Date first seen Duration Proto Src IP Addr:Port Dst IP Addr:Port Packets Bytes Flows 2025-11-28 19:58:46.930 00:00:10.382 TCP 23.104.0.1:44940 -> 1.101.0.1:3000 11 1507 1 2025-11-28 19:58:52.758 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:55874 10 6452 1 2025-11-28 19:59:18.527 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-28 19:59:18.596 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-28 19:59:47.347 00:00:10.328 TCP 23.104.0.1:32856 -> 1.101.0.1:3000 11 1507 1 2025-11-28 19:59:52.971 00:00:10.202 TCP 1.101.0.1:3000 -> 22.102.0.1:54646 10 6452 1 2025-11-28 19:55:09.683 00:05:55.392 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-28 19:55:09.681 00:05:55.397 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-28 20:00:47.711 00:00:10.323 TCP 23.104.0.1:42450 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:00:53.213 00:00:10.136 TCP 1.101.0.1:3000 -> 22.102.0.1:34378 10 6452 1 2025-11-28 20:01:48.097 00:00:10.369 TCP 23.104.0.1:58618 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:01:53.383 00:00:10.179 TCP 1.101.0.1:3000 -> 22.102.0.1:58528 10 6452 1 2025-11-28 20:02:48.501 00:00:10.365 TCP 23.104.0.1:47264 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:02:53.602 00:00:10.958 TCP 1.101.0.1:3000 -> 22.102.0.1:52948 10 6452 1 2025-11-28 20:03:48.908 00:00:10.419 TCP 23.104.0.1:53070 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:03:54.601 00:00:10.171 TCP 1.101.0.1:3000 -> 22.102.0.1:37142 10 6452 1 2025-11-28 20:04:18.841 00:00:00.025 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-28 20:04:18.836 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-28 20:04:49.377 00:00:10.366 TCP 23.104.0.1:36180 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:04:54.808 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:47536 10 6452 1 2025-11-28 20:05:49.783 00:00:10.369 TCP 23.104.0.1:42690 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:05:55.040 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:57166 10 6452 1 2025-11-28 20:01:09.686 00:05:55.393 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-28 20:01:09.683 00:05:55.398 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-28 20:06:50.190 00:00:10.364 TCP 23.104.0.1:53862 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:06:55.258 00:00:10.154 TCP 1.101.0.1:3000 -> 22.102.0.1:34878 10 6452 1 2025-11-28 20:07:50.598 00:00:10.361 TCP 23.104.0.1:36450 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:07:55.457 00:00:10.146 TCP 1.101.0.1:3000 -> 22.102.0.1:57810 10 6452 1 2025-11-28 20:08:50.992 00:00:10.360 TCP 23.104.0.1:37936 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:08:55.644 00:00:10.132 TCP 1.101.0.1:3000 -> 22.102.0.1:37210 10 6452 1 2025-11-28 20:09:18.628 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-28 20:09:18.927 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-28 20:09:51.391 00:00:10.364 TCP 23.104.0.1:45808 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:09:55.813 00:00:10.140 TCP 1.101.0.1:3000 -> 22.102.0.1:48928 10 6452 1 2025-11-28 20:10:51.793 00:00:10.365 TCP 23.104.0.1:57220 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:10:55.990 00:00:10.189 TCP 1.101.0.1:3000 -> 22.102.0.1:48860 10 6452 1 2025-11-28 20:07:09.685 00:05:55.401 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-28 20:11:52.195 00:00:10.365 TCP 23.104.0.1:57684 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:11:56.216 00:00:10.134 TCP 1.101.0.1:3000 -> 22.102.0.1:50506 11 6492 1 2025-11-28 20:07:09.689 00:05:55.395 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-28 20:12:56.385 00:00:10.124 TCP 1.101.0.1:3000 -> 22.102.0.1:50540 10 6452 1 2025-11-28 20:12:52.601 00:00:10.367 TCP 23.104.0.1:54984 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:13:56.551 00:00:10.171 TCP 1.101.0.1:3000 -> 22.102.0.1:41106 10 6452 1 2025-11-28 20:13:53.005 00:00:10.364 TCP 23.104.0.1:48528 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:14:19.009 00:00:00.020 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-28 20:14:18.846 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-28 20:14:53.411 00:00:10.363 TCP 23.104.0.1:47316 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:14:56.764 00:00:10.170 TCP 1.101.0.1:3000 -> 22.102.0.1:55678 10 6452 1 2025-11-28 20:15:53.813 00:00:10.371 TCP 23.104.0.1:33498 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:15:56.975 00:00:10.159 TCP 1.101.0.1:3000 -> 22.102.0.1:40480 10 6452 1 2025-11-28 20:16:54.226 00:00:10.359 TCP 23.104.0.1:53364 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:16:57.175 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:60020 10 6452 1 2025-11-28 20:13:09.690 00:05:55.397 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-28 20:17:54.629 00:00:10.367 TCP 23.104.0.1:33888 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:13:09.686 00:05:55.402 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-28 20:17:57.392 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:37006 10 6452 1 2025-11-28 20:18:55.032 00:00:10.370 TCP 23.104.0.1:33592 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:18:57.605 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:52902 10 6452 1 2025-11-28 20:19:18.896 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-28 20:19:18.979 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-28 20:19:55.453 00:00:10.365 TCP 23.104.0.1:39006 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:19:57.818 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:34250 10 6452 1 2025-11-28 20:20:55.855 00:00:10.344 TCP 23.104.0.1:41488 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:20:58.043 00:00:10.169 TCP 1.101.0.1:3000 -> 22.102.0.1:44334 10 6452 1 2025-11-28 20:21:56.236 00:00:10.366 TCP 23.104.0.1:51898 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:21:58.253 00:00:10.400 TCP 1.101.0.1:3000 -> 22.102.0.1:46990 10 6452 1 2025-11-28 20:22:58.696 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:55162 10 6452 1 2025-11-28 20:22:56.637 00:00:10.364 TCP 23.104.0.1:33738 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:19:09.691 00:05:55.395 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-28 20:19:09.688 00:05:55.400 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-28 20:23:57.037 00:00:10.367 TCP 23.104.0.1:37418 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:23:58.911 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:45112 10 6452 1 2025-11-28 20:24:19.235 00:00:00.024 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-28 20:24:19.306 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-28 20:24:57.443 00:00:10.331 TCP 23.104.0.1:59726 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:24:59.119 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:55444 10 6452 1 2025-11-28 20:25:59.334 00:00:10.133 TCP 1.101.0.1:3000 -> 22.102.0.1:47398 10 6452 1 2025-11-28 20:25:57.818 00:00:10.364 TCP 23.104.0.1:51458 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:26:59.503 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:51360 10 6452 1 2025-11-28 20:26:58.220 00:00:10.365 TCP 23.104.0.1:36640 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:27:58.623 00:00:10.361 TCP 23.104.0.1:46078 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:27:59.719 00:00:10.171 TCP 1.101.0.1:3000 -> 22.102.0.1:48384 10 6452 1 2025-11-28 20:28:59.929 00:00:10.158 TCP 1.101.0.1:3000 -> 22.102.0.1:57984 10 6452 1 2025-11-28 20:28:59.026 00:00:10.366 TCP 23.104.0.1:54560 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:29:19.384 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-28 20:29:19.343 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-28 20:25:09.693 00:05:55.397 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-28 20:25:09.691 00:05:55.402 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-28 20:30:00.127 00:00:10.156 TCP 1.101.0.1:3000 -> 22.102.0.1:33284 10 6452 1 2025-11-28 20:29:59.431 00:00:10.368 TCP 23.104.0.1:55562 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:30:59.839 00:00:10.346 TCP 23.104.0.1:38110 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:31:00.329 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:40210 10 6452 1 2025-11-28 20:32:00.539 00:00:10.143 TCP 1.101.0.1:3000 -> 22.102.0.1:51114 10 6452 1 2025-11-28 20:32:00.223 00:00:10.365 TCP 23.104.0.1:42992 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:33:00.628 00:00:10.374 TCP 23.104.0.1:46466 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:33:00.728 00:00:10.181 TCP 1.101.0.1:3000 -> 22.102.0.1:59530 10 6452 1 2025-11-28 20:34:00.946 00:00:10.148 TCP 1.101.0.1:3000 -> 22.102.0.1:44510 10 6452 1 2025-11-28 20:34:01.045 00:00:10.365 TCP 23.104.0.1:42456 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:34:19.204 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-28 20:34:19.514 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-28 20:35:01.131 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:33896 10 6452 1 2025-11-28 20:35:01.448 00:00:10.323 TCP 23.104.0.1:52276 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:31:09.693 00:05:55.399 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-28 20:31:09.694 00:05:55.395 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-28 20:36:01.344 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:54096 10 6452 1 2025-11-28 20:36:01.813 00:00:10.365 TCP 23.104.0.1:44902 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:37:01.556 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:48576 10 6452 1 2025-11-28 20:37:02.220 00:00:10.367 TCP 23.104.0.1:48584 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:38:01.773 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:35958 10 6452 1 2025-11-28 20:38:02.625 00:00:10.364 TCP 23.104.0.1:41740 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:39:03.028 00:00:10.365 TCP 23.104.0.1:40848 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:39:01.988 00:00:10.187 TCP 1.101.0.1:3000 -> 22.102.0.1:58476 10 6452 1 2025-11-28 20:39:19.529 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-28 20:39:19.637 00:00:00.021 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-28 20:40:02.216 00:00:10.136 TCP 1.101.0.1:3000 -> 22.102.0.1:43716 10 6452 1 2025-11-28 20:40:03.434 00:00:10.366 TCP 23.104.0.1:45684 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:41:02.394 00:00:10.194 TCP 1.101.0.1:3000 -> 22.102.0.1:44110 10 6452 1 2025-11-28 20:41:03.839 00:00:10.391 TCP 23.104.0.1:40736 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:37:09.696 00:05:55.393 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-28 20:37:09.694 00:05:55.399 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-28 20:42:02.624 00:00:10.178 TCP 1.101.0.1:3000 -> 22.102.0.1:40868 10 6452 1 2025-11-28 20:42:04.268 00:00:10.367 TCP 23.104.0.1:34366 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:43:02.838 00:00:10.183 TCP 1.101.0.1:3000 -> 22.102.0.1:33306 10 6452 1 2025-11-28 20:43:04.673 00:00:10.321 TCP 23.104.0.1:59366 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:44:05.035 00:00:10.361 TCP 23.104.0.1:40434 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:44:03.079 00:00:10.178 TCP 1.101.0.1:3000 -> 22.102.0.1:43526 10 6452 1 2025-11-28 20:44:19.837 00:00:00.021 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-28 20:44:19.863 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-28 20:45:03.295 00:00:10.133 TCP 1.101.0.1:3000 -> 22.102.0.1:43014 10 6452 1 2025-11-28 20:45:05.435 00:00:10.374 TCP 23.104.0.1:54888 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:46:03.464 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:33650 10 6452 1 2025-11-28 20:46:05.852 00:00:10.384 TCP 23.104.0.1:43972 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:47:06.272 00:00:10.372 TCP 23.104.0.1:60550 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:47:03.674 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:52250 10 6452 1 2025-11-28 20:43:09.698 00:05:55.394 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-28 20:43:09.694 00:05:55.400 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-28 20:48:03.890 00:00:10.179 TCP 1.101.0.1:3000 -> 22.102.0.1:43852 10 6452 1 2025-11-28 20:48:06.681 00:00:10.369 TCP 23.104.0.1:34934 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:49:04.110 00:00:10.171 TCP 1.101.0.1:3000 -> 22.102.0.1:33830 10 6452 1 2025-11-28 20:49:19.608 00:00:00.021 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-28 20:49:19.714 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-28 20:49:07.108 00:00:10.367 TCP 23.104.0.1:44926 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:50:04.316 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:35582 10 6452 1 2025-11-28 20:50:07.512 00:00:10.325 TCP 23.104.0.1:39820 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:51:04.532 00:00:10.183 TCP 1.101.0.1:3000 -> 22.102.0.1:59772 10 6452 1 2025-11-28 20:51:07.875 00:00:10.366 TCP 23.104.0.1:46398 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:52:04.758 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:50242 10 6452 1 2025-11-28 20:52:08.283 00:00:10.361 TCP 23.104.0.1:56770 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:53:04.965 00:00:10.187 TCP 1.101.0.1:3000 -> 22.102.0.1:32888 10 6452 1 2025-11-28 20:53:08.681 00:00:10.327 TCP 23.104.0.1:37902 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:49:09.698 00:05:55.395 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-11-28 20:49:09.696 00:05:55.400 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-11-28 20:54:05.195 00:00:10.129 TCP 1.101.0.1:3000 -> 22.102.0.1:41690 10 6452 1 2025-11-28 20:54:19.675 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-11-28 20:54:19.796 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-11-28 20:54:09.046 00:00:10.364 TCP 23.104.0.1:43110 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:55:05.364 00:00:10.132 TCP 1.101.0.1:3000 -> 22.102.0.1:44524 10 6452 1 2025-11-28 20:55:09.450 00:00:10.368 TCP 23.104.0.1:41410 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:56:05.537 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:52416 10 6452 1 2025-11-28 20:56:09.851 00:00:10.384 TCP 23.104.0.1:53098 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:57:05.751 00:00:10.170 TCP 1.101.0.1:3000 -> 22.102.0.1:33850 10 6452 1 2025-11-28 20:57:10.272 00:00:10.377 TCP 23.104.0.1:49076 -> 1.101.0.1:3000 11 1507 1 2025-11-28 20:58:05.963 00:00:10.185 TCP 1.101.0.1:3000 -> 22.102.0.1:48428 10 6452 1 2025-11-28 20:58:10.683 00:00:10.367 TCP 23.104.0.1:57164 -> 1.101.0.1:3000 11 1507 1 Summary: total flows: 164, total bytes: 498388, total packets: 1573, avg bps: 1051, avg pps: 0, avg bpp: 316 Time window: 2025-11-28 19:55:09 - 2025-11-28 20:58:21 Total flows processed: 164, passed: 164, Blocks skipped: 0, Bytes read: 17120 Sys: 0.0050s User: 0.0007s Wall: 0.0036s flows/second: 45757.1 Runtime: 0.0036s