Date first seen Duration Proto Src IP Addr:Port Dst IP Addr:Port Packets Bytes Flows 2025-12-05 10:58:44.292 00:00:10.129 TCP 1.101.0.1:3000 -> 22.102.0.1:37652 10 6452 1 2025-12-05 10:55:07.976 00:05:04.909 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-12-05 10:55:07.972 00:05:04.915 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-12-05 10:59:33.214 00:00:10.362 TCP 23.104.0.1:52180 -> 1.101.0.1:3000 11 1507 1 2025-12-05 10:59:44.457 00:00:10.170 TCP 1.101.0.1:3000 -> 22.102.0.1:51990 10 6452 1 2025-12-05 11:00:33.615 00:00:10.321 TCP 23.104.0.1:33478 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:00:44.671 00:00:12.769 TCP 1.101.0.1:3000 -> 22.102.0.1:34452 10 6452 1 2025-12-05 11:01:33.978 00:00:10.365 TCP 23.104.0.1:45672 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:01:47.475 00:00:10.170 TCP 1.101.0.1:3000 -> 22.102.0.1:55814 10 6452 1 2025-12-05 11:02:30.088 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-12-05 11:02:30.060 00:00:00.045 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-12-05 11:02:34.384 00:00:10.327 TCP 23.104.0.1:41168 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:02:47.687 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:54472 10 6452 1 2025-12-05 11:03:34.748 00:00:10.441 TCP 23.104.0.1:42228 -> 1.101.0.1:3000 15 1926 1 2025-12-05 11:03:47.900 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:54212 12 10375 1 2025-12-05 11:04:35.229 00:00:10.363 TCP 23.104.0.1:43344 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:04:48.114 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:35952 10 6452 1 2025-12-05 11:01:07.976 00:05:04.912 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-12-05 11:01:07.978 00:05:04.907 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-12-05 11:05:35.631 00:00:10.366 TCP 23.104.0.1:49280 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:05:48.325 00:00:10.182 TCP 1.101.0.1:3000 -> 22.102.0.1:53064 10 6452 1 2025-12-05 11:06:36.035 00:00:10.363 TCP 23.104.0.1:39628 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:06:48.545 00:00:10.169 TCP 1.101.0.1:3000 -> 22.102.0.1:59494 10 6452 1 2025-12-05 11:07:30.189 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-12-05 11:07:30.304 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-12-05 11:07:36.438 00:00:10.360 TCP 23.104.0.1:47232 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:07:48.751 00:00:10.171 TCP 1.101.0.1:3000 -> 22.102.0.1:43642 10 6452 1 2025-12-05 11:08:36.836 00:00:11.168 TCP 23.104.0.1:55618 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:08:48.963 00:00:10.192 TCP 1.101.0.1:3000 -> 22.102.0.1:46756 12 6556 1 2025-12-05 11:09:38.045 00:00:10.364 TCP 23.104.0.1:53068 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:09:49.193 00:00:10.181 TCP 1.101.0.1:3000 -> 22.102.0.1:34962 10 6452 1 2025-12-05 11:10:38.452 00:00:10.361 TCP 23.104.0.1:41802 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:10:49.416 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:57038 10 6452 1 2025-12-05 11:07:07.977 00:05:04.914 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-12-05 11:07:07.979 00:05:04.908 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-12-05 11:11:38.852 00:00:10.391 TCP 23.104.0.1:58752 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:11:49.626 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:36794 10 6452 1 2025-12-05 11:12:30.356 00:00:00.021 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-12-05 11:12:30.101 00:00:00.052 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-12-05 11:12:39.289 00:00:10.349 TCP 23.104.0.1:59206 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:12:49.838 00:00:10.185 TCP 1.101.0.1:3000 -> 22.102.0.1:54716 10 6452 1 2025-12-05 11:13:39.687 00:00:10.333 TCP 23.104.0.1:41120 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:13:50.077 00:00:10.182 TCP 1.101.0.1:3000 -> 22.102.0.1:60478 10 6452 1 2025-12-05 11:14:40.061 00:00:10.323 TCP 23.104.0.1:59406 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:14:50.297 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:35138 10 6452 1 2025-12-05 11:15:40.429 00:00:10.372 TCP 23.104.0.1:46920 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:15:50.510 00:00:10.180 TCP 1.101.0.1:3000 -> 22.102.0.1:35608 10 6452 1 2025-12-05 11:16:40.837 00:00:10.399 TCP 23.104.0.1:36804 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:16:50.725 00:00:10.178 TCP 1.101.0.1:3000 -> 22.102.0.1:41872 10 6452 1 2025-12-05 11:13:07.987 00:05:04.904 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-12-05 11:13:07.990 00:05:04.899 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-12-05 11:17:30.310 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-12-05 11:17:30.448 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-12-05 11:17:41.275 00:00:10.371 TCP 23.104.0.1:39758 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:17:50.939 00:00:10.194 TCP 1.101.0.1:3000 -> 22.102.0.1:42052 10 6452 1 2025-12-05 11:18:41.683 00:00:10.322 TCP 23.104.0.1:33536 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:18:51.167 00:00:10.138 TCP 1.101.0.1:3000 -> 22.102.0.1:45550 10 6452 1 2025-12-05 11:19:42.048 00:00:10.360 TCP 23.104.0.1:35856 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:19:51.339 00:00:10.177 TCP 1.101.0.1:3000 -> 22.102.0.1:60278 10 6452 1 2025-12-05 11:20:42.448 00:00:10.371 TCP 23.104.0.1:54136 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:20:51.555 00:00:10.181 TCP 1.101.0.1:3000 -> 22.102.0.1:60494 10 6452 1 2025-12-05 11:21:42.855 00:00:10.374 TCP 23.104.0.1:46748 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:21:51.779 00:00:10.146 TCP 1.101.0.1:3000 -> 22.102.0.1:59378 10 6452 1 2025-12-05 11:22:30.561 00:00:00.024 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-12-05 11:22:30.413 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-12-05 11:22:43.268 00:00:10.363 TCP 23.104.0.1:51786 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:22:51.968 00:00:10.181 TCP 1.101.0.1:3000 -> 22.102.0.1:60800 10 6452 1 2025-12-05 11:19:07.983 00:05:04.911 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-12-05 11:19:07.986 00:05:04.906 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-12-05 11:23:43.672 00:00:10.366 TCP 23.104.0.1:33426 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:23:52.189 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:46666 10 6452 1 2025-12-05 11:24:44.098 00:00:10.368 TCP 23.104.0.1:51634 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:24:52.399 00:00:10.170 TCP 1.101.0.1:3000 -> 22.102.0.1:39832 10 6452 1 2025-12-05 11:25:44.501 00:00:10.377 TCP 23.104.0.1:60652 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:25:52.608 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:60016 10 6452 1 2025-12-05 11:26:44.913 00:00:10.361 TCP 23.104.0.1:45636 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:26:52.822 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:46806 10 6452 1 2025-12-05 11:27:30.376 00:00:00.021 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-12-05 11:27:30.759 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-12-05 11:27:45.313 00:00:10.365 TCP 23.104.0.1:39932 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:27:53.041 00:00:10.650 TCP 1.101.0.1:3000 -> 22.102.0.1:60770 10 6452 1 2025-12-05 11:28:45.719 00:00:10.372 TCP 23.104.0.1:60130 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:28:53.732 00:00:10.139 TCP 1.101.0.1:3000 -> 22.102.0.1:44686 10 6452 1 2025-12-05 11:25:07.985 00:05:04.910 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-12-05 11:25:07.982 00:05:04.915 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-12-05 11:29:46.127 00:00:10.409 TCP 23.104.0.1:38890 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:29:53.911 00:00:10.356 TCP 1.101.0.1:3000 -> 22.102.0.1:51108 10 6452 1 2025-12-05 11:30:46.576 00:00:10.322 TCP 23.104.0.1:43960 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:30:54.304 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:57294 10 6452 1 2025-12-05 11:31:46.935 00:00:10.695 TCP 23.104.0.1:49566 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:31:54.517 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:59576 10 6452 1 2025-12-05 11:32:30.398 00:00:00.021 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-12-05 11:32:30.556 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-12-05 11:32:54.722 00:00:10.541 TCP 1.101.0.1:3000 -> 22.102.0.1:33912 10 6452 1 2025-12-05 11:32:47.668 00:00:17.680 TCP 23.104.0.1:49174 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:33:55.391 00:00:10.360 TCP 23.104.0.1:33192 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:33:55.311 00:00:10.178 TCP 1.101.0.1:3000 -> 22.102.0.1:46240 10 6452 1 2025-12-05 11:34:55.792 00:00:10.361 TCP 23.104.0.1:34028 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:34:55.529 00:00:10.178 TCP 1.101.0.1:3000 -> 22.102.0.1:57360 10 6452 1 2025-12-05 11:31:07.984 00:05:04.915 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-12-05 11:31:07.986 00:05:04.911 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-12-05 11:35:56.200 00:00:10.361 TCP 23.104.0.1:54500 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:35:55.748 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:40586 10 6452 1 2025-12-05 11:36:55.965 00:00:10.195 TCP 1.101.0.1:3000 -> 22.102.0.1:52182 10 6452 1 2025-12-05 11:36:56.602 00:00:10.360 TCP 23.104.0.1:57360 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:37:30.657 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-12-05 11:37:30.614 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-12-05 11:37:56.200 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:37288 10 6452 1 2025-12-05 11:37:57.007 00:00:10.361 TCP 23.104.0.1:57582 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:38:56.418 00:00:10.178 TCP 1.101.0.1:3000 -> 22.102.0.1:52004 10 6452 1 2025-12-05 11:38:57.403 00:00:10.364 TCP 23.104.0.1:35778 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:39:56.633 00:00:10.183 TCP 1.101.0.1:3000 -> 22.102.0.1:33408 10 6452 1 2025-12-05 11:39:57.806 00:00:10.368 TCP 23.104.0.1:35708 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:40:56.854 00:00:10.132 TCP 1.101.0.1:3000 -> 22.102.0.1:50654 10 6452 1 2025-12-05 11:40:58.209 00:00:10.325 TCP 23.104.0.1:39308 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:37:07.987 00:05:04.910 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-12-05 11:37:07.985 00:05:04.915 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-12-05 11:41:57.034 00:00:10.170 TCP 1.101.0.1:3000 -> 22.102.0.1:60964 10 6452 1 2025-12-05 11:41:58.573 00:00:10.370 TCP 23.104.0.1:55758 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:42:30.672 00:00:00.023 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-12-05 11:42:30.511 00:00:00.023 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-12-05 11:42:57.242 00:00:10.129 TCP 1.101.0.1:3000 -> 22.102.0.1:57936 10 6452 1 2025-12-05 11:42:58.977 00:00:10.385 TCP 23.104.0.1:58402 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:43:57.413 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:34384 10 6452 1 2025-12-05 11:43:59.401 00:00:10.322 TCP 23.104.0.1:37138 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:44:57.626 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:49878 10 6452 1 2025-12-05 11:44:59.758 00:00:10.328 TCP 23.104.0.1:41268 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:46:00.130 00:00:10.376 TCP 23.104.0.1:42712 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:45:57.838 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:34854 10 6452 1 2025-12-05 11:47:00.547 00:00:10.367 TCP 23.104.0.1:42436 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:43:07.991 00:05:04.908 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-12-05 11:46:58.081 00:00:10.175 TCP 1.101.0.1:3000 -> 22.102.0.1:43452 10 6452 1 2025-12-05 11:43:07.988 00:05:04.913 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-12-05 11:47:31.025 00:00:00.024 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-12-05 11:47:31.047 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-12-05 11:48:00.952 00:00:10.374 TCP 23.104.0.1:52654 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:47:58.296 00:00:10.131 TCP 1.101.0.1:3000 -> 22.102.0.1:48052 10 6452 1 2025-12-05 11:48:58.467 00:00:10.173 TCP 1.101.0.1:3000 -> 22.102.0.1:48766 10 6452 1 2025-12-05 11:49:01.363 00:00:10.379 TCP 23.104.0.1:57792 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:49:58.679 00:00:10.133 TCP 1.101.0.1:3000 -> 22.102.0.1:34580 10 6452 1 2025-12-05 11:50:01.769 00:00:10.370 TCP 23.104.0.1:51222 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:50:58.850 00:00:10.189 TCP 1.101.0.1:3000 -> 22.102.0.1:48816 10 6452 1 2025-12-05 11:51:02.180 00:00:10.365 TCP 23.104.0.1:51576 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:51:59.079 00:00:10.185 TCP 1.101.0.1:3000 -> 22.102.0.1:59608 10 6452 1 2025-12-05 11:52:02.580 00:00:10.367 TCP 23.104.0.1:44118 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:52:30.966 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-12-05 11:52:30.907 00:00:00.022 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-12-05 11:52:59.297 00:00:10.176 TCP 1.101.0.1:3000 -> 22.102.0.1:56110 10 6452 1 2025-12-05 11:49:07.993 00:05:04.910 TCP 179.1.22.1:179 -> 179.1.22.22:39396 12 738 1 2025-12-05 11:53:02.984 00:00:10.365 TCP 23.104.0.1:49726 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:49:07.996 00:05:04.905 TCP 179.1.22.22:39396 -> 179.1.22.1:179 12 738 1 2025-12-05 11:53:59.514 00:00:10.142 TCP 1.101.0.1:3000 -> 22.102.0.1:38442 10 6452 1 2025-12-05 11:54:03.386 00:00:10.372 TCP 23.104.0.1:46110 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:54:59.699 00:00:10.172 TCP 1.101.0.1:3000 -> 22.102.0.1:55644 10 6452 1 2025-12-05 11:55:03.792 00:00:10.368 TCP 23.104.0.1:46062 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:55:59.910 00:00:10.179 TCP 1.101.0.1:3000 -> 22.102.0.1:57130 10 6452 1 2025-12-05 11:56:04.200 00:00:10.367 TCP 23.104.0.1:40546 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:57:00.126 00:00:10.182 TCP 1.101.0.1:3000 -> 22.102.0.1:40446 10 6452 1 2025-12-05 11:57:04.603 00:00:10.366 TCP 23.104.0.1:32820 -> 1.101.0.1:3000 11 1507 1 2025-12-05 11:57:31.250 00:00:00.022 ICMP 23.107.0.1:0 -> 1.0.198.2:0.0 3 252 1 2025-12-05 11:57:31.504 00:00:00.021 ICMP 4.0.198.2:0 -> 22.102.0.1:8.0 3 252 1 2025-12-05 11:58:00.351 00:00:10.174 TCP 1.101.0.1:3000 -> 22.102.0.1:56846 10 6452 1 2025-12-05 11:58:05.005 00:00:10.359 TCP 23.104.0.1:53702 -> 1.101.0.1:3000 11 1507 1 Summary: total flows: 163, total bytes: 501287, total packets: 1569, avg bps: 1058, avg pps: 0, avg bpp: 319 Time window: 2025-12-05 10:55:07 - 2025-12-05 11:58:15 Total flows processed: 163, passed: 163, Blocks skipped: 0, Bytes read: 17016 Sys: 0.0029s User: 0.0015s Wall: 0.0015s flows/second: 108158.8 Runtime: 0.0015s