:48722 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:32:43.611 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:41682 10 6452 1 2025-11-28 11:32:59.031 00:00:10.366 TCP 23.104.0.1:48874 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:33:43.825 00:00:10.178 TCP 1.101.0.1:3000 -> 22.102.0.1:35950 10 6452 1 2025-11-28 11:34:08.711 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-28 11:33:59.437 00:00:10.362 TCP 23.104.0.1:51726 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:34:08.409 00:00:00.024 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-28 11:34:44.067 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:54360 10 6452 1 2025-11-28 11:34:59.847 00:00:10.382 TCP 23.104.0.1:50138 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:35:44.280 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:44208 10 6452 1 2025-11-28 11:32:04.901 00:05:04.603 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-28 11:32:04.903 00:05:04.599 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-28 11:36:00.272 00:00:10.748 TCP 23.104.0.1:38746 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:36:44.499 00:00:10.196 TCP 1.101.0.1:3000 -> 22.102.0.1:43284 12 10375 1 2025-11-28 11:37:01.096 00:00:10.442 TCP 23.104.0.1:39136 -> 1.101.0.1:3000 15 1926 1 2025-11-28 11:37:44.738 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:39292 10 6452 1 2025-11-28 11:38:01.580 00:00:10.358 TCP 23.104.0.1:55930 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:38:44.954 00:00:10.213 TCP 1.101.0.1:3000 -> 22.102.0.1:32782 12 6556 1 2025-11-28 11:39:08.865 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-28 11:39:08.799 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-28 11:39:01.979 00:00:10.369 TCP 23.104.0.1:54894 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:39:45.202 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:50732 10 6452 1 2025-11-28 11:40:02.387 00:00:10.323 TCP 23.104.0.1:59832 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:40:45.411 00:00:10.135 TCP 1.101.0.1:3000 -> 22.102.0.1:50172 10 6452 1 2025-11-28 11:41:02.753 00:00:10.385 TCP 23.104.0.1:38006 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:41:45.585 00:00:10.187 TCP 1.101.0.1:3000 -> 22.102.0.1:41172 10 6452 1 2025-11-28 11:38:04.902 00:05:04.605 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-28 11:38:04.904 00:05:04.600 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-28 11:42:03.177 00:00:10.363 TCP 23.104.0.1:36802 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:42:45.815 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:57916 10 6452 1 2025-11-28 11:43:03.582 00:00:10.364 TCP 23.104.0.1:57716 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:43:46.039 00:00:10.170 TCP 1.101.0.1:3000 -> 22.102.0.1:55088 10 6452 1 2025-11-28 11:44:08.941 00:00:00.024 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-28 11:44:08.895 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-28 11:44:03.984 00:00:10.369 TCP 23.104.0.1:38704 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:44:46.248 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:57324 10 6452 1 2025-11-28 11:45:04.384 00:00:10.366 TCP 23.104.0.1:50892 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:45:46.467 00:00:10.167 TCP 1.101.0.1:3000 -> 22.102.0.1:56202 10 6452 1 2025-11-28 11:46:04.800 00:00:10.372 TCP 23.104.0.1:35122 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:46:46.673 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:44264 10 6452 1 2025-11-28 11:47:05.211 00:00:10.367 TCP 23.104.0.1:48730 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:47:46.894 00:00:10.134 TCP 1.101.0.1:3000 -> 22.102.0.1:52408 10 6452 1 2025-11-28 11:44:04.902 00:05:04.606 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-28 11:44:04.905 00:05:04.601 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-28 11:48:05.616 00:00:10.337 TCP 23.104.0.1:34682 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:48:47.077 00:00:10.870 TCP 1.101.0.1:3000 -> 22.102.0.1:58354 10 6452 1 2025-11-28 11:49:08.844 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-28 11:49:08.858 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-28 11:49:05.986 00:00:10.364 TCP 23.104.0.1:48712 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:49:47.985 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:50842 10 6452 1 2025-11-28 11:50:06.393 00:00:10.364 TCP 23.104.0.1:33560 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:50:48.201 00:00:10.197 TCP 1.101.0.1:3000 -> 22.102.0.1:51726 10 6452 1 2025-11-28 11:51:06.800 00:00:10.371 TCP 23.104.0.1:54784 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:51:48.439 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:41488 10 6452 1 2025-11-28 11:52:07.205 00:00:10.366 TCP 23.104.0.1:45784 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:52:48.653 00:00:10.189 TCP 1.101.0.1:3000 -> 22.102.0.1:33430 10 6452 1 2025-11-28 11:53:07.605 00:00:10.373 TCP 23.104.0.1:35090 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:53:48.885 00:00:10.187 TCP 1.101.0.1:3000 -> 22.102.0.1:59462 10 6452 1 2025-11-28 11:50:04.908 00:05:04.601 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-28 11:54:08.953 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-28 11:54:08.881 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-28 11:50:04.906 00:05:04.606 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-28 11:54:08.027 00:00:10.366 TCP 23.104.0.1:59338 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:54:49.110 00:00:10.179 TCP 1.101.0.1:3000 -> 22.102.0.1:58380 10 6452 1 2025-11-28 11:55:08.428 00:00:10.367 TCP 23.104.0.1:46846 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:55:49.327 00:00:10.178 TCP 1.101.0.1:3000 -> 22.102.0.1:38502 10 6452 1 2025-11-28 11:56:08.830 00:00:10.394 TCP 23.104.0.1:33616 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:56:49.540 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:47682 10 6452 1 2025-11-28 11:57:09.265 00:00:10.325 TCP 23.104.0.1:41670 -> 1.101.0.1:3000 11 1507 1 2025-11-28 11:57:49.754 00:00:10.130 TCP 1.101.0.1:3000 -> 22.102.0.1:59160 10 6452 1 2025-11-28 11:58:09.631 00:00:10.366 TCP 23.104.0.1:49636 -> 1.101.0.1:3000 11 1507 1 Summary: total flows: 163, total bytes: 500678, total packets: 1576, avg bps: 1072, avg pps: 0, avg bpp: 317 Time window: 2025-11-28 10:56:04 - 2025-11-28 11:58:19 Total flows processed: 163, passed: 163, Blocks skipped: 0, Bytes read: 17016 Sys: 0.0052s User: 0.0000s Wall: 0.0022s flows/second: 73623.9 Runtime: 0.0022s