diff --git a/doc/configuration_parameters.rst b/doc/configuration_parameters.rst
index 8ae8cf65b..3bcd21e19 100644
--- a/doc/configuration_parameters.rst
+++ b/doc/configuration_parameters.rst
@@ -199,7 +199,8 @@ List of the supported configuration options:
| $PROTO_NAME | "log" | disable | NULL | NULL | Enable/disable logging/debug for specific protocol. Use "any" as protocol name if you want to easily enable/disable logging/debug for all protocols |
+--------------+---------------------------------------------------------------+-----------------+------------+------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| $PROTO_NAME | "ip_list.load" | enable | NULL | NULL | Enable/disable loading of internal list of IP addresses (used for (sub)classification) specific to that protocol. Use "any" as protocol name if you want to |
-| | | | | | easily enable/disable all lists. This knob is valid only for the following protocols: Alibaba, Amazon AWS, Apple, Avast, Blizzard, Bloomberg, Cachefly, Canonical,|
+| | | | | | easily enable/disable all lists. This knob is valid only for the following protocols: Alibaba, Amazon AWS, Apple, Avast, AWS_API_Gateway, AWS_Kinesis, AWS_EC2, |
+| | | | | | AWS_S3, AWS_Cloudfront, AWS_DynamoDB, Blizzard, Bloomberg, Cachefly, Canonical, |
| | | | | | Cloudflare, DigitalOcean, Discord, Disney+, Dropbox, Edgecast, EpicGames, Ethereum, Facebook, Github, Google, Google Cloud, GoTo, Hotspot Shield, Hulu, Line, |
| | | | | | Microsoft 365, Microsoft Azure, Microsoft One Drive, Microsoft Outlook, Microsoft Teams, Mullvad, Netflix, NordVPN, Nvidia, OpenDNS, RiotGames, Roblox, Steam, |
| | | | | | SurfSharkVPN, Teamviewer, Telegram, Tencent, Threema, TOR, Twitch, Twitter, VK, Yandex, Yandex Cloud, Webex, Whatsapp, Zoom |
diff --git a/doc/protocols.rst b/doc/protocols.rst
index 89378122c..aff2a4f51 100644
--- a/doc/protocols.rst
+++ b/doc/protocols.rst
@@ -1463,8 +1463,8 @@ References: `ZeroMQ official site: `_
.. _Proto_178:
`NDPI_PROTOCOL_AMAZON`
-=======================
-Amazon network traffic including retail, AWS, and content delivery.
+======================
+Amazon generic network traffic including retail, AWS, and content delivery.
References: `Amazon official site: `_
@@ -2061,8 +2061,8 @@ References: `Cassandra official site: `_
.. _Proto_265:
`NDPI_PROTOCOL_AMAZON_AWS`
-===========================
-Amazon Web Services (AWS) cloud computing platform.
+==========================
+Generic traffic from Amazon Web Services (AWS) cloud computing platform.
References: `AWS official site: `_
@@ -3798,3 +3798,75 @@ Matter is an open-source, royalty-free connectivity standard for smart home devi
It is designed to improve interoperability between IoT ecosystems, enabling secure and reliable communication primarily over IPv6 using UDP.
References: `Matter official site `_
+
+
+.. _Proto_458:
+
+`NDPI_PROTOCOL_AWS_COGNITO`
+===========================
+Amazon Cognito is an identity platform for web and mobile apps. It’s a user directory, an authentication server, and an authorization service for OAuth 2.0 access tokens and AWS credentials.
+
+References: `Official site `_
+
+
+.. _Proto_459:
+
+`NDPI_PROTOCOL_AWS_API_GATEWAY`
+===============================
+Amazon API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale.
+
+References: `Official site `_
+
+
+.. _Proto_460:
+
+`NDPI_PROTOCOL_AWS_KINESIS`
+===========================
+Amazon Kinesis is a family of services provided by Amazon Web Services (AWS) for processing and analyzing real-time streaming data at a large scale.
+
+References: `Official site `_
+
+
+.. _Proto_461:
+
+`NDPI_PROTOCOL_AWS_EC2`
+=======================
+Amazon Elastic Compute Cloud (EC2) is a part of Amazon's cloud-computing platform, Amazon Web Services (AWS), that allows users to rent virtual computers on which to run their own computer applications.
+
+References: `Official site `_
+
+
+.. _Proto_462:
+
+`NDPI_PROTOCOL_AWS_EMR`
+=======================
+Amazon EMR, which was previously called Amazon Elastic MapReduce, is a managed cluster platform that simplifies running big data frameworks, such as Apache Hadoop and Apache Spark, on AWS to process and analyze vast amounts of data.
+
+References: `Official site `_
+
+
+.. _Proto_463:
+
+`NDPI_PROTOCOL_AWS_S3`
+======================
+Amazon Simple Storage Service (Amazon S3) is an object storage service that offers industry-leading scalability, data availability, security, and performance.
+
+References: `Official site `_
+
+
+.. _Proto_464:
+
+`NDPI_PROTOCOL_AWS_CLOUDFRONT`
+==============================
+Amazon CloudFront is a web service that speeds up distribution of your static and dynamic web content, such as .html, .css, .js, and image files, to your users. CloudFront delivers your content through a worldwide network of data centers called edge locations.
+
+References: `Official site `_
+
+
+.. _Proto_465:
+
+`NDPI_PROTOCOL_AWS_DYNAMODB`
+============================
+Amazon DynamoDB is a fully managed NoSQL database service from Amazon Web Services that offers high-performance, serverless, and infinitely scalable storage for both key-value and document data.
+
+References: `Official site `_
diff --git a/src/include/ndpi_protocol_ids.h b/src/include/ndpi_protocol_ids.h
index 86a082bbb..f4a17f388 100644
--- a/src/include/ndpi_protocol_ids.h
+++ b/src/include/ndpi_protocol_ids.h
@@ -487,6 +487,14 @@ typedef enum {
NDPI_PROTOCOL_TRISTATION = 455,
NDPI_PROTOCOL_SAMSUNG_SDP = 456,
NDPI_PROTOCOL_MATTER = 457,
+ NDPI_PROTOCOL_AWS_COGNITO = 458,
+ NDPI_PROTOCOL_AWS_API_GATEWAY = 459,
+ NDPI_PROTOCOL_AWS_KINESIS = 460,
+ NDPI_PROTOCOL_AWS_EC2 = 461,
+ NDPI_PROTOCOL_AWS_EMR = 462,
+ NDPI_PROTOCOL_AWS_S3 = 463,
+ NDPI_PROTOCOL_AWS_CLOUDFRONT = 464,
+ NDPI_PROTOCOL_AWS_DYNAMODB = 465,
#ifdef CUSTOM_NDPI_PROTOCOLS
diff --git a/src/lib/inc_generated/ndpi_amazon_aws_api_gateway_match.c.inc b/src/lib/inc_generated/ndpi_amazon_aws_api_gateway_match.c.inc
new file mode 100644
index 000000000..6bfed62f7
--- /dev/null
+++ b/src/lib/inc_generated/ndpi_amazon_aws_api_gateway_match.c.inc
@@ -0,0 +1,235 @@
+/*
+ *
+ * This file is generated automatically and part of nDPI
+ *
+ * nDPI is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * nDPI is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with nDPI. If not, see .
+ *
+ */
+
+/* ****************************************************** */
+
+
+static ndpi_network ndpi_protocol_aws_api_gateway_protocol_list[] = {
+ { 0x03070A00 /* 3.7.10.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x03095E00 /* 3.9.94.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x030A1100 /* 3.10.17.0/25 */, 25, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x030CD800 /* 3.12.216.0/22 */, 22, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x030F2300 /* 3.15.35.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x030F2400 /* 3.15.36.0/26 */, 26, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x03155600 /* 3.21.86.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x03192580 /* 3.25.37.128/25 */, 25, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x03192600 /* 3.25.38.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x03192800 /* 3.25.40.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x031A8A00 /* 3.26.138.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x031AF600 /* 3.26.246.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x031AF800 /* 3.26.248.0/22 */, 22, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x031C4000 /* 3.28.64.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x031D5900 /* 3.29.89.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x031ECC00 /* 3.30.204.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0326E500 /* 3.38.229.0/25 */, 25, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0326F800 /* 3.38.248.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x03275280 /* 3.39.82.128/25 */, 25, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x03277100 /* 3.39.113.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x03277200 /* 3.39.114.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x03277400 /* 3.39.116.0/26 */, 26, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0342AC00 /* 3.66.172.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0346C340 /* 3.70.195.64/26 */, 26, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0346C380 /* 3.70.195.128/25 */, 25, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0346D300 /* 3.70.211.0/25 */, 25, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x03476800 /* 3.71.104.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x03477800 /* 3.71.120.0/22 */, 22, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x03482180 /* 3.72.33.128/25 */, 25, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0348A800 /* 3.72.168.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x03613180 /* 3.97.49.128/25 */, 25, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x03625600 /* 3.98.86.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0363C200 /* 3.99.194.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0363C400 /* 3.99.196.0/22 */, 22, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x03656480 /* 3.101.100.128/25 */, 25, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x03659D80 /* 3.101.157.128/25 */, 25, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0365B000 /* 3.101.176.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0365C800 /* 3.101.200.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0365C980 /* 3.101.201.128/25 */, 25, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0365CA00 /* 3.101.202.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0365D000 /* 3.101.208.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0365D100 /* 3.101.209.0/26 */, 26, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x03662600 /* 3.102.38.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0369AC00 /* 3.105.172.0/22 */, 22, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x036D4800 /* 3.109.72.0/25 */, 25, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x036F5A00 /* 3.111.90.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x036F6E00 /* 3.111.110.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x036FFB00 /* 3.111.251.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x037060A0 /* 3.112.96.160/27 */, 27, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0370A200 /* 3.112.162.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x037B0E00 /* 3.123.14.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x037B0F00 /* 3.123.15.0/25 */, 25, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x037F4A00 /* 3.127.74.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x03908DC0 /* 3.144.141.192/26 */, 26, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x03911F00 /* 3.145.31.0/26 */, 26, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0391DC00 /* 3.145.220.0/22 */, 22, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0391E600 /* 3.145.230.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x03922C00 /* 3.146.44.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x03D88700 /* 3.216.135.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x03D88800 /* 3.216.136.0/21 */, 21, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x03D89000 /* 3.216.144.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x03D89400 /* 3.216.148.0/22 */, 22, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x03EB1A00 /* 3.235.26.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x03EB2000 /* 3.235.32.0/21 */, 21, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x03EEA600 /* 3.238.166.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x03EED400 /* 3.238.212.0/22 */, 22, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x03F8F500 /* 3.248.245.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x03F8F600 /* 3.248.246.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x03FB3800 /* 3.251.56.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x03FB3E80 /* 3.251.62.128/25 */, 25, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x03FB5E00 /* 3.251.94.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x03FD8600 /* 3.253.134.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x03FD9400 /* 3.253.148.0/22 */, 22, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x03FDAE00 /* 3.253.174.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x03FDB800 /* 3.253.184.0/22 */, 22, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x03FDBC00 /* 3.253.188.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x03FF1000 /* 3.255.16.0/22 */, 22, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0D249B00 /* 13.36.155.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0D268400 /* 13.38.132.0/22 */, 22, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0D268C00 /* 13.38.140.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0D28CA00 /* 13.40.202.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0D28CC00 /* 13.40.204.0/22 */, 22, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0D304A00 /* 13.48.74.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0D312A00 /* 13.49.42.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0D337800 /* 13.51.120.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0D34C900 /* 13.52.201.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0D34CA00 /* 13.52.202.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0DC88C00 /* 13.200.140.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0DD0B400 /* 13.208.180.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0DD0C200 /* 13.208.194.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0DD6E000 /* 13.214.224.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0DD6E400 /* 13.214.228.0/22 */, 22, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0DD75C00 /* 13.215.92.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0DD75D00 /* 13.215.93.0/25 */, 25, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0DD75D80 /* 13.215.93.128/26 */, 26, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0DEB0600 /* 13.235.6.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0DEBE400 /* 13.235.228.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0DF48400 /* 13.244.132.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0DF64600 /* 13.246.70.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0F980A00 /* 15.152.10.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0F98AE00 /* 15.152.174.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0F98B000 /* 15.152.176.0/22 */, 22, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0FA18C00 /* 15.161.140.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0FA49C00 /* 15.164.156.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0FA5E000 /* 15.165.224.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0FB99000 /* 15.185.144.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0FC88D00 /* 15.200.141.0/25 */, 25, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0FCD5200 /* 15.205.82.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0FCD5400 /* 15.205.84.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0FDF3400 /* 15.223.52.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0FE44840 /* 15.228.72.64/26 */, 26, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0FE46100 /* 15.228.97.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0FE48100 /* 15.228.129.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0FE49000 /* 15.228.144.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0FE49700 /* 15.228.151.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0FE52400 /* 15.229.36.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0FE52800 /* 15.229.40.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x0FEC5000 /* 15.236.80.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x10100200 /* 16.16.2.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x10324200 /* 16.50.66.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x1032B800 /* 16.50.184.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x103E3300 /* 16.62.51.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x103EF880 /* 16.62.248.128/25 */, 25, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x103F1400 /* 16.63.20.0/25 */, 25, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x10A23400 /* 16.162.52.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x10A3C400 /* 16.163.196.0/22 */, 22, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x10A3CE00 /* 16.163.206.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x10AB3000 /* 16.171.48.0/22 */, 22, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x123C4100 /* 18.60.65.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x123D1A00 /* 18.61.26.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x123DBD00 /* 18.61.189.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x12644200 /* 18.100.66.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x12660200 /* 18.102.2.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x128A8680 /* 18.138.134.128/25 */, 25, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x128AF400 /* 18.138.244.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x128D9480 /* 18.141.148.128/25 */, 25, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x128D9600 /* 18.141.150.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x12904C80 /* 18.144.76.128/25 */, 25, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x1290B800 /* 18.144.184.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x1299A800 /* 18.153.168.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x12A2BD00 /* 18.162.189.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x12A3CC00 /* 18.163.204.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x12A88500 /* 18.168.133.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x12B45800 /* 18.180.88.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x12E56300 /* 18.229.99.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x12E56400 /* 18.229.100.0/26 */, 26, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x12E63600 /* 18.230.54.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x12F6B000 /* 18.246.176.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x12F6B200 /* 18.246.178.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x12F6B500 /* 18.246.181.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x12F6B600 /* 18.246.182.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x12F6B800 /* 18.246.184.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x12FC3800 /* 18.252.56.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x12FDBA00 /* 18.253.186.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x12FE4400 /* 18.254.68.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x22DF4400 /* 34.223.68.0/22 */, 22, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x22DF4800 /* 34.223.72.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x22DF4A00 /* 34.223.74.0/25 */, 25, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x23497380 /* 35.73.115.128/25 */, 25, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x234B8200 /* 35.75.130.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x234B8300 /* 35.75.131.0/26 */, 26, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x234D7000 /* 35.77.112.0/22 */, 22, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x234D7C00 /* 35.77.124.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x235A8400 /* 35.90.132.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x235C1A00 /* 35.92.26.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x235D7C00 /* 35.93.124.0/22 */, 22, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x235E4800 /* 35.94.72.0/22 */, 22, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x23B32A00 /* 35.179.42.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x23B58000 /* 35.181.128.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x28B04100 /* 40.176.65.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x2BD01C00 /* 43.208.28.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x2BD41000 /* 43.212.16.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x2BD82700 /* 43.216.39.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x2CCE0400 /* 44.206.4.0/22 */, 22, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x2CD24000 /* 44.210.64.0/22 */, 22, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x2CD4B000 /* 44.212.176.0/21 */, 21, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x2CDA6000 /* 44.218.96.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x2CDC1C00 /* 44.220.28.0/22 */, 22, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x2CE93600 /* 44.233.54.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x2CEA1C00 /* 44.234.28.0/22 */, 22, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x33109500 /* 51.16.149.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x33109600 /* 51.16.150.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x33701400 /* 51.112.20.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x34518780 /* 52.81.135.128/25 */, 25, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x34518900 /* 52.81.137.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x3451D800 /* 52.81.216.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x34527F00 /* 52.82.127.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x45E6DB00 /* 69.230.219.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x45EBAA00 /* 69.235.170.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x4E0C1000 /* 78.12.16.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x634F7E00 /* 99.79.126.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x6C80A000 /* 108.128.160.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x6C80A200 /* 108.128.162.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x6C88AA00 /* 108.136.170.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x6C891900 /* 108.137.25.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x6C891A00 /* 108.137.26.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x8CB39080 /* 140.179.144.128/25 */, 25, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x8CB3B000 /* 140.179.176.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x9DAF8C00 /* 157.175.140.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x9DAFFF00 /* 157.175.255.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x9DF10200 /* 157.241.2.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0x9DF11900 /* 157.241.25.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0xA0018000 /* 160.1.128.0/24 */, 24, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ { 0xA1BD9400 /* 161.189.148.0/23 */, 23, NDPI_PROTOCOL_AWS_API_GATEWAY },
+ /* End */
+ { 0x0, 0, 0 }
+};
+
+static ndpi_network6 ndpi_protocol_aws_api_gateway_protocol_list_6[] = {
+ /* End */
+ { NULL, 0, 0 }
+};
diff --git a/src/lib/inc_generated/ndpi_amazon_aws_api_gatewy_match.c.inc b/src/lib/inc_generated/ndpi_amazon_aws_api_gatewy_match.c.inc
new file mode 100644
index 000000000..1d6be3f5b
--- /dev/null
+++ b/src/lib/inc_generated/ndpi_amazon_aws_api_gatewy_match.c.inc
@@ -0,0 +1,235 @@
+/*
+ *
+ * This file is generated automatically and part of nDPI
+ *
+ * nDPI is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * nDPI is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with nDPI. If not, see .
+ *
+ */
+
+/* ****************************************************** */
+
+
+static ndpi_network ndpi_protocol_amazon_aws_api_gateway_protocol_list[] = {
+ { 0x03070A00 /* 3.7.10.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x03095E00 /* 3.9.94.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x030A1100 /* 3.10.17.0/25 */, 25, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x030CD800 /* 3.12.216.0/22 */, 22, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x030F2300 /* 3.15.35.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x030F2400 /* 3.15.36.0/26 */, 26, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x03155600 /* 3.21.86.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x03192580 /* 3.25.37.128/25 */, 25, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x03192600 /* 3.25.38.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x03192800 /* 3.25.40.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x031A8A00 /* 3.26.138.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x031AF600 /* 3.26.246.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x031AF800 /* 3.26.248.0/22 */, 22, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x031C4000 /* 3.28.64.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x031D5900 /* 3.29.89.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x031ECC00 /* 3.30.204.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0326E500 /* 3.38.229.0/25 */, 25, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0326F800 /* 3.38.248.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x03275280 /* 3.39.82.128/25 */, 25, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x03277100 /* 3.39.113.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x03277200 /* 3.39.114.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x03277400 /* 3.39.116.0/26 */, 26, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0342AC00 /* 3.66.172.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0346C340 /* 3.70.195.64/26 */, 26, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0346C380 /* 3.70.195.128/25 */, 25, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0346D300 /* 3.70.211.0/25 */, 25, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x03476800 /* 3.71.104.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x03477800 /* 3.71.120.0/22 */, 22, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x03482180 /* 3.72.33.128/25 */, 25, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0348A800 /* 3.72.168.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x03613180 /* 3.97.49.128/25 */, 25, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x03625600 /* 3.98.86.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0363C200 /* 3.99.194.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0363C400 /* 3.99.196.0/22 */, 22, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x03656480 /* 3.101.100.128/25 */, 25, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x03659D80 /* 3.101.157.128/25 */, 25, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0365B000 /* 3.101.176.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0365C800 /* 3.101.200.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0365C980 /* 3.101.201.128/25 */, 25, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0365CA00 /* 3.101.202.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0365D000 /* 3.101.208.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0365D100 /* 3.101.209.0/26 */, 26, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x03662600 /* 3.102.38.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0369AC00 /* 3.105.172.0/22 */, 22, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x036D4800 /* 3.109.72.0/25 */, 25, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x036F5A00 /* 3.111.90.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x036F6E00 /* 3.111.110.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x036FFB00 /* 3.111.251.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x037060A0 /* 3.112.96.160/27 */, 27, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0370A200 /* 3.112.162.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x037B0E00 /* 3.123.14.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x037B0F00 /* 3.123.15.0/25 */, 25, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x037F4A00 /* 3.127.74.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x03908DC0 /* 3.144.141.192/26 */, 26, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x03911F00 /* 3.145.31.0/26 */, 26, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0391DC00 /* 3.145.220.0/22 */, 22, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0391E600 /* 3.145.230.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x03922C00 /* 3.146.44.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x03D88700 /* 3.216.135.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x03D88800 /* 3.216.136.0/21 */, 21, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x03D89000 /* 3.216.144.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x03D89400 /* 3.216.148.0/22 */, 22, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x03EB1A00 /* 3.235.26.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x03EB2000 /* 3.235.32.0/21 */, 21, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x03EEA600 /* 3.238.166.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x03EED400 /* 3.238.212.0/22 */, 22, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x03F8F500 /* 3.248.245.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x03F8F600 /* 3.248.246.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x03FB3800 /* 3.251.56.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x03FB3E80 /* 3.251.62.128/25 */, 25, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x03FB5E00 /* 3.251.94.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x03FD8600 /* 3.253.134.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x03FD9400 /* 3.253.148.0/22 */, 22, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x03FDAE00 /* 3.253.174.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x03FDB800 /* 3.253.184.0/22 */, 22, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x03FDBC00 /* 3.253.188.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x03FF1000 /* 3.255.16.0/22 */, 22, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0D249B00 /* 13.36.155.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0D268400 /* 13.38.132.0/22 */, 22, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0D268C00 /* 13.38.140.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0D28CA00 /* 13.40.202.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0D28CC00 /* 13.40.204.0/22 */, 22, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0D304A00 /* 13.48.74.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0D312A00 /* 13.49.42.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0D337800 /* 13.51.120.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0D34C900 /* 13.52.201.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0D34CA00 /* 13.52.202.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0DC88C00 /* 13.200.140.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0DD0B400 /* 13.208.180.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0DD0C200 /* 13.208.194.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0DD6E000 /* 13.214.224.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0DD6E400 /* 13.214.228.0/22 */, 22, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0DD75C00 /* 13.215.92.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0DD75D00 /* 13.215.93.0/25 */, 25, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0DD75D80 /* 13.215.93.128/26 */, 26, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0DEB0600 /* 13.235.6.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0DEBE400 /* 13.235.228.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0DF48400 /* 13.244.132.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0DF64600 /* 13.246.70.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0F980A00 /* 15.152.10.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0F98AE00 /* 15.152.174.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0F98B000 /* 15.152.176.0/22 */, 22, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0FA18C00 /* 15.161.140.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0FA49C00 /* 15.164.156.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0FA5E000 /* 15.165.224.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0FB99000 /* 15.185.144.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0FC88D00 /* 15.200.141.0/25 */, 25, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0FCD5200 /* 15.205.82.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0FCD5400 /* 15.205.84.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0FDF3400 /* 15.223.52.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0FE44840 /* 15.228.72.64/26 */, 26, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0FE46100 /* 15.228.97.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0FE48100 /* 15.228.129.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0FE49000 /* 15.228.144.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0FE49700 /* 15.228.151.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0FE52400 /* 15.229.36.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0FE52800 /* 15.229.40.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x0FEC5000 /* 15.236.80.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x10100200 /* 16.16.2.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x10324200 /* 16.50.66.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x1032B800 /* 16.50.184.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x103E3300 /* 16.62.51.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x103EF880 /* 16.62.248.128/25 */, 25, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x103F1400 /* 16.63.20.0/25 */, 25, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x10A23400 /* 16.162.52.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x10A3C400 /* 16.163.196.0/22 */, 22, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x10A3CE00 /* 16.163.206.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x10AB3000 /* 16.171.48.0/22 */, 22, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x123C4100 /* 18.60.65.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x123D1A00 /* 18.61.26.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x123DBD00 /* 18.61.189.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x12644200 /* 18.100.66.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x12660200 /* 18.102.2.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x128A8680 /* 18.138.134.128/25 */, 25, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x128AF400 /* 18.138.244.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x128D9480 /* 18.141.148.128/25 */, 25, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x128D9600 /* 18.141.150.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x12904C80 /* 18.144.76.128/25 */, 25, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x1290B800 /* 18.144.184.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x1299A800 /* 18.153.168.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x12A2BD00 /* 18.162.189.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x12A3CC00 /* 18.163.204.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x12A88500 /* 18.168.133.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x12B45800 /* 18.180.88.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x12E56300 /* 18.229.99.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x12E56400 /* 18.229.100.0/26 */, 26, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x12E63600 /* 18.230.54.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x12F6B000 /* 18.246.176.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x12F6B200 /* 18.246.178.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x12F6B500 /* 18.246.181.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x12F6B600 /* 18.246.182.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x12F6B800 /* 18.246.184.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x12FC3800 /* 18.252.56.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x12FDBA00 /* 18.253.186.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x12FE4400 /* 18.254.68.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x22DF4400 /* 34.223.68.0/22 */, 22, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x22DF4800 /* 34.223.72.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x22DF4A00 /* 34.223.74.0/25 */, 25, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x23497380 /* 35.73.115.128/25 */, 25, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x234B8200 /* 35.75.130.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x234B8300 /* 35.75.131.0/26 */, 26, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x234D7000 /* 35.77.112.0/22 */, 22, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x234D7C00 /* 35.77.124.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x235A8400 /* 35.90.132.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x235C1A00 /* 35.92.26.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x235D7C00 /* 35.93.124.0/22 */, 22, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x235E4800 /* 35.94.72.0/22 */, 22, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x23B32A00 /* 35.179.42.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x23B58000 /* 35.181.128.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x28B04100 /* 40.176.65.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x2BD01C00 /* 43.208.28.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x2BD41000 /* 43.212.16.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x2BD82700 /* 43.216.39.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x2CCE0400 /* 44.206.4.0/22 */, 22, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x2CD24000 /* 44.210.64.0/22 */, 22, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x2CD4B000 /* 44.212.176.0/21 */, 21, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x2CDA6000 /* 44.218.96.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x2CDC1C00 /* 44.220.28.0/22 */, 22, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x2CE93600 /* 44.233.54.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x2CEA1C00 /* 44.234.28.0/22 */, 22, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x33109500 /* 51.16.149.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x33109600 /* 51.16.150.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x33701400 /* 51.112.20.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x34518780 /* 52.81.135.128/25 */, 25, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x34518900 /* 52.81.137.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x3451D800 /* 52.81.216.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x34527F00 /* 52.82.127.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x45E6DB00 /* 69.230.219.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x45EBAA00 /* 69.235.170.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x4E0C1000 /* 78.12.16.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x634F7E00 /* 99.79.126.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x6C80A000 /* 108.128.160.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x6C80A200 /* 108.128.162.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x6C88AA00 /* 108.136.170.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x6C891900 /* 108.137.25.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x6C891A00 /* 108.137.26.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x8CB39080 /* 140.179.144.128/25 */, 25, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x8CB3B000 /* 140.179.176.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x9DAF8C00 /* 157.175.140.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x9DAFFF00 /* 157.175.255.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x9DF10200 /* 157.241.2.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0x9DF11900 /* 157.241.25.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0xA0018000 /* 160.1.128.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ { 0xA1BD9400 /* 161.189.148.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS_API_GATEWAY },
+ /* End */
+ { 0x0, 0, 0 }
+};
+
+static ndpi_network6 ndpi_protocol_amazon_aws_api_gateway_protocol_list_6[] = {
+ /* End */
+ { NULL, 0, 0 }
+};
diff --git a/src/lib/inc_generated/ndpi_amazon_aws_cloudfront_match.c.inc b/src/lib/inc_generated/ndpi_amazon_aws_cloudfront_match.c.inc
new file mode 100644
index 000000000..2cf2f1036
--- /dev/null
+++ b/src/lib/inc_generated/ndpi_amazon_aws_cloudfront_match.c.inc
@@ -0,0 +1,228 @@
+/*
+ *
+ * This file is generated automatically and part of nDPI
+ *
+ * nDPI is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * nDPI is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with nDPI. If not, see .
+ *
+ */
+
+/* ****************************************************** */
+
+
+static ndpi_network ndpi_protocol_aws_cloudfront_protocol_list[] = {
+ { 0x030A1180 /* 3.10.17.128/25 */, 25, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x030B3500 /* 3.11.53.0/24 */, 24, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x031D2840 /* 3.29.40.64/26 */, 26, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x031D2880 /* 3.29.40.128/25 */, 25, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x031D3900 /* 3.29.57.0/26 */, 26, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x03238280 /* 3.35.130.128/25 */, 25, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x03659E00 /* 3.101.158.0/23 */, 23, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x036B2B80 /* 3.107.43.128/25 */, 25, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x036B2C00 /* 3.107.44.0/24 */, 24, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x03805D00 /* 3.128.93.0/24 */, 24, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x0386D700 /* 3.134.215.0/24 */, 24, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x0392E800 /* 3.146.232.0/22 */, 22, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x0393A400 /* 3.147.164.0/22 */, 22, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x0393F400 /* 3.147.244.0/22 */, 22, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x03A00000 /* 3.160.0.0/13 */, 13, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x03A80000 /* 3.168.0.0/14 */, 14, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x03AC0000 /* 3.172.0.0/17 */, 17, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x03AD0000 /* 3.173.0.0/16 */, 16, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x03AE0000 /* 3.174.0.0/15 */, 15, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x03E70200 /* 3.231.2.0/25 */, 25, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x03EAE8E0 /* 3.234.232.224/27 */, 27, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x03EC3000 /* 3.236.48.0/23 */, 23, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x03ECA9C0 /* 3.236.169.192/26 */, 26, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x0D200000 /* 13.32.0.0/15 */, 15, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x0D230000 /* 13.35.0.0/16 */, 16, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x0D363F80 /* 13.54.63.128/26 */, 26, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x0D3BFA00 /* 13.59.250.0/26 */, 26, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x0D71C440 /* 13.113.196.64/26 */, 26, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x0D71CB00 /* 13.113.203.0/24 */, 24, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x0D7CC700 /* 13.124.199.0/24 */, 24, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x0D861800 /* 13.134.24.0/23 */, 23, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x0D865E00 /* 13.134.94.0/23 */, 23, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x0DCB8500 /* 13.203.133.0/26 */, 26, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x0DD24380 /* 13.210.67.128/26 */, 26, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x0DE00000 /* 13.224.0.0/14 */, 14, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x0DE44500 /* 13.228.69.0/24 */, 24, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x0DE9B1C0 /* 13.233.177.192/26 */, 26, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x0DF90000 /* 13.249.0.0/16 */, 16, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x0F9E0000 /* 15.158.0.0/16 */, 16, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x0FBCB800 /* 15.188.184.0/24 */, 24, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x0FCF0D80 /* 15.207.13.128/25 */, 25, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x0FCFD580 /* 15.207.213.128/25 */, 25, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x12400000 /* 18.64.0.0/14 */, 14, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x12440000 /* 18.68.0.0/16 */, 16, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x129A0000 /* 18.154.0.0/15 */, 15, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x12A00000 /* 18.160.0.0/15 */, 15, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x12A40000 /* 18.164.0.0/15 */, 15, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x12AC0000 /* 18.172.0.0/15 */, 15, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x12AF4100 /* 18.175.65.0/24 */, 24, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x12AF4200 /* 18.175.66.0/23 */, 23, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x12C08E00 /* 18.192.142.0/23 */, 23, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x12C74400 /* 18.199.68.0/22 */, 22, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x12C74800 /* 18.199.72.0/21 */, 21, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x12C8D400 /* 18.200.212.0/23 */, 23, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x12D8AA80 /* 18.216.170.128/25 */, 25, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x12E5DCC0 /* 18.229.220.192/26 */, 26, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x12E6E500 /* 18.230.229.0/24 */, 24, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x12E6E600 /* 18.230.230.0/25 */, 25, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x12EE0000 /* 18.238.0.0/15 */, 15, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x12F40000 /* 18.244.0.0/15 */, 15, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x175B0000 /* 23.91.0.0/19 */, 19, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x186E2000 /* 24.110.32.0/19 */, 19, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x22C3FC00 /* 34.195.252.0/24 */, 24, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x22D83300 /* 34.216.51.0/25 */, 25, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x22DF0CE0 /* 34.223.12.224/27 */, 27, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x22DF50C0 /* 34.223.80.192/26 */, 26, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x22E20E00 /* 34.226.14.0/24 */, 24, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x235DA800 /* 35.93.168.0/22 */, 22, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x235DAC00 /* 35.93.172.0/23 */, 23, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x239E8800 /* 35.158.136.0/24 */, 24, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x23A23FC0 /* 35.162.63.192/26 */, 26, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x23A7BF80 /* 35.167.191.128/26 */, 26, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x2467E800 /* 36.103.232.0/25 */, 25, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x2467E880 /* 36.103.232.128/26 */, 26, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x2BDA3840 /* 43.218.56.64/26 */, 26, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x2BDA3880 /* 43.218.56.128/25 */, 25, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x2BDA4700 /* 43.218.71.0/26 */, 26, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x2CDCC200 /* 44.220.194.0/23 */, 23, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x2CDCC400 /* 44.220.196.0/22 */, 22, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x2CDCC800 /* 44.220.200.0/22 */, 22, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x2CDE4200 /* 44.222.66.0/24 */, 24, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x2CE3B200 /* 44.227.178.0/24 */, 24, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x2CEA5AFC /* 44.234.90.252/30 */, 30, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x2CEA6C80 /* 44.234.108.128/25 */, 25, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x2F815200 /* 47.129.82.0/23 */, 23, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x2F815400 /* 47.129.84.0/24 */, 24, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x332CEA00 /* 51.44.234.0/23 */, 23, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x332CEC00 /* 51.44.236.0/22 */, 22, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x340F7F80 /* 52.15.127.128/26 */, 26, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x342E0000 /* 52.46.0.0/18 */, 18, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x342F8B00 /* 52.47.139.0/24 */, 24, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x3434BF80 /* 52.52.191.128/26 */, 26, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x34387F00 /* 52.56.127.0/25 */, 25, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x3439FE00 /* 52.57.254.0/24 */, 24, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x3442C280 /* 52.66.194.128/26 */, 26, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x344EF780 /* 52.78.247.128/26 */, 26, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x34528000 /* 52.82.128.0/19 */, 19, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x34540000 /* 52.84.0.0/15 */, 15, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x347C8000 /* 52.124.128.0/17 */, 17, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x34C77FC0 /* 52.199.127.192/26 */, 26, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x34D4F800 /* 52.212.248.0/26 */, 26, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x34DCBF00 /* 52.220.191.0/26 */, 26, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x34DE8000 /* 52.222.128.0/17 */, 17, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x36B60000 /* 54.182.0.0/16 */, 16, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x36C00000 /* 54.192.0.0/16 */, 16, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x36E60000 /* 54.230.0.0/17 */, 17, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x36E68000 /* 54.230.128.0/18 */, 18, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x36E6C800 /* 54.230.200.0/21 */, 21, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x36E6D000 /* 54.230.208.0/20 */, 20, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x36E6E000 /* 54.230.224.0/19 */, 19, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x36E9FF80 /* 54.233.255.128/26 */, 26, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x36EF8000 /* 54.239.128.0/18 */, 18, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x36EFC000 /* 54.239.192.0/19 */, 19, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x36F08000 /* 54.240.128.0/18 */, 18, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x387D2E00 /* 56.125.46.0/24 */, 24, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x387D2F00 /* 56.125.47.0/32 */, 32, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x387D3000 /* 56.125.48.0/24 */, 24, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x39B6FD00 /* 57.182.253.0/24 */, 24, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x39B72A00 /* 57.183.42.0/25 */, 25, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x3AFE8A00 /* 58.254.138.0/25 */, 25, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x3AFE8A80 /* 58.254.138.128/26 */, 26, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x40FC4000 /* 64.252.64.0/18 */, 18, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x40FC8000 /* 64.252.128.0/18 */, 18, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x41080000 /* 65.8.0.0/16 */, 16, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x41090000 /* 65.9.0.0/17 */, 17, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x41098000 /* 65.9.128.0/18 */, 18, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x46840000 /* 70.132.0.0/18 */, 18, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x47980000 /* 71.152.0.0/17 */, 17, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x634FA900 /* 99.79.169.0/24 */, 24, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x63540000 /* 99.84.0.0/16 */, 16, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x63560000 /* 99.86.0.0/16 */, 16, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x6C8A0000 /* 108.138.0.0/15 */, 15, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x6C9C0000 /* 108.156.0.0/14 */, 14, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x6F0DAB80 /* 111.13.171.128/25 */, 25, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x6F0DB920 /* 111.13.185.32/27 */, 27, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x6F0DB940 /* 111.13.185.64/27 */, 27, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x7481E200 /* 116.129.226.0/25 */, 25, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x7481E280 /* 116.129.226.128/26 */, 26, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x76C16140 /* 118.193.97.64/26 */, 26, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x76C16180 /* 118.193.97.128/25 */, 25, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x7793B600 /* 119.147.182.0/25 */, 25, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x7793B680 /* 119.147.182.128/26 */, 26, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x78340C40 /* 120.52.12.64/26 */, 26, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x78341660 /* 120.52.22.96/27 */, 27, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x78342780 /* 120.52.39.128/27 */, 27, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x783499C0 /* 120.52.153.192/26 */, 26, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x78E8EC00 /* 120.232.236.0/25 */, 25, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x78E8EC80 /* 120.232.236.128/26 */, 26, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x78FDF0C0 /* 120.253.240.192/26 */, 26, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x78FDF1A0 /* 120.253.241.160/27 */, 27, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x78FDF580 /* 120.253.245.128/26 */, 26, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x78FDF5C0 /* 120.253.245.192/27 */, 27, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x82B00000 /* 130.176.0.0/17 */, 17, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x82B08000 /* 130.176.128.0/18 */, 18, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x82B0C000 /* 130.176.192.0/19 */, 19, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x82B0E000 /* 130.176.224.0/20 */, 20, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x8FCC0000 /* 143.204.0.0/16 */, 16, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0x90DC0000 /* 144.220.0.0/16 */, 16, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0xB4A33900 /* 180.163.57.0/25 */, 25, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0xB4A33980 /* 180.163.57.128/26 */, 26, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0xCCF6A400 /* 204.246.164.0/22 */, 22, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0xCCF6A800 /* 204.246.168.0/21 */, 21, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0xCCF6B000 /* 204.246.176.0/20 */, 20, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0xCDFBCA00 /* 205.251.202.0/23 */, 23, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0xCDFBCC00 /* 205.251.204.0/22 */, 22, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0xCDFBD000 /* 205.251.208.0/20 */, 20, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0xCDFBF900 /* 205.251.249.0/24 */, 24, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0xCDFBFA00 /* 205.251.250.0/23 */, 23, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0xCDFBFC00 /* 205.251.252.0/23 */, 23, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0xCDFBFE00 /* 205.251.254.0/24 */, 24, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { 0xD8892000 /* 216.137.32.0/19 */, 19, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ /* End */
+ { 0x0, 0, 0 }
+};
+
+static ndpi_network6 ndpi_protocol_aws_cloudfront_protocol_list_6[] = {
+ { "2400:7fc0:500::", 40, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { "2404:c2c0:500::", 40, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { "2409:8c00:2421:300::", 56, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { "2409:8c00:2421:400::", 56, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { "2600:9000:ddd::", 48, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { "2600:9000:eee::", 48, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { "2600:9000:fff::", 48, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { "2600:9000:1000::", 36, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { "2600:9000:2000::", 35, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { "2600:9000:4000::", 36, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { "2600:9000:5200::", 40, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { "2600:9000:5308::", 45, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { "2600:9000:5310::", 44, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { "2600:9000:5320::", 43, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { "2600:9000:5340::", 42, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { "2600:9000:5380::", 41, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { "2600:9000:f000::", 38, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { "2600:9000:f400::", 40, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { "2600:9000:f500::", 43, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { "2600:9000:f520::", 44, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { "2600:9000:f534::", 46, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { "2600:9000:f538::", 45, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { "2600:9000:f540::", 42, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { "2600:9000:f580::", 41, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { "2600:9000:f600::", 39, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ { "2600:9000:f800::", 37, NDPI_PROTOCOL_AWS_CLOUDFRONT },
+ /* End */
+ { NULL, 0, 0 }
+};
diff --git a/src/lib/inc_generated/ndpi_amazon_aws_dynamodb_match.c.inc b/src/lib/inc_generated/ndpi_amazon_aws_dynamodb_match.c.inc
new file mode 100644
index 000000000..4739849f9
--- /dev/null
+++ b/src/lib/inc_generated/ndpi_amazon_aws_dynamodb_match.c.inc
@@ -0,0 +1,59 @@
+/*
+ *
+ * This file is generated automatically and part of nDPI
+ *
+ * nDPI is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * nDPI is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with nDPI. If not, see .
+ *
+ */
+
+/* ****************************************************** */
+
+
+static ndpi_network ndpi_protocol_aws_dynamodb_protocol_list[] = {
+ { 0x03DAB400 /* 3.218.180.0/22 */, 22, NDPI_PROTOCOL_AWS_DYNAMODB },
+ { 0x0DF84000 /* 13.248.64.0/21 */, 21, NDPI_PROTOCOL_AWS_DYNAMODB },
+ { 0x0DF84800 /* 13.248.72.0/23 */, 23, NDPI_PROTOCOL_AWS_DYNAMODB },
+ { 0x0DF84B00 /* 13.248.75.0/24 */, 24, NDPI_PROTOCOL_AWS_DYNAMODB },
+ { 0x0DF84C00 /* 13.248.76.0/22 */, 22, NDPI_PROTOCOL_AWS_DYNAMODB },
+ { 0x0DF85000 /* 13.248.80.0/23 */, 23, NDPI_PROTOCOL_AWS_DYNAMODB },
+ { 0x23474000 /* 35.71.64.0/21 */, 21, NDPI_PROTOCOL_AWS_DYNAMODB },
+ { 0x23474800 /* 35.71.72.0/22 */, 22, NDPI_PROTOCOL_AWS_DYNAMODB },
+ { 0x23475D00 /* 35.71.93.0/24 */, 24, NDPI_PROTOCOL_AWS_DYNAMODB },
+ { 0x23475E00 /* 35.71.94.0/24 */, 24, NDPI_PROTOCOL_AWS_DYNAMODB },
+ { 0x23476000 /* 35.71.96.0/19 */, 19, NDPI_PROTOCOL_AWS_DYNAMODB },
+ { 0x2BC14000 /* 43.193.64.0/24 */, 24, NDPI_PROTOCOL_AWS_DYNAMODB },
+ { 0x33001C00 /* 51.0.28.0/24 */, 24, NDPI_PROTOCOL_AWS_DYNAMODB },
+ { 0x33001F00 /* 51.0.31.0/24 */, 24, NDPI_PROTOCOL_AWS_DYNAMODB },
+ { 0x3452BB00 /* 52.82.187.0/24 */, 24, NDPI_PROTOCOL_AWS_DYNAMODB },
+ { 0x345E0000 /* 52.94.0.0/20 */, 20, NDPI_PROTOCOL_AWS_DYNAMODB },
+ { 0x345E1000 /* 52.94.16.0/22 */, 22, NDPI_PROTOCOL_AWS_DYNAMODB },
+ { 0x345E1400 /* 52.94.20.0/24 */, 24, NDPI_PROTOCOL_AWS_DYNAMODB },
+ { 0x345E1600 /* 52.94.22.0/23 */, 23, NDPI_PROTOCOL_AWS_DYNAMODB },
+ { 0x345E1800 /* 52.94.24.0/22 */, 22, NDPI_PROTOCOL_AWS_DYNAMODB },
+ { 0x345E1C00 /* 52.94.28.0/23 */, 23, NDPI_PROTOCOL_AWS_DYNAMODB },
+ { 0x345E1E00 /* 52.94.30.0/24 */, 24, NDPI_PROTOCOL_AWS_DYNAMODB },
+ { 0x3477E000 /* 52.119.224.0/20 */, 20, NDPI_PROTOCOL_AWS_DYNAMODB },
+ { 0x3477F000 /* 52.119.240.0/21 */, 21, NDPI_PROTOCOL_AWS_DYNAMODB },
+ { 0x3477F800 /* 52.119.248.0/23 */, 23, NDPI_PROTOCOL_AWS_DYNAMODB },
+ { 0x3477FC00 /* 52.119.252.0/22 */, 22, NDPI_PROTOCOL_AWS_DYNAMODB },
+ { 0x36DE3900 /* 54.222.57.0/24 */, 24, NDPI_PROTOCOL_AWS_DYNAMODB },
+ { 0x36DE4000 /* 54.222.64.0/24 */, 24, NDPI_PROTOCOL_AWS_DYNAMODB },
+ /* End */
+ { 0x0, 0, 0 }
+};
+
+static ndpi_network6 ndpi_protocol_aws_dynamodb_protocol_list_6[] = {
+ /* End */
+ { NULL, 0, 0 }
+};
diff --git a/src/lib/inc_generated/ndpi_amazon_aws_ec2_match.c.inc b/src/lib/inc_generated/ndpi_amazon_aws_ec2_match.c.inc
new file mode 100644
index 000000000..e2a550e27
--- /dev/null
+++ b/src/lib/inc_generated/ndpi_amazon_aws_ec2_match.c.inc
@@ -0,0 +1,1925 @@
+/*
+ *
+ * This file is generated automatically and part of nDPI
+ *
+ * nDPI is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * nDPI is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with nDPI. If not, see .
+ *
+ */
+
+/* ****************************************************** */
+
+
+static ndpi_network ndpi_protocol_aws_ec2_protocol_list[] = {
+ { 0x01B20100 /* 1.178.1.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x01B20400 /* 1.178.4.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x01B20800 /* 1.178.8.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x01B24000 /* 1.178.64.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x01B25800 /* 1.178.88.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x03000000 /* 3.0.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x03020000 /* 3.2.0.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x03020200 /* 3.2.2.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x03024000 /* 3.2.64.0/19 */, 19, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x03026000 /* 3.2.96.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x03026200 /* 3.2.98.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x03030200 /* 3.3.2.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x03030500 /* 3.3.5.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x03032000 /* 3.3.32.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x03040000 /* 3.4.0.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x03040400 /* 3.4.4.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x03040600 /* 3.4.6.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x03040800 /* 3.4.8.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x03040A00 /* 3.4.10.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x03041000 /* 3.4.16.0/20 */, 20, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x03050000 /* 3.5.0.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x03054000 /* 3.5.64.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x03054800 /* 3.5.72.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x03054C00 /* 3.5.76.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x03055000 /* 3.5.80.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x03058000 /* 3.5.128.0/19 */, 19, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0305A000 /* 3.5.160.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0305A800 /* 3.5.168.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0305AC00 /* 3.5.172.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0305B400 /* 3.5.180.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0305B800 /* 3.5.184.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0305C000 /* 3.5.192.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0305CA00 /* 3.5.202.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0305CC00 /* 3.5.204.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0305D000 /* 3.5.208.0/20 */, 20, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0305E000 /* 3.5.224.0/19 */, 19, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x03060000 /* 3.6.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x03080000 /* 3.8.0.0/13 */, 13, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x03100000 /* 3.16.0.0/12 */, 12, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x03200000 /* 3.32.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x03220000 /* 3.34.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x03240000 /* 3.36.0.0/14 */, 14, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x03280000 /* 3.40.0.0/14 */, 14, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x032C0000 /* 3.44.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x032D0000 /* 3.45.0.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x03400000 /* 3.64.0.0/11 */, 11, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x03600000 /* 3.96.0.0/14 */, 14, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x03650000 /* 3.101.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x03660000 /* 3.102.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x03680000 /* 3.104.0.0/13 */, 13, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x03700000 /* 3.112.0.0/14 */, 14, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x03780000 /* 3.120.0.0/13 */, 13, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x03800000 /* 3.128.0.0/12 */, 12, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x03900000 /* 3.144.0.0/13 */, 13, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x03D00000 /* 3.208.0.0/12 */, 12, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x03E00000 /* 3.224.0.0/12 */, 12, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x03F80000 /* 3.248.0.0/13 */, 13, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x053C0000 /* 5.60.0.0/20 */, 20, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x053C2000 /* 5.60.32.0/20 */, 20, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x053C4000 /* 5.60.64.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x053C8000 /* 5.60.128.0/17 */, 17, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x05AE0000 /* 5.174.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x05B36000 /* 5.179.96.0/20 */, 20, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0D240000 /* 13.36.0.0/14 */, 14, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0D280000 /* 13.40.0.0/14 */, 14, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0D300000 /* 13.48.0.0/12 */, 12, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0D700000 /* 13.112.0.0/14 */, 14, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0D7C0000 /* 13.124.0.0/14 */, 14, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0D800000 /* 13.128.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0D820000 /* 13.130.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0D860000 /* 13.134.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0D900000 /* 13.144.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0D920000 /* 13.146.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0D980000 /* 13.152.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0D9A0000 /* 13.154.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0D9E0000 /* 13.158.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0DA00000 /* 13.160.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0DA20000 /* 13.162.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0DC00000 /* 13.192.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0DC80000 /* 13.200.0.0/13 */, 13, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0DD00000 /* 13.208.0.0/12 */, 12, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0DE40000 /* 13.228.0.0/14 */, 14, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0DE80000 /* 13.232.0.0/13 */, 13, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0DF40000 /* 13.244.0.0/14 */, 14, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0DFA0000 /* 13.250.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0F670000 /* 15.103.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0F800000 /* 15.128.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0F860000 /* 15.134.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0F910000 /* 15.145.0.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0F910400 /* 15.145.4.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0F910800 /* 15.145.8.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0F911000 /* 15.145.16.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0F911800 /* 15.145.24.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0F980000 /* 15.152.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0F9C0000 /* 15.156.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FA00000 /* 15.160.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FA40000 /* 15.164.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FA80000 /* 15.168.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FB10000 /* 15.177.0.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FB14000 /* 15.177.64.0/19 */, 19, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FB16000 /* 15.177.96.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FB16400 /* 15.177.100.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FB16600 /* 15.177.102.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FB16800 /* 15.177.104.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FB16A00 /* 15.177.106.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FB50000 /* 15.181.0.0/17 */, 17, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FB58000 /* 15.181.128.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FB5C000 /* 15.181.192.0/19 */, 19, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FB5E000 /* 15.181.224.0/20 */, 20, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FB5F000 /* 15.181.240.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FB5F800 /* 15.181.248.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FB5FC00 /* 15.181.252.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FB5FE00 /* 15.181.254.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FB80000 /* 15.184.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FBC0000 /* 15.188.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FC10000 /* 15.193.0.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FC10800 /* 15.193.8.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FC18000 /* 15.193.128.0/19 */, 19, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FC1A000 /* 15.193.160.0/20 */, 20, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FC1B000 /* 15.193.176.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FC80000 /* 15.200.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FCD0000 /* 15.205.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FCE0000 /* 15.206.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FD80000 /* 15.216.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FDC0000 /* 15.220.0.0/19 */, 19, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FDC2000 /* 15.220.32.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FDC2800 /* 15.220.40.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FDC3000 /* 15.220.48.0/20 */, 20, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FDC4000 /* 15.220.64.0/19 */, 19, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FDC7000 /* 15.220.112.0/20 */, 20, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FDC8000 /* 15.220.128.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FDCC000 /* 15.220.192.0/20 */, 20, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FDCD080 /* 15.220.208.128/26 */, 26, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FDCD800 /* 15.220.216.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FDCE000 /* 15.220.224.0/19 */, 19, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FDE0000 /* 15.222.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FE40000 /* 15.228.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FE80000 /* 15.232.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FEC0000 /* 15.236.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FF00000 /* 15.240.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FFD0000 /* 15.253.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x0FFE0000 /* 15.254.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x100F0000 /* 16.15.0.0/20 */, 20, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x100F1000 /* 16.15.16.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x100FB000 /* 16.15.176.0/20 */, 20, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x100FC000 /* 16.15.192.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x10100000 /* 16.16.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x10180000 /* 16.24.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x101A0000 /* 16.26.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x101C0000 /* 16.28.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x10320000 /* 16.50.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x10340000 /* 16.52.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x10360000 /* 16.54.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x10380000 /* 16.56.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x10390000 /* 16.57.0.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x103E0000 /* 16.62.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x10400000 /* 16.64.0.0/17 */, 17, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x10410000 /* 16.65.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x10470000 /* 16.71.0.0/17 */, 17, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x104E0000 /* 16.78.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x10700000 /* 16.112.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x10900000 /* 16.144.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x109C0000 /* 16.156.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x10A20000 /* 16.162.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x10A80000 /* 16.168.0.0/14 */, 14, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x10B00000 /* 16.176.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x10B80000 /* 16.184.0.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x10D00000 /* 16.208.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x12220000 /* 18.34.0.0/19 */, 19, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x12223000 /* 18.34.48.0/20 */, 20, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x12224800 /* 18.34.72.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x1222E800 /* 18.34.232.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x1222F400 /* 18.34.244.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x1222FC00 /* 18.34.252.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x123C0000 /* 18.60.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x12580000 /* 18.88.0.0/17 */, 17, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x12588000 /* 18.88.128.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x12590000 /* 18.89.0.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x12598000 /* 18.89.128.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x12600000 /* 18.96.0.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x12600800 /* 18.96.8.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x12601000 /* 18.96.16.0/20 */, 20, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x12602000 /* 18.96.32.0/19 */, 19, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x12604000 /* 18.96.64.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x12608000 /* 18.96.128.0/17 */, 17, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x12610000 /* 18.97.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x12620000 /* 18.98.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x12640000 /* 18.100.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x12660000 /* 18.102.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x12740000 /* 18.116.0.0/14 */, 14, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x12820000 /* 18.130.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x12840000 /* 18.132.0.0/14 */, 14, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x12880000 /* 18.136.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x128A0000 /* 18.138.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x128C0000 /* 18.140.0.0/14 */, 14, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x12900000 /* 18.144.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x12990000 /* 18.153.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x129C0000 /* 18.156.0.0/14 */, 14, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x12A20000 /* 18.162.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x12A60000 /* 18.166.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x12A80000 /* 18.168.0.0/14 */, 14, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x12AF0000 /* 18.175.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x12B00000 /* 18.176.0.0/13 */, 13, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x12B80000 /* 18.184.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x12BC0000 /* 18.188.0.0/14 */, 14, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x12C00000 /* 18.192.0.0/11 */, 11, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x12E00000 /* 18.224.0.0/13 */, 13, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x12E80000 /* 18.232.0.0/14 */, 14, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x12EC0000 /* 18.236.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x12F60000 /* 18.246.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x12FC0000 /* 18.252.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x12FE0000 /* 18.254.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x17140000 /* 23.20.0.0/14 */, 14, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x17E4C000 /* 23.228.192.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x17E4C200 /* 23.228.194.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x17E4C400 /* 23.228.196.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x17E4C600 /* 23.228.198.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x17FE0000 /* 23.254.0.0/20 */, 20, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x17FE1000 /* 23.254.16.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x17FE1800 /* 23.254.24.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x17FE7800 /* 23.254.120.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x1FDCDC00 /* 31.220.220.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x1FDCEC00 /* 31.220.236.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x22C00000 /* 34.192.0.0/10 */, 10, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x232C0000 /* 35.44.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x23328000 /* 35.50.128.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x23328E00 /* 35.50.142.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x23329000 /* 35.50.144.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x2332B000 /* 35.50.176.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x2332B200 /* 35.50.178.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x2332C000 /* 35.50.192.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x2332C400 /* 35.50.196.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x2332D000 /* 35.50.208.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x2332D200 /* 35.50.210.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x2332D400 /* 35.50.212.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x2332D600 /* 35.50.214.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x2332E000 /* 35.50.224.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x2332E200 /* 35.50.226.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x2332E400 /* 35.50.228.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x2332E800 /* 35.50.232.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x23362000 /* 35.54.32.0/20 */, 20, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x23363000 /* 35.54.48.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x23363800 /* 35.54.56.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x23363C00 /* 35.54.60.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x23363E00 /* 35.54.62.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x23370100 /* 35.55.1.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x23370200 /* 35.55.2.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x23370400 /* 35.55.4.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x23370800 /* 35.55.8.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x23371000 /* 35.55.16.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x23371800 /* 35.55.24.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x23371D00 /* 35.55.29.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x23371E00 /* 35.55.30.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x23372000 /* 35.55.32.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x23372800 /* 35.55.40.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x23372A00 /* 35.55.42.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x23377E00 /* 35.55.126.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x23474000 /* 35.71.64.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x23474800 /* 35.71.72.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x23475D00 /* 35.71.93.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x23475E00 /* 35.71.94.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x23476000 /* 35.71.96.0/19 */, 19, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x23480000 /* 35.72.0.0/13 */, 13, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x23500000 /* 35.80.0.0/12 */, 12, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x23600000 /* 35.96.0.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x23600800 /* 35.96.8.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x23600C00 /* 35.96.12.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x23600E00 /* 35.96.14.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x23601000 /* 35.96.16.0/20 */, 20, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x23602000 /* 35.96.32.0/20 */, 20, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x23603000 /* 35.96.48.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x23603400 /* 35.96.52.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x23604000 /* 35.96.64.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x23608000 /* 35.96.128.0/19 */, 19, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x2360F000 /* 35.96.240.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x2360F400 /* 35.96.244.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x2360F600 /* 35.96.246.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x2360F800 /* 35.96.248.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x23610000 /* 35.97.0.0/20 */, 20, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x23980000 /* 35.152.0.0/13 */, 13, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x23A00000 /* 35.160.0.0/12 */, 12, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x23B00000 /* 35.176.0.0/13 */, 13, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x28260000 /* 40.38.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x28AC0000 /* 40.172.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x28B00000 /* 40.176.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x28C00000 /* 40.192.0.0/17 */, 17, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x2BC00000 /* 43.192.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x2BC10000 /* 43.193.0.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x2BC14000 /* 43.193.64.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x2BC20000 /* 43.194.0.0/20 */, 20, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x2BC21000 /* 43.194.16.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x2BC30000 /* 43.195.0.0/20 */, 20, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x2BC40000 /* 43.196.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x2BC60000 /* 43.198.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x2BC80000 /* 43.200.0.0/13 */, 13, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x2BD00000 /* 43.208.0.0/14 */, 14, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x2BD40000 /* 43.212.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x2BD80000 /* 43.216.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x2BDA0000 /* 43.218.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x2BDC0000 /* 43.220.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x2CC00000 /* 44.192.0.0/10 */, 10, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x2D398000 /* 45.57.128.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x2E338000 /* 46.51.128.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x2E33C000 /* 46.51.192.0/20 */, 20, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x2E33D000 /* 46.51.208.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x2E33D800 /* 46.51.216.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x2E33E000 /* 46.51.224.0/19 */, 19, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x2E890000 /* 46.137.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x2F800000 /* 47.128.0.0/14 */, 14, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x32100000 /* 50.16.0.0/14 */, 14, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x32700000 /* 50.112.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x33001D80 /* 51.0.29.128/28 */, 28, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x33001F00 /* 51.0.31.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x33005000 /* 51.0.80.0/20 */, 20, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x33006000 /* 51.0.96.0/20 */, 20, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x33007000 /* 51.0.112.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x33008000 /* 51.0.128.0/20 */, 20, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x3300FC00 /* 51.0.252.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x33100000 /* 51.16.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x33140000 /* 51.20.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x33180000 /* 51.24.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x33220000 /* 51.34.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x332C0000 /* 51.44.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x33300000 /* 51.48.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x33540000 /* 51.84.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x335C0000 /* 51.92.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x335E0000 /* 51.94.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x33600000 /* 51.96.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x33700000 /* 51.112.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x33760000 /* 51.118.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x33A80000 /* 51.168.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x33E00000 /* 51.224.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x34000000 /* 52.0.0.0/11 */, 11, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x34200000 /* 52.32.0.0/13 */, 13, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x34280000 /* 52.40.0.0/14 */, 14, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x342C0000 /* 52.44.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x342EB400 /* 52.46.180.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x342EB800 /* 52.46.184.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x342F0000 /* 52.47.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x34300000 /* 52.48.0.0/12 */, 12, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x34400000 /* 52.64.0.0/12 */, 12, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x34500000 /* 52.80.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x34520000 /* 52.82.0.0/17 */, 17, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x3452A400 /* 52.82.164.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x3452A800 /* 52.82.168.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x3452A900 /* 52.82.169.0/28 */, 28, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x3452AA00 /* 52.82.170.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x3452B000 /* 52.82.176.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x3452B800 /* 52.82.184.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x34530000 /* 52.83.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x34560000 /* 52.86.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x34580000 /* 52.88.0.0/14 */, 14, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x345E7400 /* 52.94.116.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x345E9000 /* 52.94.144.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x345E9200 /* 52.94.146.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x345EC900 /* 52.94.201.0/26 */, 26, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x345EF800 /* 52.94.248.0/25 */, 25, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x345EF880 /* 52.94.248.128/26 */, 26, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x345EF8C0 /* 52.94.248.192/27 */, 27, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x345EF8E0 /* 52.94.248.224/28 */, 28, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x345EF920 /* 52.94.249.32/27 */, 27, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x345EF940 /* 52.94.249.64/26 */, 26, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x345EF980 /* 52.94.249.128/25 */, 25, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x345EFA00 /* 52.94.250.0/26 */, 26, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x345EFA50 /* 52.94.250.80/28 */, 28, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x345EFA60 /* 52.94.250.96/27 */, 27, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x345EFA80 /* 52.94.250.128/26 */, 26, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x345FE000 /* 52.95.224.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x345FE400 /* 52.95.228.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x345FE600 /* 52.95.230.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x345FEB00 /* 52.95.235.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x345FEF00 /* 52.95.239.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x345FF000 /* 52.95.240.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x345FF800 /* 52.95.248.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x345FFC00 /* 52.95.252.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x345FFE00 /* 52.95.254.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x345FFF00 /* 52.95.255.0/25 */, 25, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x345FFF80 /* 52.95.255.128/28 */, 28, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x3477CD00 /* 52.119.205.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x3481E000 /* 52.129.224.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x34C00000 /* 52.192.0.0/12 */, 12, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x34D00000 /* 52.208.0.0/13 */, 13, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x34DC0000 /* 52.220.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x34DE0000 /* 52.222.0.0/17 */, 17, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x36190E00 /* 54.25.14.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x36191400 /* 54.25.20.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x36195200 /* 54.25.82.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x361AA600 /* 54.26.166.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x362E0000 /* 54.46.0.0/17 */, 17, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x36360000 /* 54.54.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x36400000 /* 54.64.0.0/11 */, 11, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x36700000 /* 54.112.0.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x36740000 /* 54.116.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x36900000 /* 54.144.0.0/12 */, 12, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x36A00000 /* 54.160.0.0/12 */, 12, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x36B00000 /* 54.176.0.0/14 */, 14, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x36B40000 /* 54.180.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x36B70000 /* 54.183.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x36B80000 /* 54.184.0.0/13 */, 13, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x36C10000 /* 54.193.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x36C20000 /* 54.194.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x36C40000 /* 54.196.0.0/14 */, 14, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x36C80000 /* 54.200.0.0/13 */, 13, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x36D00000 /* 54.208.0.0/13 */, 13, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x36D80000 /* 54.216.0.0/14 */, 14, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x36DC0000 /* 54.220.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x36DE2000 /* 54.222.32.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x36DE3400 /* 54.222.52.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x36DE3A20 /* 54.222.58.32/28 */, 28, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x36DE4000 /* 54.222.64.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x36DE5800 /* 54.222.88.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x36DE6400 /* 54.222.100.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x36DE8000 /* 54.222.128.0/17 */, 17, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x36DF0000 /* 54.223.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x36E00000 /* 54.224.0.0/14 */, 14, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x36E40000 /* 54.228.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x36E80000 /* 54.232.0.0/14 */, 14, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x36EC0000 /* 54.236.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x36EE0000 /* 54.238.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x36EF6780 /* 54.239.103.128/26 */, 26, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x36F10000 /* 54.241.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x36F20000 /* 54.242.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x36F40000 /* 54.244.0.0/14 */, 14, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x36F80000 /* 54.248.0.0/13 */, 13, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x380A0000 /* 56.10.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x38440000 /* 56.68.0.0/17 */, 17, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x38450000 /* 56.69.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x38460000 /* 56.70.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x38700000 /* 56.112.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x387C0000 /* 56.124.0.0/17 */, 17, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x387D0000 /* 56.125.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x387E0000 /* 56.126.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x38880000 /* 56.136.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x389B0000 /* 56.155.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x38E40000 /* 56.228.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x39B40000 /* 57.180.0.0/14 */, 14, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x3F200000 /* 63.32.0.0/14 */, 14, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x3FB00000 /* 63.176.0.0/13 */, 13, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x3FF67000 /* 63.246.112.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x3FF67700 /* 63.246.119.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x40BB8000 /* 64.187.128.0/20 */, 20, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x40FC4000 /* 64.252.64.0/20 */, 20, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x40FC5000 /* 64.252.80.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x40FC5800 /* 64.252.88.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x40FC6100 /* 64.252.97.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x40FC6200 /* 64.252.98.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x40FC6400 /* 64.252.100.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x40FC6800 /* 64.252.104.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x40FC7000 /* 64.252.112.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x40FC7800 /* 64.252.120.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x40FC7C00 /* 64.252.124.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x40FC7E00 /* 64.252.126.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x41000000 /* 65.0.0.0/14 */, 14, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x42070000 /* 66.7.0.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x43CA0000 /* 67.202.0.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x44427000 /* 68.66.112.0/20 */, 20, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x444F0000 /* 68.79.0.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x45E6C000 /* 69.230.192.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x45E78000 /* 69.231.128.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x45EAC000 /* 69.234.192.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x45EB8000 /* 69.235.128.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x46E0C000 /* 70.224.192.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x46E8567C /* 70.232.86.124/31 */, 31, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x46E8567E /* 70.232.86.126/32 */, 32, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x46E85C00 /* 70.232.92.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x46E87C00 /* 70.232.124.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x4783C000 /* 71.131.192.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x47840000 /* 71.132.0.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x47884000 /* 71.136.64.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x47890000 /* 71.137.0.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x48290000 /* 72.41.0.0/20 */, 20, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x482C2000 /* 72.44.32.0/19 */, 19, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x4B028000 /* 75.2.128.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x4B030000 /* 75.3.0.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x4B038000 /* 75.3.128.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x4B2D8000 /* 75.45.128.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x4B658000 /* 75.101.128.0/17 */, 17, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x4E0C0000 /* 78.12.0.0/14 */, 14, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x4F7D0000 /* 79.125.0.0/17 */, 17, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x5376F000 /* 83.118.240.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x53774000 /* 83.119.64.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x53778000 /* 83.119.128.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x53A00000 /* 83.160.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x5F280000 /* 95.40.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x60000000 /* 96.0.0.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x60004000 /* 96.0.64.0/19 */, 19, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x60006000 /* 96.0.96.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x60006800 /* 96.0.104.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x60006C00 /* 96.0.108.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x60006E00 /* 96.0.110.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x60007000 /* 96.0.112.0/20 */, 20, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x60008000 /* 96.0.128.0/19 */, 19, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x6000A000 /* 96.0.160.0/20 */, 20, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x6000B000 /* 96.0.176.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x6000B800 /* 96.0.184.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x607F0000 /* 96.127.0.0/17 */, 17, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x62500000 /* 98.80.0.0/12 */, 12, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x62820000 /* 98.130.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x634D3700 /* 99.77.55.0/30 */, 30, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x634D370C /* 99.77.55.12/30 */, 30, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x634D3718 /* 99.77.55.24/30 */, 30, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x634D3720 /* 99.77.55.32/28 */, 28, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x634D3731 /* 99.77.55.49/32 */, 32, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x634D3732 /* 99.77.55.50/31 */, 31, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x634D3734 /* 99.77.55.52/30 */, 30, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x634D3738 /* 99.77.55.56/32 */, 32, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x634D37FD /* 99.77.55.253/32 */, 32, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x634D37FE /* 99.77.55.254/31 */, 31, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x634D8000 /* 99.77.128.0/20 */, 20, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x634D9000 /* 99.77.144.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x634D9300 /* 99.77.147.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x634D9400 /* 99.77.148.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x634D9800 /* 99.77.152.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x634DA000 /* 99.77.160.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x634DB700 /* 99.77.183.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x634DB800 /* 99.77.184.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x634DBA00 /* 99.77.186.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x634DBF00 /* 99.77.191.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x634DE800 /* 99.77.232.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x634DF000 /* 99.77.240.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x634DF800 /* 99.77.248.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x634DFC00 /* 99.77.252.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x634DFE00 /* 99.77.254.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x634EEEFB /* 99.78.238.251/32 */, 32, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x634EEEFD /* 99.78.238.253/32 */, 32, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x634EEEFF /* 99.78.238.255/32 */, 32, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x634F0000 /* 99.79.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x63500000 /* 99.80.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x63960000 /* 99.150.0.0/17 */, 17, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x63974000 /* 99.151.64.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x63978000 /* 99.151.128.0/19 */, 19, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x6397A000 /* 99.151.160.0/20 */, 20, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x6397B800 /* 99.151.184.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x64140000 /* 100.20.0.0/14 */, 14, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x64180000 /* 100.24.0.0/13 */, 13, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x64300000 /* 100.48.0.0/12 */, 12, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x67040800 /* 103.4.8.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x6B140000 /* 107.20.0.0/14 */, 14, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x6BB00000 /* 107.176.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x6C800000 /* 108.128.0.0/13 */, 13, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x6C880000 /* 108.136.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x6CAF3800 /* 108.175.56.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x6EEE0200 /* 110.238.2.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x7AF8C000 /* 122.248.192.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x88120000 /* 136.18.0.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x88123200 /* 136.18.50.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x88128000 /* 136.18.128.0/19 */, 19, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x8812A000 /* 136.18.160.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x8812FE00 /* 136.18.254.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x8B381000 /* 139.56.16.0/20 */, 20, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x8B382000 /* 139.56.32.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x8B382200 /* 139.56.34.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x8CB30000 /* 140.179.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x8E04B100 /* 142.4.177.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x8E04B200 /* 142.4.178.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x8E04B400 /* 142.4.180.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x97942000 /* 151.148.32.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x97942800 /* 151.148.40.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x9B920000 /* 155.146.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x9DAF0000 /* 157.175.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x9DF10000 /* 157.241.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x9EFC0000 /* 158.252.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x9FF8C800 /* 159.248.200.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x9FF8D800 /* 159.248.216.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x9FF8E000 /* 159.248.224.0/20 */, 20, NDPI_PROTOCOL_AWS_EC2 },
+ { 0x9FF8F000 /* 159.248.240.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xA0010000 /* 160.1.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xA1B20000 /* 161.178.0.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xA1B28000 /* 161.178.128.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xA1BC0000 /* 161.188.0.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xA1BC4000 /* 161.188.64.0/19 */, 19, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xA1BC7000 /* 161.188.112.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xA1BC7800 /* 161.188.120.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xA1BC7F00 /* 161.188.127.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xA1BD0000 /* 161.189.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xA1C10000 /* 161.193.0.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xA1C18000 /* 161.193.128.0/18 */, 18, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xA2D5E800 /* 162.213.232.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xA2DE9400 /* 162.222.148.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xA2FAEC00 /* 162.250.236.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xA8B90400 /* 168.185.4.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xAD53C000 /* 173.83.192.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xAD53C400 /* 173.83.196.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xAD53C600 /* 173.83.198.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xAD53C800 /* 173.83.200.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xAD53D000 /* 173.83.208.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xAD53D400 /* 173.83.212.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xAD53D600 /* 173.83.214.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xAD53D800 /* 173.83.216.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xAD53DC00 /* 173.83.220.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xAE810000 /* 174.129.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xAF298000 /* 175.41.128.0/17 */, 17, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xB0204000 /* 176.32.64.0/19 */, 19, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xB0220000 /* 176.34.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xB1478000 /* 177.71.128.0/17 */, 17, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xB61E0000 /* 182.30.0.0/16 */, 16, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xB8480000 /* 184.72.0.0/15 */, 15, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xB8A98000 /* 184.169.128.0/17 */, 17, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xB9307800 /* 185.48.120.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xC01FD400 /* 192.31.212.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xC02BAF00 /* 192.43.175.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xC02BB800 /* 192.43.184.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xC09D2400 /* 192.157.36.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xC0BDC500 /* 192.189.197.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xC3110000 /* 195.17.0.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xC6296000 /* 198.41.96.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xC6296800 /* 198.41.104.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xC6630200 /* 198.99.2.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xCAAE8400 /* 202.174.132.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xCC57B900 /* 204.87.185.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xCCEC8000 /* 204.236.128.0/17 */, 17, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xCE48D100 /* 206.72.209.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xD04E8000 /* 208.78.128.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xD0565800 /* 208.86.88.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xD06E3000 /* 208.110.48.0/20 */, 20, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xD8278800 /* 216.39.136.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xD8279800 /* 216.39.152.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xD827A000 /* 216.39.160.0/20 */, 20, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xD8B6E000 /* 216.182.224.0/20 */, 20, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xD8C6C000 /* 216.198.192.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xD8F40000 /* 216.244.0.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xD8F40800 /* 216.244.8.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xD8F40A00 /* 216.244.10.0/24 */, 24, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xD8F40C00 /* 216.244.12.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xD8F41000 /* 216.244.16.0/20 */, 20, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xD8F42000 /* 216.244.32.0/22 */, 22, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xD8F42400 /* 216.244.36.0/23 */, 23, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xD8F42800 /* 216.244.40.0/21 */, 21, NDPI_PROTOCOL_AWS_EC2 },
+ { 0xD8F43000 /* 216.244.48.0/20 */, 20, NDPI_PROTOCOL_AWS_EC2 },
+ /* End */
+ { 0x0, 0, 0 }
+};
+
+static ndpi_network6 ndpi_protocol_aws_ec2_protocol_list_6[] = {
+ { "2001:3fc0:800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2001:3fc1:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2001:3fc2:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2001:3fc3:800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2001:3fc3:2800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2001:3fc3:6800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2001:3fc3:8800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2001:3fc3:a800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2001:3fc4:800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2001:3fc5:8800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2001:3fc6:100::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2001:3fc7:800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2001:3fc7:1800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2001:3fc7:2800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2001:3fc7:4800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2001:3fc7:5800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2001:3fc7:6800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2001:3fc7:f800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2400:6500:ff00::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2400:6700:ff00::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2400:7fc0::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2400:7fc0:2100::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2400:7fc0:2200::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2400:7fc0:2f00::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2400:7fc0:3000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2400:7fc0:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2400:7fc0:4100::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2400:7fc0:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2400:7fc0:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2400:7fc0:a000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2400:7fc0:bb00::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2400:7fc0:c000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2400:7fc0:ef00::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2400:7fc0:fd00::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2403:b300:ff00::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2404:c2c0::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2404:c2c0:2100::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2404:c2c0:2200::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2404:c2c0:2f00::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2404:c2c0:3000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2404:c2c0:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2404:c2c0:4100::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2404:c2c0:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2404:c2c0:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2404:c2c0:bb00::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2404:c2c0:c000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2404:c2c0:ef00::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2404:c2c0:fd00::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da00:800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da00:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da00:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da00:2800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da00:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da00:4800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da00:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da00:7000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da00:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da00:9000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da00:a000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da00:b000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da00:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da00:c800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da00:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da00:f000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da00:ff00::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da10:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da11::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da12::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da12:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da13::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da14::", 35, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da14:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da15::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da16::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da17::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da18::", 35, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da18:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da19::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da1a::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da1a:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da1b::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da1c::", 35, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da1c:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da1d::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da1e::", 32, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da1f::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da20:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da21::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da22::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da22:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da23::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da24::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da24:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da25::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da26::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da27::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da28::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da28:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da29::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da2a::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da2a:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da2b::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da2c::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da2c:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da2d::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da2e::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da2f::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da30:800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da30:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da30:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da30:2800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da30:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da30:4800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da30:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da30:7000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da30:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da30:8800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da30:9000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da30:a000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da30:b000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da30:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da30:c800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da30:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da30:f000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da32:800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da32:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da32:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da32:2800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da32:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da32:4800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da32:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da32:7000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da32:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da32:8800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da32:9000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da32:a000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da32:b000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da32:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da32:c800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da32:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da32:f000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da36:800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da36:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da36:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da36:2800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da36:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da36:4800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da36:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da36:7000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da36:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da36:8800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da36:9000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da36:a000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da36:b000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da36:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da36:c800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da36:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da36:f000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da38:800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da38:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da38:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da38:2800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da38:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da38:4800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da38:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da38:7000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da38:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da38:8800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da38:9000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da38:a000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da38:b000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da38:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da38:c800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da38:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da38:f000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da60:800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da60:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da60:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da60:2800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da60:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da60:4800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da60:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da60:7000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da60:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da60:8800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da60:9000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da60:a000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da60:b000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da60:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da60:c800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da60:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da60:f000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da61:800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da61:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da61:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da61:2800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da61:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da61:4800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da61:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da61:7000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da61:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da61:8800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da61:9000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da61:a000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da61:b000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da61:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da61:c800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da61:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da61:f000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da70:800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da70:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da70:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da70:2800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da70:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da70:4800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da70:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da70:7000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da70:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da70:8800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da70:9000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da70:a000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da70:b000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da70:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da70:c800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da70:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:da70:f000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dab9:800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dab9:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dab9:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dab9:2800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dab9:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dab9:4800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dab9:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dab9:7000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dab9:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dab9:8800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dab9:9000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dab9:a000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dab9:b000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dab9:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dab9:c800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dab9:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dab9:f000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dabb:800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dabb:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dabb:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dabb:2800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dabb:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dabb:4800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dabb:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dabb:7000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dabb:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dabb:8800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dabb:9000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dabb:a000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dabb:b000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dabb:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dabb:c800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dabb:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dabb:f000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daef:800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daef:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daef:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daef:2800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daef:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daef:4800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daef:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daef:7000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daef:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daef:8800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daef:9000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daef:a000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daef:b000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daef:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daef:c800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daef:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daef:f000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf0:800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf0:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf0:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf0:2800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf0:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf0:4800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf0:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf0:7000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf0:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf0:8800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf0:9000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf0:a000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf0:b000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf0:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf0:c800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf0:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf0:f000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf2:800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf2:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf2:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf2:2800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf2:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf2:4800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf2:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf2:7000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf2:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf2:8800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf2:9000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf2:a000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf2:b000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf2:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf2:c800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf2:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf2:f000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf3:800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf3:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf3:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf3:2800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf3:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf3:4800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf3:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf3:7000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf3:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf3:8800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf3:9000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf3:a000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf3:b000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf3:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf3:c800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf3:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf3:f000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf4:800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf4:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf4:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf4:2800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf4:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf4:4800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf4:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf4:7000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf4:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf4:8800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf4:9000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf4:a000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf4:b000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf4:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf4:c800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf4:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf4:f000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf6:800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf6:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf6:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf6:2800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf6:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf6:4800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf6:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf6:7000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf6:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf6:8800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf6:9000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf6:a000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf6:b000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf6:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf6:c800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf6:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daf6:f000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dafd:800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dafd:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dafd:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dafd:2800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dafd:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dafd:4800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dafd:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dafd:7000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dafd:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dafd:8800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dafd:9000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dafd:a000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dafd:b000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dafd:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dafd:c800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dafd:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:dafd:f000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daff:800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daff:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daff:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daff:2800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daff:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daff:4800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daff:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daff:7000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daff:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daff:8800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daff:9000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daff:a000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daff:a800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daff:b000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daff:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daff:c800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daff:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2406:daff:f000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "240f:8000:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "240f:8000:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "240f:8014::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "240f:8018::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "240f:80ff:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "240f:80ff:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f00:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f00:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f00:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f00:5000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f00:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f00:7400::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f00:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f00:a400::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f00:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f00:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f10:4000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f10:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f10:c000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f11::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f11:4000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f11:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f11:c000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f12::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f12:4000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f12:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f12:c000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f13::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f13:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f14::", 34, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f14:4000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f14:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f14:c000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f15::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f15:4000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f15:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f16::", 34, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f16:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f16:c000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f17:4000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f17:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f18::", 33, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f18:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f18:c000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f19:4000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f19:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f1a:4000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f1a:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f1a:c000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f1b:4000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f1b:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f1c::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f1c:4000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f1c:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f1c:c000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f1d:4000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f1d:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f1e::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f1e:4000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f1e:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f1e:c000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f1f::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f1f:4000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f1f:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f20:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f20:c000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f21::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f21:4000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f21:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f21:c000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f22::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f22:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f22:c000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f23::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f23:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f24::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f24:4000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f24:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f24:c000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f25::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f25:4000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f25:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f26::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f26:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f26:c000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f27:4000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f27:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f28::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f28:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f28:c000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f29:4000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f29:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f2a:4000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f2a:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f2a:c000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f2b:4000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f2b:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f2c::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f2c:4000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f2c:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f2c:c000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f2d:4000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f2d:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f2e::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f2e:4000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f2e:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f2e:c000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f2f:4000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f2f:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f30:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f30:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f30:4000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f30:5000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f30:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f30:7400::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f30:8000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f30:a400::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f30:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f30:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f30:ec00::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f32:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f32:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f32:4000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f32:5000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f32:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f32:7400::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f32:8000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f32:a400::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f32:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f32:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f32:ec00::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f36:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f36:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f36:4000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f36:5000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f36:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f36:7400::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f36:8000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f36:a400::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f36:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f36:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f36:ec00::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f38:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f38:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f38:4000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f38:5000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f38:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f38:7400::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f38:8000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f38:a400::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f38:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f38:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f38:ec00::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f60:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f60:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f60:4000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f60:5000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f60:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f60:7400::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f60:8000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f60:a400::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f60:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f60:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f61:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f61:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f61:4000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f61:5000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f61:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f61:7400::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f61:8000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f61:a400::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f61:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f61:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f61:ec00::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f70:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f70:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f70:4000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f70:5000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f70:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f70:7400::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f70:8000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f70:a400::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f70:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f70:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1f70:ec00::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fb8:8000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fb9:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fb9:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fb9:4000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fb9:5000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fb9:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fb9:7400::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fb9:8000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fb9:a400::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fb9:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fb9:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fb9:ec00::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fbb:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fbb:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fbb:4000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fbb:5000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fbb:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fbb:7400::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fbb:8000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fbb:a400::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fbb:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fbb:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fbb:ec00::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fef:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fef:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fef:4000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fef:5000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fef:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fef:7400::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fef:8000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fef:a400::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fef:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fef:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fef:ec00::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff0:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff0:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff0:4000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff0:5000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff0:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff0:7400::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff0:8000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff0:a400::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff0:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff0:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff0:ec00::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff1:4000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff1:8000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff2:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff2:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff2:4000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff2:5000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff2:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff2:7400::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff2:8000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff2:a400::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff2:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff2:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff2:ec00::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff3:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff3:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff3:4000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff3:5000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff3:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff3:7400::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff3:8000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff3:a400::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff3:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff3:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff3:ec00::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff4:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff4:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff4:4000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff4:5000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff4:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff4:7400::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff4:8000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff4:a400::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff4:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff4:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff4:ec00::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff5:8000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff6:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff6:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff6:4000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff6:5000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff6:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff6:7400::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff6:8000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff6:a400::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff6:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff6:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ff6:ec00::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:1020::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:1040::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:1080::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:10c0::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:4000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:5000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:7400::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:8010::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:8020::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:803f::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:8040::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:8050::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:8060::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:8066::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:807b::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:807f::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:8080::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:8090::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:80a0::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:80a7::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:80c0::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:80c8::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:80cb::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:80d0::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:80e0::", 47, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:80f0::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:812f::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:8143::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:8149::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:8165::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:816c::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:8188::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:818f::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:8190::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:819f::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:81a7::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:81c2::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:8285::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:82be::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:831b::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:833b::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:838e::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:83ad::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:83d2::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:8422::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:8492::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:84af::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:84bd::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:8508::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:85b2::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:85c0::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:85e8::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:a400::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1ffd:ec00::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fff:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fff:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fff:2c00::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fff:3000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fff:4000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fff:5000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fff:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fff:7400::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fff:8000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fff:a400::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fff:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fff:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:1fff:ec00::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:9000:5200::", 44, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:9000:5210::", 46, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f000:8000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f001::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f001:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f002::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f002:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f002:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f003:a200::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f004::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f004:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f004:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f004:a000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f005:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f007::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f00c::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f00c:8000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f00d::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f00d:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f00e::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f00e:400::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f00e:600::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f00f::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f00f:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f00f:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f00f:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:0:100::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:0:200::", 59, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:0:300::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:1:a00::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:1:f00::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:1:1000::", 55, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:1:1300::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:1:1400::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:1:1600::", 55, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:1:1800::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:1:1a00::", 55, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:1:1c00::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:1:1e00::", 55, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:1:2000::", 55, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:1:2200::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:1:fd00::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:1:fe00::", 55, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:2::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:4::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:8::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:a::", 47, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:10::", 47, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:30::", 44, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:40::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:60::", 44, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:80::", 45, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:90:1400::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:90:2600::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:91::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:a0::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:300:100::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:30e::", 47, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:500::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:600::", 54, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:720::", 47, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:730::", 47, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:e00::", 45, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:f00::", 54, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:f00:400::", 55, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:1000::", 44, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:1100::", 44, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:1110::", 45, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:1118::", 47, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:111a::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:111c::", 47, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:111f::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:1120::", 45, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:1128::", 47, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:11fe::", 47, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:4000::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:4100::", 44, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:4110::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:4140::", 47, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:4144::", 47, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:5400::", 47, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:5402::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:5500::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:5502::", 47, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:5510::", 44, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:5520::", 43, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:6000::", 43, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:6100::", 43, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:6120::", 47, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:6122::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:c000::", 46, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:c004::", 47, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:c040::", 45, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f0:c048::", 47, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f1:8801::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f1:8802::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f1:8a00::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f1:8b00::", 47, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f1:8b02::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f2:7010::", 45, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f2:7018::", 46, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f2:7100::", 45, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f2:7108::", 46, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f2:7140::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0f2:7148::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0fb:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0fb:e000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0fb:f020::", 45, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0fb:f028::", 47, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0fb:f100::", 44, NDPI_PROTOCOL_AWS_EC2 },
+ { "2600:f0fb:f110::", 47, NDPI_PROTOCOL_AWS_EC2 },
+ { "2602:f7db::", 44, NDPI_PROTOCOL_AWS_EC2 },
+ { "2605:9cc0:1ff0::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2605:9cc0:1ff0:400::", 54, NDPI_PROTOCOL_AWS_EC2 },
+ { "2605:9cc0:1ff0:800::", 55, NDPI_PROTOCOL_AWS_EC2 },
+ { "2605:9cc0:1ff0:1000::", 52, NDPI_PROTOCOL_AWS_EC2 },
+ { "2605:9cc0:1ff0:2300::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2605:9cc0:1ff0:2800::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2605:9cc0:1ff0:2d00::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2605:9cc0:1ff0:3c00::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2605:9cc0:1ff0:4000::", 54, NDPI_PROTOCOL_AWS_EC2 },
+ { "2605:9cc0:1ff0:7200::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2605:9cc0:1ff0:8000::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2605:9cc0:1ff0:8200::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2605:9cc0:1ff0:f800::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2605:9cc0:1fff:fc00::", 54, NDPI_PROTOCOL_AWS_EC2 },
+ { "2605:b140:1000::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:400::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:a00::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:1000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:1400::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:1800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:2100::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:2200::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:2400::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:2800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:2a00::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:3200::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:3e00::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:4400::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:5800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:6100::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:8000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:8400::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:8800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:8a00::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:9000::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:9400::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:9800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:a100::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:a200::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:a400::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:a800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:aa00::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:b200::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:be00::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:c400::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:d800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:e100::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:ffd2::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:ffd4::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:ffe0::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:ffe2::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:ffe4::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:ffe6::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:ffe8::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:ffeb::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:ffed::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:ffef::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:fff0::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:fff2::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:fff6::", 47, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:f40:fff8::", 45, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:9fc::", 47, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:a3e:200::", 60, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:a3e:270::", 60, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:a3e:280::", 60, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1000:2000::", 55, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1000:2270::", 60, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1000:3000::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1000:7000::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1000:7200::", 59, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1000:7220::", 60, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1000:7240::", 60, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1000:7270::", 60, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1000:7280::", 60, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1000:72d0::", 60, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1000:72e0::", 60, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1000:8000::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1042::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1042:3200::", 60, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:10f8::", 46, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:10ff:7000::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:10ff:7270::", 60, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:10ff:8000::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:10ff:9000::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:10ff:a000::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:10ff:a200::", 58, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:10ff:a240::", 59, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:10ff:a270::", 60, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:10ff:a280::", 59, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:10ff:a2d0::", 60, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:10ff:a2e0::", 60, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:10ff:b000::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:10ff:c000::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:10ff:d000::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:10ff:d200::", 58, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:10ff:d240::", 59, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:10ff:d270::", 60, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:10ff:d280::", 59, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:10ff:d2d0::", 60, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:10ff:d2f0::", 60, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:10ff:e000::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:10ff:e270::", 60, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:10ff:f000::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:10ff:f270::", 60, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:10ff:ff00::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1800::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1a2f:c200::", 60, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1a2f:c310::", 60, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1a2f:c320::", 60, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1a3f:c200::", 60, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1a3f:c310::", 60, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1a3f:c320::", 60, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1a4f:c200::", 60, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1a4f:c310::", 60, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1a4f:c320::", 60, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1b00:500::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1b00:600::", 55, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1b05:c000::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1b06:8000::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1b06:c000::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1b07:4000::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1b08::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1b09::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1b0c::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1b0c:4000::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1b0c:c000::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1b0d::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1b0d:4000::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1b0d:8000::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1b0d:c000::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1b0e::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1b0e:4000::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1b0f::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1b0f:4000::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1b0f:8000::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1b0f:c000::", 55, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1b0f:c200::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1b0f:ef00::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1b0f:f000::", 54, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1b0f:f400::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1b0f:f800::", 55, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1b0f:fa00::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1b0f:fd00::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:1f00::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:f000:1500::", 56, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:7b40:f000:1600::", 55, NDPI_PROTOCOL_AWS_EC2 },
+ { "2606:8140:400::", 39, NDPI_PROTOCOL_AWS_EC2 },
+ { "2620:107:3002::", 64, NDPI_PROTOCOL_AWS_EC2 },
+ { "2620:107:300f::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2620:107:4002::", 47, NDPI_PROTOCOL_AWS_EC2 },
+ { "2620:107:4004::", 47, NDPI_PROTOCOL_AWS_EC2 },
+ { "2620:107:4007::", 64, NDPI_PROTOCOL_AWS_EC2 },
+ { "2620:108:700f::", 64, NDPI_PROTOCOL_AWS_EC2 },
+ { "2620:108:d00f::", 64, NDPI_PROTOCOL_AWS_EC2 },
+ { "2631::", 47, NDPI_PROTOCOL_AWS_EC2 },
+ { "2631:1:4ff0::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2804:800:ff00::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a01:578:3::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a01:578:13::", 48, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d000:800::", 64, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d000:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d000:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d000:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d000:5000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d000:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d000:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d000:9000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d000:a000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d000:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d000:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d010:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d011::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d012::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d014::", 35, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d015::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d016::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d017::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d018::", 35, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d019::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d01a::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d01b::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d01c::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d01d::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d01e::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d01f::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d020:8000::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d021::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d022::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d024::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d025::", 35, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d026::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d027::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d028::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d029::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d02a::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d02b::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d02c::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d02d::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d02e::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d02f::", 36, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d030:800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d030:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d030:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d030:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d030:5000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d030:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d030:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d030:9000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d030:a000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d030:b000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d030:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d030:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d031:800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d031:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d031:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d031:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d031:5000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d031:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d031:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d031:9000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d031:a000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d031:b000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d031:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d031:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d032:800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d032:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d032:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d032:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d032:5000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d032:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d032:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d032:9000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d032:a000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d032:b000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d032:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d032:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d036:800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d036:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d036:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d036:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d036:5000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d036:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d036:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d036:9000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d036:a000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d036:b000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d036:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d036:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d038:800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d038:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d038:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d038:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d038:5000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d038:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d038:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d038:9000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d038:a000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d038:b000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d038:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d038:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d03a:800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d03a:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d03a:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d03a:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d03a:5000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d03a:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d03a:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d03a:9000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d03a:a000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d03a:b000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d03a:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d03a:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d040:800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d040:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d040:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d040:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d040:5000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d040:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d040:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d040:9000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d040:a000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d040:b000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d040:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d040:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d059:800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d059:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d059:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d059:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d059:5000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d059:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d059:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d059:9000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d059:a000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d059:b000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d059:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d059:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d05b:800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d05b:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d05b:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d05b:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d05b:5000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d05b:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d05b:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d05b:9000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d05b:a000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d05b:b000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d05b:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d05b:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d06f:800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d06f:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d06f:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d06f:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d06f:5000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d06f:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d06f:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d06f:9000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d06f:a000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d06f:b000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d06f:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d06f:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d070:800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d070:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d070:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d070:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d070:5000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d070:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d070:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d070:9000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d070:a000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d070:b000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d070:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d070:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d072:800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d072:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d072:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d072:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d072:5000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d072:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d072:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d072:9000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d072:a000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d072:b000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d072:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d072:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d073:800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d073:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d073:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d073:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d073:5000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d073:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d073:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d073:9000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d073:a000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d073:b000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d073:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d073:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d074:800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d074:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d074:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d074:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d074:5000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d074:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d074:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d074:9000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d074:a000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d074:b000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d074:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d074:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d076:800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d076:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d076:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d076:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d076:5000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d076:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d076:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d076:9000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d076:a000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d076:b000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d076:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d076:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d07d:800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d07d:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d07d:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d07d:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d07d:5000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d07d:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d07d:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d07d:9000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d07d:a000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d07d:b000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d07d:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d07d:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d07f:800::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d07f:1000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d07f:2000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d07f:4000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d07f:5000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d07f:6000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d07f:8000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d07f:9000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d07f:a000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d07f:b000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d07f:c000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d07f:e000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ { "2a05:d07f:f000::", 40, NDPI_PROTOCOL_AWS_EC2 },
+ /* End */
+ { NULL, 0, 0 }
+};
diff --git a/src/lib/inc_generated/ndpi_amazon_aws_kinesis_match.c.inc b/src/lib/inc_generated/ndpi_amazon_aws_kinesis_match.c.inc
new file mode 100644
index 000000000..e17232078
--- /dev/null
+++ b/src/lib/inc_generated/ndpi_amazon_aws_kinesis_match.c.inc
@@ -0,0 +1,98 @@
+/*
+ *
+ * This file is generated automatically and part of nDPI
+ *
+ * nDPI is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * nDPI is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with nDPI. If not, see .
+ *
+ */
+
+/* ****************************************************** */
+
+
+static ndpi_network ndpi_protocol_aws_kinesis_protocol_list[] = {
+ { 0x031E2854 /* 3.30.40.84/30 */, 30, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x036B1EB4 /* 3.107.30.180/31 */, 31, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x036B1EB8 /* 3.107.30.184/30 */, 30, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x03922A4A /* 3.146.42.74/31 */, 31, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x03922A50 /* 3.146.42.80/30 */, 30, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x0DC88E74 /* 13.200.142.116/31 */, 31, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x0DC9C340 /* 13.201.195.64/30 */, 30, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x0DF74C60 /* 13.247.76.96/31 */, 31, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x0DF74C64 /* 13.247.76.100/30 */, 30, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x0F9DA786 /* 15.157.167.134/31 */, 31, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x0F9DA788 /* 15.157.167.136/30 */, 30, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x0FBCD2CE /* 15.188.210.206/31 */, 31, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x0FE5CEE0 /* 15.229.206.224/31 */, 31, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x0FE5CEE4 /* 15.229.206.228/30 */, 30, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x0FEDA228 /* 15.237.162.40/30 */, 30, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x10185B46 /* 16.24.91.70/31 */, 31, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x10185B70 /* 16.24.91.112/30 */, 30, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x10185B74 /* 16.24.91.116/31 */, 31, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x10185B78 /* 16.24.91.120/30 */, 30, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x12655A38 /* 18.101.90.56/29 */, 29, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x1299B88E /* 18.153.184.142/31 */, 31, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x1299B894 /* 18.153.184.148/30 */, 30, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x12AB23D6 /* 18.171.35.214/31 */, 31, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x12AB3F24 /* 18.171.63.36/30 */, 30, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x12F6E0C8 /* 18.246.224.200/29 */, 29, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x12F6E0D0 /* 18.246.224.208/28 */, 28, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x12F6E0E0 /* 18.246.224.224/28 */, 28, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x12F6E0F0 /* 18.246.224.240/29 */, 29, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x12F6E0F8 /* 18.246.224.248/31 */, 31, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x12F6E0FC /* 18.246.224.252/30 */, 30, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x12FCA58C /* 18.252.165.140/30 */, 30, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x2348248C /* 35.72.36.140/30 */, 30, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x23482490 /* 35.72.36.144/29 */, 29, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x235DAF04 /* 35.93.175.4/31 */, 31, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x235DAF08 /* 35.93.175.8/30 */, 30, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x2BC41804 /* 43.196.24.4/31 */, 31, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x2BC41808 /* 43.196.24.8/30 */, 30, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x2BC71A7C /* 43.199.26.124/31 */, 31, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x2BC71A80 /* 43.199.26.128/30 */, 30, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x2BCAD584 /* 43.202.213.132/31 */, 31, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x2BCAD588 /* 43.202.213.136/30 */, 30, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x2BD85738 /* 43.216.87.56/29 */, 29, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x2BD8E2B0 /* 43.216.226.176/30 */, 30, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x2CDCBD10 /* 44.220.189.16/31 */, 31, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x2CDCBD14 /* 44.220.189.20/30 */, 30, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x2CDCBD2C /* 44.220.189.44/30 */, 30, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x2CDCBD30 /* 44.220.189.48/28 */, 28, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x2CDCBD40 /* 44.220.189.64/28 */, 28, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x2CDCBD50 /* 44.220.189.80/29 */, 29, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x2CDCBD58 /* 44.220.189.88/30 */, 30, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x2CDCBD5C /* 44.220.189.92/31 */, 31, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x2CDCBD60 /* 44.220.189.96/30 */, 30, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x2CF28FB4 /* 44.242.143.180/31 */, 31, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x2CF28FE0 /* 44.242.143.224/30 */, 30, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x2CF28FF2 /* 44.242.143.242/31 */, 31, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x2CF28FF4 /* 44.242.143.244/30 */, 30, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x2CF28FF8 /* 44.242.143.248/29 */, 29, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x2CF2A100 /* 44.242.161.0/28 */, 28, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x2CF2A110 /* 44.242.161.16/31 */, 31, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x2CF2A114 /* 44.242.161.20/30 */, 30, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x2F805266 /* 47.128.82.102/31 */, 31, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x2F811784 /* 47.129.23.132/30 */, 30, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x33300D20 /* 51.48.13.32/30 */, 30, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x36F7F386 /* 54.247.243.134/31 */, 31, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x36F7F388 /* 54.247.243.136/30 */, 30, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x39B58EE0 /* 57.181.142.224/31 */, 31, NDPI_PROTOCOL_AWS_KINESIS },
+ { 0x39B58EE4 /* 57.181.142.228/30 */, 30, NDPI_PROTOCOL_AWS_KINESIS },
+ /* End */
+ { 0x0, 0, 0 }
+};
+
+static ndpi_network6 ndpi_protocol_aws_kinesis_protocol_list_6[] = {
+ /* End */
+ { NULL, 0, 0 }
+};
diff --git a/src/lib/inc_generated/ndpi_amazon_aws_match.c.inc b/src/lib/inc_generated/ndpi_amazon_aws_match.c.inc
index d85531fd9..a29fbd5a2 100644
--- a/src/lib/inc_generated/ndpi_amazon_aws_match.c.inc
+++ b/src/lib/inc_generated/ndpi_amazon_aws_match.c.inc
@@ -26,12 +26,14 @@ static ndpi_network ndpi_protocol_amazon_aws_protocol_list[] = {
{ 0x01B20800 /* 1.178.8.0/22 */, 22, NDPI_PROTOCOL_AMAZON_AWS },
{ 0x01B24000 /* 1.178.64.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS },
{ 0x01B24800 /* 1.178.72.0/21 */, 21, NDPI_PROTOCOL_AMAZON_AWS },
+ { 0x01B25800 /* 1.178.88.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS },
{ 0x03000000 /* 3.0.0.0/15 */, 15, NDPI_PROTOCOL_AMAZON_AWS },
{ 0x03020000 /* 3.2.0.0/22 */, 22, NDPI_PROTOCOL_AMAZON_AWS },
{ 0x03020400 /* 3.2.4.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS },
{ 0x03020800 /* 3.2.8.0/21 */, 21, NDPI_PROTOCOL_AMAZON_AWS },
{ 0x03023000 /* 3.2.48.0/21 */, 21, NDPI_PROTOCOL_AMAZON_AWS },
{ 0x03023800 /* 3.2.56.0/22 */, 22, NDPI_PROTOCOL_AMAZON_AWS },
+ { 0x03023C00 /* 3.2.60.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS },
{ 0x03024000 /* 3.2.64.0/19 */, 19, NDPI_PROTOCOL_AMAZON_AWS },
{ 0x03026000 /* 3.2.96.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS },
{ 0x03026200 /* 3.2.98.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS },
@@ -462,8 +464,7 @@ static ndpi_network ndpi_protocol_amazon_aws_protocol_list[] = {
{ 0x12588000 /* 18.88.128.0/18 */, 18, NDPI_PROTOCOL_AMAZON_AWS },
{ 0x12590000 /* 18.89.0.0/18 */, 18, NDPI_PROTOCOL_AMAZON_AWS },
{ 0x12598000 /* 18.89.128.0/18 */, 18, NDPI_PROTOCOL_AMAZON_AWS },
- { 0x12600000 /* 18.96.0.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS },
- { 0x12600200 /* 18.96.2.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS },
+ { 0x12600000 /* 18.96.0.0/22 */, 22, NDPI_PROTOCOL_AMAZON_AWS },
{ 0x12600800 /* 18.96.8.0/21 */, 21, NDPI_PROTOCOL_AMAZON_AWS },
{ 0x12601000 /* 18.96.16.0/20 */, 20, NDPI_PROTOCOL_AMAZON_AWS },
{ 0x12602000 /* 18.96.32.0/19 */, 19, NDPI_PROTOCOL_AMAZON_AWS },
@@ -502,7 +503,7 @@ static ndpi_network ndpi_protocol_amazon_aws_protocol_list[] = {
{ 0x17E4C000 /* 23.228.192.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS },
{ 0x17E4C200 /* 23.228.194.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS },
{ 0x17E4C400 /* 23.228.196.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS },
- { 0x17E4CA00 /* 23.228.202.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS },
+ { 0x17E4C600 /* 23.228.198.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS },
{ 0x17FE0000 /* 23.254.0.0/20 */, 20, NDPI_PROTOCOL_AMAZON_AWS },
{ 0x17FE1000 /* 23.254.16.0/21 */, 21, NDPI_PROTOCOL_AMAZON_AWS },
{ 0x17FE1800 /* 23.254.24.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS },
@@ -559,7 +560,9 @@ static ndpi_network ndpi_protocol_amazon_aws_protocol_list[] = {
{ 0x23600C00 /* 35.96.12.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS },
{ 0x23600E00 /* 35.96.14.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS },
{ 0x23601000 /* 35.96.16.0/20 */, 20, NDPI_PROTOCOL_AMAZON_AWS },
- { 0x23602000 /* 35.96.32.0/19 */, 19, NDPI_PROTOCOL_AMAZON_AWS },
+ { 0x23602000 /* 35.96.32.0/20 */, 20, NDPI_PROTOCOL_AMAZON_AWS },
+ { 0x23603000 /* 35.96.48.0/22 */, 22, NDPI_PROTOCOL_AMAZON_AWS },
+ { 0x23603400 /* 35.96.52.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS },
{ 0x23604000 /* 35.96.64.0/18 */, 18, NDPI_PROTOCOL_AMAZON_AWS },
{ 0x23608000 /* 35.96.128.0/19 */, 19, NDPI_PROTOCOL_AMAZON_AWS },
{ 0x2360F000 /* 35.96.240.0/22 */, 22, NDPI_PROTOCOL_AMAZON_AWS },
@@ -572,6 +575,7 @@ static ndpi_network ndpi_protocol_amazon_aws_protocol_list[] = {
{ 0x23B00000 /* 35.176.0.0/13 */, 13, NDPI_PROTOCOL_AMAZON_AWS },
{ 0x2467E800 /* 36.103.232.0/25 */, 25, NDPI_PROTOCOL_AMAZON_AWS },
{ 0x2467E880 /* 36.103.232.128/26 */, 26, NDPI_PROTOCOL_AMAZON_AWS },
+ { 0x25CB9D00 /* 37.203.157.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS },
{ 0x28260000 /* 40.38.0.0/15 */, 15, NDPI_PROTOCOL_AMAZON_AWS },
{ 0x28A40000 /* 40.164.0.0/14 */, 14, NDPI_PROTOCOL_AMAZON_AWS },
{ 0x28AC0000 /* 40.172.0.0/14 */, 14, NDPI_PROTOCOL_AMAZON_AWS },
@@ -1200,7 +1204,8 @@ static ndpi_network ndpi_protocol_amazon_aws_protocol_list[] = {
{ 0x456B0780 /* 69.107.7.128/28 */, 28, NDPI_PROTOCOL_AMAZON_AWS },
{ 0x456B0980 /* 69.107.9.128/28 */, 28, NDPI_PROTOCOL_AMAZON_AWS },
{ 0x456B09B0 /* 69.107.9.176/28 */, 28, NDPI_PROTOCOL_AMAZON_AWS },
- { 0x456B09C0 /* 69.107.9.192/27 */, 27, NDPI_PROTOCOL_AMAZON_AWS },
+ { 0x456B09C0 /* 69.107.9.192/26 */, 26, NDPI_PROTOCOL_AMAZON_AWS },
+ { 0x456B0A00 /* 69.107.10.0/28 */, 28, NDPI_PROTOCOL_AMAZON_AWS },
{ 0x45E6C000 /* 69.230.192.0/18 */, 18, NDPI_PROTOCOL_AMAZON_AWS },
{ 0x45E78000 /* 69.231.128.0/18 */, 18, NDPI_PROTOCOL_AMAZON_AWS },
{ 0x45EAC000 /* 69.234.192.0/18 */, 18, NDPI_PROTOCOL_AMAZON_AWS },
@@ -1480,8 +1485,7 @@ static ndpi_network ndpi_protocol_amazon_aws_protocol_list[] = {
{ 0x96DEF57A /* 150.222.245.122/31 */, 31, NDPI_PROTOCOL_AMAZON_AWS },
{ 0x96DEFCF4 /* 150.222.252.244/30 */, 30, NDPI_PROTOCOL_AMAZON_AWS },
{ 0x96DEFCF8 /* 150.222.252.248/30 */, 30, NDPI_PROTOCOL_AMAZON_AWS },
- { 0x96F72000 /* 150.247.32.0/22 */, 22, NDPI_PROTOCOL_AMAZON_AWS },
- { 0x96F72400 /* 150.247.36.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS },
+ { 0x96F72000 /* 150.247.32.0/21 */, 21, NDPI_PROTOCOL_AMAZON_AWS },
{ 0x97940800 /* 151.148.8.0/21 */, 21, NDPI_PROTOCOL_AMAZON_AWS },
{ 0x97941000 /* 151.148.16.0/30 */, 30, NDPI_PROTOCOL_AMAZON_AWS },
{ 0x97941004 /* 151.148.16.4/31 */, 31, NDPI_PROTOCOL_AMAZON_AWS },
@@ -1570,6 +1574,7 @@ static ndpi_network ndpi_protocol_amazon_aws_protocol_list[] = {
{ 0xC6630200 /* 198.99.2.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS },
{ 0xC709F800 /* 199.9.248.0/21 */, 21, NDPI_PROTOCOL_AMAZON_AWS },
{ 0xC77FE800 /* 199.127.232.0/22 */, 22, NDPI_PROTOCOL_AMAZON_AWS },
+ { 0xCAAE8400 /* 202.174.132.0/22 */, 22, NDPI_PROTOCOL_AMAZON_AWS },
{ 0xCB53DC00 /* 203.83.220.0/22 */, 22, NDPI_PROTOCOL_AMAZON_AWS },
{ 0xCC57B900 /* 204.87.185.0/24 */, 24, NDPI_PROTOCOL_AMAZON_AWS },
{ 0xCCEC8000 /* 204.236.128.0/17 */, 17, NDPI_PROTOCOL_AMAZON_AWS },
@@ -1594,6 +1599,7 @@ static ndpi_network ndpi_protocol_amazon_aws_protocol_list[] = {
{ 0xD827A000 /* 216.39.160.0/20 */, 20, NDPI_PROTOCOL_AMAZON_AWS },
{ 0xD8892000 /* 216.137.32.0/19 */, 19, NDPI_PROTOCOL_AMAZON_AWS },
{ 0xD8B6E000 /* 216.182.224.0/20 */, 20, NDPI_PROTOCOL_AMAZON_AWS },
+ { 0xD8C6C000 /* 216.198.192.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS },
{ 0xD8D80000 /* 216.216.0.0/15 */, 15, NDPI_PROTOCOL_AMAZON_AWS },
{ 0xD8F40000 /* 216.244.0.0/21 */, 21, NDPI_PROTOCOL_AMAZON_AWS },
{ 0xD8F40800 /* 216.244.8.0/23 */, 23, NDPI_PROTOCOL_AMAZON_AWS },
@@ -1661,8 +1667,10 @@ static ndpi_network6 ndpi_protocol_amazon_aws_protocol_list_6[] = {
{ "2400:7fc0:6000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2400:7fc0:8000::", 36, NDPI_PROTOCOL_AMAZON_AWS },
{ "2400:7fc0:a000::", 36, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2400:7fc0:bb00::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2400:7fc0:c000::", 36, NDPI_PROTOCOL_AMAZON_AWS },
{ "2400:7fc0:ef00::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2400:7fc0:fd00::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2403:b300:ff00::", 48, NDPI_PROTOCOL_AMAZON_AWS },
{ "2404:c2c0::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2404:c2c0:200::", 40, NDPI_PROTOCOL_AMAZON_AWS },
@@ -1681,8 +1689,10 @@ static ndpi_network6 ndpi_protocol_amazon_aws_protocol_list_6[] = {
{ "2404:c2c0:4100::", 48, NDPI_PROTOCOL_AMAZON_AWS },
{ "2404:c2c0:6000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2404:c2c0:8000::", 36, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2404:c2c0:bb00::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2404:c2c0:c000::", 36, NDPI_PROTOCOL_AMAZON_AWS },
{ "2404:c2c0:ef00::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2404:c2c0:fd00::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2406:da00:800::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2406:da00:1000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2406:da00:2000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
@@ -1710,13 +1720,13 @@ static ndpi_network6 ndpi_protocol_amazon_aws_protocol_list_6[] = {
{ "2406:da15::", 36, NDPI_PROTOCOL_AMAZON_AWS },
{ "2406:da16::", 36, NDPI_PROTOCOL_AMAZON_AWS },
{ "2406:da17::", 36, NDPI_PROTOCOL_AMAZON_AWS },
- { "2406:da18::", 36, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2406:da18::", 35, NDPI_PROTOCOL_AMAZON_AWS },
{ "2406:da18:8000::", 36, NDPI_PROTOCOL_AMAZON_AWS },
{ "2406:da19::", 36, NDPI_PROTOCOL_AMAZON_AWS },
{ "2406:da1a::", 36, NDPI_PROTOCOL_AMAZON_AWS },
{ "2406:da1a:8000::", 36, NDPI_PROTOCOL_AMAZON_AWS },
{ "2406:da1b::", 36, NDPI_PROTOCOL_AMAZON_AWS },
- { "2406:da1c::", 36, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2406:da1c::", 35, NDPI_PROTOCOL_AMAZON_AWS },
{ "2406:da1c:8000::", 36, NDPI_PROTOCOL_AMAZON_AWS },
{ "2406:da1d::", 36, NDPI_PROTOCOL_AMAZON_AWS },
{ "2406:da1e::", 32, NDPI_PROTOCOL_AMAZON_AWS },
@@ -1896,6 +1906,23 @@ static ndpi_network6 ndpi_protocol_amazon_aws_protocol_list_6[] = {
{ "2406:dab9:c800::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2406:dab9:e000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2406:dab9:f000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2406:dabb:800::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2406:dabb:1000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2406:dabb:2000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2406:dabb:2800::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2406:dabb:4000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2406:dabb:4800::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2406:dabb:6000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2406:dabb:7000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2406:dabb:8000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2406:dabb:8800::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2406:dabb:9000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2406:dabb:a000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2406:dabb:b000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2406:dabb:c000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2406:dabb:c800::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2406:dabb:e000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2406:dabb:f000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2406:daef:800::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2406:daef:1000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2406:daef:2000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
@@ -2053,6 +2080,23 @@ static ndpi_network6 ndpi_protocol_amazon_aws_protocol_list_6[] = {
{ "2406:dafc:ff60::", 46, NDPI_PROTOCOL_AMAZON_AWS },
{ "2406:dafc:ff80::", 46, NDPI_PROTOCOL_AMAZON_AWS },
{ "2406:dafc:ffa0::", 46, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2406:dafd:800::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2406:dafd:1000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2406:dafd:2000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2406:dafd:2800::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2406:dafd:4000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2406:dafd:4800::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2406:dafd:6000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2406:dafd:7000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2406:dafd:8000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2406:dafd:8800::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2406:dafd:9000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2406:dafd:a000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2406:dafd:b000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2406:dafd:c000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2406:dafd:c800::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2406:dafd:e000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2406:dafd:f000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2406:dafe:800::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2406:dafe:1000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2406:dafe:2000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
@@ -2141,7 +2185,7 @@ static ndpi_network6 ndpi_protocol_amazon_aws_protocol_list_6[] = {
{ "2600:1f01:48e0::", 46, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1f01:48f0::", 46, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1f01:4904::", 46, NDPI_PROTOCOL_AMAZON_AWS },
- { "2600:1f01:4908::", 46, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1f01:4908::", 45, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1f10:4000::", 36, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1f10:8000::", 36, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1f10:c000::", 36, NDPI_PROTOCOL_AMAZON_AWS },
@@ -2245,6 +2289,7 @@ static ndpi_network6 ndpi_protocol_amazon_aws_protocol_list_6[] = {
{ "2600:1f30:a400::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1f30:c000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1f30:e000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1f30:ec00::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1f32:1000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1f32:2000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1f32:4000::", 39, NDPI_PROTOCOL_AMAZON_AWS },
@@ -2255,6 +2300,7 @@ static ndpi_network6 ndpi_protocol_amazon_aws_protocol_list_6[] = {
{ "2600:1f32:a400::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1f32:c000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1f32:e000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1f32:ec00::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1f36:1000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1f36:2000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1f36:4000::", 39, NDPI_PROTOCOL_AMAZON_AWS },
@@ -2265,6 +2311,7 @@ static ndpi_network6 ndpi_protocol_amazon_aws_protocol_list_6[] = {
{ "2600:1f36:a400::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1f36:c000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1f36:e000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1f36:ec00::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1f38:1000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1f38:2000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1f38:4000::", 39, NDPI_PROTOCOL_AMAZON_AWS },
@@ -2275,6 +2322,7 @@ static ndpi_network6 ndpi_protocol_amazon_aws_protocol_list_6[] = {
{ "2600:1f38:a400::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1f38:c000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1f38:e000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1f38:ec00::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1f60:1000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1f60:2000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1f60:4000::", 39, NDPI_PROTOCOL_AMAZON_AWS },
@@ -2295,6 +2343,7 @@ static ndpi_network6 ndpi_protocol_amazon_aws_protocol_list_6[] = {
{ "2600:1f61:a400::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1f61:c000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1f61:e000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1f61:ec00::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1f70:1000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1f70:2000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1f70:4000::", 39, NDPI_PROTOCOL_AMAZON_AWS },
@@ -2305,6 +2354,7 @@ static ndpi_network6 ndpi_protocol_amazon_aws_protocol_list_6[] = {
{ "2600:1f70:a400::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1f70:c000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1f70:e000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1f70:ec00::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1fa0:1000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1fa0:2000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1fa0:2c00::", 40, NDPI_PROTOCOL_AMAZON_AWS },
@@ -2316,6 +2366,7 @@ static ndpi_network6 ndpi_protocol_amazon_aws_protocol_list_6[] = {
{ "2600:1fa0:a400::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1fa0:c000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1fa0:e000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1fa0:ec00::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1fb8:8000::", 39, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1fb9:1000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1fb9:2000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
@@ -2327,6 +2378,18 @@ static ndpi_network6 ndpi_protocol_amazon_aws_protocol_list_6[] = {
{ "2600:1fb9:a400::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1fb9:c000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1fb9:e000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1fb9:ec00::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1fbb:1000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1fbb:2000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1fbb:4000::", 39, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1fbb:5000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1fbb:6000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1fbb:7400::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1fbb:8000::", 39, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1fbb:a400::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1fbb:c000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1fbb:e000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1fbb:ec00::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1fef:1000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1fef:2000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1fef:4000::", 39, NDPI_PROTOCOL_AMAZON_AWS },
@@ -2337,6 +2400,7 @@ static ndpi_network6 ndpi_protocol_amazon_aws_protocol_list_6[] = {
{ "2600:1fef:a400::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1fef:c000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1fef:e000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1fef:ec00::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ff0:1000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ff0:2000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ff0:4000::", 39, NDPI_PROTOCOL_AMAZON_AWS },
@@ -2347,6 +2411,7 @@ static ndpi_network6 ndpi_protocol_amazon_aws_protocol_list_6[] = {
{ "2600:1ff0:a400::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ff0:c000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ff0:e000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1ff0:ec00::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ff1:4000::", 39, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ff1:8000::", 39, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ff2:1000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
@@ -2359,6 +2424,7 @@ static ndpi_network6 ndpi_protocol_amazon_aws_protocol_list_6[] = {
{ "2600:1ff2:a400::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ff2:c000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ff2:e000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1ff2:ec00::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ff3:1000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ff3:2000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ff3:4000::", 39, NDPI_PROTOCOL_AMAZON_AWS },
@@ -2369,6 +2435,7 @@ static ndpi_network6 ndpi_protocol_amazon_aws_protocol_list_6[] = {
{ "2600:1ff3:a400::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ff3:c000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ff3:e000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1ff3:ec00::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ff4:1000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ff4:2000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ff4:4000::", 39, NDPI_PROTOCOL_AMAZON_AWS },
@@ -2379,6 +2446,7 @@ static ndpi_network6 ndpi_protocol_amazon_aws_protocol_list_6[] = {
{ "2600:1ff4:a400::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ff4:c000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ff4:e000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1ff4:ec00::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ff5:8000::", 39, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ff6:1000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ff6:2000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
@@ -2390,6 +2458,7 @@ static ndpi_network6 ndpi_protocol_amazon_aws_protocol_list_6[] = {
{ "2600:1ff6:a400::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ff6:c000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ff6:e000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1ff6:ec00::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ff8:1000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ff8:2000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ff8:4000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
@@ -2409,6 +2478,7 @@ static ndpi_network6 ndpi_protocol_amazon_aws_protocol_list_6[] = {
{ "2600:1ff9:a400::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ff9:c000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ff9:e000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1ff9:ec00::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ffa:1000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ffa:2000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ffa:4000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
@@ -2427,15 +2497,33 @@ static ndpi_network6 ndpi_protocol_amazon_aws_protocol_list_6[] = {
{ "2600:1ffc:a400::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ffc:c000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ffc:e000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1ffd:1020::", 48, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1ffd:1040::", 48, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1ffd:1080::", 48, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1ffd:10c0::", 48, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1ffd:2000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1ffd:4000::", 39, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1ffd:5000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1ffd:6000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1ffd:7400::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1ffd:8010::", 48, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1ffd:8020::", 48, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ffd:803f::", 48, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1ffd:8040::", 48, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1ffd:8050::", 48, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1ffd:8060::", 48, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ffd:8066::", 48, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ffd:807b::", 48, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ffd:807f::", 48, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1ffd:8080::", 48, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1ffd:8090::", 48, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1ffd:80a0::", 48, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ffd:80a7::", 48, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1ffd:80c0::", 48, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ffd:80c8::", 48, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ffd:80cb::", 48, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ffd:80d0::", 48, NDPI_PROTOCOL_AMAZON_AWS },
- { "2600:1ffd:80e1::", 48, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1ffd:80e0::", 47, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ffd:80f0::", 48, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ffd:812f::", 48, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ffd:8143::", 48, NDPI_PROTOCOL_AMAZON_AWS },
@@ -2463,6 +2551,10 @@ static ndpi_network6 ndpi_protocol_amazon_aws_protocol_list_6[] = {
{ "2600:1ffd:85b2::", 48, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ffd:85c0::", 48, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ffd:85e8::", 48, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1ffd:a400::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1ffd:c000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1ffd:e000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1ffd:ec00::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ffe:1000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ffe:2000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ffe:2c00::", 40, NDPI_PROTOCOL_AMAZON_AWS },
@@ -2474,6 +2566,7 @@ static ndpi_network6 ndpi_protocol_amazon_aws_protocol_list_6[] = {
{ "2600:1ffe:a400::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ffe:c000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1ffe:e000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1ffe:ec00::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1fff:1000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1fff:2000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1fff:2c00::", 40, NDPI_PROTOCOL_AMAZON_AWS },
@@ -2486,6 +2579,7 @@ static ndpi_network6 ndpi_protocol_amazon_aws_protocol_list_6[] = {
{ "2600:1fff:a400::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1fff:c000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:1fff:e000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:1fff:ec00::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:9000:ddd::", 48, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:9000:eee::", 48, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:9000:fff::", 48, NDPI_PROTOCOL_AMAZON_AWS },
@@ -2548,6 +2642,7 @@ static ndpi_network6 ndpi_protocol_amazon_aws_protocol_list_6[] = {
{ "2600:f0f0:20::", 48, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:f0f0:30::", 44, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:f0f0:40::", 48, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:f0f0:60::", 44, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:f0f0:80::", 45, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:f0f0:90:1400::", 56, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:f0f0:90:2600::", 56, NDPI_PROTOCOL_AMAZON_AWS },
@@ -2588,7 +2683,7 @@ static ndpi_network6 ndpi_protocol_amazon_aws_protocol_list_6[] = {
{ "2600:f0f1:8b02::", 48, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:f0f2:7000::", 44, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:f0f2:7010::", 45, NDPI_PROTOCOL_AMAZON_AWS },
- { "2600:f0f2:7018::", 47, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2600:f0f2:7018::", 46, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:f0f2:7100::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:f0f3:f000::", 44, NDPI_PROTOCOL_AMAZON_AWS },
{ "2600:f0fb:8000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
@@ -2663,6 +2758,9 @@ static ndpi_network6 ndpi_protocol_amazon_aws_protocol_list_6[] = {
{ "2606:f40:fff6::", 47, NDPI_PROTOCOL_AMAZON_AWS },
{ "2606:f40:fff8::", 45, NDPI_PROTOCOL_AMAZON_AWS },
{ "2606:7b40:9fc::", 47, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2606:7b40:a3e:200::", 60, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2606:7b40:a3e:270::", 60, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2606:7b40:a3e:280::", 60, NDPI_PROTOCOL_AMAZON_AWS },
{ "2606:7b40:1000:2000::", 55, NDPI_PROTOCOL_AMAZON_AWS },
{ "2606:7b40:1000:2270::", 60, NDPI_PROTOCOL_AMAZON_AWS },
{ "2606:7b40:1000:3000::", 56, NDPI_PROTOCOL_AMAZON_AWS },
@@ -2738,9 +2836,10 @@ static ndpi_network6 ndpi_protocol_amazon_aws_protocol_list_6[] = {
{ "2606:7b40:1b0f:ef00::", 56, NDPI_PROTOCOL_AMAZON_AWS },
{ "2606:7b40:1b0f:f000::", 54, NDPI_PROTOCOL_AMAZON_AWS },
{ "2606:7b40:1b0f:f400::", 56, NDPI_PROTOCOL_AMAZON_AWS },
- { "2606:7b40:1b0f:f900::", 56, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2606:7b40:1b0f:f800::", 55, NDPI_PROTOCOL_AMAZON_AWS },
{ "2606:7b40:1b0f:fa00::", 56, NDPI_PROTOCOL_AMAZON_AWS },
{ "2606:7b40:1b0f:fd00::", 56, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2606:7b40:1b10::", 48, NDPI_PROTOCOL_AMAZON_AWS },
{ "2606:7b40:1f00::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2606:7b40:f000:1500::", 56, NDPI_PROTOCOL_AMAZON_AWS },
{ "2606:7b40:f000:1600::", 55, NDPI_PROTOCOL_AMAZON_AWS },
@@ -2798,6 +2897,7 @@ static ndpi_network6 ndpi_protocol_amazon_aws_protocol_list_6[] = {
{ "2620:108:7000::", 44, NDPI_PROTOCOL_AMAZON_AWS },
{ "2620:108:d000::", 44, NDPI_PROTOCOL_AMAZON_AWS },
{ "2631::", 47, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2631:1:4ff0::", 48, NDPI_PROTOCOL_AMAZON_AWS },
{ "2804:800::", 48, NDPI_PROTOCOL_AMAZON_AWS },
{ "2804:800:ff00::", 48, NDPI_PROTOCOL_AMAZON_AWS },
{ "2a01:578:0:12::", 63, NDPI_PROTOCOL_AMAZON_AWS },
@@ -2968,6 +3068,18 @@ static ndpi_network6 ndpi_protocol_amazon_aws_protocol_list_6[] = {
{ "2a05:d059:b000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2a05:d059:c000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2a05:d059:e000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2a05:d05b:800::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2a05:d05b:1000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2a05:d05b:2000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2a05:d05b:4000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2a05:d05b:5000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2a05:d05b:6000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2a05:d05b:8000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2a05:d05b:9000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2a05:d05b:a000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2a05:d05b:b000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2a05:d05b:c000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2a05:d05b:e000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2a05:d06f:800::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2a05:d06f:1000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2a05:d06f:2000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
@@ -3080,6 +3192,18 @@ static ndpi_network6 ndpi_protocol_amazon_aws_protocol_list_6[] = {
{ "2a05:d07c:a000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2a05:d07c:c000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2a05:d07c:e000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2a05:d07d:800::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2a05:d07d:1000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2a05:d07d:2000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2a05:d07d:4000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2a05:d07d:5000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2a05:d07d:6000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2a05:d07d:8000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2a05:d07d:9000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2a05:d07d:a000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2a05:d07d:b000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2a05:d07d:c000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
+ { "2a05:d07d:e000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2a05:d07e:800::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2a05:d07e:1000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
{ "2a05:d07e:2000::", 40, NDPI_PROTOCOL_AMAZON_AWS },
diff --git a/src/lib/inc_generated/ndpi_amazon_aws_s3_match.c.inc b/src/lib/inc_generated/ndpi_amazon_aws_s3_match.c.inc
new file mode 100644
index 000000000..aa1a08def
--- /dev/null
+++ b/src/lib/inc_generated/ndpi_amazon_aws_s3_match.c.inc
@@ -0,0 +1,496 @@
+/*
+ *
+ * This file is generated automatically and part of nDPI
+ *
+ * nDPI is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * nDPI is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with nDPI. If not, see .
+ *
+ */
+
+/* ****************************************************** */
+
+
+static ndpi_network ndpi_protocol_aws_s3_protocol_list[] = {
+ { 0x01B20400 /* 1.178.4.0/22 */, 22, NDPI_PROTOCOL_AWS_S3 },
+ { 0x01B20800 /* 1.178.8.0/22 */, 22, NDPI_PROTOCOL_AWS_S3 },
+ { 0x01B24000 /* 1.178.64.0/23 */, 23, NDPI_PROTOCOL_AWS_S3 },
+ { 0x01B25800 /* 1.178.88.0/23 */, 23, NDPI_PROTOCOL_AWS_S3 },
+ { 0x03050000 /* 3.5.0.0/18 */, 18, NDPI_PROTOCOL_AWS_S3 },
+ { 0x03054000 /* 3.5.64.0/21 */, 21, NDPI_PROTOCOL_AWS_S3 },
+ { 0x03054800 /* 3.5.72.0/23 */, 23, NDPI_PROTOCOL_AWS_S3 },
+ { 0x03054C00 /* 3.5.76.0/22 */, 22, NDPI_PROTOCOL_AWS_S3 },
+ { 0x03055000 /* 3.5.80.0/21 */, 21, NDPI_PROTOCOL_AWS_S3 },
+ { 0x03058000 /* 3.5.128.0/19 */, 19, NDPI_PROTOCOL_AWS_S3 },
+ { 0x0305A000 /* 3.5.160.0/21 */, 21, NDPI_PROTOCOL_AWS_S3 },
+ { 0x0305A800 /* 3.5.168.0/23 */, 23, NDPI_PROTOCOL_AWS_S3 },
+ { 0x0305AC00 /* 3.5.172.0/22 */, 22, NDPI_PROTOCOL_AWS_S3 },
+ { 0x0305B400 /* 3.5.180.0/22 */, 22, NDPI_PROTOCOL_AWS_S3 },
+ { 0x0305B800 /* 3.5.184.0/21 */, 21, NDPI_PROTOCOL_AWS_S3 },
+ { 0x0305C000 /* 3.5.192.0/21 */, 21, NDPI_PROTOCOL_AWS_S3 },
+ { 0x0305CA00 /* 3.5.202.0/23 */, 23, NDPI_PROTOCOL_AWS_S3 },
+ { 0x0305CC00 /* 3.5.204.0/22 */, 22, NDPI_PROTOCOL_AWS_S3 },
+ { 0x0305D000 /* 3.5.208.0/20 */, 20, NDPI_PROTOCOL_AWS_S3 },
+ { 0x0305E000 /* 3.5.224.0/19 */, 19, NDPI_PROTOCOL_AWS_S3 },
+ { 0x031A5800 /* 3.26.88.0/27 */, 27, NDPI_PROTOCOL_AWS_S3 },
+ { 0x031C4630 /* 3.28.70.48/28 */, 28, NDPI_PROTOCOL_AWS_S3 },
+ { 0x031C4660 /* 3.28.70.96/27 */, 27, NDPI_PROTOCOL_AWS_S3 },
+ { 0x031D9330 /* 3.29.147.48/28 */, 28, NDPI_PROTOCOL_AWS_S3 },
+ { 0x031DCAF0 /* 3.29.202.240/28 */, 28, NDPI_PROTOCOL_AWS_S3 },
+ { 0x0324A740 /* 3.36.167.64/27 */, 27, NDPI_PROTOCOL_AWS_S3 },
+ { 0x0341F600 /* 3.65.246.0/27 */, 27, NDPI_PROTOCOL_AWS_S3 },
+ { 0x03621800 /* 3.98.24.0/27 */, 27, NDPI_PROTOCOL_AWS_S3 },
+ { 0x0365A340 /* 3.101.163.64/27 */, 27, NDPI_PROTOCOL_AWS_S3 },
+ { 0x0365A360 /* 3.101.163.96/28 */, 28, NDPI_PROTOCOL_AWS_S3 },
+ { 0x03667760 /* 3.102.119.96/27 */, 27, NDPI_PROTOCOL_AWS_S3 },
+ { 0x038D66D0 /* 3.141.102.208/28 */, 28, NDPI_PROTOCOL_AWS_S3 },
+ { 0x038D66E0 /* 3.141.102.224/28 */, 28, NDPI_PROTOCOL_AWS_S3 },
+ { 0x03FB6ED0 /* 3.251.110.208/28 */, 28, NDPI_PROTOCOL_AWS_S3 },
+ { 0x03FB6EE0 /* 3.251.110.224/28 */, 28, NDPI_PROTOCOL_AWS_S3 },
+ { 0x0D245430 /* 13.36.84.48/28 */, 28, NDPI_PROTOCOL_AWS_S3 },
+ { 0x0D245440 /* 13.36.84.64/28 */, 28, NDPI_PROTOCOL_AWS_S3 },
+ { 0x0D3347B0 /* 13.51.71.176/28 */, 28, NDPI_PROTOCOL_AWS_S3 },
+ { 0x0D3347C0 /* 13.51.71.192/28 */, 28, NDPI_PROTOCOL_AWS_S3 },
+ { 0x0DD51490 /* 13.213.20.144/28 */, 28, NDPI_PROTOCOL_AWS_S3 },
+ { 0x0DD514A0 /* 13.213.20.160/28 */, 28, NDPI_PROTOCOL_AWS_S3 },
+ { 0x0DF55DB0 /* 13.245.93.176/28 */, 28, NDPI_PROTOCOL_AWS_S3 },
+ { 0x0DF55DC0 /* 13.245.93.192/28 */, 28, NDPI_PROTOCOL_AWS_S3 },
+ { 0x0DF8E000 /* 13.248.224.0/21 */, 21, NDPI_PROTOCOL_AWS_S3 },
+ { 0x0DF8E800 /* 13.248.232.0/23 */, 23, NDPI_PROTOCOL_AWS_S3 },
+ { 0x0F988570 /* 15.152.133.112/28 */, 28, NDPI_PROTOCOL_AWS_S3 },
+ { 0x0F988580 /* 15.152.133.128/28 */, 28, NDPI_PROTOCOL_AWS_S3 },
+ { 0x0FB87DF0 /* 15.184.125.240/28 */, 28, NDPI_PROTOCOL_AWS_S3 },
+ { 0x0FB89900 /* 15.184.153.0/28 */, 28, NDPI_PROTOCOL_AWS_S3 },
+ { 0x0FC81CF0 /* 15.200.28.240/28 */, 28, NDPI_PROTOCOL_AWS_S3 },
+ { 0x0FC8B080 /* 15.200.176.128/28 */, 28, NDPI_PROTOCOL_AWS_S3 },
+ { 0x0FE46B00 /* 15.228.107.0/27 */, 27, NDPI_PROTOCOL_AWS_S3 },
+ { 0x100C0000 /* 16.12.0.0/20 */, 20, NDPI_PROTOCOL_AWS_S3 },
+ { 0x100C1000 /* 16.12.16.0/22 */, 22, NDPI_PROTOCOL_AWS_S3 },
+ { 0x100C1400 /* 16.12.20.0/23 */, 23, NDPI_PROTOCOL_AWS_S3 },
+ { 0x100C1800 /* 16.12.24.0/21 */, 21, NDPI_PROTOCOL_AWS_S3 },
+ { 0x100C2000 /* 16.12.32.0/21 */, 21, NDPI_PROTOCOL_AWS_S3 },
+ { 0x100C2800 /* 16.12.40.0/22 */, 22, NDPI_PROTOCOL_AWS_S3 },
+ { 0x100C2C00 /* 16.12.44.0/24 */, 24, NDPI_PROTOCOL_AWS_S3 },
+ { 0x100C3000 /* 16.12.48.0/20 */, 20, NDPI_PROTOCOL_AWS_S3 },
+ { 0x100C4000 /* 16.12.64.0/22 */, 22, NDPI_PROTOCOL_AWS_S3 },
+ { 0x100C4700 /* 16.12.71.0/24 */, 24, NDPI_PROTOCOL_AWS_S3 },
+ { 0x100C4800 /* 16.12.72.0/21 */, 21, NDPI_PROTOCOL_AWS_S3 },
+ { 0x100C5000 /* 16.12.80.0/22 */, 22, NDPI_PROTOCOL_AWS_S3 },
+ { 0x100C5400 /* 16.12.84.0/23 */, 23, NDPI_PROTOCOL_AWS_S3 },
+ { 0x100C5600 /* 16.12.86.0/24 */, 24, NDPI_PROTOCOL_AWS_S3 },
+ { 0x100C5800 /* 16.12.88.0/21 */, 21, NDPI_PROTOCOL_AWS_S3 },
+ { 0x100C6000 /* 16.12.96.0/20 */, 20, NDPI_PROTOCOL_AWS_S3 },
+ { 0x100C7000 /* 16.12.112.0/21 */, 21, NDPI_PROTOCOL_AWS_S3 },
+ { 0x100F0000 /* 16.15.0.0/20 */, 20, NDPI_PROTOCOL_AWS_S3 },
+ { 0x100F1000 /* 16.15.16.0/21 */, 21, NDPI_PROTOCOL_AWS_S3 },
+ { 0x100FB000 /* 16.15.176.0/20 */, 20, NDPI_PROTOCOL_AWS_S3 },
+ { 0x100FC000 /* 16.15.192.0/18 */, 18, NDPI_PROTOCOL_AWS_S3 },
+ { 0x103245C0 /* 16.50.69.192/27 */, 27, NDPI_PROTOCOL_AWS_S3 },
+ { 0x103E38E0 /* 16.62.56.224/27 */, 27, NDPI_PROTOCOL_AWS_S3 },
+ { 0x10B60000 /* 16.182.0.0/16 */, 16, NDPI_PROTOCOL_AWS_S3 },
+ { 0x12220000 /* 18.34.0.0/19 */, 19, NDPI_PROTOCOL_AWS_S3 },
+ { 0x12223000 /* 18.34.48.0/20 */, 20, NDPI_PROTOCOL_AWS_S3 },
+ { 0x12224800 /* 18.34.72.0/21 */, 21, NDPI_PROTOCOL_AWS_S3 },
+ { 0x1222E800 /* 18.34.232.0/21 */, 21, NDPI_PROTOCOL_AWS_S3 },
+ { 0x1222F400 /* 18.34.244.0/22 */, 22, NDPI_PROTOCOL_AWS_S3 },
+ { 0x1222FC00 /* 18.34.252.0/22 */, 22, NDPI_PROTOCOL_AWS_S3 },
+ { 0x123C4EC0 /* 18.60.78.192/27 */, 27, NDPI_PROTOCOL_AWS_S3 },
+ { 0x1264D1E0 /* 18.100.209.224/27 */, 27, NDPI_PROTOCOL_AWS_S3 },
+ { 0x12A75860 /* 18.167.88.96/27 */, 27, NDPI_PROTOCOL_AWS_S3 },
+ { 0x12A825A0 /* 18.168.37.160/27 */, 27, NDPI_PROTOCOL_AWS_S3 },
+ { 0x12FC91C0 /* 18.252.145.192/27 */, 27, NDPI_PROTOCOL_AWS_S3 },
+ { 0x2348A4F0 /* 35.72.164.240/28 */, 28, NDPI_PROTOCOL_AWS_S3 },
+ { 0x23497300 /* 35.73.115.0/28 */, 28, NDPI_PROTOCOL_AWS_S3 },
+ { 0x235024D0 /* 35.80.36.208/28 */, 28, NDPI_PROTOCOL_AWS_S3 },
+ { 0x235024E0 /* 35.80.36.224/28 */, 28, NDPI_PROTOCOL_AWS_S3 },
+ { 0x23984A90 /* 35.152.74.144/28 */, 28, NDPI_PROTOCOL_AWS_S3 },
+ { 0x23984AA0 /* 35.152.74.160/28 */, 28, NDPI_PROTOCOL_AWS_S3 },
+ { 0x28B062F0 /* 40.176.98.240/28 */, 28, NDPI_PROTOCOL_AWS_S3 },
+ { 0x28B06540 /* 40.176.101.64/28 */, 28, NDPI_PROTOCOL_AWS_S3 },
+ { 0x2BD04280 /* 43.208.66.128/27 */, 27, NDPI_PROTOCOL_AWS_S3 },
+ { 0x2BD48700 /* 43.212.135.0/27 */, 27, NDPI_PROTOCOL_AWS_S3 },
+ { 0x2BD85700 /* 43.216.87.0/27 */, 27, NDPI_PROTOCOL_AWS_S3 },
+ { 0x2BDAC160 /* 43.218.193.96/27 */, 27, NDPI_PROTOCOL_AWS_S3 },
+ { 0x2BDADEA0 /* 43.218.222.160/27 */, 27, NDPI_PROTOCOL_AWS_S3 },
+ { 0x2CC086F0 /* 44.192.134.240/28 */, 28, NDPI_PROTOCOL_AWS_S3 },
+ { 0x2CC08C40 /* 44.192.140.64/28 */, 28, NDPI_PROTOCOL_AWS_S3 },
+ { 0x331181A0 /* 51.17.129.160/27 */, 27, NDPI_PROTOCOL_AWS_S3 },
+ { 0x33700B40 /* 51.112.11.64/27 */, 27, NDPI_PROTOCOL_AWS_S3 },
+ { 0x3452A400 /* 52.82.164.0/22 */, 22, NDPI_PROTOCOL_AWS_S3 },
+ { 0x3452B800 /* 52.82.184.0/23 */, 23, NDPI_PROTOCOL_AWS_S3 },
+ { 0x3452BC00 /* 52.82.188.0/22 */, 22, NDPI_PROTOCOL_AWS_S3 },
+ { 0x345C0000 /* 52.92.0.0/16 */, 16, NDPI_PROTOCOL_AWS_S3 },
+ { 0x345F8000 /* 52.95.128.0/18 */, 18, NDPI_PROTOCOL_AWS_S3 },
+ { 0x34D80000 /* 52.216.0.0/15 */, 15, NDPI_PROTOCOL_AWS_S3 },
+ { 0x34DA0000 /* 52.218.0.0/16 */, 16, NDPI_PROTOCOL_AWS_S3 },
+ { 0x34DB0000 /* 52.219.0.0/20 */, 20, NDPI_PROTOCOL_AWS_S3 },
+ { 0x34DB1000 /* 52.219.16.0/22 */, 22, NDPI_PROTOCOL_AWS_S3 },
+ { 0x34DB1400 /* 52.219.20.0/24 */, 24, NDPI_PROTOCOL_AWS_S3 },
+ { 0x34DB1800 /* 52.219.24.0/21 */, 21, NDPI_PROTOCOL_AWS_S3 },
+ { 0x34DB2000 /* 52.219.32.0/20 */, 20, NDPI_PROTOCOL_AWS_S3 },
+ { 0x34DB3800 /* 52.219.56.0/21 */, 21, NDPI_PROTOCOL_AWS_S3 },
+ { 0x34DB4000 /* 52.219.64.0/21 */, 21, NDPI_PROTOCOL_AWS_S3 },
+ { 0x34DB4800 /* 52.219.72.0/22 */, 22, NDPI_PROTOCOL_AWS_S3 },
+ { 0x34DB5000 /* 52.219.80.0/20 */, 20, NDPI_PROTOCOL_AWS_S3 },
+ { 0x34DB6000 /* 52.219.96.0/19 */, 19, NDPI_PROTOCOL_AWS_S3 },
+ { 0x34DB8000 /* 52.219.128.0/18 */, 18, NDPI_PROTOCOL_AWS_S3 },
+ { 0x34DBC000 /* 52.219.192.0/20 */, 20, NDPI_PROTOCOL_AWS_S3 },
+ { 0x34DBD000 /* 52.219.208.0/21 */, 21, NDPI_PROTOCOL_AWS_S3 },
+ { 0x34DBD800 /* 52.219.216.0/22 */, 22, NDPI_PROTOCOL_AWS_S3 },
+ { 0x34DBDC00 /* 52.219.220.0/23 */, 23, NDPI_PROTOCOL_AWS_S3 },
+ { 0x34DBE000 /* 52.219.224.0/21 */, 21, NDPI_PROTOCOL_AWS_S3 },
+ { 0x34DBE800 /* 52.219.232.0/22 */, 22, NDPI_PROTOCOL_AWS_S3 },
+ { 0x34DBFE00 /* 52.219.254.0/23 */, 23, NDPI_PROTOCOL_AWS_S3 },
+ { 0x36DE3000 /* 54.222.48.0/21 */, 21, NDPI_PROTOCOL_AWS_S3 },
+ { 0x36DE6000 /* 54.222.96.0/21 */, 21, NDPI_PROTOCOL_AWS_S3 },
+ { 0x36DE7000 /* 54.222.112.0/20 */, 20, NDPI_PROTOCOL_AWS_S3 },
+ { 0x36E70000 /* 54.231.0.0/16 */, 16, NDPI_PROTOCOL_AWS_S3 },
+ { 0x410167D0 /* 65.1.103.208/28 */, 28, NDPI_PROTOCOL_AWS_S3 },
+ { 0x410167E0 /* 65.1.103.224/28 */, 28, NDPI_PROTOCOL_AWS_S3 },
+ { 0x444F02C0 /* 68.79.2.192/28 */, 28, NDPI_PROTOCOL_AWS_S3 },
+ { 0x444F02E0 /* 68.79.2.224/28 */, 28, NDPI_PROTOCOL_AWS_S3 },
+ { 0x45EAFA40 /* 69.234.250.64/27 */, 27, NDPI_PROTOCOL_AWS_S3 },
+ { 0x4783C4E0 /* 71.131.196.224/27 */, 27, NDPI_PROTOCOL_AWS_S3 },
+ { 0x4CDF5F00 /* 76.223.95.0/24 */, 24, NDPI_PROTOCOL_AWS_S3 },
+ { 0x4CDF6000 /* 76.223.96.0/21 */, 21, NDPI_PROTOCOL_AWS_S3 },
+ { 0x4CDF6800 /* 76.223.104.0/24 */, 24, NDPI_PROTOCOL_AWS_S3 },
+ { 0x4E0C4FC0 /* 78.12.79.192/27 */, 27, NDPI_PROTOCOL_AWS_S3 },
+ { 0x5376F000 /* 83.118.240.0/21 */, 21, NDPI_PROTOCOL_AWS_S3 },
+ { 0x6C889A10 /* 108.136.154.16/28 */, 28, NDPI_PROTOCOL_AWS_S3 },
+ { 0x6C889A20 /* 108.136.154.32/27 */, 27, NDPI_PROTOCOL_AWS_S3 },
+ { 0x6CAF3000 /* 108.175.48.0/20 */, 20, NDPI_PROTOCOL_AWS_S3 },
+ { 0x88120000 /* 136.18.0.0/23 */, 23, NDPI_PROTOCOL_AWS_S3 },
+ { 0x8CB324D0 /* 140.179.36.208/28 */, 28, NDPI_PROTOCOL_AWS_S3 },
+ { 0x8CB324E0 /* 140.179.36.224/27 */, 27, NDPI_PROTOCOL_AWS_S3 },
+ /* End */
+ { 0x0, 0, 0 }
+};
+
+static ndpi_network6 ndpi_protocol_aws_s3_protocol_list_6[] = {
+ { "2001:3fc5:800::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2001:3fc7:800::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2001:3fc7:8800::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2001:3fc7:9800::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2001:3fc7:a800::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2400:7fc0:200::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2400:7fc0:2400::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2400:7fc0:2800::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2400:7fc0:2c00::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2400:7fc0:6000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2400:7fc0:ef00::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2404:c2c0:200::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2404:c2c0:2400::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2404:c2c0:2800::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2404:c2c0:2c00::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2404:c2c0:6000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2404:c2c0:ef00::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:da60:800::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:da60:1000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:da60:2000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:da60:2800::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:da60:4000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:da60:4800::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:da60:6000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:da60:7000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:da60:8000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:da60:8800::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:da60:9000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:da60:a000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:da60:b000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:da60:c000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:da60:c800::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:da60:e000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:da60:f000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daa0:800::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daa0:1000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daa0:2000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daa0:2800::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daa0:4000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daa0:4800::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daa0:6000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daa0:7000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daa0:8000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daa0:8800::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daa0:9000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daa0:a000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daa0:a800::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daa0:b000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daa0:c000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daa0:c800::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daa0:e000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daa0:f000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:dab9:800::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:dab9:1000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:dab9:2000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:dab9:2800::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:dab9:4000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:dab9:4800::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:dab9:6000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:dab9:7000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:dab9:8000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:dab9:8800::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:dab9:9000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:dab9:a000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:dab9:b000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:dab9:c000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:dab9:c800::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:dab9:e000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:dab9:f000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf0:800::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf0:1000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf0:2000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf0:2800::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf0:4000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf0:4800::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf0:6000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf0:7000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf0:8000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf0:8800::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf0:9000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf0:a000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf0:b000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf0:c000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf0:c800::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf0:e000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf0:f000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf4:800::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf4:1000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf4:2000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf4:2800::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf4:4000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf4:4800::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf4:6000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf4:7000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf4:8000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf4:8800::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf4:9000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf4:a000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf4:b000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf4:c000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf4:c800::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf4:e000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf4:f000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf8:1000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf8:2000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf8:4000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf8:6000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf8:7000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf8:8000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf8:9000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf8:a000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf8:b000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf8:c000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf8:e000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf8:f000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf9:1000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf9:2000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf9:4000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf9:6000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf9:7000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf9:8000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf9:9000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf9:a000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf9:b000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf9:c000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf9:e000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:daf9:f000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:dafa:2000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:dafa:4000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:dafa:6000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:dafa:8000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:dafa:a000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:dafa:c000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2406:dafa:e000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "240f:80a0:4000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "240f:80a0:8000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "240f:80f8:4000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "240f:80f8:8000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "240f:80f9:4000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "240f:80f9:8000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "240f:80fa:4000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "240f:80fa:8000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1f60:1000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1f60:2000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1f60:4000::", 39, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1f60:5000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1f60:6000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1f60:7400::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1f60:8000::", 39, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1f60:a400::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1f60:c000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1f60:e000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1fa0:1000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1fa0:2000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1fa0:2c00::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1fa0:4000::", 39, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1fa0:5000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1fa0:6000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1fa0:7400::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1fa0:8000::", 39, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1fa0:a400::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1fa0:c000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1fa0:e000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1fa0:ec00::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1fb9:1000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1fb9:2000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1fb9:4000::", 39, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1fb9:5000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1fb9:6000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1fb9:7400::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1fb9:8000::", 39, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1fb9:a400::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1fb9:c000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1fb9:e000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1fb9:ec00::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1fef:ec00::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ff0:1000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ff0:2000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ff0:4000::", 39, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ff0:5000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ff0:6000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ff0:7400::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ff0:8000::", 39, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ff0:a400::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ff0:c000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ff0:e000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ff0:ec00::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ff4:1000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ff4:2000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ff4:4000::", 39, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ff4:5000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ff4:6000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ff4:7400::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ff4:8000::", 39, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ff4:a400::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ff4:c000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ff4:e000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ff4:ec00::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ff8:1000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ff8:2000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ff8:4000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ff8:5000::", 36, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ff8:6000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ff8:8000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ff8:c000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ff8:e000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ff9:1000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ff9:2000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ff9:4000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ff9:5000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ff9:6000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ff9:8000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ff9:c000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ff9:e000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ffa:1000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ffa:2000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ffa:4000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ffa:5000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ffa:6000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ffa:8000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ffa:c000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:1ffa:e000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:9000:a104::", 47, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:9000:a210::", 47, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:9000:a310::", 47, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:f0f2:7010::", 45, NDPI_PROTOCOL_AWS_S3 },
+ { "2600:f0f2:7018::", 46, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d030:800::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d030:1000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d030:2000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d030:4000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d030:5000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d030:6000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d030:8000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d030:9000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d030:a000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d030:b000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d030:c000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d030:e000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d050:800::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d050:1000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d050:2000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d050:4000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d050:5000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d050:6000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d050:8000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d050:9000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d050:a000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d050:b000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d050:c000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d050:e000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d050:f000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d059:800::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d059:1000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d059:2000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d059:4000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d059:5000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d059:6000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d059:8000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d059:9000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d059:a000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d059:b000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d059:c000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d059:e000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d070:800::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d070:1000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d070:2000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d070:4000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d070:5000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d070:6000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d070:8000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d070:9000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d070:a000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d070:b000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d070:c000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d070:e000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d074:800::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d074:1000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d074:2000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d074:4000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d074:5000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d074:6000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d074:8000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d074:9000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d074:a000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d074:b000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d074:c000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d074:e000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d078:1000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d078:2000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d078:4000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d078:5000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d078:6000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d078:8000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d078:9000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d078:a000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d078:c000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d078:e000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d079:1000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d079:2000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d079:4000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d079:5000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d079:6000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d079:8000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d079:9000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d079:a000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d079:c000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d079:e000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d07a:2000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d07a:4000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d07a:6000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d07a:8000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d07a:a000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d07a:c000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ { "2a05:d07a:e000::", 40, NDPI_PROTOCOL_AWS_S3 },
+ /* End */
+ { NULL, 0, 0 }
+};
diff --git a/src/lib/inc_generated/ndpi_domains_aws_api_gateway_match.c.inc b/src/lib/inc_generated/ndpi_domains_aws_api_gateway_match.c.inc
new file mode 100644
index 000000000..cc61c4b3e
--- /dev/null
+++ b/src/lib/inc_generated/ndpi_domains_aws_api_gateway_match.c.inc
@@ -0,0 +1,59 @@
+/*
+ *
+ * This file is generated automatically and part of nDPI
+ *
+ * nDPI is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * nDPI is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with nDPI. If not, see .
+ *
+ */
+
+/* ****************************************************** */
+
+
+static ndpi_protocol_match aws_api_gateway_host_match[] = {
+ { "execute-api.af-south-1.amazonaws.com", "AWS_API_Gateway", NDPI_PROTOCOL_AWS_API_GATEWAY, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "execute-api.ap-east-1.amazonaws.com", "AWS_API_Gateway", NDPI_PROTOCOL_AWS_API_GATEWAY, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "execute-api.ap-northeast-1.amazonaws.com", "AWS_API_Gateway", NDPI_PROTOCOL_AWS_API_GATEWAY, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "execute-api.ap-northeast-2.amazonaws.com", "AWS_API_Gateway", NDPI_PROTOCOL_AWS_API_GATEWAY, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "execute-api.ap-northeast-3.amazonaws.com", "AWS_API_Gateway", NDPI_PROTOCOL_AWS_API_GATEWAY, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "execute-api.ap-south-1.amazonaws.com", "AWS_API_Gateway", NDPI_PROTOCOL_AWS_API_GATEWAY, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "execute-api.ap-south-2.amazonaws.com", "AWS_API_Gateway", NDPI_PROTOCOL_AWS_API_GATEWAY, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "execute-api.ap-southeast-1.amazonaws.com", "AWS_API_Gateway", NDPI_PROTOCOL_AWS_API_GATEWAY, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "execute-api.ap-southeast-2.amazonaws.com", "AWS_API_Gateway", NDPI_PROTOCOL_AWS_API_GATEWAY, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "execute-api.ap-southeast-3.amazonaws.com", "AWS_API_Gateway", NDPI_PROTOCOL_AWS_API_GATEWAY, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "execute-api.ap-southeast-4.amazonaws.com", "AWS_API_Gateway", NDPI_PROTOCOL_AWS_API_GATEWAY, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "execute-api.ap-southeast-5.amazonaws.com", "AWS_API_Gateway", NDPI_PROTOCOL_AWS_API_GATEWAY, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "execute-api.ca-central-1.amazonaws.com", "AWS_API_Gateway", NDPI_PROTOCOL_AWS_API_GATEWAY, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "execute-api.ca-west-1.amazonaws.com", "AWS_API_Gateway", NDPI_PROTOCOL_AWS_API_GATEWAY, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "execute-api.cn-north-1.amazonaws.com.cn", "AWS_API_Gateway", NDPI_PROTOCOL_AWS_API_GATEWAY, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "execute-api.cn-northwest-1.amazonaws.com.cn", "AWS_API_Gateway", NDPI_PROTOCOL_AWS_API_GATEWAY, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "execute-api.eu-central-1.amazonaws.com", "AWS_API_Gateway", NDPI_PROTOCOL_AWS_API_GATEWAY, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "execute-api.eu-central-2.amazonaws.com", "AWS_API_Gateway", NDPI_PROTOCOL_AWS_API_GATEWAY, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "execute-api.eu-north-1.amazonaws.com", "AWS_API_Gateway", NDPI_PROTOCOL_AWS_API_GATEWAY, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "execute-api.eu-south-1.amazonaws.com", "AWS_API_Gateway", NDPI_PROTOCOL_AWS_API_GATEWAY, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "execute-api.eu-south-2.amazonaws.com", "AWS_API_Gateway", NDPI_PROTOCOL_AWS_API_GATEWAY, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "execute-api.eu-west-1.amazonaws.com", "AWS_API_Gateway", NDPI_PROTOCOL_AWS_API_GATEWAY, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "execute-api.eu-west-2.amazonaws.com", "AWS_API_Gateway", NDPI_PROTOCOL_AWS_API_GATEWAY, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "execute-api.eu-west-3.amazonaws.com", "AWS_API_Gateway", NDPI_PROTOCOL_AWS_API_GATEWAY, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "execute-api.il-central-1.amazonaws.com", "AWS_API_Gateway", NDPI_PROTOCOL_AWS_API_GATEWAY, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "execute-api.me-central-1.amazonaws.com", "AWS_API_Gateway", NDPI_PROTOCOL_AWS_API_GATEWAY, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "execute-api.me-south-1.amazonaws.com", "AWS_API_Gateway", NDPI_PROTOCOL_AWS_API_GATEWAY, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "execute-api.sa-east-1.amazonaws.com", "AWS_API_Gateway", NDPI_PROTOCOL_AWS_API_GATEWAY, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "execute-api.us-east-1.amazonaws.com", "AWS_API_Gateway", NDPI_PROTOCOL_AWS_API_GATEWAY, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "execute-api.us-east-2.amazonaws.com", "AWS_API_Gateway", NDPI_PROTOCOL_AWS_API_GATEWAY, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "execute-api.us-gov-east-1.amazonaws.com", "AWS_API_Gateway", NDPI_PROTOCOL_AWS_API_GATEWAY, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "execute-api.us-gov-west-1.amazonaws.com", "AWS_API_Gateway", NDPI_PROTOCOL_AWS_API_GATEWAY, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "execute-api.us-west-1.amazonaws.com", "AWS_API_Gateway", NDPI_PROTOCOL_AWS_API_GATEWAY, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "execute-api.us-west-2.amazonaws.com", "AWS_API_Gateway", NDPI_PROTOCOL_AWS_API_GATEWAY, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { NULL, NULL, NDPI_PROTOCOL_UNKNOWN, NDPI_PROTOCOL_CATEGORY_UNSPECIFIED, NDPI_PROTOCOL_SAFE, NDPI_PROTOCOL_DEFAULT_LEVEL }
+};
diff --git a/src/lib/inc_generated/ndpi_domains_aws_cloudfront_match.c.inc b/src/lib/inc_generated/ndpi_domains_aws_cloudfront_match.c.inc
new file mode 100644
index 000000000..4723dc6ef
--- /dev/null
+++ b/src/lib/inc_generated/ndpi_domains_aws_cloudfront_match.c.inc
@@ -0,0 +1,26 @@
+/*
+ *
+ * This file is generated automatically and part of nDPI
+ *
+ * nDPI is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * nDPI is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with nDPI. If not, see .
+ *
+ */
+
+/* ****************************************************** */
+
+
+static ndpi_protocol_match aws_cloudfront_host_match[] = {
+ { "cloudfront.net", "AWS_Cloudfront", NDPI_PROTOCOL_AWS_CLOUDFRONT, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { NULL, NULL, NDPI_PROTOCOL_UNKNOWN, NDPI_PROTOCOL_CATEGORY_UNSPECIFIED, NDPI_PROTOCOL_SAFE, NDPI_PROTOCOL_DEFAULT_LEVEL }
+};
diff --git a/src/lib/inc_generated/ndpi_domains_aws_cognito_match.c.inc b/src/lib/inc_generated/ndpi_domains_aws_cognito_match.c.inc
new file mode 100644
index 000000000..2c54114ee
--- /dev/null
+++ b/src/lib/inc_generated/ndpi_domains_aws_cognito_match.c.inc
@@ -0,0 +1,63 @@
+/*
+ *
+ * This file is generated automatically and part of nDPI
+ *
+ * nDPI is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * nDPI is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with nDPI. If not, see .
+ *
+ */
+
+/* ****************************************************** */
+
+
+static ndpi_protocol_match aws_cognito_host_match[] = {
+ { "auth.af-south-1.amazoncognito.com", "AWS_Cognito", NDPI_PROTOCOL_AWS_COGNITO, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "auth.ap-east-1.amazoncognito.com", "AWS_Cognito", NDPI_PROTOCOL_AWS_COGNITO, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "auth.ap-northeast-1.amazoncognito.com", "AWS_Cognito", NDPI_PROTOCOL_AWS_COGNITO, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "auth.ap-northeast-2.amazoncognito.com", "AWS_Cognito", NDPI_PROTOCOL_AWS_COGNITO, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "auth.ap-northeast-3.amazoncognito.com", "AWS_Cognito", NDPI_PROTOCOL_AWS_COGNITO, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "auth.ap-south-1.amazoncognito.com", "AWS_Cognito", NDPI_PROTOCOL_AWS_COGNITO, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "auth.ap-south-2.amazoncognito.com", "AWS_Cognito", NDPI_PROTOCOL_AWS_COGNITO, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "auth.ap-southeast-1.amazoncognito.com", "AWS_Cognito", NDPI_PROTOCOL_AWS_COGNITO, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "auth.ap-southeast-2.amazoncognito.com", "AWS_Cognito", NDPI_PROTOCOL_AWS_COGNITO, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "auth.ap-southeast-3.amazoncognito.com", "AWS_Cognito", NDPI_PROTOCOL_AWS_COGNITO, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "auth.ap-southeast-4.amazoncognito.com", "AWS_Cognito", NDPI_PROTOCOL_AWS_COGNITO, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "auth.ap-southeast-5.amazoncognito.com", "AWS_Cognito", NDPI_PROTOCOL_AWS_COGNITO, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "auth.ap-southeast-7.amazoncognito.com", "AWS_Cognito", NDPI_PROTOCOL_AWS_COGNITO, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "auth.ca-central-1.amazoncognito.com", "AWS_Cognito", NDPI_PROTOCOL_AWS_COGNITO, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "auth.ca-west-1.amazoncognito.com", "AWS_Cognito", NDPI_PROTOCOL_AWS_COGNITO, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "auth.eu-central-1.amazoncognito.com", "AWS_Cognito", NDPI_PROTOCOL_AWS_COGNITO, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "auth.eu-central-2.amazoncognito.com", "AWS_Cognito", NDPI_PROTOCOL_AWS_COGNITO, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "auth.eu-north-1.amazoncognito.com", "AWS_Cognito", NDPI_PROTOCOL_AWS_COGNITO, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "auth.eu-south-1.amazoncognito.com", "AWS_Cognito", NDPI_PROTOCOL_AWS_COGNITO, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "auth.eu-south-2.amazoncognito.com", "AWS_Cognito", NDPI_PROTOCOL_AWS_COGNITO, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "auth.eu-west-1.amazoncognito.com", "AWS_Cognito", NDPI_PROTOCOL_AWS_COGNITO, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "auth.eu-west-2.amazoncognito.com", "AWS_Cognito", NDPI_PROTOCOL_AWS_COGNITO, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "auth.eu-west-3.amazoncognito.com", "AWS_Cognito", NDPI_PROTOCOL_AWS_COGNITO, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "auth-fips.us-east-1.amazoncognito.com", "AWS_Cognito", NDPI_PROTOCOL_AWS_COGNITO, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "auth-fips.us-east-2.amazoncognito.com", "AWS_Cognito", NDPI_PROTOCOL_AWS_COGNITO, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "auth-fips.us-gov-east-1.amazoncognito.com", "AWS_Cognito", NDPI_PROTOCOL_AWS_COGNITO, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "auth-fips.us-gov-west-1.amazoncognito.com", "AWS_Cognito", NDPI_PROTOCOL_AWS_COGNITO, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "auth-fips.us-west-1.amazoncognito.com", "AWS_Cognito", NDPI_PROTOCOL_AWS_COGNITO, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "auth-fips.us-west-2.amazoncognito.com", "AWS_Cognito", NDPI_PROTOCOL_AWS_COGNITO, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "auth.il-central-1.amazoncognito.com", "AWS_Cognito", NDPI_PROTOCOL_AWS_COGNITO, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "auth.me-central-1.amazoncognito.com", "AWS_Cognito", NDPI_PROTOCOL_AWS_COGNITO, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "auth.me-south-1.amazoncognito.com", "AWS_Cognito", NDPI_PROTOCOL_AWS_COGNITO, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "auth.mx-central-1.amazoncognito.com", "AWS_Cognito", NDPI_PROTOCOL_AWS_COGNITO, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "auth.sa-east-1.amazoncognito.com", "AWS_Cognito", NDPI_PROTOCOL_AWS_COGNITO, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "auth.us-east-1.amazoncognito.com", "AWS_Cognito", NDPI_PROTOCOL_AWS_COGNITO, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "auth.us-east-2.amazoncognito.com", "AWS_Cognito", NDPI_PROTOCOL_AWS_COGNITO, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "auth.us-west-1.amazoncognito.com", "AWS_Cognito", NDPI_PROTOCOL_AWS_COGNITO, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "auth.us-west-2.amazoncognito.com", "AWS_Cognito", NDPI_PROTOCOL_AWS_COGNITO, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { NULL, NULL, NDPI_PROTOCOL_UNKNOWN, NDPI_PROTOCOL_CATEGORY_UNSPECIFIED, NDPI_PROTOCOL_SAFE, NDPI_PROTOCOL_DEFAULT_LEVEL }
+};
diff --git a/src/lib/inc_generated/ndpi_domains_aws_ec2_match.c.inc b/src/lib/inc_generated/ndpi_domains_aws_ec2_match.c.inc
new file mode 100644
index 000000000..5534b1f7a
--- /dev/null
+++ b/src/lib/inc_generated/ndpi_domains_aws_ec2_match.c.inc
@@ -0,0 +1,28 @@
+/*
+ *
+ * This file is generated automatically and part of nDPI
+ *
+ * nDPI is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * nDPI is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with nDPI. If not, see .
+ *
+ */
+
+/* ****************************************************** */
+
+
+static ndpi_protocol_match aws_ec2_host_match[] = {
+ { "compute-1.amazonaws.com", "AWS_EC2", NDPI_PROTOCOL_AWS_EC2, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "compute.amazonaws.com", "AWS_EC2", NDPI_PROTOCOL_AWS_EC2, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "compute.amazonaws.com.cn", "AWS_EC2", NDPI_PROTOCOL_AWS_EC2, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { NULL, NULL, NDPI_PROTOCOL_UNKNOWN, NDPI_PROTOCOL_CATEGORY_UNSPECIFIED, NDPI_PROTOCOL_SAFE, NDPI_PROTOCOL_DEFAULT_LEVEL }
+};
diff --git a/src/lib/inc_generated/ndpi_domains_aws_emr_match.c.inc b/src/lib/inc_generated/ndpi_domains_aws_emr_match.c.inc
new file mode 100644
index 000000000..edd9e6b92
--- /dev/null
+++ b/src/lib/inc_generated/ndpi_domains_aws_emr_match.c.inc
@@ -0,0 +1,124 @@
+/*
+ *
+ * This file is generated automatically and part of nDPI
+ *
+ * nDPI is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * nDPI is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with nDPI. If not, see .
+ *
+ */
+
+/* ****************************************************** */
+
+
+static ndpi_protocol_match aws_emr_host_match[] = {
+ { "emrappui-prod.af-south-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrappui-prod.ap-east-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrappui-prod.ap-northeast-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrappui-prod.ap-northeast-2.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrappui-prod.ap-northeast-3.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrappui-prod.ap-south-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrappui-prod.ap-south-2.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrappui-prod.ap-southeast-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrappui-prod.ap-southeast-2.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrappui-prod.ap-southeast-3.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrappui-prod.ap-southeast-4.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrappui-prod.ca-central-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrappui-prod.ca-west-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrappui-prod.cn-north-1.amazonaws.com.cn", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrappui-prod.cn-northwest-1.amazonaws.com.cn", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrappui-prod.eu-central-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrappui-prod.eu-central-2.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrappui-prod.eu-north-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrappui-prod.eu-south-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrappui-prod.eu-south-2.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrappui-prod.eu-west-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrappui-prod.eu-west-2.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrappui-prod.eu-west-3.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrappui-prod.il-central-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrappui-prod.me-central-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrappui-prod.me-south-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrappui-prod.sa-east-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrappui-prod.us-east-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrappui-prod.us-east-2.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrappui-prod.us-gov-east-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrappui-prod.us-gov-west-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrappui-prod.us-west-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrappui-prod.us-west-2.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrnotebooks-prod.af-south-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrnotebooks-prod.ap-east-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrnotebooks-prod.ap-northeast-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrnotebooks-prod.ap-northeast-2.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrnotebooks-prod.ap-northeast-3.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrnotebooks-prod.ap-south-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrnotebooks-prod.ap-south-2.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrnotebooks-prod.ap-southeast-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrnotebooks-prod.ap-southeast-2.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrnotebooks-prod.ap-southeast-3.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrnotebooks-prod.ap-southeast-4.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrnotebooks-prod.ca-central-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrnotebooks-prod.ca-west-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrnotebooks-prod.cn-north-1.amazonaws.com.cn", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrnotebooks-prod.cn-northwest-1.amazonaws.com.cn", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrnotebooks-prod.eu-central-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrnotebooks-prod.eu-central-2.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrnotebooks-prod.eu-north-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrnotebooks-prod.eu-south-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrnotebooks-prod.eu-south-2.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrnotebooks-prod.eu-west-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrnotebooks-prod.eu-west-2.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrnotebooks-prod.eu-west-3.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrnotebooks-prod.il-central-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrnotebooks-prod.me-central-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrnotebooks-prod.me-south-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrnotebooks-prod.sa-east-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrnotebooks-prod.us-east-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrnotebooks-prod.us-east-2.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrnotebooks-prod.us-gov-east-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrnotebooks-prod.us-gov-west-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrnotebooks-prod.us-west-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrnotebooks-prod.us-west-2.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrstudio-prod.af-south-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrstudio-prod.ap-east-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrstudio-prod.ap-northeast-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrstudio-prod.ap-northeast-2.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrstudio-prod.ap-northeast-3.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrstudio-prod.ap-south-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrstudio-prod.ap-south-2.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrstudio-prod.ap-southeast-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrstudio-prod.ap-southeast-2.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrstudio-prod.ap-southeast-3.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrstudio-prod.ap-southeast-4.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrstudio-prod.ca-central-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrstudio-prod.ca-west-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrstudio-prod.cn-north-1.amazonaws.com.cn", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrstudio-prod.cn-northwest-1.amazonaws.com.cn", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrstudio-prod.eu-central-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrstudio-prod.eu-central-2.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrstudio-prod.eu-north-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrstudio-prod.eu-south-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrstudio-prod.eu-south-2.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrstudio-prod.eu-west-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrstudio-prod.eu-west-2.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrstudio-prod.eu-west-3.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrstudio-prod.il-central-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrstudio-prod.me-central-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrstudio-prod.me-south-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrstudio-prod.sa-east-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrstudio-prod.us-east-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrstudio-prod.us-east-2.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrstudio-prod.us-gov-east-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrstudio-prod.us-gov-west-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrstudio-prod.us-west-1.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "emrstudio-prod.us-west-2.amazonaws.com", "AWS_EMR", NDPI_PROTOCOL_AWS_EMR, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { NULL, NULL, NDPI_PROTOCOL_UNKNOWN, NDPI_PROTOCOL_CATEGORY_UNSPECIFIED, NDPI_PROTOCOL_SAFE, NDPI_PROTOCOL_DEFAULT_LEVEL }
+};
diff --git a/src/lib/inc_generated/ndpi_domains_aws_s3_match.c.inc b/src/lib/inc_generated/ndpi_domains_aws_s3_match.c.inc
new file mode 100644
index 000000000..6327baafb
--- /dev/null
+++ b/src/lib/inc_generated/ndpi_domains_aws_s3_match.c.inc
@@ -0,0 +1,329 @@
+/*
+ *
+ * This file is generated automatically and part of nDPI
+ *
+ * nDPI is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * nDPI is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with nDPI. If not, see .
+ *
+ */
+
+/* ****************************************************** */
+
+
+static ndpi_protocol_match aws_s3_host_match[] = {
+ { "mrap.accesspoint.s3-global.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.af-south-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.ap-east-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.ap-northeast-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.ap-northeast-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.ap-northeast-3.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.ap-south-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.ap-south-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.ap-southeast-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.ap-southeast-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.ap-southeast-3.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.ap-southeast-4.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.ap-southeast-5.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.ca-central-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.ca-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.cn-north-1.amazonaws.com.cn", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.cn-northwest-1.amazonaws.com.cn", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.dualstack.af-south-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.dualstack.ap-east-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.dualstack.ap-northeast-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.dualstack.ap-northeast-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.dualstack.ap-northeast-3.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.dualstack.ap-south-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.dualstack.ap-south-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.dualstack.ap-southeast-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.dualstack.ap-southeast-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.dualstack.ap-southeast-3.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.dualstack.ap-southeast-4.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.dualstack.ap-southeast-5.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.dualstack.ca-central-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.dualstack.ca-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.dualstack.cn-north-1.amazonaws.com.cn", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.dualstack.cn-northwest-1.amazonaws.com.cn", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.dualstack.eu-central-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.dualstack.eu-central-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.dualstack.eu-north-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.dualstack.eu-south-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.dualstack.eu-south-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.dualstack.eu-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.dualstack.eu-west-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.dualstack.eu-west-3.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.dualstack.il-central-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.dualstack.me-central-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.dualstack.me-south-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.dualstack.sa-east-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.dualstack.us-east-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.dualstack.us-east-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.dualstack.us-gov-east-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.dualstack.us-gov-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.dualstack.us-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.dualstack.us-west-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.eu-central-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.eu-central-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.eu-north-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.eu-south-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.eu-south-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.eu-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.eu-west-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.eu-west-3.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint-fips.ca-central-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint-fips.ca-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint-fips.dualstack.ca-central-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint-fips.dualstack.ca-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint-fips.dualstack.us-east-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint-fips.dualstack.us-east-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint-fips.dualstack.us-gov-east-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint-fips.dualstack.us-gov-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint-fips.dualstack.us-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint-fips.dualstack.us-west-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint-fips.us-east-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint-fips.us-east-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint-fips.us-gov-east-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint-fips.us-gov-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint-fips.us-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint-fips.us-west-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.il-central-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.me-central-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.me-south-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.sa-east-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.us-east-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.us-east-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.us-gov-east-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.us-gov-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.us-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-accesspoint.us-west-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.af-south-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-ap-east-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.ap-east-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-ap-northeast-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.ap-northeast-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-ap-northeast-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.ap-northeast-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-ap-northeast-3.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.ap-northeast-3.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-ap-south-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.ap-south-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.ap-south-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-ap-southeast-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.ap-southeast-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-ap-southeast-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.ap-southeast-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.ap-southeast-3.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.ap-southeast-4.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.ap-southeast-5.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-ca-central-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.ca-central-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.ca-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.cn-north-1.amazonaws.com.cn", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.cn-northwest-1.amazonaws.com.cn", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-deprecated.ap-southeast-5.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-deprecated.cn-north-1.amazonaws.com.cn", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-deprecated.eu-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-deprecated.us-east-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-deprecated.us-east-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-deprecated.us-west-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.dualstack.af-south-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.dualstack.ap-east-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.dualstack.ap-northeast-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.dualstack.ap-northeast-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.dualstack.ap-northeast-3.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.dualstack.ap-south-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.dualstack.ap-south-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.dualstack.ap-southeast-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.dualstack.ap-southeast-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.dualstack.ap-southeast-3.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.dualstack.ap-southeast-4.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.dualstack.ap-southeast-5.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.dualstack.ca-central-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.dualstack.ca-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.dualstack.cn-north-1.amazonaws.com.cn", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.dualstack.cn-northwest-1.amazonaws.com.cn", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.dualstack.eu-central-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.dualstack.eu-central-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.dualstack.eu-north-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.dualstack.eu-south-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.dualstack.eu-south-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.dualstack.eu-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.dualstack.eu-west-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.dualstack.eu-west-3.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.dualstack.il-central-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.dualstack.me-central-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.dualstack.me-south-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.dualstack.sa-east-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.dualstack.us-east-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.dualstack.us-east-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.dualstack.us-gov-east-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.dualstack.us-gov-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.dualstack.us-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.dualstack.us-west-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-eu-central-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.eu-central-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.eu-central-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-eu-north-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.eu-north-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.eu-south-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.eu-south-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-eu-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.eu-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-eu-west-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.eu-west-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-eu-west-3.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.eu-west-3.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-external-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-fips.ca-central-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-fips.ca-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-fips.dualstack.ca-central-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-fips.dualstack.ca-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-fips.dualstack.us-east-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-fips.dualstack.us-east-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-fips.dualstack.us-gov-east-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-fips.dualstack.us-gov-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-fips.dualstack.us-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-fips.dualstack.us-west-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-fips.us-east-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-fips.us-east-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-fips-us-gov-east-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-fips.us-gov-east-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-fips-us-gov-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-fips.us-gov-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-fips.us-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-fips.us-west-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.il-central-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.me-central-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-me-south-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.me-south-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-object-lambda.af-south-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-object-lambda.ap-east-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-object-lambda.ap-northeast-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-object-lambda.ap-northeast-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-object-lambda.ap-northeast-3.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-object-lambda.ap-south-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-object-lambda.ap-south-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-object-lambda.ap-southeast-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-object-lambda.ap-southeast-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-object-lambda.ap-southeast-3.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-object-lambda.ap-southeast-4.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-object-lambda.ap-southeast-5.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-object-lambda.ca-central-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-object-lambda.ca-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-object-lambda.cn-north-1.amazonaws.com.cn", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-object-lambda.cn-northwest-1.amazonaws.com.cn", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-object-lambda.eu-central-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-object-lambda.eu-central-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-object-lambda.eu-north-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-object-lambda.eu-south-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-object-lambda.eu-south-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-object-lambda.eu-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-object-lambda.eu-west-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-object-lambda.eu-west-3.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-object-lambda.il-central-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-object-lambda.me-central-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-object-lambda.me-south-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-object-lambda.sa-east-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-object-lambda.us-east-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-object-lambda.us-east-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-object-lambda.us-gov-east-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-object-lambda.us-gov-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-object-lambda.us-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-object-lambda.us-west-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-sa-east-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.sa-east-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.us-east-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-us-east-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.us-east-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-us-gov-east-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.us-gov-east-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-us-gov-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.us-gov-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-us-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.us-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-us-west-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3.us-west-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.af-south-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.ap-east-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website-ap-northeast-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.ap-northeast-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.ap-northeast-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.ap-northeast-3.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.ap-south-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.ap-south-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website-ap-southeast-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.ap-southeast-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website-ap-southeast-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.ap-southeast-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.ap-southeast-3.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.ap-southeast-4.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.ap-southeast-5.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.ca-central-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.ca-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.cn-north-1.amazonaws.com.cn", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.cn-northwest-1.amazonaws.com.cn", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.dualstack.af-south-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.dualstack.ap-northeast-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.dualstack.ap-northeast-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.dualstack.ap-northeast-3.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.dualstack.ap-south-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.dualstack.ap-south-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.dualstack.ap-southeast-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.dualstack.ap-southeast-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.dualstack.ap-southeast-3.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.dualstack.ap-southeast-4.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.dualstack.ap-southeast-5.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.dualstack.ca-central-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.dualstack.ca-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.dualstack.cn-north-1.amazonaws.com.cn", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.dualstack.eu-central-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.dualstack.eu-central-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.dualstack.eu-south-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.dualstack.eu-south-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.dualstack.eu-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.dualstack.eu-west-3.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.dualstack.il-central-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.dualstack.me-central-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.dualstack.sa-east-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.dualstack.us-east-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.dualstack.us-east-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.dualstack.us-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.dualstack.us-west-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.eu-central-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.eu-central-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.eu-north-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.eu-south-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.eu-south-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website-eu-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.eu-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.eu-west-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.eu-west-3.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.il-central-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.me-central-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.me-south-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website-sa-east-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.sa-east-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website-us-east-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.us-east-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.us-east-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.us-gov-east-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website-us-gov-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.us-gov-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website-us-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.us-west-1.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website-us-west-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "s3-website.us-west-2.amazonaws.com", "AWS_S3", NDPI_PROTOCOL_AWS_S3, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { NULL, NULL, NDPI_PROTOCOL_UNKNOWN, NDPI_PROTOCOL_CATEGORY_UNSPECIFIED, NDPI_PROTOCOL_SAFE, NDPI_PROTOCOL_DEFAULT_LEVEL }
+};
diff --git a/src/lib/ndpi_content_match.c.inc b/src/lib/ndpi_content_match.c.inc
index 0bb073930..6693ebb16 100644
--- a/src/lib/ndpi_content_match.c.inc
+++ b/src/lib/ndpi_content_match.c.inc
@@ -430,8 +430,6 @@ static ndpi_protocol_match host_match[] =
{ "amazonaws.com", "AmazonAWS", NDPI_PROTOCOL_AMAZON_AWS, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
{ "aws.a2z.com", "AmazonAWS", NDPI_PROTOCOL_AMAZON_AWS, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
{ "a2z.com", "Amazon", NDPI_PROTOCOL_AMAZON, NDPI_PROTOCOL_CATEGORY_WEB, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
- { "cloudfront.net", "AmazonAWS", NDPI_PROTOCOL_AMAZON_AWS, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
- { "us-west-2.compute.amazonaws.com", "AmazonAWS", NDPI_PROTOCOL_AMAZON_AWS, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
{ "teamviewer.com", "Teamviewer", NDPI_PROTOCOL_TEAMVIEWER, NDPI_PROTOCOL_CATEGORY_REMOTE_ACCESS, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
{ "bloombergvault.com", "Bloomberg", NDPI_PROTOCOL_BLOOMBERG, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_SAFE, NDPI_PROTOCOL_DEFAULT_LEVEL },
{ "bloomberg.com", "Bloomberg", NDPI_PROTOCOL_BLOOMBERG, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_SAFE, NDPI_PROTOCOL_DEFAULT_LEVEL },
@@ -1555,6 +1553,12 @@ static ndpi_protocol_match host_match[] =
/* Rumble */
{ "rumble.com", "Rumble", NDPI_PROTOCOL_RUMBLE, NDPI_PROTOCOL_CATEGORY_STREAMING, NDPI_PROTOCOL_FUN, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ /* From real traffic. TODO: extend (other regions) */
+ { "kinesis.ap-southeast-1.amazonaws.com", "AWS_Kinesis", NDPI_PROTOCOL_AWS_KINESIS, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "kinesis.eu-west-1.amazonaws.com", "AWS_Kinesis", NDPI_PROTOCOL_AWS_KINESIS, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "kinesis.us-east-1.amazonaws.com", "AWS_Kinesis", NDPI_PROTOCOL_AWS_KINESIS, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+ { "kinesis.us-west-2.amazonaws.com", "AWS_Kinesis", NDPI_PROTOCOL_AWS_KINESIS, NDPI_PROTOCOL_CATEGORY_CLOUD, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+
#ifdef CUSTOM_NDPI_PROTOCOLS
#include "../../../nDPI-custom/custom_ndpi_content_match_host_match.c.inc"
#endif
diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c
index a997a4fb4..464c14c20 100644
--- a/src/lib/ndpi_main.c
+++ b/src/lib/ndpi_main.c
@@ -72,6 +72,12 @@
#include "inc_generated/ndpi_tor_exit_nodes_match.c.inc"
#include "inc_generated/ndpi_whatsapp_match.c.inc"
#include "inc_generated/ndpi_amazon_aws_match.c.inc"
+#include "inc_generated/ndpi_amazon_aws_api_gateway_match.c.inc"
+#include "inc_generated/ndpi_amazon_aws_kinesis_match.c.inc"
+#include "inc_generated/ndpi_amazon_aws_ec2_match.c.inc"
+#include "inc_generated/ndpi_amazon_aws_s3_match.c.inc"
+#include "inc_generated/ndpi_amazon_aws_cloudfront_match.c.inc"
+#include "inc_generated/ndpi_amazon_aws_dynamodb_match.c.inc"
#include "inc_generated/ndpi_ethereum_match.c.inc"
#include "inc_generated/ndpi_zoom_match.c.inc"
#include "inc_generated/ndpi_cachefly_match.c.inc"
@@ -129,6 +135,12 @@
#include "inc_generated/ndpi_domains_ms_teams_match.c.inc"
#include "inc_generated/ndpi_domains_ms_azure_match.c.inc"
#include "inc_generated/ndpi_domains_ms_generic_match.c.inc"
+#include "inc_generated/ndpi_domains_aws_api_gateway_match.c.inc"
+#include "inc_generated/ndpi_domains_aws_cloudfront_match.c.inc"
+#include "inc_generated/ndpi_domains_aws_cognito_match.c.inc"
+#include "inc_generated/ndpi_domains_aws_ec2_match.c.inc"
+#include "inc_generated/ndpi_domains_aws_emr_match.c.inc"
+#include "inc_generated/ndpi_domains_aws_s3_match.c.inc"
/* Third party libraries */
#include "third_party/include/ndpi_patricia.h"
@@ -530,6 +542,9 @@ int is_flow_addr_informative(const struct ndpi_flow_struct *flow)
case NDPI_PROTOCOL_ALIBABA:
case NDPI_PROTOCOL_YANDEX_CLOUD:
case NDPI_PROTOCOL_AMAZON_AWS:
+ case NDPI_PROTOCOL_AWS_CLOUDFRONT:
+ case NDPI_PROTOCOL_AWS_EC2:
+ /* TODO: do we need to add the other NDPI_PROTOCOL_AWS_* ? */
case NDPI_PROTOCOL_MICROSOFT_AZURE:
case NDPI_PROTOCOL_CACHEFLY:
case NDPI_PROTOCOL_CLOUDFLARE:
@@ -1066,6 +1081,12 @@ static void init_string_based_protocols(struct ndpi_detection_module_struct *ndp
self_check_host_match(ndpi_str, microsoft365_host_match);
self_check_host_match(ndpi_str, azure_host_match);
self_check_host_match(ndpi_str, microsoft_host_match);
+ self_check_host_match(ndpi_str, aws_api_gateway_host_match);
+ self_check_host_match(ndpi_str, aws_cloudfront_host_match);
+ self_check_host_match(ndpi_str, aws_cognito_host_match);
+ self_check_host_match(ndpi_str, aws_ec2_host_match);
+ self_check_host_match(ndpi_str, aws_emr_host_match);
+ self_check_host_match(ndpi_str, aws_s3_host_match);
for(i = 0; host_match[i].string_to_match != NULL; i++)
init_app_protocol(ndpi_str, &host_match[i]);
@@ -1081,6 +1102,18 @@ static void init_string_based_protocols(struct ndpi_detection_module_struct *ndp
init_app_protocol(ndpi_str, &azure_host_match[i]);
for(i = 0; microsoft_host_match[i].string_to_match != NULL; i++)
init_app_protocol(ndpi_str, µsoft_host_match[i]);
+ for(i = 0; aws_api_gateway_host_match[i].string_to_match != NULL; i++)
+ init_app_protocol(ndpi_str, &aws_api_gateway_host_match[i]);
+ for(i = 0; aws_cloudfront_host_match[i].string_to_match != NULL; i++)
+ init_app_protocol(ndpi_str, &aws_cloudfront_host_match[i]);
+ for(i = 0; aws_cognito_host_match[i].string_to_match != NULL; i++)
+ init_app_protocol(ndpi_str, &aws_cognito_host_match[i]);
+ for(i = 0; aws_ec2_host_match[i].string_to_match != NULL; i++)
+ init_app_protocol(ndpi_str, &aws_ec2_host_match[i]);
+ for(i = 0; aws_emr_host_match[i].string_to_match != NULL; i++)
+ init_app_protocol(ndpi_str, &aws_emr_host_match[i]);
+ for(i = 0; aws_s3_host_match[i].string_to_match != NULL; i++)
+ init_app_protocol(ndpi_str, &aws_s3_host_match[i]);
/* ************************ */
@@ -1115,6 +1148,18 @@ static void load_string_based_protocols(struct ndpi_detection_module_struct *ndp
load_protocol_match(ndpi_str, &azure_host_match[i]);
for(i = 0; microsoft_host_match[i].string_to_match != NULL; i++)
load_protocol_match(ndpi_str, µsoft_host_match[i]);
+ for(i = 0; aws_api_gateway_host_match[i].string_to_match != NULL; i++)
+ load_protocol_match(ndpi_str, &aws_api_gateway_host_match[i]);
+ for(i = 0; aws_cloudfront_host_match[i].string_to_match != NULL; i++)
+ load_protocol_match(ndpi_str, &aws_cloudfront_host_match[i]);
+ for(i = 0; aws_cognito_host_match[i].string_to_match != NULL; i++)
+ load_protocol_match(ndpi_str, &aws_cognito_host_match[i]);
+ for(i = 0; aws_ec2_host_match[i].string_to_match != NULL; i++)
+ load_protocol_match(ndpi_str, &aws_ec2_host_match[i]);
+ for(i = 0; aws_emr_host_match[i].string_to_match != NULL; i++)
+ load_protocol_match(ndpi_str, &aws_emr_host_match[i]);
+ for(i = 0; aws_s3_host_match[i].string_to_match != NULL; i++)
+ load_protocol_match(ndpi_str, &aws_s3_host_match[i]);
/* ************************ */
@@ -2932,6 +2977,11 @@ static void init_protocol_defaults(struct ndpi_detection_module_struct *ndpi_str
ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */ ,
ndpi_build_default_ports(ports_b, 5540, 5542, 0, 0, 0) /* UDP */,
0);
+ ndpi_set_proto_defaults(ndpi_str, 1 , 1 , NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_AWS_DYNAMODB,
+ "AWS_DynamoDB", NDPI_PROTOCOL_CATEGORY_DATABASE, NDPI_PROTOCOL_QOE_CATEGORY_UNSPECIFIED,
+ ndpi_build_default_ports(ports_a, 0, 0, 0, 0, 0) /* TCP */ ,
+ ndpi_build_default_ports(ports_b, 0, 0, 0, 0, 0) /* UDP */,
+ 0);
#ifdef CUSTOM_NDPI_PROTOCOLS
#include "../../../nDPI-custom/custom_ndpi_main.c"
@@ -4295,6 +4345,30 @@ int ndpi_finalize_initialization(struct ndpi_detection_module_struct *ndpi_str)
ndpi_init_ptree_ipv4(ndpi_str->protocols->v4, ndpi_protocol_amazon_aws_protocol_list);
ndpi_init_ptree_ipv6(ndpi_str, ndpi_str->protocols->v6, ndpi_protocol_amazon_aws_protocol_list_6);
}
+ if(is_ip_list_enabled(ndpi_str, NDPI_PROTOCOL_AWS_API_GATEWAY)) {
+ ndpi_init_ptree_ipv4(ndpi_str->protocols->v4, ndpi_protocol_aws_api_gateway_protocol_list);
+ ndpi_init_ptree_ipv6(ndpi_str, ndpi_str->protocols->v6, ndpi_protocol_aws_api_gateway_protocol_list_6);
+ }
+ if(is_ip_list_enabled(ndpi_str, NDPI_PROTOCOL_AWS_KINESIS)) {
+ ndpi_init_ptree_ipv4(ndpi_str->protocols->v4, ndpi_protocol_aws_kinesis_protocol_list);
+ ndpi_init_ptree_ipv6(ndpi_str, ndpi_str->protocols->v6, ndpi_protocol_aws_kinesis_protocol_list_6);
+ }
+ if(is_ip_list_enabled(ndpi_str, NDPI_PROTOCOL_AWS_EC2)) {
+ ndpi_init_ptree_ipv4(ndpi_str->protocols->v4, ndpi_protocol_aws_ec2_protocol_list);
+ ndpi_init_ptree_ipv6(ndpi_str, ndpi_str->protocols->v6, ndpi_protocol_aws_ec2_protocol_list_6);
+ }
+ if(is_ip_list_enabled(ndpi_str, NDPI_PROTOCOL_AWS_S3)) {
+ ndpi_init_ptree_ipv4(ndpi_str->protocols->v4, ndpi_protocol_aws_s3_protocol_list);
+ ndpi_init_ptree_ipv6(ndpi_str, ndpi_str->protocols->v6, ndpi_protocol_aws_s3_protocol_list_6);
+ }
+ if(is_ip_list_enabled(ndpi_str, NDPI_PROTOCOL_AWS_CLOUDFRONT)) {
+ ndpi_init_ptree_ipv4(ndpi_str->protocols->v4, ndpi_protocol_aws_cloudfront_protocol_list);
+ ndpi_init_ptree_ipv6(ndpi_str, ndpi_str->protocols->v6, ndpi_protocol_aws_cloudfront_protocol_list_6);
+ }
+ if(is_ip_list_enabled(ndpi_str, NDPI_PROTOCOL_AWS_DYNAMODB)) {
+ ndpi_init_ptree_ipv4(ndpi_str->protocols->v4, ndpi_protocol_aws_dynamodb_protocol_list);
+ ndpi_init_ptree_ipv6(ndpi_str, ndpi_str->protocols->v6, ndpi_protocol_aws_dynamodb_protocol_list_6);
+ }
if(is_ip_list_enabled(ndpi_str, NDPI_PROTOCOL_MICROSOFT_AZURE)) {
ndpi_init_ptree_ipv4(ndpi_str->protocols->v4, ndpi_protocol_microsoft_azure_protocol_list);
ndpi_init_ptree_ipv6(ndpi_str, ndpi_str->protocols->v6, ndpi_protocol_microsoft_azure_protocol_list_6);
diff --git a/tests/cfgs/default/result/1kxun.pcap.out b/tests/cfgs/default/result/1kxun.pcap.out
index af164ac78..9330e6cdd 100644
--- a/tests/cfgs/default/result/1kxun.pcap.out
+++ b/tests/cfgs/default/result/1kxun.pcap.out
@@ -77,13 +77,13 @@ JA Host Stats:
6 TCP 192.168.2.126:46212 <-> 172.105.121.82:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][2 pkts/555 bytes <-> 12 pkts/124834 bytes][Goodput ratio: 76/99][1.58 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.991 (Download)][IAT c2s/s2c min/avg/max/stddev: 871/0 871/122 871/373 0/155][Pkt Len c2s/s2c min/avg/max/stddev: 277/386 278/10403 278/37506 0/10887][URL: pic.1kxun.com/video_kankan/images/releases/300/5183-51fb99a2391e774037ba21cbca307be4.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,14,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,57]
7 TCP 192.168.2.126:38316 <-> 172.105.121.82:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/273 bytes <-> 23 pkts/118294 bytes][Goodput ratio: 76/99][1.43 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.995 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/46 0/393 0/113][Pkt Len c2s/s2c min/avg/max/stddev: 273/388 273/5143 273/24546 0/5526][URL: pic.1kxun.com/video_kankan/images/videos/40701-8fa7d916c55e31f90fa55f450b716505.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,4,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,20,0,67]
8 TCP 192.168.2.126:49380 <-> 14.136.136.108:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 9][cat: Streaming/17][Breed: Fun][2 pkts/1172 bytes <-> 30 pkts/99876 bytes][Goodput ratio: 89/98][1.31 sec][Hostname/SNI: hkbn.content.1kxun.com][bytes ratio: -0.977 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/32 0/209 0/74][Pkt Len c2s/s2c min/avg/max/stddev: 580/351 586/3329 592/18786 6/3784][URL: hkbn.content.1kxun.com/manga-hant/images/project/cartoons/f05074256b39572ad852c1c95eb5f8a7.jpg][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (LGET /manga)][Plen Bins: 0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,53,0,34]
- 9 TCP 192.168.2.126:36636 <-> 18.64.103.30:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 9][cat: Web/5][Breed: Acceptable][1 pkts/411 bytes <-> 29 pkts/98991 bytes][Goodput ratio: 84/98][0.08 sec][Hostname/SNI: hybird.rayjump.com][bytes ratio: -0.992 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/2 0/20 0/4][Pkt Len c2s/s2c min/avg/max/stddev: 411/1467 411/3413 411/5778 0/1722][URL: hybird.rayjump.com/rv-zip-2022/0428/tpl4-4209ad845e61d9ad67b6f04187d00be0.zip?md5filename=4209ad845e61d9ad67b6f04187d00be0&foldername=tpl4&layout=1&tpl=4&wfr=1&to=9999&alecfc=1&whs_chn=m][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /rv)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,30,0,0,63]
- 10 TCP 192.168.2.126:36654 <-> 18.64.103.30:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 9][cat: Web/5][Breed: Acceptable][1 pkts/363 bytes <-> 25 pkts/90800 bytes][Goodput ratio: 82/98][0.10 sec][Hostname/SNI: hybird.rayjump.com][bytes ratio: -0.992 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/3 0/18 0/5][Pkt Len c2s/s2c min/avg/max/stddev: 363/1494 363/3632 363/4350 0/1035][URL: hybird.rayjump.com/rv-zip-2019/1113/mini-260291c208bf3376b5111db855e89451.zip?md5filename=260291c208bf3376b5111db855e89451&foldername=mini][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /rv)][Plen Bins: 0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,85]
+ 9 TCP 192.168.2.126:36636 <-> 18.64.103.30:80 [proto: 7/HTTP][Stack: HTTP][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 9][cat: Web/5][Breed: Acceptable][1 pkts/411 bytes <-> 29 pkts/98991 bytes][Goodput ratio: 84/98][0.08 sec][Hostname/SNI: hybird.rayjump.com][bytes ratio: -0.992 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/2 0/20 0/4][Pkt Len c2s/s2c min/avg/max/stddev: 411/1467 411/3413 411/5778 0/1722][URL: hybird.rayjump.com/rv-zip-2022/0428/tpl4-4209ad845e61d9ad67b6f04187d00be0.zip?md5filename=4209ad845e61d9ad67b6f04187d00be0&foldername=tpl4&layout=1&tpl=4&wfr=1&to=9999&alecfc=1&whs_chn=m][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /rv)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,30,0,0,63]
+ 10 TCP 192.168.2.126:36654 <-> 18.64.103.30:80 [proto: 7/HTTP][Stack: HTTP][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 9][cat: Web/5][Breed: Acceptable][1 pkts/363 bytes <-> 25 pkts/90800 bytes][Goodput ratio: 82/98][0.10 sec][Hostname/SNI: hybird.rayjump.com][bytes ratio: -0.992 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/3 0/18 0/5][Pkt Len c2s/s2c min/avg/max/stddev: 363/1494 363/3632 363/4350 0/1035][URL: hybird.rayjump.com/rv-zip-2019/1113/mini-260291c208bf3376b5111db855e89451.zip?md5filename=260291c208bf3376b5111db855e89451&foldername=mini][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /rv)][Plen Bins: 0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,85]
11 TCP 192.168.2.126:45416 <-> 161.117.13.29:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][8 pkts/7202 bytes <-> 24 pkts/83277 bytes][Goodput ratio: 93/98][16.31 sec][Hostname/SNI: mangaweb.1kxun.mobi][bytes ratio: -0.841 (Download)][IAT c2s/s2c min/avg/max/stddev: 186/0 2919/772 6045/5959 2744/1789][Pkt Len c2s/s2c min/avg/max/stddev: 500/709 900/3470 1180/14466 215/3207][URL: mangaweb.1kxun.mobi/js/vendor.bundle.js?1644807874][StatusCode: 200][Content-Type: application/javascript][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /js/vendor.bundle.j)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,3,0,0,12,0,0,0,0,0,0,0,3,3,3,6,0,0,0,0,0,0,0,3,0,0,21,0,41]
12 TCP 192.168.2.126:38326 <-> 172.105.121.82:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/273 bytes <-> 21 pkts/89010 bytes][Goodput ratio: 76/98][1.25 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.994 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/50 0/412 0/118][Pkt Len c2s/s2c min/avg/max/stddev: 273/387 273/4239 273/12489 0/2950][URL: pic.1kxun.com/video_kankan/images/videos/40730-48fd657abd5a1d3e45d03403ddcb0663.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,4,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,18,0,73]
13 TCP 192.168.2.126:46200 <-> 172.105.121.82:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][2 pkts/556 bytes <-> 18 pkts/82689 bytes][Goodput ratio: 76/99][1.24 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.987 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/56 0/375 0/119][Pkt Len c2s/s2c min/avg/max/stddev: 278/386 278/4594 278/21666 0/5421][URL: pic.1kxun.com/video_kankan/images/releases/301/5027-d707192bfa2dabf22771a4d56454ab88.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,10,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,35,0,45]
14 TCP 192.168.2.126:46184 <-> 172.105.121.82:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][3 pkts/829 bytes <-> 13 pkts/73655 bytes][Goodput ratio: 76/99][1.27 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.978 (Download)][IAT c2s/s2c min/avg/max/stddev: 392/0 392/81 392/368 0/134][Pkt Len c2s/s2c min/avg/max/stddev: 273/386 276/5666 278/23106 2/7129][URL: pic.1kxun.com/video_kankan/images/releases/299/4704-5017bcdcacc02cc3af4833cd1ed72a8f.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,18,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,25,0,37]
- 15 TCP 192.168.2.126:36640 <-> 18.64.103.30:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 9][cat: Web/5][Breed: Acceptable][1 pkts/563 bytes <-> 20 pkts/65580 bytes][Goodput ratio: 88/98][0.06 sec][Hostname/SNI: hybird.rayjump.com][bytes ratio: -0.983 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/1 0/3 0/1][Pkt Len c2s/s2c min/avg/max/stddev: 563/1494 563/3279 563/5778 0/1489][URL: hybird.rayjump.com/rv-zip-2022/0428/endcard-dsp-1302-f2714a34f6661a70fedea1667fb7a9e4.zip?md5filename=f2714a34f6661a70fedea1667fb7a9e4&foldername=endcard-dsp-1302&mof=1&mof_uid=91199&n_imp=1&mof_pkg=com.sceneway.kankan&n_region=fk&alecfc=1&bait_click=1&mo][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /rv)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,62]
+ 15 TCP 192.168.2.126:36640 <-> 18.64.103.30:80 [proto: 7/HTTP][Stack: HTTP][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 9][cat: Web/5][Breed: Acceptable][1 pkts/563 bytes <-> 20 pkts/65580 bytes][Goodput ratio: 88/98][0.06 sec][Hostname/SNI: hybird.rayjump.com][bytes ratio: -0.983 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/1 0/3 0/1][Pkt Len c2s/s2c min/avg/max/stddev: 563/1494 563/3279 563/5778 0/1489][URL: hybird.rayjump.com/rv-zip-2022/0428/endcard-dsp-1302-f2714a34f6661a70fedea1667fb7a9e4.zip?md5filename=f2714a34f6661a70fedea1667fb7a9e4&foldername=endcard-dsp-1302&mof=1&mof_uid=91199&n_imp=1&mof_pkg=com.sceneway.kankan&n_region=fk&alecfc=1&bait_click=1&mo][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /rv)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,62]
16 TCP 192.168.115.8:49600 <-> 106.187.35.246:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 295/1kxun, Confidence: DNS][DPI packets: 9][cat: Streaming/17][Breed: Fun][18 pkts/1722 bytes <-> 51 pkts/61707 bytes][Goodput ratio: 42/95][45.37 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.946 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3472/1029 44994/45054 11986/6714][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 96/1210 416/1314 113/325][URL: pic.1kxun.com/video_kankan/images/videos/18283-jfyj3.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.9.7.1][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /video)][Plen Bins: 3,0,0,0,0,0,0,0,0,1,0,3,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,91,0,0,0,0,0,0,0,0]
17 TCP 192.168.2.126:45398 <-> 161.117.13.29:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][3 pkts/2127 bytes <-> 18 pkts/58725 bytes][Goodput ratio: 91/98][4.35 sec][Hostname/SNI: mangaweb.1kxun.mobi][bytes ratio: -0.930 (Download)][IAT c2s/s2c min/avg/max/stddev: 229/0 229/262 229/3434 0/852][Pkt Len c2s/s2c min/avg/max/stddev: 490/551 709/3262 821/7266 155/2191][URL: mangaweb.1kxun.mobi/js/dependency-all.js][StatusCode: 200][Content-Type: application/javascript][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /js/dependency)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,4,0,0,0,0,0,0,0,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,39,0,43]
18 TCP 192.168.2.126:49354 <-> 14.136.136.108:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][2 pkts/1184 bytes <-> 19 pkts/53234 bytes][Goodput ratio: 89/98][1.04 sec][Hostname/SNI: hkbn.content.1kxun.com][bytes ratio: -0.956 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/26 0/204 0/67][Pkt Len c2s/s2c min/avg/max/stddev: 592/351 592/2802 592/8706 0/2084][URL: hkbn.content.1kxun.com/manga-hant/images/project/cartoons/7e07d4417e0edc98d327d0ddfd3e227a.jpg?format=webp][StatusCode: 200][Content-Type: image/webp][Server: openresty/1.9.7.4][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (/GET /manga)][Plen Bins: 0,0,0,0,0,0,0,0,9,0,0,0,0,0,0,0,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,38,0,42]
@@ -94,12 +94,12 @@ JA Host Stats:
23 TCP 192.168.115.8:49599 <-> 106.187.35.246:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 295/1kxun, Confidence: DNS][DPI packets: 9][cat: Streaming/17][Breed: Fun][16 pkts/1612 bytes <-> 27 pkts/29579 bytes][Goodput ratio: 45/95][45.24 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.897 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 12/6 66/65 23/18][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 101/1096 415/1314 119/461][URL: pic.1kxun.com/video_kankan/images/videos/13480-alps.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.9.7.1][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /video)][Plen Bins: 7,3,0,0,0,0,0,0,0,3,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,79,0,0,0,0,0,0,0,0]
24 TCP 192.168.2.126:44368 <-> 172.217.18.98:80 [proto: 7.239/HTTP.GoogleServices][Stack: HTTP.GoogleServices][IP: 126/Google][ClearText][Confidence: DPI][FPC: 7.239/HTTP.GoogleServices, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/489 bytes <-> 16 pkts/29841 bytes][Goodput ratio: 86/96][0.06 sec][Hostname/SNI: www.googletagservices.com][bytes ratio: -0.968 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/2 0/22 0/6][Pkt Len c2s/s2c min/avg/max/stddev: 489/491 489/1865 489/2902 0/738][URL: www.googletagservices.com/tag/js/gpt.js][StatusCode: 200][Content-Type: text/javascript][Server: sffe][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /tag/js/gpt.j)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,59,0,0,29]
25 TCP 192.168.2.126:38354 <-> 142.250.186.34:80 [proto: 7.126/HTTP.Google][Stack: HTTP.Google][IP: 126/Google][ClearText][Confidence: DPI][FPC: 7.126/HTTP.Google, Confidence: DPI][DPI packets: 9][cat: Advertisement/101][Breed: Tracker_Ads][1 pkts/586 bytes <-> 12 pkts/28355 bytes][Goodput ratio: 89/97][0.08 sec][Hostname/SNI: pagead2.googlesyndication.com][bytes ratio: -0.960 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/3 0/23 0/7][Pkt Len c2s/s2c min/avg/max/stddev: 586/687 586/2363 586/2902 0/788][URL: pagead2.googlesyndication.com/pagead/show_ads.js][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /pagead/show)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,23,0,0,62]
- 26 TCP 192.168.2.126:35664 <-> 18.66.2.90:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/249 bytes <-> 9 pkts/27029 bytes][Goodput ratio: 73/98][0.02 sec][Hostname/SNI: cdn.liftoff.io][bytes ratio: -0.982 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/1 0/3 0/1][Pkt Len c2s/s2c min/avg/max/stddev: 249/797 249/3003 249/4350 0/1362][URL: cdn.liftoff.io/customers/45d4b09eba/image/lambda_jpg_89/398101234e6cf5b3a8d8.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: AmazonS3][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /customers/45)][Plen Bins: 0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,60]
+ 26 TCP 192.168.2.126:35664 <-> 18.66.2.90:80 [proto: 7/HTTP][Stack: HTTP][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/249 bytes <-> 9 pkts/27029 bytes][Goodput ratio: 73/98][0.02 sec][Hostname/SNI: cdn.liftoff.io][bytes ratio: -0.982 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/1 0/3 0/1][Pkt Len c2s/s2c min/avg/max/stddev: 249/797 249/3003 249/4350 0/1362][URL: cdn.liftoff.io/customers/45d4b09eba/image/lambda_jpg_89/398101234e6cf5b3a8d8.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: AmazonS3][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /customers/45)][Plen Bins: 0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,60]
27 TCP 192.168.115.8:49603 <-> 106.187.35.246:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 295/1kxun, Confidence: DNS][DPI packets: 9][cat: Streaming/17][Breed: Fun][12 pkts/1396 bytes <-> 22 pkts/24184 bytes][Goodput ratio: 52/95][45.24 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.891 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 5632/4 45001/65 14880/15][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 116/1099 415/1314 134/455][URL: pic.1kxun.com/video_kankan/images/videos/16649-ljdz.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.9.7.1][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /video)][Plen Bins: 8,0,0,0,0,0,0,0,0,4,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,75,0,0,0,0,0,0,0,0]
28 TCP 192.168.2.126:36732 <-> 142.250.186.174:80 [proto: 7.126/HTTP.Google][Stack: HTTP.Google][IP: 126/Google][ClearText][Confidence: DPI][FPC: 7.126/HTTP.Google, Confidence: DPI][DPI packets: 2][cat: Advertisement/101][Breed: Tracker_Ads][1 pkts/487 bytes <-> 10 pkts/21123 bytes][Goodput ratio: 86/97][0.05 sec][Hostname/SNI: www.google-analytics.com][bytes ratio: -0.955 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/3 0/21 0/7][Pkt Len c2s/s2c min/avg/max/stddev: 487/677 487/2112 487/2902 0/822][URL: www.google-analytics.com/analytics.js][StatusCode: 200][Content-Type: text/javascript][Server: Golfe2][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /analytics.js HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,9,0,0,0,0,0,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,36,0,0,45]
29 TCP 192.168.2.126:45388 <-> 161.117.13.29:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][2 pkts/1315 bytes <-> 8 pkts/18984 bytes][Goodput ratio: 90/97][4.33 sec][Hostname/SNI: mangaweb.1kxun.mobi][bytes ratio: -0.870 (Download)][IAT c2s/s2c min/avg/max/stddev: 3965/0 3965/593 3965/3966 0/1379][Pkt Len c2s/s2c min/avg/max/stddev: 509/1287 658/2373 806/8258 148/2234][URL: mangaweb.1kxun.mobi/js/swiper/swiper.min.css][StatusCode: 200][Content-Type: text/css][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /js/swiper/swiper.min.css H)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,10,0,0,0,0,40,0,20]
30 TCP 192.168.115.8:49609 <-> 42.120.51.152:8080 [proto: 7/HTTP][Stack: HTTP][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 274/Alibaba, Confidence: IP address][DPI packets: 9][cat: Web/5][Breed: Acceptable][20 pkts/4716 bytes <-> 13 pkts/7005 bytes][Goodput ratio: 77/90][1.19 sec][Hostname/SNI: 42.120.51.152][bytes ratio: -0.195 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 49/52 298/178 81/57][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 236/539 499/1314 193/556][URL: 42.120.51.152:8080/api/proxy?url=http%3A%2F%2Fvv.video.qq.com%2Fgetvinfo][StatusCode: 100][Req Content-Type: application/x-www-form-urlencoded][User-Agent: Mozilla/5.0][Risk: ** Known Proto on Non Std Port **** HTTP/TLS/QUIC Numeric Hostname/SNI **][Risk Score: 60][Risk Info: Found host 42.120.51.152 / Expected on port 80][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (POST /api/proxy)][Plen Bins: 11,0,0,0,0,0,0,22,0,0,0,0,0,33,0,5,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,22,0,0,0,0,0,0,0,0]
- 31 TCP 192.168.2.126:37100 <-> 52.29.177.177:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 4][cat: Web/5][Breed: Acceptable][12 pkts/8973 bytes <-> 4 pkts/687 bytes][Goodput ratio: 91/61][7.04 sec][Hostname/SNI: adx-tk.rayjump.com][bytes ratio: 0.858 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/185 697/1192 4610/2198 1454/1006][Pkt Len c2s/s2c min/avg/max/stddev: 86/169 748/172 1506/180 594/5][StatusCode: 204][Server: nginx][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /track)][Plen Bins: 25,0,0,25,0,0,0,0,0,0,0,0,0,0,12,6,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0]
+ 31 TCP 192.168.2.126:37100 <-> 52.29.177.177:80 [proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 4][cat: Web/5][Breed: Acceptable][12 pkts/8973 bytes <-> 4 pkts/687 bytes][Goodput ratio: 91/61][7.04 sec][Hostname/SNI: adx-tk.rayjump.com][bytes ratio: 0.858 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/185 697/1192 4610/2198 1454/1006][Pkt Len c2s/s2c min/avg/max/stddev: 86/169 748/172 1506/180 594/5][StatusCode: 204][Server: nginx][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /track)][Plen Bins: 25,0,0,25,0,0,0,0,0,0,0,0,0,0,12,6,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0]
32 TCP 192.168.5.16:53627 <-> 203.69.81.73:80 [proto: 7.315/HTTP.Line][Stack: HTTP.Line][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 315/Line, Confidence: DNS][DPI packets: 6][cat: Chat/9][Breed: Acceptable][6 pkts/676 bytes <-> 8 pkts/8822 bytes][Goodput ratio: 40/94][0.02 sec][Hostname/SNI: dl-obs.official.line.naver.jp][bytes ratio: -0.858 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 4/2 10/8 4/3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 113/1103 334/1514 99/610][URL: dl-obs.official.line.naver.jp/r/talk/m/4697716954688/preview][StatusCode: 200][Content-Type: image/jpeg][User-Agent: DESKTOP:MAC:10.10.5-YOSEMITE(4.7.2)][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (FGET /r/talk/m/4697716954688/pr)][Plen Bins: 0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,71,0,0]
33 TCP 192.168.5.16:53628 <-> 203.69.81.73:80 [proto: 7.315/HTTP.Line][Stack: HTTP.Line][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 315/Line, Confidence: DNS][DPI packets: 6][cat: Chat/9][Breed: Acceptable][6 pkts/676 bytes <-> 8 pkts/8482 bytes][Goodput ratio: 40/94][0.01 sec][Hostname/SNI: dl-obs.official.line.naver.jp][bytes ratio: -0.852 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3/2 10/6 4/2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 113/1060 334/1514 99/620][URL: dl-obs.official.line.naver.jp/r/talk/m/4697716971500/preview][StatusCode: 200][Content-Type: image/jpeg][User-Agent: DESKTOP:MAC:10.10.5-YOSEMITE(4.7.2)][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GGET /r/talk/m/4697716971500/pr)][Plen Bins: 0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,71,0,0]
34 UDP [fe80::9bd:81dd:2fdc:5750]:1900 -> [ff02::c]:1900 [proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][16 pkts/8921 bytes -> 0 pkts/0 bytes][Goodput ratio: 89/0][8.40 sec][Hostname/SNI: [ff02::c]][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 103/0 512/0 2044/0 527/0][Pkt Len c2s/s2c min/avg/max/stddev: 510/0 558/0 590/0 30/0][PLAIN TEXT (NOTIFY )][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,31,12,56,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -111,23 +111,23 @@ JA Host Stats:
40 TCP 192.168.2.126:38314 <-> 172.105.121.82:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/273 bytes <-> 4 pkts/6346 bytes][Goodput ratio: 76/96][0.33 sec][Hostname/SNI: pic.1kxun.com][URL: pic.1kxun.com/video_kankan/images/videos/40750-585645353a7a47615755b7714c611835.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,20,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,40,0,20]
41 TCP 192.168.2.126:45414 <-> 161.117.13.29:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][3 pkts/2118 bytes <-> 3 pkts/3518 bytes][Goodput ratio: 91/94][4.32 sec][Hostname/SNI: mangaweb.1kxun.mobi][bytes ratio: -0.248 (Download)][IAT c2s/s2c min/avg/max/stddev: 215/216 2066/2066 3917/3916 1851/1850][Pkt Len c2s/s2c min/avg/max/stddev: 482/758 706/1173 819/1456 158/300][URL: mangaweb.1kxun.mobi/js/fb-sdk.js][StatusCode: 200][Content-Type: application/javascript][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /js/fb)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,16,0,34,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,16,0,0,0,0]
42 TCP 192.168.2.126:47246 <-> 161.117.13.29:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][2 pkts/1872 bytes <-> 2 pkts/3374 bytes][Goodput ratio: 93/96][1.30 sec][Hostname/SNI: kankan.1kxun.com][URL: kankan.1kxun.com/video_kankan_tags/v2/api/homePageVideoCollections/HomePageBanners?_brand=Google&_model=sdk_gphone_x86&_ov=Android11&_cpu=i686&_resolution=1080%2C1794&_package=com.sceneway.kankan&_v=2.8.2.1&_channel=1kxun&_carrier=310260&_android_id=b9e28][StatusCode: 200][Content-Type: application/json][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25]
- 43 TCP 192.168.2.126:36660 <-> 18.64.103.30:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 4][cat: Web/5][Breed: Acceptable][1 pkts/328 bytes <-> 3 pkts/4733 bytes][Goodput ratio: 80/96][0.03 sec][Hostname/SNI: hybird.rayjump.com][URL: hybird.rayjump.com/rv/endv4.html?mof=1&ec_id=4&mof_uid=91199&n_imp=1&unit_id=8881&sdk_version=mal_8.7.4][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /rv/endv4.html)][Plen Bins: 0,0,0,0,0,0,0,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,25]
+ 43 TCP 192.168.2.126:36660 <-> 18.64.103.30:80 [proto: 7/HTTP][Stack: HTTP][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 4][cat: Web/5][Breed: Acceptable][1 pkts/328 bytes <-> 3 pkts/4733 bytes][Goodput ratio: 80/96][0.03 sec][Hostname/SNI: hybird.rayjump.com][URL: hybird.rayjump.com/rv/endv4.html?mof=1&ec_id=4&mof_uid=91199&n_imp=1&unit_id=8881&sdk_version=mal_8.7.4][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /rv/endv4.html)][Plen Bins: 0,0,0,0,0,0,0,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,25]
44 TCP 192.168.115.8:49608 <-> 203.205.151.234:80 [proto: 7.48/HTTP.QQ][Stack: HTTP.QQ][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 48/QQ, Confidence: DNS][DPI packets: 9][cat: Chat/9][Breed: Fun][18 pkts/3550 bytes <-> 7 pkts/1400 bytes][Goodput ratio: 71/72][1.09 sec][Hostname/SNI: vv.video.qq.com][bytes ratio: 0.434 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 70/191 476/506 136/201][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 197/200 499/372 176/149][URL: vv.video.qq.com/getvinfo][StatusCode: 100][Req Content-Type: application/x-www-form-urlencoded][User-Agent: Mozilla/5.0][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (POST /getvinfo HTTP/1.1)][Plen Bins: 15,0,0,0,0,15,15,0,0,23,0,0,0,30,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
45 UDP 192.168.119.1:67 -> 255.255.255.255:68 [proto: 18/DHCP][Stack: DHCP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 18/DHCP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][14 pkts/4788 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][43.01 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 412/0 3106/0 12289/0 3176/0][Pkt Len c2s/s2c min/avg/max/stddev: 342/0 342/0 342/0 0/0][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
46 TCP 192.168.5.16:53580 <-> 31.13.87.36:443 [proto: 91/TLS][Stack: TLS][IP: 119/Facebook][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 4][cat: Web/5][Breed: Safe][4 pkts/2050 bytes <-> 5 pkts/2297 bytes][Goodput ratio: 87/86][0.18 sec][bytes ratio: -0.057 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 4/0 60/44 176/133 82/54][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 512/459 1159/1464 468/536][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][Plen Bins: 0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,20,0,0,0,0]
47 TCP 192.168.115.8:49613 <-> 183.131.48.144:80 [proto: 7/HTTP][Stack: HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 9][cat: Media/1][Breed: Acceptable][7 pkts/1408 bytes <-> 5 pkts/2611 bytes][Goodput ratio: 71/89][0.15 sec][Hostname/SNI: 183.131.48.144][bytes ratio: -0.299 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 14/25 69/67 28/30][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 201/522 557/1078 225/465][URL: 183.131.48.144/vlive.qqvideo.tc.qq.com/u0020mkrnds.p1203.1.mp4?vkey=7AB139BF6B32F53747E8FF192E6FE557B3A3D644C034E34BF6EAEB4E0774F2A92EF3AC5C007520BB925E5C8A18E6D302C2DAE0A295B26AA8FD1DC8069D47CE1B4A16A56870BD1ACA3E86ABE4C079659DB2182FC71217AB68CCD344CE656][StatusCode: 206][Content-Type: video/mp4][Risk: ** HTTP Susp User-Agent **** HTTP/TLS/QUIC Numeric Hostname/SNI **][Risk Score: 110][Risk Info: Found host 183.131.48.144 / Empty or missing User-Agent][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /vlive.qq)][Plen Bins: 0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,40,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,40,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
48 TCP 192.168.5.16:53623 <-> 192.168.115.75:443 [proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][Breed: Safe][11 pkts/1959 bytes <-> 8 pkts/1683 bytes][Goodput ratio: 67/72][20.95 sec][Hostname/SNI: 192.168.115.75][bytes ratio: 0.076 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 2323/4176 15252/15254 4895/5951][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 178/210 1067/1055 288/323][Risk: ** Weak TLS Cipher **** HTTP/TLS/QUIC Numeric Hostname/SNI **** TLS (probably) Not Carrying HTTPS **][Risk Score: 120][Risk Info: No ALPN / 192.168.115.75 / Cipher TLS_RSA_WITH_AES_128_CBC_SHA][nDPI Fingerprint: aa7eafaa128c9b8a39bd010d912570a8][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12i370500_07a749158664_d075105c1994][JA3S: 573a9f3f80037fb40d481e2054def5bb][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 14,14,14,0,0,14,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
49 TCP 192.168.5.16:53625 <-> 192.168.115.75:443 [proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][Breed: Safe][11 pkts/1955 bytes <-> 8 pkts/1683 bytes][Goodput ratio: 67/72][6.76 sec][Hostname/SNI: 192.168.115.75][bytes ratio: 0.075 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 746/1336 5987/5987 1865/2341][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 178/210 1067/1055 287/323][Risk: ** Weak TLS Cipher **** HTTP/TLS/QUIC Numeric Hostname/SNI **** TLS (probably) Not Carrying HTTPS **][Risk Score: 120][Risk Info: No ALPN / 192.168.115.75 / Cipher TLS_RSA_WITH_AES_128_CBC_SHA][nDPI Fingerprint: 50d11face9dc5e9cbfbd911e19a622a5][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12i370400_07a749158664_e64f6000bf4d][JA3S: 573a9f3f80037fb40d481e2054def5bb][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 14,14,14,0,0,14,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 50 TCP 192.168.2.126:42554 <-> 35.156.44.13:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][4 pkts/3091 bytes <-> 2 pkts/444 bytes][Goodput ratio: 91/70][2.57 sec][Hostname/SNI: de01.rayjump.com][bytes ratio: 0.749 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2/2543 847/2543 2537/2543 1195/0][Pkt Len c2s/s2c min/avg/max/stddev: 86/222 773/222 1506/222 647/0][URL: de01.rayjump.com/onlyImpression?k=629bea20a4e5410001f01c7x&mp=fURPDr5tiUStf7V2fajMiaveHUveDAJ96aiPfU5IiARTfnHIGal9i%2BMefbMM6jxc6aRAGaxIi%2BMPfdMei%2BewDke6Go9bWUxIi099WUR%2Fi%2BegYFKgY75IhFx8%2BFJML7K%2FH5K9GaHIinhPfdleialM6azIHkPIG%2BeIGnR%2FiUjPWUNMWUR][StatusCode: 200][Content-Type: text/plain][Server: nginx][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (FGET /onlyImpression)][Plen Bins: 16,0,0,16,34,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,16,0,0]
+ 50 TCP 192.168.2.126:42554 <-> 35.156.44.13:80 [proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][4 pkts/3091 bytes <-> 2 pkts/444 bytes][Goodput ratio: 91/70][2.57 sec][Hostname/SNI: de01.rayjump.com][bytes ratio: 0.749 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2/2543 847/2543 2537/2543 1195/0][Pkt Len c2s/s2c min/avg/max/stddev: 86/222 773/222 1506/222 647/0][URL: de01.rayjump.com/onlyImpression?k=629bea20a4e5410001f01c7x&mp=fURPDr5tiUStf7V2fajMiaveHUveDAJ96aiPfU5IiARTfnHIGal9i%2BMefbMM6jxc6aRAGaxIi%2BMPfdMei%2BewDke6Go9bWUxIi099WUR%2Fi%2BegYFKgY75IhFx8%2BFJML7K%2FH5K9GaHIinhPfdleialM6azIHkPIG%2BeIGnR%2FiUjPWUNMWUR][StatusCode: 200][Content-Type: text/plain][Server: nginx][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (FGET /onlyImpression)][Plen Bins: 16,0,0,16,34,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,16,0,0]
51 TCP 192.168.5.16:53629 <-> 192.168.115.75:443 [proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][Breed: Safe][10 pkts/1895 bytes <-> 7 pkts/1623 bytes][Goodput ratio: 69/75][6.08 sec][Hostname/SNI: 192.168.115.75][bytes ratio: 0.077 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 753/1500 5998/5998 1982/2597][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 190/232 1067/1055 299/340][Risk: ** Weak TLS Cipher **** HTTP/TLS/QUIC Numeric Hostname/SNI **** TLS (probably) Not Carrying HTTPS **][Risk Score: 120][Risk Info: No ALPN / 192.168.115.75 / Cipher TLS_RSA_WITH_AES_128_CBC_SHA][nDPI Fingerprint: 50d11face9dc5e9cbfbd911e19a622a5][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12i370400_07a749158664_e64f6000bf4d][JA3S: 573a9f3f80037fb40d481e2054def5bb][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 14,14,14,0,0,14,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
52 TCP 192.168.115.8:49605 <-> 106.185.35.110:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 295/1kxun, Confidence: DNS][DPI packets: 9][cat: Streaming/17][Breed: Fun][8 pkts/1128 bytes <-> 5 pkts/2282 bytes][Goodput ratio: 60/87][0.09 sec][Hostname/SNI: jp.kankan.1kxun.mobi][bytes ratio: -0.338 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 6/16 36/43 13/19][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 141/456 390/1314 144/512][URL: jp.kankan.1kxun.mobi/api/videos/10410.json][StatusCode: 200][Content-Type: application/json][Server: openresty/1.9.7.1][Risk: ** HTTP Susp User-Agent **][Risk Score: 100][Risk Info: Empty or missing User-Agent][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /api/videos/10410.j)][Plen Bins: 20,0,0,0,0,0,0,0,0,0,40,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0]
- 53 TCP 192.168.2.126:33042 <-> 3.122.190.70:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][2 pkts/1986 bytes <-> 2 pkts/1328 bytes][Goodput ratio: 93/90][2.20 sec][Hostname/SNI: click.liftoff.io][URL: click.liftoff.io/v1/campaign_click/ddfWbX-c_ZpIF_3wE-XgJSwRJPn_5OpS9IR6X4XG91XQL6ssRLV4QPLSEQgWyRbP_OAHXGp-3z8zKxdRjL-BT6h7z46z4qmAWxR5DboEhr1DytY4W5gfQLUcV6yE3POR7PrQlrVbVtH-7uW1oie-jkR4naGHTVVHKv5kFXBJ9yTIX-JngaE2MMTER1HuBx9qTlyLhiZCtWSUSv4Ze5z4QuGqjWij][StatusCode: 200][Content-Type: image/png][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /v1/campaign)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 53 TCP 192.168.2.126:33042 <-> 3.122.190.70:80 [proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][2 pkts/1986 bytes <-> 2 pkts/1328 bytes][Goodput ratio: 93/90][2.20 sec][Hostname/SNI: click.liftoff.io][URL: click.liftoff.io/v1/campaign_click/ddfWbX-c_ZpIF_3wE-XgJSwRJPn_5OpS9IR6X4XG91XQL6ssRLV4QPLSEQgWyRbP_OAHXGp-3z8zKxdRjL-BT6h7z46z4qmAWxR5DboEhr1DytY4W5gfQLUcV6yE3POR7PrQlrVbVtH-7uW1oie-jkR4naGHTVVHKv5kFXBJ9yTIX-JngaE2MMTER1HuBx9qTlyLhiZCtWSUSv4Ze5z4QuGqjWij][StatusCode: 200][Content-Type: image/png][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /v1/campaign)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
54 TCP 192.168.2.126:50176 <-> 161.117.13.29:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/1185 bytes <-> 2 pkts/2082 bytes][Goodput ratio: 94/94][0.19 sec][Hostname/SNI: mangaweb.1kxun.mobi][URL: mangaweb.1kxun.mobi/images/list_default.png][StatusCode: 200][Content-Type: image/png][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /images/list)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,33,0,0]
55 TCP 192.168.5.16:53626 <-> 192.168.115.75:443 [proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][Breed: Safe][11 pkts/1943 bytes <-> 8 pkts/1267 bytes][Goodput ratio: 66/63][8.90 sec][Hostname/SNI: 192.168.115.75][bytes ratio: 0.211 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 982/1763 6000/6000 1978/2381][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 177/158 1051/639 283/188][Risk: ** Weak TLS Cipher **** HTTP/TLS/QUIC Numeric Hostname/SNI **** TLS (probably) Not Carrying HTTPS **][Risk Score: 120][Risk Info: No ALPN / 192.168.115.75 / Cipher TLS_RSA_WITH_AES_128_CBC_SHA][nDPI Fingerprint: aa7eafaa128c9b8a39bd010d912570a8][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12i370500_07a749158664_d075105c1994][JA3S: 573a9f3f80037fb40d481e2054def5bb][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 14,14,14,0,0,14,14,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
56 TCP 192.168.115.8:49597 <-> 106.185.35.110:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 295/1kxun, Confidence: DNS][DPI packets: 9][cat: Streaming/17][Breed: Fun][10 pkts/1394 bytes <-> 4 pkts/1464 bytes][Goodput ratio: 59/83][45.16 sec][Hostname/SNI: jp.kankan.1kxun.mobi][bytes ratio: -0.024 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/4 5639/28 44799/53 14801/24][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 139/366 468/1272 164/523][URL: jp.kankan.1kxun.mobi/api/videos/10410.json?callback=jQuery18306855657112319022_1470103242123&_=1470104377698][StatusCode: 200][Content-Type: application/x-javascript][Server: openresty/1.9.7.1][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /api/videos/10410.j)][Plen Bins: 40,0,0,0,0,0,0,0,0,0,0,0,40,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0]
57 TCP 192.168.2.126:35426 <-> 8.209.112.118:80 [proto: 7/HTTP][Stack: HTTP][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 5][cat: Web/5][Breed: Acceptable][4 pkts/2668 bytes <-> 1 pkts/142 bytes][Goodput ratio: 92/62][0.02 sec][Hostname/SNI: analytics.rayjump.com][URL: analytics.rayjump.com/][StatusCode: 204][Req Content-Type: application/x-www-form-urlencoded][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (POST / HTTP/1.1)][Plen Bins: 20,0,20,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0]
- 58 TCP 192.168.2.126:41390 <-> 18.64.79.37:80 [proto: 7.126/HTTP.Google][Stack: HTTP.Google][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7.126/HTTP.Google, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/492 bytes <-> 3 pkts/2123 bytes][Goodput ratio: 86/91][0.03 sec][Hostname/SNI: google.open-js.com][URL: google.open-js.com/doubleclick/ca0ecde2.js][StatusCode: 200][Content-Type: application/javascript][Server: AmazonS3][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (SGET /doubleclick/ca0)][Plen Bins: 0,25,0,0,0,0,0,0,0,0,0,0,0,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0]
- 59 TCP 192.168.2.126:56096 <-> 3.72.69.158:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/857 bytes <-> 1 pkts/1706 bytes][Goodput ratio: 92/96][0.02 sec][Hostname/SNI: setting.rayjump.com][URL: setting.rayjump.com/setting?app_id=32456&sign=3c28ded04e0f4090229968618244b583&channel=&platform=1&os_version=11&package_name=com.sceneway.kankan&app_version_name=2.8.2.1&app_version_code=146&orientation=2&model=sdk_gphone_x86&brand=google&gaid=&mnc=&mcc=][StatusCode: 200][Content-Type: text/plain][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /setting)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
+ 58 TCP 192.168.2.126:41390 <-> 18.64.79.37:80 [proto: 7.126/HTTP.Google][Stack: HTTP.Google][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7.126/HTTP.Google, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/492 bytes <-> 3 pkts/2123 bytes][Goodput ratio: 86/91][0.03 sec][Hostname/SNI: google.open-js.com][URL: google.open-js.com/doubleclick/ca0ecde2.js][StatusCode: 200][Content-Type: application/javascript][Server: AmazonS3][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (SGET /doubleclick/ca0)][Plen Bins: 0,25,0,0,0,0,0,0,0,0,0,0,0,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0]
+ 59 TCP 192.168.2.126:56096 <-> 3.72.69.158:80 [proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/857 bytes <-> 1 pkts/1706 bytes][Goodput ratio: 92/96][0.02 sec][Hostname/SNI: setting.rayjump.com][URL: setting.rayjump.com/setting?app_id=32456&sign=3c28ded04e0f4090229968618244b583&channel=&platform=1&os_version=11&package_name=com.sceneway.kankan&app_version_name=2.8.2.1&app_version_code=146&orientation=2&model=sdk_gphone_x86&brand=google&gaid=&mnc=&mcc=][StatusCode: 200][Content-Type: text/plain][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /setting)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
60 TCP 31.13.87.1:443 <-> 192.168.5.16:53578 [proto: 91/TLS][Stack: TLS][IP: 119/Facebook][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 3][cat: Web/5][Breed: Safe][5 pkts/1006 bytes <-> 5 pkts/1487 bytes][Goodput ratio: 67/78][0.26 sec][bytes ratio: -0.193 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 64/64 205/212 84/87][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 201/297 471/1223 139/463][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][Plen Bins: 0,0,40,20,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0]
61 UDP 192.168.5.57:55809 -> 239.255.255.250:1900 [proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][14 pkts/2450 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][56.94 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2968/0 4488/0 17921/0 4136/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
62 TCP 192.168.115.8:49598 <-> 222.73.254.167:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 295/1kxun, Confidence: DNS][DPI packets: 9][cat: Streaming/17][Breed: Fun][10 pkts/1406 bytes <-> 4 pkts/980 bytes][Goodput ratio: 60/75][45.21 sec][Hostname/SNI: kankan.1kxun.com][bytes ratio: 0.179 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/9 5643/40 44798/70 14800/30][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 141/245 474/788 167/314][URL: kankan.1kxun.com/api/videos/alsolikes/10410.json?callback=jQuery18306855657112319022_1470103242123&_=1470104377899][StatusCode: 200][Content-Type: application/json][Server: openresty/1.9.3.2][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /api/videos/alsolikes/10410)][Plen Bins: 40,0,0,0,0,0,0,0,0,0,0,0,0,40,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -137,23 +137,23 @@ JA Host Stats:
66 UDP 192.168.3.95:59468 -> 239.255.255.250:1900 [proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][12 pkts/2100 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][45.06 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2967/0 4198/0 14952/0 3585/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
67 UDP 192.168.5.9:55484 -> 239.255.255.250:1900 [proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][12 pkts/2100 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][49.87 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2968/0 4680/0 19869/0 5063/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
68 TCP 192.168.2.126:50148 <-> 161.117.13.29:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/1180 bytes <-> 1 pkts/832 bytes][Goodput ratio: 94/92][0.18 sec][Hostname/SNI: mangaweb.1kxun.mobi][URL: mangaweb.1kxun.mobi/images/readpage_revision/like_1.png][StatusCode: 200][Content-Type: image/png][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /images/readpage)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 69 TCP 192.168.2.126:42566 <-> 35.156.44.13:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 4][cat: Web/5][Breed: Acceptable][3 pkts/1770 bytes <-> 1 pkts/222 bytes][Goodput ratio: 89/70][0.03 sec][Hostname/SNI: de01.rayjump.com][StatusCode: 200][Content-Type: text/plain][Server: nginx][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gec][PLAIN TEXT (GGET /impression)][Plen Bins: 25,0,0,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0]
+ 69 TCP 192.168.2.126:42566 <-> 35.156.44.13:80 [proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 4][cat: Web/5][Breed: Acceptable][3 pkts/1770 bytes <-> 1 pkts/222 bytes][Goodput ratio: 89/70][0.03 sec][Hostname/SNI: de01.rayjump.com][StatusCode: 200][Content-Type: text/plain][Server: nginx][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gec][PLAIN TEXT (GGET /impression)][Plen Bins: 25,0,0,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0]
70 TCP 192.168.5.16:53624 <-> 68.233.253.133:80 [proto: 7/HTTP][Stack: HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][Breed: Acceptable][7 pkts/996 bytes <-> 5 pkts/986 bytes][Goodput ratio: 52/66][31.95 sec][Hostname/SNI: api.magicansoft.com][bytes ratio: 0.005 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/8 2391/3919 11352/11551 4481/5397][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 142/197 331/390 117/157][URL: api.magicansoft.com/comMagicanApi/composite/app.php/Global/Index/ip][StatusCode: 502][Content-Type: text/html][Server: MServer 1.2.2][User-Agent: Magican (unknown version) CFNetwork/720.5.7 Darwin/14.5.0 (x86_64)][Risk: ** Error Code **][Risk Score: 10][Risk Info: HTTP Error Code 502][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GET /comMagicanApi/composite/ap)][Plen Bins: 0,0,0,0,0,0,0,0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
71 TCP 192.168.2.126:50140 <-> 161.117.13.29:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/1178 bytes <-> 1 pkts/748 bytes][Goodput ratio: 94/91][0.18 sec][Hostname/SNI: mangaweb.1kxun.mobi][URL: mangaweb.1kxun.mobi/images/readpage_revision/left.png][StatusCode: 200][Content-Type: image/png][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /images/readpage)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0]
72 TCP 192.168.2.126:50166 <-> 161.117.13.29:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/1179 bytes <-> 1 pkts/746 bytes][Goodput ratio: 94/91][0.18 sec][Hostname/SNI: mangaweb.1kxun.mobi][URL: mangaweb.1kxun.mobi/images/readpage_revision/right.png][StatusCode: 200][Content-Type: image/png][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /images/readpage)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0]
73 TCP 192.168.2.126:47262 <-> 161.117.13.29:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/937 bytes <-> 1 pkts/883 bytes][Goodput ratio: 93/92][0.31 sec][Hostname/SNI: kankan.1kxun.com][URL: kankan.1kxun.com/video_kankan_tags/v2/api/messages?min_id=0&access_token=&_brand=Google&_model=sdk_gphone_x86&_ov=Android11&_cpu=i686&_resolution=1080%2C1794&_package=com.sceneway.kankan&_v=2.8.2.1&_channel=1kxun&_carrier=310260&_android_id=b9e28776354d25][StatusCode: 301][Content-Type: text/html][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 74 TCP 192.168.2.126:51686 <-> 18.64.79.64:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1295 bytes <-> 1 pkts/500 bytes][Goodput ratio: 95/87][0.60 sec][Hostname/SNI: net.rayjump.com][URL: net.rayjump.com/openapi/ad/v3?app_id=32456&unit_id=8881&sign=3c28ded04e0f4090229968618244b583&req_type=3&ad_num=20&tnum=1&only_impression=1&ping_mode=1&ttc_ids=%5B%5D&display_cids=%5B19944365299%5D&exclude_ids=%5B19944365299%5D&ad_source_id=1&session_id=6][StatusCode: 200][Content-Type: application/json][Server: nginx][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /openapi/ad/v)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0]
+ 74 TCP 192.168.2.126:51686 <-> 18.64.79.64:80 [proto: 7/HTTP][Stack: HTTP][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1295 bytes <-> 1 pkts/500 bytes][Goodput ratio: 95/87][0.60 sec][Hostname/SNI: net.rayjump.com][URL: net.rayjump.com/openapi/ad/v3?app_id=32456&unit_id=8881&sign=3c28ded04e0f4090229968618244b583&req_type=3&ad_num=20&tnum=1&only_impression=1&ping_mode=1&ttc_ids=%5B%5D&display_cids=%5B19944365299%5D&exclude_ids=%5B19944365299%5D&ad_source_id=1&session_id=6][StatusCode: 200][Content-Type: application/json][Server: nginx][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /openapi/ad/v)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0]
75 TCP 192.168.2.126:50164 <-> 161.117.13.29:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/1184 bytes <-> 1 pkts/574 bytes][Goodput ratio: 94/88][0.18 sec][Hostname/SNI: mangaweb.1kxun.mobi][URL: mangaweb.1kxun.mobi/images/readpage_revision/more_white.png][StatusCode: 200][Content-Type: image/png][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /images/readpage)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0]
76 UDP 192.168.101.33:55485 -> 239.255.255.250:1900 [proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][10 pkts/1750 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][49.87 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2969/0 5541/0 19870/0 5205/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 77 TCP 192.168.2.126:41940 <-> 18.64.79.50:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1315 bytes <-> 1 pkts/419 bytes][Goodput ratio: 95/84][0.04 sec][Hostname/SNI: tknet-cdn.rayjump.com][URL: tknet-cdn.rayjump.com/ad/log/play?k=629bea20a4e5410001f01c7x&mp=fURPDr5tiUStf7V2fajMiaveHUveDAJ96aiPfU5IiARTfnHIGal9i%2BMefbMefAEeGn3TfaiFfnRPGnEe6jxc6aRAGaxIi%2BMPfdMei%2BewDke6Go9bWUxIi099WUR%2Fi%2BegYFKgY75IhFx8%2BFJML7K%2FH5K9GaHIinhPfdleialM6azIHkPIG][StatusCode: 200][Content-Type: text/plain][Server: nginx][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /ad/log/play)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0]
+ 77 TCP 192.168.2.126:41940 <-> 18.64.79.50:80 [proto: 7/HTTP][Stack: HTTP][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1315 bytes <-> 1 pkts/419 bytes][Goodput ratio: 95/84][0.04 sec][Hostname/SNI: tknet-cdn.rayjump.com][URL: tknet-cdn.rayjump.com/ad/log/play?k=629bea20a4e5410001f01c7x&mp=fURPDr5tiUStf7V2fajMiaveHUveDAJ96aiPfU5IiARTfnHIGal9i%2BMefbMefAEeGn3TfaiFfnRPGnEe6jxc6aRAGaxIi%2BMPfdMei%2BewDke6Go9bWUxIi099WUR%2Fi%2BegYFKgY75IhFx8%2BFJML7K%2FH5K9GaHIinhPfdleialM6azIHkPIG][StatusCode: 200][Content-Type: text/plain][Server: nginx][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /ad/log/play)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0]
78 TCP 192.168.2.126:49242 <-> 172.104.119.80:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][2 pkts/1129 bytes <-> 2 pkts/582 bytes][Goodput ratio: 88/77][2.16 sec][Hostname/SNI: android.yingshi.tcclick.1kxun.com][URL: android.yingshi.tcclick.1kxun.com/api/upload.php][StatusCode: 500][Req Content-Type: application/octet-stream][Content-Type: text/html][Server: openresty/1.11.2.5][User-Agent: okhttp/3.10.0][Risk: ** Error Code **][Risk Score: 10][Risk Info: HTTP Error Code 500][PLAIN TEXT (aPOST /api/upload.php HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 79 TCP 192.168.2.126:56104 <-> 3.72.69.158:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/896 bytes <-> 1 pkts/721 bytes][Goodput ratio: 93/91][0.02 sec][Hostname/SNI: setting.rayjump.com][URL: setting.rayjump.com/rewardsetting?app_id=32456&sign=3c28ded04e0f4090229968618244b583&unit_ids=%5B8881%5D&channel=&platform=1&os_version=11&package_name=com.sceneway.kankan&app_version_name=2.8.2.1&app_version_code=146&orientation=2&model=sdk_gphone_x86&br][StatusCode: 200][Content-Type: text/plain][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /rewardsetting)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 79 TCP 192.168.2.126:56104 <-> 3.72.69.158:80 [proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/896 bytes <-> 1 pkts/721 bytes][Goodput ratio: 93/91][0.02 sec][Hostname/SNI: setting.rayjump.com][URL: setting.rayjump.com/rewardsetting?app_id=32456&sign=3c28ded04e0f4090229968618244b583&unit_ids=%5B8881%5D&channel=&platform=1&os_version=11&package_name=com.sceneway.kankan&app_version_name=2.8.2.1&app_version_code=146&orientation=2&model=sdk_gphone_x86&br][StatusCode: 200][Content-Type: text/plain][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /rewardsetting)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
80 UDP 192.168.5.49:51704 -> 239.255.255.250:1900 [proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][9 pkts/1611 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][45.06 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2965/0 5631/0 15155/0 3855/0][Pkt Len c2s/s2c min/avg/max/stddev: 179/0 179/0 179/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
81 UDP 192.168.5.50:64674 -> 239.255.255.250:1900 [proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][9 pkts/1611 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][57.02 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2949/0 7126/0 24065/0 7503/0][Pkt Len c2s/s2c min/avg/max/stddev: 179/0 179/0 179/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
82 UDP 192.168.5.37:57325 -> 239.255.255.250:1900 [proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][9 pkts/1575 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][45.06 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2969/0 5632/0 18024/0 4843/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
83 TCP 192.168.2.126:59324 <-> 104.117.221.10:80 [proto: 7/HTTP][Stack: HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/475 bytes <-> 1 pkts/1049 bytes][Goodput ratio: 86/94][0.04 sec][Hostname/SNI: m.vpon.com][URL: m.vpon.com/sdk/vpadn-sdk-core-v1.js][StatusCode: 200][Content-Type: application/x-javascript][Server: AkamaiNetStorage][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36(Mobile; vpadn-sdk-a-v4.6.4)][PLAIN TEXT (GET /sdk/vpadn)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
84 TCP 192.168.2.126:35200 <-> 103.29.71.30:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/953 bytes <-> 1 pkts/563 bytes][Goodput ratio: 93/88][0.36 sec][Hostname/SNI: release.bigdata.1kxun.com][URL: release.bigdata.1kxun.com/c/35/13277?&_in_app=kankan&_udid=e6dbd30b-3b84-44b4-9751-631148a3ede9&_v=2.8.2.1&_package=com.sceneway.kankan&_model=sdk_gphone_x86&_ov=11&_brand=Google&_android_id=b9e28776354d259e&_gaid=5ac6a0ff-8d18-47bc-a902-2812cf0c251e&t=16][StatusCode: 302][Content-Type: text/html][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /c/35/13277)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 85 TCP 192.168.2.126:43272 <-> 18.64.79.58:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1006 bytes <-> 1 pkts/500 bytes][Goodput ratio: 93/87][0.11 sec][Hostname/SNI: net.rayjump.com][URL: net.rayjump.com/openapi/ads?app_id=32456&unit_id=52498&sign=3c28ded04e0f4090229968618244b583&is_vast=1&ad_num=1&http_req=1&client_ip=92.219.40.235&useragent=Dalvik%2F2.1.0+%28Linux%3B+U%3B+Android+11%3B+sdk_gphone_x86+Build%2FRSR1.201013.001%29&os_version][StatusCode: 200][Content-Type: application/json][Server: nginx][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /openapi/ads)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 85 TCP 192.168.2.126:43272 <-> 18.64.79.58:80 [proto: 7/HTTP][Stack: HTTP][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1006 bytes <-> 1 pkts/500 bytes][Goodput ratio: 93/87][0.11 sec][Hostname/SNI: net.rayjump.com][URL: net.rayjump.com/openapi/ads?app_id=32456&unit_id=52498&sign=3c28ded04e0f4090229968618244b583&is_vast=1&ad_num=1&http_req=1&client_ip=92.219.40.235&useragent=Dalvik%2F2.1.0+%28Linux%3B+U%3B+Android+11%3B+sdk_gphone_x86+Build%2FRSR1.201013.001%29&os_version][StatusCode: 200][Content-Type: application/json][Server: nginx][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /openapi/ads)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
86 TCP 192.168.115.8:49607 <-> 218.244.135.170:9099 [proto: 7/HTTP][Stack: HTTP][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 274/Alibaba, Confidence: IP address][DPI packets: 8][cat: Web/5][Breed: Acceptable][10 pkts/880 bytes <-> 3 pkts/572 bytes][Goodput ratio: 36/69][0.74 sec][Hostname/SNI: 218.244.135.170][bytes ratio: 0.212 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/119 54/119 318/119 106/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 88/191 212/446 62/181][URL: 218.244.135.170:9099/api/qqlive_ckey/get?vid=y0013xaeeyo&platform=10902][StatusCode: 200][User-Agent: Mozilla/5.0][Risk: ** Known Proto on Non Std Port **** HTTP/TLS/QUIC Numeric Hostname/SNI **][Risk Score: 60][Risk Info: Found host 218.244.135.170 / Expected on port 80][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /api/qq)][Plen Bins: 25,0,0,0,50,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
87 UDP 192.168.5.47:60267 -> 239.255.255.250:1900 [proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][8 pkts/1432 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][38.10 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2968/0 5442/0 17101/0 4875/0][Pkt Len c2s/s2c min/avg/max/stddev: 179/0 179/0 179/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
88 UDP 192.168.5.41:55312 -> 239.255.255.250:1900 [proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][8 pkts/1400 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][57.22 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2949/0 8174/0 27242/0 8848/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -162,21 +162,21 @@ JA Host Stats:
91 TCP 192.168.2.126:53416 <-> 172.217.16.142:80 [proto: 7.228/HTTP.PlayStore][Stack: HTTP.PlayStore][IP: 126/Google][ClearText][Confidence: DPI][FPC: 7.228/HTTP.PlayStore, Confidence: DPI][DPI packets: 2][cat: SoftwareUpdate/19][Breed: Safe][1 pkts/625 bytes <-> 1 pkts/734 bytes][Goodput ratio: 89/91][0.05 sec][Hostname/SNI: play.google.com][URL: play.google.com/store/apps/details?id=com.azarlive.android&referrer=adjust_external_click_id%3Dv.2_g.143845_a.f84f54bf-31cd-43ff-bd27-526ccc6457da_c.117_t.ua_u.e7df87247cbcea13%26utm_campaign%3DTest%2BCampaign%26utm_content%3DTest%2BSource%2BApp_123456789][StatusCode: 301][Content-Type: application/binary][Server: ESF][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /store/apps/details)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
92 TCP 192.168.2.126:58758 <-> 202.153.196.53:80 [proto: 7/HTTP][Stack: HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1110 bytes <-> 1 pkts/236 bytes][Goodput ratio: 94/72][0.32 sec][Hostname/SNI: tw.api.vpon.com][URL: tw.api.vpon.com/api/webviewAdReq?s_w=411&s_h=731&u_w=411&u_h=683&u_sd=2.625&lang=en_US&ni=0&sdk=vpadn-sdk-a-v4.6.4&u_o=1&os_v=30&n_mnc=260&n_mcc=310&mnc=260&mcc=310&format=320x50_mb&msid=com.sceneway.kankan&app_name=30.android.com.sceneway.kankan&simulato][StatusCode: 200][Server: Apache-Coyote/1.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36(Mobile; vpadn-sdk-a-v4.6.4)][PLAIN TEXT (NGET /api/webviewAdReq)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
93 TCP 192.168.2.126:58760 <-> 202.153.196.53:80 [proto: 7/HTTP][Stack: HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1110 bytes <-> 1 pkts/236 bytes][Goodput ratio: 94/72][1.09 sec][Hostname/SNI: tw.api.vpon.com][URL: tw.api.vpon.com/api/webviewAdReq?s_w=731&s_h=411&u_w=683&u_h=411&u_sd=2.625&lang=en_US&ni=0&sdk=vpadn-sdk-a-v4.6.4&u_o=2&os_v=30&n_mnc=260&n_mcc=310&mnc=260&mcc=310&format=320x50_mb&msid=com.sceneway.kankan&app_name=30.android.com.sceneway.kankan&simulato][StatusCode: 200][Server: Apache-Coyote/1.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36(Mobile; vpadn-sdk-a-v4.6.4)][PLAIN TEXT (GET /api/webviewAdReq)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 94 TCP 192.168.2.126:56094 <-> 3.72.69.158:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/876 bytes <-> 1 pkts/460 bytes][Goodput ratio: 92/85][0.02 sec][Hostname/SNI: setting.rayjump.com][URL: setting.rayjump.com/rewardsetting?app_id=32456&sign=3c28ded04e0f4090229968618244b583&channel=&platform=1&os_version=11&package_name=com.sceneway.kankan&app_version_name=2.8.2.1&app_version_code=146&orientation=2&model=sdk_gphone_x86&brand=google&gaid=&mnc][StatusCode: 200][Content-Type: text/plain][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /rewardsetting)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 95 TCP 192.168.2.126:56098 <-> 3.72.69.158:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/863 bytes <-> 1 pkts/460 bytes][Goodput ratio: 92/85][0.02 sec][Hostname/SNI: setting.rayjump.com][URL: setting.rayjump.com/rewardsetting?app_id=32456&sign=3c28ded04e0f4090229968618244b583&channel=&platform=1&os_version=11&package_name=com.sceneway.kankan&app_version_name=2.8.2.1&app_version_code=146&orientation=2&model=sdk_gphone_x86&brand=google&gaid=&mnc][StatusCode: 200][Content-Type: text/plain][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /rewardsetting)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 94 TCP 192.168.2.126:56094 <-> 3.72.69.158:80 [proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/876 bytes <-> 1 pkts/460 bytes][Goodput ratio: 92/85][0.02 sec][Hostname/SNI: setting.rayjump.com][URL: setting.rayjump.com/rewardsetting?app_id=32456&sign=3c28ded04e0f4090229968618244b583&channel=&platform=1&os_version=11&package_name=com.sceneway.kankan&app_version_name=2.8.2.1&app_version_code=146&orientation=2&model=sdk_gphone_x86&brand=google&gaid=&mnc][StatusCode: 200][Content-Type: text/plain][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /rewardsetting)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 95 TCP 192.168.2.126:56098 <-> 3.72.69.158:80 [proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/863 bytes <-> 1 pkts/460 bytes][Goodput ratio: 92/85][0.02 sec][Hostname/SNI: setting.rayjump.com][URL: setting.rayjump.com/rewardsetting?app_id=32456&sign=3c28ded04e0f4090229968618244b583&channel=&platform=1&os_version=11&package_name=com.sceneway.kankan&app_version_name=2.8.2.1&app_version_code=146&orientation=2&model=sdk_gphone_x86&brand=google&gaid=&mnc][StatusCode: 200][Content-Type: text/plain][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /rewardsetting)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
96 TCP 192.168.2.126:47272 <-> 161.117.13.29:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/982 bytes <-> 1 pkts/331 bytes][Goodput ratio: 93/80][0.35 sec][Hostname/SNI: messages.1kxun.mobi][URL: messages.1kxun.mobi/api/messages/listForYingshi?client-uid=e6dbd30b-3b84-44b4-9751-631148a3ede9&min_id=0&access_token=&_brand=Google&_model=sdk_gphone_x86&_ov=Android11&_cpu=i686&_resolution=1080%2C1794&_package=com.sceneway.kankan&_v=2.8.2.1&_channel=1kx][StatusCode: 200][Content-Type: text/xml][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /api/messages/listForYingsh)][Plen Bins: 0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
97 TCP 192.168.2.126:56826 <-> 8.209.97.107:80 [proto: 7/HTTP][Stack: HTTP][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 3][cat: Web/5][Breed: Acceptable][2 pkts/1156 bytes <-> 1 pkts/142 bytes][Goodput ratio: 91/62][0.02 sec][Hostname/SNI: analytics.rayjump.com][URL: analytics.rayjump.com/][StatusCode: 204][Req Content-Type: application/x-www-form-urlencoded][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (POST / HTTP/1.1)][Plen Bins: 0,0,33,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
98 UDP 192.168.5.48:49701 -> 239.255.255.250:1900 [proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][7 pkts/1253 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][16.80 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1227/0 2799/0 5942/0 1567/0][Pkt Len c2s/s2c min/avg/max/stddev: 179/0 179/0 179/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 99 TCP 192.168.2.126:43266 -> 18.64.79.58:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 1][cat: Web/5][Breed: Acceptable][1 pkts/1198 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][Hostname/SNI: net.rayjump.com][URL: net.rayjump.com/openapi/ad/v3?app_id=32456&unit_id=8881&sign=3c28ded04e0f4090229968618244b583&req_type=2&ad_num=20&tnum=1&only_impression=1&ping_mode=1&ttc_ids=%5B%5D&ad_source_id=1&ad_type=94&offset=0&channel=&platform=1&os_version=11&package_name=com.sc][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (GET /openapi/ad/v)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0]
+ 99 TCP 192.168.2.126:43266 -> 18.64.79.58:80 [proto: 7/HTTP][Stack: HTTP][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 1][cat: Web/5][Breed: Acceptable][1 pkts/1198 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][Hostname/SNI: net.rayjump.com][URL: net.rayjump.com/openapi/ad/v3?app_id=32456&unit_id=8881&sign=3c28ded04e0f4090229968618244b583&req_type=2&ad_num=20&tnum=1&only_impression=1&ping_mode=1&ttc_ids=%5B%5D&ad_source_id=1&ad_type=94&offset=0&channel=&platform=1&os_version=11&package_name=com.sc][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (GET /openapi/ad/v)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0]
100 UDP 192.168.3.236:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][Stack: NetBIOS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 10/NetBIOS, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][13 pkts/1196 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][30.61 sec][Hostname/SNI: isatap][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 715/0 2708/0 9111/0 2902/0][Pkt Len c2s/s2c min/avg/max/stddev: 92/0 92/0 92/0 0/0][PLAIN TEXT (FDEBFEEBFACACACACACACACACACAAA)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 101 TCP 192.168.2.126:40204 <-> 18.235.204.9:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/760 bytes <-> 1 pkts/237 bytes][Goodput ratio: 91/72][0.11 sec][Hostname/SNI: adexp.liftoff.io][URL: adexp.liftoff.io/event/vast/start/57aa80COXjCBIkZjg0ZjU0YmYtMzFjZC00M2ZmLWJkMjctNTI2Y2NjNjQ1N2RhGICaqoiTMCB1KMi9DzCiEDobY29tLnNjZW5ld2F5Lmthbmthbi5tYXJrZXQzQhhoYXdrZXItcmVuZGVyaW5nLWNvbnRyb2xKCmQ4MTI5YmY1ZTRQAloDREVVYAJoBHIJdXMtZWFzdC0x4AEBgAF1kgECZW6YAQK][StatusCode: 200][Content-Type: image/png][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /event/vast/start/57aa80COX)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 101 TCP 192.168.2.126:40204 <-> 18.235.204.9:80 [proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/760 bytes <-> 1 pkts/237 bytes][Goodput ratio: 91/72][0.11 sec][Hostname/SNI: adexp.liftoff.io][URL: adexp.liftoff.io/event/vast/start/57aa80COXjCBIkZjg0ZjU0YmYtMzFjZC00M2ZmLWJkMjctNTI2Y2NjNjQ1N2RhGICaqoiTMCB1KMi9DzCiEDobY29tLnNjZW5ld2F5Lmthbmthbi5tYXJrZXQzQhhoYXdrZXItcmVuZGVyaW5nLWNvbnRyb2xKCmQ4MTI5YmY1ZTRQAloDREVVYAJoBHIJdXMtZWFzdC0x4AEBgAF1kgECZW6YAQK][StatusCode: 200][Content-Type: image/png][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /event/vast/start/57aa80COX)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
102 TCP 192.168.2.126:60962 <-> 172.104.93.92:1234 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/604 bytes <-> 1 pkts/255 bytes][Goodput ratio: 89/74][0.31 sec][Hostname/SNI: ws.1kxun.mobi][URL: ws.1kxun.mobi:1234/?_brand=Google&_model=sdk_gphone_x86&_ov=Android11&_cpu=i686&_resolution=1080%2C1794&_package=com.sceneway.kankan&_v=2.8.2.1&_channel=1kxun&_carrier=310260&_android_id=b9e28776354d259e&_network=wifi&_aid=5ac6a0ff-8d18-47bc-a902-2812cf0c][StatusCode: 101][Server: swoole-websocket-server][User-Agent: okhttp/3.10.0][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 80][PLAIN TEXT (Google)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
103 TCP 192.168.2.126:60972 <-> 172.104.93.92:1234 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/604 bytes <-> 1 pkts/255 bytes][Goodput ratio: 89/74][0.24 sec][Hostname/SNI: ws.1kxun.mobi][URL: ws.1kxun.mobi:1234/?_brand=Google&_model=sdk_gphone_x86&_ov=Android11&_cpu=i686&_resolution=1080%2C1794&_package=com.sceneway.kankan&_v=2.8.2.1&_channel=1kxun&_carrier=310260&_android_id=b9e28776354d259e&_network=wifi&_aid=5ac6a0ff-8d18-47bc-a902-2812cf0c][StatusCode: 101][Server: swoole-websocket-server][User-Agent: okhttp/3.10.0][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 80][PLAIN TEXT (Google)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
104 TCP 192.168.2.126:60984 <-> 172.104.93.92:1234 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/604 bytes <-> 1 pkts/255 bytes][Goodput ratio: 89/74][0.27 sec][Hostname/SNI: ws.1kxun.mobi][URL: ws.1kxun.mobi:1234/?_brand=Google&_model=sdk_gphone_x86&_ov=Android11&_cpu=i686&_resolution=1080%2C1794&_package=com.sceneway.kankan&_v=2.8.2.1&_channel=1kxun&_carrier=310260&_android_id=b9e28776354d259e&_network=wifi&_aid=5ac6a0ff-8d18-47bc-a902-2812cf0c][StatusCode: 101][Server: swoole-websocket-server][User-Agent: okhttp/3.10.0][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 80][PLAIN TEXT (Google)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
105 TCP 192.168.2.126:41134 <-> 129.226.107.77:80 [proto: 7.48/HTTP.QQ][Stack: HTTP.QQ][IP: 285/Tencent][ClearText][Confidence: DPI][FPC: 7.48/HTTP.QQ, Confidence: DPI][DPI packets: 2][cat: Chat/9][Breed: Fun][1 pkts/324 bytes <-> 1 pkts/518 bytes][Goodput ratio: 83/89][0.19 sec][Hostname/SNI: cgi.connect.qq.com][URL: cgi.connect.qq.com/qqconnectopen/openapi/policy_conf?status_os=11&status_version=30&status_machine=sdk_gphone_x86&sdkp=a&sdkv=3.1.0.lite&appid=100258135][StatusCode: 302][Content-Type: text/html][Server: stgw][User-Agent: AndroidSDK_30_generic_x86_arm_11][PLAIN TEXT (GET /qq)][Plen Bins: 0,0,0,0,0,0,0,0,50,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
106 TCP 192.168.2.126:38834 <-> 119.45.78.184:80 [proto: 7.48/HTTP.QQ][Stack: HTTP.QQ][IP: 285/Tencent][ClearText][Confidence: DPI][FPC: 7.48/HTTP.QQ, Confidence: DPI][DPI packets: 3][cat: Chat/9][Breed: Fun][2 pkts/655 bytes <-> 1 pkts/170 bytes][Goodput ratio: 80/61][0.31 sec][Hostname/SNI: pingma.qq.com][URL: pingma.qq.com:80/mstat/report][StatusCode: 404][Risk: ** HTTP Susp User-Agent **** Error Code **][Risk Score: 110][Risk Info: HTTP Error Code 404 / Empty or missing User-Agent][PLAIN TEXT (POST /mstat/report HTTP/1.1)][Plen Bins: 0,0,0,33,33,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
107 UDP 192.168.5.45:138 -> 192.168.255.255:138 [proto: 10.16/NetBIOS.SMBv1][Stack: NetBIOS.SMBv1][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 10.16/NetBIOS.SMBv1, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Dangerous][3 pkts/648 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][0.00 sec][Hostname/SNI: macbookair-e1d0][PLAIN TEXT ( ENEBEDECEPEPELEBEJ)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 108 TCP 192.168.2.126:54810 <-> 18.233.123.55:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/490 bytes <-> 1 pkts/141 bytes][Goodput ratio: 86/53][0.11 sec][Hostname/SNI: impression-east.liftoff.io][URL: impression-east.liftoff.io/mintegral/beacon?ad_group_id=143845&channel_id=117&creative_id=253640&auction_id=f84f54bf-31cd-43ff-bd27-526ccc6457da&origin=haggler-mintegral021][StatusCode: 200][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /mintegral/beacon)][Plen Bins: 0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 108 TCP 192.168.2.126:54810 <-> 18.233.123.55:80 [proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/490 bytes <-> 1 pkts/141 bytes][Goodput ratio: 86/53][0.11 sec][Hostname/SNI: impression-east.liftoff.io][URL: impression-east.liftoff.io/mintegral/beacon?ad_group_id=143845&channel_id=117&creative_id=253640&auction_id=f84f54bf-31cd-43ff-bd27-526ccc6457da&origin=haggler-mintegral021][StatusCode: 200][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /mintegral/beacon)][Plen Bins: 0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
109 TCP 192.168.2.126:51888 -> 119.28.164.143:80 [proto: 7/HTTP][Stack: HTTP][IP: 285/Tencent][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 1][cat: Web/5][Breed: Acceptable][1 pkts/571 bytes -> 0 pkts/0 bytes][Goodput ratio: 90/0][< 1 sec][Hostname/SNI: qzonestyle.gtimg.cn][URL: qzonestyle.gtimg.cn/qzone/openapi/qc-1.0.1.js][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (GET /qzone/openapi/qc)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
110 TCP 192.168.2.126:47230 <-> 161.117.13.29:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Download/7][Breed: Fun][1 pkts/223 bytes <-> 1 pkts/330 bytes][Goodput ratio: 70/80][0.18 sec][Hostname/SNI: kankan.1kxun.mobi][URL: kankan.1kxun.mobi/api.domain.conf][StatusCode: 200][Content-Type: application/octet-stream][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][Risk: ** Binary File/Data Transfer (Attempt) **][Risk Score: 50][Risk Info: Found binary mime octet-stream][PLAIN TEXT (GET /api.domain.conf HTTP/1.1)][Plen Bins: 0,0,0,0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
111 UDP 192.168.115.8:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][Stack: NetBIOS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 10/NetBIOS, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][6 pkts/552 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][1.50 sec][Hostname/SNI: wpad][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 300/0 749/0 367/0][Pkt Len c2s/s2c min/avg/max/stddev: 92/0 92/0 92/0 0/0][PLAIN TEXT ( FHFAEBEECACACACACACACACACACACA)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -187,7 +187,7 @@ JA Host Stats:
116 TCP 192.168.115.8:49596 <-> 203.66.182.87:443 [proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][Breed: Safe][4 pkts/220 bytes <-> 2 pkts/132 bytes][Goodput ratio: 2/0][45.01 sec][bytes ratio: 0.250 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/45002 14999/45002 44996/45002 21211/0][Pkt Len c2s/s2c min/avg/max/stddev: 55/66 55/66 55/66 0/0][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
117 UDP 192.168.5.9:68 -> 255.255.255.255:67 [proto: 18/DHCP][Stack: DHCP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 18/DHCP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/342 bytes -> 0 pkts/0 bytes][Goodput ratio: 87/0][< 1 sec][Hostname/SNI: joanna-pc][DHCP Fingerprint: 1,15,3,6,44,46,47,31,33,121,249,43,252][DHCP Class Ident: MSFT 5.0][PLAIN TEXT (Joanna)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
118 UDP 192.168.5.41:68 -> 255.255.255.255:67 [proto: 18/DHCP][Stack: DHCP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 18/DHCP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/342 bytes -> 0 pkts/0 bytes][Goodput ratio: 87/0][< 1 sec][Hostname/SNI: kevin-pc][DHCP Fingerprint: 1,15,3,6,44,46,47,31,33,121,249,43,252][DHCP Class Ident: MSFT 5.0][PLAIN TEXT (MSFT 5.07)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 119 TCP 192.168.2.126:35666 -> 18.66.2.90:80 [proto: 7.291/HTTP.MpegDash][Stack: HTTP.MpegDash][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7.291/HTTP.MpegDash, Confidence: DPI][DPI packets: 1][cat: Media/1][Breed: Fun][1 pkts/299 bytes -> 0 pkts/0 bytes][Goodput ratio: 78/0][< 1 sec][Hostname/SNI: cdn.liftoff.io][URL: cdn.liftoff.io/customers/45d4b09eba/videos/mobile/fd5692dd53042b199e03.mp4][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (GET /customers/45)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 119 TCP 192.168.2.126:35666 -> 18.66.2.90:80 [proto: 7.291/HTTP.MpegDash][Stack: HTTP.MpegDash][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7.291/HTTP.MpegDash, Confidence: DPI][DPI packets: 1][cat: Media/1][Breed: Fun][1 pkts/299 bytes -> 0 pkts/0 bytes][Goodput ratio: 78/0][< 1 sec][Hostname/SNI: cdn.liftoff.io][URL: cdn.liftoff.io/customers/45d4b09eba/videos/mobile/fd5692dd53042b199e03.mp4][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (GET /customers/45)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
120 UDP 192.168.115.8:60724 <-> 8.8.8.8:53 [proto: 5/DNS][Stack: DNS][IP: 126/Google][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 3][cat: Network/14][Breed: Acceptable][2 pkts/146 bytes <-> 1 pkts/137 bytes][Goodput ratio: 42/69][0.05 sec][Hostname/SNI: pic.1kxun.com][106.187.35.246][DNS Id: 0x2990][Plen Bins: 66,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
121 UDP 192.168.0.104:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][Stack: NetBIOS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 10/NetBIOS, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][3 pkts/276 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][1.54 sec][Hostname/SNI: sc.arrancar.org][PLAIN TEXT ( FDEDCOEBFC)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
122 UDP 192.168.115.8:51024 <-> 8.8.8.8:53 [proto: 5/DNS][Stack: DNS][IP: 126/Google][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 3][cat: Network/14][Breed: Acceptable][2 pkts/160 bytes <-> 1 pkts/112 bytes][Goodput ratio: 47/62][0.02 sec][Hostname/SNI: jp.kankan.1kxun.mobi][106.185.35.110][DNS Id: 0xfd2c][PLAIN TEXT (kankan)][Plen Bins: 0,66,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/KakaoTalk_chat.pcap.out b/tests/cfgs/default/result/KakaoTalk_chat.pcap.out
index 074ce96fa..9b11859dc 100644
--- a/tests/cfgs/default/result/KakaoTalk_chat.pcap.out
+++ b/tests/cfgs/default/result/KakaoTalk_chat.pcap.out
@@ -56,7 +56,7 @@ JA Host Stats:
7 TCP 10.24.82.188:37821 <-> 210.103.240.15:443 [proto: 91.193/TLS.KakaoTalk][Stack: TLS.KakaoTalk][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 193/KakaoTalk, Confidence: DNS][DPI packets: 13][cat: Chat/9][Breed: Acceptable][13 pkts/2036 bytes <-> 14 pkts/5090 bytes][Goodput ratio: 63/84][11.34 sec][bytes ratio: -0.429 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1114/74 10357/172 3082/62][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 157/364 429/1336 152/451][Risk: ** Obsolete TLS (v1.1 or older) **** Weak TLS Cipher **][Risk Score: 200][Risk Info: Cipher TLS_RSA_WITH_AES_128_CBC_SHA / TLSv1][nDPI Fingerprint: 2d5cc91f5a8f1da5bc7a6486ce676533][TCP Fingerprint: 2_64_14600_f6101b157c46/Unknown][TLSv1][JA4: t10i350200_1f24bcc5f17d_33a13ba74d1c][ServerNames: *.kakao.com][JA3S: 4192c0a946c5bd9b544b4656d9f624a4][Issuer: C=US, O=Thawte, Inc., CN=Thawte SSL CA][Subject: C=KR, ST=Gyeonggi-do, L=Seongnam-si, O=Kakao Corp., CN=*.kakao.com][Certificate SHA-1: 0D:14:6D:8D:5E:EB:F5:F5:42:87:CD:AB:AE:A1:DC:AA:5A:76:6F:E4][Validity: 2014-04-18 00:00:00 - 2016-04-17 23:59:59][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,16,0,0,0,8,8,0,0,0,16,25,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0]
8 TCP 10.24.82.188:51021 <-> 103.246.57.251:8080 [proto: 131/HTTP_Proxy][Stack: HTTP_Proxy][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 19][cat: Web/5][Breed: Acceptable][17 pkts/2231 bytes <-> 9 pkts/1695 bytes][Goodput ratio: 48/63][46.77 sec][bytes ratio: 0.137 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 50/36 2833/4340 12590/13131 4126/4407][Pkt Len c2s/s2c min/avg/max/stddev: 68/68 131/188 657/274 136/75][TCP Fingerprint: 2_64_14600_f6101b157c46/Unknown][Plen Bins: 13,13,27,0,27,6,6,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
9 TCP 139.150.0.125:443 <-> 10.24.82.188:46947 [proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 18][cat: Web/5][Breed: Safe][9 pkts/1737 bytes <-> 9 pkts/672 bytes][Goodput ratio: 71/25][24.52 sec][bytes ratio: 0.442 (Upload)][IAT c2s/s2c min/avg/max/stddev: 40/104 3456/3426 12765/12806 4427/4480][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 193/75 303/98 123/21][Plen Bins: 0,44,0,0,0,0,0,55,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 10 TCP 10.24.82.188:58964 <-> 54.255.253.199:5223 [proto: 91/TLS][Stack: TLS][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 6][cat: Web/5][Breed: Safe][3 pkts/290 bytes <-> 3 pkts/1600 bytes][Goodput ratio: 27/87][0.31 sec][bytes ratio: -0.693 (Download)][IAT c2s/s2c min/avg/max/stddev: 15/5 107/56 199/108 92/52][Pkt Len c2s/s2c min/avg/max/stddev: 68/68 97/533 146/1456 35/652][Risk: ** Known Proto on Non Std Port **** Obsolete TLS (v1.1 or older) **][Risk Score: 150][Risk Info: TLSv1 / Expected on port 443][TCP Fingerprint: 2_64_14000_078416dac97d/Unknown][TLSv1][JA4: t10i150000_e2ff6cb279ee_e3b0c44298fc][Plen Bins: 0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0]
+ 10 TCP 10.24.82.188:58964 <-> 54.255.253.199:5223 [proto: 91/TLS][Stack: TLS][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 6][cat: Web/5][Breed: Safe][3 pkts/290 bytes <-> 3 pkts/1600 bytes][Goodput ratio: 27/87][0.31 sec][bytes ratio: -0.693 (Download)][IAT c2s/s2c min/avg/max/stddev: 15/5 107/56 199/108 92/52][Pkt Len c2s/s2c min/avg/max/stddev: 68/68 97/533 146/1456 35/652][Risk: ** Known Proto on Non Std Port **** Obsolete TLS (v1.1 or older) **][Risk Score: 150][Risk Info: TLSv1 / Expected on port 443][TCP Fingerprint: 2_64_14000_078416dac97d/Unknown][TLSv1][JA4: t10i150000_e2ff6cb279ee_e3b0c44298fc][Plen Bins: 0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0]
11 TCP 10.24.82.188:37557 <-> 31.13.68.84:80 [proto: 7.119/HTTP.Facebook][Stack: HTTP.Facebook][IP: 119/Facebook][ClearText][Confidence: DPI][FPC: 119/Facebook, Confidence: DNS][DPI packets: 7][cat: SocialNetwork/6][Breed: Fun][5 pkts/487 bytes <-> 6 pkts/627 bytes][Goodput ratio: 38/45][21.97 sec][Hostname/SNI: www.facebook.com][bytes ratio: -0.126 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 40/40 115/102 264/210 106/77][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 97/104 243/339 73/105][URL: www.facebook.com/mobile/status.php][StatusCode: 204][User-Agent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; MI 3W MIUI/V6.4.3.0.KXDMICB)][TCP Fingerprint: 2_64_14600_f6101b157c46/Unknown][PLAIN TEXT (GET /mobile/status.php HTTP/1.1)][Plen Bins: 0,0,0,0,0,50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
12 TCP 10.24.82.188:37553 <-> 31.13.68.84:80 [proto: 7.119/HTTP.Facebook][Stack: HTTP.Facebook][IP: 119/Facebook][ClearText][Confidence: DPI][FPC: 119/Facebook, Confidence: IP address][DPI packets: 7][cat: SocialNetwork/6][Breed: Fun][5 pkts/487 bytes <-> 5 pkts/571 bytes][Goodput ratio: 38/49][21.81 sec][Hostname/SNI: www.facebook.com][bytes ratio: -0.079 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 43/38 5452/101 21457/215 9241/81][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 97/114 243/339 73/112][URL: www.facebook.com/mobile/status.php][StatusCode: 204][User-Agent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; MI 3W MIUI/V6.4.3.0.KXDMICB)][TCP Fingerprint: 2_64_14600_f6101b157c46/Unknown][PLAIN TEXT (GET /mobile/status.php HTTP/1.1)][Plen Bins: 0,0,0,0,0,50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
13 TCP 216.58.221.10:80 <-> 10.24.82.188:35922 [proto: 7/HTTP][Stack: HTTP][IP: 126/Google][ClearText][Confidence: Match by port][FPC: 126/Google, Confidence: IP address][DPI packets: 14][cat: Web/5][Breed: Acceptable][7 pkts/392 bytes <-> 7 pkts/392 bytes][Goodput ratio: 0/0][25.75 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 136/98 3845/3844 13075/13111 4719/4735][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 56/56 56/56 0/0][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -79,7 +79,7 @@ JA Host Stats:
30 UDP 10.24.82.188:24596 <-> 10.188.1.1:53 [proto: 5/DNS][Stack: DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][Breed: Acceptable][1 pkts/78 bytes <-> 1 pkts/118 bytes][Goodput ratio: 43/62][0.05 sec][Hostname/SNI: api.facebook.com][31.13.68.84][DNS Id: 0x27c0][PLAIN TEXT (facebook)][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
31 UDP 10.24.82.188:38448 <-> 10.188.1.1:53 [proto: 5/DNS][Stack: DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][Breed: Acceptable][1 pkts/76 bytes <-> 1 pkts/114 bytes][Goodput ratio: 42/61][0.08 sec][Hostname/SNI: auth.kakao.com][210.103.240.15][DNS Id: 0x86ed][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
32 UDP 10.24.82.188:58810 <-> 10.188.1.1:53 [proto: 5/DNS][Stack: DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][Breed: Acceptable][1 pkts/76 bytes <-> 1 pkts/114 bytes][Goodput ratio: 42/61][0.03 sec][Hostname/SNI: item.kakao.com][210.103.240.15][DNS Id: 0x4d7b][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 33 TCP 10.24.82.188:58927 -> 54.255.253.199:5223 [proto: 91/TLS][Stack: TLS][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Safe][2 pkts/181 bytes -> 0 pkts/0 bytes][Goodput ratio: 25/0][41.33 sec][Risk: ** Known Proto on Non Std Port **** Unidirectional Traffic **][Risk Score: 60][Risk Info: No server to client traffic / Expected on port 443][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 33 TCP 10.24.82.188:58927 -> 54.255.253.199:5223 [proto: 91/TLS][Stack: TLS][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Safe][2 pkts/181 bytes -> 0 pkts/0 bytes][Goodput ratio: 25/0][41.33 sec][Risk: ** Known Proto on Non Std Port **** Unidirectional Traffic **][Risk Score: 60][Risk Info: No server to client traffic / Expected on port 443][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
34 UDP 10.24.82.188:43077 <-> 10.188.1.1:53 [proto: 5/DNS][Stack: DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][Breed: Acceptable][1 pkts/81 bytes <-> 1 pkts/97 bytes][Goodput ratio: 45/54][0.04 sec][Hostname/SNI: dn-l.talk.kakao.com][110.76.141.86][DNS Id: 0xb788][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
35 TCP 10.24.82.188:34686 -> 173.194.72.188:5228 [proto: 91/TLS][Stack: TLS][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 1][cat: Web/5][Breed: Safe][1 pkts/164 bytes -> 0 pkts/0 bytes][Goodput ratio: 58/0][< 1 sec][Risk: ** Known Proto on Non Std Port **** Unidirectional Traffic **][Risk Score: 60][Risk Info: No server to client traffic / Expected on port 443][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
36 ICMP 10.24.82.188:0 -> 10.188.191.1:0 [proto: 81/ICMP][Stack: ICMP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 81/ICMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/147 bytes -> 0 pkts/0 bytes][Goodput ratio: 70/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/KakaoTalk_talk.pcap.out b/tests/cfgs/default/result/KakaoTalk_talk.pcap.out
index 38ae99cf9..129832d55 100644
--- a/tests/cfgs/default/result/KakaoTalk_talk.pcap.out
+++ b/tests/cfgs/default/result/KakaoTalk_talk.pcap.out
@@ -33,7 +33,7 @@ TLS 41 5761 8
HTTP_Proxy 16 1838 2
KakaoTalk 85 20646 2
KakaoTalk_Voice 44 6196 2
-AmazonAWS 4 396 1
+AWS_EC2 4 396 1
Safe 41 5761 8
Acceptable 3147 428304 11
@@ -62,7 +62,7 @@ JA Host Stats:
8 TCP 10.24.82.188:48489 <-> 203.205.147.215:80 [proto: 131.48/HTTP_Proxy.QQ][Stack: HTTP_Proxy.QQ][IP: 285/Tencent][ClearText][Confidence: DPI][FPC: 285/Tencent, Confidence: IP address][DPI packets: 11][cat: Download/7][Breed: Fun][8 pkts/1117 bytes <-> 7 pkts/610 bytes][Goodput ratio: 54/34][3.79 sec][Hostname/SNI: hkminorshort.weixin.qq.com][bytes ratio: 0.294 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/51 406/439 2019/1166 732/515][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 140/87 665/262 199/71][URL: http://hkminorshort.weixin.qq.com/cgi-bin/micromsg-bin/rtkvreport][StatusCode: 200][Req Content-Type: application/octet-stream][Content-Type: application/octet-stream][User-Agent: MicroMessenger Client][Filename: micromsgresp.dat][Risk: ** Known Proto on Non Std Port **** Binary File/Data Transfer (Attempt) **][Risk Score: 100][Risk Info: Found binary mime octet-stream / Expected on port 8080,3128][TCP Fingerprint: 2_64_14000_f6101b157c46/Unknown][PLAIN TEXT (POST http)][Plen Bins: 0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
9 TCP 10.24.82.188:51021 <-> 103.246.57.251:8080 [proto: 131/HTTP_Proxy][Stack: HTTP_Proxy][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 11][cat: Web/5][Breed: Acceptable][6 pkts/543 bytes <-> 5 pkts/945 bytes][Goodput ratio: 25/64][24.77 sec][bytes ratio: -0.270 (Download)][IAT c2s/s2c min/avg/max/stddev: 77/47 4920/8061 17431/17434 6679/7163][Pkt Len c2s/s2c min/avg/max/stddev: 68/68 90/189 130/504 24/164][Plen Bins: 16,51,0,16,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
10 TCP 139.150.0.125:443 <-> 10.24.82.188:46947 [proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 5][cat: Web/5][Breed: Safe][3 pkts/1044 bytes <-> 2 pkts/154 bytes][Goodput ratio: 84/27][51.90 sec][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: Entropy: 7.514 (Encrypted or Random?)][Plen Bins: 0,33,0,0,0,0,0,0,0,0,0,0,0,66,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 11 TCP 10.24.82.188:58916 <-> 54.255.185.236:5222 [proto: 265/AmazonAWS][Stack: AmazonAWS][IP: 265/AmazonAWS][Encrypted][Confidence: Match by IP][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 4][cat: Cloud/13][Breed: Acceptable][2 pkts/225 bytes <-> 2 pkts/171 bytes][Goodput ratio: 39/20][0.46 sec][PLAIN TEXT (xiaomi.com)][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 11 TCP 10.24.82.188:58916 <-> 54.255.185.236:5222 [proto: 461/AWS_EC2][Stack: AWS_EC2][IP: 461/AWS_EC2][Encrypted][Confidence: Match by IP][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 4][cat: Cloud/13][Breed: Acceptable][2 pkts/225 bytes <-> 2 pkts/171 bytes][Goodput ratio: 39/20][0.46 sec][PLAIN TEXT (xiaomi.com)][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
12 TCP 10.24.82.188:53974 -> 203.205.151.233:8080 [proto: 131/HTTP_Proxy][Stack: HTTP_Proxy][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 5][cat: Web/5][Breed: Acceptable][5 pkts/350 bytes -> 0 pkts/0 bytes][Goodput ratio: 3/0][11.12 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
13 TCP 120.28.26.242:80 <-> 10.24.82.188:34533 [proto: 7/HTTP][Stack: HTTP][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 5][cat: Web/5][Breed: Acceptable][3 pkts/168 bytes <-> 2 pkts/112 bytes][Goodput ratio: 0/0][0.48 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
14 UDP 10.24.82.188:25223 <-> 10.188.1.1:53 [proto: 5/DNS][Stack: DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][Breed: Acceptable][1 pkts/79 bytes <-> 1 pkts/118 bytes][Goodput ratio: 44/62][0.20 sec][Hostname/SNI: mqtt.facebook.com][173.252.97.2][DNS Id: 0x6298][PLAIN TEXT (facebook)][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/alexa-app.pcapng.out b/tests/cfgs/default/result/alexa-app.pcapng.out
index eb3df4244..f2c79d51d 100644
--- a/tests/cfgs/default/result/alexa-app.pcapng.out
+++ b/tests/cfgs/default/result/alexa-app.pcapng.out
@@ -57,35 +57,35 @@ JA Host Stats:
1 172.16.42.216 8
- 1 TCP 172.16.42.216:54411 <-> 52.85.209.216:443 [proto: 91.178/TLS.Amazon][Stack: TLS.Amazon][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 9][cat: Web/5][Breed: Acceptable][40 pkts/9869 bytes <-> 38 pkts/36764 bytes][Goodput ratio: 73/93][4.46 sec][Hostname/SNI: www.amazon.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: http/1.1][bytes ratio: -0.577 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 89/33 1629/317 305/68][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 247/967 1514/1514 433/642][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][ServerNames: amazon.com,amzn.com,uedata.amazon.com,us.amazon.com,www.amazon.com,www.amzn.com,corporate.amazon.com,buybox.amazon.com,iphone.amazon.com,yp.amazon.com,home.amazon.com,origin-www.amazon.com][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=Washington, L=Seattle, O=Amazon.com, Inc., CN=www.amazon.com][Certificate SHA-1: EF:14:6C:F1:5C:4A:F8:4D:BA:83:C2:1E:6C:5B:ED:C4:FA:34:1C:3E][Validity: 2016-10-31 00:00:00 - 2017-12-31 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,2,0,2,0,0,2,2,0,0,0,2,2,0,0,0,0,0,0,0,0,0,2,2,0,0,0,0,0,0,0,0,8,2,0,2,0,0,0,0,0,0,0,0,0,69,0,0]
- 2 TCP 172.16.42.216:41828 <-> 52.85.209.143:443 [proto: 91.178/TLS.Amazon][Stack: TLS.Amazon][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 8][cat: Web/5][Breed: Acceptable][31 pkts/13163 bytes <-> 34 pkts/25939 bytes][Goodput ratio: 84/91][3.25 sec][Hostname/SNI: www.amazon.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: http/1.1][bytes ratio: -0.327 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 111/38 1832/535 365/102][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 425/763 1514/1514 587/629][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][ServerNames: amazon.com,amzn.com,uedata.amazon.com,us.amazon.com,www.amazon.com,www.amzn.com,corporate.amazon.com,buybox.amazon.com,iphone.amazon.com,yp.amazon.com,home.amazon.com,origin-www.amazon.com][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=Washington, L=Seattle, O=Amazon.com, Inc., CN=www.amazon.com][Certificate SHA-1: EF:14:6C:F1:5C:4A:F8:4D:BA:83:C2:1E:6C:5B:ED:C4:FA:34:1C:3E][Validity: 2016-10-31 00:00:00 - 2017-12-31 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 2,2,2,8,0,0,2,2,2,0,2,0,0,2,0,0,2,0,0,2,0,2,5,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,53,0,0]
+ 1 TCP 172.16.42.216:54411 <-> 52.85.209.216:443 [proto: 91.178/TLS.Amazon][Stack: TLS.Amazon][IP: 464/AWS_Cloudfront][Encrypted][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 9][cat: Web/5][Breed: Acceptable][40 pkts/9869 bytes <-> 38 pkts/36764 bytes][Goodput ratio: 73/93][4.46 sec][Hostname/SNI: www.amazon.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: http/1.1][bytes ratio: -0.577 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 89/33 1629/317 305/68][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 247/967 1514/1514 433/642][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][ServerNames: amazon.com,amzn.com,uedata.amazon.com,us.amazon.com,www.amazon.com,www.amzn.com,corporate.amazon.com,buybox.amazon.com,iphone.amazon.com,yp.amazon.com,home.amazon.com,origin-www.amazon.com][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=Washington, L=Seattle, O=Amazon.com, Inc., CN=www.amazon.com][Certificate SHA-1: EF:14:6C:F1:5C:4A:F8:4D:BA:83:C2:1E:6C:5B:ED:C4:FA:34:1C:3E][Validity: 2016-10-31 00:00:00 - 2017-12-31 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,2,0,2,0,0,2,2,0,0,0,2,2,0,0,0,0,0,0,0,0,0,2,2,0,0,0,0,0,0,0,0,8,2,0,2,0,0,0,0,0,0,0,0,0,69,0,0]
+ 2 TCP 172.16.42.216:41828 <-> 52.85.209.143:443 [proto: 91.178/TLS.Amazon][Stack: TLS.Amazon][IP: 464/AWS_Cloudfront][Encrypted][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 8][cat: Web/5][Breed: Acceptable][31 pkts/13163 bytes <-> 34 pkts/25939 bytes][Goodput ratio: 84/91][3.25 sec][Hostname/SNI: www.amazon.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: http/1.1][bytes ratio: -0.327 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 111/38 1832/535 365/102][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 425/763 1514/1514 587/629][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][ServerNames: amazon.com,amzn.com,uedata.amazon.com,us.amazon.com,www.amazon.com,www.amzn.com,corporate.amazon.com,buybox.amazon.com,iphone.amazon.com,yp.amazon.com,home.amazon.com,origin-www.amazon.com][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=Washington, L=Seattle, O=Amazon.com, Inc., CN=www.amazon.com][Certificate SHA-1: EF:14:6C:F1:5C:4A:F8:4D:BA:83:C2:1E:6C:5B:ED:C4:FA:34:1C:3E][Validity: 2016-10-31 00:00:00 - 2017-12-31 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 2,2,2,8,0,0,2,2,2,0,2,0,0,2,0,0,2,0,0,2,0,2,5,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,53,0,0]
3 TCP 172.16.42.216:40856 <-> 54.239.29.253:443 [proto: 91.178/TLS.Amazon][Stack: TLS.Amazon][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 6][cat: Web/5][Breed: Acceptable][47 pkts/4785 bytes <-> 51 pkts/31984 bytes][Goodput ratio: 47/91][2.59 sec][Hostname/SNI: skills-store.amazon.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: -0.740 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 65/13 1811/246 293/44][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 102/627 1514/1514 218/316][Risk: ** Weak TLS Cipher **][Risk Score: 100][Risk Info: Cipher TLS_RSA_WITH_AES_128_CBC_SHA][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][ServerNames: skills-store.amazon.com][JA3S: 18e962e106761869a61045bed0e81c2c][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=Washington, L=Seattle, O=Amazon.com, Inc., CN=skills-store.amazon.com][Certificate SHA-1: 2A:40:0E:E9:9A:EC:7C:0D:40:AA:C9:C5:66:67:00:B8:3E:90:DC:B2][Validity: 2016-05-14 00:00:00 - 2017-05-15 23:59:59][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,3,0,0,0,0,1,1,0,0,1,0,0,1,0,0,0,80,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0,1,0,0,0,0,1,0,0,0,0,0,0,7,0,0]
- 4 TCP 172.16.42.216:51986 <-> 52.84.63.56:80 [proto: 7.178/HTTP.Amazon][Stack: HTTP.Amazon][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 6][cat: Web/5][Breed: Acceptable][31 pkts/3707 bytes <-> 28 pkts/31731 bytes][Goodput ratio: 44/94][1.26 sec][Hostname/SNI: ecx.images-amazon.com][bytes ratio: -0.791 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 32/21 364/286 86/68][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 120/1133 613/1514 162/585][URL: ecx.images-amazon.com/images/I/81diFQyVjHL._SL210_QL95_.png][StatusCode: 200][Content-Type: image/jpeg][Server: Server][User-Agent: Mozilla/5.0 (Linux; Android 5.1.1; LGLS751 Build/LMY47V; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/56.0.2924.87 Mobile Safari/537.36 PitanguiBridge/1.16.4.5-[MANUFACTURER=LGE][RELEASE=5.1.1][BRAND=lge][SDK=22][MODEL=LGLS751]][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (GET /images/I/81diF)][Plen Bins: 3,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,3,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,3,68,0,0]
- 5 TCP 172.16.42.216:51995 <-> 52.84.63.56:80 [proto: 7.178/HTTP.Amazon][Stack: HTTP.Amazon][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 6][cat: Web/5][Breed: Acceptable][22 pkts/2590 bytes <-> 25 pkts/31047 bytes][Goodput ratio: 42/95][1.13 sec][Hostname/SNI: ecx.images-amazon.com][bytes ratio: -0.846 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 54/42 536/536 126/120][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 118/1242 613/1514 157/474][URL: ecx.images-amazon.com/images/I/5100jxqrQhL._SL210_QL95_.png][StatusCode: 200][Content-Type: image/jpeg][Server: Server][User-Agent: Mozilla/5.0 (Linux; Android 5.1.1; LGLS751 Build/LMY47V; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/56.0.2924.87 Mobile Safari/537.36 PitanguiBridge/1.16.4.5-[MANUFACTURER=LGE][RELEASE=5.1.1][BRAND=lge][SDK=22][MODEL=LGLS751]][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (GET /images/I/5100j)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,8,0,0,0,4,0,0,0,0,67,0,0]
- 6 TCP 172.16.42.216:51992 <-> 52.84.63.56:80 [proto: 7.178/HTTP.Amazon][Stack: HTTP.Amazon][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 7][cat: Web/5][Breed: Acceptable][27 pkts/3443 bytes <-> 24 pkts/29237 bytes][Goodput ratio: 48/95][1.13 sec][Hostname/SNI: ecx.images-amazon.com][bytes ratio: -0.789 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 36/6 368/110 98/25][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 128/1218 613/1514 172/546][URL: ecx.images-amazon.com/images/I/71nqwmwmRlL._SL210_QL95_.png][StatusCode: 200][Content-Type: image/jpeg][Server: Server][User-Agent: Mozilla/5.0 (Linux; Android 5.1.1; LGLS751 Build/LMY47V; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/56.0.2924.87 Mobile Safari/537.36 PitanguiBridge/1.16.4.5-[MANUFACTURER=LGE][RELEASE=5.1.1][BRAND=lge][SDK=22][MODEL=LGLS751]][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (GET /images/I/71nqwmwmRlL.)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,13,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,74,0,0]
+ 4 TCP 172.16.42.216:51986 <-> 52.84.63.56:80 [proto: 7.178/HTTP.Amazon][Stack: HTTP.Amazon][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 6][cat: Web/5][Breed: Acceptable][31 pkts/3707 bytes <-> 28 pkts/31731 bytes][Goodput ratio: 44/94][1.26 sec][Hostname/SNI: ecx.images-amazon.com][bytes ratio: -0.791 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 32/21 364/286 86/68][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 120/1133 613/1514 162/585][URL: ecx.images-amazon.com/images/I/81diFQyVjHL._SL210_QL95_.png][StatusCode: 200][Content-Type: image/jpeg][Server: Server][User-Agent: Mozilla/5.0 (Linux; Android 5.1.1; LGLS751 Build/LMY47V; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/56.0.2924.87 Mobile Safari/537.36 PitanguiBridge/1.16.4.5-[MANUFACTURER=LGE][RELEASE=5.1.1][BRAND=lge][SDK=22][MODEL=LGLS751]][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (GET /images/I/81diF)][Plen Bins: 3,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,3,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,3,68,0,0]
+ 5 TCP 172.16.42.216:51995 <-> 52.84.63.56:80 [proto: 7.178/HTTP.Amazon][Stack: HTTP.Amazon][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 6][cat: Web/5][Breed: Acceptable][22 pkts/2590 bytes <-> 25 pkts/31047 bytes][Goodput ratio: 42/95][1.13 sec][Hostname/SNI: ecx.images-amazon.com][bytes ratio: -0.846 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 54/42 536/536 126/120][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 118/1242 613/1514 157/474][URL: ecx.images-amazon.com/images/I/5100jxqrQhL._SL210_QL95_.png][StatusCode: 200][Content-Type: image/jpeg][Server: Server][User-Agent: Mozilla/5.0 (Linux; Android 5.1.1; LGLS751 Build/LMY47V; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/56.0.2924.87 Mobile Safari/537.36 PitanguiBridge/1.16.4.5-[MANUFACTURER=LGE][RELEASE=5.1.1][BRAND=lge][SDK=22][MODEL=LGLS751]][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (GET /images/I/5100j)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,8,0,0,0,4,0,0,0,0,67,0,0]
+ 6 TCP 172.16.42.216:51992 <-> 52.84.63.56:80 [proto: 7.178/HTTP.Amazon][Stack: HTTP.Amazon][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 7][cat: Web/5][Breed: Acceptable][27 pkts/3443 bytes <-> 24 pkts/29237 bytes][Goodput ratio: 48/95][1.13 sec][Hostname/SNI: ecx.images-amazon.com][bytes ratio: -0.789 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 36/6 368/110 98/25][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 128/1218 613/1514 172/546][URL: ecx.images-amazon.com/images/I/71nqwmwmRlL._SL210_QL95_.png][StatusCode: 200][Content-Type: image/jpeg][Server: Server][User-Agent: Mozilla/5.0 (Linux; Android 5.1.1; LGLS751 Build/LMY47V; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/56.0.2924.87 Mobile Safari/537.36 PitanguiBridge/1.16.4.5-[MANUFACTURER=LGE][RELEASE=5.1.1][BRAND=lge][SDK=22][MODEL=LGLS751]][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (GET /images/I/71nqwmwmRlL.)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,13,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,74,0,0]
7 TCP 172.16.42.216:41691 <-> 54.239.29.146:443 [proto: 91.178/TLS.Amazon][Stack: TLS.Amazon][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 9][cat: Web/5][Breed: Acceptable][28 pkts/5292 bytes <-> 28 pkts/24601 bytes][Goodput ratio: 71/94][100.86 sec][Hostname/SNI: api.amazon.com][bytes ratio: -0.646 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 37/78 293/443 72/134][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 189/879 1514/1514 381/687][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: 77fcb32cd3006fc460171e2e171695f7][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d220500_5fd681855ab9_c70a3c84db07][ServerNames: api.amazon.com,wsync.us-east-1.amazon.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=Washington, L=Seattle, O=Amazon.com, Inc., CN=api.amazon.com][Certificate SHA-1: 1D:A3:CD:C3:06:9E:9B:A0:61:1E:1A:75:55:C1:A8:B0:DC:F8:75:2D][Firefox][Validity: 2016-09-05 00:00:00 - 2017-09-23 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,3,0,3,0,15,3,0,0,0,0,0,3,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,68,0,0]
- 8 TCP 172.16.42.216:38483 <-> 52.85.209.143:443 [proto: 91.178/TLS.Amazon][Stack: TLS.Amazon][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 8][cat: Web/5][Breed: Acceptable][32 pkts/3796 bytes <-> 30 pkts/25146 bytes][Goodput ratio: 44/92][0.66 sec][bytes ratio: -0.738 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 16/19 227/241 45/48][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 119/838 732/1514 163/608][Risk: ** TLS (probably) Not Carrying HTTPS **** Missing SNI TLS Extn **][Risk Score: 60][Risk Info: SNI should always be present / No ALPN][nDPI Fingerprint: db01ddf673488e0649ab60a8ff8c2e1b][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12i220300_5fd681855ab9_1ea9011b3dfa][ServerNames: amazon.com,amzn.com,uedata.amazon.com,us.amazon.com,www.amazon.com,www.amzn.com,corporate.amazon.com,buybox.amazon.com,iphone.amazon.com,yp.amazon.com,home.amazon.com,origin-www.amazon.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=Washington, L=Seattle, O=Amazon.com, Inc., CN=www.amazon.com][Certificate SHA-1: EF:14:6C:F1:5C:4A:F8:4D:BA:83:C2:1E:6C:5B:ED:C4:FA:34:1C:3E][Firefox][Validity: 2016-10-31 00:00:00 - 2017-12-31 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,12,3,6,0,0,6,0,0,0,0,3,3,0,0,3,0,3,0,0,6,3,0,3,0,0,3,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,40,0,0]
+ 8 TCP 172.16.42.216:38483 <-> 52.85.209.143:443 [proto: 91.178/TLS.Amazon][Stack: TLS.Amazon][IP: 464/AWS_Cloudfront][Encrypted][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 8][cat: Web/5][Breed: Acceptable][32 pkts/3796 bytes <-> 30 pkts/25146 bytes][Goodput ratio: 44/92][0.66 sec][bytes ratio: -0.738 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 16/19 227/241 45/48][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 119/838 732/1514 163/608][Risk: ** TLS (probably) Not Carrying HTTPS **** Missing SNI TLS Extn **][Risk Score: 60][Risk Info: SNI should always be present / No ALPN][nDPI Fingerprint: db01ddf673488e0649ab60a8ff8c2e1b][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12i220300_5fd681855ab9_1ea9011b3dfa][ServerNames: amazon.com,amzn.com,uedata.amazon.com,us.amazon.com,www.amazon.com,www.amzn.com,corporate.amazon.com,buybox.amazon.com,iphone.amazon.com,yp.amazon.com,home.amazon.com,origin-www.amazon.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=Washington, L=Seattle, O=Amazon.com, Inc., CN=www.amazon.com][Certificate SHA-1: EF:14:6C:F1:5C:4A:F8:4D:BA:83:C2:1E:6C:5B:ED:C4:FA:34:1C:3E][Firefox][Validity: 2016-10-31 00:00:00 - 2017-12-31 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,12,3,6,0,0,6,0,0,0,0,3,3,0,0,3,0,3,0,0,6,3,0,3,0,0,3,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,40,0,0]
9 TCP 172.16.42.216:34034 <-> 54.239.24.186:443 [proto: 91.265/TLS.AmazonAWS][Stack: TLS.AmazonAWS][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: DNS][DPI packets: 7][cat: Cloud/13][Breed: Acceptable][24 pkts/22786 bytes <-> 19 pkts/2185 bytes][Goodput ratio: 94/49][1.87 sec][Hostname/SNI: mobileanalytics.us-east-1.amazonaws.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: http/1.1][bytes ratio: 0.825 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 65/76 511/512 132/142][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 949/115 1514/564 678/140][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][JA3S: d199ba0af2b08e204c73d6d81a1fd260][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 4,4,0,0,4,0,0,0,4,0,0,0,4,0,0,4,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,65,0,0]
10 TCP 172.16.42.216:45703 <-> 52.94.232.134:443 [proto: 91.110/TLS.AmazonAlexa][Stack: TLS.AmazonAlexa][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 110/AmazonAlexa, Confidence: DNS][DPI packets: 5][cat: VirtAssistant/32][Breed: Acceptable][32 pkts/18086 bytes <-> 24 pkts/6391 bytes][Goodput ratio: 90/78][13.18 sec][Hostname/SNI: pitangui.amazon.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: 0.478 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 478/297 3544/1485 870/399][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 565/266 1514/731 644/259][Risk: ** Weak TLS Cipher **][Risk Score: 100][Risk Info: Cipher TLS_RSA_WITH_AES_128_CBC_SHA][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][JA3S: 18e962e106761869a61045bed0e81c2c][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,6,3,0,6,9,6,3,3,0,0,0,0,0,0,12,6,3,0,3,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0]
11 TCP 172.16.42.216:45710 <-> 52.94.232.134:443 [proto: 91.110/TLS.AmazonAlexa][Stack: TLS.AmazonAlexa][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 110/AmazonAlexa, Confidence: DNS][DPI packets: 7][cat: VirtAssistant/32][Breed: Acceptable][26 pkts/13063 bytes <-> 23 pkts/8561 bytes][Goodput ratio: 89/85][10.20 sec][Hostname/SNI: pitangui.amazon.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: 0.208 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 464/535 3346/6303 892/1474][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 502/372 1514/1514 619/511][Risk: ** Weak TLS Cipher **][Risk Score: 100][Risk Info: Cipher TLS_RSA_WITH_AES_128_CBC_SHA][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][JA3S: 18e962e106761869a61045bed0e81c2c][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 3,7,3,3,7,3,3,11,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,41,0,0]
- 12 TCP 172.16.42.216:54434 <-> 52.85.209.216:443 [proto: 91.178/TLS.Amazon][Stack: TLS.Amazon][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 6][cat: Web/5][Breed: Acceptable][18 pkts/9106 bytes <-> 15 pkts/10708 bytes][Goodput ratio: 86/91][3.73 sec][Hostname/SNI: www.amazon.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: http/1.1][bytes ratio: -0.081 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 17/241 96/1116 31/336][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 506/714 1514/1514 633/678][nDPI Fingerprint: ab42a1d37c497782b68b77acaa21856b][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1511h2_f0daf39aad75_7ed7223c468c][JA3S: d199ba0af2b08e204c73d6d81a1fd260][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,6,6,0,6,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,6,57,0,0]
- 13 TCP 172.16.42.216:41914 <-> 52.84.62.115:443 [proto: 91.178/TLS.Amazon][Stack: TLS.Amazon][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 8][cat: Web/5][Breed: Acceptable][20 pkts/6834 bytes <-> 15 pkts/11310 bytes][Goodput ratio: 80/91][0.96 sec][Hostname/SNI: images-na.ssl-images-amazon.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: http/1.1][bytes ratio: -0.247 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 51/50 222/242 77/88][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 342/754 1351/1514 506/588][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][ServerNames: images-na.ssl-images-amazon.com,images-eu.ssl-images-amazon.com,images-fe.ssl-images-amazon.com,m.media-amazon.com][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=Washington, L=Seattle, O=Amazon.com, Inc., CN=Images-na.ssl-images-amazon.com][Certificate SHA-1: 39:3D:27:B3:4D:FA:B4:04:AB:48:7F:5C:CB:A9:9A:95:F5:22:2A:52][Validity: 2016-09-23 00:00:00 - 2017-10-26 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,10,0,5,0,0,5,0,10,0,0,0,0,0,10,0,0,0,0,0,0,5,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,5,15,0,0,0,0,27,0,0]
- 14 TCP 172.16.42.216:51997 <-> 52.84.63.56:80 [proto: 7.178/HTTP.Amazon][Stack: HTTP.Amazon][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 6][cat: Web/5][Breed: Acceptable][16 pkts/1611 bytes <-> 14 pkts/16206 bytes][Goodput ratio: 34/94][1.14 sec][Hostname/SNI: ecx.images-amazon.com][bytes ratio: -0.819 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 68/24 628/205 165/61][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 101/1158 613/1514 132/593][URL: ecx.images-amazon.com/images/I/61Tfp7ZVcoL._SL210_QL95_.png][StatusCode: 200][Content-Type: image/jpeg][Server: Server][User-Agent: Mozilla/5.0 (Linux; Android 5.1.1; LGLS751 Build/LMY47V; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/56.0.2924.87 Mobile Safari/537.36 PitanguiBridge/1.16.4.5-[MANUFACTURER=LGE][RELEASE=5.1.1][BRAND=lge][SDK=22][MODEL=LGLS751]][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (GET /images/I/61Tfp)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,83,0,0]
- 15 TCP 172.16.42.216:51989 <-> 52.84.63.56:80 [proto: 7.178/HTTP.Amazon][Stack: HTTP.Amazon][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 8][cat: Web/5][Breed: Acceptable][17 pkts/2771 bytes <-> 14 pkts/14992 bytes][Goodput ratio: 59/94][1.36 sec][Hostname/SNI: ecx.images-amazon.com][bytes ratio: -0.688 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 71/69 377/743 125/213][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 163/1071 613/1514 208/642][URL: ecx.images-amazon.com/images/I/71pwMKDRQIL._SL210_QL95_.png][StatusCode: 200][Content-Type: image/jpeg][Server: Server][User-Agent: Mozilla/5.0 (Linux; Android 5.1.1; LGLS751 Build/LMY47V; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/56.0.2924.87 Mobile Safari/537.36 PitanguiBridge/1.16.4.5-[MANUFACTURER=LGE][RELEASE=5.1.1][BRAND=lge][SDK=22][MODEL=LGLS751]][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (zTGET /images/I/71pwMKDRQIL.)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,23,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,69,0,0]
+ 12 TCP 172.16.42.216:54434 <-> 52.85.209.216:443 [proto: 91.178/TLS.Amazon][Stack: TLS.Amazon][IP: 464/AWS_Cloudfront][Encrypted][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 6][cat: Web/5][Breed: Acceptable][18 pkts/9106 bytes <-> 15 pkts/10708 bytes][Goodput ratio: 86/91][3.73 sec][Hostname/SNI: www.amazon.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: http/1.1][bytes ratio: -0.081 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 17/241 96/1116 31/336][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 506/714 1514/1514 633/678][nDPI Fingerprint: ab42a1d37c497782b68b77acaa21856b][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1511h2_f0daf39aad75_7ed7223c468c][JA3S: d199ba0af2b08e204c73d6d81a1fd260][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,6,6,0,6,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,6,57,0,0]
+ 13 TCP 172.16.42.216:41914 <-> 52.84.62.115:443 [proto: 91.178/TLS.Amazon][Stack: TLS.Amazon][IP: 464/AWS_Cloudfront][Encrypted][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 8][cat: Web/5][Breed: Acceptable][20 pkts/6834 bytes <-> 15 pkts/11310 bytes][Goodput ratio: 80/91][0.96 sec][Hostname/SNI: images-na.ssl-images-amazon.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: http/1.1][bytes ratio: -0.247 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 51/50 222/242 77/88][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 342/754 1351/1514 506/588][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][ServerNames: images-na.ssl-images-amazon.com,images-eu.ssl-images-amazon.com,images-fe.ssl-images-amazon.com,m.media-amazon.com][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=Washington, L=Seattle, O=Amazon.com, Inc., CN=Images-na.ssl-images-amazon.com][Certificate SHA-1: 39:3D:27:B3:4D:FA:B4:04:AB:48:7F:5C:CB:A9:9A:95:F5:22:2A:52][Validity: 2016-09-23 00:00:00 - 2017-10-26 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,10,0,5,0,0,5,0,10,0,0,0,0,0,10,0,0,0,0,0,0,5,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,5,15,0,0,0,0,27,0,0]
+ 14 TCP 172.16.42.216:51997 <-> 52.84.63.56:80 [proto: 7.178/HTTP.Amazon][Stack: HTTP.Amazon][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 6][cat: Web/5][Breed: Acceptable][16 pkts/1611 bytes <-> 14 pkts/16206 bytes][Goodput ratio: 34/94][1.14 sec][Hostname/SNI: ecx.images-amazon.com][bytes ratio: -0.819 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 68/24 628/205 165/61][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 101/1158 613/1514 132/593][URL: ecx.images-amazon.com/images/I/61Tfp7ZVcoL._SL210_QL95_.png][StatusCode: 200][Content-Type: image/jpeg][Server: Server][User-Agent: Mozilla/5.0 (Linux; Android 5.1.1; LGLS751 Build/LMY47V; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/56.0.2924.87 Mobile Safari/537.36 PitanguiBridge/1.16.4.5-[MANUFACTURER=LGE][RELEASE=5.1.1][BRAND=lge][SDK=22][MODEL=LGLS751]][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (GET /images/I/61Tfp)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,83,0,0]
+ 15 TCP 172.16.42.216:51989 <-> 52.84.63.56:80 [proto: 7.178/HTTP.Amazon][Stack: HTTP.Amazon][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 8][cat: Web/5][Breed: Acceptable][17 pkts/2771 bytes <-> 14 pkts/14992 bytes][Goodput ratio: 59/94][1.36 sec][Hostname/SNI: ecx.images-amazon.com][bytes ratio: -0.688 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 71/69 377/743 125/213][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 163/1071 613/1514 208/642][URL: ecx.images-amazon.com/images/I/71pwMKDRQIL._SL210_QL95_.png][StatusCode: 200][Content-Type: image/jpeg][Server: Server][User-Agent: Mozilla/5.0 (Linux; Android 5.1.1; LGLS751 Build/LMY47V; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/56.0.2924.87 Mobile Safari/537.36 PitanguiBridge/1.16.4.5-[MANUFACTURER=LGE][RELEASE=5.1.1][BRAND=lge][SDK=22][MODEL=LGLS751]][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (zTGET /images/I/71pwMKDRQIL.)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,23,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,69,0,0]
16 TCP 172.16.42.216:44912 <-> 54.239.23.94:443 [proto: 91.265/TLS.AmazonAWS][Stack: TLS.AmazonAWS][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: DNS][DPI packets: 11][cat: Cloud/13][Breed: Acceptable][19 pkts/11483 bytes <-> 14 pkts/5858 bytes][Goodput ratio: 91/86][10.46 sec][Hostname/SNI: mobileanalytics.us-east-1.amazonaws.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: http/1.1][bytes ratio: 0.324 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 552/875 3665/7470 1005/2334][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 604/418 1514/1514 650/593][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][ServerNames: mobileanalytics.us-east-1.amazonaws.com][JA3S: 159d46e54a2c066ef95e656fdf034e1d][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=Washington, L=Seattle, O=Amazon.com, Inc., CN=mobileanalytics.us-east-1.amazonaws.com][Certificate SHA-1: 87:AD:E9:2D:E8:42:F0:5C:3A:09:13:00:12:93:59:04:84:C3:E2:2D][Validity: 2016-05-31 00:00:00 - 2017-06-26 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,6,0,6,0,0,0,6,0,0,6,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,41,0,27,0,0]
- 17 TCP 172.16.42.216:51990 <-> 52.84.63.56:80 [proto: 7.178/HTTP.Amazon][Stack: HTTP.Amazon][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 6][cat: Web/5][Breed: Acceptable][15 pkts/1557 bytes <-> 13 pkts/15104 bytes][Goodput ratio: 35/94][1.25 sec][Hostname/SNI: ecx.images-amazon.com][bytes ratio: -0.813 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 88/21 682/138 190/45][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 104/1162 613/1514 136/600][URL: ecx.images-amazon.com/images/I/612xlaOI2NL._SL210_QL95_.png][StatusCode: 200][Content-Type: image/jpeg][Server: Server][User-Agent: Mozilla/5.0 (Linux; Android 5.1.1; LGLS751 Build/LMY47V; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/56.0.2924.87 Mobile Safari/537.36 PitanguiBridge/1.16.4.5-[MANUFACTURER=LGE][RELEASE=5.1.1][BRAND=lge][SDK=22][MODEL=LGLS751]][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (tyGET /images/I/612)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,18,0,0,0,72,0,0]
- 18 TCP 172.16.42.216:51988 <-> 52.84.63.56:80 [proto: 7.178/HTTP.Amazon][Stack: HTTP.Amazon][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 6][cat: Web/5][Breed: Acceptable][15 pkts/1557 bytes <-> 13 pkts/14454 bytes][Goodput ratio: 35/94][1.26 sec][Hostname/SNI: ecx.images-amazon.com][bytes ratio: -0.806 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 77/27 681/154 186/53][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 104/1112 613/1514 136/592][URL: ecx.images-amazon.com/images/I/61oBTb+jZvL._SL210_QL95_.png][StatusCode: 200][Content-Type: image/jpeg][Server: Server][User-Agent: Mozilla/5.0 (Linux; Android 5.1.1; LGLS751 Build/LMY47V; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/56.0.2924.87 Mobile Safari/537.36 PitanguiBridge/1.16.4.5-[MANUFACTURER=LGE][RELEASE=5.1.1][BRAND=lge][SDK=22][MODEL=LGLS751]][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (GET /images/I/61oBTb)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9,0,0,0,0,0,0,0,0,0,0,0,0,0,18,0,0,0,0,0,0,0,0,0,0,0,0,0,72,0,0]
+ 17 TCP 172.16.42.216:51990 <-> 52.84.63.56:80 [proto: 7.178/HTTP.Amazon][Stack: HTTP.Amazon][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 6][cat: Web/5][Breed: Acceptable][15 pkts/1557 bytes <-> 13 pkts/15104 bytes][Goodput ratio: 35/94][1.25 sec][Hostname/SNI: ecx.images-amazon.com][bytes ratio: -0.813 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 88/21 682/138 190/45][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 104/1162 613/1514 136/600][URL: ecx.images-amazon.com/images/I/612xlaOI2NL._SL210_QL95_.png][StatusCode: 200][Content-Type: image/jpeg][Server: Server][User-Agent: Mozilla/5.0 (Linux; Android 5.1.1; LGLS751 Build/LMY47V; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/56.0.2924.87 Mobile Safari/537.36 PitanguiBridge/1.16.4.5-[MANUFACTURER=LGE][RELEASE=5.1.1][BRAND=lge][SDK=22][MODEL=LGLS751]][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (tyGET /images/I/612)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,18,0,0,0,72,0,0]
+ 18 TCP 172.16.42.216:51988 <-> 52.84.63.56:80 [proto: 7.178/HTTP.Amazon][Stack: HTTP.Amazon][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 6][cat: Web/5][Breed: Acceptable][15 pkts/1557 bytes <-> 13 pkts/14454 bytes][Goodput ratio: 35/94][1.26 sec][Hostname/SNI: ecx.images-amazon.com][bytes ratio: -0.806 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 77/27 681/154 186/53][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 104/1112 613/1514 136/592][URL: ecx.images-amazon.com/images/I/61oBTb+jZvL._SL210_QL95_.png][StatusCode: 200][Content-Type: image/jpeg][Server: Server][User-Agent: Mozilla/5.0 (Linux; Android 5.1.1; LGLS751 Build/LMY47V; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/56.0.2924.87 Mobile Safari/537.36 PitanguiBridge/1.16.4.5-[MANUFACTURER=LGE][RELEASE=5.1.1][BRAND=lge][SDK=22][MODEL=LGLS751]][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (GET /images/I/61oBTb)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9,0,0,0,0,0,0,0,0,0,0,0,0,0,18,0,0,0,0,0,0,0,0,0,0,0,0,0,72,0,0]
19 TCP 172.16.42.216:40871 <-> 54.239.29.253:443 [proto: 91.178/TLS.Amazon][Stack: TLS.Amazon][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 6][cat: Web/5][Breed: Acceptable][20 pkts/7766 bytes <-> 21 pkts/8198 bytes][Goodput ratio: 86/86][3.82 sec][Hostname/SNI: skills-store.amazon.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: -0.027 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 182/130 1403/1107 358/296][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 388/390 1514/1514 570/458][Risk: ** Weak TLS Cipher **][Risk Score: 100][Risk Info: Cipher TLS_RSA_WITH_AES_128_CBC_SHA][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][JA3S: 18e962e106761869a61045bed0e81c2c][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,18,9,4,0,0,0,9,4,0,0,0,4,0,0,0,0,13,0,0,0,4,0,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,28,0,0]
- 20 TCP 172.16.42.216:41912 <-> 52.84.62.115:443 [proto: 91.178/TLS.Amazon][Stack: TLS.Amazon][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 8][cat: Web/5][Breed: Acceptable][16 pkts/3960 bytes <-> 14 pkts/11986 bytes][Goodput ratio: 73/92][0.96 sec][Hostname/SNI: images-na.ssl-images-amazon.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: http/1.1][bytes ratio: -0.503 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 71/14 669/71 174/23][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 248/856 1340/1514 415/644][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][ServerNames: images-na.ssl-images-amazon.com,images-eu.ssl-images-amazon.com,images-fe.ssl-images-amazon.com,m.media-amazon.com][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=Washington, L=Seattle, O=Amazon.com, Inc., CN=Images-na.ssl-images-amazon.com][Certificate SHA-1: 39:3D:27:B3:4D:FA:B4:04:AB:48:7F:5C:CB:A9:9A:95:F5:22:2A:52][Validity: 2016-09-23 00:00:00 - 2017-10-26 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,6,0,18,0,0,6,0,6,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,12,0,0,0,0,0,38,0,0]
- 21 TCP 172.16.42.216:51985 <-> 52.84.63.56:80 [proto: 7.178/HTTP.Amazon][Stack: HTTP.Amazon][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 6][cat: Web/5][Breed: Acceptable][16 pkts/1623 bytes <-> 14 pkts/14282 bytes][Goodput ratio: 34/93][1.26 sec][Hostname/SNI: ecx.images-amazon.com][bytes ratio: -0.796 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 84/45 682/281 185/91][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 101/1020 613/1514 132/664][URL: ecx.images-amazon.com/images/I/51woiL9kgkL._SL210_QL95_.png][StatusCode: 200][Content-Type: image/jpeg][Server: Server][User-Agent: Mozilla/5.0 (Linux; Android 5.1.1; LGLS751 Build/LMY47V; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/56.0.2924.87 Mobile Safari/537.36 PitanguiBridge/1.16.4.5-[MANUFACTURER=LGE][RELEASE=5.1.1][BRAND=lge][SDK=22][MODEL=LGLS751]][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (GET /images/I/51woiL9)][Plen Bins: 0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,75,0,0]
- 22 TCP 172.16.42.216:51996 <-> 52.84.63.56:80 [proto: 7.178/HTTP.Amazon][Stack: HTTP.Amazon][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 6][cat: Web/5][Breed: Acceptable][15 pkts/1545 bytes <-> 13 pkts/14178 bytes][Goodput ratio: 35/94][1.13 sec][Hostname/SNI: ecx.images-amazon.com][bytes ratio: -0.803 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 75/22 764/207 210/62][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 103/1091 613/1514 136/639][URL: ecx.images-amazon.com/images/I/81Ni5COup-L._SL210_QL95_.png][StatusCode: 200][Content-Type: image/jpeg][Server: Server][User-Agent: Mozilla/5.0 (Linux; Android 5.1.1; LGLS751 Build/LMY47V; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/56.0.2924.87 Mobile Safari/537.36 PitanguiBridge/1.16.4.5-[MANUFACTURER=LGE][RELEASE=5.1.1][BRAND=lge][SDK=22][MODEL=LGLS751]][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (GET /images/I/81Ni5)][Plen Bins: 0,0,0,0,0,0,0,0,9,0,0,0,0,0,0,0,0,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,81,0,0]
+ 20 TCP 172.16.42.216:41912 <-> 52.84.62.115:443 [proto: 91.178/TLS.Amazon][Stack: TLS.Amazon][IP: 464/AWS_Cloudfront][Encrypted][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 8][cat: Web/5][Breed: Acceptable][16 pkts/3960 bytes <-> 14 pkts/11986 bytes][Goodput ratio: 73/92][0.96 sec][Hostname/SNI: images-na.ssl-images-amazon.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: http/1.1][bytes ratio: -0.503 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 71/14 669/71 174/23][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 248/856 1340/1514 415/644][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][ServerNames: images-na.ssl-images-amazon.com,images-eu.ssl-images-amazon.com,images-fe.ssl-images-amazon.com,m.media-amazon.com][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=Washington, L=Seattle, O=Amazon.com, Inc., CN=Images-na.ssl-images-amazon.com][Certificate SHA-1: 39:3D:27:B3:4D:FA:B4:04:AB:48:7F:5C:CB:A9:9A:95:F5:22:2A:52][Validity: 2016-09-23 00:00:00 - 2017-10-26 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,6,0,18,0,0,6,0,6,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,12,0,0,0,0,0,38,0,0]
+ 21 TCP 172.16.42.216:51985 <-> 52.84.63.56:80 [proto: 7.178/HTTP.Amazon][Stack: HTTP.Amazon][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 6][cat: Web/5][Breed: Acceptable][16 pkts/1623 bytes <-> 14 pkts/14282 bytes][Goodput ratio: 34/93][1.26 sec][Hostname/SNI: ecx.images-amazon.com][bytes ratio: -0.796 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 84/45 682/281 185/91][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 101/1020 613/1514 132/664][URL: ecx.images-amazon.com/images/I/51woiL9kgkL._SL210_QL95_.png][StatusCode: 200][Content-Type: image/jpeg][Server: Server][User-Agent: Mozilla/5.0 (Linux; Android 5.1.1; LGLS751 Build/LMY47V; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/56.0.2924.87 Mobile Safari/537.36 PitanguiBridge/1.16.4.5-[MANUFACTURER=LGE][RELEASE=5.1.1][BRAND=lge][SDK=22][MODEL=LGLS751]][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (GET /images/I/51woiL9)][Plen Bins: 0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,75,0,0]
+ 22 TCP 172.16.42.216:51996 <-> 52.84.63.56:80 [proto: 7.178/HTTP.Amazon][Stack: HTTP.Amazon][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 6][cat: Web/5][Breed: Acceptable][15 pkts/1545 bytes <-> 13 pkts/14178 bytes][Goodput ratio: 35/94][1.13 sec][Hostname/SNI: ecx.images-amazon.com][bytes ratio: -0.803 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 75/22 764/207 210/62][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 103/1091 613/1514 136/639][URL: ecx.images-amazon.com/images/I/81Ni5COup-L._SL210_QL95_.png][StatusCode: 200][Content-Type: image/jpeg][Server: Server][User-Agent: Mozilla/5.0 (Linux; Android 5.1.1; LGLS751 Build/LMY47V; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/56.0.2924.87 Mobile Safari/537.36 PitanguiBridge/1.16.4.5-[MANUFACTURER=LGE][RELEASE=5.1.1][BRAND=lge][SDK=22][MODEL=LGLS751]][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (GET /images/I/81Ni5)][Plen Bins: 0,0,0,0,0,0,0,0,9,0,0,0,0,0,0,0,0,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,81,0,0]
23 TCP 172.16.42.216:53682 <-> 54.239.22.185:443 [proto: 91.178/TLS.Amazon][Stack: TLS.Amazon][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 9][cat: Web/5][Breed: Acceptable][16 pkts/10167 bytes <-> 13 pkts/5328 bytes][Goodput ratio: 91/86][163.85 sec][Hostname/SNI: firs-ta-g7g.amazon.com][bytes ratio: 0.312 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 12603/417 159135/3907 42305/1164][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 635/410 1514/1514 644/520][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: 77fcb32cd3006fc460171e2e171695f7][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d220500_5fd681855ab9_c70a3c84db07][ServerNames: firs-ta-g7g.amazon.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=Washington, L=Seattle, O=Amazon.com, Inc., CN=firs-ta-g7g.amazon.com][Certificate SHA-1: A0:32:45:00:21:A0:00:56:62:BA:FE:E7:68:81:40:5F:68:7E:A6:86][Firefox][Validity: 2016-11-25 00:00:00 - 2017-12-31 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,6,0,6,0,0,0,6,0,0,0,0,6,0,0,0,0,0,13,0,0,0,0,0,0,13,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,47,0,0]
24 TCP 172.16.42.216:45712 <-> 52.94.232.134:443 [proto: 91.110/TLS.AmazonAlexa][Stack: TLS.AmazonAlexa][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 110/AmazonAlexa, Confidence: DNS][DPI packets: 8][cat: VirtAssistant/32][Breed: Acceptable][24 pkts/11240 bytes <-> 18 pkts/3909 bytes][Goodput ratio: 88/73][5.97 sec][Hostname/SNI: pitangui.amazon.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: 0.484 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 271/206 1239/905 390/325][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 468/217 1514/715 608/241][Risk: ** Weak TLS Cipher **][Risk Score: 100][Risk Info: Cipher TLS_RSA_WITH_AES_128_CBC_SHA][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][JA3S: 18e962e106761869a61045bed0e81c2c][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,10,5,5,0,10,10,5,0,0,0,0,0,0,5,5,5,0,5,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,30,0,0]
25 TCP 172.16.42.216:40854 <-> 54.239.29.253:443 [proto: 91.178/TLS.Amazon][Stack: TLS.Amazon][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 6][cat: Web/5][Breed: Acceptable][21 pkts/6285 bytes <-> 16 pkts/8842 bytes][Goodput ratio: 82/90][2.68 sec][Hostname/SNI: skills-store.amazon.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: -0.169 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 146/106 1158/932 299/253][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 299/553 1514/1514 504/512][Risk: ** Weak TLS Cipher **][Risk Score: 100][Risk Info: Cipher TLS_RSA_WITH_AES_128_CBC_SHA][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][ServerNames: skills-store.amazon.com][JA3S: 18e962e106761869a61045bed0e81c2c][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=Washington, L=Seattle, O=Amazon.com, Inc., CN=skills-store.amazon.com][Certificate SHA-1: 2A:40:0E:E9:9A:EC:7C:0D:40:AA:C9:C5:66:67:00:B8:3E:90:DC:B2][Validity: 2016-05-14 00:00:00 - 2017-05-15 23:59:59][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,11,0,0,0,0,11,0,0,0,5,0,0,0,0,0,0,30,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,5,0,0,0,0,0,5,24,0,0]
- 26 TCP 172.16.42.216:55242 <-> 52.85.209.197:443 [proto: 91.178/TLS.Amazon][Stack: TLS.Amazon][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 8][cat: Web/5][Breed: Acceptable][18 pkts/6706 bytes <-> 20 pkts/8204 bytes][Goodput ratio: 82/84][123.38 sec][Hostname/SNI: www.amazon.com][bytes ratio: -0.100 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 87/100 290/445 108/155][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 373/410 1514/1514 532/546][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: 77fcb32cd3006fc460171e2e171695f7][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d220500_5fd681855ab9_c70a3c84db07][ServerNames: amazon.com,amzn.com,uedata.amazon.com,us.amazon.com,www.amazon.com,www.amzn.com,corporate.amazon.com,buybox.amazon.com,iphone.amazon.com,yp.amazon.com,home.amazon.com,origin-www.amazon.com][JA3S: 389ed42c02ebecc32e73aa31def07e14][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=Washington, L=Seattle, O=Amazon.com, Inc., CN=www.amazon.com][Certificate SHA-1: EF:14:6C:F1:5C:4A:F8:4D:BA:83:C2:1E:6C:5B:ED:C4:FA:34:1C:3E][Firefox][Validity: 2016-10-31 00:00:00 - 2017-12-31 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 15,15,0,5,0,0,5,10,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,5,0,0,10,0,0,21,0,0]
+ 26 TCP 172.16.42.216:55242 <-> 52.85.209.197:443 [proto: 91.178/TLS.Amazon][Stack: TLS.Amazon][IP: 464/AWS_Cloudfront][Encrypted][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 8][cat: Web/5][Breed: Acceptable][18 pkts/6706 bytes <-> 20 pkts/8204 bytes][Goodput ratio: 82/84][123.38 sec][Hostname/SNI: www.amazon.com][bytes ratio: -0.100 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 87/100 290/445 108/155][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 373/410 1514/1514 532/546][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: 77fcb32cd3006fc460171e2e171695f7][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d220500_5fd681855ab9_c70a3c84db07][ServerNames: amazon.com,amzn.com,uedata.amazon.com,us.amazon.com,www.amazon.com,www.amzn.com,corporate.amazon.com,buybox.amazon.com,iphone.amazon.com,yp.amazon.com,home.amazon.com,origin-www.amazon.com][JA3S: 389ed42c02ebecc32e73aa31def07e14][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=Washington, L=Seattle, O=Amazon.com, Inc., CN=www.amazon.com][Certificate SHA-1: EF:14:6C:F1:5C:4A:F8:4D:BA:83:C2:1E:6C:5B:ED:C4:FA:34:1C:3E][Firefox][Validity: 2016-10-31 00:00:00 - 2017-12-31 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 15,15,0,5,0,0,5,10,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,5,0,0,10,0,0,21,0,0]
27 TCP 172.16.42.216:50799 <-> 54.239.28.178:443 [proto: 91.110/TLS.AmazonAlexa][Stack: TLS.AmazonAlexa][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 110/AmazonAlexa, Confidence: DNS][DPI packets: 7][cat: VirtAssistant/32][Breed: Acceptable][20 pkts/9329 bytes <-> 17 pkts/5540 bytes][Goodput ratio: 88/82][10.48 sec][Hostname/SNI: pitangui.amazon.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: 0.255 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 636/760 7767/8001 1851/2099][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 466/326 1514/1514 612/473][Risk: ** Weak TLS Cipher **][Risk Score: 100][Risk Info: Cipher TLS_RSA_WITH_AES_128_CBC_SHA][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][ServerNames: pitangui.amazon.com,guipitan.amazon.com,alexa.amazon.com,echo.amazon.com,alexa.amazon.ca,guipitan.amazon.ca,alexa.amazon.co.jp,guipitan.amazon.co.jp,alexa.amazon.com.mx,guipitan.amazon.com.mx,alexa.amazon.com.br,guipitan.amazon.com.br,alexa.amazon.com.au,guipitan.amazon.com.au,alexa.amazon.cn,guipitan.amazon.cn][JA3S: 18e962e106761869a61045bed0e81c2c][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=Washington, L=Seattle, O=Amazon.com, Inc., CN=pitangui.amazon.com][Certificate SHA-1: 13:E9:3B:22:22:61:41:53:CA:B6:3A:AE:C8:B7:23:FB:A5:11:2F:24][Validity: 2017-01-12 00:00:00 - 2018-01-13 23:59:59][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,18,0,0,5,0,5,5,0,0,11,0,0,0,0,0,5,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,43,0,0]
- 28 TCP 172.16.42.216:51993 <-> 52.84.63.56:80 [proto: 7.178/HTTP.Amazon][Stack: HTTP.Amazon][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 6][cat: Web/5][Breed: Acceptable][14 pkts/1479 bytes <-> 12 pkts/13075 bytes][Goodput ratio: 37/94][1.13 sec][Hostname/SNI: ecx.images-amazon.com][bytes ratio: -0.797 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 102/23 765/207 218/65][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 106/1090 613/1514 141/624][URL: ecx.images-amazon.com/images/I/61SZU-lPFNL._SL210_QL95_.png][StatusCode: 200][Content-Type: image/jpeg][Server: Server][User-Agent: Mozilla/5.0 (Linux; Android 5.1.1; LGLS751 Build/LMY47V; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/56.0.2924.87 Mobile Safari/537.36 PitanguiBridge/1.16.4.5-[MANUFACTURER=LGE][RELEASE=5.1.1][BRAND=lge][SDK=22][MODEL=LGLS751]][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (GET /images/I/61S)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,80,0,0]
- 29 TCP 172.16.42.216:51987 <-> 52.84.63.56:80 [proto: 7.178/HTTP.Amazon][Stack: HTTP.Amazon][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 6][cat: Web/5][Breed: Acceptable][14 pkts/1491 bytes <-> 12 pkts/12826 bytes][Goodput ratio: 37/94][1.26 sec][Hostname/SNI: ecx.images-amazon.com][bytes ratio: -0.792 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 96/22 682/154 199/50][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 106/1069 613/1514 141/605][URL: ecx.images-amazon.com/images/I/71GcCNTb6kL._SL210_QL95_.png][StatusCode: 200][Content-Type: image/jpeg][Server: Server][User-Agent: Mozilla/5.0 (Linux; Android 5.1.1; LGLS751 Build/LMY47V; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/56.0.2924.87 Mobile Safari/537.36 PitanguiBridge/1.16.4.5-[MANUFACTURER=LGE][RELEASE=5.1.1][BRAND=lge][SDK=22][MODEL=LGLS751]][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (GET /images/I/71GcCNTb6)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,70,0,0]
+ 28 TCP 172.16.42.216:51993 <-> 52.84.63.56:80 [proto: 7.178/HTTP.Amazon][Stack: HTTP.Amazon][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 6][cat: Web/5][Breed: Acceptable][14 pkts/1479 bytes <-> 12 pkts/13075 bytes][Goodput ratio: 37/94][1.13 sec][Hostname/SNI: ecx.images-amazon.com][bytes ratio: -0.797 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 102/23 765/207 218/65][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 106/1090 613/1514 141/624][URL: ecx.images-amazon.com/images/I/61SZU-lPFNL._SL210_QL95_.png][StatusCode: 200][Content-Type: image/jpeg][Server: Server][User-Agent: Mozilla/5.0 (Linux; Android 5.1.1; LGLS751 Build/LMY47V; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/56.0.2924.87 Mobile Safari/537.36 PitanguiBridge/1.16.4.5-[MANUFACTURER=LGE][RELEASE=5.1.1][BRAND=lge][SDK=22][MODEL=LGLS751]][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (GET /images/I/61S)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,80,0,0]
+ 29 TCP 172.16.42.216:51987 <-> 52.84.63.56:80 [proto: 7.178/HTTP.Amazon][Stack: HTTP.Amazon][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 6][cat: Web/5][Breed: Acceptable][14 pkts/1491 bytes <-> 12 pkts/12826 bytes][Goodput ratio: 37/94][1.26 sec][Hostname/SNI: ecx.images-amazon.com][bytes ratio: -0.792 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 96/22 682/154 199/50][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 106/1069 613/1514 141/605][URL: ecx.images-amazon.com/images/I/71GcCNTb6kL._SL210_QL95_.png][StatusCode: 200][Content-Type: image/jpeg][Server: Server][User-Agent: Mozilla/5.0 (Linux; Android 5.1.1; LGLS751 Build/LMY47V; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/56.0.2924.87 Mobile Safari/537.36 PitanguiBridge/1.16.4.5-[MANUFACTURER=LGE][RELEASE=5.1.1][BRAND=lge][SDK=22][MODEL=LGLS751]][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (GET /images/I/71GcCNTb6)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,70,0,0]
30 TCP 172.16.42.216:34069 <-> 54.239.24.186:443 [proto: 91.265/TLS.AmazonAWS][Stack: TLS.AmazonAWS][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: DNS][DPI packets: 7][cat: Cloud/13][Breed: Acceptable][16 pkts/12799 bytes <-> 14 pkts/1381 bytes][Goodput ratio: 93/40][4.36 sec][Hostname/SNI: mobileanalytics.us-east-1.amazonaws.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: http/1.1][bytes ratio: 0.805 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 256/126 2464/986 644/293][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 800/99 1514/449 707/105][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][JA3S: d199ba0af2b08e204c73d6d81a1fd260][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,8,0,0,8,0,0,0,8,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,59,0,0]
31 TCP 172.16.42.216:45711 <-> 52.94.232.134:443 [proto: 91.110/TLS.AmazonAlexa][Stack: TLS.AmazonAlexa][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 110/AmazonAlexa, Confidence: DNS][DPI packets: 10][cat: VirtAssistant/32][Breed: Acceptable][22 pkts/11642 bytes <-> 11 pkts/2484 bytes][Goodput ratio: 89/74][21.11 sec][Hostname/SNI: pitangui.amazon.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: 0.648 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/64 1023/2459 6019/9247 1749/3564][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 529/226 1514/955 611/323][Risk: ** Weak TLS Cipher **][Risk Score: 100][Risk Info: Cipher TLS_RSA_WITH_AES_128_CBC_SHA][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][JA3S: 18e962e106761869a61045bed0e81c2c][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,12,6,0,0,6,0,18,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,6,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,31,0,0]
32 TCP 172.16.42.216:42130 <-> 72.21.206.135:443 [proto: 91.178/TLS.Amazon][Stack: TLS.Amazon][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 11][cat: Web/5][Breed: Acceptable][18 pkts/6237 bytes <-> 14 pkts/6594 bytes][Goodput ratio: 84/88][2.59 sec][Hostname/SNI: fls-na.amazon.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: http/1.1][bytes ratio: -0.028 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 164/169 783/785 225/244][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 346/471 1514/1514 494/576][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][ServerNames: fls-na.amazon.ca,fls-na.amazon.com,fls-na.amazon.com.br,fls-na.amazon.com.mx][JA3S: 159d46e54a2c066ef95e656fdf034e1d][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=Washington, L=Seattle, O=Amazon.com, Inc., CN=fls-na.amazon.com][Certificate SHA-1: 2F:16:23:0F:F8:49:12:18:49:55:48:DA:E6:59:D9:B3:BB:0E:41:8A][Validity: 2017-01-07 00:00:00 - 2018-01-30 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,6,0,6,0,0,20,0,0,6,0,0,0,13,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,34,0,0]
@@ -95,17 +95,17 @@ JA Host Stats:
36 TCP 172.16.42.216:45715 <-> 52.94.232.134:443 [proto: 91.110/TLS.AmazonAlexa][Stack: TLS.AmazonAlexa][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 110/AmazonAlexa, Confidence: DNS][DPI packets: 5][cat: VirtAssistant/32][Breed: Acceptable][18 pkts/10366 bytes <-> 11 pkts/1730 bytes][Goodput ratio: 90/63][22.60 sec][Hostname/SNI: pitangui.amazon.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: 0.714 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1160/2749 10810/15911 2672/5468][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 576/157 1514/555 667/178][Risk: ** Weak TLS Cipher **][Risk Score: 100][Risk Info: Cipher TLS_RSA_WITH_AES_128_CBC_SHA][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][JA3S: 18e962e106761869a61045bed0e81c2c][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,14,7,7,0,0,7,7,0,0,0,0,0,0,7,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,42,0,0]
37 TCP 172.16.42.216:42129 <-> 72.21.206.135:443 [proto: 91.178/TLS.Amazon][Stack: TLS.Amazon][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 9][cat: Web/5][Breed: Acceptable][16 pkts/5899 bytes <-> 13 pkts/6114 bytes][Goodput ratio: 85/88][2.59 sec][Hostname/SNI: fls-na.amazon.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: http/1.1][bytes ratio: -0.018 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 177/19 1347/104 365/37][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 369/470 1514/1514 557/597][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][ServerNames: fls-na.amazon.ca,fls-na.amazon.com,fls-na.amazon.com.br,fls-na.amazon.com.mx][JA3S: 159d46e54a2c066ef95e656fdf034e1d][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=Washington, L=Seattle, O=Amazon.com, Inc., CN=fls-na.amazon.com][Certificate SHA-1: 2F:16:23:0F:F8:49:12:18:49:55:48:DA:E6:59:D9:B3:BB:0E:41:8A][Validity: 2017-01-07 00:00:00 - 2018-01-30 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,8,0,8,0,0,8,0,0,16,0,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,51,0,0]
38 TCP 172.16.42.216:45680 <-> 52.94.232.134:443 [proto: 91.110/TLS.AmazonAlexa][Stack: TLS.AmazonAlexa][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 110/AmazonAlexa, Confidence: DNS][DPI packets: 7][cat: VirtAssistant/32][Breed: Acceptable][15 pkts/7129 bytes <-> 14 pkts/4292 bytes][Goodput ratio: 88/81][2.51 sec][Hostname/SNI: pitangui.amazon.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: 0.248 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 202/95 1324/374 353/142][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 475/307 1248/891 523/370][Risk: ** Weak TLS Cipher **][Risk Score: 100][Risk Info: Cipher TLS_RSA_WITH_AES_128_CBC_SHA][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][JA3S: 18e962e106761869a61045bed0e81c2c][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,14,7,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,28,0,0,0,0,0,0,0,0,21,7,7,0,0,0,0,0,0,0,0,0,0]
- 39 TCP 172.16.42.216:41913 <-> 52.84.62.115:443 [proto: 91.178/TLS.Amazon][Stack: TLS.Amazon][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 8][cat: Web/5][Breed: Acceptable][9 pkts/2224 bytes <-> 9 pkts/8798 bytes][Goodput ratio: 73/93][0.15 sec][Hostname/SNI: images-na.ssl-images-amazon.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: http/1.1][bytes ratio: -0.596 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 16/13 52/61 18/22][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 247/978 1343/1514 394/629][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][ServerNames: images-na.ssl-images-amazon.com,images-eu.ssl-images-amazon.com,images-fe.ssl-images-amazon.com,m.media-amazon.com][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=Washington, L=Seattle, O=Amazon.com, Inc., CN=Images-na.ssl-images-amazon.com][Certificate SHA-1: 39:3D:27:B3:4D:FA:B4:04:AB:48:7F:5C:CB:A9:9A:95:F5:22:2A:52][Validity: 2016-09-23 00:00:00 - 2017-10-26 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,0,10,0,0,10,0,10,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,50,0,0]
+ 39 TCP 172.16.42.216:41913 <-> 52.84.62.115:443 [proto: 91.178/TLS.Amazon][Stack: TLS.Amazon][IP: 464/AWS_Cloudfront][Encrypted][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 8][cat: Web/5][Breed: Acceptable][9 pkts/2224 bytes <-> 9 pkts/8798 bytes][Goodput ratio: 73/93][0.15 sec][Hostname/SNI: images-na.ssl-images-amazon.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: http/1.1][bytes ratio: -0.596 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 16/13 52/61 18/22][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 247/978 1343/1514 394/629][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][ServerNames: images-na.ssl-images-amazon.com,images-eu.ssl-images-amazon.com,images-fe.ssl-images-amazon.com,m.media-amazon.com][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=Washington, L=Seattle, O=Amazon.com, Inc., CN=Images-na.ssl-images-amazon.com][Certificate SHA-1: 39:3D:27:B3:4D:FA:B4:04:AB:48:7F:5C:CB:A9:9A:95:F5:22:2A:52][Validity: 2016-09-23 00:00:00 - 2017-10-26 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,0,10,0,0,10,0,10,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,50,0,0]
40 TCP 172.16.42.216:50797 <-> 54.239.28.178:443 [proto: 91.110/TLS.AmazonAlexa][Stack: TLS.AmazonAlexa][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 110/AmazonAlexa, Confidence: DNS][DPI packets: 7][cat: VirtAssistant/32][Breed: Acceptable][14 pkts/5989 bytes <-> 11 pkts/4920 bytes][Goodput ratio: 87/87][10.17 sec][Hostname/SNI: pitangui.amazon.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: 0.098 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 92/114 346/441 105/161][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 428/447 1514/1514 576/536][Risk: ** Weak TLS Cipher **][Risk Score: 100][Risk Info: Cipher TLS_RSA_WITH_AES_128_CBC_SHA][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][ServerNames: pitangui.amazon.com,guipitan.amazon.com,alexa.amazon.com,echo.amazon.com,alexa.amazon.ca,guipitan.amazon.ca,alexa.amazon.co.jp,guipitan.amazon.co.jp,alexa.amazon.com.mx,guipitan.amazon.com.mx,alexa.amazon.com.br,guipitan.amazon.com.br,alexa.amazon.com.au,guipitan.amazon.com.au,alexa.amazon.cn,guipitan.amazon.cn][JA3S: 18e962e106761869a61045bed0e81c2c][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=Washington, L=Seattle, O=Amazon.com, Inc., CN=pitangui.amazon.com][Certificate SHA-1: 13:E9:3B:22:22:61:41:53:CA:B6:3A:AE:C8:B7:23:FB:A5:11:2F:24][Validity: 2017-01-12 00:00:00 - 2018-01-13 23:59:59][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,7,0,7,0,0,15,0,0,0,15,0,0,0,7,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,39,0,0]
41 TCP 172.16.42.216:47606 <-> 72.21.206.121:443 [proto: 91.178/TLS.Amazon][Stack: TLS.Amazon][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 9][cat: Web/5][Breed: Acceptable][14 pkts/4321 bytes <-> 14 pkts/6297 bytes][Goodput ratio: 82/87][0.75 sec][Hostname/SNI: fls-na.amazon.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: http/1.1][bytes ratio: -0.186 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 32/27 255/176 73/52][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 309/450 1514/1514 496/585][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][ServerNames: fls-na.amazon.ca,fls-na.amazon.com,fls-na.amazon.com.br,fls-na.amazon.com.mx][JA3S: 159d46e54a2c066ef95e656fdf034e1d][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=Washington, L=Seattle, O=Amazon.com, Inc., CN=fls-na.amazon.com][Certificate SHA-1: 2F:16:23:0F:F8:49:12:18:49:55:48:DA:E6:59:D9:B3:BB:0E:41:8A][Validity: 2017-01-07 00:00:00 - 2018-01-30 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,7,15,15,0,0,7,0,0,0,0,0,0,7,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,39,0,0]
42 TCP 172.16.42.216:38757 <-> 54.239.28.178:443 [proto: 91.110/TLS.AmazonAlexa][Stack: TLS.AmazonAlexa][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 110/AmazonAlexa, Confidence: DNS][DPI packets: 7][cat: VirtAssistant/32][Breed: Acceptable][13 pkts/6382 bytes <-> 8 pkts/3973 bytes][Goodput ratio: 89/89][2.80 sec][bytes ratio: 0.233 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 254/411 1240/2328 378/858][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 491/497 1344/1514 576/598][Risk: ** Obsolete TLS (v1.1 or older) **** Weak TLS Cipher **][Risk Score: 200][Risk Info: Cipher TLS_RSA_WITH_AES_128_CBC_SHA / TLSv1][nDPI Fingerprint: d8b65c2b6c348c9813c4a1a3a5bd1c18][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1][JA4: t10i140200_37d7d24289bf_33a13ba74d1c][ServerNames: pitangui.amazon.com,guipitan.amazon.com,alexa.amazon.com,echo.amazon.com,alexa.amazon.ca,guipitan.amazon.ca,alexa.amazon.co.jp,guipitan.amazon.co.jp,alexa.amazon.com.mx,guipitan.amazon.com.mx,alexa.amazon.com.br,guipitan.amazon.com.br,alexa.amazon.com.au,guipitan.amazon.com.au,alexa.amazon.cn,guipitan.amazon.cn][JA3S: 18e962e106761869a61045bed0e81c2c][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=Washington, L=Seattle, O=Amazon.com, Inc., CN=pitangui.amazon.com][Certificate SHA-1: 13:E9:3B:22:22:61:41:53:CA:B6:3A:AE:C8:B7:23:FB:A5:11:2F:24][Validity: 2017-01-12 00:00:00 - 2018-01-13 23:59:59][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,9,0,0,0,9,9,0,0,0,18,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,36,0,0,0,0,18,0,0]
43 TCP 172.16.42.216:40864 <-> 54.239.29.253:443 [proto: 91.178/TLS.Amazon][Stack: TLS.Amazon][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 5][cat: Web/5][Breed: Acceptable][15 pkts/2838 bytes <-> 16 pkts/7478 bytes][Goodput ratio: 71/88][4.06 sec][Hostname/SNI: skills-store.amazon.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: -0.450 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 66/267 259/1771 98/509][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 189/467 1514/1514 363/499][Risk: ** Weak TLS Cipher **][Risk Score: 100][Risk Info: Cipher TLS_RSA_WITH_AES_128_CBC_SHA][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][JA3S: 18e962e106761869a61045bed0e81c2c][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,20,6,0,0,0,6,13,0,0,0,0,0,0,0,0,0,26,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,20,0,0]
44 TCP 172.16.42.216:45693 <-> 52.94.232.134:443 [proto: 91.110/TLS.AmazonAlexa][Stack: TLS.AmazonAlexa][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 110/AmazonAlexa, Confidence: DNS][DPI packets: 5][cat: VirtAssistant/32][Breed: Acceptable][15 pkts/4412 bytes <-> 13 pkts/5784 bytes][Goodput ratio: 81/87][4.69 sec][Hostname/SNI: pitangui.amazon.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: -0.135 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 390/24 4145/80 1133/32][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 294/445 1514/1514 485/599][Risk: ** Weak TLS Cipher **][Risk Score: 100][Risk Info: Cipher TLS_RSA_WITH_AES_128_CBC_SHA][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][JA3S: 18e962e106761869a61045bed0e81c2c][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 7,15,7,0,7,0,7,7,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,40,0,0]
- 45 TCP 172.16.42.216:54427 <-> 52.85.209.216:443 [proto: 91.178/TLS.Amazon][Stack: TLS.Amazon][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 6][cat: Web/5][Breed: Acceptable][13 pkts/8467 bytes <-> 8 pkts/1403 bytes][Goodput ratio: 90/62][1.35 sec][Hostname/SNI: www.amazon.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: http/1.1][bytes ratio: 0.716 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/12 109/125 514/453 157/165][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 651/175 1514/777 663/233][nDPI Fingerprint: ab42a1d37c497782b68b77acaa21856b][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1511h2_f0daf39aad75_7ed7223c468c][JA3S: d199ba0af2b08e204c73d6d81a1fd260][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,11,0,0,11,0,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,22,0,0]
- 46 TCP 172.16.42.216:51994 <-> 52.84.63.56:80 [proto: 7.178/HTTP.Amazon][Stack: HTTP.Amazon][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 7][cat: Web/5][Breed: Acceptable][11 pkts/1293 bytes <-> 10 pkts/8334 bytes][Goodput ratio: 42/92][1.10 sec][Hostname/SNI: ecx.images-amazon.com][bytes ratio: -0.731 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 106/24 808/113 266/39][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 118/833 613/1514 157/652][URL: ecx.images-amazon.com/images/I/315y9IEXZSL._SL210_QL95_.png][StatusCode: 200][Content-Type: image/jpeg][Server: Server][User-Agent: Mozilla/5.0 (Linux; Android 5.1.1; LGLS751 Build/LMY47V; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/56.0.2924.87 Mobile Safari/537.36 PitanguiBridge/1.16.4.5-[MANUFACTURER=LGE][RELEASE=5.1.1][BRAND=lge][SDK=22][MODEL=LGLS751]][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (GET /images/I/315)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,57,0,0]
+ 45 TCP 172.16.42.216:54427 <-> 52.85.209.216:443 [proto: 91.178/TLS.Amazon][Stack: TLS.Amazon][IP: 464/AWS_Cloudfront][Encrypted][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 6][cat: Web/5][Breed: Acceptable][13 pkts/8467 bytes <-> 8 pkts/1403 bytes][Goodput ratio: 90/62][1.35 sec][Hostname/SNI: www.amazon.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: http/1.1][bytes ratio: 0.716 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/12 109/125 514/453 157/165][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 651/175 1514/777 663/233][nDPI Fingerprint: ab42a1d37c497782b68b77acaa21856b][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1511h2_f0daf39aad75_7ed7223c468c][JA3S: d199ba0af2b08e204c73d6d81a1fd260][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,11,0,0,11,0,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,22,0,0]
+ 46 TCP 172.16.42.216:51994 <-> 52.84.63.56:80 [proto: 7.178/HTTP.Amazon][Stack: HTTP.Amazon][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 7][cat: Web/5][Breed: Acceptable][11 pkts/1293 bytes <-> 10 pkts/8334 bytes][Goodput ratio: 42/92][1.10 sec][Hostname/SNI: ecx.images-amazon.com][bytes ratio: -0.731 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 106/24 808/113 266/39][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 118/833 613/1514 157/652][URL: ecx.images-amazon.com/images/I/315y9IEXZSL._SL210_QL95_.png][StatusCode: 200][Content-Type: image/jpeg][Server: Server][User-Agent: Mozilla/5.0 (Linux; Android 5.1.1; LGLS751 Build/LMY47V; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/56.0.2924.87 Mobile Safari/537.36 PitanguiBridge/1.16.4.5-[MANUFACTURER=LGE][RELEASE=5.1.1][BRAND=lge][SDK=22][MODEL=LGLS751]][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (GET /images/I/315)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,57,0,0]
47 TCP 172.16.42.216:44001 <-> 176.32.101.52:443 [proto: 91.178/TLS.Amazon][Stack: TLS.Amazon][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 8][cat: Web/5][Breed: Acceptable][22 pkts/4394 bytes <-> 19 pkts/5213 bytes][Goodput ratio: 72/79][101.63 sec][Hostname/SNI: dp-gw-na-js.amazon.com][bytes ratio: -0.085 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 5968/5788 80048/79926 19049/20563][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 200/274 1514/1514 303/442][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: 9ee3b53542b1106295f6d63cf3949177][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d150900_f0daf39aad75_e69ac49eb88f][ServerNames: dp-gw-na.amazon.com,dp-gw-na-js.amazon.com,dp-gw-na.amazon.co.uk,dp-gw-na.amazon.de,dp-gw-na.amazon.co.jp,dp-gw-na.amazon.in][JA3S: fbe78c619e7ea20046131294ad087f05][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=Washington, L=Seattle, O=Amazon.com, Inc., CN=dp-gw-na.amazon.com][Certificate SHA-1: 27:E5:06:34:82:69:BC:97:5E:28:A3:C1:5A:23:81:C7:E3:28:95:8C][Validity: 2016-09-24 00:00:00 - 2017-09-13 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 9,14,4,4,4,0,29,9,0,4,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0]
48 TCP 172.16.42.216:45714 <-> 52.94.232.134:443 [proto: 91.110/TLS.AmazonAlexa][Stack: TLS.AmazonAlexa][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 110/AmazonAlexa, Confidence: DNS][DPI packets: 5][cat: VirtAssistant/32][Breed: Acceptable][17 pkts/7542 bytes <-> 10 pkts/1990 bytes][Goodput ratio: 88/71][18.45 sec][Hostname/SNI: pitangui.amazon.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: 0.582 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1317/1449 6762/8309 2110/3069][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 444/199 1514/699 598/247][Risk: ** Weak TLS Cipher **][Risk Score: 100][Risk Info: Cipher TLS_RSA_WITH_AES_128_CBC_SHA][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][JA3S: 18e962e106761869a61045bed0e81c2c][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,15,7,0,15,7,0,7,0,0,0,0,0,0,0,0,0,0,0,7,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,31,0,0]
- 49 TCP 172.16.42.216:38404 <-> 34.199.52.240:443 [proto: 91.265/TLS.AmazonAWS][Stack: TLS.AmazonAWS][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: DNS][DPI packets: 8][cat: Cloud/13][Breed: Acceptable][15 pkts/3140 bytes <-> 12 pkts/6286 bytes][Goodput ratio: 69/87][1.00 sec][Hostname/SNI: cognito-identity.us-east-1.amazonaws.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: -0.334 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 74/55 364/256 109/84][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 209/524 950/1514 299/598][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][ServerNames: cognito-identity.amazonaws.com,cognito-identity.us-east-1.amazonaws.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=Washington, L=Seattle, O=Amazon.com, Inc., CN=cognito-identity.us-east-1.amazonaws.com][Certificate SHA-1: 56:17:8F:E9:45:10:32:78:FF:FD:E3:09:60:5A:B5:3B:8D:8C:F8:34][Validity: 2016-05-25 00:00:00 - 2017-06-22 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 8,16,0,8,0,0,0,0,8,0,0,0,0,0,0,8,8,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0]
+ 49 TCP 172.16.42.216:38404 <-> 34.199.52.240:443 [proto: 91.265/TLS.AmazonAWS][Stack: TLS.AmazonAWS][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: DNS][DPI packets: 8][cat: Cloud/13][Breed: Acceptable][15 pkts/3140 bytes <-> 12 pkts/6286 bytes][Goodput ratio: 69/87][1.00 sec][Hostname/SNI: cognito-identity.us-east-1.amazonaws.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: -0.334 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 74/55 364/256 109/84][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 209/524 950/1514 299/598][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][ServerNames: cognito-identity.amazonaws.com,cognito-identity.us-east-1.amazonaws.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=Washington, L=Seattle, O=Amazon.com, Inc., CN=cognito-identity.us-east-1.amazonaws.com][Certificate SHA-1: 56:17:8F:E9:45:10:32:78:FF:FD:E3:09:60:5A:B5:3B:8D:8C:F8:34][Validity: 2016-05-25 00:00:00 - 2017-06-22 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 8,16,0,8,0,0,0,0,8,0,0,0,0,0,0,8,8,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0]
50 TCP 172.16.42.216:34074 <-> 54.239.24.186:443 [proto: 91.265/TLS.AmazonAWS][Stack: TLS.AmazonAWS][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: DNS][DPI packets: 7][cat: Cloud/13][Breed: Acceptable][13 pkts/7594 bytes <-> 9 pkts/1081 bytes][Goodput ratio: 90/51][6.86 sec][Hostname/SNI: mobileanalytics.us-east-1.amazonaws.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: http/1.1][bytes ratio: 0.751 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 679/185 5262/894 1550/320][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 584/120 1514/449 627/125][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][JA3S: d199ba0af2b08e204c73d6d81a1fd260][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,11,0,0,11,0,0,0,11,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,22,0,0,0,0,0,0,22,0,11,0,0]
51 TCP 172.16.42.216:34019 <-> 54.239.24.186:443 [proto: 91.265/TLS.AmazonAWS][Stack: TLS.AmazonAWS][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: DNS][DPI packets: 10][cat: Cloud/13][Breed: Acceptable][14 pkts/2122 bytes <-> 11 pkts/6182 bytes][Goodput ratio: 63/90][0.64 sec][Hostname/SNI: mobileanalytics.us-east-1.amazonaws.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: http/1.1][bytes ratio: -0.489 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 50/71 277/343 78/116][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 152/562 820/1514 202/618][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][ServerNames: mobileanalytics.us-east-1.amazonaws.com][JA3S: 159d46e54a2c066ef95e656fdf034e1d][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=Washington, L=Seattle, O=Amazon.com, Inc., CN=mobileanalytics.us-east-1.amazonaws.com][Certificate SHA-1: 87:AD:E9:2D:E8:42:F0:5C:3A:09:13:00:12:93:59:04:84:C3:E2:2D][Validity: 2016-05-31 00:00:00 - 2017-06-26 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,10,0,10,0,0,0,20,0,0,0,0,0,0,0,10,0,0,0,10,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,30,0,0]
52 TCP 172.16.42.216:34033 <-> 54.239.24.186:443 [proto: 91.265/TLS.AmazonAWS][Stack: TLS.AmazonAWS][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: DNS][DPI packets: 7][cat: Cloud/13][Breed: Acceptable][14 pkts/6517 bytes <-> 11 pkts/1705 bytes][Goodput ratio: 88/62][1.91 sec][Hostname/SNI: mobileanalytics.us-east-1.amazonaws.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: http/1.1][bytes ratio: 0.585 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 144/57 1221/225 342/79][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 466/155 1514/564 535/173][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][JA3S: d199ba0af2b08e204c73d6d81a1fd260][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,10,0,0,10,0,0,0,10,0,0,0,10,0,0,10,0,0,0,0,0,0,0,10,0,10,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,10,0,10,0,0]
@@ -115,13 +115,13 @@ JA Host Stats:
56 TCP 172.16.42.216:49067 <-> 216.58.194.78:443 [proto: 91.228/TLS.PlayStore][Stack: TLS.PlayStore][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 228/PlayStore, Confidence: DNS][DPI packets: 8][cat: SoftwareUpdate/19][Breed: Safe][10 pkts/2508 bytes <-> 9 pkts/5344 bytes][Goodput ratio: 73/89][0.36 sec][Hostname/SNI: android.clients.google.com][bytes ratio: -0.361 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 44/34 137/93 40/41][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 251/594 1434/1484 402/587][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: ddad58c0052852c96d7b6bfcbc1dc5dd][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d200700_93851ff8129a_036209cd1ead][ServerNames: *.google.com,*.android.com,*.appengine.google.com,*.cloud.google.com,*.gcp.gvt2.com,*.google-analytics.com,*.google.ca,*.google.cl,*.google.co.in,*.google.co.jp,*.google.co.uk,*.google.com.ar,*.google.com.au,*.google.com.br,*.google.com.co,*.google.com.mx,*.google.com.tr,*.google.com.vn,*.google.de,*.google.es,*.google.fr,*.google.hu,*.google.it,*.google.nl,*.google.pl,*.google.pt,*.googleadapis.com,*.googleapis.cn,*.googlecommerce.com,*.googlevideo.com,*.gstatic.cn,*.gstatic.com,*.gvt1.com,*.gvt2.com,*.metric.gstatic.com,*.urchin.com,*.url.google.com,*.youtube-nocookie.com,*.youtube.com,*.youtubeeducation.com,*.ytimg.com,android.clients.google.com,android.com,developer.android.google.cn,g.co,goo.gl,google-analytics.com,google.com,googlecommerce.com,urchin.com,www.goo.gl,youtu.be,youtube.com,youtubeeducation.com][JA3S: 9b1466fd60cadccb848e09c86e284265][Issuer: C=US, O=Google Inc, CN=Google Internet Authority G2][Subject: C=US, ST=California, L=Mountain View, O=Google Inc, CN=*.google.com][Certificate SHA-1: 54:A0:1E:03:FF:CB:33:BC:9D:65:DC:D7:BF:6B:04:2B:F9:F3:D5:42][Safari][Validity: 2017-03-22 17:02:50 - 2017-06-14 16:17:00][Cipher: TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256][Plen Bins: 0,10,10,0,0,10,10,0,0,10,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,10,0,20,0,0,0]
57 TCP 172.16.42.216:45674 <-> 52.94.232.134:443 [proto: 91.110/TLS.AmazonAlexa][Stack: TLS.AmazonAlexa][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 110/AmazonAlexa, Confidence: DNS][DPI packets: 6][cat: VirtAssistant/32][Breed: Acceptable][12 pkts/4436 bytes <-> 12 pkts/3341 bytes][Goodput ratio: 85/79][2.20 sec][Hostname/SNI: pitangui.amazon.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: 0.141 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 226/36 1612/118 492/51][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 370/278 1248/891 490/354][Risk: ** Weak TLS Cipher **][Risk Score: 100][Risk Info: Cipher TLS_RSA_WITH_AES_128_CBC_SHA][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][JA3S: 18e962e106761869a61045bed0e81c2c][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,20,10,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,30,0,0,0,0,0,0,0,0,20,0,10,0,0,0,0,0,0,0,0,0,0]
58 TCP 172.16.42.216:50796 <-> 54.239.28.178:443 [proto: 91.110/TLS.AmazonAlexa][Stack: TLS.AmazonAlexa][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 110/AmazonAlexa, Confidence: DNS][DPI packets: 7][cat: VirtAssistant/32][Breed: Acceptable][10 pkts/2719 bytes <-> 8 pkts/4869 bytes][Goodput ratio: 79/91][0.73 sec][Hostname/SNI: pitangui.amazon.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: -0.283 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 91/73 260/241 97/100][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 272/609 1514/1514 428/624][Risk: ** Weak TLS Cipher **][Risk Score: 100][Risk Info: Cipher TLS_RSA_WITH_AES_128_CBC_SHA][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][ServerNames: pitangui.amazon.com,guipitan.amazon.com,alexa.amazon.com,echo.amazon.com,alexa.amazon.ca,guipitan.amazon.ca,alexa.amazon.co.jp,guipitan.amazon.co.jp,alexa.amazon.com.mx,guipitan.amazon.com.mx,alexa.amazon.com.br,guipitan.amazon.com.br,alexa.amazon.com.au,guipitan.amazon.com.au,alexa.amazon.cn,guipitan.amazon.cn][JA3S: 18e962e106761869a61045bed0e81c2c][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=Washington, L=Seattle, O=Amazon.com, Inc., CN=pitangui.amazon.com][Certificate SHA-1: 13:E9:3B:22:22:61:41:53:CA:B6:3A:AE:C8:B7:23:FB:A5:11:2F:24][Validity: 2017-01-12 00:00:00 - 2018-01-13 23:59:59][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,11,0,0,0,11,11,0,0,0,22,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,33,0,0]
- 59 TCP 172.16.42.216:38363 <-> 34.199.52.240:443 [proto: 91.265/TLS.AmazonAWS][Stack: TLS.AmazonAWS][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: DNS][DPI packets: 8][cat: Cloud/13][Breed: Acceptable][14 pkts/2676 bytes <-> 10 pkts/4624 bytes][Goodput ratio: 66/85][0.81 sec][Hostname/SNI: cognito-identity.us-east-1.amazonaws.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: -0.267 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 68/88 265/375 77/136][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 191/462 773/1514 246/556][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][ServerNames: cognito-identity.amazonaws.com,cognito-identity.us-east-1.amazonaws.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=Washington, L=Seattle, O=Amazon.com, Inc., CN=cognito-identity.us-east-1.amazonaws.com][Certificate SHA-1: 56:17:8F:E9:45:10:32:78:FF:FD:E3:09:60:5A:B5:3B:8D:8C:F8:34][Validity: 2016-05-25 00:00:00 - 2017-06-22 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 10,10,0,10,0,0,0,10,0,0,0,0,0,0,10,10,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0]
+ 59 TCP 172.16.42.216:38363 <-> 34.199.52.240:443 [proto: 91.265/TLS.AmazonAWS][Stack: TLS.AmazonAWS][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: DNS][DPI packets: 8][cat: Cloud/13][Breed: Acceptable][14 pkts/2676 bytes <-> 10 pkts/4624 bytes][Goodput ratio: 66/85][0.81 sec][Hostname/SNI: cognito-identity.us-east-1.amazonaws.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: -0.267 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 68/88 265/375 77/136][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 191/462 773/1514 246/556][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][ServerNames: cognito-identity.amazonaws.com,cognito-identity.us-east-1.amazonaws.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=Washington, L=Seattle, O=Amazon.com, Inc., CN=cognito-identity.us-east-1.amazonaws.com][Certificate SHA-1: 56:17:8F:E9:45:10:32:78:FF:FD:E3:09:60:5A:B5:3B:8D:8C:F8:34][Validity: 2016-05-25 00:00:00 - 2017-06-22 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 10,10,0,10,0,0,0,10,0,0,0,0,0,0,10,10,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0]
60 TCP 172.16.42.216:59698 <-> 52.94.232.134:443 [proto: 91.110/TLS.AmazonAlexa][Stack: TLS.AmazonAlexa][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 110/AmazonAlexa, Confidence: DNS][DPI packets: 7][cat: VirtAssistant/32][Breed: Acceptable][13 pkts/2372 bytes <-> 10 pkts/4572 bytes][Goodput ratio: 70/88][105.04 sec][bytes ratio: -0.317 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 10450/383 99710/1530 29779/579][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 182/457 1184/1514 305/547][Risk: ** Weak TLS Cipher **** TLS (probably) Not Carrying HTTPS **** Missing SNI TLS Extn **][Risk Score: 160][Risk Info: SNI should always be present / No ALPN / Cipher TLS_RSA_WITH_AES_128_CBC_SHA][nDPI Fingerprint: db01ddf673488e0649ab60a8ff8c2e1b][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12i220300_5fd681855ab9_1ea9011b3dfa][ServerNames: pitangui.amazon.com,guipitan.amazon.com,alexa.amazon.com,echo.amazon.com,alexa.amazon.ca,guipitan.amazon.ca,alexa.amazon.co.jp,guipitan.amazon.co.jp,alexa.amazon.com.mx,guipitan.amazon.com.mx,alexa.amazon.com.br,guipitan.amazon.com.br,alexa.amazon.com.au,guipitan.amazon.com.au,alexa.amazon.cn,guipitan.amazon.cn][JA3S: 18e962e106761869a61045bed0e81c2c][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=Washington, L=Seattle, O=Amazon.com, Inc., CN=pitangui.amazon.com][Certificate SHA-1: 13:E9:3B:22:22:61:41:53:CA:B6:3A:AE:C8:B7:23:FB:A5:11:2F:24][Firefox][Validity: 2017-01-12 00:00:00 - 2018-01-13 23:59:59][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,11,0,0,0,0,11,0,0,0,44,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,22,0,0]
- 61 TCP 172.16.42.216:41825 <-> 54.231.72.88:443 [proto: 91.265/TLS.AmazonAWS][Stack: TLS.AmazonAWS][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: DNS][DPI packets: 8][cat: Cloud/13][Breed: Acceptable][15 pkts/1901 bytes <-> 14 pkts/5033 bytes][Goodput ratio: 56/84][6.82 sec][Hostname/SNI: s3-external-2.amazonaws.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: -0.452 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 533/614 5996/5956 1648/1782][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 127/360 752/1486 180/458][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][ServerNames: s3-external-1.amazonaws.com,*.s3-external-1.amazonaws.com,s3-external-2.amazonaws.com,*.s3-external-2.amazonaws.com,*.s3.amazonaws.com][JA3S: ea615e28cb25adfb2f261151eab3314f][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Baltimore CA-2 G2][Subject: C=US, ST=Washington, L=Seattle, O=Amazon.com Inc., CN=*.s3-external-1.amazonaws.com][Certificate SHA-1: C0:51:D8:FA:6B:58:94:F2:3E:4E:7D:B2:36:5F:02:E4:F0:3F:54:FF][Validity: 2016-07-18 00:00:00 - 2017-10-26 12:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 24,7,7,7,0,0,0,7,0,0,7,0,0,7,0,0,0,0,0,0,7,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,7,0,0,0]
+ 61 TCP 172.16.42.216:41825 <-> 54.231.72.88:443 [proto: 91.265/TLS.AmazonAWS][Stack: TLS.AmazonAWS][IP: 463/AWS_S3][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: DNS][DPI packets: 8][cat: Cloud/13][Breed: Acceptable][15 pkts/1901 bytes <-> 14 pkts/5033 bytes][Goodput ratio: 56/84][6.82 sec][Hostname/SNI: s3-external-2.amazonaws.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: -0.452 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 533/614 5996/5956 1648/1782][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 127/360 752/1486 180/458][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][ServerNames: s3-external-1.amazonaws.com,*.s3-external-1.amazonaws.com,s3-external-2.amazonaws.com,*.s3-external-2.amazonaws.com,*.s3.amazonaws.com][JA3S: ea615e28cb25adfb2f261151eab3314f][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Baltimore CA-2 G2][Subject: C=US, ST=Washington, L=Seattle, O=Amazon.com Inc., CN=*.s3-external-1.amazonaws.com][Certificate SHA-1: C0:51:D8:FA:6B:58:94:F2:3E:4E:7D:B2:36:5F:02:E4:F0:3F:54:FF][Validity: 2016-07-18 00:00:00 - 2017-10-26 12:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 24,7,7,7,0,0,0,7,0,0,7,0,0,7,0,0,0,0,0,0,7,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,7,0,0,0]
62 TCP 172.16.42.216:42143 <-> 72.21.206.135:443 [proto: 91.178/TLS.Amazon][Stack: TLS.Amazon][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 7][cat: Web/5][Breed: Acceptable][12 pkts/5873 bytes <-> 10 pkts/1049 bytes][Goodput ratio: 89/44][1.37 sec][Hostname/SNI: fls-na.amazon.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: http/1.1][bytes ratio: 0.697 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 144/88 483/524 177/179][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 489/105 1514/357 610/95][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][JA3S: d199ba0af2b08e204c73d6d81a1fd260][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,12,0,0,12,0,0,12,0,12,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,38,0,0]
63 TCP 172.16.42.216:42148 <-> 72.21.206.135:443 [proto: 91.178/TLS.Amazon][Stack: TLS.Amazon][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 7][cat: Web/5][Breed: Acceptable][13 pkts/5805 bytes <-> 8 pkts/1017 bytes][Goodput ratio: 88/54][0.57 sec][Hostname/SNI: fls-na.amazon.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: http/1.1][bytes ratio: 0.702 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 50/13 245/65 75/26][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 447/127 1514/445 591/130][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][JA3S: d199ba0af2b08e204c73d6d81a1fd260][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,11,0,0,22,0,0,11,11,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0]
- 64 TCP 172.16.42.216:54412 <-> 52.85.209.216:443 [proto: 91.178/TLS.Amazon][Stack: TLS.Amazon][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 8][cat: Web/5][Breed: Acceptable][10 pkts/996 bytes <-> 7 pkts/5823 bytes][Goodput ratio: 33/92][0.38 sec][Hostname/SNI: www.amazon.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: http/1.1][bytes ratio: -0.708 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 47/18 101/86 45/34][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 100/832 268/1514 67/636][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][ServerNames: amazon.com,amzn.com,uedata.amazon.com,us.amazon.com,www.amazon.com,www.amzn.com,corporate.amazon.com,buybox.amazon.com,iphone.amazon.com,yp.amazon.com,home.amazon.com,origin-www.amazon.com][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=Washington, L=Seattle, O=Amazon.com, Inc., CN=www.amazon.com][Certificate SHA-1: EF:14:6C:F1:5C:4A:F8:4D:BA:83:C2:1E:6C:5B:ED:C4:FA:34:1C:3E][Validity: 2016-10-31 00:00:00 - 2017-12-31 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,0,14,0,0,14,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,42,0,0]
- 65 TCP 172.16.42.216:41820 <-> 54.231.72.88:443 [proto: 91.265/TLS.AmazonAWS][Stack: TLS.AmazonAWS][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: DNS][DPI packets: 8][cat: Cloud/13][Breed: Acceptable][14 pkts/1817 bytes <-> 13 pkts/4948 bytes][Goodput ratio: 57/85][3.94 sec][Hostname/SNI: s3-external-2.amazonaws.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: -0.463 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 314/42 2864/196 810/79][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 130/381 754/1486 184/469][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][ServerNames: s3-external-1.amazonaws.com,*.s3-external-1.amazonaws.com,s3-external-2.amazonaws.com,*.s3-external-2.amazonaws.com,*.s3.amazonaws.com][JA3S: ea615e28cb25adfb2f261151eab3314f][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Baltimore CA-2 G2][Subject: C=US, ST=Washington, L=Seattle, O=Amazon.com Inc., CN=*.s3-external-1.amazonaws.com][Certificate SHA-1: C0:51:D8:FA:6B:58:94:F2:3E:4E:7D:B2:36:5F:02:E4:F0:3F:54:FF][Validity: 2016-07-18 00:00:00 - 2017-10-26 12:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 16,8,8,8,0,0,8,0,0,0,8,0,0,8,0,0,0,0,0,0,8,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,8,0,0,0]
+ 64 TCP 172.16.42.216:54412 <-> 52.85.209.216:443 [proto: 91.178/TLS.Amazon][Stack: TLS.Amazon][IP: 464/AWS_Cloudfront][Encrypted][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 8][cat: Web/5][Breed: Acceptable][10 pkts/996 bytes <-> 7 pkts/5823 bytes][Goodput ratio: 33/92][0.38 sec][Hostname/SNI: www.amazon.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: http/1.1][bytes ratio: -0.708 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 47/18 101/86 45/34][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 100/832 268/1514 67/636][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][ServerNames: amazon.com,amzn.com,uedata.amazon.com,us.amazon.com,www.amazon.com,www.amzn.com,corporate.amazon.com,buybox.amazon.com,iphone.amazon.com,yp.amazon.com,home.amazon.com,origin-www.amazon.com][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=Washington, L=Seattle, O=Amazon.com, Inc., CN=www.amazon.com][Certificate SHA-1: EF:14:6C:F1:5C:4A:F8:4D:BA:83:C2:1E:6C:5B:ED:C4:FA:34:1C:3E][Validity: 2016-10-31 00:00:00 - 2017-12-31 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,0,14,0,0,14,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,42,0,0]
+ 65 TCP 172.16.42.216:41820 <-> 54.231.72.88:443 [proto: 91.265/TLS.AmazonAWS][Stack: TLS.AmazonAWS][IP: 463/AWS_S3][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: DNS][DPI packets: 8][cat: Cloud/13][Breed: Acceptable][14 pkts/1817 bytes <-> 13 pkts/4948 bytes][Goodput ratio: 57/85][3.94 sec][Hostname/SNI: s3-external-2.amazonaws.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: -0.463 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 314/42 2864/196 810/79][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 130/381 754/1486 184/469][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][ServerNames: s3-external-1.amazonaws.com,*.s3-external-1.amazonaws.com,s3-external-2.amazonaws.com,*.s3-external-2.amazonaws.com,*.s3.amazonaws.com][JA3S: ea615e28cb25adfb2f261151eab3314f][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Baltimore CA-2 G2][Subject: C=US, ST=Washington, L=Seattle, O=Amazon.com Inc., CN=*.s3-external-1.amazonaws.com][Certificate SHA-1: C0:51:D8:FA:6B:58:94:F2:3E:4E:7D:B2:36:5F:02:E4:F0:3F:54:FF][Validity: 2016-07-18 00:00:00 - 2017-10-26 12:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 16,8,8,8,0,0,8,0,0,0,8,0,0,8,0,0,0,0,0,0,8,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,8,0,0,0]
66 TCP 172.16.42.216:45732 <-> 52.94.232.134:443 [proto: 91.110/TLS.AmazonAlexa][Stack: TLS.AmazonAlexa][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 110/AmazonAlexa, Confidence: DNS][DPI packets: 5][cat: VirtAssistant/32][Breed: Acceptable][13 pkts/5614 bytes <-> 8 pkts/1103 bytes][Goodput ratio: 87/58][6.02 sec][Hostname/SNI: pitangui.amazon.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: 0.672 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 591/663 2868/3089 977/1214][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 432/138 1514/555 598/160][Risk: ** Weak TLS Cipher **][Risk Score: 100][Risk Info: Cipher TLS_RSA_WITH_AES_128_CBC_SHA][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][JA3S: 18e962e106761869a61045bed0e81c2c][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,22,11,0,0,0,11,11,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0]
67 TCP 172.16.42.216:45694 <-> 52.94.232.134:443 [proto: 91.110/TLS.AmazonAlexa][Stack: TLS.AmazonAlexa][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 110/AmazonAlexa, Confidence: DNS][DPI packets: 7][cat: VirtAssistant/32][Breed: Acceptable][11 pkts/1845 bytes <-> 9 pkts/4385 bytes][Goodput ratio: 67/88][4.64 sec][Hostname/SNI: pitangui.amazon.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: -0.408 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 515/26 4284/78 1333/34][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 168/487 752/1514 212/577][Risk: ** Weak TLS Cipher **][Risk Score: 100][Risk Info: Cipher TLS_RSA_WITH_AES_128_CBC_SHA][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][ServerNames: pitangui.amazon.com,guipitan.amazon.com,alexa.amazon.com,echo.amazon.com,alexa.amazon.ca,guipitan.amazon.ca,alexa.amazon.co.jp,guipitan.amazon.co.jp,alexa.amazon.com.mx,guipitan.amazon.com.mx,alexa.amazon.com.br,guipitan.amazon.com.br,alexa.amazon.com.au,guipitan.amazon.com.au,alexa.amazon.cn,guipitan.amazon.cn][JA3S: 18e962e106761869a61045bed0e81c2c][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=Washington, L=Seattle, O=Amazon.com, Inc., CN=pitangui.amazon.com][Certificate SHA-1: 13:E9:3B:22:22:61:41:53:CA:B6:3A:AE:C8:B7:23:FB:A5:11:2F:24][Validity: 2017-01-12 00:00:00 - 2018-01-13 23:59:59][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,12,0,0,0,0,12,0,0,0,25,0,0,0,0,0,0,12,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0]
68 TCP 172.16.42.216:34053 <-> 54.239.24.186:443 [proto: 91.265/TLS.AmazonAWS][Stack: TLS.AmazonAWS][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: DNS][DPI packets: 7][cat: Cloud/13][Breed: Acceptable][11 pkts/4927 bytes <-> 9 pkts/1231 bytes][Goodput ratio: 88/57][2.15 sec][Hostname/SNI: mobileanalytics.us-east-1.amazonaws.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: http/1.1][bytes ratio: 0.600 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 236/131 950/512 322/198][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 448/137 1514/449 584/126][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][JA3S: d199ba0af2b08e204c73d6d81a1fd260][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,12,0,0,25,0,0,0,12,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,12,0,12,0,0]
@@ -138,7 +138,7 @@ JA Host Stats:
79 TCP 172.16.42.216:40878 <-> 54.239.29.253:443 [proto: 91.178/TLS.Amazon][Stack: TLS.Amazon][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 5][cat: Web/5][Breed: Acceptable][13 pkts/2948 bytes <-> 10 pkts/1947 bytes][Goodput ratio: 75/70][6.35 sec][Hostname/SNI: skills-store.amazon.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: 0.204 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 406/60 3799/294 1132/105][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 227/195 1514/1147 385/320][Risk: ** Weak TLS Cipher **][Risk Score: 100][Risk Info: Cipher TLS_RSA_WITH_AES_128_CBC_SHA][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][JA3S: 18e962e106761869a61045bed0e81c2c][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,22,11,0,22,0,0,11,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,11,0,0]
80 TCP 172.16.42.216:37113 <-> 52.94.232.134:443 [proto: 91/TLS][Stack: TLS][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 110/AmazonAlexa, Confidence: DNS][DPI packets: 6][cat: Web/5][Breed: Safe][13 pkts/3881 bytes <-> 11 pkts/979 bytes][Goodput ratio: 81/34][101.19 sec][bytes ratio: 0.597 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 9975/51 99124/160 29716/50][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 299/89 1514/251 520/57][Risk: ** Obsolete TLS (v1.1 or older) **** Weak TLS Cipher **][Risk Score: 200][Risk Info: Cipher TLS_RSA_WITH_AES_128_CBC_SHA / TLSv1][nDPI Fingerprint: d8b65c2b6c348c9813c4a1a3a5bd1c18][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1][JA4: t10i140200_37d7d24289bf_33a13ba74d1c][JA3S: 18e962e106761869a61045bed0e81c2c][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 12,25,12,0,0,12,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0]
81 TCP 172.16.42.216:45687 <-> 52.94.232.134:443 [proto: 91.110/TLS.AmazonAlexa][Stack: TLS.AmazonAlexa][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 110/AmazonAlexa, Confidence: DNS][DPI packets: 6][cat: VirtAssistant/32][Breed: Acceptable][11 pkts/3204 bytes <-> 8 pkts/1439 bytes][Goodput ratio: 81/68][1.60 sec][Hostname/SNI: pitangui.amazon.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: 0.380 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 175/92 839/363 256/141][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 291/180 1200/891 434/270][Risk: ** Weak TLS Cipher **][Risk Score: 100][Risk Info: Cipher TLS_RSA_WITH_AES_128_CBC_SHA][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][JA3S: 18e962e106761869a61045bed0e81c2c][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,28,14,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,28,0,0,0,0,0,0,0,0,0,0,0,0]
- 82 TCP 172.16.42.216:38364 <-> 34.199.52.240:443 [proto: 91.265/TLS.AmazonAWS][Stack: TLS.AmazonAWS][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: DNS][DPI packets: 6][cat: Cloud/13][Breed: Acceptable][10 pkts/1839 bytes <-> 8 pkts/2676 bytes][Goodput ratio: 65/80][4.64 sec][Hostname/SNI: cognito-identity.us-east-1.amazonaws.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: -0.185 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 568/909 4291/4349 1408/1720][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 184/334 950/1514 267/475][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][JA3S: 303951d4c50efb2e991652225a6f02b1][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 14,14,0,0,14,0,0,0,14,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0]
+ 82 TCP 172.16.42.216:38364 <-> 34.199.52.240:443 [proto: 91.265/TLS.AmazonAWS][Stack: TLS.AmazonAWS][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: DNS][DPI packets: 6][cat: Cloud/13][Breed: Acceptable][10 pkts/1839 bytes <-> 8 pkts/2676 bytes][Goodput ratio: 65/80][4.64 sec][Hostname/SNI: cognito-identity.us-east-1.amazonaws.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: -0.185 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 568/909 4291/4349 1408/1720][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 184/334 950/1514 267/475][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][JA3S: 303951d4c50efb2e991652225a6f02b1][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 14,14,0,0,14,0,0,0,14,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0]
83 TCP 172.16.42.216:39750 <-> 52.94.232.134:443 [proto: 91/TLS][Stack: TLS][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 110/AmazonAlexa, Confidence: DNS][DPI packets: 5][cat: Web/5][Breed: Safe][11 pkts/3427 bytes <-> 8 pkts/990 bytes][Goodput ratio: 82/54][10.86 sec][bytes ratio: 0.552 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1171/307 7806/676 2441/248][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 312/124 1344/251 489/78][Risk: ** Obsolete TLS (v1.1 or older) **** Weak TLS Cipher **][Risk Score: 200][Risk Info: Cipher TLS_RSA_WITH_AES_128_CBC_SHA / TLSv1][nDPI Fingerprint: d8b65c2b6c348c9813c4a1a3a5bd1c18][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1][JA4: t10i140200_37d7d24289bf_33a13ba74d1c][JA3S: 18e962e106761869a61045bed0e81c2c][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,25,12,0,0,12,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0]
84 TCP 172.16.42.216:45750 <-> 52.94.232.134:443 [proto: 91.110/TLS.AmazonAlexa][Stack: TLS.AmazonAlexa][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 110/AmazonAlexa, Confidence: DNS][DPI packets: 6][cat: VirtAssistant/32][Breed: Acceptable][11 pkts/2308 bytes <-> 9 pkts/1786 bytes][Goodput ratio: 73/71][14.18 sec][Hostname/SNI: pitangui.amazon.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: 0.128 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1574/1261 6636/6789 2408/2485][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 210/198 752/619 264/226][Risk: ** Weak TLS Cipher **][Risk Score: 100][Risk Info: Cipher TLS_RSA_WITH_AES_128_CBC_SHA][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][JA3S: 18e962e106761869a61045bed0e81c2c][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,25,12,0,0,0,0,12,0,0,0,0,0,0,0,0,0,25,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
85 TCP 172.16.42.216:45751 <-> 52.94.232.134:443 [proto: 91.110/TLS.AmazonAlexa][Stack: TLS.AmazonAlexa][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 110/AmazonAlexa, Confidence: DNS][DPI packets: 5][cat: VirtAssistant/32][Breed: Acceptable][12 pkts/2858 bytes <-> 9 pkts/1147 bytes][Goodput ratio: 77/54][5.53 sec][Hostname/SNI: pitangui.amazon.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: 0.427 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 576/51 3507/307 1076/114][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 238/127 1514/539 396/148][Risk: ** Weak TLS Cipher **][Risk Score: 100][Risk Info: Cipher TLS_RSA_WITH_AES_128_CBC_SHA][nDPI Fingerprint: 6e2bfb70839a1a0ac4ec7899bfb1336f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][JA3S: 18e962e106761869a61045bed0e81c2c][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,25,12,0,0,0,25,12,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0]
@@ -172,11 +172,11 @@ JA Host Stats:
113 TCP 172.16.42.216:34073 <-> 54.239.24.186:443 [proto: 91/TLS][Stack: TLS][IP: 265/AmazonAWS][Encrypted][Confidence: Match by port][FPC: 265/AmazonAWS, Confidence: DNS][DPI packets: 8][cat: Web/5][Breed: Safe][5 pkts/310 bytes <-> 3 pkts/182 bytes][Goodput ratio: 0/0][7.12 sec][bytes ratio: 0.260 (Upload)][IAT c2s/s2c min/avg/max/stddev: 74/151 1780/151 5979/151 2453/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 62/61 74/62 10/1][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
114 TCP 172.16.42.216:40855 <-> 54.239.29.253:443 [proto: 91/TLS][Stack: TLS][IP: 265/AmazonAWS][Encrypted][Confidence: Match by port][FPC: 178/Amazon, Confidence: DNS][DPI packets: 7][cat: Web/5][Breed: Safe][5 pkts/310 bytes <-> 2 pkts/122 bytes][Goodput ratio: 0/0][2.68 sec][bytes ratio: 0.435 (Upload)][IAT c2s/s2c min/avg/max/stddev: 135/0 670/0 1362/0 525/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 62/61 74/62 10/1][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
115 TCP 172.16.42.216:50798 <-> 54.239.28.178:443 [proto: 91/TLS][Stack: TLS][IP: 265/AmazonAWS][Encrypted][Confidence: Match by port][FPC: 110/AmazonAlexa, Confidence: DNS][DPI packets: 7][cat: Web/5][Breed: Safe][5 pkts/310 bytes <-> 2 pkts/122 bytes][Goodput ratio: 0/0][18.43 sec][bytes ratio: 0.435 (Upload)][IAT c2s/s2c min/avg/max/stddev: 66/0 4607/0 17194/0 7276/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 62/61 74/62 10/1][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 116 TCP 172.16.42.216:41821 <-> 54.231.72.88:443 [proto: 91/TLS][Stack: TLS][IP: 265/AmazonAWS][Encrypted][Confidence: Match by port][FPC: 265/AmazonAWS, Confidence: DNS][DPI packets: 7][cat: Web/5][Breed: Safe][4 pkts/236 bytes <-> 3 pkts/187 bytes][Goodput ratio: 0/4][3.88 sec][bytes ratio: 0.116 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 171/3709 1294/3709 3506/3709 1564/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 59/62 74/66 9/3][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 116 TCP 172.16.42.216:41821 <-> 54.231.72.88:443 [proto: 91/TLS][Stack: TLS][IP: 463/AWS_S3][Encrypted][Confidence: Match by port][FPC: 265/AmazonAWS, Confidence: DNS][DPI packets: 7][cat: Web/5][Breed: Safe][4 pkts/236 bytes <-> 3 pkts/187 bytes][Goodput ratio: 0/4][3.88 sec][bytes ratio: 0.116 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 171/3709 1294/3709 3506/3709 1564/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 59/62 74/66 9/3][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
117 ICMPV6 [fe80::7af8:82ff:fed3:fbc2]:0 -> [ff02::2]:0 [proto: 102/ICMPV6][Stack: ICMPV6][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 102/ICMPV6, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][6 pkts/420 bytes -> 0 pkts/0 bytes][Goodput ratio: 11/0][8.02 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1604/0 4010/0 1964/0][Pkt Len c2s/s2c min/avg/max/stddev: 70/0 70/0 70/0 0/0][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
118 TCP 172.16.42.216:34054 <-> 54.239.24.186:443 [proto: 91/TLS][Stack: TLS][IP: 265/AmazonAWS][Encrypted][Confidence: Match by port][FPC: 265/AmazonAWS, Confidence: DNS][DPI packets: 7][cat: Web/5][Breed: Safe][4 pkts/236 bytes <-> 3 pkts/182 bytes][Goodput ratio: 0/0][1.91 sec][bytes ratio: 0.129 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 71/195 636/195 1464/195 598/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 59/61 74/62 9/1][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
119 TCP 172.16.42.216:37552 <-> 54.239.24.180:443 [proto: 91/TLS][Stack: TLS][IP: 265/AmazonAWS][Encrypted][Confidence: Match by port][FPC: 265/AmazonAWS, Confidence: DNS][DPI packets: 7][cat: Web/5][Breed: Safe][4 pkts/236 bytes <-> 3 pkts/182 bytes][Goodput ratio: 0/0][0.92 sec][bytes ratio: 0.129 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 165/327 307/327 546/327 170/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 59/61 74/62 9/1][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 120 TCP 172.16.42.216:54413 <-> 52.85.209.216:443 [proto: 91/TLS][Stack: TLS][IP: 265/AmazonAWS][Encrypted][Confidence: Match by port][FPC: 178/Amazon, Confidence: DNS][DPI packets: 6][cat: Web/5][Breed: Safe][4 pkts/272 bytes <-> 2 pkts/140 bytes][Goodput ratio: 0/0][0.34 sec][bytes ratio: 0.320 (Upload)][IAT c2s/s2c min/avg/max/stddev: 47/0 114/0 244/0 92/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 68/70 74/74 3/4][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 120 TCP 172.16.42.216:54413 <-> 52.85.209.216:443 [proto: 91/TLS][Stack: TLS][IP: 464/AWS_Cloudfront][Encrypted][Confidence: Match by port][FPC: 178/Amazon, Confidence: DNS][DPI packets: 6][cat: Web/5][Breed: Safe][4 pkts/272 bytes <-> 2 pkts/140 bytes][Goodput ratio: 0/0][0.34 sec][bytes ratio: 0.320 (Upload)][IAT c2s/s2c min/avg/max/stddev: 47/0 114/0 244/0 92/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 68/70 74/74 3/4][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
121 TCP 172.16.42.216:45707 <-> 52.94.232.134:443 [proto: 91/TLS][Stack: TLS][IP: 265/AmazonAWS][Encrypted][Confidence: Match by port][FPC: 110/AmazonAlexa, Confidence: DNS][DPI packets: 6][cat: Web/5][Breed: Safe][4 pkts/236 bytes <-> 2 pkts/122 bytes][Goodput ratio: 0/0][2.59 sec][bytes ratio: 0.318 (Upload)][IAT c2s/s2c min/avg/max/stddev: 148/0 864/0 2109/0 884/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 59/61 74/62 9/1][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
122 UDP 172.16.42.1:67 -> 172.16.42.216:68 [proto: 18/DHCP][Stack: DHCP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 18/DHCP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/342 bytes -> 0 pkts/0 bytes][Goodput ratio: 87/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
123 UDP 172.16.42.216:4920 <-> 172.16.42.1:53 [proto: 5/DNS][Stack: DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][Breed: Acceptable][1 pkts/81 bytes <-> 1 pkts/252 bytes][Goodput ratio: 48/83][0.20 sec][Hostname/SNI: ecx.images-amazon.com][52.84.63.56][DNS Id: 0xb91e][PLAIN TEXT (images)][Plen Bins: 0,50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/anyconnect-vpn.pcap.out b/tests/cfgs/default/result/anyconnect-vpn.pcap.out
index f608e002f..6368942de 100644
--- a/tests/cfgs/default/result/anyconnect-vpn.pcap.out
+++ b/tests/cfgs/default/result/anyconnect-vpn.pcap.out
@@ -63,7 +63,7 @@ JA Host Stats:
3 TCP 10.0.0.227:56921 <-> 8.37.96.194:4287 [proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][Breed: Safe][29 pkts/5373 bytes <-> 28 pkts/7580 bytes][Goodput ratio: 64/75][2.30 sec][bytes ratio: -0.170 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 91/63 593/619 145/135][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 185/271 1261/1434 259/387][Risk: ** Known Proto on Non Std Port **** TLS (probably) Not Carrying HTTPS **** Missing SNI TLS Extn **** TLS Cert About To Expire **][Risk Score: 160][Risk Info: 29/Aug/2019 00:12:40 - 08/Oct/2019 00:12:40 / SNI should always be present / No ALPN / Expected on port 443][nDPI Fingerprint: 6c455781958042d71fd7048dfd1bb1d2][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12i070500_c20ebc0cf62a_ed727256b201][JA3S: e54965894d6b45ecb4323c7ea3d6c115][Issuer: CN=813845657003339838, O=Code42, OU=TEST, ST=MN, C=US][Subject: CN=813845657003339838, O=Code42, OU=TEST, ST=MN, C=US][Certificate SHA-1: 86:2A:47:EF:00:68:79:60:7F:94:E2:91:6F:E0:38:82:37:8A:8E:2E][Firefox][Validity: 2019-08-29 00:12:40 - 2019-10-08 00:12:40][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 0,44,3,3,3,3,3,0,3,3,3,0,3,7,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,3,0,0,3,0,0,3,0,3,0,0,0,0,0]
4 TCP 10.0.0.227:56918 <-> 8.37.102.91:443 [proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 12][cat: Web/5][Breed: Safe][16 pkts/2739 bytes <-> 14 pkts/7315 bytes][Goodput ratio: 61/87][0.35 sec][(Advertised) ALPNs: http/1.1][bytes ratio: -0.455 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 23/26 48/88 21/29][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 171/522 1175/1514 274/624][Risk: ** Weak TLS Cipher **** Missing SNI TLS Extn **** ALPN/SNI Mismatch **][Risk Score: 200][Risk Info: http/1.1 / SNI should always be present / Cipher TLS_RSA_WITH_AES_256_CBC_SHA][nDPI Fingerprint: 0ab478f88458d4b7e389280db8733f0c][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12i2204h1_95b9206a23eb_1ea9011b3dfa][ServerNames: *.pandion.viasat.com,pandion.viasat.com][JA3S: 82f0d8a75fa483d1cfe4b7085b784d7e][Issuer: C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2012 Entrust, Inc. - for authorized use only, CN=Entrust Certification Authority - L1K][Subject: C=US, ST=California, L=Carlsbad, O=Viasat Inc., CN=*.pandion.viasat.com][Certificate SHA-1: 92:70:CF:E3:69:4B:1D:F4:E2:DE:63:54:EC:DF:40:DB:F3:AC:D1:CA][Firefox][Validity: 2019-02-05 21:43:58 - 2021-02-05 22:13:57][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA][Plen Bins: 0,16,8,0,0,8,0,8,0,8,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,8,0,25,0,0]
5 UDP 10.0.0.227:54107 <-> 8.37.102.91:443 [proto: 30/DTLS][Stack: DTLS][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 30/DTLS, Confidence: DPI][DPI packets: 4][cat: Web/5][Breed: Safe][14 pkts/2322 bytes <-> 15 pkts/3787 bytes][Goodput ratio: 75/83][0.24 sec][bytes ratio: -0.240 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 21/16 47/46 19/20][Pkt Len c2s/s2c min/avg/max/stddev: 135/90 166/252 199/407 17/74][Risk: ** Obsolete TLS (v1.1 or older) **][Risk Score: 100][Risk Info: TLS (0100)][nDPI Fingerprint: 921dc05ee9400079c792f8162a9e9f3d][TLS (0100)][JA4: d00i010000_2cfe23c976cf_e3b0c44298fc][JA3S: cee68a158056f16c2d1b274dde4e2ec3][Cipher: TLS_DHE_RSA_WITH_AES_256_CBC_SHA][Plen Bins: 0,3,3,39,13,18,3,6,6,3,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 6 TCP 10.0.0.227:56920 <-> 99.86.34.156:443 [proto: 91.118/TLS.Slack][Stack: TLS.Slack][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 118/Slack, Confidence: DNS][DPI packets: 6][cat: Collaborative/15][Breed: Acceptable][16 pkts/2949 bytes <-> 11 pkts/1876 bytes][Goodput ratio: 64/61][11.47 sec][Hostname/SNI: slack.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][bytes ratio: 0.222 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 866/28 11074/80 2947/34][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 184/171 853/487 228/155][nDPI Fingerprint: 34104aa1b54ff5ab855f9d5aea374abf][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d1313h2_8b80da21ef18_e48c60694ef0][JA3S: 7bee5c1d424b7e5f943b06983bb11422][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,34,16,0,8,0,0,0,0,0,0,0,8,16,0,0,8,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 6 TCP 10.0.0.227:56920 <-> 99.86.34.156:443 [proto: 91.118/TLS.Slack][Stack: TLS.Slack][IP: 464/AWS_Cloudfront][Encrypted][Confidence: DPI][FPC: 118/Slack, Confidence: DNS][DPI packets: 6][cat: Collaborative/15][Breed: Acceptable][16 pkts/2949 bytes <-> 11 pkts/1876 bytes][Goodput ratio: 64/61][11.47 sec][Hostname/SNI: slack.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][bytes ratio: 0.222 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 866/28 11074/80 2947/34][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 184/171 853/487 228/155][nDPI Fingerprint: 34104aa1b54ff5ab855f9d5aea374abf][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d1313h2_8b80da21ef18_e48c60694ef0][JA3S: 7bee5c1d424b7e5f943b06983bb11422][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,34,16,0,8,0,0,0,0,0,0,0,8,16,0,0,8,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
7 TCP 10.0.0.227:56884 <-> 184.25.56.77:80 [proto: 7/HTTP][Stack: HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: ConnCheck/30][Breed: Safe][12 pkts/2303 bytes <-> 7 pkts/2382 bytes][Goodput ratio: 67/81][18.51 sec][Hostname/SNI: detectportal.firefox.com][bytes ratio: -0.017 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 7/31 1824/3642 10081/10083 3593/4385][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 192/340 373/450 153/173][URL: detectportal.firefox.com/success.txt?ipv4][StatusCode: 200][Content-Type: text/plain][Server: AmazonS3][User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:69.0) Gecko/20100101 Firefox/69.0][PLAIN TEXT (GET /success.txt)][Plen Bins: 0,0,0,0,0,0,0,0,0,50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
8 TCP 10.0.0.227:56320 <-> 10.0.0.149:8009 [proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Safe][20 pkts/2420 bytes <-> 10 pkts/1760 bytes][Goodput ratio: 45/62][45.04 sec][bytes ratio: 0.158 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 2/5003 2648/5004 5001/5006 2495/2][Pkt Len c2s/s2c min/avg/max/stddev: 66/176 121/176 176/176 55/0][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 443][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
9 ICMPV6 [fe80::2e7e:81ff:feb0:4aa1]:0 -> [ff02::1]:0 [proto: 102/ICMPV6][Stack: ICMPV6][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 102/ICMPV6, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][16 pkts/2784 bytes -> 0 pkts/0 bytes][Goodput ratio: 64/0][45.47 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2867/0 3028/0 3072/0 84/0][Pkt Len c2s/s2c min/avg/max/stddev: 174/0 174/0 174/0 0/0][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -72,8 +72,8 @@ JA Host Stats:
12 TCP 10.0.0.227:56954 <-> 10.0.0.149:8008 [proto: 7/HTTP][Stack: HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][Breed: Acceptable][4 pkts/527 bytes <-> 3 pkts/1401 bytes][Goodput ratio: 48/85][0.01 sec][Hostname/SNI: 10.0.0.149][bytes ratio: -0.453 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/3 2/3 6/3 3/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 132/467 317/1261 107/561][URL: 10.0.0.149:8008/ssdp/device-desc.xml][StatusCode: 200][Content-Type: application/xml][User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36][Risk: ** Known Proto on Non Std Port **** HTTP/TLS/QUIC Numeric Hostname/SNI **][Risk Score: 60][Risk Info: Found host 10.0.0.149 / Expected on port 80][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (HGET /ssdp/device)][Plen Bins: 0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0]
13 UDP [fe80::408:3e45:3abc:1552]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][Stack: MDNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 8/MDNS, Confidence: DPI][DPI packets: 6][cat: Network/14][Breed: Acceptable][9 pkts/1628 bytes -> 0 pkts/0 bytes][Goodput ratio: 66/0][25.40 sec][Hostname/SNI: _raop._tcp.local][_raop._tcp.local][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 819/0 3174/0 11263/0 3646/0][Pkt Len c2s/s2c min/avg/max/stddev: 152/0 181/0 206/0 24/0][PLAIN TEXT (companion)][Plen Bins: 0,0,33,22,44,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
14 UDP 10.0.0.227:137 -> 10.0.0.255:137 [proto: 10/NetBIOS][Stack: NetBIOS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 10/NetBIOS, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][15 pkts/1542 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][6.05 sec][Hostname/SNI: lp-rkerur-osx][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 465/0 1499/0 677/0][Pkt Len c2s/s2c min/avg/max/stddev: 92/0 103/0 110/0 9/0][PLAIN TEXT ( EMFACNFCELEFFC)][Plen Bins: 0,40,60,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 15 TCP 10.0.0.227:56914 <-> 52.37.243.173:443 [proto: 91/TLS][Stack: TLS][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 5][cat: Web/5][Breed: Safe][8 pkts/847 bytes <-> 7 pkts/651 bytes][Goodput ratio: 38/29][21.75 sec][bytes ratio: 0.131 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 35/1 3340/2605 9634/9670 4130/3611][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 106/93 131/129 31/31][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][Plen Bins: 0,75,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 16 TCP 10.0.0.227:56915 <-> 52.37.243.173:443 [proto: 91/TLS][Stack: TLS][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 5][cat: Web/5][Breed: Safe][8 pkts/847 bytes <-> 7 pkts/651 bytes][Goodput ratio: 38/29][22.76 sec][bytes ratio: 0.131 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 35/0 3340/3011 10636/10673 4210/3967][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 106/93 131/129 31/31][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][Plen Bins: 0,75,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 15 TCP 10.0.0.227:56914 <-> 52.37.243.173:443 [proto: 91/TLS][Stack: TLS][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 5][cat: Web/5][Breed: Safe][8 pkts/847 bytes <-> 7 pkts/651 bytes][Goodput ratio: 38/29][21.75 sec][bytes ratio: 0.131 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 35/1 3340/2605 9634/9670 4130/3611][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 106/93 131/129 31/31][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][Plen Bins: 0,75,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 16 TCP 10.0.0.227:56915 <-> 52.37.243.173:443 [proto: 91/TLS][Stack: TLS][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 5][cat: Web/5][Breed: Safe][8 pkts/847 bytes <-> 7 pkts/651 bytes][Goodput ratio: 38/29][22.76 sec][bytes ratio: 0.131 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 35/0 3340/3011 10636/10673 4210/3967][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 106/93 131/129 31/31][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][Plen Bins: 0,75,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
17 UDP 10.0.0.213:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][Stack: MDNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 8/MDNS, Confidence: DPI][DPI packets: 6][cat: Network/14][Breed: Acceptable][9 pkts/1448 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][25.40 sec][Hostname/SNI: _raop._tcp.local][_raop._tcp.local][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 819/0 3174/0 11263/0 3646/0][Pkt Len c2s/s2c min/avg/max/stddev: 132/0 161/0 186/0 24/0][PLAIN TEXT (companion)][Plen Bins: 0,0,33,22,44,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
18 UDP 10.0.0.151:1900 -> 10.0.0.227:57547 [proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][4 pkts/1412 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][2.86 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (HTTP/1.1 200 OK)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
19 TCP 10.0.0.227:56881 <-> 162.222.43.153:443 [proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 12][cat: Web/5][Breed: Safe][6 pkts/762 bytes <-> 6 pkts/396 bytes][Goodput ratio: 48/0][0.05 sec][bytes ratio: 0.316 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 0/1 0/2 0/1][Pkt Len c2s/s2c min/avg/max/stddev: 82/66 127/66 292/66 75/0][Plen Bins: 50,33,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -85,7 +85,7 @@ JA Host Stats:
25 UDP 10.0.0.149:50081 -> 10.0.0.227:57547 [proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][1 pkts/556 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (HTTP/1.1 200 OK)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
26 UDP 10.0.0.149:51382 -> 10.0.0.227:57547 [proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][1 pkts/556 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (HTTP/1.1 200 OK)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
27 UDP 10.0.0.227:5353 -> 10.0.0.213:5353 [proto: 8/MDNS][Stack: MDNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 8/MDNS, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][2 pkts/548 bytes -> 0 pkts/0 bytes][Goodput ratio: 85/0][12.10 sec][Hostname/SNI: _companion-link._tcp.local][_companion-link._tcp.local][PLAIN TEXT (companion)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 28 TCP 10.0.0.227:56879 <-> 52.10.115.210:443 [proto: 91/TLS][Stack: TLS][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Safe][4 pkts/342 bytes <-> 2 pkts/202 bytes][Goodput ratio: 23/34][0.61 sec][bytes ratio: 0.257 (Upload)][IAT c2s/s2c min/avg/max/stddev: 33/574 203/574 541/574 239/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/101 86/101 105/101 20/0][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 28 TCP 10.0.0.227:56879 <-> 52.10.115.210:443 [proto: 91/TLS][Stack: TLS][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Safe][4 pkts/342 bytes <-> 2 pkts/202 bytes][Goodput ratio: 23/34][0.61 sec][bytes ratio: 0.257 (Upload)][IAT c2s/s2c min/avg/max/stddev: 33/574 203/574 541/574 239/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/101 86/101 105/101 20/0][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
29 UDP 10.0.0.227:59582 <-> 75.75.75.75:53 [proto: 5/DNS][Stack: DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][Breed: Acceptable][1 pkts/92 bytes <-> 1 pkts/323 bytes][Goodput ratio: 54/87][0.02 sec][Hostname/SNI: 1-courier.sandbox.push.apple.com][17.188.138.71][DNS Id: 0x1090][PLAIN TEXT (courier)][Plen Bins: 0,50,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
30 TCP 10.0.0.227:56871 <-> 8.37.103.196:443 [proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][Breed: Safe][1 pkts/66 bytes <-> 5 pkts/330 bytes][Goodput ratio: 0/0][20.32 sec][bytes ratio: -0.667 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/0 0/0 0/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 66/66 66/66 0/0][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
31 TCP 10.0.0.227:56916 -> 10.0.0.151:8009 [proto: 139/AJP][Stack: AJP][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 5][cat: Web/5][Breed: Acceptable][5 pkts/390 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][5.03 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/bets.pcapng.out b/tests/cfgs/default/result/bets.pcapng.out
index 54057c91d..ecbda6c06 100644
--- a/tests/cfgs/default/result/bets.pcapng.out
+++ b/tests/cfgs/default/result/bets.pcapng.out
@@ -31,4 +31,4 @@ JA Host Stats:
1 192.168.10.2 1
- 1 TCP 192.168.10.2:60099 <-> 13.224.103.22:443 [proto: 91/TLS][Stack: TLS][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 6][cat: Gambling/107][Breed: Acceptable][17 pkts/1469 bytes <-> 16 pkts/7759 bytes][Goodput ratio: 39/89][0.19 sec][Hostname/SNI: www.1084bets10.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.682 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 7/9 46/45 16/17][Pkt Len c2s/s2c min/avg/max/stddev: 52/52 86/485 380/1420 78/609][nDPI Fingerprint: f0a50502b1b9bffccd0d96726b6697d9][TCP Fingerprint: 2_64_65535_78dd6871cb6d/macOS][TLSv1.3][JA4: t13d4907h2_0d8feac7bc37_7395dae3b2f3][JA3S: f4febc55ea12b31ae17cfb7e614afda8][Firefox][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 14,14,21,0,7,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,28,0,0,0,0,0]
+ 1 TCP 192.168.10.2:60099 <-> 13.224.103.22:443 [proto: 91/TLS][Stack: TLS][IP: 464/AWS_Cloudfront][Encrypted][Confidence: DPI][FPC: 464/AWS_Cloudfront, Confidence: IP address][DPI packets: 6][cat: Gambling/107][Breed: Acceptable][17 pkts/1469 bytes <-> 16 pkts/7759 bytes][Goodput ratio: 39/89][0.19 sec][Hostname/SNI: www.1084bets10.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.682 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 7/9 46/45 16/17][Pkt Len c2s/s2c min/avg/max/stddev: 52/52 86/485 380/1420 78/609][nDPI Fingerprint: f0a50502b1b9bffccd0d96726b6697d9][TCP Fingerprint: 2_64_65535_78dd6871cb6d/macOS][TLSv1.3][JA4: t13d4907h2_0d8feac7bc37_7395dae3b2f3][JA3S: f4febc55ea12b31ae17cfb7e614afda8][Firefox][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 14,14,21,0,7,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,28,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/custom_rules_same-ip_multiple_ports.pcapng.out b/tests/cfgs/default/result/custom_rules_same-ip_multiple_ports.pcapng.out
index 438b42e4a..a851cbf7c 100644
--- a/tests/cfgs/default/result/custom_rules_same-ip_multiple_ports.pcapng.out
+++ b/tests/cfgs/default/result/custom_rules_same-ip_multiple_ports.pcapng.out
@@ -29,6 +29,6 @@ Acceptable 8 592 3
Unspecified 5 370 2
Web 3 222 1
- 1 TCP 192.168.1.245:56866 -> 3.3.3.3:443 [proto: 91.464/TLS.CustomProtocolA][Stack: TLS.CustomProtocolA][IP: 464/CustomProtocolA][Encrypted][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Web/5][Breed: Acceptable][3 pkts/222 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][3.05 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][nDPI Fingerprint: ed4184cfab060a404adb67ebea5b2f97][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 1 TCP 192.168.1.245:56866 -> 3.3.3.3:443 [proto: 91.472/TLS.CustomProtocolA][Stack: TLS.CustomProtocolA][IP: 472/CustomProtocolA][Encrypted][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Web/5][Breed: Acceptable][3 pkts/222 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][3.05 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][nDPI Fingerprint: ed4184cfab060a404adb67ebea5b2f97][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 TCP 192.168.1.245:58288 -> 3.3.3.3:446 [proto: 800/CustomProtocolC][Stack: CustomProtocolC][IP: 800/CustomProtocolC][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][3 pkts/222 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][3.04 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 3 TCP 192.168.1.245:59682 -> 3.3.3.3:444 [proto: 465/CustomProtocolB][Stack: CustomProtocolB][IP: 465/CustomProtocolB][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][2 pkts/148 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][1.02 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 3 TCP 192.168.1.245:59682 -> 3.3.3.3:444 [proto: 473/CustomProtocolB][Stack: CustomProtocolB][IP: 473/CustomProtocolB][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][2 pkts/148 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][1.02 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/dazn.pcapng.out b/tests/cfgs/default/result/dazn.pcapng.out
index 5e0f8b3c8..e5d508bb2 100644
--- a/tests/cfgs/default/result/dazn.pcapng.out
+++ b/tests/cfgs/default/result/dazn.pcapng.out
@@ -31,6 +31,6 @@ JA Host Stats:
1 192.168.1.128 1
- 1 TCP 192.168.1.128:40882 <-> 13.226.244.30:443 [proto: 91.292/TLS.Dazn][Stack: TLS.Dazn][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 4][cat: Streaming/17][Breed: Fun][2 pkts/657 bytes <-> 2 pkts/1568 bytes][Goodput ratio: 79/91][0.04 sec][Hostname/SNI: subscriptions-service.dazn-api.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][nDPI Fingerprint: e9a13ad88d67c04088da7a9aa58f2d2c][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1715h2_5b57614c22b0_3d5424432f57][JA3S: f4febc55ea12b31ae17cfb7e614afda8][Firefox][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0]
- 2 TCP 192.168.1.128:46036 <-> 13.226.244.27:443 [proto: 91.292/TLS.Dazn][Stack: TLS.Dazn][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 4][cat: Streaming/17][Breed: Fun][2 pkts/657 bytes <-> 2 pkts/1568 bytes][Goodput ratio: 79/91][0.04 sec][Hostname/SNI: user-profile.ar.indazn.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][nDPI Fingerprint: e9a13ad88d67c04088da7a9aa58f2d2c][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1715h2_5b57614c22b0_3d5424432f57][JA3S: f4febc55ea12b31ae17cfb7e614afda8][Firefox][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0]
- 3 TCP 192.168.1.128:54020 <-> 52.84.223.58:443 [proto: 91.292/TLS.Dazn][Stack: TLS.Dazn][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 4][cat: Streaming/17][Breed: Fun][2 pkts/657 bytes <-> 2 pkts/1568 bytes][Goodput ratio: 79/91][0.04 sec][Hostname/SNI: www.dazn.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][nDPI Fingerprint: e9a13ad88d67c04088da7a9aa58f2d2c][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1715h2_5b57614c22b0_3d5424432f57][JA3S: f4febc55ea12b31ae17cfb7e614afda8][Firefox][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0]
+ 1 TCP 192.168.1.128:40882 <-> 13.226.244.30:443 [proto: 91.292/TLS.Dazn][Stack: TLS.Dazn][IP: 464/AWS_Cloudfront][Encrypted][Confidence: DPI][FPC: 464/AWS_Cloudfront, Confidence: IP address][DPI packets: 4][cat: Streaming/17][Breed: Fun][2 pkts/657 bytes <-> 2 pkts/1568 bytes][Goodput ratio: 79/91][0.04 sec][Hostname/SNI: subscriptions-service.dazn-api.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][nDPI Fingerprint: e9a13ad88d67c04088da7a9aa58f2d2c][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1715h2_5b57614c22b0_3d5424432f57][JA3S: f4febc55ea12b31ae17cfb7e614afda8][Firefox][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0]
+ 2 TCP 192.168.1.128:46036 <-> 13.226.244.27:443 [proto: 91.292/TLS.Dazn][Stack: TLS.Dazn][IP: 464/AWS_Cloudfront][Encrypted][Confidence: DPI][FPC: 464/AWS_Cloudfront, Confidence: IP address][DPI packets: 4][cat: Streaming/17][Breed: Fun][2 pkts/657 bytes <-> 2 pkts/1568 bytes][Goodput ratio: 79/91][0.04 sec][Hostname/SNI: user-profile.ar.indazn.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][nDPI Fingerprint: e9a13ad88d67c04088da7a9aa58f2d2c][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1715h2_5b57614c22b0_3d5424432f57][JA3S: f4febc55ea12b31ae17cfb7e614afda8][Firefox][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0]
+ 3 TCP 192.168.1.128:54020 <-> 52.84.223.58:443 [proto: 91.292/TLS.Dazn][Stack: TLS.Dazn][IP: 464/AWS_Cloudfront][Encrypted][Confidence: DPI][FPC: 464/AWS_Cloudfront, Confidence: IP address][DPI packets: 4][cat: Streaming/17][Breed: Fun][2 pkts/657 bytes <-> 2 pkts/1568 bytes][Goodput ratio: 79/91][0.04 sec][Hostname/SNI: www.dazn.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][nDPI Fingerprint: e9a13ad88d67c04088da7a9aa58f2d2c][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1715h2_5b57614c22b0_3d5424432f57][JA3S: f4febc55ea12b31ae17cfb7e614afda8][Firefox][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0]
diff --git a/tests/cfgs/default/result/dnscrypt-v1-and-resolver-pings.pcap.out b/tests/cfgs/default/result/dnscrypt-v1-and-resolver-pings.pcap.out
index cb9b78732..5ace9731c 100644
--- a/tests/cfgs/default/result/dnscrypt-v1-and-resolver-pings.pcap.out
+++ b/tests/cfgs/default/result/dnscrypt-v1-and-resolver-pings.pcap.out
@@ -79,14 +79,14 @@ Network 488 309562 245
51 UDP 10.0.0.1:38594 <-> 178.216.201.222:2053 [proto: 208/DNScrypt][Stack: DNScrypt][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 208/DNScrypt, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/1514 bytes <-> 1 pkts/226 bytes][Goodput ratio: 97/81][0.03 sec][PLAIN TEXT (DDDDDDffffff)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0]
52 UDP 10.0.0.1:44491 <-> 104.238.186.192:443 [proto: 208/DNScrypt][Stack: DNScrypt][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 208/DNScrypt, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/1514 bytes <-> 1 pkts/226 bytes][Goodput ratio: 97/81][0.03 sec][PLAIN TEXT (DDDDDDffffff)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0]
53 UDP 10.0.0.1:45613 <-> 167.114.220.125:443 [proto: 208/DNScrypt][Stack: DNScrypt][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 208/DNScrypt, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/1514 bytes <-> 1 pkts/226 bytes][Goodput ratio: 97/81][0.11 sec][PLAIN TEXT (DDDDDDffffff)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0]
- 54 UDP 10.0.0.1:46313 <-> 52.65.235.129:443 [proto: 208/DNScrypt][Stack: DNScrypt][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 208/DNScrypt, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/1514 bytes <-> 1 pkts/226 bytes][Goodput ratio: 97/81][0.30 sec][PLAIN TEXT (DDDDDDffffff)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0]
+ 54 UDP 10.0.0.1:46313 <-> 52.65.235.129:443 [proto: 208/DNScrypt][Stack: DNScrypt][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 208/DNScrypt, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/1514 bytes <-> 1 pkts/226 bytes][Goodput ratio: 97/81][0.30 sec][PLAIN TEXT (DDDDDDffffff)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0]
55 UDP 10.0.0.1:47432 <-> 66.85.30.115:443 [proto: 208/DNScrypt][Stack: DNScrypt][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 208/DNScrypt, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/1514 bytes <-> 1 pkts/226 bytes][Goodput ratio: 97/81][0.12 sec][PLAIN TEXT (DDDDDDffffff)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0]
- 56 UDP 10.0.0.1:47685 <-> 52.65.235.129:443 [proto: 208/DNScrypt][Stack: DNScrypt][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 208/DNScrypt, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/1514 bytes <-> 1 pkts/226 bytes][Goodput ratio: 97/81][0.30 sec][PLAIN TEXT (DDDDDDffffff)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0]
+ 56 UDP 10.0.0.1:47685 <-> 52.65.235.129:443 [proto: 208/DNScrypt][Stack: DNScrypt][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 208/DNScrypt, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/1514 bytes <-> 1 pkts/226 bytes][Goodput ratio: 97/81][0.30 sec][PLAIN TEXT (DDDDDDffffff)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0]
57 UDP 10.0.0.1:48448 <-> 66.85.30.115:443 [proto: 208/DNScrypt][Stack: DNScrypt][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 208/DNScrypt, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/1514 bytes <-> 1 pkts/226 bytes][Goodput ratio: 97/81][0.12 sec][PLAIN TEXT (DDDDDDffffff)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0]
58 UDP 10.0.0.1:52221 <-> 178.216.201.222:2053 [proto: 208/DNScrypt][Stack: DNScrypt][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 208/DNScrypt, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/1514 bytes <-> 1 pkts/226 bytes][Goodput ratio: 97/81][0.03 sec][PLAIN TEXT (DDDDDDffffff)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0]
59 UDP 10.0.0.1:52356 <-> 178.216.201.222:2053 [proto: 208/DNScrypt][Stack: DNScrypt][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 208/DNScrypt, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/1514 bytes <-> 1 pkts/226 bytes][Goodput ratio: 97/81][0.03 sec][PLAIN TEXT (DDDDDDffffff)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0]
60 UDP 10.0.0.1:53045 <-> 23.111.74.205:443 [proto: 208/DNScrypt][Stack: DNScrypt][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 208/DNScrypt, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/1514 bytes <-> 1 pkts/226 bytes][Goodput ratio: 97/81][0.17 sec][PLAIN TEXT (DDDDDDffffff)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0]
- 61 UDP 10.0.0.1:55409 <-> 52.65.235.129:443 [proto: 208/DNScrypt][Stack: DNScrypt][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 208/DNScrypt, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/1514 bytes <-> 1 pkts/226 bytes][Goodput ratio: 97/81][0.30 sec][PLAIN TEXT (DDDDDDffffff)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0]
+ 61 UDP 10.0.0.1:55409 <-> 52.65.235.129:443 [proto: 208/DNScrypt][Stack: DNScrypt][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 208/DNScrypt, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/1514 bytes <-> 1 pkts/226 bytes][Goodput ratio: 97/81][0.30 sec][PLAIN TEXT (DDDDDDffffff)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0]
62 UDP 10.0.0.1:56997 <-> 104.238.186.192:443 [proto: 208/DNScrypt][Stack: DNScrypt][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 208/DNScrypt, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/1514 bytes <-> 1 pkts/226 bytes][Goodput ratio: 97/81][0.03 sec][PLAIN TEXT (DDDDDDffffff)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0]
63 UDP 10.0.0.1:59589 <-> 167.114.220.125:443 [proto: 208/DNScrypt][Stack: DNScrypt][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 208/DNScrypt, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/1514 bytes <-> 1 pkts/226 bytes][Goodput ratio: 97/81][0.11 sec][PLAIN TEXT (DDDDDDffffff)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0]
64 UDP 10.0.0.1:59641 <-> 104.238.186.192:443 [proto: 208/DNScrypt][Stack: DNScrypt][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 208/DNScrypt, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/1514 bytes <-> 1 pkts/226 bytes][Goodput ratio: 97/81][0.04 sec][PLAIN TEXT (DDDDDDffffff)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0]
@@ -214,12 +214,12 @@ Network 488 309562 245
186 UDP 10.0.0.1:44712 <-> 104.238.186.192:443 [proto: 208/DNScrypt][Stack: DNScrypt][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 208/DNScrypt, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/554 bytes <-> 1 pkts/226 bytes][Goodput ratio: 92/81][0.03 sec][PLAIN TEXT (DDDDDDffffff)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
187 UDP 10.0.0.1:44793 <-> 23.111.74.205:443 [proto: 208/DNScrypt][Stack: DNScrypt][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 208/DNScrypt, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/554 bytes <-> 1 pkts/226 bytes][Goodput ratio: 92/81][0.17 sec][PLAIN TEXT (DDDDDDffffff)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
188 UDP 10.0.0.1:45747 <-> 167.114.220.125:443 [proto: 208/DNScrypt][Stack: DNScrypt][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 208/DNScrypt, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/554 bytes <-> 1 pkts/226 bytes][Goodput ratio: 92/81][0.11 sec][PLAIN TEXT (DDDDDDffffff)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 189 UDP 10.0.0.1:52911 <-> 52.65.235.129:443 [proto: 208/DNScrypt][Stack: DNScrypt][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 208/DNScrypt, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/554 bytes <-> 1 pkts/226 bytes][Goodput ratio: 92/81][0.30 sec][PLAIN TEXT (DDDDDDffffff)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 189 UDP 10.0.0.1:52911 <-> 52.65.235.129:443 [proto: 208/DNScrypt][Stack: DNScrypt][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 208/DNScrypt, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/554 bytes <-> 1 pkts/226 bytes][Goodput ratio: 92/81][0.30 sec][PLAIN TEXT (DDDDDDffffff)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
190 UDP 10.0.0.1:53117 <-> 178.216.201.222:2053 [proto: 208/DNScrypt][Stack: DNScrypt][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 208/DNScrypt, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/554 bytes <-> 1 pkts/226 bytes][Goodput ratio: 92/81][0.03 sec][PLAIN TEXT (DDDDDDffffff)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
191 UDP 10.0.0.1:54112 <-> 66.85.30.115:443 [proto: 208/DNScrypt][Stack: DNScrypt][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 208/DNScrypt, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/554 bytes <-> 1 pkts/226 bytes][Goodput ratio: 92/81][0.11 sec][PLAIN TEXT (DDDDDDffffff)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 192 UDP 10.0.0.1:55834 <-> 52.65.235.129:443 [proto: 208/DNScrypt][Stack: DNScrypt][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 208/DNScrypt, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/554 bytes <-> 1 pkts/226 bytes][Goodput ratio: 92/81][0.30 sec][PLAIN TEXT (DDDDDDffffff)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 192 UDP 10.0.0.1:55834 <-> 52.65.235.129:443 [proto: 208/DNScrypt][Stack: DNScrypt][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 208/DNScrypt, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/554 bytes <-> 1 pkts/226 bytes][Goodput ratio: 92/81][0.30 sec][PLAIN TEXT (DDDDDDffffff)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
193 UDP 10.0.0.1:55896 <-> 66.85.30.115:443 [proto: 208/DNScrypt][Stack: DNScrypt][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 208/DNScrypt, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/554 bytes <-> 1 pkts/226 bytes][Goodput ratio: 92/81][0.11 sec][PLAIN TEXT (DDDDDDffffff)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 194 UDP 10.0.0.1:55979 <-> 52.65.235.129:443 [proto: 208/DNScrypt][Stack: DNScrypt][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 208/DNScrypt, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/554 bytes <-> 1 pkts/226 bytes][Goodput ratio: 92/81][0.30 sec][PLAIN TEXT (DDDDDDffffff)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 194 UDP 10.0.0.1:55979 <-> 52.65.235.129:443 [proto: 208/DNScrypt][Stack: DNScrypt][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 208/DNScrypt, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/554 bytes <-> 1 pkts/226 bytes][Goodput ratio: 92/81][0.30 sec][PLAIN TEXT (DDDDDDffffff)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
195 UDP 10.0.0.1:58740 <-> 178.216.201.222:2053 [proto: 208/DNScrypt][Stack: DNScrypt][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 208/DNScrypt, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/554 bytes <-> 1 pkts/226 bytes][Goodput ratio: 92/81][0.03 sec][PLAIN TEXT (DDDDDDffffff)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
196 UDP 10.0.0.1:59261 <-> 104.238.186.192:443 [proto: 208/DNScrypt][Stack: DNScrypt][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 208/DNScrypt, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/554 bytes <-> 1 pkts/226 bytes][Goodput ratio: 92/81][0.03 sec][PLAIN TEXT (DDDDDDffffff)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
197 UDP 10.0.0.1:59587 <-> 23.111.74.205:443 [proto: 208/DNScrypt][Stack: DNScrypt][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 208/DNScrypt, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/554 bytes <-> 1 pkts/226 bytes][Goodput ratio: 92/81][0.17 sec][PLAIN TEXT (DDDDDDffffff)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/dofus.pcap.out b/tests/cfgs/default/result/dofus.pcap.out
index 204651e79..da230eab4 100644
--- a/tests/cfgs/default/result/dofus.pcap.out
+++ b/tests/cfgs/default/result/dofus.pcap.out
@@ -32,8 +32,8 @@ JA Host Stats:
2 192.168.1.204 1
- 1 TCP 192.168.1.204:49716 <-> 46.137.53.123:5555 [proto: 106/Dofus][Stack: Dofus][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 4][cat: Game/8][Breed: Fun][10 pkts/971 bytes <-> 19 pkts/8207 bytes][Goodput ratio: 43/87][0.59 sec][bytes ratio: -0.788 (Download)][IAT c2s/s2c min/avg/max/stddev: 6/0 73/26 203/251 59/65][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 97/432 322/1514 79/534][TCP Fingerprint: 2_128_65535_6bb88f5575fd/Windows][PLAIN TEXT (type.ankama.com/j)][Plen Bins: 30,15,15,0,0,0,0,0,5,5,0,0,5,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,15,0,0]
- 2 TCP 192.168.1.204:49684 <-> 18.65.82.75:443 [proto: 91.106/TLS.Dofus][Stack: TLS.Dofus][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 6][cat: Game/8][Breed: Fun][4 pkts/745 bytes <-> 6 pkts/5168 bytes][Goodput ratio: 69/93][0.03 sec][Hostname/SNI: launcher.cdn.ankama.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.748 (Download)][IAT c2s/s2c min/avg/max/stddev: 2/0 8/3 11/13 4/5][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 186/861 571/1494 222/654][nDPI Fingerprint: 645fbd5c41652ebdf3911c1eae2e3254][TCP Fingerprint: 2_128_65535_6bb88f5575fd/Windows][TLSv1.3][JA4: t13d1516h2_8daaf6152771_e5627efa2ab1][JA3S: f4febc55ea12b31ae17cfb7e614afda8][Chrome][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,60,0,0]
- 3 TCP 10.215.173.1:42784 <-> 54.246.120.81:443 [proto: 91.106/TLS.Dofus][Stack: TLS.Dofus][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 9][cat: Game/8][Breed: Fun][6 pkts/926 bytes <-> 4 pkts/4506 bytes][Goodput ratio: 63/95][0.16 sec][Hostname/SNI: event-mediator.dofus-touch.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][bytes ratio: -0.659 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 31/21 91/61 38/29][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 154/1126 566/2910 186/1182][nDPI Fingerprint: 96ce067bc777386f4b00add3f6cac066][TCP Fingerprint: 2_64_65535_b8d6cf600040/Unknown][TLSv1.2][JA4: t13d1516h2_8daaf6152771_02713d6af862][ServerNames: *.dofus-touch.com,dofus-touch.com][JA3S: bfc90d56141386ee83b56cda231cccfc][Issuer: C=US, O=Amazon, CN=Amazon RSA 2048 M03][Subject: CN=*.dofus-touch.com][ECH: version 0xfe0d][Certificate SHA-1: 6D:13:FC:5E:53:C6:F6:F0:7A:40:A5:AD:45:E1:D2:3D:C2:70:26:65][Chrome][Validity: 2024-12-15 00:00:00 - 2026-01-14 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,25]
- 4 TCP 10.215.173.1:42430 <-> 34.240.68.19:443 [proto: 91.106/TLS.Dofus][Stack: TLS.Dofus][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 9][cat: Game/8][Breed: Fun][6 pkts/906 bytes <-> 4 pkts/4494 bytes][Goodput ratio: 62/95][0.12 sec][Hostname/SNI: dt-proxy-production-login.ankama-games.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][bytes ratio: -0.664 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 24/19 62/56 29/26][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 151/1124 566/2910 186/1181][nDPI Fingerprint: 96ce067bc777386f4b00add3f6cac066][TCP Fingerprint: 2_64_65535_b8d6cf600040/Unknown][TLSv1.2][JA4: t13d1516h2_8daaf6152771_02713d6af862][ServerNames: *.ankama-games.com][JA3S: bfc90d56141386ee83b56cda231cccfc][Issuer: C=US, O=Amazon, CN=Amazon RSA 2048 M02][Subject: CN=*.ankama-games.com][ECH: version 0xfe0d][Certificate SHA-1: A8:D5:A9:6D:53:95:1E:F5:F8:9C:76:F5:71:A0:E4:17:58:D1:B1:EA][Chrome][Validity: 2025-01-30 00:00:00 - 2026-03-01 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,25]
+ 1 TCP 192.168.1.204:49716 <-> 46.137.53.123:5555 [proto: 106/Dofus][Stack: Dofus][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 4][cat: Game/8][Breed: Fun][10 pkts/971 bytes <-> 19 pkts/8207 bytes][Goodput ratio: 43/87][0.59 sec][bytes ratio: -0.788 (Download)][IAT c2s/s2c min/avg/max/stddev: 6/0 73/26 203/251 59/65][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 97/432 322/1514 79/534][TCP Fingerprint: 2_128_65535_6bb88f5575fd/Windows][PLAIN TEXT (type.ankama.com/j)][Plen Bins: 30,15,15,0,0,0,0,0,5,5,0,0,5,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,15,0,0]
+ 2 TCP 192.168.1.204:49684 <-> 18.65.82.75:443 [proto: 91.106/TLS.Dofus][Stack: TLS.Dofus][IP: 464/AWS_Cloudfront][Encrypted][Confidence: DPI][FPC: 464/AWS_Cloudfront, Confidence: IP address][DPI packets: 6][cat: Game/8][Breed: Fun][4 pkts/745 bytes <-> 6 pkts/5168 bytes][Goodput ratio: 69/93][0.03 sec][Hostname/SNI: launcher.cdn.ankama.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.748 (Download)][IAT c2s/s2c min/avg/max/stddev: 2/0 8/3 11/13 4/5][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 186/861 571/1494 222/654][nDPI Fingerprint: 645fbd5c41652ebdf3911c1eae2e3254][TCP Fingerprint: 2_128_65535_6bb88f5575fd/Windows][TLSv1.3][JA4: t13d1516h2_8daaf6152771_e5627efa2ab1][JA3S: f4febc55ea12b31ae17cfb7e614afda8][Chrome][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,60,0,0]
+ 3 TCP 10.215.173.1:42784 <-> 54.246.120.81:443 [proto: 91.106/TLS.Dofus][Stack: TLS.Dofus][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 9][cat: Game/8][Breed: Fun][6 pkts/926 bytes <-> 4 pkts/4506 bytes][Goodput ratio: 63/95][0.16 sec][Hostname/SNI: event-mediator.dofus-touch.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][bytes ratio: -0.659 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 31/21 91/61 38/29][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 154/1126 566/2910 186/1182][nDPI Fingerprint: 96ce067bc777386f4b00add3f6cac066][TCP Fingerprint: 2_64_65535_b8d6cf600040/Unknown][TLSv1.2][JA4: t13d1516h2_8daaf6152771_02713d6af862][ServerNames: *.dofus-touch.com,dofus-touch.com][JA3S: bfc90d56141386ee83b56cda231cccfc][Issuer: C=US, O=Amazon, CN=Amazon RSA 2048 M03][Subject: CN=*.dofus-touch.com][ECH: version 0xfe0d][Certificate SHA-1: 6D:13:FC:5E:53:C6:F6:F0:7A:40:A5:AD:45:E1:D2:3D:C2:70:26:65][Chrome][Validity: 2024-12-15 00:00:00 - 2026-01-14 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,25]
+ 4 TCP 10.215.173.1:42430 <-> 34.240.68.19:443 [proto: 91.106/TLS.Dofus][Stack: TLS.Dofus][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 9][cat: Game/8][Breed: Fun][6 pkts/906 bytes <-> 4 pkts/4494 bytes][Goodput ratio: 62/95][0.12 sec][Hostname/SNI: dt-proxy-production-login.ankama-games.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][bytes ratio: -0.664 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 24/19 62/56 29/26][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 151/1124 566/2910 186/1181][nDPI Fingerprint: 96ce067bc777386f4b00add3f6cac066][TCP Fingerprint: 2_64_65535_b8d6cf600040/Unknown][TLSv1.2][JA4: t13d1516h2_8daaf6152771_02713d6af862][ServerNames: *.ankama-games.com][JA3S: bfc90d56141386ee83b56cda231cccfc][Issuer: C=US, O=Amazon, CN=Amazon RSA 2048 M02][Subject: CN=*.ankama-games.com][ECH: version 0xfe0d][Certificate SHA-1: A8:D5:A9:6D:53:95:1E:F5:F8:9C:76:F5:71:A0:E4:17:58:D1:B1:EA][Chrome][Validity: 2025-01-30 00:00:00 - 2026-03-01 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,25]
5 TCP 192.168.1.204:49715 <-> 75.2.115.63:5555 [proto: 106/Dofus][Stack: Dofus][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 4][cat: Game/8][Breed: Fun][7 pkts/526 bytes <-> 7 pkts/809 bytes][Goodput ratio: 26/49][2.59 sec][bytes ratio: -0.212 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/8 507/516 2184/2247 842/867][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 75/116 179/365 43/105][TCP Fingerprint: 2_128_65535_6bb88f5575fd/Windows][PLAIN TEXT (@B01BE050)][Plen Bins: 25,0,25,25,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/epicgames.pcapng.out b/tests/cfgs/default/result/epicgames.pcapng.out
index 11aeb2c47..88bb126f6 100644
--- a/tests/cfgs/default/result/epicgames.pcapng.out
+++ b/tests/cfgs/default/result/epicgames.pcapng.out
@@ -26,7 +26,7 @@ Fun 81 11186 4
Game 81 11186 4
- 1 UDP 192.168.12.156:39322 <-> 18.157.15.184:9011 [proto: 340/EpicGames][Stack: EpicGames][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 2][cat: Game/8][Breed: Fun][10 pkts/4805 bytes <-> 9 pkts/772 bytes][Goodput ratio: 91/51][0.62 sec][bytes ratio: 0.723 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 43/76 163/199 53/74][Pkt Len c2s/s2c min/avg/max/stddev: 81/55 480/86 994/119 424/18][Plen Bins: 10,53,10,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,21,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 2 UDP 192.168.12.156:37989 <-> 18.157.15.184:15011 [proto: 340/EpicGames][Stack: EpicGames][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 2][cat: Game/8][Breed: Fun][11 pkts/1143 bytes <-> 13 pkts/1296 bytes][Goodput ratio: 60/58][1.01 sec][bytes ratio: -0.063 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 19/0 116/76 455/433 133/121][Pkt Len c2s/s2c min/avg/max/stddev: 81/55 104/100 146/192 25/40][Plen Bins: 8,63,12,8,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 3 UDP 192.168.12.156:47446 <-> 18.157.15.184:15011 [proto: 340/EpicGames][Stack: EpicGames][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 4][cat: Game/8][Breed: Fun][11 pkts/911 bytes <-> 8 pkts/680 bytes][Goodput ratio: 49/51][4.23 sec][bytes ratio: 0.145 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 384/285 1029/741 372/304][Pkt Len c2s/s2c min/avg/max/stddev: 54/55 83/85 135/98 25/17][Plen Bins: 31,63,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 4 UDP 192.168.12.156:49693 <-> 18.157.15.184:15011 [proto: 340/EpicGames][Stack: EpicGames][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 4][cat: Game/8][Breed: Fun][11 pkts/906 bytes <-> 8 pkts/673 bytes][Goodput ratio: 49/50][4.55 sec][bytes ratio: 0.148 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 420/285 1035/741 405/303][Pkt Len c2s/s2c min/avg/max/stddev: 54/55 82/84 134/98 24/17][Plen Bins: 31,63,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 1 UDP 192.168.12.156:39322 <-> 18.157.15.184:9011 [proto: 340/EpicGames][Stack: EpicGames][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 2][cat: Game/8][Breed: Fun][10 pkts/4805 bytes <-> 9 pkts/772 bytes][Goodput ratio: 91/51][0.62 sec][bytes ratio: 0.723 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 43/76 163/199 53/74][Pkt Len c2s/s2c min/avg/max/stddev: 81/55 480/86 994/119 424/18][Plen Bins: 10,53,10,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,21,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 2 UDP 192.168.12.156:37989 <-> 18.157.15.184:15011 [proto: 340/EpicGames][Stack: EpicGames][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 2][cat: Game/8][Breed: Fun][11 pkts/1143 bytes <-> 13 pkts/1296 bytes][Goodput ratio: 60/58][1.01 sec][bytes ratio: -0.063 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 19/0 116/76 455/433 133/121][Pkt Len c2s/s2c min/avg/max/stddev: 81/55 104/100 146/192 25/40][Plen Bins: 8,63,12,8,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 3 UDP 192.168.12.156:47446 <-> 18.157.15.184:15011 [proto: 340/EpicGames][Stack: EpicGames][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 4][cat: Game/8][Breed: Fun][11 pkts/911 bytes <-> 8 pkts/680 bytes][Goodput ratio: 49/51][4.23 sec][bytes ratio: 0.145 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 384/285 1029/741 372/304][Pkt Len c2s/s2c min/avg/max/stddev: 54/55 83/85 135/98 25/17][Plen Bins: 31,63,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 4 UDP 192.168.12.156:49693 <-> 18.157.15.184:15011 [proto: 340/EpicGames][Stack: EpicGames][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 4][cat: Game/8][Breed: Fun][11 pkts/906 bytes <-> 8 pkts/673 bytes][Goodput ratio: 49/50][4.55 sec][bytes ratio: 0.148 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 420/285 1035/741 405/303][Pkt Len c2s/s2c min/avg/max/stddev: 54/55 82/84 134/98 24/17][Plen Bins: 31,63,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/ethereum.pcap.out b/tests/cfgs/default/result/ethereum.pcap.out
index ff1b73df7..13e53c6aa 100644
--- a/tests/cfgs/default/result/ethereum.pcap.out
+++ b/tests/cfgs/default/result/ethereum.pcap.out
@@ -37,7 +37,7 @@ Crypto_Currency 2000 216111 74
5 TCP 192.168.1.184:56645 <-> 185.219.133.62:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 4][cat: Crypto_Currency/106][Breed: Acceptable][34 pkts/3018 bytes <-> 27 pkts/2540 bytes][Goodput ratio: 25/31][0.20 sec][bytes ratio: 0.086 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 4/8 51/49 13/17][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 89/94 476/448 71/77][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][Plen Bins: 61,23,3,3,3,0,0,0,0,0,0,3,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
6 TCP 192.168.1.184:56650 <-> 35.228.250.140:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 284/GoogleCloud][ClearText][Confidence: DPI][FPC: 284/GoogleCloud, Confidence: IP address][DPI packets: 4][cat: Crypto_Currency/106][Breed: Acceptable][30 pkts/2806 bytes <-> 24 pkts/2380 bytes][Goodput ratio: 29/35][0.23 sec][bytes ratio: 0.082 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 7/6 57/56 18/17][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 94/99 528/508 84/92][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (J/hy@y)][Plen Bins: 52,31,3,3,3,0,0,0,0,0,0,0,0,3,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
7 TCP 192.168.1.184:56646 <-> 172.105.94.62:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 4][cat: Crypto_Currency/106][Breed: Acceptable][28 pkts/2738 bytes <-> 24 pkts/2370 bytes][Goodput ratio: 32/36][0.22 sec][bytes ratio: 0.072 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 7/15 116/91 24/28][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 98/99 540/398 89/89][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][Plen Bins: 56,20,4,4,0,0,4,4,0,0,4,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 8 TCP 192.168.1.184:56661 <-> 52.9.128.68:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 4][cat: Crypto_Currency/106][Breed: Acceptable][30 pkts/2768 bytes <-> 23 pkts/2318 bytes][Goodput ratio: 30/36][0.76 sec][bytes ratio: 0.088 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 23/18 194/193 61/55][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 92/101 538/494 87/90][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][Plen Bins: 56,27,3,3,3,0,0,0,0,0,0,0,0,3,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 8 TCP 192.168.1.184:56661 <-> 52.9.128.68:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 4][cat: Crypto_Currency/106][Breed: Acceptable][30 pkts/2768 bytes <-> 23 pkts/2318 bytes][Goodput ratio: 30/36][0.76 sec][bytes ratio: 0.088 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 23/18 194/193 61/55][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 92/101 538/494 87/90][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][Plen Bins: 56,27,3,3,3,0,0,0,0,0,0,0,0,3,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
9 TCP 192.168.1.184:56674 <-> 94.68.55.162:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 4][cat: Crypto_Currency/106][Breed: Acceptable][29 pkts/2801 bytes <-> 21 pkts/2262 bytes][Goodput ratio: 32/40][0.29 sec][bytes ratio: 0.106 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 9/8 74/75 24/22][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 97/108 613/570 101/109][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][Plen Bins: 48,32,4,4,4,0,0,0,0,0,0,0,0,0,0,4,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
10 TCP 192.168.1.184:56671 <-> 86.107.243.62:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 4][cat: Crypto_Currency/106][Breed: Acceptable][28 pkts/2804 bytes <-> 20 pkts/2138 bytes][Goodput ratio: 34/41][0.18 sec][bytes ratio: 0.135 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 6/8 39/38 13/15][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 100/107 606/430 100/101][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][Plen Bins: 56,20,4,4,0,0,4,4,0,0,0,4,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
11 TCP 192.168.1.184:56643 <-> 178.62.29.183:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 442/DigitalOcean][ClearText][Confidence: DPI][FPC: 442/DigitalOcean, Confidence: IP address][DPI packets: 4][cat: Crypto_Currency/106][Breed: Acceptable][31 pkts/2879 bytes <-> 23 pkts/2042 bytes][Goodput ratio: 29/27][0.18 sec][bytes ratio: 0.170 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 5/8 48/47 14/17][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 93/89 535/384 84/68][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][Plen Bins: 63,22,0,7,0,0,0,0,0,3,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -47,14 +47,14 @@ Crypto_Currency 2000 216111 74
15 TCP 192.168.1.184:56621 <-> 52.187.207.27:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 276/Azure][ClearText][Confidence: DPI][FPC: 276/Azure, Confidence: IP address][DPI packets: 4][cat: Crypto_Currency/106][Breed: Acceptable][21 pkts/2163 bytes <-> 21 pkts/1843 bytes][Goodput ratio: 35/28][0.99 sec][bytes ratio: 0.080 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 37/53 354/316 105/118][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 103/88 591/517 112/96][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][Plen Bins: 66,17,0,5,0,0,0,0,0,0,0,0,0,0,5,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
16 TCP 192.168.1.184:56620 <-> 191.234.162.198:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 276/Azure][ClearText][Confidence: DPI][FPC: 276/Azure, Confidence: IP address][DPI packets: 4][cat: Crypto_Currency/106][Breed: Acceptable][21 pkts/2150 bytes <-> 21 pkts/1845 bytes][Goodput ratio: 35/28][0.70 sec][bytes ratio: 0.076 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 27/37 263/221 76/82][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 102/88 578/525 110/98][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][Plen Bins: 66,17,0,5,0,0,0,0,0,0,0,0,0,0,5,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
17 TCP 192.168.1.184:56611 <-> 104.42.217.25:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 276/Azure][ClearText][Confidence: DPI][FPC: 276/Azure, Confidence: IP address][DPI packets: 4][cat: Crypto_Currency/106][Breed: Acceptable][21 pkts/2128 bytes <-> 21 pkts/1859 bytes][Goodput ratio: 34/29][0.57 sec][bytes ratio: 0.067 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 22/34 201/202 62/75][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 101/89 556/533 105/100][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][Plen Bins: 66,17,0,5,0,0,0,0,0,0,0,0,0,0,5,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 18 TCP 192.168.1.184:56623 <-> 18.138.81.28:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 4][cat: Crypto_Currency/106][Breed: Acceptable][21 pkts/2109 bytes <-> 22 pkts/1874 bytes][Goodput ratio: 34/26][0.83 sec][bytes ratio: 0.059 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 32/44 308/260 89/97][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 100/85 537/488 101/88][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][Plen Bins: 66,17,0,5,0,0,0,0,0,0,0,0,0,5,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 19 TCP 192.168.1.184:56615 <-> 35.158.244.151:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 4][cat: Crypto_Currency/106][Breed: Acceptable][21 pkts/2133 bytes <-> 21 pkts/1834 bytes][Goodput ratio: 34/28][0.14 sec][bytes ratio: 0.075 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 6/10 62/63 17/23][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 102/87 561/514 106/96][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][Plen Bins: 66,17,0,5,0,0,0,0,0,0,0,0,0,0,5,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 18 TCP 192.168.1.184:56623 <-> 18.138.81.28:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 4][cat: Crypto_Currency/106][Breed: Acceptable][21 pkts/2109 bytes <-> 22 pkts/1874 bytes][Goodput ratio: 34/26][0.83 sec][bytes ratio: 0.059 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 32/44 308/260 89/97][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 100/85 537/488 101/88][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][Plen Bins: 66,17,0,5,0,0,0,0,0,0,0,0,0,5,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 19 TCP 192.168.1.184:56615 <-> 35.158.244.151:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 4][cat: Crypto_Currency/106][Breed: Acceptable][21 pkts/2133 bytes <-> 21 pkts/1834 bytes][Goodput ratio: 34/28][0.14 sec][bytes ratio: 0.075 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 6/10 62/63 17/23][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 102/87 561/514 106/96][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][Plen Bins: 66,17,0,5,0,0,0,0,0,0,0,0,0,0,5,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
20 TCP 192.168.1.184:56618 <-> 52.231.165.108:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 276/Azure][ClearText][Confidence: DPI][FPC: 276/Azure, Confidence: IP address][DPI packets: 4][cat: Crypto_Currency/106][Breed: Acceptable][21 pkts/2088 bytes <-> 21 pkts/1845 bytes][Goodput ratio: 33/28][0.70 sec][bytes ratio: 0.062 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 27/37 261/222 76/83][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 99/88 516/519 97/97][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (XMOZOS)][Plen Bins: 65,17,0,5,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
21 TCP 192.168.1.184:56628 <-> 3.209.45.79:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 354/ETHEREUM][ClearText][Confidence: DPI][FPC: 354/ETHEREUM, Confidence: IP address][DPI packets: 4][cat: Crypto_Currency/106][Breed: Acceptable][21 pkts/2033 bytes <-> 21 pkts/1862 bytes][Goodput ratio: 31/29][0.41 sec][bytes ratio: 0.044 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 17/27 163/164 47/61][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 97/89 461/536 86/100][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][Plen Bins: 66,17,0,5,0,0,0,0,0,0,0,0,5,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
22 TCP 192.168.1.184:56632 <-> 51.38.81.180:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 4][cat: Crypto_Currency/106][Breed: Acceptable][21 pkts/2117 bytes <-> 20 pkts/1765 bytes][Goodput ratio: 34/28][0.22 sec][bytes ratio: 0.091 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 8/13 78/78 23/29][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 101/88 545/505 103/96][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][Plen Bins: 66,17,0,5,0,0,0,0,0,0,0,0,0,5,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 23 TCP 192.168.1.184:56627 <-> 34.255.23.113:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 4][cat: Crypto_Currency/106][Breed: Acceptable][21 pkts/2150 bytes <-> 20 pkts/1728 bytes][Goodput ratio: 35/27][0.20 sec][bytes ratio: 0.109 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 4/11 70/62 16/23][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 102/86 578/468 110/88][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][Plen Bins: 66,17,0,5,0,0,0,0,0,0,0,0,5,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 23 TCP 192.168.1.184:56627 <-> 34.255.23.113:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 4][cat: Crypto_Currency/106][Breed: Acceptable][21 pkts/2150 bytes <-> 20 pkts/1728 bytes][Goodput ratio: 35/27][0.20 sec][bytes ratio: 0.109 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 4/11 70/62 16/23][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 102/86 578/468 110/88][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][Plen Bins: 66,17,0,5,0,0,0,0,0,0,0,0,5,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
24 TCP 192.168.1.184:56622 <-> 18.138.108.67:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 354/ETHEREUM][ClearText][Confidence: DPI][FPC: 354/ETHEREUM, Confidence: IP address][DPI packets: 4][cat: Crypto_Currency/106][Breed: Acceptable][21 pkts/2169 bytes <-> 21 pkts/1704 bytes][Goodput ratio: 36/22][0.81 sec][bytes ratio: 0.120 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 31/42 300/253 87/94][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 103/81 597/384 114/68][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][Plen Bins: 66,17,0,5,0,0,0,0,0,5,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 25 TCP 192.168.1.184:56639 <-> 18.219.167.159:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 4][cat: Crypto_Currency/106][Breed: Acceptable][20 pkts/2093 bytes <-> 19 pkts/1750 bytes][Goodput ratio: 36/32][0.38 sec][bytes ratio: 0.089 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 15/25 130/122 41/49][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 105/92 587/556 114/110][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][Plen Bins: 63,18,0,6,0,0,0,0,0,0,0,0,0,0,0,6,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 25 TCP 192.168.1.184:56639 <-> 18.219.167.159:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 4][cat: Crypto_Currency/106][Breed: Acceptable][20 pkts/2093 bytes <-> 19 pkts/1750 bytes][Goodput ratio: 36/32][0.38 sec][bytes ratio: 0.089 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 15/25 130/122 41/49][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 105/92 587/556 114/110][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][Plen Bins: 63,18,0,6,0,0,0,0,0,0,0,0,0,0,0,6,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
26 UDP 192.168.1.184:30303 <-> 52.231.165.108:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 276/Azure][ClearText][Confidence: DPI][FPC: 354/ETHEREUM, Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][Breed: Acceptable][2 pkts/426 bytes <-> 4 pkts/3132 bytes][Goodput ratio: 80/95][0.27 sec][bytes ratio: -0.761 (Download)][IAT c2s/s2c min/avg/max/stddev: 40/0 40/6 40/19 0/9][Pkt Len c2s/s2c min/avg/max/stddev: 213/467 213/783 213/1099 0/316][Plen Bins: 0,0,0,0,0,33,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
27 TCP 192.168.1.184:56635 <-> 162.228.29.160:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 4][cat: Crypto_Currency/106][Breed: Acceptable][21 pkts/2051 bytes <-> 16 pkts/1497 bytes][Goodput ratio: 32/31][0.47 sec][bytes ratio: 0.156 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 18/32 159/152 50/60][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 98/94 479/471 89/98][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][Plen Bins: 65,17,0,5,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
28 TCP 192.168.1.184:56629 <-> 51.38.60.79:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 4][cat: Crypto_Currency/106][Breed: Acceptable][19 pkts/1927 bytes <-> 19 pkts/1600 bytes][Goodput ratio: 34/25][0.16 sec][bytes ratio: 0.093 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2/9 36/43 9/17][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 101/84 487/406 95/77][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][Plen Bins: 63,18,0,6,0,0,0,0,0,0,6,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -78,11 +78,11 @@ Crypto_Currency 2000 216111 74
46 TCP 192.168.1.184:56655 <-> 202.112.28.106:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 4][cat: Crypto_Currency/106][Breed: Acceptable][18 pkts/1982 bytes <-> 6 pkts/948 bytes][Goodput ratio: 39/57][0.88 sec][bytes ratio: 0.353 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 58/110 436/438 148/190][Pkt Len c2s/s2c min/avg/max/stddev: 66/67 110/158 560/434 113/130][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][Plen Bins: 50,25,0,12,0,0,0,0,0,0,0,6,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
47 TCP 192.168.1.184:56662 <-> 35.229.232.19:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 284/GoogleCloud][ClearText][Confidence: DPI][FPC: 284/GoogleCloud, Confidence: IP address][DPI packets: 4][cat: Crypto_Currency/106][Breed: Acceptable][21 pkts/1833 bytes <-> 9 pkts/1016 bytes][Goodput ratio: 37/49][0.59 sec][bytes ratio: 0.287 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 33/48 298/288 92/107][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 87/113 489/487 94/133][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][Plen Bins: 65,17,0,5,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
48 TCP 192.168.1.184:56663 <-> 124.217.235.180:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 4][cat: Crypto_Currency/106][Breed: Acceptable][17 pkts/1919 bytes <-> 5 pkts/730 bytes][Goodput ratio: 41/54][0.77 sec][bytes ratio: 0.449 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 55/127 388/377 134/177][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 113/146 611/394 128/125][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][Plen Bins: 50,28,0,7,0,0,0,0,0,0,7,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 49 UDP 192.168.1.184:30303 <-> 18.219.167.159:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 354/ETHEREUM, Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][Breed: Acceptable][3 pkts/575 bytes <-> 4 pkts/1928 bytes][Goodput ratio: 78/91][0.75 sec][bytes ratio: -0.541 (Download)][IAT c2s/s2c min/avg/max/stddev: 127/0 314/209 501/626 187/295][Pkt Len c2s/s2c min/avg/max/stddev: 170/170 192/482 213/1099 18/375][Plen Bins: 0,0,0,0,57,14,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 49 UDP 192.168.1.184:30303 <-> 18.219.167.159:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 354/ETHEREUM, Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][Breed: Acceptable][3 pkts/575 bytes <-> 4 pkts/1928 bytes][Goodput ratio: 78/91][0.75 sec][bytes ratio: -0.541 (Download)][IAT c2s/s2c min/avg/max/stddev: 127/0 314/209 501/626 187/295][Pkt Len c2s/s2c min/avg/max/stddev: 170/170 192/482 213/1099 18/375][Plen Bins: 0,0,0,0,57,14,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
50 TCP 192.168.1.184:56647 <-> 182.162.161.61:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 4][cat: Crypto_Currency/106][Breed: Acceptable][11 pkts/1520 bytes <-> 5 pkts/842 bytes][Goodput ratio: 46/60][0.75 sec][bytes ratio: 0.287 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 83/124 372/371 154/175][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 138/168 588/554 147/193][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][Plen Bins: 51,12,0,12,0,0,0,0,0,0,0,0,0,0,0,12,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
51 TCP 192.168.1.184:56685 <-> 88.99.93.219:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 4][cat: Crypto_Currency/106][Breed: Acceptable][9 pkts/1362 bytes <-> 3 pkts/603 bytes][Goodput ratio: 55/66][0.08 sec][bytes ratio: 0.386 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/3 11/20 41/38 18/18][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 151/201 646/463 179/185][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][Plen Bins: 42,14,0,14,0,0,0,0,0,0,0,0,14,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
52 UDP 192.168.1.184:30303 <-> 18.138.108.67:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 354/ETHEREUM][ClearText][Confidence: DPI][FPC: 354/ETHEREUM, Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][Breed: Acceptable][1 pkts/213 bytes <-> 2 pkts/1566 bytes][Goodput ratio: 80/95][0.27 sec][Plen Bins: 0,0,0,0,0,33,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 53 UDP 192.168.1.184:30303 <-> 35.180.246.169:30301 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 354/ETHEREUM, Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][Breed: Acceptable][1 pkts/213 bytes <-> 2 pkts/1566 bytes][Goodput ratio: 80/95][0.03 sec][Plen Bins: 0,0,0,0,0,33,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 53 UDP 192.168.1.184:30303 <-> 35.180.246.169:30301 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 354/ETHEREUM, Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][Breed: Acceptable][1 pkts/213 bytes <-> 2 pkts/1566 bytes][Goodput ratio: 80/95][0.03 sec][Plen Bins: 0,0,0,0,0,33,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
54 UDP 192.168.1.184:30303 <-> 3.209.45.79:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 354/ETHEREUM][ClearText][Confidence: DPI][FPC: 354/ETHEREUM, Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][Breed: Acceptable][1 pkts/213 bytes <-> 2 pkts/1564 bytes][Goodput ratio: 80/95][0.14 sec][Plen Bins: 0,0,0,0,0,33,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
55 UDP 192.168.1.184:30303 <-> 34.97.172.22:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 284/GoogleCloud][ClearText][Confidence: DPI][FPC: 354/ETHEREUM, Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][Breed: Acceptable][1 pkts/213 bytes <-> 2 pkts/1564 bytes][Goodput ratio: 80/95][0.27 sec][PLAIN TEXT (PbEvGi)][Plen Bins: 0,0,0,0,0,33,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0]
56 UDP 192.168.1.184:30303 <-> 54.36.160.211:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 354/ETHEREUM, Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][Breed: Acceptable][1 pkts/213 bytes <-> 2 pkts/1564 bytes][Goodput ratio: 80/95][0.08 sec][PLAIN TEXT (PbEvGi)][Plen Bins: 0,0,0,0,0,33,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -91,16 +91,16 @@ Crypto_Currency 2000 216111 74
59 TCP 192.168.1.184:56680 <-> 138.59.17.58:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 4][cat: Crypto_Currency/106][Breed: Acceptable][3 pkts/657 bytes <-> 1 pkts/74 bytes][Goodput ratio: 68/0][0.20 sec][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
60 UDP 183.129.242.164:1024 <-> 192.168.1.184:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 354/ETHEREUM, Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][Breed: Acceptable][2 pkts/360 bytes <-> 2 pkts/362 bytes][Goodput ratio: 76/77][0.38 sec][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
61 TCP 192.168.1.184:56686 <-> 206.189.107.35:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 442/DigitalOcean][ClearText][Confidence: DPI][FPC: 442/DigitalOcean, Confidence: IP address][DPI packets: 4][cat: Crypto_Currency/106][Breed: Acceptable][3 pkts/617 bytes <-> 1 pkts/74 bytes][Goodput ratio: 66/0][0.05 sec][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 62 TCP 192.168.1.184:56678 <-> 13.251.14.199:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 4][cat: Crypto_Currency/106][Breed: Acceptable][3 pkts/614 bytes <-> 1 pkts/74 bytes][Goodput ratio: 66/0][0.25 sec][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 62 TCP 192.168.1.184:56678 <-> 13.251.14.199:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 4][cat: Crypto_Currency/106][Breed: Acceptable][3 pkts/614 bytes <-> 1 pkts/74 bytes][Goodput ratio: 66/0][0.25 sec][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
63 UDP 192.168.1.184:30303 <-> 66.42.82.246:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 354/ETHEREUM, Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][Breed: Acceptable][2 pkts/383 bytes <-> 1 pkts/191 bytes][Goodput ratio: 78/78][0.64 sec][Plen Bins: 0,0,0,0,66,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
64 UDP 87.14.222.25:56693 -> 192.168.1.184:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 354/ETHEREUM, Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][Breed: Acceptable][2 pkts/383 bytes -> 0 pkts/0 bytes][Goodput ratio: 78/0][1.06 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
65 UDP 192.168.1.184:30303 -> 111.229.0.180:20182 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 285/Tencent][ClearText][Confidence: DPI][FPC: 354/ETHEREUM, Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][Breed: Acceptable][2 pkts/383 bytes -> 0 pkts/0 bytes][Goodput ratio: 78/0][1.00 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
66 UDP 192.168.1.184:30303 -> 209.97.143.1:50000 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 442/DigitalOcean][ClearText][Confidence: DPI][FPC: 354/ETHEREUM, Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][Breed: Acceptable][2 pkts/383 bytes -> 0 pkts/0 bytes][Goodput ratio: 78/0][1.00 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
67 UDP 192.168.1.184:30303 <-> 202.112.28.106:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 354/ETHEREUM, Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][Breed: Acceptable][1 pkts/170 bytes <-> 1 pkts/191 bytes][Goodput ratio: 75/78][0.44 sec][PLAIN TEXT (0/XoR/Q)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
68 UDP 192.168.1.184:30303 <-> 167.86.122.50:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 354/ETHEREUM, Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][Breed: Acceptable][1 pkts/170 bytes <-> 1 pkts/189 bytes][Goodput ratio: 75/77][0.03 sec][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 69 UDP 3.112.138.57:25516 -> 192.168.1.184:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 354/ETHEREUM, Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][Breed: Acceptable][1 pkts/181 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 69 UDP 3.112.138.57:25516 -> 192.168.1.184:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 354/ETHEREUM, Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][Breed: Acceptable][1 pkts/181 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
70 UDP 60.191.32.71:30303 -> 192.168.1.184:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 354/ETHEREUM, Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][Breed: Acceptable][1 pkts/171 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
71 UDP 192.168.1.184:30303 -> 106.12.39.168:30333 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 354/ETHEREUM, Confidence: DPI][DPI packets: 1][cat: Crypto_Currency/106][Breed: Acceptable][1 pkts/170 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
72 TCP 192.168.1.184:56625 -> 5.1.83.226:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 2][cat: Crypto_Currency/106][Breed: Acceptable][2 pkts/156 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][1.10 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
73 TCP 192.168.1.184:56637 -> 35.233.197.131:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 284/GoogleCloud][ClearText][Confidence: Match by port][FPC: 284/GoogleCloud, Confidence: IP address][DPI packets: 2][cat: Crypto_Currency/106][Breed: Acceptable][2 pkts/156 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][1.11 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 74 TCP 192.168.1.184:56644 -> 13.230.108.42:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 265/AmazonAWS][ClearText][Confidence: Match by port][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 1][cat: Crypto_Currency/106][Breed: Acceptable][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 74 TCP 192.168.1.184:56644 -> 13.230.108.42:30303 [proto: 354/ETHEREUM][Stack: ETHEREUM][IP: 461/AWS_EC2][ClearText][Confidence: Match by port][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 1][cat: Crypto_Currency/106][Breed: Acceptable][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/fuzz-2006-09-29-28586.pcap.out b/tests/cfgs/default/result/fuzz-2006-09-29-28586.pcap.out
index cd527ece0..47d168221 100644
--- a/tests/cfgs/default/result/fuzz-2006-09-29-28586.pcap.out
+++ b/tests/cfgs/default/result/fuzz-2006-09-29-28586.pcap.out
@@ -48,7 +48,7 @@ Web 114 28288 36
11 TCP 172.20.3.5:2607 <-> 172.20.3.13:80 [proto: 7/HTTP][Stack: HTTP][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][Breed: Acceptable][4 pkts/657 bytes <-> 2 pkts/112 bytes][Goodput ratio: 64/0][0.21 sec][bytes ratio: 0.709 (Upload)][IAT c2s/s2c min/avg/max/stddev: 207/1 69/1 207/1 98/0][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 164/56 477/58 181/2][TCP Fingerprint: 2_128_8192_6bbe28597824/Unknown][PLAIN TEXT (201.xml)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
12 TCP 172.20.3.5:2603 <-> 172.20.3.13:80 [proto: 7/HTTP][Stack: HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][Breed: Acceptable][2 pkts/120 bytes <-> 4 pkts/363 bytes][Goodput ratio: 0/39][11.06 sec][bytes ratio: -0.503 (Download)][IAT c2s/s2c min/avg/max/stddev: 216/2 216/35 216/68 0/33][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 60/91 60/197 0/61][StatusCode: 200][Content-Type: application/vnd.wap.mms-message][Server: Resin/2.0.1][Risk: ** HTTP Susp User-Agent **][Risk Score: 100][Risk Info: Empty or missing User-Agent][TCP Fingerprint: 2_128_8192_6bbe28597824/Unknown][PLAIN TEXT (HTTP/1.1 200 OK)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
13 TCP 172.6.3.5:80 -> 172.20.3.13:53132 [proto: 7/HTTP][Stack: HTTP][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Web/5][Breed: Acceptable][1 pkts/481 bytes -> 0 pkts/0 bytes][Goodput ratio: 89/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No client to server traffic][PLAIN TEXT (xml version)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 14 TCP 51.20.3.5:2605 -> 172.20.3.13:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: Match by port][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 1][cat: Web/5][Breed: Acceptable][1 pkts/477 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][< 1 sec][Risk: ** Susp Entropy **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic / Entropy: 5.680 (Executable?)][PLAIN TEXT (201.xml)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 14 TCP 51.20.3.5:2605 -> 172.20.3.13:80 [proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: Match by port][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 1][cat: Web/5][Breed: Acceptable][1 pkts/477 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][< 1 sec][Risk: ** Susp Entropy **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic / Entropy: 5.680 (Executable?)][PLAIN TEXT (201.xml)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
15 TCP 172.20.3.5:2605 <-> 172.20.3.13:80 [proto: 7/HTTP][Stack: HTTP][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 5][cat: Web/5][Breed: Acceptable][4 pkts/240 bytes <-> 1 pkts/58 bytes][Goodput ratio: 0/0][11.06 sec][TCP Fingerprint: 2_128_8192_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
16 TCP 172.20.2.13:80 -> 172.20.3.5:2607 [proto: 7/HTTP][Stack: HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 1][cat: Web/5][Breed: Acceptable][1 pkts/197 bytes -> 0 pkts/0 bytes][Goodput ratio: 10/0][< 1 sec][StatusCode: 200][Risk: ** HTTP Susp User-Agent **** Unidirectional Traffic **][Risk Score: 110][Risk Info: No client to server traffic / Empty or missing User-Agent][PLAIN TEXT (HTTP/1.1 200 OK)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
17 TCP 172.20.3.13:80 -> 44.20.3.5:2605 [proto: 7/HTTP][Stack: HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 1][cat: Web/5][Breed: Acceptable][1 pkts/197 bytes -> 0 pkts/0 bytes][Goodput ratio: 72/0][< 1 sec][StatusCode: 220][Content-Type: application/vnk.wap.mms-message][Server: Besin/2.0.1][Risk: ** HTTP Susp User-Agent **** Unidirectional Traffic **][Risk Score: 110][Risk Info: No client to server traffic / Empty or missing User-Agent][PLAIN TEXT (HTTP/1.1 220 OK)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/gaijin_mobile_mixed.pcap.out b/tests/cfgs/default/result/gaijin_mobile_mixed.pcap.out
index 7c5723ff9..8b3508170 100644
--- a/tests/cfgs/default/result/gaijin_mobile_mixed.pcap.out
+++ b/tests/cfgs/default/result/gaijin_mobile_mixed.pcap.out
@@ -32,6 +32,6 @@ JA Host Stats:
1 10.215.173.1 2
- 1 TCP 10.215.173.1:47666 <-> 54.75.230.133:443 [proto: 91.396/TLS.GaijinEntertainment][Stack: TLS.GaijinEntertainment][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 7][cat: Game/8][Breed: Fun][4 pkts/697 bytes <-> 3 pkts/4256 bytes][Goodput ratio: 74/97][0.14 sec][Hostname/SNI: yupmaster.gaijinent.com][(Advertised) ALPNs: http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.719 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/3 25/34 72/65 33/31][Pkt Len c2s/s2c min/avg/max/stddev: 40/40 174/1419 552/4168 218/1944][nDPI Fingerprint: 464dbbc883d6490e73f9fe5967ffa005][TCP Fingerprint: 2_64_65535_b8d6cf600040/Unknown][TLSv1.2][JA4: t13d3113h1_e8f1e7e78f70_ce5650b735ce][ServerNames: *.gaijinent.com,gaijinent.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=GeoTrust TLS RSA CA G1][Subject: CN=*.gaijinent.com][Certificate SHA-1: 27:23:37:24:85:95:B7:8F:75:BE:79:18:DF:DC:11:D8:04:F7:1E:A2][Firefox][Validity: 2023-12-19 00:00:00 - 2025-01-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33]
+ 1 TCP 10.215.173.1:47666 <-> 54.75.230.133:443 [proto: 91.396/TLS.GaijinEntertainment][Stack: TLS.GaijinEntertainment][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 7][cat: Game/8][Breed: Fun][4 pkts/697 bytes <-> 3 pkts/4256 bytes][Goodput ratio: 74/97][0.14 sec][Hostname/SNI: yupmaster.gaijinent.com][(Advertised) ALPNs: http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.719 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/3 25/34 72/65 33/31][Pkt Len c2s/s2c min/avg/max/stddev: 40/40 174/1419 552/4168 218/1944][nDPI Fingerprint: 464dbbc883d6490e73f9fe5967ffa005][TCP Fingerprint: 2_64_65535_b8d6cf600040/Unknown][TLSv1.2][JA4: t13d3113h1_e8f1e7e78f70_ce5650b735ce][ServerNames: *.gaijinent.com,gaijinent.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=GeoTrust TLS RSA CA G1][Subject: CN=*.gaijinent.com][Certificate SHA-1: 27:23:37:24:85:95:B7:8F:75:BE:79:18:DF:DC:11:D8:04:F7:1E:A2][Firefox][Validity: 2023-12-19 00:00:00 - 2025-01-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33]
2 TCP 10.215.173.1:39314 <-> 81.171.31.37:443 [proto: 91.396/TLS.GaijinEntertainment][Stack: TLS.GaijinEntertainment][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Game/8][Breed: Fun][3 pkts/468 bytes <-> 3 pkts/4296 bytes][Goodput ratio: 70/97][0.09 sec][Hostname/SNI: ta-receiver-balancer-xom.crossout.net][bytes ratio: -0.804 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/48 22/24 45/48 22/24][Pkt Len c2s/s2c min/avg/max/stddev: 40/40 156/1432 368/4208 150/1963][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: 6f3f0d916380a20c9ba33857835f2198][TCP Fingerprint: 2_64_65535_b8d6cf600040/Unknown][TLSv1.2][JA4: t12d800700_ee0b5a6c69b8_cdbdbcd6f742][ServerNames: *.crossout.net,crossout.net][JA3S: 758945630046fd37070521b8544d1fe8][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=GeoTrust TLS RSA CA G1][Subject: CN=*.crossout.net][Certificate SHA-1: 9D:3E:9C:5E:8D:F5:F0:D4:A7:71:3F:B3:CD:5A:DE:1B:E4:EA:12:92][Firefox][Validity: 2023-04-20 00:00:00 - 2024-05-18 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
3 UDP 10.215.173.1:42424 -> 95.211.246.178:20011 [proto: 396/GaijinEntertainment][Stack: GaijinEntertainment][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 396/GaijinEntertainment, Confidence: DPI][DPI packets: 1][cat: Game/8][Breed: Fun][5 pkts/837 bytes -> 0 pkts/0 bytes][Goodput ratio: 83/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (embeddedupdater.start)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/gearup_booster.pcap.out b/tests/cfgs/default/result/gearup_booster.pcap.out
index 1f97d36dc..b9b7bf745 100644
--- a/tests/cfgs/default/result/gearup_booster.pcap.out
+++ b/tests/cfgs/default/result/gearup_booster.pcap.out
@@ -46,20 +46,20 @@ JA Host Stats:
6 UDP 192.168.3.23:47302 <-> 142.251.143.54:443 [proto: 188/QUIC][Stack: QUIC][IP: 126/Google][Encrypted][Confidence: Match by port][FPC: 126/Google, Confidence: IP address][DPI packets: 6][cat: Web/5][Breed: Acceptable][2 pkts/253 bytes <-> 4 pkts/2856 bytes][Goodput ratio: 67/94][0.09 sec][bytes ratio: -0.837 (Download)][IAT c2s/s2c min/avg/max/stddev: 35/60 35/20 35/60 0/28][Pkt Len c2s/s2c min/avg/max/stddev: 79/68 126/714 174/1292 48/578][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: Entropy: 6.537 (Executable?)][Plen Bins: 16,16,0,0,16,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,16,0,0,0,0,0,0,0,0]
7 UDP 192.168.0.21:50374 <-> 129.227.37.102:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][10 pkts/600 bytes <-> 10 pkts/500 bytes][Goodput ratio: 13/16][1.75 sec][bytes ratio: 0.091 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 163/126 172/170 184/182 7/18][Pkt Len c2s/s2c min/avg/max/stddev: 60/50 60/50 60/50 0/0][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
8 UDP 192.168.0.21:59487 <-> 129.227.37.102:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][5 pkts/300 bytes <-> 5 pkts/250 bytes][Goodput ratio: 13/16][1.53 sec][bytes ratio: 0.091 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 335/326 336/332 336/336 0/4][Pkt Len c2s/s2c min/avg/max/stddev: 60/50 60/50 60/50 0/0][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 9 UDP 192.168.3.23:37008 <-> 15.181.194.202:9999 [proto: TZSP:445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.13 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 9 UDP 192.168.3.23:37008 <-> 15.181.194.202:9999 [proto: TZSP:445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.13 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
10 UDP 192.168.3.23:37181 <-> 138.199.41.102:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.11 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
11 UDP 192.168.3.23:37603 <-> 194.110.134.13:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.19 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
12 UDP 192.168.3.23:37678 <-> 23.90.172.130:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.14 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
13 UDP 192.168.3.23:37686 <-> 34.176.100.180:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 284/GoogleCloud][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.22 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
14 UDP 192.168.3.23:37742 <-> 129.227.244.38:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.20 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
15 UDP 192.168.3.23:37747 <-> 20.195.224.215:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 276/Azure][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.24 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 16 UDP 192.168.3.23:37783 <-> 15.181.194.202:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.14 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 16 UDP 192.168.3.23:37783 <-> 15.181.194.202:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.14 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
17 UDP 192.168.3.23:37942 <-> 40.115.242.242:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 276/Azure][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.30 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 18 UDP 192.168.3.23:37972 <-> 52.77.92.200:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.25 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 18 UDP 192.168.3.23:37972 <-> 52.77.92.200:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.25 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
19 UDP 192.168.3.23:38002 <-> 35.201.213.182:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 284/GoogleCloud][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.26 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
20 UDP 192.168.3.23:38070 <-> 65.52.182.211:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 276/Azure][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.30 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
21 UDP 192.168.3.23:38399 <-> 34.100.183.43:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 284/GoogleCloud][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.15 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 22 UDP 192.168.3.23:38445 <-> 13.124.213.54:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.33 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 22 UDP 192.168.3.23:38445 <-> 13.124.213.54:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.33 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
23 UDP 192.168.3.23:38514 <-> 23.90.141.118:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.06 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
24 UDP 192.168.3.23:38633 <-> 34.88.73.160:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 284/GoogleCloud][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.04 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
25 UDP 192.168.3.23:38712 <-> 103.198.202.8:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.06 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -67,11 +67,11 @@ JA Host Stats:
27 UDP 192.168.3.23:38821 <-> 23.90.172.130:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.16 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
28 UDP 192.168.3.23:38961 <-> 176.97.192.194:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.14 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
29 UDP 192.168.3.23:39046 <-> 20.237.164.226:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 276/Azure][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.22 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 30 UDP 192.168.3.23:39070 <-> 52.77.92.200:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.26 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 30 UDP 192.168.3.23:39070 <-> 52.77.92.200:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.26 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
31 UDP 192.168.3.23:39220 <-> 35.201.213.182:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 284/GoogleCloud][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.27 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
32 UDP 192.168.3.23:39220 <-> 154.93.36.41:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.09 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 33 UDP 192.168.3.23:39236 <-> 18.185.151.243:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.02 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 34 UDP 192.168.3.23:39270 <-> 15.181.194.202:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.13 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 33 UDP 192.168.3.23:39236 <-> 18.185.151.243:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.02 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 34 UDP 192.168.3.23:39270 <-> 15.181.194.202:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.13 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
35 UDP 192.168.3.23:39432 <-> 34.155.128.54:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 284/GoogleCloud][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.03 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
36 UDP 192.168.3.23:39470 <-> 34.155.128.54:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 284/GoogleCloud][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.03 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
37 UDP 192.168.3.23:39478 <-> 129.227.244.38:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.20 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -79,26 +79,26 @@ JA Host Stats:
39 UDP 192.168.3.23:39515 <-> 23.90.172.130:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.13 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
40 UDP 192.168.3.23:39572 <-> 138.199.41.102:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.11 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
41 UDP 192.168.3.23:39583 <-> 121.127.42.118:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.11 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 42 UDP 192.168.3.23:39588 <-> 13.124.213.54:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.24 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 42 UDP 192.168.3.23:39588 <-> 13.124.213.54:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.24 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
43 UDP 192.168.3.23:39594 <-> 176.97.192.194:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.14 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
44 UDP 192.168.3.23:39623 <-> 195.181.163.225:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.13 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
45 UDP 192.168.3.23:39684 <-> 34.88.73.160:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 284/GoogleCloud][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.04 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
46 UDP 192.168.3.23:39693 <-> 98.98.151.3:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.05 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 47 UDP 192.168.3.23:39779 <-> 18.185.151.243:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.02 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 48 UDP 192.168.3.23:39858 <-> 3.114.197.210:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.25 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 47 UDP 192.168.3.23:39779 <-> 18.185.151.243:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.02 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 48 UDP 192.168.3.23:39858 <-> 3.114.197.210:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.25 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
49 UDP 192.168.3.23:40048 <-> 23.90.141.118:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.06 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
50 UDP 192.168.3.23:40074 <-> 20.195.224.215:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 276/Azure][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.20 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
51 UDP 192.168.3.23:40513 <-> 34.88.73.160:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 284/GoogleCloud][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.04 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 52 UDP 192.168.3.23:40581 <-> 3.114.197.210:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.34 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 52 UDP 192.168.3.23:40581 <-> 3.114.197.210:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.34 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
53 UDP 192.168.3.23:40633 <-> 154.93.36.41:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.09 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
54 UDP 192.168.3.23:40665 <-> 195.181.163.225:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.13 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 55 UDP 192.168.3.23:40959 <-> 15.181.194.202:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.13 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 55 UDP 192.168.3.23:40959 <-> 15.181.194.202:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.13 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
56 UDP 192.168.3.23:41111 <-> 121.127.42.118:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.11 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
57 UDP 192.168.3.23:41188 <-> 121.127.42.118:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.11 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
58 UDP 192.168.3.23:41387 <-> 34.176.100.180:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 284/GoogleCloud][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.22 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
59 UDP 192.168.3.23:41423 <-> 20.237.164.226:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 276/Azure][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.22 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
60 UDP 192.168.3.23:41457 <-> 23.90.141.118:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.07 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 61 UDP 192.168.3.23:41578 <-> 52.77.92.200:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.17 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 61 UDP 192.168.3.23:41578 <-> 52.77.92.200:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.17 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
62 UDP 192.168.3.23:41618 <-> 98.96.251.186:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.16 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
63 UDP 192.168.3.23:41680 <-> 34.176.100.180:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 284/GoogleCloud][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.21 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
64 UDP 192.168.3.23:41692 <-> 20.195.224.215:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 276/Azure][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.26 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -110,61 +110,61 @@ JA Host Stats:
70 UDP 192.168.3.23:42131 <-> 176.97.192.194:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.14 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
71 UDP 192.168.3.23:42232 <-> 20.237.164.226:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 276/Azure][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.18 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
72 UDP 192.168.3.23:42677 <-> 45.33.103.81:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.12 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 73 UDP 192.168.3.23:42726 <-> 52.77.92.200:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.18 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 73 UDP 192.168.3.23:42726 <-> 52.77.92.200:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.18 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
74 UDP 192.168.3.23:42845 <-> 34.88.73.160:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 284/GoogleCloud][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.06 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
75 UDP 192.168.3.23:43033 <-> 121.127.42.118:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.11 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
76 UDP 192.168.3.23:43077 <-> 154.93.36.41:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.09 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
77 UDP 192.168.3.23:43269 <-> 121.127.42.118:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.11 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
78 UDP 192.168.3.23:43425 <-> 176.97.192.194:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.14 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 79 UDP 192.168.3.23:43478 <-> 3.24.157.167:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.30 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 79 UDP 192.168.3.23:43478 <-> 3.24.157.167:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.30 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
80 UDP 192.168.3.23:43498 <-> 34.176.100.180:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 284/GoogleCloud][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.21 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 81 UDP 192.168.3.23:43552 <-> 18.185.151.243:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.02 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 81 UDP 192.168.3.23:43552 <-> 18.185.151.243:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.02 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
82 UDP 192.168.3.23:43597 <-> 98.96.251.186:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.15 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
83 UDP 192.168.3.23:43608 <-> 98.98.151.3:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.05 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
84 UDP 192.168.3.23:43653 <-> 98.96.251.186:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.15 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 85 UDP 192.168.3.23:43680 <-> 3.114.197.210:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.34 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 85 UDP 192.168.3.23:43680 <-> 3.114.197.210:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.34 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
86 UDP 192.168.3.23:43718 <-> 23.90.172.130:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.14 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
87 UDP 192.168.3.23:43795 <-> 98.98.151.3:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.06 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
88 UDP 192.168.3.23:43864 <-> 65.52.182.211:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 276/Azure][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.30 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
89 UDP 192.168.3.23:44138 <-> 34.100.183.43:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 284/GoogleCloud][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.16 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 90 UDP 192.168.3.23:44205 <-> 13.124.213.54:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.24 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 90 UDP 192.168.3.23:44205 <-> 13.124.213.54:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.24 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
91 UDP 192.168.3.23:44304 <-> 138.199.41.102:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.11 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 92 UDP 192.168.3.23:44328 <-> 15.181.194.202:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.13 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 92 UDP 192.168.3.23:44328 <-> 15.181.194.202:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.13 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
93 UDP 192.168.3.23:44470 <-> 138.199.41.102:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.11 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
94 UDP 192.168.3.23:44547 <-> 23.90.172.130:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.13 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
95 UDP 192.168.3.23:44605 <-> 98.98.151.3:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.05 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 96 UDP 192.168.3.23:44646 <-> 52.77.92.200:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.19 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 97 UDP 192.168.3.23:44684 <-> 15.181.194.202:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.13 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 96 UDP 192.168.3.23:44646 <-> 52.77.92.200:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.19 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 97 UDP 192.168.3.23:44684 <-> 15.181.194.202:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.13 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
98 UDP 192.168.3.23:44799 <-> 34.88.73.160:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 284/GoogleCloud][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.05 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 99 UDP 192.168.3.23:44962 <-> 18.185.151.243:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.03 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 99 UDP 192.168.3.23:44962 <-> 18.185.151.243:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.03 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
100 UDP 192.168.3.23:45045 <-> 34.100.183.43:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 284/GoogleCloud][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.16 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 101 UDP 192.168.3.23:45088 <-> 15.181.194.202:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.13 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 101 UDP 192.168.3.23:45088 <-> 15.181.194.202:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.13 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
102 UDP 192.168.3.23:45104 <-> 65.52.182.211:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 276/Azure][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.30 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
103 UDP 192.168.3.23:45458 <-> 40.115.242.242:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 276/Azure][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.31 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
104 UDP 192.168.3.23:45530 <-> 195.181.163.225:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.13 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 105 UDP 192.168.3.23:45553 <-> 3.24.157.167:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.30 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 106 UDP 192.168.3.23:45605 <-> 13.124.213.54:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.26 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 107 UDP 192.168.3.23:45624 <-> 18.185.151.243:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.02 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 105 UDP 192.168.3.23:45553 <-> 3.24.157.167:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.30 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 106 UDP 192.168.3.23:45605 <-> 13.124.213.54:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.26 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 107 UDP 192.168.3.23:45624 <-> 18.185.151.243:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.02 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
108 UDP 192.168.3.23:45757 <-> 23.90.172.130:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.13 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
109 UDP 192.168.3.23:45864 <-> 45.33.103.81:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.12 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
110 UDP 192.168.3.23:45875 <-> 35.201.213.182:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 284/GoogleCloud][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.26 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 111 UDP 192.168.3.23:45904 <-> 52.77.92.200:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.17 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 112 UDP 192.168.3.23:45941 <-> 52.77.92.200:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.17 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 111 UDP 192.168.3.23:45904 <-> 52.77.92.200:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.17 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 112 UDP 192.168.3.23:45941 <-> 52.77.92.200:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.17 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
113 UDP 192.168.3.23:45946 <-> 194.110.134.13:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.19 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
114 UDP 192.168.3.23:46109 <-> 129.227.244.38:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.19 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 115 UDP 192.168.3.23:46201 <-> 52.77.92.200:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.17 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 115 UDP 192.168.3.23:46201 <-> 52.77.92.200:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.17 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
116 UDP 192.168.3.23:46317 <-> 34.155.128.54:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 284/GoogleCloud][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.03 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 117 UDP 192.168.3.23:46332 <-> 3.24.157.167:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.30 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 118 UDP 192.168.3.23:46385 <-> 18.185.151.243:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.02 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 117 UDP 192.168.3.23:46332 <-> 3.24.157.167:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.30 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 118 UDP 192.168.3.23:46385 <-> 18.185.151.243:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.02 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
119 UDP 192.168.3.23:46392 <-> 35.201.213.182:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 284/GoogleCloud][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.25 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
120 UDP 192.168.3.23:46603 <-> 20.195.224.215:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 276/Azure][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.25 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
121 UDP 192.168.3.23:46619 <-> 20.237.164.226:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 276/Azure][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.20 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
122 UDP 192.168.3.23:46627 <-> 121.127.42.118:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.10 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 123 UDP 192.168.3.23:46702 <-> 15.181.194.202:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.13 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 124 UDP 192.168.3.23:46763 <-> 52.77.92.200:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.19 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 125 UDP 192.168.3.23:46825 <-> 15.181.194.202:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.13 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 123 UDP 192.168.3.23:46702 <-> 15.181.194.202:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.13 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 124 UDP 192.168.3.23:46763 <-> 52.77.92.200:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.19 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 125 UDP 192.168.3.23:46825 <-> 15.181.194.202:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.13 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
126 UDP 192.168.3.23:46852 <-> 20.237.164.226:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 276/Azure][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.22 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 127 UDP 192.168.3.23:47189 <-> 15.181.194.202:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.13 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 127 UDP 192.168.3.23:47189 <-> 15.181.194.202:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.13 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
128 UDP 192.168.3.23:47203 <-> 98.96.251.186:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.15 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
129 UDP 192.168.3.23:47269 <-> 65.52.182.211:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 276/Azure][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.24 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
130 UDP 192.168.3.23:47274 <-> 121.127.42.118:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.10 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -173,9 +173,9 @@ JA Host Stats:
133 UDP 192.168.3.23:47617 <-> 40.115.242.242:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 276/Azure][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.32 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
134 UDP 192.168.3.23:47921 <-> 121.127.42.118:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.10 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
135 UDP 192.168.3.23:48015 <-> 20.237.164.226:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 276/Azure][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.17 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 136 UDP 192.168.3.23:48031 <-> 52.77.92.200:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.18 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 136 UDP 192.168.3.23:48031 <-> 52.77.92.200:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.18 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
137 UDP 192.168.3.23:48039 <-> 34.88.73.160:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 284/GoogleCloud][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.05 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 138 UDP 192.168.3.23:48164 <-> 3.114.197.210:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.27 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 138 UDP 192.168.3.23:48164 <-> 3.114.197.210:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.27 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
139 UDP 192.168.3.23:48196 <-> 34.155.128.54:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 284/GoogleCloud][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.05 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
140 UDP 192.168.3.23:48217 <-> 35.201.213.182:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 284/GoogleCloud][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.26 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
141 UDP 192.168.3.23:48276 <-> 45.33.103.81:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.12 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -192,41 +192,41 @@ JA Host Stats:
152 UDP 192.168.3.23:49305 <-> 20.237.164.226:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 276/Azure][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.18 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
153 UDP 192.168.3.23:49395 <-> 34.176.100.180:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 284/GoogleCloud][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.21 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
154 UDP 192.168.3.23:49429 <-> 103.198.202.8:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.07 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 155 UDP 192.168.3.23:49432 <-> 15.181.194.202:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.13 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 155 UDP 192.168.3.23:49432 <-> 15.181.194.202:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.13 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
156 UDP 192.168.3.23:49487 <-> 194.110.134.13:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.20 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 157 UDP 192.168.3.23:49500 <-> 52.77.92.200:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.17 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 157 UDP 192.168.3.23:49500 <-> 52.77.92.200:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.17 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
158 UDP 192.168.3.23:49542 <-> 98.96.251.186:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.15 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
159 UDP 192.168.3.23:49563 <-> 34.100.183.43:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 284/GoogleCloud][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.15 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
160 UDP 192.168.3.23:49704 <-> 34.176.100.180:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 284/GoogleCloud][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.22 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
161 UDP 192.168.3.23:49818 <-> 23.90.172.130:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.13 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 162 UDP 192.168.3.23:49819 <-> 15.181.194.202:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.13 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 162 UDP 192.168.3.23:49819 <-> 15.181.194.202:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.13 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
163 UDP 192.168.3.23:49873 <-> 98.96.251.186:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.15 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 164 UDP 192.168.3.23:49928 <-> 52.77.92.200:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.25 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 164 UDP 192.168.3.23:49928 <-> 52.77.92.200:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.25 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
165 UDP 192.168.3.23:49942 <-> 34.176.100.180:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 284/GoogleCloud][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.22 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
166 UDP 192.168.3.23:49987 <-> 98.98.151.3:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.05 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 167 UDP 192.168.3.23:49989 <-> 3.24.157.167:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.30 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 168 UDP 192.168.3.23:49992 <-> 18.185.151.243:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.05 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 169 UDP 192.168.3.23:49995 <-> 18.185.151.243:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.02 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 167 UDP 192.168.3.23:49989 <-> 3.24.157.167:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.30 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 168 UDP 192.168.3.23:49992 <-> 18.185.151.243:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.05 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 169 UDP 192.168.3.23:49995 <-> 18.185.151.243:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes <-> 1 pkts/46 bytes][Goodput ratio: 9/9][0.02 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
170 UDP 192.168.3.23:37131 -> 80.238.226.80:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 9/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 171 UDP 192.168.3.23:38313 -> 18.162.179.244:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 9/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 171 UDP 192.168.3.23:38313 -> 18.162.179.244:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 9/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
172 UDP 192.168.3.23:38354 -> 20.249.1.0:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 276/Azure][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 9/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 173 UDP 192.168.3.23:38459 -> 18.162.179.244:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 9/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 174 UDP 192.168.3.23:38761 -> 18.162.179.244:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 9/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 175 UDP 192.168.3.23:39075 -> 18.162.179.244:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 9/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 173 UDP 192.168.3.23:38459 -> 18.162.179.244:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 9/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 174 UDP 192.168.3.23:38761 -> 18.162.179.244:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 9/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 175 UDP 192.168.3.23:39075 -> 18.162.179.244:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 9/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
176 UDP 192.168.3.23:39141 -> 101.46.59.21:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 9/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
177 UDP 192.168.3.23:39378 -> 20.249.1.0:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 276/Azure][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 9/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 178 UDP 192.168.3.23:39859 -> 18.162.179.244:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 9/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 178 UDP 192.168.3.23:39859 -> 18.162.179.244:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 9/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
179 UDP 192.168.3.23:40083 -> 80.238.226.80:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 9/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 180 UDP 192.168.3.23:40390 -> 18.162.179.244:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 9/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 181 UDP 192.168.3.23:40431 -> 18.162.179.244:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 9/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 182 UDP 192.168.3.23:41580 -> 18.162.179.244:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 9/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 180 UDP 192.168.3.23:40390 -> 18.162.179.244:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 9/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 181 UDP 192.168.3.23:40431 -> 18.162.179.244:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 9/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 182 UDP 192.168.3.23:41580 -> 18.162.179.244:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 9/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
183 UDP 192.168.3.23:42764 -> 101.46.59.21:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 9/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 184 UDP 192.168.3.23:42921 -> 18.162.179.244:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 9/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 184 UDP 192.168.3.23:42921 -> 18.162.179.244:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 9/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
185 UDP 192.168.3.23:43221 -> 80.238.226.80:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 9/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 186 UDP 192.168.3.23:43812 -> 18.162.179.244:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 9/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 186 UDP 192.168.3.23:43812 -> 18.162.179.244:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 9/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
187 UDP 192.168.3.23:43985 -> 101.46.59.21:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 9/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
188 UDP 192.168.3.23:44266 -> 20.249.1.0:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 276/Azure][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 9/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
189 UDP 192.168.3.23:48934 -> 80.238.226.80:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 9/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 190 UDP 192.168.3.23:49078 -> 18.162.179.244:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 9/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 191 UDP 192.168.3.23:49183 -> 18.162.179.244:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 9/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 190 UDP 192.168.3.23:49078 -> 18.162.179.244:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 9/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 191 UDP 192.168.3.23:49183 -> 18.162.179.244:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 9/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
192 UDP 192.168.3.23:49407 -> 101.46.59.21:9999 [proto: 445/GearUP_Booster][Stack: GearUP_Booster][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 445/GearUP_Booster, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 9/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/gnutella.pcap.out b/tests/cfgs/default/result/gnutella.pcap.out
index 5e7761563..93607069d 100644
--- a/tests/cfgs/default/result/gnutella.pcap.out
+++ b/tests/cfgs/default/result/gnutella.pcap.out
@@ -436,7 +436,7 @@ JA Host Stats:
377 UDP 10.0.2.15:28681 -> 45.88.117.219:6909 [proto: 35/Gnutella][Stack: Gnutella][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 35/Gnutella, Confidence: DPI][DPI packets: 1][cat: Download/7][Breed: Potentially_Dangerous][1 pkts/123 bytes -> 0 pkts/0 bytes][Goodput ratio: 65/0][< 1 sec][Risk: ** Unsafe Protocol **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
378 UDP 10.0.2.15:28681 -> 47.224.174.174:6346 [proto: 35/Gnutella][Stack: Gnutella][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 35/Gnutella, Confidence: DPI][DPI packets: 1][cat: Download/7][Breed: Potentially_Dangerous][1 pkts/123 bytes -> 0 pkts/0 bytes][Goodput ratio: 65/0][< 1 sec][Risk: ** Unsafe Protocol **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
379 UDP 10.0.2.15:28681 -> 71.237.202.91:16117 [proto: 35/Gnutella][Stack: Gnutella][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 35/Gnutella, Confidence: DPI][DPI packets: 1][cat: Download/7][Breed: Potentially_Dangerous][1 pkts/123 bytes -> 0 pkts/0 bytes][Goodput ratio: 65/0][< 1 sec][Risk: ** Unsafe Protocol **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 380 UDP 10.0.2.15:28681 -> 83.160.143.48:37036 [proto: 35/Gnutella][Stack: Gnutella][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 35/Gnutella, Confidence: DPI][DPI packets: 1][cat: Download/7][Breed: Potentially_Dangerous][1 pkts/123 bytes -> 0 pkts/0 bytes][Goodput ratio: 65/0][< 1 sec][Risk: ** Unsafe Protocol **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 380 UDP 10.0.2.15:28681 -> 83.160.143.48:37036 [proto: 35/Gnutella][Stack: Gnutella][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 35/Gnutella, Confidence: DPI][DPI packets: 1][cat: Download/7][Breed: Potentially_Dangerous][1 pkts/123 bytes -> 0 pkts/0 bytes][Goodput ratio: 65/0][< 1 sec][Risk: ** Unsafe Protocol **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
381 UDP 10.0.2.15:28681 -> 84.197.97.94:1360 [proto: 35/Gnutella][Stack: Gnutella][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 35/Gnutella, Confidence: DPI][DPI packets: 1][cat: Download/7][Breed: Potentially_Dangerous][1 pkts/123 bytes -> 0 pkts/0 bytes][Goodput ratio: 65/0][< 1 sec][Risk: ** Unsafe Protocol **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
382 UDP 10.0.2.15:28681 -> 89.212.91.155:5195 [proto: 35/Gnutella][Stack: Gnutella][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 35/Gnutella, Confidence: DPI][DPI packets: 1][cat: Download/7][Breed: Potentially_Dangerous][1 pkts/123 bytes -> 0 pkts/0 bytes][Goodput ratio: 65/0][< 1 sec][Risk: ** Unsafe Protocol **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
383 UDP 10.0.2.15:28681 -> 98.35.85.238:32173 [proto: 35/Gnutella][Stack: Gnutella][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 35/Gnutella, Confidence: DPI][DPI packets: 1][cat: Download/7][Breed: Potentially_Dangerous][1 pkts/123 bytes -> 0 pkts/0 bytes][Goodput ratio: 65/0][< 1 sec][Risk: ** Unsafe Protocol **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/guildwars2.pcapng.out b/tests/cfgs/default/result/guildwars2.pcapng.out
index 4e9cc693f..41087cd3a 100644
--- a/tests/cfgs/default/result/guildwars2.pcapng.out
+++ b/tests/cfgs/default/result/guildwars2.pcapng.out
@@ -26,4 +26,4 @@ Fun 28 3895 1
Game 28 3895 1
- 1 TCP 192.168.1.17:33959 <-> 3.64.34.254:6112 [proto: 109/GuildWars2][Stack: GuildWars2][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 4][cat: Game/8][Breed: Fun][15 pkts/1798 bytes <-> 13 pkts/2097 bytes][Goodput ratio: 44/59][3.15 sec][bytes ratio: -0.077 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 258/307 2662/2633 730/779][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 120/161 351/921 82/224][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][PLAIN TEXT (P /Sts/Connect STS/1.0)][Plen Bins: 25,31,12,0,6,12,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 1 TCP 192.168.1.17:33959 <-> 3.64.34.254:6112 [proto: 109/GuildWars2][Stack: GuildWars2][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 4][cat: Game/8][Breed: Fun][15 pkts/1798 bytes <-> 13 pkts/2097 bytes][Goodput ratio: 44/59][3.15 sec][bytes ratio: -0.077 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 258/307 2662/2633 730/779][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 120/161 351/921 82/224][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][PLAIN TEXT (P /Sts/Connect STS/1.0)][Plen Bins: 25,31,12,0,6,12,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/heuristic_tcp_ack_payload.pcap.out b/tests/cfgs/default/result/heuristic_tcp_ack_payload.pcap.out
index 10c6b7fac..35cdeff3e 100644
--- a/tests/cfgs/default/result/heuristic_tcp_ack_payload.pcap.out
+++ b/tests/cfgs/default/result/heuristic_tcp_ack_payload.pcap.out
@@ -43,7 +43,7 @@ JA Host Stats:
1 TCP 194.226.199.61:27453 <-> 35.241.9.150:443 [proto: 91.125/TLS.Mozilla][Stack: TLS.Mozilla][IP: 284/GoogleCloud][Encrypted][Confidence: DPI][FPC: 284/GoogleCloud, Confidence: IP address][DPI packets: 8][cat: Web/5][Breed: Acceptable][36 pkts/3477 bytes <-> 42 pkts/37330 bytes][Goodput ratio: 44/94][171.42 sec][Hostname/SNI: firefox.settings.services.mozilla.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][bytes ratio: -0.830 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 4196/3653 58250/58245 14929/14067][Pkt Len c2s/s2c min/avg/max/stddev: 56/60 97/889 375/2878 73/1070][nDPI Fingerprint: 928424e934f386bb86d141f25fe4abbf][TCP Fingerprint: 2_128_8192_6bb88f5575fd/Unknown][TLSv1.2][JA4: t12d1410h2_c866b44c5a26_b5b8faed2b99][ServerNames: firefox.settings.services.mozilla.com,main-2-cdn.prod.kinto.prod.cloudops.mozgcp.net][JA3S: 9d9ce860f1b1cbef07b019450cb368d8][Issuer: C=US, O=Let's Encrypt, CN=R3][Subject: CN=main-2-cdn.prod.kinto.prod.cloudops.mozgcp.net][Certificate SHA-1: 30:0D:22:77:6E:DA:4E:99:3E:AF:8A:D0:5C:7D:97:51:8B:E6:22:11][Firefox][Validity: 2023-04-04 08:33:24 - 2023-07-03 08:33:23][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 49,16,2,0,3,3,1,0,1,0,2,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,11]
2 TCP 194.226.199.61:6946 <-> 2.22.40.186:443 [proto: 91.183/TLS.Pinterest][Stack: TLS.Pinterest][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 10][cat: SocialNetwork/6][Breed: Fun][41 pkts/7780 bytes <-> 47 pkts/26668 bytes][Goodput ratio: 70/90][18.13 sec][Hostname/SNI: ru.pinterest.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][bytes ratio: -0.548 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 404/181 3512/2129 852/406][Pkt Len c2s/s2c min/avg/max/stddev: 56/60 190/567 1514/2974 287/678][nDPI Fingerprint: aba5d0a8f961a4ec8f557e80f37f969f][TCP Fingerprint: 2_128_64240_6bb88f5575fd/Windows][TLSv1.3][JA4: t13d1516h2_8daaf6152771_9b887d9acb53][JA3S: 15af977ce25de452b96affa2addb1036][Chrome][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 50,9,1,5,0,0,0,0,2,0,0,0,0,1,0,0,1,1,0,4,0,0,0,0,1,1,2,0,0,0,0,4,1,0,0,0,1,0,0,0,0,0,0,0,0,12,0,1]
- 3 TCP 194.226.199.21:58155 <-> 52.18.127.189:443 [proto: 91/TLS][Stack: TLS][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 13][cat: Web/5][Breed: Safe][28 pkts/6789 bytes <-> 35 pkts/8995 bytes][Goodput ratio: 78/79][130.64 sec][Hostname/SNI: bitrix.info][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][bytes ratio: -0.140 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 5498/4834 45102/45058 12717/11564][Pkt Len c2s/s2c min/avg/max/stddev: 56/60 242/257 1547/2974 352/535][nDPI Fingerprint: ac1867928681fc04fd12abce7c094c79][TCP Fingerprint: 2_128_64240_6bb88f5575fd/Windows][TLSv1.2][JA4: t13d1516h2_8daaf6152771_e5627efa2ab1][JA3S: bfc90d56141386ee83b56cda231cccfc][Chrome][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 46,22,6,6,0,0,0,0,0,0,1,0,6,0,1,1,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,1,1,1]
+ 3 TCP 194.226.199.21:58155 <-> 52.18.127.189:443 [proto: 91/TLS][Stack: TLS][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 13][cat: Web/5][Breed: Safe][28 pkts/6789 bytes <-> 35 pkts/8995 bytes][Goodput ratio: 78/79][130.64 sec][Hostname/SNI: bitrix.info][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][bytes ratio: -0.140 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 5498/4834 45102/45058 12717/11564][Pkt Len c2s/s2c min/avg/max/stddev: 56/60 242/257 1547/2974 352/535][nDPI Fingerprint: ac1867928681fc04fd12abce7c094c79][TCP Fingerprint: 2_128_64240_6bb88f5575fd/Windows][TLSv1.2][JA4: t13d1516h2_8daaf6152771_e5627efa2ab1][JA3S: bfc90d56141386ee83b56cda231cccfc][Chrome][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 46,22,6,6,0,0,0,0,0,0,1,0,6,0,1,1,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,1,1,1]
4 TCP 194.226.199.103:62580 <-> 217.69.139.59:443 [proto: 91/TLS][Stack: TLS][IP: 22/VK][Encrypted][Confidence: DPI][FPC: 22/VK, Confidence: IP address][DPI packets: 15][cat: Web/5][Breed: Safe][22 pkts/2692 bytes <-> 16 pkts/10450 bytes][Goodput ratio: 55/92][7.28 sec][Hostname/SNI: portal.mail.ru][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.590 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 100/27 1559/213 357/70][Pkt Len c2s/s2c min/avg/max/stddev: 56/60 122/653 623/2897 162/957][nDPI Fingerprint: 39a72d7829fd33f03e867c5ab1f708a7][TCP Fingerprint: 2_128_8192_6bb88f5575fd/Unknown][TLSv1.2][JA4: t13d1714h2_5b57614c22b0_37205ffde759][ServerNames: *.mail.ru,mail.ru][JA3S: 2b33c1374db4ddf06942f92373c0b54b][Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign RSA OV SSL CA 2018][Subject: C=RU, ST=Moscow, L=Moscow, O=VK LLC, CN=*.mail.ru][Certificate SHA-1: 9F:A2:43:EA:AA:62:15:13:44:0D:15:75:17:47:4C:6B:E5:8E:10:1E][Firefox][Validity: 2022-10-20 09:52:31 - 2023-11-21 09:52:30][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 68,0,0,5,0,0,0,0,11,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,5]
5 TCP 194.226.199.9:49756 <-> 92.223.106.21:443 [proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 9][cat: Web/5][Breed: Safe][9 pkts/1140 bytes <-> 8 pkts/5344 bytes][Goodput ratio: 54/91][0.28 sec][Hostname/SNI: moevideo.biz][(Advertised) ALPNs: http/1.1][(Negotiated) ALPN: http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1;SSLv3][bytes ratio: -0.648 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 20/6 44/20 18/8][Pkt Len c2s/s2c min/avg/max/stddev: 56/60 127/668 571/2690 159/894][nDPI Fingerprint: 8523452234b2178807578cbfc1da1749][TCP Fingerprint: 2_128_64240_6bb88f5575fd/Windows][TLSv1.2][JA4: t13d1613h1_1711a4c0508c_65df7edfe3b3][ServerNames: *.moevideo.biz,moevideo.biz][JA3S: d154fcfa5bb4f0748e1dd1992c681104][Issuer: C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4][Subject: CN=*.moevideo.biz][Certificate SHA-1: FF:0C:ED:41:2C:7C:DA:BA:89:FE:7E:09:4A:2B:62:26:A0:20:AC:53][Safari][Validity: 2023-04-04 15:59:15 - 2024-05-05 15:59:14][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 51,0,8,0,0,0,0,0,8,0,0,0,0,0,0,8,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,8]
6 TCP 194.226.199.226:34101 <-> 8.247.226.126:80 [proto: 7.147/HTTP.WindowsUpdate][Stack: HTTP.WindowsUpdate][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 12][cat: SoftwareUpdate/19][Breed: Safe][7 pkts/896 bytes <-> 12 pkts/1742 bytes][Goodput ratio: 56/62][0.04 sec][Hostname/SNI: 3.tlu.dl.delivery.mp.microsoft.com][bytes ratio: -0.321 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 7/1 12/11 6/3][Pkt Len c2s/s2c min/avg/max/stddev: 56/60 128/145 550/1076 172/281][URL: 3.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/b4f27514-1618-47a0-bcd4-5fcb469edb63?P1=1681888058&P2=404&P3=2&P4=VJ2Qv%2bUXzBGOULZmyshxlc8XXx4pLl7hoFcLgf1iS33rDGfm0tCVrTPvZN8tn8yWBSrA0idwdtOBFLQMjZCUkw%3d%3d][Nat-IP: 10.13.38.160][User-Agent: Microsoft-Delivery-Optimization/10.0][TCP Fingerprint: 2_64_64240_565ad129ac37/Unknown][PLAIN TEXT (GET /filestreamingservice/files)][Plen Bins: 89,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/http-crash-content-disposition.pcap.out b/tests/cfgs/default/result/http-crash-content-disposition.pcap.out
index fe36c1249..cb2b04f99 100644
--- a/tests/cfgs/default/result/http-crash-content-disposition.pcap.out
+++ b/tests/cfgs/default/result/http-crash-content-disposition.pcap.out
@@ -26,4 +26,4 @@ Acceptable 9 3328 1
Web 9 3328 1
- 1 TCP 192.168.0.103:51171 <-> 174.129.0.10:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 8][cat: Web/5][Breed: Acceptable][4 pkts/691 bytes <-> 5 pkts/2637 bytes][Goodput ratio: 69/90][0.31 sec][Hostname/SNI: khu.sh][bytes ratio: -0.585 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 48/50 125/145 55/59][Pkt Len c2s/s2c min/avg/max/stddev: 52/52 173/527 480/1492 178/601][URL: khu.sh/imessages.php?songify_a=3h248fIbwJ&new][StatusCode: 200][Req Content-Type: text/plain][Content-Type: text/html][Server: nginx][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][TCP Fingerprint: 2_64_14600_8c07a80cc645/Linux][PLAIN TEXT (POST /imessages.php)][Plen Bins: 0,25,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0]
+ 1 TCP 192.168.0.103:51171 <-> 174.129.0.10:80 [proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 8][cat: Web/5][Breed: Acceptable][4 pkts/691 bytes <-> 5 pkts/2637 bytes][Goodput ratio: 69/90][0.31 sec][Hostname/SNI: khu.sh][bytes ratio: -0.585 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 48/50 125/145 55/59][Pkt Len c2s/s2c min/avg/max/stddev: 52/52 173/527 480/1492 178/601][URL: khu.sh/imessages.php?songify_a=3h248fIbwJ&new][StatusCode: 200][Req Content-Type: text/plain][Content-Type: text/html][Server: nginx][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][TCP Fingerprint: 2_64_14600_8c07a80cc645/Linux][PLAIN TEXT (POST /imessages.php)][Plen Bins: 0,25,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0]
diff --git a/tests/cfgs/default/result/http_invalid_server.pcap.out b/tests/cfgs/default/result/http_invalid_server.pcap.out
index 7401fa386..56244db8e 100644
--- a/tests/cfgs/default/result/http_invalid_server.pcap.out
+++ b/tests/cfgs/default/result/http_invalid_server.pcap.out
@@ -26,4 +26,4 @@ Safe 12 1301 1
Network 12 1301 1
- 1 TCP 192.168.1.29:51536 <-> 143.204.14.183:80 [proto: 7.63/HTTP.OCSP][Stack: HTTP.OCSP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 6][cat: Network/14][Breed: Safe][7 pkts/556 bytes <-> 5 pkts/745 bytes][Goodput ratio: 15/55][0.04 sec][Hostname/SNI: ocsp.rootg2.amazontrust.com][bytes ratio: -0.145 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 5/4 12/12 6/6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 79/149 148/468 28/160][URL: ocsp.rootg2.amazontrust.com/][StatusCode: 200][Content-Type: application/ocsp-response][Server: ¯\_(ăƒ„)_/¯][User-Agent: **][Risk: ** HTTP Susp User-Agent **** HTTP Susp Header **][Risk Score: 200][Risk Info: Suspicious Agent [¯\_(ăƒ„)_/¯] / Suspicious Log4J][TCP Fingerprint: 2_64_65535_d29295416479/macOS][PLAIN TEXT (GET / HTTP/1.1)][Plen Bins: 33,0,33,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 1 TCP 192.168.1.29:51536 <-> 143.204.14.183:80 [proto: 7.63/HTTP.OCSP][Stack: HTTP.OCSP][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 464/AWS_Cloudfront, Confidence: IP address][DPI packets: 6][cat: Network/14][Breed: Safe][7 pkts/556 bytes <-> 5 pkts/745 bytes][Goodput ratio: 15/55][0.04 sec][Hostname/SNI: ocsp.rootg2.amazontrust.com][bytes ratio: -0.145 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 5/4 12/12 6/6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 79/149 148/468 28/160][URL: ocsp.rootg2.amazontrust.com/][StatusCode: 200][Content-Type: application/ocsp-response][Server: ¯\_(ăƒ„)_/¯][User-Agent: **][Risk: ** HTTP Susp User-Agent **** HTTP Susp Header **][Risk Score: 200][Risk Info: Suspicious Agent [¯\_(ăƒ„)_/¯] / Suspicious Log4J][TCP Fingerprint: 2_64_65535_d29295416479/macOS][PLAIN TEXT (GET / HTTP/1.1)][Plen Bins: 33,0,33,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/http_origin_different_than_host.pcap.out b/tests/cfgs/default/result/http_origin_different_than_host.pcap.out
index 8bc52cf18..b176a50ce 100644
--- a/tests/cfgs/default/result/http_origin_different_than_host.pcap.out
+++ b/tests/cfgs/default/result/http_origin_different_than_host.pcap.out
@@ -26,4 +26,4 @@ Acceptable 4 1229 1
Web 4 1229 1
- 1 TCP 10.140.206.74:34536 <-> 18.135.206.102:80 [VLAN: 113][proto: GTP:7.251/HTTP.WebSocket][Stack: HTTP.WebSocket][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 4][cat: Web/5][Breed: Acceptable][2 pkts/835 bytes <-> 2 pkts/394 bytes][Goodput ratio: 73/42][0.35 sec][Hostname/SNI: csb.performgroup.io][URL: csb.performgroup.io/?topreferer=optawidgets.365scores.com][StatusCode: 101][User-Agent: Mozilla/5.0 (Linux; Android 9; JKM-LX1 Build/HUAWEIJKM-LX1; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/106.0.5249.118 Mobile Safari/537.36][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (topreferer)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 1 TCP 10.140.206.74:34536 <-> 18.135.206.102:80 [VLAN: 113][proto: GTP:7.251/HTTP.WebSocket][Stack: HTTP.WebSocket][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 4][cat: Web/5][Breed: Acceptable][2 pkts/835 bytes <-> 2 pkts/394 bytes][Goodput ratio: 73/42][0.35 sec][Hostname/SNI: csb.performgroup.io][URL: csb.performgroup.io/?topreferer=optawidgets.365scores.com][StatusCode: 101][User-Agent: Mozilla/5.0 (Linux; Android 9; JKM-LX1 Build/HUAWEIJKM-LX1; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/106.0.5249.118 Mobile Safari/537.36][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (topreferer)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/lol_wild_rift_udp.pcap.out b/tests/cfgs/default/result/lol_wild_rift_udp.pcap.out
index edc233f2a..9ebe75c29 100644
--- a/tests/cfgs/default/result/lol_wild_rift_udp.pcap.out
+++ b/tests/cfgs/default/result/lol_wild_rift_udp.pcap.out
@@ -26,8 +26,8 @@ Fun 8 1552 5
Game 8 1552 5
- 1 UDP 10.215.173.1:43686 <-> 13.51.213.131:15007 [proto: 407/LoLWildRift][Stack: LoLWildRift][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 2][cat: Game/8][Breed: Fun][1 pkts/97 bytes <-> 1 pkts/387 bytes][Goodput ratio: 70/93][0.03 sec][Plen Bins: 0,0,50,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 2 UDP 10.215.173.1:46702 <-> 51.20.230.207:15007 [proto: 407/LoLWildRift][Stack: LoLWildRift][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 2][cat: Game/8][Breed: Fun][1 pkts/97 bytes <-> 1 pkts/387 bytes][Goodput ratio: 70/93][0.08 sec][Plen Bins: 0,0,50,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 3 UDP 10.215.173.1:47462 <-> 51.20.230.207:15004 [proto: 407/LoLWildRift][Stack: LoLWildRift][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 2][cat: Game/8][Breed: Fun][1 pkts/97 bytes <-> 1 pkts/387 bytes][Goodput ratio: 70/93][0.09 sec][Plen Bins: 0,0,50,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 4 UDP 10.215.173.1:41440 -> 13.53.58.18:18001 [proto: 407/LoLWildRift][Stack: LoLWildRift][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 407/LoLWildRift, Confidence: DPI][DPI packets: 1][cat: Game/8][Breed: Fun][1 pkts/50 bytes -> 0 pkts/0 bytes][Goodput ratio: 43/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 5 UDP 10.215.173.1:44513 -> 13.53.58.18:18001 [proto: 407/LoLWildRift][Stack: LoLWildRift][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 407/LoLWildRift, Confidence: DPI][DPI packets: 1][cat: Game/8][Breed: Fun][1 pkts/50 bytes -> 0 pkts/0 bytes][Goodput ratio: 43/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 1 UDP 10.215.173.1:43686 <-> 13.51.213.131:15007 [proto: 407/LoLWildRift][Stack: LoLWildRift][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 2][cat: Game/8][Breed: Fun][1 pkts/97 bytes <-> 1 pkts/387 bytes][Goodput ratio: 70/93][0.03 sec][Plen Bins: 0,0,50,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 2 UDP 10.215.173.1:46702 <-> 51.20.230.207:15007 [proto: 407/LoLWildRift][Stack: LoLWildRift][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 2][cat: Game/8][Breed: Fun][1 pkts/97 bytes <-> 1 pkts/387 bytes][Goodput ratio: 70/93][0.08 sec][Plen Bins: 0,0,50,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 3 UDP 10.215.173.1:47462 <-> 51.20.230.207:15004 [proto: 407/LoLWildRift][Stack: LoLWildRift][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 2][cat: Game/8][Breed: Fun][1 pkts/97 bytes <-> 1 pkts/387 bytes][Goodput ratio: 70/93][0.09 sec][Plen Bins: 0,0,50,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 4 UDP 10.215.173.1:41440 -> 13.53.58.18:18001 [proto: 407/LoLWildRift][Stack: LoLWildRift][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 407/LoLWildRift, Confidence: DPI][DPI packets: 1][cat: Game/8][Breed: Fun][1 pkts/50 bytes -> 0 pkts/0 bytes][Goodput ratio: 43/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 5 UDP 10.215.173.1:44513 -> 13.53.58.18:18001 [proto: 407/LoLWildRift][Stack: LoLWildRift][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 407/LoLWildRift, Confidence: DPI][DPI packets: 1][cat: Game/8][Breed: Fun][1 pkts/50 bytes -> 0 pkts/0 bytes][Goodput ratio: 43/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/mpeg-dash.pcap.out b/tests/cfgs/default/result/mpeg-dash.pcap.out
index bfe125914..50c72c8d2 100644
--- a/tests/cfgs/default/result/mpeg-dash.pcap.out
+++ b/tests/cfgs/default/result/mpeg-dash.pcap.out
@@ -27,6 +27,6 @@ Fun 13 4669 4
Media 13 4669 4
1 TCP 10.84.1.81:60926 <-> 166.248.152.10:80 [proto: 7.291/HTTP.MpegDash][Stack: HTTP.MpegDash][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 4][cat: Media/1][Breed: Fun][2 pkts/456 bytes <-> 2 pkts/1520 bytes][Goodput ratio: 72/92][0.30 sec][Hostname/SNI: gdl.news-cdn.site][URL: gdl.news-cdn.site/as/bigo-ad-creatives/3s3/2lOTA7.mp4][StatusCode: 200][Content-Type: video/mp4][Server: openresty][User-Agent: Mozilla/5.0 (Linux; Android 11; SM-A715F Build/RP1A.200720.012; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.105 Mobile Safari/537.36][TCP Fingerprint: 2_64_65535_d876f498b09e/Android][PLAIN TEXT (GET /as/bigo)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0]
- 2 TCP 54.161.101.85:80 <-> 192.168.2.105:59144 [proto: 7.291/HTTP.MpegDash][Stack: HTTP.MpegDash][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7.291/HTTP.MpegDash, Confidence: DPI][DPI packets: 4][cat: Media/1][Breed: Fun][2 pkts/1649 bytes <-> 2 pkts/323 bytes][Goodput ratio: 92/59][0.01 sec][Hostname/SNI: livesim.dashif.org][URL: livesim.dashif.org/livesim/sts_1652783809/sid_40c11e12/chunkdur_1/ato_7/testpic4_8s/V2400/206598098.m4s][User-Agent: VLC/3.0.16 LibVLC/3.0.16][PLAIN TEXT (OHTTP/1.1 200 OK)][Plen Bins: 0,0,33,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0]
- 3 TCP 192.168.2.105:59142 <-> 54.161.101.85:80 [proto: 7.291/HTTP.MpegDash][Stack: HTTP.MpegDash][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 4][cat: Media/1][Breed: Fun][3 pkts/390 bytes <-> 1 pkts/74 bytes][Goodput ratio: 47/0][0.10 sec][Hostname/SNI: livesim.dashif.org][URL: livesim.dashif.org/livesim/sts_1652783809/sid_40c11e12/chunkdur_1/ato_7/testpic4_8s/A48/init.mp4][User-Agent: VLC/3.0.16 LibVLC/3.0.16][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][PLAIN TEXT (IGET /livesim/sts)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 4 TCP 192.168.2.105:59146 -> 54.161.101.85:80 [proto: 7.291/HTTP.MpegDash][Stack: HTTP.MpegDash][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7.291/HTTP.MpegDash, Confidence: DPI][DPI packets: 1][cat: Media/1][Breed: Fun][1 pkts/257 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][< 1 sec][Hostname/SNI: livesim.dashif.org][URL: livesim.dashif.org/livesim/sts_1652783809/sid_40c11e12/chunkdur_1/ato_7/testpic4_8s/V2400/206598099.m4s][User-Agent: VLC/3.0.16 LibVLC/3.0.16][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (GET /livesim/sts)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 2 TCP 54.161.101.85:80 <-> 192.168.2.105:59144 [proto: 7.291/HTTP.MpegDash][Stack: HTTP.MpegDash][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7.291/HTTP.MpegDash, Confidence: DPI][DPI packets: 4][cat: Media/1][Breed: Fun][2 pkts/1649 bytes <-> 2 pkts/323 bytes][Goodput ratio: 92/59][0.01 sec][Hostname/SNI: livesim.dashif.org][URL: livesim.dashif.org/livesim/sts_1652783809/sid_40c11e12/chunkdur_1/ato_7/testpic4_8s/V2400/206598098.m4s][User-Agent: VLC/3.0.16 LibVLC/3.0.16][PLAIN TEXT (OHTTP/1.1 200 OK)][Plen Bins: 0,0,33,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0]
+ 3 TCP 192.168.2.105:59142 <-> 54.161.101.85:80 [proto: 7.291/HTTP.MpegDash][Stack: HTTP.MpegDash][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 4][cat: Media/1][Breed: Fun][3 pkts/390 bytes <-> 1 pkts/74 bytes][Goodput ratio: 47/0][0.10 sec][Hostname/SNI: livesim.dashif.org][URL: livesim.dashif.org/livesim/sts_1652783809/sid_40c11e12/chunkdur_1/ato_7/testpic4_8s/A48/init.mp4][User-Agent: VLC/3.0.16 LibVLC/3.0.16][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][PLAIN TEXT (IGET /livesim/sts)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 4 TCP 192.168.2.105:59146 -> 54.161.101.85:80 [proto: 7.291/HTTP.MpegDash][Stack: HTTP.MpegDash][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7.291/HTTP.MpegDash, Confidence: DPI][DPI packets: 1][cat: Media/1][Breed: Fun][1 pkts/257 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][< 1 sec][Hostname/SNI: livesim.dashif.org][URL: livesim.dashif.org/livesim/sts_1652783809/sid_40c11e12/chunkdur_1/ato_7/testpic4_8s/V2400/206598099.m4s][User-Agent: VLC/3.0.16 LibVLC/3.0.16][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (GET /livesim/sts)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/nest_log_sink.pcap.out b/tests/cfgs/default/result/nest_log_sink.pcap.out
index e515ae2c3..5d1bd983a 100644
--- a/tests/cfgs/default/result/nest_log_sink.pcap.out
+++ b/tests/cfgs/default/result/nest_log_sink.pcap.out
@@ -36,12 +36,12 @@ Network 15 1612 1
2 TCP 192.168.242.15:63345 <-> 35.188.154.186:11095 [proto: 43/NestLogSink][Stack: NestLogSink][IP: 284/GoogleCloud][ClearText][Confidence: DPI][FPC: 284/GoogleCloud, Confidence: IP address][DPI packets: 8][cat: Cloud/13][Breed: Acceptable][36 pkts/14613 bytes <-> 35 pkts/4114 bytes][Goodput ratio: 86/54][4.14 sec][bytes ratio: 0.561 (Upload)][IAT c2s/s2c min/avg/max/stddev: 11/0 132/134 1166/1477 229/290][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 406/118 584/732 185/107][TCP Fingerprint: 2_255_4608_287a07a47787/Unknown][PLAIN TEXT (05CA02AC4414028)][Plen Bins: 0,50,1,0,1,0,0,0,0,0,0,0,0,0,45,0,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 TCP 192.168.242.15:63351 <-> 35.188.154.186:11095 [proto: 43/NestLogSink][Stack: NestLogSink][IP: 284/GoogleCloud][ClearText][Confidence: DPI][FPC: 284/GoogleCloud, Confidence: IP address][DPI packets: 8][cat: Cloud/13][Breed: Acceptable][25 pkts/9229 bytes <-> 24 pkts/2916 bytes][Goodput ratio: 85/55][3.56 sec][bytes ratio: 0.520 (Upload)][IAT c2s/s2c min/avg/max/stddev: 5/0 164/174 1319/1484 293/350][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 369/122 584/733 204/130][TCP Fingerprint: 2_255_4608_287a07a47787/Unknown][PLAIN TEXT (05CA02AC4414028)][Plen Bins: 0,50,2,0,0,0,0,0,0,0,0,2,0,0,41,0,2,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 TCP 192.168.242.15:63348 <-> 35.188.154.186:11095 [proto: 43/NestLogSink][Stack: NestLogSink][IP: 284/GoogleCloud][ClearText][Confidence: DPI][FPC: 284/GoogleCloud, Confidence: IP address][DPI packets: 8][cat: Cloud/13][Breed: Acceptable][25 pkts/9114 bytes <-> 24 pkts/2915 bytes][Goodput ratio: 85/55][3.42 sec][bytes ratio: 0.515 (Upload)][IAT c2s/s2c min/avg/max/stddev: 10/0 158/169 1167/1475 266/349][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 365/121 584/732 205/129][TCP Fingerprint: 2_255_4608_287a07a47787/Unknown][PLAIN TEXT (05CA02AC4414028)][Plen Bins: 0,50,2,0,0,0,0,2,0,0,0,0,0,0,41,0,2,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 5 TCP 192.168.242.15:63343 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][Stack: NestLogSink][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 8][cat: Cloud/13][Breed: Acceptable][60 pkts/5549 bytes <-> 56 pkts/5094 bytes][Goodput ratio: 36/41][1799.54 sec][bytes ratio: 0.043 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/16 33935/28187 60073/60075 29484/29645][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 92/91 585/731 97/126][TCP Fingerprint: 2_255_4608_287a07a47787/Unknown][PLAIN TEXT (05CA02AC4414028)][Plen Bins: 0,24,0,5,5,37,0,0,0,5,0,0,5,0,0,0,5,0,0,5,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 6 TCP 192.168.242.15:63352 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][Stack: NestLogSink][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 8][cat: Cloud/13][Breed: Acceptable][50 pkts/4894 bytes <-> 46 pkts/4392 bytes][Goodput ratio: 40/43][1508.66 sec][bytes ratio: 0.054 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 4/17 33170/30242 60184/60262 29630/29816][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 98/95 586/730 105/136][TCP Fingerprint: 2_255_4608_287a07a47787/Unknown][PLAIN TEXT (05CA02AC4414028)][Plen Bins: 0,21,0,6,6,34,0,0,0,6,0,0,6,0,0,0,6,0,0,6,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 7 TCP 192.168.242.15:63346 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][Stack: NestLogSink][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 8][cat: Cloud/13][Breed: Acceptable][41 pkts/4409 bytes <-> 37 pkts/3907 bytes][Goodput ratio: 45/49][1042.88 sec][bytes ratio: 0.060 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/15 27924/26022 60088/60136 29301/29455][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 108/106 585/731 114/151][TCP Fingerprint: 2_255_4608_287a07a47787/Unknown][PLAIN TEXT (05CA02AC4414028)][Plen Bins: 0,25,0,6,6,31,0,0,0,6,0,0,6,0,0,0,6,0,0,6,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 8 TCP 192.168.242.15:63349 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][Stack: NestLogSink][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 8][cat: Cloud/13][Breed: Acceptable][28 pkts/3254 bytes <-> 24 pkts/3040 bytes][Goodput ratio: 50/57][602.97 sec][bytes ratio: 0.034 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 4/14 24649/24894 60122/60151 29303/29368][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 116/127 584/732 117/181][TCP Fingerprint: 2_255_4608_287a07a47787/Unknown][PLAIN TEXT (05CA02AC4414028)][Plen Bins: 0,28,0,7,7,21,7,0,0,7,0,0,0,0,0,0,7,0,0,7,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 9 TCP 192.168.242.15:63350 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][Stack: NestLogSink][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 8][cat: Cloud/13][Breed: Acceptable][18 pkts/2655 bytes <-> 14 pkts/2499 bytes][Goodput ratio: 61/70][153.64 sec][bytes ratio: 0.030 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 7/15 10960/13629 60124/60155 21488/24847][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 148/178 585/731 137/222][TCP Fingerprint: 2_255_4608_287a07a47787/Unknown][PLAIN TEXT (05CA02AC4414028)][Plen Bins: 0,28,0,7,7,21,7,0,0,7,0,0,0,0,0,0,7,0,0,7,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 10 TCP 192.168.242.15:63340 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][Stack: NestLogSink][IP: 265/AmazonAWS][ClearText][Confidence: Match by port][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 32][cat: Cloud/13][Breed: Acceptable][42 pkts/2576 bytes <-> 41 pkts/2214 bytes][Goodput ratio: 2/0][1615.16 sec][bytes ratio: 0.076 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/143 39827/40755 60071/60122 27934/27880][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 61/54 116/54 9/0][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 5 TCP 192.168.242.15:63343 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][Stack: NestLogSink][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 8][cat: Cloud/13][Breed: Acceptable][60 pkts/5549 bytes <-> 56 pkts/5094 bytes][Goodput ratio: 36/41][1799.54 sec][bytes ratio: 0.043 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/16 33935/28187 60073/60075 29484/29645][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 92/91 585/731 97/126][TCP Fingerprint: 2_255_4608_287a07a47787/Unknown][PLAIN TEXT (05CA02AC4414028)][Plen Bins: 0,24,0,5,5,37,0,0,0,5,0,0,5,0,0,0,5,0,0,5,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 6 TCP 192.168.242.15:63352 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][Stack: NestLogSink][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 8][cat: Cloud/13][Breed: Acceptable][50 pkts/4894 bytes <-> 46 pkts/4392 bytes][Goodput ratio: 40/43][1508.66 sec][bytes ratio: 0.054 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 4/17 33170/30242 60184/60262 29630/29816][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 98/95 586/730 105/136][TCP Fingerprint: 2_255_4608_287a07a47787/Unknown][PLAIN TEXT (05CA02AC4414028)][Plen Bins: 0,21,0,6,6,34,0,0,0,6,0,0,6,0,0,0,6,0,0,6,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 7 TCP 192.168.242.15:63346 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][Stack: NestLogSink][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 8][cat: Cloud/13][Breed: Acceptable][41 pkts/4409 bytes <-> 37 pkts/3907 bytes][Goodput ratio: 45/49][1042.88 sec][bytes ratio: 0.060 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/15 27924/26022 60088/60136 29301/29455][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 108/106 585/731 114/151][TCP Fingerprint: 2_255_4608_287a07a47787/Unknown][PLAIN TEXT (05CA02AC4414028)][Plen Bins: 0,25,0,6,6,31,0,0,0,6,0,0,6,0,0,0,6,0,0,6,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 8 TCP 192.168.242.15:63349 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][Stack: NestLogSink][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 8][cat: Cloud/13][Breed: Acceptable][28 pkts/3254 bytes <-> 24 pkts/3040 bytes][Goodput ratio: 50/57][602.97 sec][bytes ratio: 0.034 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 4/14 24649/24894 60122/60151 29303/29368][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 116/127 584/732 117/181][TCP Fingerprint: 2_255_4608_287a07a47787/Unknown][PLAIN TEXT (05CA02AC4414028)][Plen Bins: 0,28,0,7,7,21,7,0,0,7,0,0,0,0,0,0,7,0,0,7,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 9 TCP 192.168.242.15:63350 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][Stack: NestLogSink][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 8][cat: Cloud/13][Breed: Acceptable][18 pkts/2655 bytes <-> 14 pkts/2499 bytes][Goodput ratio: 61/70][153.64 sec][bytes ratio: 0.030 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 7/15 10960/13629 60124/60155 21488/24847][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 148/178 585/731 137/222][TCP Fingerprint: 2_255_4608_287a07a47787/Unknown][PLAIN TEXT (05CA02AC4414028)][Plen Bins: 0,28,0,7,7,21,7,0,0,7,0,0,0,0,0,0,7,0,0,7,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 10 TCP 192.168.242.15:63340 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][Stack: NestLogSink][IP: 461/AWS_EC2][ClearText][Confidence: Match by port][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 32][cat: Cloud/13][Breed: Acceptable][42 pkts/2576 bytes <-> 41 pkts/2214 bytes][Goodput ratio: 2/0][1615.16 sec][bytes ratio: 0.076 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/143 39827/40755 60071/60122 27934/27880][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 61/54 116/54 9/0][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
11 TCP 192.168.242.15:63344 <-> 35.188.154.186:11095 [proto: 43/NestLogSink][Stack: NestLogSink][IP: 284/GoogleCloud][ClearText][Confidence: DPI][FPC: 284/GoogleCloud, Confidence: IP address][DPI packets: 9][cat: Cloud/13][Breed: Acceptable][11 pkts/2565 bytes <-> 10 pkts/1389 bytes][Goodput ratio: 76/61][5.29 sec][bytes ratio: 0.297 (Upload)][IAT c2s/s2c min/avg/max/stddev: 61/0 640/729 2711/3410 865/1202][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 233/139 584/732 217/199][TCP Fingerprint: 2_255_4608_287a07a47787/Unknown][PLAIN TEXT (05CA02AC4414028)][Plen Bins: 0,40,10,0,0,0,0,0,0,10,0,0,0,0,10,0,20,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
12 TCP 192.168.242.15:63347 <-> 35.188.154.186:11095 [proto: 43/NestLogSink][Stack: NestLogSink][IP: 284/GoogleCloud][ClearText][Confidence: DPI][FPC: 284/GoogleCloud, Confidence: IP address][DPI packets: 8][cat: Cloud/13][Breed: Acceptable][10 pkts/1983 bytes <-> 10 pkts/1390 bytes][Goodput ratio: 71/61][2.81 sec][bytes ratio: 0.176 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 63/0 342/349 1182/1489 363/517][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 198/139 586/733 195/200][TCP Fingerprint: 2_255_4608_287a07a47787/Unknown][PLAIN TEXT (05CA02AC4414028)][Plen Bins: 0,44,11,0,0,0,0,0,0,11,0,0,0,0,11,0,11,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
13 TCP 192.168.242.15:63353 <-> 35.188.154.186:11095 [proto: 43/NestLogSink][Stack: NestLogSink][IP: 284/GoogleCloud][ClearText][Confidence: DPI][FPC: 284/GoogleCloud, Confidence: IP address][DPI packets: 8][cat: Cloud/13][Breed: Acceptable][10 pkts/1983 bytes <-> 10 pkts/1389 bytes][Goodput ratio: 71/61][2.65 sec][bytes ratio: 0.176 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 70/0 321/348 1162/1502 366/527][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 198/139 586/732 195/199][TCP Fingerprint: 2_255_4608_287a07a47787/Unknown][PLAIN TEXT (05CA02AC4414028)][Plen Bins: 0,44,11,0,0,0,0,0,0,11,0,0,0,0,11,0,11,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/netease_games.pcapng.out b/tests/cfgs/default/result/netease_games.pcapng.out
index 514f52590..2dc72de0f 100644
--- a/tests/cfgs/default/result/netease_games.pcapng.out
+++ b/tests/cfgs/default/result/netease_games.pcapng.out
@@ -35,7 +35,7 @@ JA Host Stats:
1 192.168.88.231 1
- 1 TCP 192.168.88.231:50402 <-> 35.73.71.94:443 [proto: 91.402/TLS.NetEaseGames][Stack: TLS.NetEaseGames][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 402/NetEaseGames, Confidence: DNS][DPI packets: 6][cat: Game/8][Breed: Fun][3 pkts/723 bytes <-> 3 pkts/302 bytes][Goodput ratio: 71/32][0.56 sec][Hostname/SNI: data-detect.nie.easebar.com][bytes ratio: 0.411 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 140/140 280/281 140/140][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 241/101 583/162 242/43][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][TCP Fingerprint: 2_64_32120_2e3cee914fc1/Linux][TLSv1.2][JA4: t12d600600_a54dbbc9e493_8587f467d9ea][JA3S: 704239182a9091e4453fdbfe0fd17586][Firefox][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 1 TCP 192.168.88.231:50402 <-> 35.73.71.94:443 [proto: 91.402/TLS.NetEaseGames][Stack: TLS.NetEaseGames][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 402/NetEaseGames, Confidence: DNS][DPI packets: 6][cat: Game/8][Breed: Fun][3 pkts/723 bytes <-> 3 pkts/302 bytes][Goodput ratio: 71/32][0.56 sec][Hostname/SNI: data-detect.nie.easebar.com][bytes ratio: 0.411 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 140/140 280/281 140/140][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 241/101 583/162 242/43][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][TCP Fingerprint: 2_64_32120_2e3cee914fc1/Linux][TLSv1.2][JA4: t12d600600_a54dbbc9e493_8587f467d9ea][JA3S: 704239182a9091e4453fdbfe0fd17586][Firefox][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 UDP 192.168.88.231:58951 <-> 34.141.75.90:28203 [proto: 402/NetEaseGames][Stack: NetEaseGames][IP: 284/GoogleCloud][ClearText][Confidence: DPI][FPC: 402/NetEaseGames, Confidence: DPI][DPI packets: 1][cat: Game/8][Breed: Fun][3 pkts/339 bytes <-> 2 pkts/414 bytes][Goodput ratio: 63/80][< 1 sec][PLAIN TEXT (9251381)][Plen Bins: 0,40,20,20,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 UDP 192.168.88.231:49377 <-> 172.17.8.75:53 [proto: 5/DNS][Stack: DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 3][cat: Network/14][Breed: Acceptable][2 pkts/174 bytes <-> 2 pkts/398 bytes][Goodput ratio: 51/79][0.06 sec][Hostname/SNI: data-detect.nie.easebar.com][35.73.71.94][DNS Id: 0xe08d][PLAIN TEXT (detect)][Plen Bins: 0,50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 UDP 192.168.88.231:56588 <-> 35.246.207.19:4513 [proto: 402/NetEaseGames][Stack: NetEaseGames][IP: 284/GoogleCloud][ClearText][Confidence: DPI][FPC: 402/NetEaseGames, Confidence: DPI][DPI packets: 1][cat: Game/8][Breed: Fun][2 pkts/108 bytes <-> 1 pkts/60 bytes][Goodput ratio: 22/20][0.04 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/netflix.pcap.out b/tests/cfgs/default/result/netflix.pcap.out
index 8746f1573..681ce0a7b 100644
--- a/tests/cfgs/default/result/netflix.pcap.out
+++ b/tests/cfgs/default/result/netflix.pcap.out
@@ -50,49 +50,49 @@ JA Host Stats:
1 TCP 192.168.1.7:53171 <-> 23.246.3.140:80 [proto: 7/HTTP][Stack: HTTP][IP: 133/NetFlix][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: IP address][DPI packets: 5][cat: Download/7][Breed: Acceptable][21 pkts/1868 bytes <-> 34 pkts/45139 bytes][Goodput ratio: 19/95][2.09 sec][Hostname/SNI: 23.246.3.140][bytes ratio: -0.921 (Download)][IAT c2s/s2c min/avg/max/stddev: 5/2 70/47 708/633 171/121][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 89/1328 420/1514 75/457][URL: 23.246.3.140/range/0-65535?o=AQEfKq2oMrLRiWL-p-VeIZ6WKRq-X6LMvaLqgxWBCuFbh09MpreORUUOO5Tx1683HPnLY6BPjN_9mlDuYihGZoXu9u0ozH8RFioBN_JDNiRscidjvoSdWmlyZgPNansW0lkBr4X81HvloOi8BS_exVSPhMyJQTB5bg&v=3&e=1484347850&t=-8u4vlcPuFqcOLnLyb9DDtK-bB4&random=357509657][StatusCode: 200][Content-Type: application/octet-stream][Server: nginx][User-Agent: netflix-ios-app][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** Binary File/Data Transfer (Attempt) **][Risk Score: 60][Risk Info: Found binary mime octet-stream / Found host 23.246.3.140][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GET /range/0)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,90,0,0]
2 TCP 192.168.1.7:53148 <-> 184.25.204.25:80 [proto: 7.133/HTTP.NetFlix][Stack: HTTP.NetFlix][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 6][cat: Video/26][Breed: Fun][31 pkts/2893 bytes <-> 32 pkts/44112 bytes][Goodput ratio: 17/95][42.46 sec][Hostname/SNI: art-2.nflximg.net][bytes ratio: -0.877 (Download)][IAT c2s/s2c min/avg/max/stddev: 11/0 425/43 3643/161 850/35][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 93/1378 312/1514 59/421][URL: art-2.nflximg.net/af7a5/362643424e775d0393ddb46e145c2375367af7a5.webp][StatusCode: 200][Content-Type: image/webp][Server: AmazonS3][User-Agent: Argo/9.1.0 (iPhone; iOS 10.2; Scale/2.00)][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GET /af)][Plen Bins: 0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,93,0,0]
3 TCP 192.168.1.7:53163 <-> 23.246.11.145:80 [proto: 7/HTTP][Stack: HTTP][IP: 133/NetFlix][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: IP address][DPI packets: 5][cat: Download/7][Breed: Acceptable][21 pkts/1826 bytes <-> 32 pkts/43179 bytes][Goodput ratio: 19/95][1.58 sec][Hostname/SNI: 23.246.11.145][bytes ratio: -0.919 (Download)][IAT c2s/s2c min/avg/max/stddev: 3/4 53/52 354/582 87/111][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 87/1349 422/1514 75/443][URL: 23.246.11.145/range/0-65535?o=AQEfKq2oMrLRiWL-p-VeIZ6WKRq-X6LMvaLqgxWBCuFbh09MpreORUUOO5Tx1683HPnLY6BPjN_9mlDuYihGZoXu9u0ozH8RFioBN_JDNiRscidjvoSdWmlyZgPNansW0lkBr4X81HvloOi8BS_exVSPhMyJQTB5bg&v=3&e=1484347850&t=5xfYVtna3GdYXL71uNs6DZ-X84Y&random=39307082][StatusCode: 200][Content-Type: application/octet-stream][Server: nginx][User-Agent: netflix-ios-app][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** Binary File/Data Transfer (Attempt) **][Risk Score: 60][Risk Info: Found binary mime octet-stream / Found host 23.246.11.145][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GET /range/0)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,93,0,0]
- 4 TCP 192.168.1.7:53133 <-> 52.89.39.139:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][30 pkts/6328 bytes <-> 39 pkts/37610 bytes][Goodput ratio: 69/93][38.50 sec][Hostname/SNI: api-global.netflix.com][bytes ratio: -0.712 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1640/1232 30390/30443 6288/5475][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 211/964 1514/1514 376/637][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: 15361284fb021f89cd17f0128d681563][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d190700_b5dc49c6fcca_3304d8368043][ServerNames: api-latam.netflix.com,htmltvui.netflix.com,api-eu.netflix.com,uiboot.netflix.com,api-global.netflix.com,api-user.netflix.com,api-us.netflix.com,api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=api.netflix.com][Certificate SHA-1: FC:5B:F6:86:AE:E5:22:0D:60:0C:C3:DF:8F:02:80:3F:A3:60:0E:3C][Firefox][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 5,5,5,0,2,2,5,0,0,0,0,0,0,0,2,2,0,0,0,2,0,2,0,0,0,0,0,0,0,2,5,0,0,0,0,0,0,0,0,0,0,0,2,0,0,57,0,0]
+ 4 TCP 192.168.1.7:53133 <-> 52.89.39.139:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][30 pkts/6328 bytes <-> 39 pkts/37610 bytes][Goodput ratio: 69/93][38.50 sec][Hostname/SNI: api-global.netflix.com][bytes ratio: -0.712 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1640/1232 30390/30443 6288/5475][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 211/964 1514/1514 376/637][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: 15361284fb021f89cd17f0128d681563][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d190700_b5dc49c6fcca_3304d8368043][ServerNames: api-latam.netflix.com,htmltvui.netflix.com,api-eu.netflix.com,uiboot.netflix.com,api-global.netflix.com,api-user.netflix.com,api-us.netflix.com,api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=api.netflix.com][Certificate SHA-1: FC:5B:F6:86:AE:E5:22:0D:60:0C:C3:DF:8F:02:80:3F:A3:60:0E:3C][Firefox][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 5,5,5,0,2,2,5,0,0,0,0,0,0,0,2,2,0,0,0,2,0,2,0,0,0,0,0,0,0,2,5,0,0,0,0,0,0,0,0,0,0,0,2,0,0,57,0,0]
5 TCP 192.168.1.7:53252 <-> 184.25.204.10:80 [proto: 7.133/HTTP.NetFlix][Stack: HTTP.NetFlix][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Video/26][Breed: Fun][12 pkts/1221 bytes <-> 29 pkts/41018 bytes][Goodput ratio: 20/95][1.39 sec][Hostname/SNI: art-1.nflximg.net][bytes ratio: -0.942 (Download)][IAT c2s/s2c min/avg/max/stddev: 11/0 28/35 45/81 10/18][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 102/1414 311/1514 64/366][URL: art-1.nflximg.net/8b1fa/eaa1b78cd72ca4dbdcab527691d2fcab37c8b1fa.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: AmazonS3][User-Agent: Argo/9.1.0 (iPhone; iOS 10.2; Scale/2.00)][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GET /8b)][Plen Bins: 0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,96,0,0]
6 TCP 192.168.1.7:53179 <-> 23.246.11.141:80 [proto: 7/HTTP][Stack: HTTP][IP: 133/NetFlix][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: IP address][DPI packets: 5][cat: Download/7][Breed: Acceptable][31 pkts/2596 bytes <-> 29 pkts/37544 bytes][Goodput ratio: 14/95][7.33 sec][Hostname/SNI: 23.246.11.141][bytes ratio: -0.871 (Download)][IAT c2s/s2c min/avg/max/stddev: 2/0 267/77 1392/465 372/115][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 84/1295 424/1514 63/489][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJJiXLBugGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThpPflHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=JqTg0NiANIn4-aRwn3uKtWdoQ7M&random=114897][StatusCode: 200][Content-Type: application/octet-stream][Server: nginx][User-Agent: netflix-ios-app][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** Binary File/Data Transfer (Attempt) **][Risk Score: 60][Risk Info: Found binary mime octet-stream / Found host 23.246.11.141][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (czGET /range/0)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,89,0,0]
7 TCP 192.168.1.7:53251 <-> 184.25.204.10:80 [proto: 7.133/HTTP.NetFlix][Stack: HTTP.NetFlix][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Video/26][Breed: Fun][16 pkts/1558 bytes <-> 25 pkts/33413 bytes][Goodput ratio: 31/95][2.07 sec][Hostname/SNI: art-1.nflximg.net][bytes ratio: -0.911 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 166/94 1389/1416 394/300][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 97/1337 311/1514 81/428][URL: art-1.nflximg.net/4e36d/6289889020d6cc6dfb3038c35564a41e1ca4e36d.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: AmazonS3][User-Agent: Argo/9.1.0 (iPhone; iOS 10.2; Scale/2.00)][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GET /4e)][Plen Bins: 0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,4,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,84,0,0]
- 8 TCP 192.168.1.7:53151 <-> 54.201.191.132:80 [proto: 7.133/HTTP.NetFlix][Stack: HTTP.NetFlix][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 10][cat: Video/26][Breed: Fun][15 pkts/3626 bytes <-> 26 pkts/29544 bytes][Goodput ratio: 72/94][31.31 sec][Hostname/SNI: appboot.netflix.com][bytes ratio: -0.781 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3092/21 30728/135 9212/28][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 242/1136 1514/1514 405/584][URL: appboot.netflix.com/appboot/NFAPPL-02-][StatusCode: 200][Req Content-Type: application/x-www-form-urlencoded][Content-Type: application/x-msl+json][Server: appboot-:7001 i-0b273b4c40f4e78a3][User-Agent: Argo/900 CFNetwork/808.2.16 Darwin/16.3.0][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (POST /appboot/NFAPPL)][Plen Bins: 0,0,0,0,0,0,0,0,0,4,4,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,4,0,0,0,4,0,0,0,0,0,0,0,4,0,0,0,0,0,0,75,0,0]
+ 8 TCP 192.168.1.7:53151 <-> 54.201.191.132:80 [proto: 7.133/HTTP.NetFlix][Stack: HTTP.NetFlix][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 10][cat: Video/26][Breed: Fun][15 pkts/3626 bytes <-> 26 pkts/29544 bytes][Goodput ratio: 72/94][31.31 sec][Hostname/SNI: appboot.netflix.com][bytes ratio: -0.781 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3092/21 30728/135 9212/28][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 242/1136 1514/1514 405/584][URL: appboot.netflix.com/appboot/NFAPPL-02-][StatusCode: 200][Req Content-Type: application/x-www-form-urlencoded][Content-Type: application/x-msl+json][Server: appboot-:7001 i-0b273b4c40f4e78a3][User-Agent: Argo/900 CFNetwork/808.2.16 Darwin/16.3.0][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (POST /appboot/NFAPPL)][Plen Bins: 0,0,0,0,0,0,0,0,0,4,4,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,4,0,0,0,4,0,0,0,0,0,0,0,4,0,0,0,0,0,0,75,0,0]
9 TCP 192.168.1.7:53182 <-> 23.246.11.141:80 [proto: 7/HTTP][Stack: HTTP][IP: 133/NetFlix][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: IP address][DPI packets: 5][cat: Download/7][Breed: Acceptable][33 pkts/2732 bytes <-> 25 pkts/30064 bytes][Goodput ratio: 13/94][7.16 sec][Hostname/SNI: 23.246.11.141][bytes ratio: -0.833 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 254/199 1162/1131 295/282][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 83/1203 424/1514 61/564][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJZ2VKhqgGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzTho_flHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=LQ7LyXSnZaXKEHAHaRRHk-S7dKE&random=420981][StatusCode: 200][Content-Type: application/octet-stream][Server: nginx][User-Agent: netflix-ios-app][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** Binary File/Data Transfer (Attempt) **][Risk Score: 60][Risk Info: Found binary mime octet-stream / Found host 23.246.11.141][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GET /range/0)][Plen Bins: 4,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,83,0,0]
10 TCP 192.168.1.7:53173 <-> 23.246.11.133:80 [proto: 7/HTTP][Stack: HTTP][IP: 133/NetFlix][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: IP address][DPI packets: 5][cat: Download/7][Breed: Acceptable][24 pkts/2041 bytes <-> 25 pkts/30064 bytes][Goodput ratio: 17/94][5.93 sec][Hostname/SNI: 23.246.11.133][bytes ratio: -0.873 (Download)][IAT c2s/s2c min/avg/max/stddev: 4/4 245/165 985/775 248/180][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 85/1203 423/1514 71/564][URL: 23.246.11.133/range/0-65535?o=AQEfKq2oMrLRiWL1ouVaJZ2bLBChGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_ngHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=SixKQmLLJNvShj-pfML-2h4QaqQ&random=727666][StatusCode: 200][Content-Type: application/octet-stream][Server: nginx][User-Agent: netflix-ios-app][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** Binary File/Data Transfer (Attempt) **][Risk Score: 60][Risk Info: Found binary mime octet-stream / Found host 23.246.11.133][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GET /range/0)][Plen Bins: 4,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,83,0,0]
11 TCP 192.168.1.7:53175 <-> 23.246.11.141:80 [proto: 7/HTTP][Stack: HTTP][IP: 133/NetFlix][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: IP address][DPI packets: 5][cat: Download/7][Breed: Acceptable][31 pkts/2571 bytes <-> 22 pkts/28042 bytes][Goodput ratio: 14/95][7.15 sec][Hostname/SNI: 23.246.11.141][bytes ratio: -0.832 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/4 265/326 1355/1382 337/387][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 83/1275 423/1514 62/517][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJJ2TLhuiGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThpP7lHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=Dh278u2UpApOCGUj5RxV8azNWX8&random=323765][StatusCode: 200][Content-Type: application/octet-stream][Server: nginx][User-Agent: netflix-ios-app][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** Binary File/Data Transfer (Attempt) **][Risk Score: 60][Risk Info: Found binary mime octet-stream / Found host 23.246.11.141][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GET /range/0)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,90,0,0]
- 12 TCP 192.168.1.7:53239 <-> 52.41.30.5:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][22 pkts/6384 bytes <-> 26 pkts/23277 bytes][Goodput ratio: 77/93][1.73 sec][Hostname/SNI: api-global.netflix.com][(Advertised) ALPNs: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: -0.570 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 48/42 437/291 101/61][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 290/895 1514/1514 442/626][nDPI Fingerprint: c09146840233f2d01024016e84e44fa3][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d1910h2_b5dc49c6fcca_f44caba5725b][ServerNames: api-latam.netflix.com,htmltvui.netflix.com,api-eu.netflix.com,uiboot.netflix.com,api-global.netflix.com,api-user.netflix.com,api-us.netflix.com,api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=api.netflix.com][Certificate SHA-1: FC:5B:F6:86:AE:E5:22:0D:60:0C:C3:DF:8F:02:80:3F:A3:60:0E:3C][Firefox][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 3,10,3,0,0,0,3,0,0,0,0,0,3,6,0,0,3,0,0,3,0,3,0,3,0,0,0,0,0,0,3,0,3,0,0,0,0,0,0,0,0,0,0,3,0,47,0,0]
+ 12 TCP 192.168.1.7:53239 <-> 52.41.30.5:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][22 pkts/6384 bytes <-> 26 pkts/23277 bytes][Goodput ratio: 77/93][1.73 sec][Hostname/SNI: api-global.netflix.com][(Advertised) ALPNs: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: -0.570 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 48/42 437/291 101/61][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 290/895 1514/1514 442/626][nDPI Fingerprint: c09146840233f2d01024016e84e44fa3][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d1910h2_b5dc49c6fcca_f44caba5725b][ServerNames: api-latam.netflix.com,htmltvui.netflix.com,api-eu.netflix.com,uiboot.netflix.com,api-global.netflix.com,api-user.netflix.com,api-us.netflix.com,api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=api.netflix.com][Certificate SHA-1: FC:5B:F6:86:AE:E5:22:0D:60:0C:C3:DF:8F:02:80:3F:A3:60:0E:3C][Firefox][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 3,10,3,0,0,0,3,0,0,0,0,0,3,6,0,0,3,0,0,3,0,3,0,3,0,0,0,0,0,0,3,0,3,0,0,0,0,0,0,0,0,0,0,3,0,47,0,0]
13 TCP 192.168.1.7:53177 <-> 23.246.11.141:80 [proto: 7/HTTP][Stack: HTTP][IP: 133/NetFlix][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: IP address][DPI packets: 5][cat: Download/7][Breed: Acceptable][32 pkts/2572 bytes <-> 23 pkts/26661 bytes][Goodput ratio: 14/94][7.05 sec][Hostname/SNI: 23.246.11.141][bytes ratio: -0.824 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 248/271 635/1046 213/317][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 80/1159 426/1514 62/603][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQIpyTIBGjGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_biCFrUjHWqh5ipQCtzf4OVWQ&v=3&e=1484347850&t=8Z78vL2i9OzihCA3M1LinMYcMY4&random=2386][StatusCode: 200][Content-Type: application/octet-stream][Server: nginx][User-Agent: netflix-ios-app][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** Binary File/Data Transfer (Attempt) **][Risk Score: 60][Risk Info: Found binary mime octet-stream / Found host 23.246.11.141][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (fGET /range/0)][Plen Bins: 0,5,0,0,0,0,0,0,0,0,0,5,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,80,0,0]
14 TCP 192.168.1.7:53176 <-> 23.246.11.141:80 [proto: 7/HTTP][Stack: HTTP][IP: 133/NetFlix][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: IP address][DPI packets: 5][cat: Download/7][Breed: Acceptable][36 pkts/3030 bytes <-> 21 pkts/25455 bytes][Goodput ratio: 12/95][8.05 sec][Hostname/SNI: 23.246.11.141][bytes ratio: -0.787 (Download)][IAT c2s/s2c min/avg/max/stddev: 5/4 258/237 1250/1203 331/381][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 84/1212 424/1514 58/551][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJJqTIRqhGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_vlHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=TnP59JB1wb5UTOCr0m-KQU2kGPo&random=413473][StatusCode: 200][Content-Type: application/octet-stream][Server: nginx][User-Agent: netflix-ios-app][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** Binary File/Data Transfer (Attempt) **][Risk Score: 60][Risk Info: Found binary mime octet-stream / Found host 23.246.11.141][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GET /range/0)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,84,0,0]
15 TCP 192.168.1.7:53180 <-> 23.246.11.141:80 [proto: 7/HTTP][Stack: HTTP][IP: 133/NetFlix][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: IP address][DPI packets: 5][cat: Download/7][Breed: Acceptable][34 pkts/2864 bytes <-> 21 pkts/25456 bytes][Goodput ratio: 13/95][5.76 sec][Hostname/SNI: 23.246.11.141][bytes ratio: -0.798 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 168/223 1162/1317 246/337][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 84/1212 426/1514 60/551][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJ5yTLBCkGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_3mCFrUjHWqh5ipQCtzf4OVWQ&v=3&e=1484347850&t=r5jtnnEcR8hDCkPImfEiWqWAjKk&random=1846][StatusCode: 200][Content-Type: application/octet-stream][Server: nginx][User-Agent: netflix-ios-app][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** Binary File/Data Transfer (Attempt) **][Risk Score: 60][Risk Info: Found binary mime octet-stream / Found host 23.246.11.141][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GET /range/0)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,84,0,0]
16 TCP 192.168.1.7:53178 <-> 23.246.11.141:80 [proto: 7/HTTP][Stack: HTTP][IP: 133/NetFlix][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: IP address][DPI packets: 5][cat: Download/7][Breed: Acceptable][30 pkts/2553 bytes <-> 22 pkts/25510 bytes][Goodput ratio: 14/94][7.56 sec][Hostname/SNI: 23.246.11.141][bytes ratio: -0.818 (Download)][IAT c2s/s2c min/avg/max/stddev: 3/4 298/146 1317/530 354/131][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 85/1160 423/1514 63/590][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJJmULRajGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThpfblHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=zezrDJDQvgO2TiYC1dT3imH4QC8&random=169467][StatusCode: 200][Content-Type: application/octet-stream][Server: nginx][User-Agent: netflix-ios-app][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** Binary File/Data Transfer (Attempt) **][Risk Score: 60][Risk Info: Found binary mime octet-stream / Found host 23.246.11.141][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GET /range/0)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,84,0,0]
- 17 TCP 192.168.1.7:53203 <-> 52.37.36.252:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][28 pkts/22704 bytes <-> 17 pkts/5248 bytes][Goodput ratio: 92/78][32.21 sec][Hostname/SNI: ichnaea.netflix.com][(Advertised) ALPNs: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: 0.624 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 48/84 332/331 94/95][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 811/309 1514/1514 700/493][nDPI Fingerprint: 4622f42680948581d3f684ed1e8246dd][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d1909h2_b5dc49c6fcca_2cdefc264be7][ServerNames: ichnaea.netflix.com,beacon.netflix.com,presentationtracking.netflix.com,nmtracking.netflix.com,customerevents.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=customerevents.netflix.com][Certificate SHA-1: 50:D6:DB:AF:1D:A3:83:52:E6:0E:15:8F:98:78:EE:2F:23:FD:E2:3F][Firefox][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 8,8,4,0,0,4,0,4,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,60,0,0]
- 18 TCP 192.168.1.7:53249 <-> 52.41.30.5:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 6][cat: Video/26][Breed: Fun][25 pkts/5934 bytes <-> 27 pkts/19952 bytes][Goodput ratio: 72/91][0.86 sec][Hostname/SNI: api-global.netflix.com][bytes ratio: -0.542 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 31/33 266/316 64/70][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 237/739 1514/1514 407/542][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: 15361284fb021f89cd17f0128d681563][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d190700_b5dc49c6fcca_3304d8368043][JA3S: 303951d4c50efb2e991652225a6f02b1][Firefox][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 3,3,0,0,3,3,3,0,0,0,0,3,0,3,3,7,0,0,7,7,3,3,0,3,0,0,0,0,0,3,0,0,0,0,0,0,0,0,3,0,0,3,0,0,0,30,0,0]
+ 17 TCP 192.168.1.7:53203 <-> 52.37.36.252:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][28 pkts/22704 bytes <-> 17 pkts/5248 bytes][Goodput ratio: 92/78][32.21 sec][Hostname/SNI: ichnaea.netflix.com][(Advertised) ALPNs: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: 0.624 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 48/84 332/331 94/95][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 811/309 1514/1514 700/493][nDPI Fingerprint: 4622f42680948581d3f684ed1e8246dd][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d1909h2_b5dc49c6fcca_2cdefc264be7][ServerNames: ichnaea.netflix.com,beacon.netflix.com,presentationtracking.netflix.com,nmtracking.netflix.com,customerevents.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=customerevents.netflix.com][Certificate SHA-1: 50:D6:DB:AF:1D:A3:83:52:E6:0E:15:8F:98:78:EE:2F:23:FD:E2:3F][Firefox][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 8,8,4,0,0,4,0,4,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,60,0,0]
+ 18 TCP 192.168.1.7:53249 <-> 52.41.30.5:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 6][cat: Video/26][Breed: Fun][25 pkts/5934 bytes <-> 27 pkts/19952 bytes][Goodput ratio: 72/91][0.86 sec][Hostname/SNI: api-global.netflix.com][bytes ratio: -0.542 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 31/33 266/316 64/70][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 237/739 1514/1514 407/542][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: 15361284fb021f89cd17f0128d681563][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d190700_b5dc49c6fcca_3304d8368043][JA3S: 303951d4c50efb2e991652225a6f02b1][Firefox][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 3,3,0,0,3,3,3,0,0,0,0,3,0,3,3,7,0,0,7,7,3,3,0,3,0,0,0,0,0,3,0,0,0,0,0,0,0,0,3,0,0,3,0,0,0,30,0,0]
19 TCP 192.168.1.7:53174 <-> 23.246.11.141:80 [proto: 7/HTTP][Stack: HTTP][IP: 133/NetFlix][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: IP address][DPI packets: 5][cat: Download/7][Breed: Acceptable][35 pkts/2920 bytes <-> 19 pkts/22428 bytes][Goodput ratio: 12/94][7.38 sec][Hostname/SNI: 23.246.11.141][bytes ratio: -0.770 (Download)][IAT c2s/s2c min/avg/max/stddev: 5/0 222/250 636/1132 227/337][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 83/1180 424/1514 59/570][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJpmQIRekGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThrvnlHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=mQfOf90-RY2Gd2ii20KJpCcYQVk&random=134564][StatusCode: 200][Content-Type: application/octet-stream][Server: nginx][User-Agent: netflix-ios-app][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** Binary File/Data Transfer (Attempt) **][Risk Score: 60][Risk Info: Found binary mime octet-stream / Found host 23.246.11.141][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GET /range/0)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,83,0,0]
20 TCP 192.168.1.7:53181 <-> 23.246.11.141:80 [proto: 7/HTTP][Stack: HTTP][IP: 133/NetFlix][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: IP address][DPI packets: 5][cat: Download/7][Breed: Acceptable][34 pkts/2879 bytes <-> 20 pkts/22373 bytes][Goodput ratio: 12/94][8.26 sec][Hostname/SNI: 23.246.11.141][bytes ratio: -0.772 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 238/289 1152/1208 301/406][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 85/1119 425/1514 60/614][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQLJ2TIBepGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThpPbiCFrUjHWqh5ipQCtzf4OVWQ&v=3&e=1484347850&t=tTXu3c6FnJtfi6z0IJp3hw8eDv8&random=1294][StatusCode: 200][Content-Type: application/octet-stream][Server: nginx][User-Agent: netflix-ios-app][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** Binary File/Data Transfer (Attempt) **][Risk Score: 60][Risk Info: Found binary mime octet-stream / Found host 23.246.11.141][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GET /range/0)][Plen Bins: 0,0,0,0,0,0,0,0,5,0,0,5,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,84,0,0]
21 TCP 192.168.1.7:53217 <-> 23.246.11.141:80 [proto: 7/HTTP][Stack: HTTP][IP: 133/NetFlix][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: IP address][DPI packets: 5][cat: Download/7][Breed: Acceptable][12 pkts/1831 bytes <-> 18 pkts/23224 bytes][Goodput ratio: 56/95][0.40 sec][Hostname/SNI: 23.246.11.141][bytes ratio: -0.854 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 13/22 30/71 10/19][Pkt Len c2s/s2c min/avg/max/stddev: 66/74 153/1290 584/1514 191/435][URL: 23.246.11.141/?o=AQEfKq2oMrLRiWL2puNQJJ2TLhuiGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThpP7lHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=Dh278u2UpApOCGUj5RxV8azNWX8][StatusCode: 206][Content-Type: application/octet-stream][Server: nginx][User-Agent: AppleCoreMedia/1.0.0.14C92 (iPhone; U; CPU OS 10_2 like Mac OS X; en_us)][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** Binary File/Data Transfer (Attempt) **][Risk Score: 60][Risk Info: Found binary mime octet-stream / Found host 23.246.11.141][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (oMrLRiWL2)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,5,5,5,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,74,0,0]
22 TCP 192.168.1.7:53172 <-> 23.246.11.133:80 [proto: 7/HTTP][Stack: HTTP][IP: 133/NetFlix][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: IP address][DPI packets: 5][cat: Download/7][Breed: Acceptable][30 pkts/2610 bytes <-> 20 pkts/22422 bytes][Goodput ratio: 14/94][7.09 sec][Hostname/SNI: 23.246.11.133][bytes ratio: -0.791 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 255/290 811/1178 267/325][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 87/1121 424/1514 63/611][URL: 23.246.11.133/range/0-65535?o=AQEfKq2oMrLRiWL1ouVaJpeQLBWjGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_7lHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=JfEef80K02ynIjLLoi-HZB1uQ10&random=247333][StatusCode: 200][Content-Type: application/octet-stream][Server: nginx][User-Agent: netflix-ios-app][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** Binary File/Data Transfer (Attempt) **][Risk Score: 60][Risk Info: Found binary mime octet-stream / Found host 23.246.11.133][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GET /range/0)][Plen Bins: 0,0,0,0,0,0,0,0,0,5,0,5,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,84,0,0]
23 TCP 192.168.1.7:53183 <-> 23.246.3.140:80 [proto: 7/HTTP][Stack: HTTP][IP: 133/NetFlix][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: IP address][DPI packets: 5][cat: Download/7][Breed: Acceptable][17 pkts/2227 bytes <-> 16 pkts/20481 bytes][Goodput ratio: 46/95][2.05 sec][Hostname/SNI: 23.246.3.140][bytes ratio: -0.804 (Download)][IAT c2s/s2c min/avg/max/stddev: 6/5 143/82 730/279 218/83][Pkt Len c2s/s2c min/avg/max/stddev: 66/74 131/1280 578/1514 162/436][URL: 23.246.3.140/?o=AQEfKq2oMrLRiWL-p-VeIZ6WKRq-X6LMvaLqgxWBCuFbh09MpreORUUOO5Tx1683HPnLY6BPjN_9mlDuYihGZoXu9u0ozH8RFioBN_JDNiRscidjvoSdWmlyZgPNansW0lkBr4X81HvloOi8BS_exVSPhMyJQTB5bg&v=3&e=1484347850&t=-8u4vlcPuFqcOLnLyb9DDtK-bB4][StatusCode: 206][Content-Type: application/octet-stream][Server: nginx][User-Agent: AppleCoreMedia/1.0.0.14C92 (iPhone; U; CPU OS 10_2 like Mac OS X; en_us)][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** Binary File/Data Transfer (Attempt) **][Risk Score: 60][Risk Info: Found binary mime octet-stream / Found host 23.246.3.140][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (oMrLRiWL)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,5,5,5,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,73,0,0]
- 24 TCP 192.168.1.7:53202 <-> 54.191.17.51:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][22 pkts/10686 bytes <-> 16 pkts/7850 bytes][Goodput ratio: 86/86][0.92 sec][Hostname/SNI: ios.nccp.netflix.com][bytes ratio: 0.153 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 46/54 282/127 72/35][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 486/491 1514/1514 603/610][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: d13b20842ba6aba0b08d1d9b953b074e][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d910600_383454ac02f4_8587f467d9ea][ServerNames: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: CN=Primary Certificate Authority (2009), ST=California, C=US, O=Netflix Inc, OU=Electronic Delivery, L=Los Gatos][Subject: CN=*.nccp.netflix.com, O=Netflix, Inc., OU=Operations, C=US, ST=California, L=Los Gatos][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Firefox][Validity: 2001-01-17 20:32:09 - 2018-03-24 20:32:09][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 10,15,0,5,0,0,0,0,0,0,5,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,5,0,0,0,5,0,0,0,0,0,0,5,37,0,0]
+ 24 TCP 192.168.1.7:53202 <-> 54.191.17.51:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][22 pkts/10686 bytes <-> 16 pkts/7850 bytes][Goodput ratio: 86/86][0.92 sec][Hostname/SNI: ios.nccp.netflix.com][bytes ratio: 0.153 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 46/54 282/127 72/35][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 486/491 1514/1514 603/610][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: d13b20842ba6aba0b08d1d9b953b074e][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d910600_383454ac02f4_8587f467d9ea][ServerNames: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: CN=Primary Certificate Authority (2009), ST=California, C=US, O=Netflix Inc, OU=Electronic Delivery, L=Los Gatos][Subject: CN=*.nccp.netflix.com, O=Netflix, Inc., OU=Operations, C=US, ST=California, L=Los Gatos][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Firefox][Validity: 2001-01-17 20:32:09 - 2018-03-24 20:32:09][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 10,15,0,5,0,0,0,0,0,0,5,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,5,0,0,0,5,0,0,0,0,0,0,5,37,0,0]
25 TCP 192.168.1.7:53153 <-> 184.25.204.24:80 [proto: 7.133/HTTP.NetFlix][Stack: HTTP.NetFlix][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Video/26][Breed: Fun][6 pkts/636 bytes <-> 13 pkts/16794 bytes][Goodput ratio: 34/95][0.87 sec][Hostname/SNI: tp.akam.nflximg.com][bytes ratio: -0.927 (Download)][IAT c2s/s2c min/avg/max/stddev: 2/27 41/71 80/192 29/49][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 106/1292 282/1514 79/521][URL: tp.akam.nflximg.com/tpa3/616/2041779616.bif][StatusCode: 200][Content-Type: text/plain][Server: Apache][User-Agent: Argo/900 CFNetwork/808.2.16 Darwin/16.3.0][Risk: ** HTTP Susp Content **][Risk Score: 100][Risk Info: Susp content 89424946][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GET /tpa3/616/2041779616.bif HT)][Plen Bins: 0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,91,0,0]
- 26 TCP 192.168.1.7:53152 <-> 52.89.39.139:80 [proto: 7.133/HTTP.NetFlix][Stack: HTTP.NetFlix][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 12][cat: Video/26][Breed: Fun][14 pkts/10001 bytes <-> 13 pkts/6504 bytes][Goodput ratio: 91/87][31.72 sec][Hostname/SNI: api-global.netflix.com][bytes ratio: 0.212 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/5 2877/42 31088/123 8921/33][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 714/500 1514/1514 676/651][URL: api-global.netflix.com/msl/nrdjs/2.1.2][Req Content-Type: application/x-www-form-urlencoded][User-Agent: Argo/900 CFNetwork/808.2.16 Darwin/16.3.0][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (POST /msl/nrdjs/2.1.2 HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9,0,0,0,9,0,0,0,0,72,0,0]
- 27 TCP 192.168.1.7:53162 <-> 54.191.17.51:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][18 pkts/5661 bytes <-> 13 pkts/9059 bytes][Goodput ratio: 79/90][1.01 sec][Hostname/SNI: ios.nccp.netflix.com][bytes ratio: -0.231 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 65/96 322/423 89/121][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 314/697 1514/1514 477/667][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: d13b20842ba6aba0b08d1d9b953b074e][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d910600_383454ac02f4_8587f467d9ea][ServerNames: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: CN=Primary Certificate Authority (2009), ST=California, C=US, O=Netflix Inc, OU=Electronic Delivery, L=Los Gatos][Subject: CN=*.nccp.netflix.com, O=Netflix, Inc., OU=Operations, C=US, ST=California, L=Los Gatos][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Firefox][Validity: 2001-01-17 20:32:09 - 2018-03-24 20:32:09][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 13,13,0,6,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,6,0,0,0,6,0,0,0,0,6,0,0,34,0,0]
- 28 TCP 192.168.1.7:53132 <-> 52.89.39.139:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][22 pkts/6028 bytes <-> 18 pkts/7459 bytes][Goodput ratio: 76/84][38.49 sec][Hostname/SNI: api-global.netflix.com][bytes ratio: -0.106 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2129/2946 30585/30636 7105/8237][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 274/414 1514/1514 437/546][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: 15361284fb021f89cd17f0128d681563][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d190700_b5dc49c6fcca_3304d8368043][ServerNames: api-latam.netflix.com,htmltvui.netflix.com,api-eu.netflix.com,uiboot.netflix.com,api-global.netflix.com,api-user.netflix.com,api-us.netflix.com,api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=api.netflix.com][Certificate SHA-1: FC:5B:F6:86:AE:E5:22:0D:60:0C:C3:DF:8F:02:80:3F:A3:60:0E:3C][Firefox][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 10,21,5,0,5,0,10,0,0,0,0,0,0,5,0,0,0,0,0,5,0,0,0,5,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,26,0,0]
+ 26 TCP 192.168.1.7:53152 <-> 52.89.39.139:80 [proto: 7.133/HTTP.NetFlix][Stack: HTTP.NetFlix][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 12][cat: Video/26][Breed: Fun][14 pkts/10001 bytes <-> 13 pkts/6504 bytes][Goodput ratio: 91/87][31.72 sec][Hostname/SNI: api-global.netflix.com][bytes ratio: 0.212 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/5 2877/42 31088/123 8921/33][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 714/500 1514/1514 676/651][URL: api-global.netflix.com/msl/nrdjs/2.1.2][Req Content-Type: application/x-www-form-urlencoded][User-Agent: Argo/900 CFNetwork/808.2.16 Darwin/16.3.0][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (POST /msl/nrdjs/2.1.2 HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9,0,0,0,9,0,0,0,0,72,0,0]
+ 27 TCP 192.168.1.7:53162 <-> 54.191.17.51:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][18 pkts/5661 bytes <-> 13 pkts/9059 bytes][Goodput ratio: 79/90][1.01 sec][Hostname/SNI: ios.nccp.netflix.com][bytes ratio: -0.231 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 65/96 322/423 89/121][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 314/697 1514/1514 477/667][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: d13b20842ba6aba0b08d1d9b953b074e][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d910600_383454ac02f4_8587f467d9ea][ServerNames: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: CN=Primary Certificate Authority (2009), ST=California, C=US, O=Netflix Inc, OU=Electronic Delivery, L=Los Gatos][Subject: CN=*.nccp.netflix.com, O=Netflix, Inc., OU=Operations, C=US, ST=California, L=Los Gatos][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Firefox][Validity: 2001-01-17 20:32:09 - 2018-03-24 20:32:09][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 13,13,0,6,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,6,0,0,0,6,0,0,0,0,6,0,0,34,0,0]
+ 28 TCP 192.168.1.7:53132 <-> 52.89.39.139:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][22 pkts/6028 bytes <-> 18 pkts/7459 bytes][Goodput ratio: 76/84][38.49 sec][Hostname/SNI: api-global.netflix.com][bytes ratio: -0.106 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2129/2946 30585/30636 7105/8237][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 274/414 1514/1514 437/546][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: 15361284fb021f89cd17f0128d681563][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d190700_b5dc49c6fcca_3304d8368043][ServerNames: api-latam.netflix.com,htmltvui.netflix.com,api-eu.netflix.com,uiboot.netflix.com,api-global.netflix.com,api-user.netflix.com,api-us.netflix.com,api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=api.netflix.com][Certificate SHA-1: FC:5B:F6:86:AE:E5:22:0D:60:0C:C3:DF:8F:02:80:3F:A3:60:0E:3C][Firefox][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 10,21,5,0,5,0,10,0,0,0,0,0,0,5,0,0,0,0,0,5,0,0,0,5,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,26,0,0]
29 TCP 192.168.1.7:53150 <-> 184.25.204.25:80 [proto: 7.133/HTTP.NetFlix][Stack: HTTP.NetFlix][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 6][cat: Video/26][Breed: Fun][10 pkts/941 bytes <-> 11 pkts/12318 bytes][Goodput ratio: 26/94][32.06 sec][Hostname/SNI: art-2.nflximg.net][bytes ratio: -0.858 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 4565/34 30963/63 10780/17][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 94/1120 311/1514 72/644][URL: art-2.nflximg.net/87b33/bed1223a0040fdc97bac4e906332e462c6e87b33.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: AmazonS3][User-Agent: Argo/9.1.0 (iPhone; iOS 10.2; Scale/2.00)][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GET /87)][Plen Bins: 0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,88,0,0]
30 TCP 192.168.1.7:53149 <-> 184.25.204.25:80 [proto: 7.133/HTTP.NetFlix][Stack: HTTP.NetFlix][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 6][cat: Video/26][Breed: Fun][6 pkts/653 bytes <-> 10 pkts/12252 bytes][Goodput ratio: 37/95][0.33 sec][Hostname/SNI: art-2.nflximg.net][bytes ratio: -0.899 (Download)][IAT c2s/s2c min/avg/max/stddev: 6/13 43/34 101/70 35/18][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 109/1225 311/1514 91/578][URL: art-2.nflximg.net/5758c/bb636e44b87ef854c331ed7b7b6e157e4945758c.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: AmazonS3][User-Agent: Argo/9.1.0 (iPhone; iOS 10.2; Scale/2.00)][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GET /5758)][Plen Bins: 0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,88,0,0]
- 31 TCP 192.168.1.7:53119 <-> 54.69.204.241:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][20 pkts/7639 bytes <-> 16 pkts/5235 bytes][Goodput ratio: 83/80][30.85 sec][Hostname/SNI: ichnaea.netflix.com][(Advertised) ALPNs: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: 0.187 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1923/16 30431/72 7361/24][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 382/327 1514/1514 559/501][nDPI Fingerprint: 4622f42680948581d3f684ed1e8246dd][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d1909h2_b5dc49c6fcca_2cdefc264be7][ServerNames: ichnaea.netflix.com,beacon.netflix.com,presentationtracking.netflix.com,nmtracking.netflix.com,customerevents.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=customerevents.netflix.com][Certificate SHA-1: 50:D6:DB:AF:1D:A3:83:52:E6:0E:15:8F:98:78:EE:2F:23:FD:E2:3F][Firefox][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 11,24,5,0,0,5,0,5,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,31,0,0]
+ 31 TCP 192.168.1.7:53119 <-> 54.69.204.241:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][20 pkts/7639 bytes <-> 16 pkts/5235 bytes][Goodput ratio: 83/80][30.85 sec][Hostname/SNI: ichnaea.netflix.com][(Advertised) ALPNs: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: 0.187 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1923/16 30431/72 7361/24][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 382/327 1514/1514 559/501][nDPI Fingerprint: 4622f42680948581d3f684ed1e8246dd][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d1909h2_b5dc49c6fcca_2cdefc264be7][ServerNames: ichnaea.netflix.com,beacon.netflix.com,presentationtracking.netflix.com,nmtracking.netflix.com,customerevents.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=customerevents.netflix.com][Certificate SHA-1: 50:D6:DB:AF:1D:A3:83:52:E6:0E:15:8F:98:78:EE:2F:23:FD:E2:3F][Firefox][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 11,24,5,0,0,5,0,5,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,31,0,0]
32 TCP 192.168.1.7:53184 <-> 23.246.11.141:80 [proto: 7/HTTP][Stack: HTTP][IP: 133/NetFlix][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: IP address][DPI packets: 5][cat: Download/7][Breed: Acceptable][9 pkts/1658 bytes <-> 10 pkts/11113 bytes][Goodput ratio: 62/94][0.68 sec][Hostname/SNI: 23.246.11.141][bytes ratio: -0.740 (Download)][IAT c2s/s2c min/avg/max/stddev: 2/5 73/76 356/206 117/70][Pkt Len c2s/s2c min/avg/max/stddev: 66/74 184/1111 581/1514 211/518][URL: 23.246.11.141/?o=AQEfKq2oMrLRiWL2puNQJJqTIRqhGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_vlHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=TnP59JB1wb5UTOCr0m-KQU2kGPo][StatusCode: 206][Content-Type: application/octet-stream][Server: nginx][User-Agent: AppleCoreMedia/1.0.0.14C92 (iPhone; U; CPU OS 10_2 like Mac OS X; en_us)][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** Binary File/Data Transfer (Attempt) **][Risk Score: 60][Risk Info: Found binary mime octet-stream / Found host 23.246.11.141][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (oMrLRiWL2)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9,9,9,9,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,54,0,0]
- 33 TCP 192.168.1.7:53118 <-> 54.69.204.241:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][19 pkts/7588 bytes <-> 15 pkts/5140 bytes][Goodput ratio: 83/81][30.38 sec][Hostname/SNI: ichnaea.netflix.com][(Advertised) ALPNs: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: 0.192 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2017/14 30033/55 7488/20][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 399/343 1514/1514 569/514][nDPI Fingerprint: 4622f42680948581d3f684ed1e8246dd][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d1909h2_b5dc49c6fcca_2cdefc264be7][ServerNames: ichnaea.netflix.com,beacon.netflix.com,presentationtracking.netflix.com,nmtracking.netflix.com,customerevents.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=customerevents.netflix.com][Certificate SHA-1: 50:D6:DB:AF:1D:A3:83:52:E6:0E:15:8F:98:78:EE:2F:23:FD:E2:3F][Firefox][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 12,18,6,0,0,6,0,6,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,31,0,0]
+ 33 TCP 192.168.1.7:53118 <-> 54.69.204.241:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][19 pkts/7588 bytes <-> 15 pkts/5140 bytes][Goodput ratio: 83/81][30.38 sec][Hostname/SNI: ichnaea.netflix.com][(Advertised) ALPNs: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: 0.192 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2017/14 30033/55 7488/20][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 399/343 1514/1514 569/514][nDPI Fingerprint: 4622f42680948581d3f684ed1e8246dd][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d1909h2_b5dc49c6fcca_2cdefc264be7][ServerNames: ichnaea.netflix.com,beacon.netflix.com,presentationtracking.netflix.com,nmtracking.netflix.com,customerevents.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=customerevents.netflix.com][Certificate SHA-1: 50:D6:DB:AF:1D:A3:83:52:E6:0E:15:8F:98:78:EE:2F:23:FD:E2:3F][Firefox][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 12,18,6,0,0,6,0,6,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,31,0,0]
34 TCP 192.168.1.7:53210 <-> 23.246.11.133:80 [proto: 7/HTTP][Stack: HTTP][IP: 133/NetFlix][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: IP address][DPI packets: 5][cat: Download/7][Breed: Acceptable][8 pkts/1564 bytes <-> 9 pkts/9556 bytes][Goodput ratio: 65/94][0.27 sec][Hostname/SNI: 23.246.11.133][bytes ratio: -0.719 (Download)][IAT c2s/s2c min/avg/max/stddev: 3/5 26/29 45/41 14/13][Pkt Len c2s/s2c min/avg/max/stddev: 66/74 196/1062 581/1514 221/531][URL: 23.246.11.133/?o=AQEfKq2oMrLRiWL1ouVaJpeQLBWjGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_7lHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=JfEef80K02ynIjLLoi-HZB1uQ10][StatusCode: 206][Content-Type: application/octet-stream][Server: nginx][User-Agent: AppleCoreMedia/1.0.0.14C92 (iPhone; U; CPU OS 10_2 like Mac OS X; en_us)][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** Binary File/Data Transfer (Attempt) **][Risk Score: 60][Risk Info: Found binary mime octet-stream / Found host 23.246.11.133][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (oMrLRiWL1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,10,20,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0]
- 35 TCP 192.168.1.7:53238 <-> 52.32.22.214:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][17 pkts/5528 bytes <-> 14 pkts/5406 bytes][Goodput ratio: 80/83][3.15 sec][Hostname/SNI: ios.nccp.netflix.com][bytes ratio: 0.011 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 218/303 2449/2522 645/743][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 325/386 1514/1514 478/534][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: d13b20842ba6aba0b08d1d9b953b074e][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d910600_383454ac02f4_8587f467d9ea][ServerNames: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: CN=Primary Certificate Authority (2009), ST=California, C=US, O=Netflix Inc, OU=Electronic Delivery, L=Los Gatos][Subject: CN=*.nccp.netflix.com, O=Netflix, Inc., OU=Operations, C=US, ST=California, L=Los Gatos][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Firefox][Validity: 2001-01-17 20:32:09 - 2018-03-24 20:32:09][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 13,21,6,6,0,0,0,6,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,6,0,0,0,0,0,0,6,0,0,0,0,21,0,0]
- 36 TCP 192.168.1.7:53116 <-> 52.32.196.36:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 7][cat: Video/26][Breed: Fun][11 pkts/3220 bytes <-> 11 pkts/7133 bytes][Goodput ratio: 77/90][0.34 sec][Hostname/SNI: api-global.netflix.com][(Advertised) ALPNs: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: -0.378 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 22/29 75/67 27/28][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 293/648 1514/1514 432/662][nDPI Fingerprint: 4622f42680948581d3f684ed1e8246dd][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d1909h2_b5dc49c6fcca_2cdefc264be7][ServerNames: api-latam.netflix.com,htmltvui.netflix.com,api-eu.netflix.com,uiboot.netflix.com,api-global.netflix.com,api-user.netflix.com,api-us.netflix.com,api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=api.netflix.com][Certificate SHA-1: FC:5B:F6:86:AE:E5:22:0D:60:0C:C3:DF:8F:02:80:3F:A3:60:0E:3C][Firefox][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 7,15,7,0,0,0,7,7,0,0,0,7,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,40,0,0]
- 37 TCP 192.168.1.7:53248 <-> 52.32.22.214:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][12 pkts/5165 bytes <-> 10 pkts/5074 bytes][Goodput ratio: 84/87][0.34 sec][Hostname/SNI: ios.nccp.netflix.com][bytes ratio: 0.009 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 31/31 85/65 31/27][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 430/507 1514/1514 533/591][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: d13b20842ba6aba0b08d1d9b953b074e][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d910600_383454ac02f4_8587f467d9ea][ServerNames: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: CN=Primary Certificate Authority (2009), ST=California, C=US, O=Netflix Inc, OU=Electronic Delivery, L=Los Gatos][Subject: CN=*.nccp.netflix.com, O=Netflix, Inc., OU=Operations, C=US, ST=California, L=Los Gatos][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Firefox][Validity: 2001-01-17 20:32:09 - 2018-03-24 20:32:09][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,25,0,8,0,0,0,0,8,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,8,0,0,0,0,0,8,0,0,0,0,0,25,0,0]
- 38 TCP 192.168.1.7:53105 <-> 54.69.204.241:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][21 pkts/3051 bytes <-> 16 pkts/6234 bytes][Goodput ratio: 55/83][31.02 sec][Hostname/SNI: ichnaea.netflix.com][(Advertised) ALPNs: spdy/3.1;spdy/3;http/1.1][bytes ratio: -0.343 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1820/45 30348/363 7132/103][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 145/390 422/1514 132/520][nDPI Fingerprint: d6616c767e56c5cc0cbd4e2f5e9c4a4c][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d1909s1_b5dc49c6fcca_2cdefc264be7][ServerNames: ichnaea.netflix.com,beacon.netflix.com,presentationtracking.netflix.com,nmtracking.netflix.com,customerevents.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=customerevents.netflix.com][Certificate SHA-1: 50:D6:DB:AF:1D:A3:83:52:E6:0E:15:8F:98:78:EE:2F:23:FD:E2:3F][Firefox][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 11,27,5,0,0,5,5,0,0,11,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0]
- 39 TCP 192.168.1.7:53193 <-> 54.191.17.51:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][10 pkts/5203 bytes <-> 6 pkts/3037 bytes][Goodput ratio: 87/87][0.31 sec][Hostname/SNI: ios.nccp.netflix.com][bytes ratio: 0.263 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 31/50 123/73 41/30][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 520/506 1514/1514 583/592][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: d13b20842ba6aba0b08d1d9b953b074e][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d910600_383454ac02f4_8587f467d9ea][ServerNames: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: CN=Primary Certificate Authority (2009), ST=California, C=US, O=Netflix Inc, OU=Electronic Delivery, L=Los Gatos][Subject: CN=*.nccp.netflix.com, O=Netflix, Inc., OU=Operations, C=US, ST=California, L=Los Gatos][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Firefox][Validity: 2001-01-17 20:32:09 - 2018-03-24 20:32:09][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,22,0,11,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,11,0,0,0,0,0,0,0,0,0,0,0,33,0,0]
- 40 TCP 192.168.1.7:53114 <-> 54.191.17.51:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][14 pkts/3109 bytes <-> 11 pkts/5119 bytes][Goodput ratio: 70/86][0.32 sec][Hostname/SNI: ios.nccp.netflix.com][bytes ratio: -0.244 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 24/22 72/63 26/25][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 222/465 1514/1514 382/579][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: d13b20842ba6aba0b08d1d9b953b074e][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d910600_383454ac02f4_8587f467d9ea][ServerNames: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: CN=Primary Certificate Authority (2009), ST=California, C=US, O=Netflix Inc, OU=Electronic Delivery, L=Los Gatos][Subject: CN=*.nccp.netflix.com, O=Netflix, Inc., OU=Operations, C=US, ST=California, L=Los Gatos][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Firefox][Validity: 2001-01-17 20:32:09 - 2018-03-24 20:32:09][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 16,25,0,8,0,0,0,0,8,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,25,0,0]
- 41 TCP 192.168.1.7:53134 <-> 52.89.39.139:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 6][cat: Video/26][Breed: Fun][14 pkts/3548 bytes <-> 11 pkts/4653 bytes][Goodput ratio: 74/84][30.77 sec][Hostname/SNI: api-global.netflix.com][bytes ratio: -0.135 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 29/22 143/79 43/29][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 253/423 1514/1514 422/512][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: 15361284fb021f89cd17f0128d681563][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d190700_b5dc49c6fcca_3304d8368043][JA3S: 303951d4c50efb2e991652225a6f02b1][Firefox][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 18,9,0,0,9,0,9,0,0,0,0,0,9,0,0,0,0,0,9,0,0,0,0,0,0,0,0,0,9,0,0,0,0,0,0,0,0,0,0,9,0,0,0,0,0,18,0,0]
- 42 TCP 192.168.1.7:53115 <-> 52.32.196.36:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 7][cat: Video/26][Breed: Fun][16 pkts/1657 bytes <-> 12 pkts/5005 bytes][Goodput ratio: 36/84][30.93 sec][Hostname/SNI: api-global.netflix.com][(Advertised) ALPNs: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: -0.503 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2373/20 30602/58 8149/26][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 104/417 309/1514 78/548][nDPI Fingerprint: 4622f42680948581d3f684ed1e8246dd][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d1909h2_b5dc49c6fcca_2cdefc264be7][ServerNames: api-latam.netflix.com,htmltvui.netflix.com,api-eu.netflix.com,uiboot.netflix.com,api-global.netflix.com,api-user.netflix.com,api-us.netflix.com,api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=api.netflix.com][Certificate SHA-1: FC:5B:F6:86:AE:E5:22:0D:60:0C:C3:DF:8F:02:80:3F:A3:60:0E:3C][Firefox][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 15,23,15,0,0,0,7,15,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,15,0,0]
+ 35 TCP 192.168.1.7:53238 <-> 52.32.22.214:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][17 pkts/5528 bytes <-> 14 pkts/5406 bytes][Goodput ratio: 80/83][3.15 sec][Hostname/SNI: ios.nccp.netflix.com][bytes ratio: 0.011 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 218/303 2449/2522 645/743][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 325/386 1514/1514 478/534][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: d13b20842ba6aba0b08d1d9b953b074e][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d910600_383454ac02f4_8587f467d9ea][ServerNames: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: CN=Primary Certificate Authority (2009), ST=California, C=US, O=Netflix Inc, OU=Electronic Delivery, L=Los Gatos][Subject: CN=*.nccp.netflix.com, O=Netflix, Inc., OU=Operations, C=US, ST=California, L=Los Gatos][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Firefox][Validity: 2001-01-17 20:32:09 - 2018-03-24 20:32:09][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 13,21,6,6,0,0,0,6,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,6,0,0,0,0,0,0,6,0,0,0,0,21,0,0]
+ 36 TCP 192.168.1.7:53116 <-> 52.32.196.36:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 7][cat: Video/26][Breed: Fun][11 pkts/3220 bytes <-> 11 pkts/7133 bytes][Goodput ratio: 77/90][0.34 sec][Hostname/SNI: api-global.netflix.com][(Advertised) ALPNs: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: -0.378 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 22/29 75/67 27/28][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 293/648 1514/1514 432/662][nDPI Fingerprint: 4622f42680948581d3f684ed1e8246dd][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d1909h2_b5dc49c6fcca_2cdefc264be7][ServerNames: api-latam.netflix.com,htmltvui.netflix.com,api-eu.netflix.com,uiboot.netflix.com,api-global.netflix.com,api-user.netflix.com,api-us.netflix.com,api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=api.netflix.com][Certificate SHA-1: FC:5B:F6:86:AE:E5:22:0D:60:0C:C3:DF:8F:02:80:3F:A3:60:0E:3C][Firefox][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 7,15,7,0,0,0,7,7,0,0,0,7,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,40,0,0]
+ 37 TCP 192.168.1.7:53248 <-> 52.32.22.214:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][12 pkts/5165 bytes <-> 10 pkts/5074 bytes][Goodput ratio: 84/87][0.34 sec][Hostname/SNI: ios.nccp.netflix.com][bytes ratio: 0.009 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 31/31 85/65 31/27][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 430/507 1514/1514 533/591][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: d13b20842ba6aba0b08d1d9b953b074e][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d910600_383454ac02f4_8587f467d9ea][ServerNames: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: CN=Primary Certificate Authority (2009), ST=California, C=US, O=Netflix Inc, OU=Electronic Delivery, L=Los Gatos][Subject: CN=*.nccp.netflix.com, O=Netflix, Inc., OU=Operations, C=US, ST=California, L=Los Gatos][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Firefox][Validity: 2001-01-17 20:32:09 - 2018-03-24 20:32:09][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,25,0,8,0,0,0,0,8,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,8,0,0,0,0,0,8,0,0,0,0,0,25,0,0]
+ 38 TCP 192.168.1.7:53105 <-> 54.69.204.241:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][21 pkts/3051 bytes <-> 16 pkts/6234 bytes][Goodput ratio: 55/83][31.02 sec][Hostname/SNI: ichnaea.netflix.com][(Advertised) ALPNs: spdy/3.1;spdy/3;http/1.1][bytes ratio: -0.343 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1820/45 30348/363 7132/103][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 145/390 422/1514 132/520][nDPI Fingerprint: d6616c767e56c5cc0cbd4e2f5e9c4a4c][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d1909s1_b5dc49c6fcca_2cdefc264be7][ServerNames: ichnaea.netflix.com,beacon.netflix.com,presentationtracking.netflix.com,nmtracking.netflix.com,customerevents.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=customerevents.netflix.com][Certificate SHA-1: 50:D6:DB:AF:1D:A3:83:52:E6:0E:15:8F:98:78:EE:2F:23:FD:E2:3F][Firefox][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 11,27,5,0,0,5,5,0,0,11,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0]
+ 39 TCP 192.168.1.7:53193 <-> 54.191.17.51:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][10 pkts/5203 bytes <-> 6 pkts/3037 bytes][Goodput ratio: 87/87][0.31 sec][Hostname/SNI: ios.nccp.netflix.com][bytes ratio: 0.263 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 31/50 123/73 41/30][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 520/506 1514/1514 583/592][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: d13b20842ba6aba0b08d1d9b953b074e][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d910600_383454ac02f4_8587f467d9ea][ServerNames: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: CN=Primary Certificate Authority (2009), ST=California, C=US, O=Netflix Inc, OU=Electronic Delivery, L=Los Gatos][Subject: CN=*.nccp.netflix.com, O=Netflix, Inc., OU=Operations, C=US, ST=California, L=Los Gatos][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Firefox][Validity: 2001-01-17 20:32:09 - 2018-03-24 20:32:09][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,22,0,11,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,11,0,0,0,0,0,0,0,0,0,0,0,33,0,0]
+ 40 TCP 192.168.1.7:53114 <-> 54.191.17.51:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][14 pkts/3109 bytes <-> 11 pkts/5119 bytes][Goodput ratio: 70/86][0.32 sec][Hostname/SNI: ios.nccp.netflix.com][bytes ratio: -0.244 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 24/22 72/63 26/25][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 222/465 1514/1514 382/579][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: d13b20842ba6aba0b08d1d9b953b074e][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d910600_383454ac02f4_8587f467d9ea][ServerNames: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: CN=Primary Certificate Authority (2009), ST=California, C=US, O=Netflix Inc, OU=Electronic Delivery, L=Los Gatos][Subject: CN=*.nccp.netflix.com, O=Netflix, Inc., OU=Operations, C=US, ST=California, L=Los Gatos][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Firefox][Validity: 2001-01-17 20:32:09 - 2018-03-24 20:32:09][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 16,25,0,8,0,0,0,0,8,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,25,0,0]
+ 41 TCP 192.168.1.7:53134 <-> 52.89.39.139:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 6][cat: Video/26][Breed: Fun][14 pkts/3548 bytes <-> 11 pkts/4653 bytes][Goodput ratio: 74/84][30.77 sec][Hostname/SNI: api-global.netflix.com][bytes ratio: -0.135 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 29/22 143/79 43/29][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 253/423 1514/1514 422/512][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: 15361284fb021f89cd17f0128d681563][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d190700_b5dc49c6fcca_3304d8368043][JA3S: 303951d4c50efb2e991652225a6f02b1][Firefox][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 18,9,0,0,9,0,9,0,0,0,0,0,9,0,0,0,0,0,9,0,0,0,0,0,0,0,0,0,9,0,0,0,0,0,0,0,0,0,0,9,0,0,0,0,0,18,0,0]
+ 42 TCP 192.168.1.7:53115 <-> 52.32.196.36:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 7][cat: Video/26][Breed: Fun][16 pkts/1657 bytes <-> 12 pkts/5005 bytes][Goodput ratio: 36/84][30.93 sec][Hostname/SNI: api-global.netflix.com][(Advertised) ALPNs: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: -0.503 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2373/20 30602/58 8149/26][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 104/417 309/1514 78/548][nDPI Fingerprint: 4622f42680948581d3f684ed1e8246dd][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d1909h2_b5dc49c6fcca_2cdefc264be7][ServerNames: api-latam.netflix.com,htmltvui.netflix.com,api-eu.netflix.com,uiboot.netflix.com,api-global.netflix.com,api-user.netflix.com,api-us.netflix.com,api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=api.netflix.com][Certificate SHA-1: FC:5B:F6:86:AE:E5:22:0D:60:0C:C3:DF:8F:02:80:3F:A3:60:0E:3C][Firefox][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 15,23,15,0,0,0,7,15,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,15,0,0]
43 TCP 192.168.1.7:53141 <-> 104.86.97.179:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 9][cat: Video/26][Breed: Fun][19 pkts/2356 bytes <-> 8 pkts/4069 bytes][Goodput ratio: 46/87][0.12 sec][Hostname/SNI: art-s.nflximg.net][(Advertised) ALPNs: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][(Negotiated) ALPN: h2][bytes ratio: -0.267 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 6/7 26/21 9/8][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 124/509 293/1514 58/602][nDPI Fingerprint: 4622f42680948581d3f684ed1e8246dd][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d1909h2_b5dc49c6fcca_2cdefc264be7][ServerNames: secure.cdn.nflximg.net,*.nflxext.com,*.nflxvideo.net,*.nflxsearch.net,*.nrd.nflximg.net,*.nflximg.net][JA3S: ef6b224ce027c8e21e5a25d8a58255a3][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=Los Gatos, O=Netflix, Inc., OU=Content Delivery Operations, CN=secure.cdn.nflximg.net][Certificate SHA-1: 0D:EF:D1:E6:29:11:1A:A5:88:B3:2F:04:65:D6:D7:AD:84:A2:52:26][Firefox][Validity: 2016-04-06 00:00:00 - 2017-04-05 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 5,28,39,0,5,0,0,5,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0]
44 TCP 192.168.1.7:53164 <-> 23.246.10.139:80 [proto: 7/HTTP][Stack: HTTP][IP: 133/NetFlix][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: IP address][DPI packets: 5][cat: Download/7][Breed: Acceptable][5 pkts/698 bytes <-> 5 pkts/5198 bytes][Goodput ratio: 51/93][0.08 sec][Hostname/SNI: 23.246.10.139][bytes ratio: -0.763 (Download)][IAT c2s/s2c min/avg/max/stddev: 5/1 18/14 35/35 11/13][Pkt Len c2s/s2c min/avg/max/stddev: 66/74 140/1040 422/1514 141/603][URL: 23.246.10.139/range/0-65535?o=AQEfKq2oMrLRiWL-p-VeIZ6WKRq-X6LMvaLqgxWBCuFbh09MpreORUUOO5Tx1683HPnLY6BPjN_9mlDuYihGZoXu9u0ozH8RFioBN_JDNiRscidjvoSdWmlyZgPNansW0lkBr4X81HvloOi8BS_exVSPhMyJQTB5bg&v=3&e=1484347850&t=-djGXIcbFBNzyfugqEWcrgtCpyY&random=34073607][StatusCode: 200][Content-Type: application/octet-stream][Server: nginx][User-Agent: netflix-ios-app][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** Binary File/Data Transfer (Attempt) **][Risk Score: 60][Risk Info: Found binary mime octet-stream / Found host 23.246.10.139][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GET /range/0)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,60,0,0]
- 45 TCP 192.168.1.7:53250 <-> 52.41.30.5:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 6][cat: Video/26][Breed: Fun][10 pkts/2830 bytes <-> 7 pkts/2484 bytes][Goodput ratio: 76/81][0.21 sec][Hostname/SNI: api-global.netflix.com][bytes ratio: 0.065 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 26/20 92/54 34/22][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 283/355 1450/1066 419/413][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: 15361284fb021f89cd17f0128d681563][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d190700_b5dc49c6fcca_3304d8368043][JA3S: 303951d4c50efb2e991652225a6f02b1][Firefox][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 12,12,0,0,12,0,12,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,12,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0]
- 46 TCP 192.168.1.7:53117 <-> 52.32.196.36:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 6][cat: Video/26][Breed: Fun][12 pkts/1294 bytes <-> 8 pkts/1723 bytes][Goodput ratio: 39/69][30.71 sec][Hostname/SNI: api-global.netflix.com][bytes ratio: -0.142 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 3064/6120 30486/30536 9141/12208][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 108/215 309/989 83/296][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: 15361284fb021f89cd17f0128d681563][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d190700_b5dc49c6fcca_3304d8368043][JA3S: 303951d4c50efb2e991652225a6f02b1][Firefox][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 25,12,12,0,12,0,12,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 45 TCP 192.168.1.7:53250 <-> 52.41.30.5:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 6][cat: Video/26][Breed: Fun][10 pkts/2830 bytes <-> 7 pkts/2484 bytes][Goodput ratio: 76/81][0.21 sec][Hostname/SNI: api-global.netflix.com][bytes ratio: 0.065 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 26/20 92/54 34/22][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 283/355 1450/1066 419/413][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: 15361284fb021f89cd17f0128d681563][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d190700_b5dc49c6fcca_3304d8368043][JA3S: 303951d4c50efb2e991652225a6f02b1][Firefox][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 12,12,0,0,12,0,12,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,12,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0]
+ 46 TCP 192.168.1.7:53117 <-> 52.32.196.36:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 6][cat: Video/26][Breed: Fun][12 pkts/1294 bytes <-> 8 pkts/1723 bytes][Goodput ratio: 39/69][30.71 sec][Hostname/SNI: api-global.netflix.com][bytes ratio: -0.142 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 3064/6120 30486/30536 9141/12208][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 108/215 309/989 83/296][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: 15361284fb021f89cd17f0128d681563][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d190700_b5dc49c6fcca_3304d8368043][JA3S: 303951d4c50efb2e991652225a6f02b1][Firefox][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 25,12,12,0,12,0,12,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
47 UDP 192.168.1.7:53776 -> 239.255.255.250:1900 [proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][16 pkts/2648 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][79.13 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 105/0 4588/0 14907/0 6547/0][Pkt Len c2s/s2c min/avg/max/stddev: 164/0 166/0 167/0 2/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
48 UDP 192.168.1.7:51543 <-> 192.168.1.1:53 [proto: 5/DNS][Stack: DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 3][cat: Network/14][Breed: Acceptable][2 pkts/160 bytes <-> 2 pkts/646 bytes][Goodput ratio: 47/87][0.02 sec][Hostname/SNI: ios.nccp.netflix.com][54.191.17.51][DNS Id: 0x2956][PLAIN TEXT (netflix)][Plen Bins: 0,50,0,0,0,0,0,25,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
49 UDP 192.168.1.7:51622 <-> 192.168.1.1:53 [proto: 5/DNS][Stack: DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 3][cat: Network/14][Breed: Acceptable][2 pkts/160 bytes <-> 2 pkts/646 bytes][Goodput ratio: 47/87][0.04 sec][Hostname/SNI: ios.nccp.netflix.com][52.32.22.214][DNS Id: 0x2859][PLAIN TEXT (netflix)][Plen Bins: 0,50,0,0,0,0,0,25,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -106,5 +106,5 @@ JA Host Stats:
57 UDP 192.168.1.7:57719 <-> 192.168.1.1:53 [proto: 5/DNS][Stack: DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][Breed: Acceptable][1 pkts/85 bytes <-> 1 pkts/137 bytes][Goodput ratio: 50/69][0.02 sec][Hostname/SNI: sha2.san.akam.nflximg.net][104.86.97.179][DNS Id: 0x3158][PLAIN TEXT (akamaiedge)][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
58 UDP 192.168.1.7:57093 <-> 192.168.1.1:53 [proto: 5/DNS][Stack: DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][Breed: Acceptable][1 pkts/81 bytes <-> 1 pkts/113 bytes][Goodput ratio: 48/62][0.02 sec][Hostname/SNI: a1907.dscg.akamai.net][184.25.204.10][DNS Id: 0x91f0][PLAIN TEXT (akamai)][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
59 UDP 192.168.1.7:51728 <-> 192.168.1.1:53 [proto: 5/DNS][Stack: DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][Breed: Acceptable][1 pkts/80 bytes <-> 1 pkts/112 bytes][Goodput ratio: 47/62][0.02 sec][Hostname/SNI: a803.dscg.akamai.net][184.25.204.24][DNS Id: 0x041a][PLAIN TEXT (akamai)][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 60 TCP 192.168.1.7:52929 -> 52.24.87.6:443 [proto: 91/TLS][Stack: TLS][IP: 265/AmazonAWS][Encrypted][Confidence: Match by port][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 2][cat: Web/5][Breed: Safe][2 pkts/126 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][14.20 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 60 TCP 192.168.1.7:52929 -> 52.24.87.6:443 [proto: 91/TLS][Stack: TLS][IP: 461/AWS_EC2][Encrypted][Confidence: Match by port][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 2][cat: Web/5][Breed: Safe][2 pkts/126 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][14.20 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
61 IGMP 192.168.1.7:0 -> 239.255.255.250:0 [proto: 82/IGMP][Stack: IGMP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 82/IGMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/nexon.pcapng.out b/tests/cfgs/default/result/nexon.pcapng.out
index 8437457a1..9db4da50c 100644
--- a/tests/cfgs/default/result/nexon.pcapng.out
+++ b/tests/cfgs/default/result/nexon.pcapng.out
@@ -26,5 +26,5 @@ Fun 128 13740 2
Game 128 13740 2
- 1 TCP 192.168.12.67:46824 <-> 54.64.252.215:9995 [proto: 113/Nexon][Stack: Nexon][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 4][cat: Game/8][Breed: Fun][50 pkts/7428 bytes <-> 48 pkts/3212 bytes][Goodput ratio: 55/1][199.97 sec][bytes ratio: 0.396 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 4456/4681 46914/46915 10741/10973][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 149/67 290/94 46/4][TCP Fingerprint: 2_64_65535_685ad951a756/Android][Plen Bins: 6,16,50,0,25,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 2 TCP 192.168.12.67:39908 <-> 18.185.38.147:7500 [proto: 113/Nexon][Stack: Nexon][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 4][cat: Game/8][Breed: Fun][17 pkts/1307 bytes <-> 13 pkts/1793 bytes][Goodput ratio: 28/60][13.45 sec][bytes ratio: -0.157 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 957/1201 5759/5709 1612/1783][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 77/138 325/891 63/219][TCP Fingerprint: 2_64_65535_685ad951a756/Android][Plen Bins: 75,6,6,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 1 TCP 192.168.12.67:46824 <-> 54.64.252.215:9995 [proto: 113/Nexon][Stack: Nexon][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 4][cat: Game/8][Breed: Fun][50 pkts/7428 bytes <-> 48 pkts/3212 bytes][Goodput ratio: 55/1][199.97 sec][bytes ratio: 0.396 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 4456/4681 46914/46915 10741/10973][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 149/67 290/94 46/4][TCP Fingerprint: 2_64_65535_685ad951a756/Android][Plen Bins: 6,16,50,0,25,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 2 TCP 192.168.12.67:39908 <-> 18.185.38.147:7500 [proto: 113/Nexon][Stack: Nexon][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 4][cat: Game/8][Breed: Fun][17 pkts/1307 bytes <-> 13 pkts/1793 bytes][Goodput ratio: 28/60][13.45 sec][bytes ratio: -0.157 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 957/1201 5759/5709 1612/1783][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 77/138 325/891 63/219][TCP Fingerprint: 2_64_65535_685ad951a756/Android][Plen Bins: 75,6,6,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/nintendo.pcap.out b/tests/cfgs/default/result/nintendo.pcap.out
index 1a4f6f47e..c8557c105 100644
--- a/tests/cfgs/default/result/nintendo.pcap.out
+++ b/tests/cfgs/default/result/nintendo.pcap.out
@@ -30,7 +30,7 @@ DNS 12 1550 3
ICMP 30 2100 2
TLS 56 8595 2
Nintendo 878 318692 9
-AmazonAWS 20 2216 5
+AWS_EC2 20 2216 5
Safe 56 8595 2
Acceptable 62 5866 10
@@ -49,21 +49,21 @@ JA Host Stats:
1 UDP 192.168.12.114:55915 <-> 185.118.169.65:27520 [proto: 173/Nintendo][Stack: Nintendo][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 173/Nintendo, Confidence: DPI][DPI packets: 1][cat: Game/8][Breed: Fun][169 pkts/61414 bytes <-> 278 pkts/126260 bytes][Goodput ratio: 88/91][5.90 sec][bytes ratio: -0.346 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 34/17 311/242 44/19][Pkt Len c2s/s2c min/avg/max/stddev: 102/102 363/454 886/886 191/118][Plen Bins: 0,2,24,2,0,0,0,0,0,0,0,0,0,63,6,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 UDP 192.168.12.114:55915 <-> 93.237.131.235:56066 [proto: 173/Nintendo][Stack: Nintendo][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 173/Nintendo, Confidence: DPI][DPI packets: 1][cat: Game/8][Breed: Fun][122 pkts/48332 bytes <-> 35 pkts/5026 bytes][Goodput ratio: 89/71][5.68 sec][bytes ratio: 0.812 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 45/77 607/506 66/117][Pkt Len c2s/s2c min/avg/max/stddev: 102/102 396/144 1254/886 210/128][Plen Bins: 0,5,35,3,1,0,0,0,0,0,0,0,0,51,1,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0]
3 UDP 192.168.12.114:55915 <-> 81.61.158.138:51769 [proto: 173/Nintendo][Stack: Nintendo][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 173/Nintendo, Confidence: DPI][DPI packets: 1][cat: Game/8][Breed: Fun][122 pkts/46476 bytes <-> 38 pkts/5268 bytes][Goodput ratio: 89/70][5.49 sec][bytes ratio: 0.796 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 40/76 313/318 40/84][Pkt Len c2s/s2c min/avg/max/stddev: 102/102 381/139 886/886 193/124][PLAIN TEXT (FutwCa)][Plen Bins: 0,7,38,1,1,0,0,0,0,0,0,0,0,47,2,0,0,0,0,0,0,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 4 TCP 54.187.10.185:443 <-> 192.168.12.114:48328 [proto: 91/TLS][Stack: TLS][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Safe][34 pkts/4466 bytes <-> 20 pkts/4021 bytes][Goodput ratio: 50/67][21.54 sec][bytes ratio: 0.052 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/4 728/1409 14019/13944 2636/3582][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 131/201 400/983 86/219][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][Plen Bins: 0,58,5,15,0,2,0,8,0,2,2,0,2,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 5 TCP 192.168.12.114:41517 <-> 54.192.27.217:443 [proto: 91.173/TLS.Nintendo][Stack: TLS.Nintendo][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 173/Nintendo, Confidence: DNS][DPI packets: 7][cat: Game/8][Breed: Fun][11 pkts/2898 bytes <-> 10 pkts/4865 bytes][Goodput ratio: 75/86][0.56 sec][Hostname/SNI: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com][bytes ratio: -0.253 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 65/54 287/250 89/82][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 263/486 1414/1414 387/570][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: e1ee998db3b1a2b6a50f24ac826b87ae][TCP Fingerprint: 2_64_32768_4102d18f472f/Unknown][TLSv1.2][JA4: t12d260500_f64c77d06cfa_b289314254d8][ServerNames: *.baas.nintendo.com,baas.nintendo.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 High Assurance Server CA][Subject: C=JP, ST=Kyoto, L=Minami-ku, O=Nintendo Co., Ltd., CN=*.baas.nintendo.com][Certificate SHA-1: 8A:0A:1D:D3:A8:96:7A:55:C5:75:B2:2B:3E:45:15:54:0A:B0:FC:94][Firefox][Validity: 2015-08-12 00:00:00 - 2018-08-15 12:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 10,10,0,10,0,0,10,0,0,10,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,30,0,0,0,0,0]
- 6 TCP 192.168.12.114:31329 <-> 54.192.27.8:443 [proto: 91.173/TLS.Nintendo][Stack: TLS.Nintendo][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 173/Nintendo, Confidence: DNS][DPI packets: 7][cat: Game/8][Breed: Fun][10 pkts/2833 bytes <-> 10 pkts/4866 bytes][Goodput ratio: 76/86][0.51 sec][Hostname/SNI: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com][bytes ratio: -0.264 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 57/47 243/198 76/65][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 283/487 1414/1414 401/570][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: e1ee998db3b1a2b6a50f24ac826b87ae][TCP Fingerprint: 2_64_32768_4102d18f472f/Unknown][TLSv1.2][JA4: t12d260500_f64c77d06cfa_b289314254d8][ServerNames: *.baas.nintendo.com,baas.nintendo.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 High Assurance Server CA][Subject: C=JP, ST=Kyoto, L=Minami-ku, O=Nintendo Co., Ltd., CN=*.baas.nintendo.com][Certificate SHA-1: 8A:0A:1D:D3:A8:96:7A:55:C5:75:B2:2B:3E:45:15:54:0A:B0:FC:94][Firefox][Validity: 2015-08-12 00:00:00 - 2018-08-15 12:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 10,10,0,10,0,0,10,0,0,10,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,30,0,0,0,0,0]
+ 4 TCP 54.187.10.185:443 <-> 192.168.12.114:48328 [proto: 91/TLS][Stack: TLS][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Safe][34 pkts/4466 bytes <-> 20 pkts/4021 bytes][Goodput ratio: 50/67][21.54 sec][bytes ratio: 0.052 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/4 728/1409 14019/13944 2636/3582][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 131/201 400/983 86/219][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][Plen Bins: 0,58,5,15,0,2,0,8,0,2,2,0,2,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 5 TCP 192.168.12.114:41517 <-> 54.192.27.217:443 [proto: 91.173/TLS.Nintendo][Stack: TLS.Nintendo][IP: 464/AWS_Cloudfront][Encrypted][Confidence: DPI][FPC: 173/Nintendo, Confidence: DNS][DPI packets: 7][cat: Game/8][Breed: Fun][11 pkts/2898 bytes <-> 10 pkts/4865 bytes][Goodput ratio: 75/86][0.56 sec][Hostname/SNI: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com][bytes ratio: -0.253 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 65/54 287/250 89/82][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 263/486 1414/1414 387/570][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: e1ee998db3b1a2b6a50f24ac826b87ae][TCP Fingerprint: 2_64_32768_4102d18f472f/Unknown][TLSv1.2][JA4: t12d260500_f64c77d06cfa_b289314254d8][ServerNames: *.baas.nintendo.com,baas.nintendo.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 High Assurance Server CA][Subject: C=JP, ST=Kyoto, L=Minami-ku, O=Nintendo Co., Ltd., CN=*.baas.nintendo.com][Certificate SHA-1: 8A:0A:1D:D3:A8:96:7A:55:C5:75:B2:2B:3E:45:15:54:0A:B0:FC:94][Firefox][Validity: 2015-08-12 00:00:00 - 2018-08-15 12:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 10,10,0,10,0,0,10,0,0,10,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,30,0,0,0,0,0]
+ 6 TCP 192.168.12.114:31329 <-> 54.192.27.8:443 [proto: 91.173/TLS.Nintendo][Stack: TLS.Nintendo][IP: 464/AWS_Cloudfront][Encrypted][Confidence: DPI][FPC: 173/Nintendo, Confidence: DNS][DPI packets: 7][cat: Game/8][Breed: Fun][10 pkts/2833 bytes <-> 10 pkts/4866 bytes][Goodput ratio: 76/86][0.51 sec][Hostname/SNI: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com][bytes ratio: -0.264 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 57/47 243/198 76/65][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 283/487 1414/1414 401/570][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: e1ee998db3b1a2b6a50f24ac826b87ae][TCP Fingerprint: 2_64_32768_4102d18f472f/Unknown][TLSv1.2][JA4: t12d260500_f64c77d06cfa_b289314254d8][ServerNames: *.baas.nintendo.com,baas.nintendo.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 High Assurance Server CA][Subject: C=JP, ST=Kyoto, L=Minami-ku, O=Nintendo Co., Ltd., CN=*.baas.nintendo.com][Certificate SHA-1: 8A:0A:1D:D3:A8:96:7A:55:C5:75:B2:2B:3E:45:15:54:0A:B0:FC:94][Firefox][Validity: 2015-08-12 00:00:00 - 2018-08-15 12:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 10,10,0,10,0,0,10,0,0,10,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,30,0,0,0,0,0]
7 UDP 192.168.12.114:52119 <-> 91.8.243.35:49432 [proto: 173/Nintendo][Stack: Nintendo][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 173/Nintendo, Confidence: DPI][DPI packets: 1][cat: Game/8][Breed: Fun][23 pkts/2682 bytes <-> 16 pkts/3408 bytes][Goodput ratio: 64/80][4.86 sec][bytes ratio: -0.119 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 232/89 514/507 225/142][Pkt Len c2s/s2c min/avg/max/stddev: 102/102 117/213 230/854 27/243][Plen Bins: 0,41,43,5,2,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
8 UDP 192.168.12.114:52119 <-> 109.21.255.11:50251 [proto: 173/Nintendo][Stack: Nintendo][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 173/Nintendo, Confidence: DPI][DPI packets: 1][cat: Game/8][Breed: Fun][8 pkts/1024 bytes <-> 8 pkts/1024 bytes][Goodput ratio: 67/67][1.28 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 39/58 119/111 274/242 89/65][Pkt Len c2s/s2c min/avg/max/stddev: 102/102 128/128 198/198 41/41][Plen Bins: 0,62,12,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
9 UDP 192.168.12.114:52119 <-> 134.3.248.25:56955 [proto: 173/Nintendo][Stack: Nintendo][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 173/Nintendo, Confidence: DPI][DPI packets: 1][cat: Game/8][Breed: Fun][8 pkts/1040 bytes <-> 7 pkts/922 bytes][Goodput ratio: 68/68][1.15 sec][bytes ratio: 0.060 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 9/17 108/127 288/286 109/90][Pkt Len c2s/s2c min/avg/max/stddev: 102/102 130/132 198/198 40/42][Plen Bins: 0,53,20,0,26,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
10 ICMP 151.6.184.100:0 -> 192.168.12.114:0 [proto: 81/ICMP][Stack: ICMP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 81/ICMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][21 pkts/1470 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][0.73 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 40/0 315/0 92/0][Pkt Len c2s/s2c min/avg/max/stddev: 70/0 70/0 70/0 0/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
11 UDP 192.168.12.114:10184 <-> 192.168.12.1:53 [proto: 5/DNS][Stack: DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 4][cat: Network/14][Breed: Acceptable][4 pkts/368 bytes <-> 4 pkts/400 bytes][Goodput ratio: 54/58][0.01 sec][Hostname/SNI: g2df33d01-lp1.p.srv.nintendo.net][52.10.205.177][DNS Id: 0xe33e][bytes ratio: -0.042 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 4/4 4/4 5/5 0/0][Pkt Len c2s/s2c min/avg/max/stddev: 92/92 92/100 92/108 0/8][PLAIN TEXT (nintendo)][Plen Bins: 0,75,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 12 UDP 192.168.12.114:52119 -> 52.10.205.177:34343 [proto: 265/AmazonAWS][Stack: AmazonAWS][IP: 265/AmazonAWS][Encrypted][Confidence: Match by IP][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 1][cat: Cloud/13][Breed: Acceptable][1 pkts/730 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][Risk: ** Susp Entropy **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic / Entropy: 7.623 (Encrypted or Random?)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 12 UDP 192.168.12.114:52119 -> 52.10.205.177:34343 [proto: 461/AWS_EC2][Stack: AWS_EC2][IP: 461/AWS_EC2][Encrypted][Confidence: Match by IP][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 1][cat: Cloud/13][Breed: Acceptable][1 pkts/730 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][Risk: ** Susp Entropy **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic / Entropy: 7.623 (Encrypted or Random?)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
13 ICMP 151.6.184.98:0 -> 192.168.12.114:0 [proto: 81/ICMP][Stack: ICMP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 81/ICMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][9 pkts/630 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][0.60 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 75/0 316/0 130/0][Pkt Len c2s/s2c min/avg/max/stddev: 70/0 70/0 70/0 0/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 14 UDP 192.168.12.114:55915 <-> 35.158.74.61:10025 [proto: 265/AmazonAWS][Stack: AmazonAWS][IP: 265/AmazonAWS][Encrypted][Confidence: Match by IP][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 7][cat: Cloud/13][Breed: Acceptable][5 pkts/290 bytes <-> 5 pkts/290 bytes][Goodput ratio: 27/27][0.06 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1/1 4/3 2/1][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58/58 58/58 0/0][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 14 UDP 192.168.12.114:55915 <-> 35.158.74.61:10025 [proto: 461/AWS_EC2][Stack: AWS_EC2][IP: 461/AWS_EC2][Encrypted][Confidence: Match by IP][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 7][cat: Cloud/13][Breed: Acceptable][5 pkts/290 bytes <-> 5 pkts/290 bytes][Goodput ratio: 27/27][0.06 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1/1 4/3 2/1][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58/58 58/58 0/0][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
15 UDP 192.168.12.114:18874 <-> 192.168.12.1:53 [proto: 5/DNS][Stack: DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][Breed: Acceptable][1 pkts/110 bytes <-> 1 pkts/281 bytes][Goodput ratio: 61/85][0.03 sec][Hostname/SNI: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com][54.192.27.217][DNS Id: 0x0049][PLAIN TEXT (fb203858ebc)][Plen Bins: 0,0,50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
16 UDP 192.168.12.114:51035 <-> 192.168.12.1:53 [proto: 5/DNS][Stack: DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][Breed: Acceptable][1 pkts/110 bytes <-> 1 pkts/281 bytes][Goodput ratio: 61/85][< 1 sec][Hostname/SNI: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com][54.192.27.8][DNS Id: 0x6169][PLAIN TEXT (fb203858ebc)][Plen Bins: 0,0,50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 17 UDP 192.168.12.114:52119 -> 35.158.74.61:33335 [proto: 173/Nintendo][Stack: Nintendo][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 173/Nintendo, Confidence: DPI][DPI packets: 1][cat: Game/8][Breed: Fun][3 pkts/354 bytes -> 0 pkts/0 bytes][Goodput ratio: 64/0][0.00 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 18 UDP 192.168.12.114:55915 -> 35.158.74.61:33335 [proto: 265/AmazonAWS][Stack: AmazonAWS][IP: 265/AmazonAWS][Encrypted][Confidence: Match by IP][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 3][cat: Cloud/13][Breed: Acceptable][3 pkts/318 bytes -> 0 pkts/0 bytes][Goodput ratio: 60/0][0.00 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (NATTestId)][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 19 UDP 192.168.12.114:55915 -> 52.10.205.177:34343 [proto: 265/AmazonAWS][Stack: AmazonAWS][IP: 265/AmazonAWS][Encrypted][Confidence: Match by IP][FPC: 173/Nintendo, Confidence: DNS][DPI packets: 1][cat: Cloud/13][Breed: Acceptable][1 pkts/298 bytes -> 0 pkts/0 bytes][Goodput ratio: 86/0][< 1 sec][Risk: ** Susp Entropy **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic / Entropy: 6.886 (Compressed Executable?)][Plen Bins: 0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 20 UDP 192.168.12.114:55915 -> 35.158.74.61:33334 [proto: 265/AmazonAWS][Stack: AmazonAWS][IP: 265/AmazonAWS][Encrypted][Confidence: Match by IP][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 5][cat: Cloud/13][Breed: Acceptable][5 pkts/290 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][0.00 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 21 TCP 192.168.12.114:11534 <-> 54.146.242.74:443 [proto: 91/TLS][Stack: TLS][IP: 265/AmazonAWS][Encrypted][Confidence: Match by port][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 2][cat: Web/5][Breed: Safe][1 pkts/54 bytes <-> 1 pkts/54 bytes][Goodput ratio: 0/0][0.18 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 17 UDP 192.168.12.114:52119 -> 35.158.74.61:33335 [proto: 173/Nintendo][Stack: Nintendo][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 173/Nintendo, Confidence: DPI][DPI packets: 1][cat: Game/8][Breed: Fun][3 pkts/354 bytes -> 0 pkts/0 bytes][Goodput ratio: 64/0][0.00 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 18 UDP 192.168.12.114:55915 -> 35.158.74.61:33335 [proto: 461/AWS_EC2][Stack: AWS_EC2][IP: 461/AWS_EC2][Encrypted][Confidence: Match by IP][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 3][cat: Cloud/13][Breed: Acceptable][3 pkts/318 bytes -> 0 pkts/0 bytes][Goodput ratio: 60/0][0.00 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (NATTestId)][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 19 UDP 192.168.12.114:55915 -> 52.10.205.177:34343 [proto: 461/AWS_EC2][Stack: AWS_EC2][IP: 461/AWS_EC2][Encrypted][Confidence: Match by IP][FPC: 173/Nintendo, Confidence: DNS][DPI packets: 1][cat: Cloud/13][Breed: Acceptable][1 pkts/298 bytes -> 0 pkts/0 bytes][Goodput ratio: 86/0][< 1 sec][Risk: ** Susp Entropy **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic / Entropy: 6.886 (Compressed Executable?)][Plen Bins: 0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 20 UDP 192.168.12.114:55915 -> 35.158.74.61:33334 [proto: 461/AWS_EC2][Stack: AWS_EC2][IP: 461/AWS_EC2][Encrypted][Confidence: Match by IP][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 5][cat: Cloud/13][Breed: Acceptable][5 pkts/290 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][0.00 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 21 TCP 192.168.12.114:11534 <-> 54.146.242.74:443 [proto: 91/TLS][Stack: TLS][IP: 461/AWS_EC2][Encrypted][Confidence: Match by port][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 2][cat: Web/5][Breed: Safe][1 pkts/54 bytes <-> 1 pkts/54 bytes][Goodput ratio: 0/0][0.18 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/ocs.pcap.out b/tests/cfgs/default/result/ocs.pcap.out
index 74d4071da..c1a221afd 100644
--- a/tests/cfgs/default/result/ocs.pcap.out
+++ b/tests/cfgs/default/result/ocs.pcap.out
@@ -51,7 +51,7 @@ JA Host Stats:
1 TCP 192.168.180.2:49881 -> 178.248.208.54:80 [proto: 7.218/HTTP.OCS][Stack: HTTP.OCS][IP: 218/OCS][ClearText][Confidence: DPI][FPC: 218/OCS, Confidence: IP address][DPI packets: 11][cat: Media/1][Breed: Fun][751 pkts/44783 bytes -> 0 pkts/0 bytes][Goodput ratio: 1/0][51.39 sec][Hostname/SNI: ocu03.labgency.ws][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 64/0 3996/0 235/0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 60/0 715/0 25/0][URL: ocu03.labgency.ws/catalog/vod?v=3][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_14600_8c07a80cc645/Linux][PLAIN TEXT (POST /catalog/vod)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 TCP 192.168.180.2:36680 -> 178.248.208.54:443 [proto: 91.218/TLS.OCS][Stack: TLS.OCS][IP: 218/OCS][Encrypted][Confidence: DPI][FPC: 218/OCS, Confidence: IP address][DPI packets: 15][cat: Media/1][Breed: Fun][20 pkts/6089 bytes -> 0 pkts/0 bytes][Goodput ratio: 83/0][3.85 sec][Hostname/SNI: ocs.labgency.ws][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 210/0 998/0 326/0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 304/0 1440/0 368/0][Risk: ** Obsolete TLS (v1.1 or older) **** Unidirectional Traffic **][Risk Score: 110][Risk Info: No server to client traffic / TLSv1][nDPI Fingerprint: 96ad40c7e71a0b631f86525c6405148c][TCP Fingerprint: 2_64_14600_8c07a80cc645/Linux][TLSv1][JA4: t10d350300_1f24bcc5f17d_33a13ba74d1c][Plen Bins: 0,0,0,0,0,0,22,11,0,11,0,0,0,0,0,0,0,0,0,11,11,11,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0]
3 TCP 192.168.180.2:42590 -> 178.248.208.210:80 [proto: 7.218/HTTP.OCS][Stack: HTTP.OCS][IP: 218/OCS][ClearText][Confidence: DPI][FPC: 218/OCS, Confidence: IP address][DPI packets: 11][cat: Media/1][Breed: Fun][83 pkts/5408 bytes -> 0 pkts/0 bytes][Goodput ratio: 6/0][3.75 sec][Hostname/SNI: www.ocs.fr][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 31/0 91/0 30/0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 65/0 208/0 24/0][URL: www.ocs.fr/data_plateforme/program/18496/tv_detail_mortdunpourw0012236_72f6c.jpg][Risk: ** HTTP Susp User-Agent **** Unidirectional Traffic **][Risk Score: 110][Risk Info: No server to client traffic / Empty or missing User-Agent][TCP Fingerprint: 2_64_14600_8c07a80cc645/Linux][PLAIN TEXT (GET /data)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 4 TCP 192.168.180.2:39263 -> 23.21.230.199:443 [proto: 91.275/TLS.Crashlytics][Stack: TLS.Crashlytics][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 16][cat: DataTransfer/4][Breed: Acceptable][20 pkts/2715 bytes -> 0 pkts/0 bytes][Goodput ratio: 62/0][2.62 sec][Hostname/SNI: settings.crashlytics.com][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 145/0 1003/0 239/0][Pkt Len c2s/s2c min/avg/max/stddev: 40/0 136/0 1209/0 253/0][Risk: ** Obsolete TLS (v1.1 or older) **** Unidirectional Traffic **][Risk Score: 110][Risk Info: No server to client traffic / TLSv1][nDPI Fingerprint: a5bb4e838c2002745dd8bb298c2b40df][TCP Fingerprint: 2_64_14600_8c07a80cc645/Linux][TLSv1][JA4: t10d350400_1f24bcc5f17d_a875e5012fde][Plen Bins: 0,20,0,0,40,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0]
+ 4 TCP 192.168.180.2:39263 -> 23.21.230.199:443 [proto: 91.275/TLS.Crashlytics][Stack: TLS.Crashlytics][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 16][cat: DataTransfer/4][Breed: Acceptable][20 pkts/2715 bytes -> 0 pkts/0 bytes][Goodput ratio: 62/0][2.62 sec][Hostname/SNI: settings.crashlytics.com][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 145/0 1003/0 239/0][Pkt Len c2s/s2c min/avg/max/stddev: 40/0 136/0 1209/0 253/0][Risk: ** Obsolete TLS (v1.1 or older) **** Unidirectional Traffic **][Risk Score: 110][Risk Info: No server to client traffic / TLSv1][nDPI Fingerprint: a5bb4e838c2002745dd8bb298c2b40df][TCP Fingerprint: 2_64_14600_8c07a80cc645/Linux][TLSv1][JA4: t10d350400_1f24bcc5f17d_a875e5012fde][Plen Bins: 0,20,0,0,40,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0]
5 TCP 192.168.180.2:32946 -> 64.233.184.188:443 [proto: 91.239/TLS.GoogleServices][Stack: TLS.GoogleServices][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 126/Google, Confidence: IP address][DPI packets: 12][cat: Web/5][Breed: Acceptable][12 pkts/2212 bytes -> 0 pkts/0 bytes][Goodput ratio: 71/0][0.42 sec][Hostname/SNI: mtalk.google.com][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 39/0 75/0 26/0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 184/0 1287/0 339/0][Risk: ** TLS (probably) Not Carrying HTTPS **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic / No ALPN][TCP Fingerprint: 2_64_14600_8c07a80cc645/Linux][TLSv1.2][JA4: t12d200500_6e20beb92e8e_c70a3c84db07][Firefox][Plen Bins: 0,0,0,33,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0]
6 TCP 192.168.180.2:47803 -> 64.233.166.95:443 [proto: 91/TLS][Stack: TLS][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 126/Google, Confidence: IP address][DPI packets: 12][cat: Web/5][Breed: Safe][12 pkts/1608 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][0.58 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 57/0 112/0 36/0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 134/0 649/0 166/0][Risk: ** Obsolete TLS (v1.1 or older) **** Unidirectional Traffic **][Risk Score: 110][Risk Info: No server to client traffic / TLSv1][TCP Fingerprint: 2_64_14600_8c07a80cc645/Linux][TLSv1][JA4: t10i350200_1f24bcc5f17d_33a13ba74d1c][Plen Bins: 0,25,0,0,25,25,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
7 TCP 192.168.180.2:41223 -> 216.58.208.46:443 [proto: 91/TLS][Stack: TLS][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 126/Google, Confidence: IP address][DPI packets: 13][cat: Web/5][Breed: Safe][13 pkts/1448 bytes -> 0 pkts/0 bytes][Goodput ratio: 50/0][0.81 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 49/0 103/0 38/0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 111/0 425/0 106/0][Risk: ** Obsolete TLS (v1.1 or older) **** Unidirectional Traffic **][Risk Score: 110][Risk Info: No server to client traffic / TLSv1][TCP Fingerprint: 2_64_14600_8c07a80cc645/Linux][TLSv1][JA4: t10i350200_1f24bcc5f17d_33a13ba74d1c][Plen Bins: 0,25,0,0,25,25,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/ocsp.pcapng.out b/tests/cfgs/default/result/ocsp.pcapng.out
index ce8371d60..21216a4b0 100644
--- a/tests/cfgs/default/result/ocsp.pcapng.out
+++ b/tests/cfgs/default/result/ocsp.pcapng.out
@@ -33,6 +33,6 @@ Network 344 73647 10
5 TCP 192.168.1.128:43728 <-> 92.122.95.235:80 [proto: 7.63/HTTP.OCSP][Stack: HTTP.OCSP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Network/14][Breed: Safe][19 pkts/3022 bytes <-> 17 pkts/3792 bytes][Goodput ratio: 26/47][123.97 sec][Hostname/SNI: r3.o.lencr.org][bytes ratio: -0.113 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 6898/7491 10244/10244 4464/4342][Pkt Len c2s/s2c min/avg/max/stddev: 118/118 159/223 504/1007 118/286][URL: r3.o.lencr.org/][StatusCode: 200][Req Content-Type: application/ocsp-request][Content-Type: application/ocsp-response][Server: nginx][User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:89.0) Gecko/20100101 Firefox/89.0][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][PLAIN TEXT (xPOST / HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
6 TCP 192.168.1.128:59922 <-> 151.101.2.133:80 [proto: 7.63/HTTP.OCSP][Stack: HTTP.OCSP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Network/14][Breed: Safe][18 pkts/2533 bytes <-> 17 pkts/4012 bytes][Goodput ratio: 16/50][115.14 sec][Hostname/SNI: ocsp.globalsign.com][bytes ratio: -0.226 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 6576/7043 10240/10240 4898/4566][Pkt Len c2s/s2c min/avg/max/stddev: 118/118 141/236 519/1462 92/343][URL: ocsp.globalsign.com/gsrsaovsslca2018][StatusCode: 200][Req Content-Type: application/ocsp-request][Content-Type: application/ocsp-response][Server: nginx][User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:89.0) Gecko/20100101 Firefox/89.0][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][PLAIN TEXT (JiZPOST /gsrsaovsslca)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0]
7 TCP 192.168.1.128:45514 <-> 109.70.240.114:80 [proto: 7.63/HTTP.OCSP][Stack: HTTP.OCSP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Network/14][Breed: Safe][12 pkts/1823 bytes <-> 12 pkts/3749 bytes][Goodput ratio: 22/62][65.05 sec][Hostname/SNI: ocsp09.actalis.it][bytes ratio: -0.346 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 5666/5124 10241/10241 5060/5116][Pkt Len c2s/s2c min/avg/max/stddev: 118/118 152/312 517/1566 110/448][URL: ocsp09.actalis.it/VA/AUTHOV-G3][StatusCode: 200][Req Content-Type: application/ocsp-request][Content-Type: application/ocsp-response][Server: nginx][User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:89.0) Gecko/20100101 Firefox/89.0][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][PLAIN TEXT (POST /VA/AUTHOV)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0]
- 8 TCP 192.168.1.128:49382 <-> 52.85.15.92:80 [proto: 7.63/HTTP.OCSP][Stack: HTTP.OCSP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 6][cat: Network/14][Breed: Safe][17 pkts/2410 bytes <-> 15 pkts/2784 bytes][Goodput ratio: 16/36][115.66 sec][Hostname/SNI: ocsp.sca1b.amazontrust.com][bytes ratio: -0.072 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/17 7320/8368 10240/10240 4401/3916][Pkt Len c2s/s2c min/avg/max/stddev: 118/118 142/186 514/1124 93/251][URL: ocsp.sca1b.amazontrust.com/][StatusCode: 200][Req Content-Type: application/ocsp-request][Content-Type: application/ocsp-response][Server: ECS (dcb/7F3B)][User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:89.0) Gecko/20100101 Firefox/89.0][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][PLAIN TEXT (KPOST / HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 8 TCP 192.168.1.128:49382 <-> 52.85.15.92:80 [proto: 7.63/HTTP.OCSP][Stack: HTTP.OCSP][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 464/AWS_Cloudfront, Confidence: IP address][DPI packets: 6][cat: Network/14][Breed: Safe][17 pkts/2410 bytes <-> 15 pkts/2784 bytes][Goodput ratio: 16/36][115.66 sec][Hostname/SNI: ocsp.sca1b.amazontrust.com][bytes ratio: -0.072 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/17 7320/8368 10240/10240 4401/3916][Pkt Len c2s/s2c min/avg/max/stddev: 118/118 142/186 514/1124 93/251][URL: ocsp.sca1b.amazontrust.com/][StatusCode: 200][Req Content-Type: application/ocsp-request][Content-Type: application/ocsp-response][Server: ECS (dcb/7F3B)][User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:89.0) Gecko/20100101 Firefox/89.0][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][PLAIN TEXT (KPOST / HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
9 TCP 192.168.1.128:34320 <-> 151.139.128.14:80 [proto: 7.63/HTTP.OCSP][Stack: HTTP.OCSP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Network/14][Breed: Safe][12 pkts/1817 bytes <-> 12 pkts/2623 bytes][Goodput ratio: 22/46][65.10 sec][Hostname/SNI: geant.ocsp.sectigo.com][bytes ratio: -0.182 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 5676/5133 10240/10240 5053/5106][Pkt Len c2s/s2c min/avg/max/stddev: 118/118 151/219 511/846 108/229][URL: geant.ocsp.sectigo.com/][StatusCode: 200][Req Content-Type: application/ocsp-request][Content-Type: application/ocsp-response][Server: Apache][User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:89.0) Gecko/20100101 Firefox/89.0][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][PLAIN TEXT (WPOST / HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,33,0,33,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
10 TCP 192.168.1.128:34340 <-> 151.139.128.14:80 [proto: 7.63/HTTP.OCSP][Stack: HTTP.OCSP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Network/14][Breed: Safe][12 pkts/1813 bytes <-> 12 pkts/2341 bytes][Goodput ratio: 21/39][65.09 sec][Hostname/SNI: ocsp.usertrust.com][bytes ratio: -0.127 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 5681/5127 10240/10240 5067/5111][Pkt Len c2s/s2c min/avg/max/stddev: 118/118 151/195 507/590 107/171][URL: ocsp.usertrust.com/][StatusCode: 200][Req Content-Type: application/ocsp-request][Content-Type: application/ocsp-response][Server: Apache][User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:89.0) Gecko/20100101 Firefox/89.0][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][PLAIN TEXT (sPOST / HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,33,33,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/openvpn.pcap.out b/tests/cfgs/default/result/openvpn.pcap.out
index c1ecbab0d..bb45bd4d6 100644
--- a/tests/cfgs/default/result/openvpn.pcap.out
+++ b/tests/cfgs/default/result/openvpn.pcap.out
@@ -30,7 +30,7 @@ VPN 706 139146 10
1 UDP 192.168.43.18:13680 <-> 139.59.151.137:13680 [proto: 159/OpenVPN][Stack: OpenVPN][IP: 442/DigitalOcean][Encrypted][Confidence: DPI][FPC: 442/DigitalOcean, Confidence: IP address][DPI packets: 3][cat: VPN/2][Breed: Acceptable][62 pkts/11508 bytes <-> 58 pkts/16664 bytes][Goodput ratio: 77/85][19.24 sec][bytes ratio: -0.183 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 289/106 3994/2456 764/365][Pkt Len c2s/s2c min/avg/max/stddev: 84/92 186/287 1214/1287 193/325][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 1194][PLAIN TEXT (160727093158Z)][Plen Bins: 0,33,19,9,29,0,0,2,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,1,1,0,0,0,0,0,0,0,0,0]
2 TCP 10.181.235.122:39772 <-> 10.251.71.30:1194 [proto: 159/OpenVPN][Stack: OpenVPN][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: VPN/2][Breed: Acceptable][100 pkts/13594 bytes <-> 95 pkts/13987 bytes][Goodput ratio: 51/55][32.02 sec][bytes ratio: -0.014 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 245/317 3842/9253 675/1172][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 136/147 472/542 78/90][TCP Fingerprint: 2_64_14600_d227986fac6c/Unknown][PLAIN TEXT (121031022835Z)][Plen Bins: 35,13,1,39,1,0,0,8,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 3 UDP 3.111.166.78:51146 <-> 85.134.13.165:1194 [proto: 159/OpenVPN][Stack: OpenVPN][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 2][cat: VPN/2][Breed: Acceptable][51 pkts/7057 bytes <-> 49 pkts/8409 bytes][Goodput ratio: 70/76][17.72 sec][bytes ratio: -0.087 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 343/338 4127/4124 897/934][Pkt Len c2s/s2c min/avg/max/stddev: 60/64 138/172 168/1242 35/312][PLAIN TEXT (New York1)][Plen Bins: 48,4,1,40,0,0,0,2,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0]
+ 3 UDP 3.111.166.78:51146 <-> 85.134.13.165:1194 [proto: 159/OpenVPN][Stack: OpenVPN][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 2][cat: VPN/2][Breed: Acceptable][51 pkts/7057 bytes <-> 49 pkts/8409 bytes][Goodput ratio: 70/76][17.72 sec][bytes ratio: -0.087 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 343/338 4127/4124 897/934][Pkt Len c2s/s2c min/avg/max/stddev: 60/64 138/172 168/1242 35/312][PLAIN TEXT (New York1)][Plen Bins: 48,4,1,40,0,0,0,2,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0]
4 TCP 192.168.1.77:60140 <-> 46.101.231.218:443 [proto: 159/OpenVPN][Stack: OpenVPN][IP: 442/DigitalOcean][Encrypted][Confidence: DPI][FPC: 442/DigitalOcean, Confidence: IP address][DPI packets: 6][cat: VPN/2][Breed: Acceptable][44 pkts/7514 bytes <-> 51 pkts/7866 bytes][Goodput ratio: 61/57][64.13 sec][bytes ratio: -0.023 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1298/1400 11356/11265 2924/3289][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 171/154 1514/222 236/63][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 1194][TCP Fingerprint: 2_64_29200_d227986fac6c/Unknown][PLAIN TEXT (160630002150Z)][Plen Bins: 0,39,0,4,51,0,0,0,0,1,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0]
5 UDP 192.168.43.12:41507 <-> 139.59.151.137:13680 [proto: 159/OpenVPN][Stack: OpenVPN][IP: 442/DigitalOcean][Encrypted][Confidence: DPI][FPC: 442/DigitalOcean, Confidence: IP address][DPI packets: 2][cat: VPN/2][Breed: Acceptable][49 pkts/7860 bytes <-> 34 pkts/5699 bytes][Goodput ratio: 74/75][9.11 sec][bytes ratio: 0.159 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 224/137 3857/2389 691/464][Pkt Len c2s/s2c min/avg/max/stddev: 84/92 160/168 1214/196 192/31][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 1194][PLAIN TEXT (160727093158Z)][Plen Bins: 0,40,14,8,30,2,0,0,0,1,0,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0]
6 TCP 127.0.0.1:36138 <-> 127.0.0.1:443 [proto: 159/OpenVPN][Stack: OpenVPN][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 12][cat: VPN/2][Breed: Acceptable][23 pkts/5552 bytes <-> 23 pkts/5854 bytes][Goodput ratio: 77/77][1.55 sec][bytes ratio: -0.026 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 69/85 1049/1050 238/247][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 241/255 1514/1440 378/396][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 1194][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][PLAIN TEXT (Rj.shh)][Plen Bins: 0,5,45,5,0,0,0,0,0,0,0,10,0,0,0,0,0,5,0,0,0,0,5,0,0,0,0,0,0,5,0,0,0,0,0,10,0,0,0,0,0,0,0,5,0,5,0,0]
diff --git a/tests/cfgs/default/result/openvpn_nohmac.pcapng.out b/tests/cfgs/default/result/openvpn_nohmac.pcapng.out
index 2c59985b3..21a3d3e42 100644
--- a/tests/cfgs/default/result/openvpn_nohmac.pcapng.out
+++ b/tests/cfgs/default/result/openvpn_nohmac.pcapng.out
@@ -26,4 +26,4 @@ Acceptable 944 303931 1
VPN 944 303931 1
- 1 UDP 3.111.166.78:51146 <-> 85.134.13.165:1194 [proto: 159/OpenVPN][Stack: OpenVPN][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 2][cat: VPN/2][Breed: Acceptable][594 pkts/138399 bytes <-> 350 pkts/165532 bytes][Goodput ratio: 82/91][73.25 sec][bytes ratio: -0.089 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 101/181 5093/5107 502/713][Pkt Len c2s/s2c min/avg/max/stddev: 60/64 233/473 1490/1487 273/526][PLAIN TEXT (New York1)][Plen Bins: 18,1,1,72,3,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0]
+ 1 UDP 3.111.166.78:51146 <-> 85.134.13.165:1194 [proto: 159/OpenVPN][Stack: OpenVPN][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 2][cat: VPN/2][Breed: Acceptable][594 pkts/138399 bytes <-> 350 pkts/165532 bytes][Goodput ratio: 82/91][73.25 sec][bytes ratio: -0.089 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 101/181 5093/5107 502/713][Pkt Len c2s/s2c min/avg/max/stddev: 60/64 233/473 1490/1487 273/526][PLAIN TEXT (New York1)][Plen Bins: 18,1,1,72,3,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/paltalk.pcapng.out b/tests/cfgs/default/result/paltalk.pcapng.out
index 073e7c943..0cfff161d 100644
--- a/tests/cfgs/default/result/paltalk.pcapng.out
+++ b/tests/cfgs/default/result/paltalk.pcapng.out
@@ -31,7 +31,7 @@ JA Host Stats:
1 192.168.88.208 1
- 1 TCP 192.168.88.208:51807 <-> 3.162.112.93:443 [proto: 91.432/TLS.Paltalk][Stack: TLS.Paltalk][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 6][cat: Chat/9][Breed: Acceptable][3 pkts/356 bytes <-> 3 pkts/1620 bytes][Goodput ratio: 51/89][0.25 sec][Hostname/SNI: paltalk.com][bytes ratio: -0.640 (Download)][IAT c2s/s2c min/avg/max/stddev: 19/0 66/66 112/132 46/66][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 119/540 236/1494 83/675][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][TCP Fingerprint: 2_128_64240_6bb88f5575fd/Windows][TLSv1.2][JA4: t12d210800_76e208dd3e22_7af1ed941c26][JA3S: 7da0ae90f9693272ed42e89898421495][Firefox][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0]
- 2 TCP 192.168.88.208:51825 <-> 44.194.181.195:80 [proto: 7.432/HTTP.Paltalk][Stack: HTTP.Paltalk][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 4][cat: Chat/9][Breed: Acceptable][3 pkts/1017 bytes <-> 1 pkts/66 bytes][Goodput ratio: 83/0][< 1 sec][Hostname/SNI: qos.paltalkconnect.com][URL: qos.paltalkconnect.com//qos/client][Req Content-Type: application/json][User-Agent: PaltalkQOS][TCP Fingerprint: 2_128_64240_6bb88f5575fd/Windows][PLAIN TEXT (POST //qos/client HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 1 TCP 192.168.88.208:51807 <-> 3.162.112.93:443 [proto: 91.432/TLS.Paltalk][Stack: TLS.Paltalk][IP: 464/AWS_Cloudfront][Encrypted][Confidence: DPI][FPC: 464/AWS_Cloudfront, Confidence: IP address][DPI packets: 6][cat: Chat/9][Breed: Acceptable][3 pkts/356 bytes <-> 3 pkts/1620 bytes][Goodput ratio: 51/89][0.25 sec][Hostname/SNI: paltalk.com][bytes ratio: -0.640 (Download)][IAT c2s/s2c min/avg/max/stddev: 19/0 66/66 112/132 46/66][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 119/540 236/1494 83/675][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][TCP Fingerprint: 2_128_64240_6bb88f5575fd/Windows][TLSv1.2][JA4: t12d210800_76e208dd3e22_7af1ed941c26][JA3S: 7da0ae90f9693272ed42e89898421495][Firefox][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0]
+ 2 TCP 192.168.88.208:51825 <-> 44.194.181.195:80 [proto: 7.432/HTTP.Paltalk][Stack: HTTP.Paltalk][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 4][cat: Chat/9][Breed: Acceptable][3 pkts/1017 bytes <-> 1 pkts/66 bytes][Goodput ratio: 83/0][< 1 sec][Hostname/SNI: qos.paltalkconnect.com][URL: qos.paltalkconnect.com//qos/client][Req Content-Type: application/json][User-Agent: PaltalkQOS][TCP Fingerprint: 2_128_64240_6bb88f5575fd/Windows][PLAIN TEXT (POST //qos/client HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 TCP 192.168.88.208:50728 <-> 84.17.44.229:7970 [proto: 432/Paltalk][Stack: Paltalk][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 4][cat: Chat/9][Breed: Acceptable][3 pkts/196 bytes <-> 1 pkts/66 bytes][Goodput ratio: 11/0][0.17 sec][TCP Fingerprint: 2_128_64240_6bb88f5575fd/Windows][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 TCP 158.69.169.104:6845 <-> 192.168.88.208:51887 [proto: 432/Paltalk][Stack: Paltalk][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 3][cat: Chat/9][Breed: Acceptable][1 pkts/62 bytes <-> 2 pkts/128 bytes][Goodput ratio: 0/16][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/pluralsight.pcap.out b/tests/cfgs/default/result/pluralsight.pcap.out
index 31bb17c06..33e82ccfa 100644
--- a/tests/cfgs/default/result/pluralsight.pcap.out
+++ b/tests/cfgs/default/result/pluralsight.pcap.out
@@ -31,9 +31,9 @@ JA Host Stats:
1 192.168.1.128 1
- 1 TCP 192.168.1.128:42642 <-> 54.69.188.18:443 [proto: 91.61/TLS.Pluralsight][Stack: TLS.Pluralsight][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 7][cat: Streaming/17][Breed: Fun][3 pkts/849 bytes <-> 6 pkts/6252 bytes][Goodput ratio: 76/94][0.57 sec][Hostname/SNI: pluralsight.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][bytes ratio: -0.761 (Download)][IAT c2s/s2c min/avg/max/stddev: 188/0 191/76 194/194 3/93][Pkt Len c2s/s2c min/avg/max/stddev: 74/74 283/1042 583/1514 218/605][nDPI Fingerprint: f405dac8aa2f0b5ee1d6f28bd6582412][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.2][JA4: t13d1516h2_8daaf6152771_e5627efa2ab1][ServerNames: *.pluralsight.com,pluralsight.com][JA3S: 8d2a028aa94425f76ced7826b1f39039][Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http://certs.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2][Subject: OU=Domain Control Validated, CN=*.pluralsight.com][Certificate SHA-1: 31:0B:3D:03:7A:6A:F8:86:8F:CE:62:30:E9:A2:F1:47:E5:6C:3D:F7][Chrome][Validity: 2020-05-02 16:02:08 - 2022-07-01 23:42:28][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,0,14,0,0,0,0,14,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,42,0,0]
+ 1 TCP 192.168.1.128:42642 <-> 54.69.188.18:443 [proto: 91.61/TLS.Pluralsight][Stack: TLS.Pluralsight][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 7][cat: Streaming/17][Breed: Fun][3 pkts/849 bytes <-> 6 pkts/6252 bytes][Goodput ratio: 76/94][0.57 sec][Hostname/SNI: pluralsight.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][bytes ratio: -0.761 (Download)][IAT c2s/s2c min/avg/max/stddev: 188/0 191/76 194/194 3/93][Pkt Len c2s/s2c min/avg/max/stddev: 74/74 283/1042 583/1514 218/605][nDPI Fingerprint: f405dac8aa2f0b5ee1d6f28bd6582412][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.2][JA4: t13d1516h2_8daaf6152771_e5627efa2ab1][ServerNames: *.pluralsight.com,pluralsight.com][JA3S: 8d2a028aa94425f76ced7826b1f39039][Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http://certs.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2][Subject: OU=Domain Control Validated, CN=*.pluralsight.com][Certificate SHA-1: 31:0B:3D:03:7A:6A:F8:86:8F:CE:62:30:E9:A2:F1:47:E5:6C:3D:F7][Chrome][Validity: 2020-05-02 16:02:08 - 2022-07-01 23:42:28][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,0,14,0,0,0,0,14,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,42,0,0]
2 TCP 192.168.1.128:42782 <-> 146.75.62.208:443 [proto: 91.61/TLS.Pluralsight][Stack: TLS.Pluralsight][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Streaming/17][Breed: Fun][3 pkts/816 bytes <-> 6 pkts/5407 bytes][Goodput ratio: 75/93][0.05 sec][Hostname/SNI: pluralsight2.imgix.net][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][bytes ratio: -0.738 (Download)][IAT c2s/s2c min/avg/max/stddev: 15/0 17/7 19/19 2/9][Pkt Len c2s/s2c min/avg/max/stddev: 74/74 272/901 583/1406 223/547][nDPI Fingerprint: f405dac8aa2f0b5ee1d6f28bd6582412][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.2][JA4: t13d1516h2_8daaf6152771_e5627efa2ab1][ServerNames: *.imgix.com,*.imgix.net,imgix.com,imgix.net][JA3S: 16c0b3e6a7b8173c16d944cfeaeee9cf][Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Atlas R3 DV TLS CA 2020][Subject: CN=*.imgix.com][Certificate SHA-1: C6:A8:D1:F3:16:08:C6:7F:9F:58:B9:3B:87:A6:A1:75:BC:67:F8:8D][Chrome][Validity: 2021-05-10 23:09:57 - 2022-06-11 23:09:56][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,14,0,0,0,0,0,14,0,0,0,0,0,0,0,14,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,42,0,0,0,0,0,0]
3 TCP 192.168.1.128:42790 <-> 146.75.62.208:443 [proto: 91.61/TLS.Pluralsight][Stack: TLS.Pluralsight][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Streaming/17][Breed: Fun][3 pkts/816 bytes <-> 6 pkts/5407 bytes][Goodput ratio: 75/93][0.06 sec][Hostname/SNI: pluralsight.imgix.net][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][bytes ratio: -0.738 (Download)][IAT c2s/s2c min/avg/max/stddev: 18/0 23/8 28/22 5/10][Pkt Len c2s/s2c min/avg/max/stddev: 74/74 272/901 583/1406 223/547][nDPI Fingerprint: f405dac8aa2f0b5ee1d6f28bd6582412][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.2][JA4: t13d1516h2_8daaf6152771_e5627efa2ab1][ServerNames: *.imgix.com,*.imgix.net,imgix.com,imgix.net][JA3S: 16c0b3e6a7b8173c16d944cfeaeee9cf][Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Atlas R3 DV TLS CA 2020][Subject: CN=*.imgix.com][Certificate SHA-1: C6:A8:D1:F3:16:08:C6:7F:9F:58:B9:3B:87:A6:A1:75:BC:67:F8:8D][Chrome][Validity: 2021-05-10 23:09:57 - 2022-06-11 23:09:56][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,14,0,0,0,0,0,14,0,0,0,0,0,0,0,14,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,42,0,0,0,0,0,0]
- 4 TCP 192.168.1.128:42618 <-> 18.203.201.56:443 [proto: 91.61/TLS.Pluralsight][Stack: TLS.Pluralsight][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 6][cat: Streaming/17][Breed: Fun][3 pkts/849 bytes <-> 6 pkts/4806 bytes][Goodput ratio: 76/92][0.13 sec][Hostname/SNI: stt.pluralsight.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][bytes ratio: -0.700 (Download)][IAT c2s/s2c min/avg/max/stddev: 41/0 44/17 46/45 2/20][Pkt Len c2s/s2c min/avg/max/stddev: 74/73 283/801 583/1514 218/713][nDPI Fingerprint: f405dac8aa2f0b5ee1d6f28bd6582412][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.2][JA4: t13d1516h2_8daaf6152771_e5627efa2ab1][ServerNames: stt.pluralsight.com][JA3S: c4b2785a87896e19d37eee932070cb22][Issuer: C=US, O=DigiCert Inc, CN=DigiCert TLS RSA SHA256 2020 CA1][Subject: C=US, ST=California, L=San Jose, O=Adobe Systems Incorporated, CN=stt.pluralsight.com][Certificate SHA-1: C5:A3:DE:6D:71:B1:15:77:EC:86:38:E6:30:1C:F5:AC:18:9D:BE:82][Chrome][Validity: 2021-10-01 00:00:00 - 2022-10-01 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 14,14,0,14,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,42,0,0]
+ 4 TCP 192.168.1.128:42618 <-> 18.203.201.56:443 [proto: 91.61/TLS.Pluralsight][Stack: TLS.Pluralsight][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 6][cat: Streaming/17][Breed: Fun][3 pkts/849 bytes <-> 6 pkts/4806 bytes][Goodput ratio: 76/92][0.13 sec][Hostname/SNI: stt.pluralsight.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][bytes ratio: -0.700 (Download)][IAT c2s/s2c min/avg/max/stddev: 41/0 44/17 46/45 2/20][Pkt Len c2s/s2c min/avg/max/stddev: 74/73 283/801 583/1514 218/713][nDPI Fingerprint: f405dac8aa2f0b5ee1d6f28bd6582412][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.2][JA4: t13d1516h2_8daaf6152771_e5627efa2ab1][ServerNames: stt.pluralsight.com][JA3S: c4b2785a87896e19d37eee932070cb22][Issuer: C=US, O=DigiCert Inc, CN=DigiCert TLS RSA SHA256 2020 CA1][Subject: C=US, ST=California, L=San Jose, O=Adobe Systems Incorporated, CN=stt.pluralsight.com][Certificate SHA-1: C5:A3:DE:6D:71:B1:15:77:EC:86:38:E6:30:1C:F5:AC:18:9D:BE:82][Chrome][Validity: 2021-10-01 00:00:00 - 2022-10-01 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 14,14,0,14,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,42,0,0]
5 TCP 192.168.1.128:44770 <-> 104.17.209.240:443 [proto: 91.61/TLS.Pluralsight][Stack: TLS.Pluralsight][IP: 220/Cloudflare][Encrypted][Confidence: DPI][FPC: 220/Cloudflare, Confidence: IP address][DPI packets: 4][cat: Streaming/17][Breed: Fun][2 pkts/645 bytes <-> 2 pkts/1580 bytes][Goodput ratio: 80/92][0.04 sec][Hostname/SNI: zn6qzq6caaucudesr-pluralsight.siteintercept.qualtrics.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][nDPI Fingerprint: f405dac8aa2f0b5ee1d6f28bd6582412][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1516h2_8daaf6152771_e5627efa2ab1][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Chrome][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0]
6 TCP 192.168.1.128:48948 <-> 104.19.162.127:443 [proto: 91.61/TLS.Pluralsight][Stack: TLS.Pluralsight][IP: 220/Cloudflare][Encrypted][Confidence: DPI][FPC: 220/Cloudflare, Confidence: IP address][DPI packets: 4][cat: Streaming/17][Breed: Fun][2 pkts/645 bytes <-> 2 pkts/1580 bytes][Goodput ratio: 80/92][0.05 sec][Hostname/SNI: www.pluralsight.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][nDPI Fingerprint: f405dac8aa2f0b5ee1d6f28bd6582412][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1516h2_8daaf6152771_e5627efa2ab1][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Chrome][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0]
diff --git a/tests/cfgs/default/result/quic_interop_V.pcapng.out b/tests/cfgs/default/result/quic_interop_V.pcapng.out
index ce26557d4..07419cf5a 100644
--- a/tests/cfgs/default/result/quic_interop_V.pcapng.out
+++ b/tests/cfgs/default/result/quic_interop_V.pcapng.out
@@ -36,13 +36,13 @@ Network 31 18078 14
4 UDP 192.168.1.128:46334 -> 40.112.191.60:443 [proto: 188/QUIC][Stack: QUIC][IP: 276/Azure][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][8 pkts/10352 bytes -> 0 pkts/0 bytes][Goodput ratio: 97/0][9.98 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 241/0 1426/0 4801/0 1545/0][Pkt Len c2s/s2c min/avg/max/stddev: 1294/0 1294/0 1294/0 0/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][QUIC ver: Ver-Negotiation][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0]
5 UDP 192.168.1.128:49658 -> 193.190.10.98:443 [proto: 188/QUIC][Stack: QUIC][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][8 pkts/10352 bytes -> 0 pkts/0 bytes][Goodput ratio: 97/0][9.96 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 150/0 1423/0 4800/0 1549/0][Pkt Len c2s/s2c min/avg/max/stddev: 1294/0 1294/0 1294/0 0/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][QUIC ver: Ver-Negotiation][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0]
6 UDP 192.168.1.128:50705 -> 138.91.188.147:4434 [proto: 188/QUIC][Stack: QUIC][IP: 276/Azure][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][8 pkts/10352 bytes -> 0 pkts/0 bytes][Goodput ratio: 97/0][9.86 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 150/0 1409/0 4800/0 1558/0][Pkt Len c2s/s2c min/avg/max/stddev: 1294/0 1294/0 1294/0 0/0][Risk: ** Known Proto on Non Std Port **** Unidirectional Traffic **][Risk Score: 60][Risk Info: No server to client traffic / Expected on port 443][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][QUIC ver: Ver-Negotiation][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0]
- 7 UDP 192.168.1.128:53402 -> 3.121.242.54:4434 [proto: 188/QUIC][Stack: QUIC][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][8 pkts/10352 bytes -> 0 pkts/0 bytes][Goodput ratio: 97/0][9.97 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 150/0 1423/0 4800/0 1549/0][Pkt Len c2s/s2c min/avg/max/stddev: 1294/0 1294/0 1294/0 0/0][Risk: ** Known Proto on Non Std Port **** Unidirectional Traffic **][Risk Score: 60][Risk Info: No server to client traffic / Expected on port 443][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][QUIC ver: Ver-Negotiation][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0]
+ 7 UDP 192.168.1.128:53402 -> 3.121.242.54:4434 [proto: 188/QUIC][Stack: QUIC][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][8 pkts/10352 bytes -> 0 pkts/0 bytes][Goodput ratio: 97/0][9.97 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 150/0 1423/0 4800/0 1549/0][Pkt Len c2s/s2c min/avg/max/stddev: 1294/0 1294/0 1294/0 0/0][Risk: ** Known Proto on Non Std Port **** Unidirectional Traffic **][Risk Score: 60][Risk Info: No server to client traffic / Expected on port 443][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][QUIC ver: Ver-Negotiation][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0]
8 UDP 192.168.1.128:59171 -> 193.190.10.98:4433 [proto: 188/QUIC][Stack: QUIC][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][8 pkts/10352 bytes -> 0 pkts/0 bytes][Goodput ratio: 97/0][9.94 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 150/0 1420/0 4800/0 1551/0][Pkt Len c2s/s2c min/avg/max/stddev: 1294/0 1294/0 1294/0 0/0][Risk: ** Known Proto on Non Std Port **** Unidirectional Traffic **][Risk Score: 60][Risk Info: No server to client traffic / Expected on port 443][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][QUIC ver: Ver-Negotiation][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0]
9 UDP 192.168.1.128:59515 -> 193.190.10.98:4434 [proto: 188/QUIC][Stack: QUIC][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][8 pkts/10352 bytes -> 0 pkts/0 bytes][Goodput ratio: 97/0][9.84 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 150/0 1406/0 4800/0 1560/0][Pkt Len c2s/s2c min/avg/max/stddev: 1294/0 1294/0 1294/0 0/0][Risk: ** Known Proto on Non Std Port **** Unidirectional Traffic **][Risk Score: 60][Risk Info: No server to client traffic / Expected on port 443][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][QUIC ver: Ver-Negotiation][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0]
- 10 UDP 192.168.1.128:60784 -> 3.121.242.54:4433 [proto: 188/QUIC][Stack: QUIC][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][8 pkts/10352 bytes -> 0 pkts/0 bytes][Goodput ratio: 97/0][9.97 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 150/0 1424/0 4800/0 1549/0][Pkt Len c2s/s2c min/avg/max/stddev: 1294/0 1294/0 1294/0 0/0][Risk: ** Known Proto on Non Std Port **** Unidirectional Traffic **][Risk Score: 60][Risk Info: No server to client traffic / Expected on port 443][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][QUIC ver: Ver-Negotiation][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0]
+ 10 UDP 192.168.1.128:60784 -> 3.121.242.54:4433 [proto: 188/QUIC][Stack: QUIC][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][8 pkts/10352 bytes -> 0 pkts/0 bytes][Goodput ratio: 97/0][9.97 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 150/0 1424/0 4800/0 1549/0][Pkt Len c2s/s2c min/avg/max/stddev: 1294/0 1294/0 1294/0 0/0][Risk: ** Known Proto on Non Std Port **** Unidirectional Traffic **][Risk Score: 60][Risk Info: No server to client traffic / Expected on port 443][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][QUIC ver: Ver-Negotiation][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0]
11 UDP [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:32957 -> [2606:4700:10::6816:826]:4433 [proto: 188/QUIC][Stack: QUIC][IP: 220/Cloudflare][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][8 pkts/10352 bytes -> 0 pkts/0 bytes][Goodput ratio: 95/0][9.99 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 150/0 1427/0 4800/0 1547/0][Pkt Len c2s/s2c min/avg/max/stddev: 1294/0 1294/0 1294/0 0/0][Risk: ** Known Proto on Non Std Port **** Unidirectional Traffic **][Risk Score: 60][Risk Info: No server to client traffic / Expected on port 443][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][QUIC ver: Ver-Negotiation][PLAIN TEXT (uhbU.2)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0]
12 UDP [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:41857 -> [2606:4700:10::6816:826]:4434 [proto: 188/QUIC][Stack: QUIC][IP: 220/Cloudflare][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][8 pkts/10352 bytes -> 0 pkts/0 bytes][Goodput ratio: 95/0][9.86 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 151/0 1408/0 4800/0 1559/0][Pkt Len c2s/s2c min/avg/max/stddev: 1294/0 1294/0 1294/0 0/0][Risk: ** Known Proto on Non Std Port **** Unidirectional Traffic **][Risk Score: 60][Risk Info: No server to client traffic / Expected on port 443][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][QUIC ver: Ver-Negotiation][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0]
- 13 UDP [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:46242 -> [2600:1f18:2310:d230:5103:7d9e:7d75:374f]:443 [proto: 188/QUIC][Stack: QUIC][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][8 pkts/10352 bytes -> 0 pkts/0 bytes][Goodput ratio: 95/0][9.85 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 150/0 1407/0 4800/0 1559/0][Pkt Len c2s/s2c min/avg/max/stddev: 1294/0 1294/0 1294/0 0/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][QUIC ver: Ver-Negotiation][PLAIN TEXT (QQ/o746)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0]
+ 13 UDP [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:46242 -> [2600:1f18:2310:d230:5103:7d9e:7d75:374f]:443 [proto: 188/QUIC][Stack: QUIC][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][8 pkts/10352 bytes -> 0 pkts/0 bytes][Goodput ratio: 95/0][9.85 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 150/0 1407/0 4800/0 1559/0][Pkt Len c2s/s2c min/avg/max/stddev: 1294/0 1294/0 1294/0 0/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][QUIC ver: Ver-Negotiation][PLAIN TEXT (QQ/o746)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0]
14 ICMPV6 [2400:8902::f03c:91ff:fe69:a454]:0 <-> [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:0 [proto: 102/ICMPV6][Stack: ICMPV6][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 102/ICMPV6, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][2 pkts/2588 bytes <-> 2 pkts/290 bytes][Goodput ratio: 95/57][0.32 sec][Plen Bins: 0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0]
15 UDP [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:44924 <-> [2400:8902::f03c:91ff:fe69:a454]:4434 [proto: 188/QUIC][Stack: QUIC][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][2 pkts/2588 bytes <-> 2 pkts/194 bytes][Goodput ratio: 95/36][0.38 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: No server to client traffic / Expected on port 443][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][QUIC ver: Ver-Negotiation][Plen Bins: 0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0]
16 UDP [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:56213 <-> [2400:8902::f03c:91ff:fe69:a454]:4433 [proto: 188/QUIC][Stack: QUIC][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][2 pkts/2588 bytes <-> 2 pkts/194 bytes][Goodput ratio: 95/36][0.42 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: No server to client traffic / Expected on port 443][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][QUIC ver: Ver-Negotiation][Plen Bins: 0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0]
@@ -64,17 +64,17 @@ Network 31 18078 14
32 ICMPV6 [2001:19f0:4:34::1]:0 -> [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:0 [proto: 102/ICMPV6][Stack: ICMPV6][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 102/ICMPV6, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][2 pkts/2588 bytes -> 0 pkts/0 bytes][Goodput ratio: 95/0][0.06 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0]
33 ICMPV6 [2001:19f0:5:c21:5400:1ff:fe33:3b96]:0 -> [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:0 [proto: 102/ICMPV6][Stack: ICMPV6][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 102/ICMPV6, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][2 pkts/2588 bytes -> 0 pkts/0 bytes][Goodput ratio: 95/0][0.17 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (bSuZ88)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0]
34 ICMP 51.158.105.98:0 -> 192.168.1.128:0 [proto: 81/ICMP][Stack: ICMP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 81/ICMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][3 pkts/1770 bytes -> 0 pkts/0 bytes][Goodput ratio: 93/0][0.20 sec][Risk: ** Susp Entropy **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic / Entropy: 7.655 (Encrypted or Random?)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 35 UDP [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:38394 <-> [2600:1f18:2310:d230:5103:7d9e:7d75:374f]:4433 [proto: 188/QUIC][Stack: QUIC][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1294 bytes <-> 1 pkts/113 bytes][Goodput ratio: 95/45][0.14 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 443][QUIC ver: Ver-Negotiation][Plen Bins: 0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0]
- 36 UDP [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:52080 <-> [2600:1f18:2310:d230:5103:7d9e:7d75:374f]:4434 [proto: 188/QUIC][Stack: QUIC][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1294 bytes <-> 1 pkts/113 bytes][Goodput ratio: 95/45][0.13 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 443][QUIC ver: Ver-Negotiation][Plen Bins: 0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0]
+ 35 UDP [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:38394 <-> [2600:1f18:2310:d230:5103:7d9e:7d75:374f]:4433 [proto: 188/QUIC][Stack: QUIC][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1294 bytes <-> 1 pkts/113 bytes][Goodput ratio: 95/45][0.14 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 443][QUIC ver: Ver-Negotiation][Plen Bins: 0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0]
+ 36 UDP [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:52080 <-> [2600:1f18:2310:d230:5103:7d9e:7d75:374f]:4434 [proto: 188/QUIC][Stack: QUIC][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1294 bytes <-> 1 pkts/113 bytes][Goodput ratio: 95/45][0.13 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 443][QUIC ver: Ver-Negotiation][Plen Bins: 0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0]
37 UDP [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:51040 <-> [2604:a880:800:a1::1279:3001]:4433 [proto: 188/QUIC][Stack: QUIC][IP: 442/DigitalOcean][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1294 bytes <-> 1 pkts/109 bytes][Goodput ratio: 95/43][0.09 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 443][QUIC ver: Ver-Negotiation][PLAIN TEXT (bOP/lk)][Plen Bins: 0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0]
38 UDP [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:53760 <-> [2604:a880:800:a1::1279:3001]:4434 [proto: 188/QUIC][Stack: QUIC][IP: 442/DigitalOcean][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1294 bytes <-> 1 pkts/109 bytes][Goodput ratio: 95/43][0.09 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 443][QUIC ver: Ver-Negotiation][Plen Bins: 0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0]
39 UDP [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:48707 <-> [2a00:ac00:4000:400:2e0:4cff:fe68:199d]:443 [proto: 188/QUIC][Stack: QUIC][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1294 bytes <-> 1 pkts/97 bytes][Goodput ratio: 95/36][0.05 sec][QUIC ver: Ver-Negotiation][PLAIN TEXT (BykFtI)][Plen Bins: 0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0]
40 UDP [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:52271 <-> [2a00:ac00:4000:400:2e0:4cff:fe68:199d]:4434 [proto: 188/QUIC][Stack: QUIC][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1294 bytes <-> 1 pkts/97 bytes][Goodput ratio: 95/36][0.05 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 443][QUIC ver: Ver-Negotiation][Plen Bins: 0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0]
41 UDP [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:60983 <-> [2a00:ac00:4000:400:2e0:4cff:fe68:199d]:4433 [proto: 188/QUIC][Stack: QUIC][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1294 bytes <-> 1 pkts/97 bytes][Goodput ratio: 95/36][0.05 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 443][QUIC ver: Ver-Negotiation][Plen Bins: 0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0]
42 UDP [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:35643 <-> [2001:19f0:4:34::1]:4433 [proto: 188/QUIC][Stack: QUIC][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1294 bytes <-> 1 pkts/89 bytes][Goodput ratio: 95/30][0.10 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 443][QUIC ver: Ver-Negotiation][Plen Bins: 50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0]
- 43 UDP [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:37876 <-> [2a05:d018:ce9:8100:cd2a:e2fd:b3be:c5ab]:443 [proto: 188/QUIC][Stack: QUIC][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1294 bytes <-> 1 pkts/89 bytes][Goodput ratio: 95/30][0.04 sec][QUIC ver: Ver-Negotiation][Plen Bins: 50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0]
- 44 UDP [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:39945 <-> [2a05:d018:ce9:8100:cd2a:e2fd:b3be:c5ab]:4433 [proto: 188/QUIC][Stack: QUIC][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1294 bytes <-> 1 pkts/89 bytes][Goodput ratio: 95/30][0.04 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 443][QUIC ver: Ver-Negotiation][Plen Bins: 50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0]
- 45 UDP [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:44605 <-> [2a05:d018:ce9:8100:cd2a:e2fd:b3be:c5ab]:4434 [proto: 188/QUIC][Stack: QUIC][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1294 bytes <-> 1 pkts/89 bytes][Goodput ratio: 95/30][0.04 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 443][QUIC ver: Ver-Negotiation][Plen Bins: 50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0]
+ 43 UDP [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:37876 <-> [2a05:d018:ce9:8100:cd2a:e2fd:b3be:c5ab]:443 [proto: 188/QUIC][Stack: QUIC][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1294 bytes <-> 1 pkts/89 bytes][Goodput ratio: 95/30][0.04 sec][QUIC ver: Ver-Negotiation][Plen Bins: 50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0]
+ 44 UDP [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:39945 <-> [2a05:d018:ce9:8100:cd2a:e2fd:b3be:c5ab]:4433 [proto: 188/QUIC][Stack: QUIC][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1294 bytes <-> 1 pkts/89 bytes][Goodput ratio: 95/30][0.04 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 443][QUIC ver: Ver-Negotiation][Plen Bins: 50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0]
+ 45 UDP [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:44605 <-> [2a05:d018:ce9:8100:cd2a:e2fd:b3be:c5ab]:4434 [proto: 188/QUIC][Stack: QUIC][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1294 bytes <-> 1 pkts/89 bytes][Goodput ratio: 95/30][0.04 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 443][QUIC ver: Ver-Negotiation][Plen Bins: 50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0]
46 UDP [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:45852 <-> [2001:19f0:5:c21:5400:1ff:fe33:3b96]:4433 [proto: 188/QUIC][Stack: QUIC][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1294 bytes <-> 1 pkts/89 bytes][Goodput ratio: 95/30][0.10 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 443][QUIC ver: Ver-Negotiation][Plen Bins: 50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0]
47 UDP [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:46353 <-> [2606:4700:10::6816:826]:443 [proto: 188/QUIC][Stack: QUIC][IP: 220/Cloudflare][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1294 bytes <-> 1 pkts/89 bytes][Goodput ratio: 95/30][0.02 sec][QUIC ver: Ver-Negotiation][Plen Bins: 50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0]
48 UDP [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:49788 <-> [2001:4800:7817:101:be76:4eff:fe04:631d]:4434 [proto: 188/QUIC][Stack: QUIC][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1294 bytes <-> 1 pkts/89 bytes][Goodput ratio: 95/30][0.13 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 443][QUIC ver: Ver-Negotiation][Plen Bins: 50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0]
@@ -83,16 +83,16 @@ Network 31 18078 14
51 UDP [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:51185 <-> [2001:bc8:47a4:1c25::1]:4433 [proto: 188/QUIC][Stack: QUIC][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1294 bytes <-> 1 pkts/85 bytes][Goodput ratio: 95/27][0.03 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 443][QUIC ver: Ver-Negotiation][Plen Bins: 50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0]
52 UDP [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:60346 <-> [2001:bc8:47a4:1c25::1]:443 [proto: 188/QUIC][Stack: QUIC][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1294 bytes <-> 1 pkts/85 bytes][Goodput ratio: 95/27][0.03 sec][QUIC ver: Ver-Negotiation][Plen Bins: 50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0]
53 ICMP 202.238.220.92:0 <-> 192.168.1.128:0 [proto: 81/ICMP][Stack: ICMP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 81/ICMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][2 pkts/1180 bytes <-> 2 pkts/194 bytes][Goodput ratio: 93/56][0.28 sec][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: No server to client traffic / Entropy: 7.598 (Encrypted or Random?)][Plen Bins: 0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 54 UDP 192.168.1.128:34903 <-> 18.189.84.245:443 [proto: 188/QUIC][Stack: QUIC][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1294 bytes <-> 1 pkts/77 bytes][Goodput ratio: 97/45][0.13 sec][QUIC ver: Ver-Negotiation][Plen Bins: 0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0]
- 55 UDP 192.168.1.128:43475 <-> 18.189.84.245:4433 [proto: 188/QUIC][Stack: QUIC][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1294 bytes <-> 1 pkts/73 bytes][Goodput ratio: 97/42][0.12 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 443][QUIC ver: Ver-Negotiation][Plen Bins: 50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0]
+ 54 UDP 192.168.1.128:34903 <-> 18.189.84.245:443 [proto: 188/QUIC][Stack: QUIC][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1294 bytes <-> 1 pkts/77 bytes][Goodput ratio: 97/45][0.13 sec][QUIC ver: Ver-Negotiation][Plen Bins: 0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0]
+ 55 UDP 192.168.1.128:43475 <-> 18.189.84.245:4433 [proto: 188/QUIC][Stack: QUIC][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1294 bytes <-> 1 pkts/73 bytes][Goodput ratio: 97/42][0.12 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 443][QUIC ver: Ver-Negotiation][Plen Bins: 50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0]
56 ICMP 133.242.206.244:0 <-> 192.168.1.128:0 [proto: 81/ICMP][Stack: ICMP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 81/ICMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][2 pkts/1180 bytes <-> 2 pkts/178 bytes][Goodput ratio: 93/53][0.22 sec][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: No server to client traffic / Entropy: 7.612 (Encrypted or Random?)][Plen Bins: 0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
57 UDP 192.168.1.128:41587 -> 131.159.24.198:4433 [proto: 188/QUIC][Stack: QUIC][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 1][cat: Web/5][Breed: Acceptable][1 pkts/1294 bytes -> 0 pkts/0 bytes][Goodput ratio: 97/0][< 1 sec][Risk: ** Known Proto on Non Std Port **** Unidirectional Traffic **][Risk Score: 60][Risk Info: No server to client traffic / Expected on port 443][QUIC ver: Ver-Negotiation][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0]
58 UDP 192.168.1.128:43735 -> 51.158.105.98:4434 [proto: 188/QUIC][Stack: QUIC][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 1][cat: Web/5][Breed: Acceptable][1 pkts/1294 bytes -> 0 pkts/0 bytes][Goodput ratio: 97/0][< 1 sec][Risk: ** Known Proto on Non Std Port **** Unidirectional Traffic **][Risk Score: 60][Risk Info: No server to client traffic / Expected on port 443][QUIC ver: Ver-Negotiation][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0]
59 UDP 192.168.1.128:45250 -> 51.158.105.98:4433 [proto: 188/QUIC][Stack: QUIC][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 1][cat: Web/5][Breed: Acceptable][1 pkts/1294 bytes -> 0 pkts/0 bytes][Goodput ratio: 97/0][< 1 sec][Risk: ** Known Proto on Non Std Port **** Unidirectional Traffic **][Risk Score: 60][Risk Info: No server to client traffic / Expected on port 443][QUIC ver: Ver-Negotiation][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0]
- 60 UDP 192.168.1.128:47010 -> 3.121.242.54:443 [proto: 188/QUIC][Stack: QUIC][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 1][cat: Web/5][Breed: Acceptable][1 pkts/1294 bytes -> 0 pkts/0 bytes][Goodput ratio: 97/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][QUIC ver: Ver-Negotiation][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0]
+ 60 UDP 192.168.1.128:47010 -> 3.121.242.54:443 [proto: 188/QUIC][Stack: QUIC][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 1][cat: Web/5][Breed: Acceptable][1 pkts/1294 bytes -> 0 pkts/0 bytes][Goodput ratio: 97/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][QUIC ver: Ver-Negotiation][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0]
61 UDP 192.168.1.128:48644 -> 131.159.24.198:4434 [proto: 188/QUIC][Stack: QUIC][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 1][cat: Web/5][Breed: Acceptable][1 pkts/1294 bytes -> 0 pkts/0 bytes][Goodput ratio: 97/0][< 1 sec][Risk: ** Known Proto on Non Std Port **** Unidirectional Traffic **][Risk Score: 60][Risk Info: No server to client traffic / Expected on port 443][QUIC ver: Ver-Negotiation][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0]
62 UDP 192.168.1.128:51887 -> 51.158.105.98:443 [proto: 188/QUIC][Stack: QUIC][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 1][cat: Web/5][Breed: Acceptable][1 pkts/1294 bytes -> 0 pkts/0 bytes][Goodput ratio: 97/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][QUIC ver: Ver-Negotiation][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0]
- 63 UDP 192.168.1.128:54570 -> 18.189.84.245:4434 [proto: 188/QUIC][Stack: QUIC][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 1][cat: Web/5][Breed: Acceptable][1 pkts/1294 bytes -> 0 pkts/0 bytes][Goodput ratio: 97/0][< 1 sec][Risk: ** Known Proto on Non Std Port **** Unidirectional Traffic **][Risk Score: 60][Risk Info: No server to client traffic / Expected on port 443][QUIC ver: Ver-Negotiation][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0]
+ 63 UDP 192.168.1.128:54570 -> 18.189.84.245:4434 [proto: 188/QUIC][Stack: QUIC][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 1][cat: Web/5][Breed: Acceptable][1 pkts/1294 bytes -> 0 pkts/0 bytes][Goodput ratio: 97/0][< 1 sec][Risk: ** Known Proto on Non Std Port **** Unidirectional Traffic **][Risk Score: 60][Risk Info: No server to client traffic / Expected on port 443][QUIC ver: Ver-Negotiation][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0]
64 UDP [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:34442 -> [2001:4800:7817:101:be76:4eff:fe04:631d]:443 [proto: 188/QUIC][Stack: QUIC][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 1][cat: Web/5][Breed: Acceptable][1 pkts/1294 bytes -> 0 pkts/0 bytes][Goodput ratio: 95/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][QUIC ver: Ver-Negotiation][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0]
65 UDP [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:38689 -> [2001:19f0:5:c21:5400:1ff:fe33:3b96]:4434 [proto: 188/QUIC][Stack: QUIC][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 1][cat: Web/5][Breed: Acceptable][1 pkts/1294 bytes -> 0 pkts/0 bytes][Goodput ratio: 95/0][< 1 sec][Risk: ** Known Proto on Non Std Port **** Unidirectional Traffic **][Risk Score: 60][Risk Info: No server to client traffic / Expected on port 443][QUIC ver: Ver-Negotiation][PLAIN TEXT (bSuZ88)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0]
66 UDP [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:39624 -> [2001:19f0:5:c21:5400:1ff:fe33:3b96]:443 [proto: 188/QUIC][Stack: QUIC][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 1][cat: Web/5][Breed: Acceptable][1 pkts/1294 bytes -> 0 pkts/0 bytes][Goodput ratio: 95/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][QUIC ver: Ver-Negotiation][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0]
@@ -102,8 +102,8 @@ Network 31 18078 14
70 ICMPV6 [2604:a880:800:a1::1279:3001]:0 -> [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:0 [proto: 102/ICMPV6][Stack: ICMPV6][IP: 442/DigitalOcean][ClearText][Confidence: DPI][FPC: 102/ICMPV6, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/1294 bytes -> 0 pkts/0 bytes][Goodput ratio: 95/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0]
71 ICMPV6 [2001:4800:7817:101:be76:4eff:fe04:631d]:0 -> [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:0 [proto: 102/ICMPV6][Stack: ICMPV6][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 102/ICMPV6, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/1294 bytes -> 0 pkts/0 bytes][Goodput ratio: 95/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0]
72 ICMP 131.159.24.198:0 -> 192.168.1.128:0 [proto: 81/ICMP][Stack: ICMP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 81/ICMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][2 pkts/1180 bytes -> 0 pkts/0 bytes][Goodput ratio: 93/0][0.14 sec][Risk: ** Susp Entropy **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic / Entropy: 7.619 (Encrypted or Random?)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 73 ICMP 3.121.242.54:0 -> 192.168.1.128:0 [proto: 81/ICMP][Stack: ICMP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 81/ICMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/590 bytes -> 0 pkts/0 bytes][Goodput ratio: 93/0][< 1 sec][Risk: ** Susp Entropy **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic / Entropy: 7.594 (Encrypted or Random?)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 74 ICMP 18.189.84.245:0 -> 192.168.1.128:0 [proto: 81/ICMP][Stack: ICMP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 81/ICMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/590 bytes -> 0 pkts/0 bytes][Goodput ratio: 93/0][< 1 sec][Risk: ** Susp Entropy **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic / Entropy: 7.556 (Encrypted or Random?)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 73 ICMP 3.121.242.54:0 -> 192.168.1.128:0 [proto: 81/ICMP][Stack: ICMP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 81/ICMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/590 bytes -> 0 pkts/0 bytes][Goodput ratio: 93/0][< 1 sec][Risk: ** Susp Entropy **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic / Entropy: 7.594 (Encrypted or Random?)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 74 ICMP 18.189.84.245:0 -> 192.168.1.128:0 [proto: 81/ICMP][Stack: ICMP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 81/ICMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/590 bytes -> 0 pkts/0 bytes][Goodput ratio: 93/0][< 1 sec][Risk: ** Susp Entropy **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic / Entropy: 7.556 (Encrypted or Random?)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
75 ICMP 192.168.1.128:0 -> 140.227.52.92:0 [proto: 81/ICMP][Stack: ICMP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 81/ICMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][3 pkts/267 bytes -> 0 pkts/0 bytes][Goodput ratio: 53/0][0.17 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
76 ICMP 192.168.1.128:0 -> 40.112.191.60:0 [proto: 81/ICMP][Stack: ICMP][IP: 276/Azure][ClearText][Confidence: DPI][FPC: 81/ICMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][2 pkts/194 bytes -> 0 pkts/0 bytes][Goodput ratio: 56/0][0.14 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
77 ICMP 192.168.1.128:0 -> 138.91.188.147:0 [proto: 81/ICMP][Stack: ICMP][IP: 276/Azure][ClearText][Confidence: DPI][FPC: 81/ICMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/113 bytes -> 0 pkts/0 bytes][Goodput ratio: 62/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/quic_sh.pcap.out b/tests/cfgs/default/result/quic_sh.pcap.out
index 4cbbc3e21..1e7c40c77 100644
--- a/tests/cfgs/default/result/quic_sh.pcap.out
+++ b/tests/cfgs/default/result/quic_sh.pcap.out
@@ -27,5 +27,5 @@ Acceptable 38 23111 3
Web 38 23111 3
1 UDP [2001:b07:a3d:c112:91b7:b97e:6e2:fad8]:37542 <-> [2606:4700:7::a29f:9804]:443 [proto: 188/QUIC][Stack: QUIC][IP: 220/Cloudflare][Encrypted][Confidence: DPI][FPC: 220/Cloudflare, Confidence: IP address][DPI packets: 5][cat: Web/5][Breed: Acceptable][6 pkts/634 bytes <-> 15 pkts/13073 bytes][Goodput ratio: 41/93][0.11 sec][bytes ratio: -0.907 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 7/7 20/86 9/23][Pkt Len c2s/s2c min/avg/max/stddev: 105/90 106/872 109/1262 1/472][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: Entropy: 6.456 (Executable?)][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][PLAIN TEXT (vS17md)][Plen Bins: 4,34,0,4,0,0,0,0,0,4,0,4,0,0,0,0,0,0,0,0,0,0,0,4,0,0,0,4,0,0,0,0,0,0,0,0,0,40,0,0,0,0,0,0,0,0,0,0]
- 2 UDP 192.168.1.245:40408 <-> 13.226.175.53:443 [proto: 188/QUIC][Stack: QUIC][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 3][cat: Web/5][Breed: Acceptable][4 pkts/340 bytes <-> 3 pkts/4482 bytes][Goodput ratio: 50/97][0.00 sec][bytes ratio: -0.859 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/0 0/0 0/0][Pkt Len c2s/s2c min/avg/max/stddev: 85/1494 85/1494 85/1494 0/0][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][Plen Bins: 0,57,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,42,0,0]
+ 2 UDP 192.168.1.245:40408 <-> 13.226.175.53:443 [proto: 188/QUIC][Stack: QUIC][IP: 464/AWS_Cloudfront][Encrypted][Confidence: DPI][FPC: 464/AWS_Cloudfront, Confidence: IP address][DPI packets: 3][cat: Web/5][Breed: Acceptable][4 pkts/340 bytes <-> 3 pkts/4482 bytes][Goodput ratio: 50/97][0.00 sec][bytes ratio: -0.859 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/0 0/0 0/0][Pkt Len c2s/s2c min/avg/max/stddev: 85/1494 85/1494 85/1494 0/0][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][Plen Bins: 0,57,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,42,0,0]
3 UDP [2a00:1450:4002:411::200e]:443 <-> [2001:b07:a3d:c112:91b7:b97e:6e2:fad8]:33144 [proto: 188/QUIC][Stack: QUIC][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 126/Google, Confidence: IP address][DPI packets: 6][cat: Web/5][Breed: Acceptable][3 pkts/3876 bytes <-> 7 pkts/706 bytes][Goodput ratio: 95/38][0.03 sec][bytes ratio: 0.692 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/0 1/0 0/0][Pkt Len c2s/s2c min/avg/max/stddev: 1292/99 1292/101 1292/104 0/2][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: Entropy: 7.836 (Encrypted or Random?)][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][Plen Bins: 0,70,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,30,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/quickplay.pcap.out b/tests/cfgs/default/result/quickplay.pcap.out
index 058f989b1..695c303cf 100644
--- a/tests/cfgs/default/result/quickplay.pcap.out
+++ b/tests/cfgs/default/result/quickplay.pcap.out
@@ -46,7 +46,7 @@ ConnCheck 2 378 1
8 TCP 10.54.169.250:52021 <-> 120.28.35.40:80 [proto: 7/HTTP][Stack: HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 4][cat: Streaming/17][Breed: Fun][3 pkts/1506 bytes <-> 1 pkts/1248 bytes][Goodput ratio: 89/95][27.01 sec][Hostname/SNI: vod-singtelhawk.quickplay.com][URL: vod-singtelhawk.quickplay.com/seg/vol1/s/Warner/qpmezzhawkdigitalcontagion2054033featureenglish20ltrt23976fps7834192/2015-02-02/STV510R360/qpmezz-Hawk_Digital_CONTAGION_2054033_FEATURE_ENGLISH_2_0_LTRT_23976fps_7834192.m2t_STV510R360-0068.ts][User-Agent: Mozilla/5.0 (Linux; Android 4.4.4; MI 3W Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobile Safari/537.36][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,75,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0]
9 TCP 10.54.169.250:52007 <-> 120.28.35.40:80 [proto: 7/HTTP][Stack: HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 4][cat: Streaming/17][Breed: Fun][3 pkts/1583 bytes <-> 1 pkts/1152 bytes][Goodput ratio: 89/95][2.46 sec][Hostname/SNI: vod-singtelhawk.quickplay.com][URL: vod-singtelhawk.quickplay.com/seg/vol1/s/Warner/qpmezzhawkdigitalcontagion2054033featureenglish20ltrt23976fps7834192/2015-02-02/STV80R192/qpmezz-Hawk_Digital_CONTAGION_2054033_FEATURE_ENGLISH_2_0_LTRT_23976fps_7834192.m2t_STV80R192-0002.ts][User-Agent: Mozilla/5.0 (Linux; Android 4.4.4; MI 3W Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobile Safari/537.36][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0]
10 TCP 10.54.169.250:44256 <-> 120.28.5.41:80 [proto: 7/HTTP][Stack: HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 3][cat: Streaming/17][Breed: Fun][2 pkts/1086 bytes <-> 1 pkts/1225 bytes][Goodput ratio: 90/95][0.64 sec][Hostname/SNI: play-singtelhawk.quickplay.com][URL: play-singtelhawk.quickplay.com/vstb/playlist_5_6241_357.m3u8?action=145&appId=5006&carrierId=23&appVersion=1.0&contentId=6241&contentTypeId=3&deviceName=androidmobile&encodingId=357&drmId=4&drmVersion=1.5&delivery=5&prefLanguage=eng&webvtt=true&userid=091][User-Agent: Mozilla/5.0 (Linux; Android 4.4.4; MI 3W Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobile Safari/537.36][PLAIN TEXT (GET /vstb/playlist)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,66,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0]
- 11 TCP 10.54.169.250:56381 <-> 54.179.140.65:80 [proto: 7.287/HTTP.Xiaomi][Stack: HTTP.Xiaomi][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7.287/HTTP.Xiaomi, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Fun][1 pkts/638 bytes <-> 1 pkts/831 bytes][Goodput ratio: 91/93][0.32 sec][Hostname/SNI: api.account.xiaomi.com][URL: api.account.xiaomi.com/pass/v2/safe/user/coreInfo?signature=u%2F73dEXBHbejev0ISNwnGyyfeTw%3D&userId=Mz5Xr5UXKuw83hxd6Yms2w%3D%3D][StatusCode: 200][Req Content-Type: application/x-www-form-urlencoded][Content-Type: application/json][Server: Tengine/2.0.1][User-Agent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; MI 3W MIUI/V6.4.2.0.KXDMICB)][PLAIN TEXT (GET /pass/v)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 11 TCP 10.54.169.250:56381 <-> 54.179.140.65:80 [proto: 7.287/HTTP.Xiaomi][Stack: HTTP.Xiaomi][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7.287/HTTP.Xiaomi, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Fun][1 pkts/638 bytes <-> 1 pkts/831 bytes][Goodput ratio: 91/93][0.32 sec][Hostname/SNI: api.account.xiaomi.com][URL: api.account.xiaomi.com/pass/v2/safe/user/coreInfo?signature=u%2F73dEXBHbejev0ISNwnGyyfeTw%3D&userId=Mz5Xr5UXKuw83hxd6Yms2w%3D%3D][StatusCode: 200][Req Content-Type: application/x-www-form-urlencoded][Content-Type: application/json][Server: Tengine/2.0.1][User-Agent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; MI 3W MIUI/V6.4.2.0.KXDMICB)][PLAIN TEXT (GET /pass/v)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
12 TCP 10.54.169.250:54883 <-> 203.205.151.160:80 [proto: 131.48/HTTP_Proxy.QQ][Stack: HTTP_Proxy.QQ][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 131.48/HTTP_Proxy.QQ, Confidence: DPI][DPI packets: 3][cat: Chat/9][Breed: Fun][2 pkts/1192 bytes <-> 1 pkts/145 bytes][Goodput ratio: 91/61][2.08 sec][Hostname/SNI: hkextshort.weixin.qq.com][URL: http://hkextshort.weixin.qq.com/cgi-bin/micromsg-bin/mmsnssync][Req Content-Type: application/octet-stream][User-Agent: MicroMessenger Client][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 8080,3128][PLAIN TEXT (POST http)][Plen Bins: 0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,66,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
13 TCP 10.54.169.250:54885 <-> 203.205.151.160:80 [proto: 131.48/HTTP_Proxy.QQ][Stack: HTTP_Proxy.QQ][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 131.48/HTTP_Proxy.QQ, Confidence: DPI][DPI packets: 2][cat: Download/7][Breed: Fun][1 pkts/461 bytes <-> 2 pkts/522 bytes][Goodput ratio: 88/78][2.81 sec][Hostname/SNI: hkextshort.weixin.qq.com][URL: http://hkextshort.weixin.qq.com/cgi-bin/micromsg-bin/getcontactlabellist][StatusCode: 200][Req Content-Type: application/octet-stream][Content-Type: application/octet-stream][User-Agent: MicroMessenger Client][Filename: micromsgresp.dat][Risk: ** Known Proto on Non Std Port **** Binary File/Data Transfer (Attempt) **][Risk Score: 100][Risk Info: Found binary mime octet-stream / Expected on port 8080,3128][PLAIN TEXT (POST http)][Plen Bins: 0,0,0,0,0,0,66,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
14 TCP 10.54.169.250:35670 <-> 203.205.147.215:80 [proto: 131.48/HTTP_Proxy.QQ][Stack: HTTP_Proxy.QQ][IP: 285/Tencent][ClearText][Confidence: DPI][FPC: 131.48/HTTP_Proxy.QQ, Confidence: DPI][DPI packets: 2][cat: Download/7][Breed: Fun][1 pkts/681 bytes <-> 1 pkts/262 bytes][Goodput ratio: 92/78][0.14 sec][Hostname/SNI: hkminorshort.weixin.qq.com][URL: http://hkminorshort.weixin.qq.com/cgi-bin/micromsg-bin/rtkvreport][StatusCode: 200][Req Content-Type: application/octet-stream][Content-Type: application/octet-stream][User-Agent: MicroMessenger Client][Filename: micromsgresp.dat][Risk: ** Known Proto on Non Std Port **** Binary File/Data Transfer (Attempt) **][Risk Score: 100][Risk Info: Found binary mime octet-stream / Expected on port 8080,3128][PLAIN TEXT (POST http)][Plen Bins: 0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/reddit.pcap.out b/tests/cfgs/default/result/reddit.pcap.out
index 87dd8e429..ce02b7176 100644
--- a/tests/cfgs/default/result/reddit.pcap.out
+++ b/tests/cfgs/default/result/reddit.pcap.out
@@ -68,7 +68,7 @@ JA Host Stats:
21 TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:48240 <-> [64:ff9b::9765:789d]:443 [proto: 91.120/TLS.Twitter][Stack: TLS.Twitter][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 9][cat: SocialNetwork/6][Breed: Fun][13 pkts/2138 bytes <-> 14 pkts/8456 bytes][Goodput ratio: 47/86][0.13 sec][Hostname/SNI: platform.twitter.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.596 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 10/6 61/47 19/14][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 164/604 603/1134 146/486][nDPI Fingerprint: e7d997f1812c00ea2b3e8849a6f02bf8][TCP Fingerprint: 2_64_64800_83b2f9a5576c/Linux][TLSv1.2][JA4: t13d1515h2_8daaf6152771_de4a06bb82e3][ServerNames: platform.twitter.com][JA3S: 16c0b3e6a7b8173c16d944cfeaeee9cf][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 High Assurance Server CA][Subject: C=US, ST=California, L=San Francisco, O=Twitter, Inc., OU=Twitter Security, CN=platform.twitter.com][Certificate SHA-1: 2B:30:10:3B:07:2F:F2:EB:3D:08:E3:BB:45:61:F7:A3:9F:4C:A7:92][Chrome][Validity: 2020-08-13 00:00:00 - 2021-08-18 12:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,7,14,7,0,0,0,0,14,0,0,0,0,0,0,0,7,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,42,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
22 TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:51100 <-> [64:ff9b::d83a:d1e6]:443 [proto: 91.126/TLS.Google][Stack: TLS.Google][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Advertisement/101][Breed: Tracker_Ads][20 pkts/3169 bytes <-> 22 pkts/6495 bytes][Goodput ratio: 45/71][0.25 sec][Hostname/SNI: ad.doubleclick.net][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.344 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 13/6 50/31 19/9][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 158/295 603/1474 141/415][nDPI Fingerprint: e7d997f1812c00ea2b3e8849a6f02bf8][TCP Fingerprint: 2_64_64800_83b2f9a5576c/Linux][TLSv1.3][JA4: t13d1515h2_8daaf6152771_de4a06bb82e3][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Chrome][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 20,24,15,4,0,4,4,0,0,0,0,0,4,0,0,0,4,0,4,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9,0,0,0,0]
23 TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:47006 <-> [64:ff9b::34d3:acec]:443 [proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 12][cat: Web/5][Breed: Safe][12 pkts/2260 bytes <-> 11 pkts/7351 bytes][Goodput ratio: 54/87][0.30 sec][Hostname/SNI: d9.flashtalking.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.530 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 14/31 67/134 23/42][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 188/668 663/1474 202/634][nDPI Fingerprint: e7d997f1812c00ea2b3e8849a6f02bf8][TCP Fingerprint: 2_64_64800_83b2f9a5576c/Linux][TLSv1.2][JA4: t13d1515h2_8daaf6152771_de4a06bb82e3][ServerNames: tag.device9.com,www.tag.device9.com,fp.zenaps.com,the.sciencebehindecommerce.com,d9.flashtalking.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http://certs.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2][Subject: OU=Domain Control Validated, CN=tag.device9.com][Certificate SHA-1: 8B:5C:A4:62:70:92:3A:09:C3:72:49:B2:A2:22:32:16:22:87:9D:F3][Chrome][Validity: 2020-08-06 10:30:28 - 2021-09-17 11:41:56][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,10,10,10,0,0,0,0,0,0,0,0,0,0,0,0,10,0,10,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,30,0,0,0,0]
- 24 TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:56186 <-> [2600:9000:219c:ee00:6:44e3:f8c0:93a1]:443 [proto: 91/TLS][Stack: TLS][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 6][cat: Web/5][Breed: Safe][14 pkts/2163 bytes <-> 13 pkts/7387 bytes][Goodput ratio: 44/85][0.16 sec][Hostname/SNI: rules.quantcount.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.547 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 8/13 39/40 13/16][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 154/568 603/1294 140/540][nDPI Fingerprint: e7d997f1812c00ea2b3e8849a6f02bf8][TCP Fingerprint: 2_64_64800_83b2f9a5576c/Linux][TLSv1.3][JA4: t13d1515h2_8daaf6152771_de4a06bb82e3][JA3S: f4febc55ea12b31ae17cfb7e614afda8][Chrome][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 8,0,25,0,0,0,0,8,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0]
+ 24 TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:56186 <-> [2600:9000:219c:ee00:6:44e3:f8c0:93a1]:443 [proto: 91/TLS][Stack: TLS][IP: 464/AWS_Cloudfront][Encrypted][Confidence: DPI][FPC: 464/AWS_Cloudfront, Confidence: IP address][DPI packets: 6][cat: Web/5][Breed: Safe][14 pkts/2163 bytes <-> 13 pkts/7387 bytes][Goodput ratio: 44/85][0.16 sec][Hostname/SNI: rules.quantcount.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.547 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 8/13 39/40 13/16][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 154/568 603/1294 140/540][nDPI Fingerprint: e7d997f1812c00ea2b3e8849a6f02bf8][TCP Fingerprint: 2_64_64800_83b2f9a5576c/Linux][TLSv1.3][JA4: t13d1515h2_8daaf6152771_de4a06bb82e3][JA3S: f4febc55ea12b31ae17cfb7e614afda8][Chrome][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 8,0,25,0,0,0,0,8,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0]
25 TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:59336 <-> [2a00:1450:4007:80b::2002]:443 [proto: 91.126/TLS.Google][Stack: TLS.Google][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 126/Google, Confidence: IP address][DPI packets: 6][cat: Advertisement/101][Breed: Tracker_Ads][17 pkts/2490 bytes <-> 16 pkts/7006 bytes][Goodput ratio: 41/80][0.14 sec][Hostname/SNI: adservice.google.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.476 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 6/5 45/37 12/10][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 146/438 603/1294 132/466][nDPI Fingerprint: e7d997f1812c00ea2b3e8849a6f02bf8][TCP Fingerprint: 2_64_64800_83b2f9a5576c/Linux][TLSv1.3][JA4: t13d1515h2_8daaf6152771_de4a06bb82e3][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Chrome][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 13,13,13,0,0,0,6,0,6,0,0,0,0,6,0,0,6,0,6,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,21,0,0,0,0,0,0,0,0,0,0]
26 TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:38166 <-> [2a00:1450:4007:811::200a]:443 [proto: 91.239/TLS.GoogleServices][Stack: TLS.GoogleServices][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 126/Google, Confidence: IP address][DPI packets: 6][cat: Web/5][Breed: Acceptable][18 pkts/2582 bytes <-> 17 pkts/6805 bytes][Goodput ratio: 40/78][0.19 sec][Hostname/SNI: fonts.googleapis.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.450 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 10/9 43/43 13/14][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 143/400 603/1294 130/409][nDPI Fingerprint: e7d997f1812c00ea2b3e8849a6f02bf8][TCP Fingerprint: 2_64_64800_83b2f9a5576c/Linux][TLSv1.3][JA4: t13d1515h2_8daaf6152771_de4a06bb82e3][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Chrome][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 12,12,12,0,0,0,6,0,12,0,0,0,0,0,6,6,6,0,6,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0]
27 TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:39626 <-> [64:ff9b::2278:cf94]:443 [proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][Breed: Safe][16 pkts/2444 bytes <-> 15 pkts/6941 bytes][Goodput ratio: 43/81][0.43 sec][Hostname/SNI: id.rlcdn.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.479 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 15/33 104/221 29/63][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 153/463 603/1474 135/553][nDPI Fingerprint: e7d997f1812c00ea2b3e8849a6f02bf8][TCP Fingerprint: 2_64_64800_83b2f9a5576c/Linux][TLSv1.3][JA4: t13d1515h2_8daaf6152771_de4a06bb82e3][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Chrome][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 14,14,14,7,0,0,0,0,7,0,0,0,0,0,0,0,7,0,7,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,21,0,0,0,0]
diff --git a/tests/cfgs/default/result/riot.pcapng.out b/tests/cfgs/default/result/riot.pcapng.out
index 18eb87b86..76f195c81 100644
--- a/tests/cfgs/default/result/riot.pcapng.out
+++ b/tests/cfgs/default/result/riot.pcapng.out
@@ -37,4 +37,4 @@ JA Host Stats:
1 TCP 35.234.85.218:443 -> 192.168.26.22:51949 [proto: 91.302/TLS.RiotGames][Stack: TLS.RiotGames][IP: 284/GoogleCloud][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 4][cat: Game/8][Breed: Fun][4 pkts/4338 bytes -> 0 pkts/0 bytes][Goodput ratio: 95/0][0.00 sec][(Negotiated) ALPN: h2][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No client to server traffic][TLSv1.2][ServerNames: embed.rgpub.io,sites.rgpub.io,*.embed.rgpub.io,*.sites.rgpub.io][JA3S: 827b71c134bd28975c2d605a06ef00ef][Issuer: C=US, O=IdenTrust, OU=HydrantID Trusted Certificate Service, CN=HydrantID Server CA O1][Subject: CN=embed.rgpub.io, O=Riot Games Inc, L=Los Angeles, ST=California, C=US][Certificate SHA-1: CE:85:16:DF:E3:42:05:16:39:97:1F:6B:7A:53:22:22:C8:DD:66:44][Validity: 2022-12-08 19:52:14 - 2024-01-07 19:51:14][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,75,0,0,0,0,0,0,0,0,0]
- 2 TCP 52.41.135.135:443 -> 192.168.26.22:51817 [proto: 91/TLS][Stack: TLS][IP: 265/AmazonAWS][Encrypted][Confidence: DPI (partial)][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 3][cat: Web/5][Breed: Safe][3 pkts/4242 bytes -> 0 pkts/0 bytes][Goodput ratio: 96/0][< 1 sec][Risk: ** Susp Entropy **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No client to server traffic / Entropy: 6.927 (Compressed Executable?)][PLAIN TEXT (DigiCert Inc1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,66,0,0,0,0]
+ 2 TCP 52.41.135.135:443 -> 192.168.26.22:51817 [proto: 91/TLS][Stack: TLS][IP: 461/AWS_EC2][Encrypted][Confidence: DPI (partial)][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 3][cat: Web/5][Breed: Safe][3 pkts/4242 bytes -> 0 pkts/0 bytes][Goodput ratio: 96/0][< 1 sec][Risk: ** Susp Entropy **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No client to server traffic / Entropy: 6.927 (Compressed Executable?)][PLAIN TEXT (DigiCert Inc1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,66,0,0,0,0]
diff --git a/tests/cfgs/default/result/rmcp.pcap.out b/tests/cfgs/default/result/rmcp.pcap.out
index 7a5d0d689..286c4e58e 100644
--- a/tests/cfgs/default/result/rmcp.pcap.out
+++ b/tests/cfgs/default/result/rmcp.pcap.out
@@ -30,5 +30,5 @@ System 6 380 6
2 UDP 123.212.25.229:49531 -> 171.47.173.23:623 [proto: 351/RMCP][Stack: RMCP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 351/RMCP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Safe][1 pkts/65 bytes -> 0 pkts/0 bytes][Goodput ratio: 35/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 UDP 127.36.88.103:34698 -> 164.114.97.252:623 [proto: 351/RMCP][Stack: RMCP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 351/RMCP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Safe][1 pkts/65 bytes -> 0 pkts/0 bytes][Goodput ratio: 35/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 UDP 129.222.153.30:58065 -> 190.219.142.148:623 [proto: 351/RMCP][Stack: RMCP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 351/RMCP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Safe][1 pkts/65 bytes -> 0 pkts/0 bytes][Goodput ratio: 35/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 5 UDP 54.229.154.152:59937 -> 14.85.79.172:623 [proto: 351/RMCP][Stack: RMCP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 351/RMCP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Safe][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 20/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 5 UDP 54.229.154.152:59937 -> 14.85.79.172:623 [proto: 351/RMCP][Stack: RMCP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 351/RMCP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Safe][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 20/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
6 UDP 137.141.61.18:59937 -> 82.132.4.178:623 [proto: 351/RMCP][Stack: RMCP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 351/RMCP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Safe][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 20/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/signal.pcap.out b/tests/cfgs/default/result/signal.pcap.out
index 16f3aa6d7..5ed42a24a 100644
--- a/tests/cfgs/default/result/signal.pcap.out
+++ b/tests/cfgs/default/result/signal.pcap.out
@@ -43,18 +43,18 @@ JA Host Stats:
1 192.168.2.17 3
- 1 TCP 192.168.2.17:57027 <-> 13.35.253.42:443 [proto: 91.39/TLS.Signal][Stack: TLS.Signal][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 7][cat: Chat/9][Breed: Acceptable][170 pkts/206962 bytes <-> 95 pkts/9293 bytes][Goodput ratio: 95/32][0.48 sec][Hostname/SNI: cdn.signal.org][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: 0.914 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2/3 39/47 6/10][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 1217/98 1506/1506 548/175][nDPI Fingerprint: 413f63a62e56d616ac4d132726bef083][TCP Fingerprint: 2_64_65535_d0a7eb742982/Unknown][TLSv1.2][JA4: t13d1713h2_0633f72d41ca_845d286b0d67][ServerNames: cdn.signal.org][JA3S: c4b2785a87896e19d37eee932070cb22][Issuer: C=US, ST=California, L=San Francisco, O=Open Whisper Systems, OU=Open Whisper Systems, CN=TextSecure][Subject: C=US, ST=California, O=Open Whisper Systems, OU=Open Whisper Systems, CN=cdn.signal.org][Certificate SHA-1: 81:3D:8A:2E:EE:B2:E1:F4:1C:2B:6D:20:16:54:B2:C1:87:D0:1E:12][Safari][Validity: 2019-02-15 17:38:17 - 2029-03-12 18:19:50][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 1,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,84,0,0]
- 2 TCP 192.168.2.17:57026 <-> 35.169.3.40:443 [proto: 91.39/TLS.Signal][Stack: TLS.Signal][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 39/Signal, Confidence: DNS][DPI packets: 7][cat: Chat/9][Breed: Acceptable][22 pkts/13757 bytes <-> 16 pkts/6493 bytes][Goodput ratio: 89/84][0.57 sec][Hostname/SNI: textsecure-service.whispersystems.org][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: 0.359 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 13/20 112/114 35/41][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 625/406 1506/1506 629/565][nDPI Fingerprint: 413f63a62e56d616ac4d132726bef083][TCP Fingerprint: 2_64_65535_d0a7eb742982/Unknown][TLSv1.2][JA4: t13d1713h2_0633f72d41ca_845d286b0d67][ServerNames: textsecure-service.whispersystems.org,service.signal.org][JA3S: 1089ea6f0461a29006cc96dfe7a11d80][Issuer: C=US, ST=California, L=San Francisco, O=Open Whisper Systems, OU=Open Whisper Systems, CN=TextSecure][Subject: C=US, ST=California, O=Open Whisper Systems, OU=Open Whisper Systems, CN=textsecure-service.whispersystems.org][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Safari][Validity: 2019-02-15 17:38:17 - 2029-03-12 18:20:20][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,25,8,4,0,0,0,4,0,4,0,0,0,0,0,0,4,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,4,0,0,0,37,0,0]
+ 1 TCP 192.168.2.17:57027 <-> 13.35.253.42:443 [proto: 91.39/TLS.Signal][Stack: TLS.Signal][IP: 464/AWS_Cloudfront][Encrypted][Confidence: DPI][FPC: 464/AWS_Cloudfront, Confidence: IP address][DPI packets: 7][cat: Chat/9][Breed: Acceptable][170 pkts/206962 bytes <-> 95 pkts/9293 bytes][Goodput ratio: 95/32][0.48 sec][Hostname/SNI: cdn.signal.org][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: 0.914 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2/3 39/47 6/10][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 1217/98 1506/1506 548/175][nDPI Fingerprint: 413f63a62e56d616ac4d132726bef083][TCP Fingerprint: 2_64_65535_d0a7eb742982/Unknown][TLSv1.2][JA4: t13d1713h2_0633f72d41ca_845d286b0d67][ServerNames: cdn.signal.org][JA3S: c4b2785a87896e19d37eee932070cb22][Issuer: C=US, ST=California, L=San Francisco, O=Open Whisper Systems, OU=Open Whisper Systems, CN=TextSecure][Subject: C=US, ST=California, O=Open Whisper Systems, OU=Open Whisper Systems, CN=cdn.signal.org][Certificate SHA-1: 81:3D:8A:2E:EE:B2:E1:F4:1C:2B:6D:20:16:54:B2:C1:87:D0:1E:12][Safari][Validity: 2019-02-15 17:38:17 - 2029-03-12 18:19:50][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 1,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,84,0,0]
+ 2 TCP 192.168.2.17:57026 <-> 35.169.3.40:443 [proto: 91.39/TLS.Signal][Stack: TLS.Signal][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 39/Signal, Confidence: DNS][DPI packets: 7][cat: Chat/9][Breed: Acceptable][22 pkts/13757 bytes <-> 16 pkts/6493 bytes][Goodput ratio: 89/84][0.57 sec][Hostname/SNI: textsecure-service.whispersystems.org][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: 0.359 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 13/20 112/114 35/41][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 625/406 1506/1506 629/565][nDPI Fingerprint: 413f63a62e56d616ac4d132726bef083][TCP Fingerprint: 2_64_65535_d0a7eb742982/Unknown][TLSv1.2][JA4: t13d1713h2_0633f72d41ca_845d286b0d67][ServerNames: textsecure-service.whispersystems.org,service.signal.org][JA3S: 1089ea6f0461a29006cc96dfe7a11d80][Issuer: C=US, ST=California, L=San Francisco, O=Open Whisper Systems, OU=Open Whisper Systems, CN=TextSecure][Subject: C=US, ST=California, O=Open Whisper Systems, OU=Open Whisper Systems, CN=textsecure-service.whispersystems.org][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Safari][Validity: 2019-02-15 17:38:17 - 2029-03-12 18:20:20][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,25,8,4,0,0,0,4,0,4,0,0,0,0,0,0,4,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,4,0,0,0,37,0,0]
3 TCP 192.168.2.17:57022 <-> 23.57.24.16:443 [proto: 91.145/TLS.AppleiTunes][Stack: TLS.AppleiTunes][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Streaming/17][Breed: Fun][24 pkts/2540 bytes <-> 21 pkts/12673 bytes][Goodput ratio: 38/89][0.40 sec][Hostname/SNI: itunes.apple.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.666 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 17/14 124/83 35/28][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 106/603 583/1506 105/574][nDPI Fingerprint: e9c9b145c580e4fb6e300d7039f596d1][TCP Fingerprint: 2_64_65535_d0a7eb742982/Unknown][TLSv1.3][JA4: t13d2613h2_2802a3db6c62_845d286b0d67][JA3S: 15af977ce25de452b96affa2addb1036][Safari][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 13,17,8,0,4,0,0,0,8,0,0,4,0,0,0,0,4,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,0,4,0,0,0,0,0,0,17,0,0]
4 TCP 192.168.2.17:57018 <-> 23.57.24.16:443 [proto: 91.145/TLS.AppleiTunes][Stack: TLS.AppleiTunes][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Streaming/17][Breed: Fun][25 pkts/2582 bytes <-> 20 pkts/12000 bytes][Goodput ratio: 37/89][0.24 sec][Hostname/SNI: itunes.apple.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.646 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 7/10 47/52 16/19][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 103/600 583/1506 103/588][nDPI Fingerprint: e9c9b145c580e4fb6e300d7039f596d1][TCP Fingerprint: 2_64_65535_d0a7eb742982/Unknown][TLSv1.3][JA4: t13d2613h2_2802a3db6c62_845d286b0d67][JA3S: 15af977ce25de452b96affa2addb1036][Safari][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 13,18,9,0,4,0,0,0,9,0,0,4,0,0,0,0,4,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,9,0,0,0,0,0,4,0,0,0,0,0,0,18,0,0]
- 5 TCP 192.168.2.17:49227 <-> 35.169.3.40:443 [proto: 91.39/TLS.Signal][Stack: TLS.Signal][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 7][cat: Chat/9][Breed: Acceptable][13 pkts/1808 bytes <-> 12 pkts/4355 bytes][Goodput ratio: 52/82][3.03 sec][Hostname/SNI: textsecure-service.whispersystems.org][bytes ratio: -0.413 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 62/293 115/2199 52/677][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 139/363 502/1506 120/471][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: f3e89f0de21d3a385415b8542a81858c][TCP Fingerprint: 2_64_65535_d29295416479/macOS][TLSv1.2][JA4: t12d220700_0d4ca5d4ec72_3304d8368043][ServerNames: textsecure-service.whispersystems.org,service.signal.org][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, ST=California, L=San Francisco, O=Open Whisper Systems, OU=Open Whisper Systems, CN=TextSecure][Subject: C=US, ST=California, O=Open Whisper Systems, OU=Open Whisper Systems, CN=textsecure-service.whispersystems.org][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Firefox][Validity: 2019-02-15 17:38:17 - 2029-03-12 18:20:20][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,25,16,8,0,0,8,8,0,0,0,0,0,8,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0]
- 6 TCP 192.168.2.17:57024 <-> 35.169.3.40:443 [proto: 91.39/TLS.Signal][Stack: TLS.Signal][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 7][cat: Chat/9][Breed: Acceptable][15 pkts/2054 bytes <-> 11 pkts/3775 bytes][Goodput ratio: 51/81][0.59 sec][Hostname/SNI: textsecure-service.whispersystems.org][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.295 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 30/59 167/186 55/77][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 137/343 583/1506 134/472][nDPI Fingerprint: 413f63a62e56d616ac4d132726bef083][TCP Fingerprint: 2_64_65535_d0a7eb742982/Unknown][TLSv1.2][JA4: t13d1713h2_0633f72d41ca_845d286b0d67][ServerNames: textsecure-service.whispersystems.org,service.signal.org][JA3S: 1089ea6f0461a29006cc96dfe7a11d80][Issuer: C=US, ST=California, L=San Francisco, O=Open Whisper Systems, OU=Open Whisper Systems, CN=TextSecure][Subject: C=US, ST=California, O=Open Whisper Systems, OU=Open Whisper Systems, CN=textsecure-service.whispersystems.org][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Safari][Validity: 2019-02-15 17:38:17 - 2029-03-12 18:20:20][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,50,7,7,0,0,0,7,0,0,0,7,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0]
- 7 TCP 192.168.2.17:57021 <-> 34.225.240.173:443 [proto: 91.39/TLS.Signal][Stack: TLS.Signal][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 7][cat: Chat/9][Breed: Acceptable][16 pkts/2108 bytes <-> 10 pkts/3709 bytes][Goodput ratio: 50/82][13.48 sec][Hostname/SNI: textsecure-service.whispersystems.org][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.275 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1020/50 13018/120 3464/57][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 132/371 583/1506 131/486][nDPI Fingerprint: 413f63a62e56d616ac4d132726bef083][TCP Fingerprint: 2_64_65535_d0a7eb742982/Unknown][TLSv1.2][JA4: t13d1713h2_0633f72d41ca_845d286b0d67][ServerNames: textsecure-service.whispersystems.org,service.signal.org][JA3S: 1089ea6f0461a29006cc96dfe7a11d80][Issuer: C=US, ST=California, L=San Francisco, O=Open Whisper Systems, OU=Open Whisper Systems, CN=TextSecure][Subject: C=US, ST=California, O=Open Whisper Systems, OU=Open Whisper Systems, CN=textsecure-service.whispersystems.org][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Safari][Validity: 2019-02-15 17:38:17 - 2029-03-12 18:20:20][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,50,7,7,0,0,0,7,0,0,0,7,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0]
- 8 TCP 192.168.2.17:57020 <-> 34.225.240.173:443 [proto: 91.39/TLS.Signal][Stack: TLS.Signal][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 7][cat: Chat/9][Breed: Acceptable][16 pkts/2103 bytes <-> 11 pkts/3562 bytes][Goodput ratio: 50/79][13.49 sec][Hostname/SNI: textsecure-service.whispersystems.org][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.258 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1019/44 13011/122 3462/57][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 131/324 583/1506 130/472][nDPI Fingerprint: 413f63a62e56d616ac4d132726bef083][TCP Fingerprint: 2_64_65535_d0a7eb742982/Unknown][TLSv1.2][JA4: t13d1713h2_0633f72d41ca_845d286b0d67][ServerNames: textsecure-service.whispersystems.org,service.signal.org][JA3S: 1089ea6f0461a29006cc96dfe7a11d80][Issuer: C=US, ST=California, L=San Francisco, O=Open Whisper Systems, OU=Open Whisper Systems, CN=TextSecure][Subject: C=US, ST=California, O=Open Whisper Systems, OU=Open Whisper Systems, CN=textsecure-service.whispersystems.org][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Safari][Validity: 2019-02-15 17:38:17 - 2029-03-12 18:20:20][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,50,7,7,7,0,7,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0]
- 9 TCP 192.168.2.17:57019 <-> 34.225.240.173:443 [proto: 91.39/TLS.Signal][Stack: TLS.Signal][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 7][cat: Chat/9][Breed: Acceptable][16 pkts/2095 bytes <-> 11 pkts/3527 bytes][Goodput ratio: 50/79][13.49 sec][Hostname/SNI: textsecure-service.whispersystems.org][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.255 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1020/43 13026/120 3466/55][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 131/321 583/1506 130/473][nDPI Fingerprint: 413f63a62e56d616ac4d132726bef083][TCP Fingerprint: 2_64_65535_d0a7eb742982/Unknown][TLSv1.2][JA4: t13d1713h2_0633f72d41ca_845d286b0d67][ServerNames: textsecure-service.whispersystems.org,service.signal.org][JA3S: 1089ea6f0461a29006cc96dfe7a11d80][Issuer: C=US, ST=California, L=San Francisco, O=Open Whisper Systems, OU=Open Whisper Systems, CN=TextSecure][Subject: C=US, ST=California, O=Open Whisper Systems, OU=Open Whisper Systems, CN=textsecure-service.whispersystems.org][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Safari][Validity: 2019-02-15 17:38:17 - 2029-03-12 18:20:20][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,50,7,14,0,0,7,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0]
- 10 TCP 192.168.2.17:57023 <-> 35.169.3.40:443 [proto: 91.39/TLS.Signal][Stack: TLS.Signal][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 7][cat: Chat/9][Breed: Acceptable][15 pkts/2049 bytes <-> 11 pkts/3562 bytes][Goodput ratio: 51/79][0.58 sec][Hostname/SNI: textsecure-service.whispersystems.org][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.270 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 30/58 168/181 54/76][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 137/324 583/1506 133/472][nDPI Fingerprint: 413f63a62e56d616ac4d132726bef083][TCP Fingerprint: 2_64_65535_d0a7eb742982/Unknown][TLSv1.2][JA4: t13d1713h2_0633f72d41ca_845d286b0d67][ServerNames: textsecure-service.whispersystems.org,service.signal.org][JA3S: 1089ea6f0461a29006cc96dfe7a11d80][Issuer: C=US, ST=California, L=San Francisco, O=Open Whisper Systems, OU=Open Whisper Systems, CN=TextSecure][Subject: C=US, ST=California, O=Open Whisper Systems, OU=Open Whisper Systems, CN=textsecure-service.whispersystems.org][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Safari][Validity: 2019-02-15 17:38:17 - 2029-03-12 18:20:20][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,50,7,7,7,0,7,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0]
- 11 TCP 192.168.2.17:57025 <-> 35.169.3.40:443 [proto: 91.39/TLS.Signal][Stack: TLS.Signal][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 7][cat: Chat/9][Breed: Acceptable][15 pkts/2041 bytes <-> 11 pkts/3527 bytes][Goodput ratio: 51/79][0.58 sec][Hostname/SNI: textsecure-service.whispersystems.org][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.267 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 30/58 166/184 54/77][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 136/321 583/1506 133/473][nDPI Fingerprint: 413f63a62e56d616ac4d132726bef083][TCP Fingerprint: 2_64_65535_d0a7eb742982/Unknown][TLSv1.2][JA4: t13d1713h2_0633f72d41ca_845d286b0d67][ServerNames: textsecure-service.whispersystems.org,service.signal.org][JA3S: 1089ea6f0461a29006cc96dfe7a11d80][Issuer: C=US, ST=California, L=San Francisco, O=Open Whisper Systems, OU=Open Whisper Systems, CN=TextSecure][Subject: C=US, ST=California, O=Open Whisper Systems, OU=Open Whisper Systems, CN=textsecure-service.whispersystems.org][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Safari][Validity: 2019-02-15 17:38:17 - 2029-03-12 18:20:20][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,50,7,14,0,0,7,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0]
- 12 TCP 192.168.2.17:49226 <-> 34.225.240.173:443 [proto: 91.39/TLS.Signal][Stack: TLS.Signal][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 7][cat: Chat/9][Breed: Acceptable][13 pkts/1688 bytes <-> 11 pkts/3569 bytes][Goodput ratio: 48/79][9.90 sec][Hostname/SNI: textsecure-service.whispersystems.org][bytes ratio: -0.358 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 58/57 113/154 53/66][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 130/324 502/1506 120/473][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: f3e89f0de21d3a385415b8542a81858c][TCP Fingerprint: 2_64_65535_d29295416479/macOS][TLSv1.2][JA4: t12d220700_0d4ca5d4ec72_3304d8368043][ServerNames: textsecure-service.whispersystems.org,service.signal.org][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, ST=California, L=San Francisco, O=Open Whisper Systems, OU=Open Whisper Systems, CN=TextSecure][Subject: C=US, ST=California, O=Open Whisper Systems, OU=Open Whisper Systems, CN=textsecure-service.whispersystems.org][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Firefox][Validity: 2019-02-15 17:38:17 - 2029-03-12 18:20:20][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,30,20,0,0,0,10,10,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0]
+ 5 TCP 192.168.2.17:49227 <-> 35.169.3.40:443 [proto: 91.39/TLS.Signal][Stack: TLS.Signal][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 7][cat: Chat/9][Breed: Acceptable][13 pkts/1808 bytes <-> 12 pkts/4355 bytes][Goodput ratio: 52/82][3.03 sec][Hostname/SNI: textsecure-service.whispersystems.org][bytes ratio: -0.413 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 62/293 115/2199 52/677][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 139/363 502/1506 120/471][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: f3e89f0de21d3a385415b8542a81858c][TCP Fingerprint: 2_64_65535_d29295416479/macOS][TLSv1.2][JA4: t12d220700_0d4ca5d4ec72_3304d8368043][ServerNames: textsecure-service.whispersystems.org,service.signal.org][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, ST=California, L=San Francisco, O=Open Whisper Systems, OU=Open Whisper Systems, CN=TextSecure][Subject: C=US, ST=California, O=Open Whisper Systems, OU=Open Whisper Systems, CN=textsecure-service.whispersystems.org][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Firefox][Validity: 2019-02-15 17:38:17 - 2029-03-12 18:20:20][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,25,16,8,0,0,8,8,0,0,0,0,0,8,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0]
+ 6 TCP 192.168.2.17:57024 <-> 35.169.3.40:443 [proto: 91.39/TLS.Signal][Stack: TLS.Signal][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 7][cat: Chat/9][Breed: Acceptable][15 pkts/2054 bytes <-> 11 pkts/3775 bytes][Goodput ratio: 51/81][0.59 sec][Hostname/SNI: textsecure-service.whispersystems.org][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.295 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 30/59 167/186 55/77][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 137/343 583/1506 134/472][nDPI Fingerprint: 413f63a62e56d616ac4d132726bef083][TCP Fingerprint: 2_64_65535_d0a7eb742982/Unknown][TLSv1.2][JA4: t13d1713h2_0633f72d41ca_845d286b0d67][ServerNames: textsecure-service.whispersystems.org,service.signal.org][JA3S: 1089ea6f0461a29006cc96dfe7a11d80][Issuer: C=US, ST=California, L=San Francisco, O=Open Whisper Systems, OU=Open Whisper Systems, CN=TextSecure][Subject: C=US, ST=California, O=Open Whisper Systems, OU=Open Whisper Systems, CN=textsecure-service.whispersystems.org][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Safari][Validity: 2019-02-15 17:38:17 - 2029-03-12 18:20:20][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,50,7,7,0,0,0,7,0,0,0,7,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0]
+ 7 TCP 192.168.2.17:57021 <-> 34.225.240.173:443 [proto: 91.39/TLS.Signal][Stack: TLS.Signal][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 7][cat: Chat/9][Breed: Acceptable][16 pkts/2108 bytes <-> 10 pkts/3709 bytes][Goodput ratio: 50/82][13.48 sec][Hostname/SNI: textsecure-service.whispersystems.org][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.275 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1020/50 13018/120 3464/57][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 132/371 583/1506 131/486][nDPI Fingerprint: 413f63a62e56d616ac4d132726bef083][TCP Fingerprint: 2_64_65535_d0a7eb742982/Unknown][TLSv1.2][JA4: t13d1713h2_0633f72d41ca_845d286b0d67][ServerNames: textsecure-service.whispersystems.org,service.signal.org][JA3S: 1089ea6f0461a29006cc96dfe7a11d80][Issuer: C=US, ST=California, L=San Francisco, O=Open Whisper Systems, OU=Open Whisper Systems, CN=TextSecure][Subject: C=US, ST=California, O=Open Whisper Systems, OU=Open Whisper Systems, CN=textsecure-service.whispersystems.org][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Safari][Validity: 2019-02-15 17:38:17 - 2029-03-12 18:20:20][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,50,7,7,0,0,0,7,0,0,0,7,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0]
+ 8 TCP 192.168.2.17:57020 <-> 34.225.240.173:443 [proto: 91.39/TLS.Signal][Stack: TLS.Signal][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 7][cat: Chat/9][Breed: Acceptable][16 pkts/2103 bytes <-> 11 pkts/3562 bytes][Goodput ratio: 50/79][13.49 sec][Hostname/SNI: textsecure-service.whispersystems.org][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.258 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1019/44 13011/122 3462/57][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 131/324 583/1506 130/472][nDPI Fingerprint: 413f63a62e56d616ac4d132726bef083][TCP Fingerprint: 2_64_65535_d0a7eb742982/Unknown][TLSv1.2][JA4: t13d1713h2_0633f72d41ca_845d286b0d67][ServerNames: textsecure-service.whispersystems.org,service.signal.org][JA3S: 1089ea6f0461a29006cc96dfe7a11d80][Issuer: C=US, ST=California, L=San Francisco, O=Open Whisper Systems, OU=Open Whisper Systems, CN=TextSecure][Subject: C=US, ST=California, O=Open Whisper Systems, OU=Open Whisper Systems, CN=textsecure-service.whispersystems.org][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Safari][Validity: 2019-02-15 17:38:17 - 2029-03-12 18:20:20][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,50,7,7,7,0,7,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0]
+ 9 TCP 192.168.2.17:57019 <-> 34.225.240.173:443 [proto: 91.39/TLS.Signal][Stack: TLS.Signal][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 7][cat: Chat/9][Breed: Acceptable][16 pkts/2095 bytes <-> 11 pkts/3527 bytes][Goodput ratio: 50/79][13.49 sec][Hostname/SNI: textsecure-service.whispersystems.org][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.255 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1020/43 13026/120 3466/55][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 131/321 583/1506 130/473][nDPI Fingerprint: 413f63a62e56d616ac4d132726bef083][TCP Fingerprint: 2_64_65535_d0a7eb742982/Unknown][TLSv1.2][JA4: t13d1713h2_0633f72d41ca_845d286b0d67][ServerNames: textsecure-service.whispersystems.org,service.signal.org][JA3S: 1089ea6f0461a29006cc96dfe7a11d80][Issuer: C=US, ST=California, L=San Francisco, O=Open Whisper Systems, OU=Open Whisper Systems, CN=TextSecure][Subject: C=US, ST=California, O=Open Whisper Systems, OU=Open Whisper Systems, CN=textsecure-service.whispersystems.org][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Safari][Validity: 2019-02-15 17:38:17 - 2029-03-12 18:20:20][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,50,7,14,0,0,7,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0]
+ 10 TCP 192.168.2.17:57023 <-> 35.169.3.40:443 [proto: 91.39/TLS.Signal][Stack: TLS.Signal][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 7][cat: Chat/9][Breed: Acceptable][15 pkts/2049 bytes <-> 11 pkts/3562 bytes][Goodput ratio: 51/79][0.58 sec][Hostname/SNI: textsecure-service.whispersystems.org][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.270 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 30/58 168/181 54/76][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 137/324 583/1506 133/472][nDPI Fingerprint: 413f63a62e56d616ac4d132726bef083][TCP Fingerprint: 2_64_65535_d0a7eb742982/Unknown][TLSv1.2][JA4: t13d1713h2_0633f72d41ca_845d286b0d67][ServerNames: textsecure-service.whispersystems.org,service.signal.org][JA3S: 1089ea6f0461a29006cc96dfe7a11d80][Issuer: C=US, ST=California, L=San Francisco, O=Open Whisper Systems, OU=Open Whisper Systems, CN=TextSecure][Subject: C=US, ST=California, O=Open Whisper Systems, OU=Open Whisper Systems, CN=textsecure-service.whispersystems.org][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Safari][Validity: 2019-02-15 17:38:17 - 2029-03-12 18:20:20][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,50,7,7,7,0,7,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0]
+ 11 TCP 192.168.2.17:57025 <-> 35.169.3.40:443 [proto: 91.39/TLS.Signal][Stack: TLS.Signal][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 7][cat: Chat/9][Breed: Acceptable][15 pkts/2041 bytes <-> 11 pkts/3527 bytes][Goodput ratio: 51/79][0.58 sec][Hostname/SNI: textsecure-service.whispersystems.org][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.267 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 30/58 166/184 54/77][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 136/321 583/1506 133/473][nDPI Fingerprint: 413f63a62e56d616ac4d132726bef083][TCP Fingerprint: 2_64_65535_d0a7eb742982/Unknown][TLSv1.2][JA4: t13d1713h2_0633f72d41ca_845d286b0d67][ServerNames: textsecure-service.whispersystems.org,service.signal.org][JA3S: 1089ea6f0461a29006cc96dfe7a11d80][Issuer: C=US, ST=California, L=San Francisco, O=Open Whisper Systems, OU=Open Whisper Systems, CN=TextSecure][Subject: C=US, ST=California, O=Open Whisper Systems, OU=Open Whisper Systems, CN=textsecure-service.whispersystems.org][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Safari][Validity: 2019-02-15 17:38:17 - 2029-03-12 18:20:20][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,50,7,14,0,0,7,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0]
+ 12 TCP 192.168.2.17:49226 <-> 34.225.240.173:443 [proto: 91.39/TLS.Signal][Stack: TLS.Signal][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 7][cat: Chat/9][Breed: Acceptable][13 pkts/1688 bytes <-> 11 pkts/3569 bytes][Goodput ratio: 48/79][9.90 sec][Hostname/SNI: textsecure-service.whispersystems.org][bytes ratio: -0.358 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 58/57 113/154 53/66][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 130/324 502/1506 120/473][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: f3e89f0de21d3a385415b8542a81858c][TCP Fingerprint: 2_64_65535_d29295416479/macOS][TLSv1.2][JA4: t12d220700_0d4ca5d4ec72_3304d8368043][ServerNames: textsecure-service.whispersystems.org,service.signal.org][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, ST=California, L=San Francisco, O=Open Whisper Systems, OU=Open Whisper Systems, CN=TextSecure][Subject: C=US, ST=California, O=Open Whisper Systems, OU=Open Whisper Systems, CN=textsecure-service.whispersystems.org][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Firefox][Validity: 2019-02-15 17:38:17 - 2029-03-12 18:20:20][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,30,20,0,0,0,10,10,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0]
13 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][Stack: DHCP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 18/DHCP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][4 pkts/1368 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][15.76 sec][Hostname/SNI: lucas-imac][DHCP Fingerprint: 1,121,3,6,15,119,252,95,44,46][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
14 TCP 23.57.24.16:443 <-> 192.168.2.17:57016 [proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 7][cat: Web/5][Breed: Safe][6 pkts/408 bytes <-> 6 pkts/471 bytes][Goodput ratio: 12/13][0.65 sec][bytes ratio: -0.072 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 7/16 158/4 347/16 157/7][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 68/78 90/105 16/15][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][Plen Bins: 75,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
15 TCP 192.168.2.17:56996 <-> 17.248.146.144:443 [proto: 91/TLS][Stack: TLS][IP: 140/Apple][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Safe][4 pkts/341 bytes <-> 4 pkts/264 bytes][Goodput ratio: 23/0][0.03 sec][bytes ratio: 0.127 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 25/0 8/0 25/0 12/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 85/66 112/66 20/0][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/sites.pcapng.out b/tests/cfgs/default/result/sites.pcapng.out
index 057e2aa5c..650b18e75 100644
--- a/tests/cfgs/default/result/sites.pcapng.out
+++ b/tests/cfgs/default/result/sites.pcapng.out
@@ -127,11 +127,11 @@ JA Host Stats:
6 TCP 192.168.1.245:54690 <-> 160.44.196.198:443 [proto: 91.399/TLS.HuaweiCloud][Stack: TLS.HuaweiCloud][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Cloud/13][Breed: Acceptable][8 pkts/1733 bytes <-> 7 pkts/9520 bytes][Goodput ratio: 74/96][0.18 sec][Hostname/SNI: cloud.huawei.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.692 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 22/12 40/30 15/14][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 217/1360 718/4434 253/1807][nDPI Fingerprint: 6fd4981632b662065dfd7e0896907b0e][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.2][JA4: t13d1715h2_5b57614c22b0_5c2c66f702b0][ServerNames: cloud.huawei.asia,cloud.huawei.com.cn,cloud.huawei.com,cloud.huawei.com.au,cloud.huawei.eu,cloud.huawei.lat,cloud.huawei.ru,*.dbank.com,*.hicloud.com,*.cloud.dbankcloud.cn,*.cloud.dbankcloud.com,*.cloud.dbankcloud.ru,*.cloud.hicloud.com,*.cloud.huawei.asia,*.cloud.huawei.com,*.cloud.huawei.com.au,*.cloud.huawei.com.cn,*.cloud.huawei.eu,*.cloud.huawei.lat,*.cloud.huawei.ru,*.platform.dbankcloud.cn,*.platform.hicloud.com][JA3S: eb7ce657b6814e1bc6402d66a2309dc6][Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign RSA OV SSL CA 2018][Subject: C=CN, ST=Jiangsu, L=Nanjing, O=Huawei Software Technologies Co., Ltd., CN=cloud.huawei.asia][ECH: version 0xfe0d][Certificate SHA-1: 94:8E:17:DA:5F:C7:62:E4:1E:F0:A5:AB:A0:B9:7B:DE:A5:F4:75:33][Firefox][Validity: 2023-08-11 07:21:05 - 2024-09-11 07:21:04][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 0,12,12,0,0,0,0,0,12,0,0,0,0,0,0,0,25,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25]
7 TCP 192.168.1.245:58624 <-> 104.16.156.111:443 [proto: 91.426/TLS.NordVPN][Stack: TLS.NordVPN][IP: 220/Cloudflare][Encrypted][Confidence: DPI][FPC: 220/Cloudflare, Confidence: IP address][DPI packets: 6][cat: VPN/2][Breed: Acceptable][11 pkts/2405 bytes <-> 11 pkts/8192 bytes][Goodput ratio: 69/91][0.13 sec][Hostname/SNI: s1.nordcdn.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.546 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 8/5 22/22 10/9][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 219/745 1219/2848 330/829][nDPI Fingerprint: 3f11c7bcdc4c8f291d263ae2803ca4e1][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1715h2_5b57614c22b0_7121afd63204][JA3S: 2b0648ab686ee45e0e7c35fcfb0eea7e][ECH: version 0xfe0d][Firefox][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 16,0,16,0,0,0,0,0,7,0,7,0,0,0,7,0,7,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,7,0,7,0,7]
8 TCP 192.168.1.250:41878 <-> 92.122.95.99:443 [proto: 91.49/TLS.TikTok][Stack: TLS.TikTok][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: SocialNetwork/6][Breed: Fun][16 pkts/3550 bytes <-> 15 pkts/7010 bytes][Goodput ratio: 70/86][16.63 sec][Hostname/SNI: vcs-va.tiktokv.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.328 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1381/1506 16408/16423 4531/4717][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 222/467 1090/1514 286/552][nDPI Fingerprint: 8406ed33839f2d0d8e65998d19394677][TCP Fingerprint: 2_64_65535_685ad951a756/Android][TLSv1.3][JA4: t13d1615h2_46e7e9700bed_45f260be83e2][JA3S: 15af977ce25de452b96affa2addb1036][Chrome][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 7,0,7,0,0,0,0,0,24,0,0,0,7,0,7,0,7,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,7,0,0,0,0,0,0,0,7,0,0,0,0,15,0,0]
- 9 TCP 192.168.1.227:50071 <-> 52.73.71.226:443 [proto: 91.270/TLS.Fuze][Stack: TLS.Fuze][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 9][cat: VoIP/10][Breed: Acceptable][14 pkts/3035 bytes <-> 17 pkts/7520 bytes][Goodput ratio: 73/87][60.43 sec][Hostname/SNI: presence.fuze.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.425 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 5482/5008 45124/45106 13235/12754][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 217/442 1019/1514 278/561][nDPI Fingerprint: 4d4d833d2a2ca1c5fad0bafa81aa3859][TCP Fingerprint: 2_128_64240_6bb88f5575fd/Windows][TLSv1.2][JA4: t13d1515h2_8daaf6152771_de4a06bb82e3][ServerNames: *.presence.fuze.com,presence.fuze.com][JA3S: 8d2a028aa94425f76ced7826b1f39039][Issuer: C=US, O=Amazon, OU=Server CA 1B, CN=Amazon][Subject: CN=*.presence.fuze.com][Certificate SHA-1: B4:E1:85:91:CD:36:0A:89:7B:6F:A0:C1:11:B5:A5:29:CE:05:13:79][Chrome][Validity: 2020-09-23 00:00:00 - 2021-10-25 00:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 11,23,5,11,0,0,0,0,5,0,0,0,0,0,0,5,5,0,0,0,0,0,0,0,5,0,0,0,5,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0]
- 10 TCP 192.168.1.128:48918 <-> 143.204.9.65:443 [proto: 91.71/TLS.DisneyPlus][Stack: TLS.DisneyPlus][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 8][cat: Streaming/17][Breed: Fun][15 pkts/1802 bytes <-> 14 pkts/7915 bytes][Goodput ratio: 44/88][0.05 sec][Hostname/SNI: prod-static.disney-plus.net][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.629 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3/3 17/11 5/4][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 120/565 583/1494 132/660][nDPI Fingerprint: 0900bdd5a1f76195daca900a4276b6eb][TCP Fingerprint: 2_64_64240_0c11e5ddde9b/Unknown][TLSv1.3][JA4: t13d1715h2_5b57614c22b0_3d5424432f57][JA3S: f4febc55ea12b31ae17cfb7e614afda8][Firefox][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 10,0,20,0,0,10,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,40,0,0,0]
+ 9 TCP 192.168.1.227:50071 <-> 52.73.71.226:443 [proto: 91.270/TLS.Fuze][Stack: TLS.Fuze][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 9][cat: VoIP/10][Breed: Acceptable][14 pkts/3035 bytes <-> 17 pkts/7520 bytes][Goodput ratio: 73/87][60.43 sec][Hostname/SNI: presence.fuze.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.425 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 5482/5008 45124/45106 13235/12754][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 217/442 1019/1514 278/561][nDPI Fingerprint: 4d4d833d2a2ca1c5fad0bafa81aa3859][TCP Fingerprint: 2_128_64240_6bb88f5575fd/Windows][TLSv1.2][JA4: t13d1515h2_8daaf6152771_de4a06bb82e3][ServerNames: *.presence.fuze.com,presence.fuze.com][JA3S: 8d2a028aa94425f76ced7826b1f39039][Issuer: C=US, O=Amazon, OU=Server CA 1B, CN=Amazon][Subject: CN=*.presence.fuze.com][Certificate SHA-1: B4:E1:85:91:CD:36:0A:89:7B:6F:A0:C1:11:B5:A5:29:CE:05:13:79][Chrome][Validity: 2020-09-23 00:00:00 - 2021-10-25 00:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 11,23,5,11,0,0,0,0,5,0,0,0,0,0,0,5,5,0,0,0,0,0,0,0,5,0,0,0,5,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0]
+ 10 TCP 192.168.1.128:48918 <-> 143.204.9.65:443 [proto: 91.71/TLS.DisneyPlus][Stack: TLS.DisneyPlus][IP: 464/AWS_Cloudfront][Encrypted][Confidence: DPI][FPC: 464/AWS_Cloudfront, Confidence: IP address][DPI packets: 8][cat: Streaming/17][Breed: Fun][15 pkts/1802 bytes <-> 14 pkts/7915 bytes][Goodput ratio: 44/88][0.05 sec][Hostname/SNI: prod-static.disney-plus.net][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.629 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3/3 17/11 5/4][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 120/565 583/1494 132/660][nDPI Fingerprint: 0900bdd5a1f76195daca900a4276b6eb][TCP Fingerprint: 2_64_64240_0c11e5ddde9b/Unknown][TLSv1.3][JA4: t13d1715h2_5b57614c22b0_3d5424432f57][JA3S: f4febc55ea12b31ae17cfb7e614afda8][Firefox][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 10,0,20,0,0,10,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,40,0,0,0]
11 TCP 192.168.12.169:39248 <-> 23.12.104.83:443 [proto: 91.280/TLS.AccuWeather][Stack: TLS.AccuWeather][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][Breed: Fun][16 pkts/1964 bytes <-> 14 pkts/6598 bytes][Goodput ratio: 47/86][1.75 sec][Hostname/SNI: api.accuweather.com][(Advertised) ALPNs: http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.541 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 125/170 1421/1444 375/427][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 123/471 583/1514 140/534][nDPI Fingerprint: 721c6f8a55f4672396264d6e8820ee4d][TCP Fingerprint: 2_64_65535_685ad951a756/Android][TLSv1.3][JA4: t13d1713h1_5b57614c22b0_eca864cca44a][JA3S: 15af977ce25de452b96affa2addb1036][Safari][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 16,0,8,0,0,0,0,0,16,8,0,8,0,0,0,0,8,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,16,0,0]
- 12 TCP 192.168.1.125:60828 <-> 3.165.239.54:443 [proto: 91.447/TLS.Ubiquity][Stack: TLS.Ubiquity][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 7][cat: Network/14][Breed: Safe][8 pkts/2618 bytes <-> 10 pkts/5757 bytes][Goodput ratio: 79/88][0.06 sec][Hostname/SNI: www.ui.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.375 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1/7 2/54 1/18][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 327/576 1961/4350 618/1268][nDPI Fingerprint: 61dca57aece72df86422af77a906753e][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1717h2_5b57614c22b0_3cbfd9057e0d][JA3S: f4febc55ea12b31ae17cfb7e614afda8][ECH: version 0xfe0d][Firefox][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 22,11,22,0,0,11,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,22]
- 13 TCP [2001:b07:a3d:c112:c044:a6d4:80d:5d55]:39970 <-> [2600:9000:25ea:1200:1:12d8:5a00:93a1]:443 [proto: 91.399/TLS.HuaweiCloud][Stack: TLS.HuaweiCloud][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 6][cat: Cloud/13][Breed: Acceptable][8 pkts/1965 bytes <-> 4 pkts/5457 bytes][Goodput ratio: 65/94][0.01 sec][Hostname/SNI: contentcenter-dre.dbankcdn.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.470 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2/3 4/4 1/2][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 246/1364 764/3710 228/1482][nDPI Fingerprint: cb16f625c17eff4cf124899944c34885][TCP Fingerprint: 2_64_65320_5c453b01be6e/Unknown][TLSv1.3][JA4: t13d1715h2_5b57614c22b0_5c2c66f702b0][JA3S: f4febc55ea12b31ae17cfb7e614afda8][ECH: version 0xfe0d][Firefox][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,16,0,0,16,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,16]
+ 12 TCP 192.168.1.125:60828 <-> 3.165.239.54:443 [proto: 91.447/TLS.Ubiquity][Stack: TLS.Ubiquity][IP: 464/AWS_Cloudfront][Encrypted][Confidence: DPI][FPC: 464/AWS_Cloudfront, Confidence: IP address][DPI packets: 7][cat: Network/14][Breed: Safe][8 pkts/2618 bytes <-> 10 pkts/5757 bytes][Goodput ratio: 79/88][0.06 sec][Hostname/SNI: www.ui.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.375 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1/7 2/54 1/18][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 327/576 1961/4350 618/1268][nDPI Fingerprint: 61dca57aece72df86422af77a906753e][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1717h2_5b57614c22b0_3cbfd9057e0d][JA3S: f4febc55ea12b31ae17cfb7e614afda8][ECH: version 0xfe0d][Firefox][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 22,11,22,0,0,11,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,22]
+ 13 TCP [2001:b07:a3d:c112:c044:a6d4:80d:5d55]:39970 <-> [2600:9000:25ea:1200:1:12d8:5a00:93a1]:443 [proto: 91.399/TLS.HuaweiCloud][Stack: TLS.HuaweiCloud][IP: 464/AWS_Cloudfront][Encrypted][Confidence: DPI][FPC: 464/AWS_Cloudfront, Confidence: IP address][DPI packets: 6][cat: Cloud/13][Breed: Acceptable][8 pkts/1965 bytes <-> 4 pkts/5457 bytes][Goodput ratio: 65/94][0.01 sec][Hostname/SNI: contentcenter-dre.dbankcdn.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.470 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2/3 4/4 1/2][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 246/1364 764/3710 228/1482][nDPI Fingerprint: cb16f625c17eff4cf124899944c34885][TCP Fingerprint: 2_64_65320_5c453b01be6e/Unknown][TLSv1.3][JA4: t13d1715h2_5b57614c22b0_5c2c66f702b0][JA3S: f4febc55ea12b31ae17cfb7e614afda8][ECH: version 0xfe0d][Firefox][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,16,0,0,16,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,16]
14 TCP 192.168.1.128:56836 <-> 13.107.42.13:443 [proto: 91.221/TLS.MS_OneDrive][Stack: TLS.MS_OneDrive][IP: 276/Azure][Encrypted][Confidence: DPI][FPC: 276/Azure, Confidence: IP address][DPI packets: 8][cat: Cloud/13][Breed: Acceptable][3 pkts/857 bytes <-> 7 pkts/6562 bytes][Goodput ratio: 79/94][0.08 sec][Hostname/SNI: onedrive.live.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.769 (Download)][IAT c2s/s2c min/avg/max/stddev: 22/0 28/9 33/33 6/13][Pkt Len c2s/s2c min/avg/max/stddev: 74/60 286/937 571/1514 209/673][nDPI Fingerprint: e9a13ad88d67c04088da7a9aa58f2d2c][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.2][JA4: t13d1715h2_5b57614c22b0_3d5424432f57][ServerNames: onedrive.com,p.sfx.ms,*.live.com,*.live.net,*.skydrive.live.com,*.onedrive.live.com,*.onedrive.com,d.sfx-df.ms,*.odwebb.svc.ms,*.odwebp.svc.ms,*.odwebdf.svc.ms,*.odwebpl.svc.ms][JA3S: a66ea560599a2f5c89eec8c3a0d69cee][Issuer: C=US, O=Microsoft Corporation, CN=Microsoft RSA TLS CA 02][Subject: CN=onedrive.com][Certificate SHA-1: 77:7F:F2:95:29:A7:E3:CC:0F:BF:2F:BA:2E:6F:2A:38:62:8B:48:4D][Firefox][Validity: 2022-02-01 00:13:15 - 2023-02-01 00:13:15][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 12,0,0,0,12,0,0,0,0,0,12,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,51,0,0]
15 TCP 192.168.1.128:46724 <-> 199.232.82.109:443 [proto: 91.267/TLS.Vimeo][Stack: TLS.Vimeo][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 10][cat: Streaming/17][Breed: Fun][13 pkts/1452 bytes <-> 12 pkts/5804 bytes][Goodput ratio: 42/86][52.80 sec][Hostname/SNI: f.vimeocdn.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.600 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 5278/5835 46637/46651 13906/15427][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 112/484 583/1410 138/567][nDPI Fingerprint: f405dac8aa2f0b5ee1d6f28bd6582412][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.2][JA4: t13d1516h2_8daaf6152771_e5627efa2ab1][ServerNames: *.vimeocdn.com][JA3S: 16c0b3e6a7b8173c16d944cfeaeee9cf][Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Atlas R3 DV TLS CA 2020][Subject: CN=*.vimeocdn.com][Certificate SHA-1: 3A:0F:CF:EC:3C:13:25:E2:E1:4D:C6:52:A6:4D:8D:96:10:1E:8E:37][Chrome][Validity: 2021-05-18 18:45:52 - 2022-06-19 18:45:51][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 12,0,12,0,0,0,0,0,12,0,0,0,0,0,0,0,12,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,38,0,0,0,0,0]
16 TCP [2001:b07:a3d:c112:9a00:ba78:86b1:e177]:48616 <-> [2001:67c:4e8:f004::9]:443 [proto: 91.185/TLS.Telegram][Stack: TLS.Telegram][IP: 185/Telegram][Encrypted][Confidence: DPI][FPC: 185/Telegram, Confidence: IP address][DPI packets: 6][cat: Chat/9][Breed: Acceptable][5 pkts/1090 bytes <-> 4 pkts/6012 bytes][Goodput ratio: 60/94][0.04 sec][Hostname/SNI: t.me][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.693 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 10/7 18/22 8/10][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 218/1503 738/4182 260/1673][nDPI Fingerprint: cb16f625c17eff4cf124899944c34885][TCP Fingerprint: 2_64_65320_5c453b01be6e/Unknown][TLSv1.3][JA4: t13d1715h2_5b57614c22b0_5c2c66f702b0][JA3S: 15af977ce25de452b96affa2addb1036][ECH: version 0xfe0d][Firefox][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,66]
@@ -141,8 +141,8 @@ JA Host Stats:
20 TCP 192.168.1.128:43412 <-> 151.101.193.73:443 [proto: 91.246/TLS.Bloomberg][Stack: TLS.Bloomberg][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Cloud/13][Breed: Safe][3 pkts/816 bytes <-> 6 pkts/5140 bytes][Goodput ratio: 75/92][0.04 sec][Hostname/SNI: www.bloomberg.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.726 (Download)][IAT c2s/s2c min/avg/max/stddev: 10/0 15/6 20/20 5/8][Pkt Len c2s/s2c min/avg/max/stddev: 74/74 272/857 583/1406 223/565][nDPI Fingerprint: e9a13ad88d67c04088da7a9aa58f2d2c][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.2][JA4: t13d1715h2_5b57614c22b0_3d5424432f57][ServerNames: www.bloomberg.com,api.businessweek.com,api.bwbx.io,assets.bwbx.io,byzantium.bloomberg.com,cdn-mobapi.bloomberg.com,cdn-videos.bloomberg.com,cdn.gotraffic.net,charts.bloomberg.com,embeds.bloomberg.com,fastly.bloomberg.tv,feeds.bloomberg.com,fonts.gotraffic.net,staging-assets.bwbx.io,nav.bloomberg.com,sponsored.bloomberg.com,spotlight.bloomberg.com,tictoc.video,www.bbthat.com,www.bloomberg.co.jp,www.bloomberg.co.jp.shared.bloomberga.com,www.bloomberg.com.shared.bloomberga.com,www.bloombergview.com,www.citylab.com,www.citylab.com.shared.bloomberga.com,www.quicktake.video,www.tictoc.video,cdn-api.cmobile.bloomberg.com][JA3S: 16c0b3e6a7b8173c16d944cfeaeee9cf][Issuer: C=US, O=DigiCert Inc, CN=DigiCert TLS RSA SHA256 2020 CA1][Subject: C=US, ST=New York, L=New York, O=Bloomberg LP, CN=www.bloomberg.com][Certificate SHA-1: 88:4A:85:34:1D:E6:C0:BE:5E:C6:14:BB:BA:94:A3:55:92:BA:95:82][Firefox][Validity: 2022-02-22 00:00:00 - 2023-03-24 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,14,0,0,0,0,0,14,0,0,0,0,0,14,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,42,0,0,0,0,0,0]
21 TCP 192.168.1.128:39828 <-> 40.97.160.2:443 [proto: 91.21/TLS.Outlook][Stack: TLS.Outlook][IP: 21/Outlook][Encrypted][Confidence: DPI][FPC: 21/Outlook, Confidence: IP address][DPI packets: 7][cat: Email/3][Breed: Acceptable][3 pkts/857 bytes <-> 6 pkts/5097 bytes][Goodput ratio: 79/93][0.55 sec][Hostname/SNI: outlook.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.712 (Download)][IAT c2s/s2c min/avg/max/stddev: 178/0 184/74 190/189 6/90][Pkt Len c2s/s2c min/avg/max/stddev: 74/66 286/850 571/1514 209/672][nDPI Fingerprint: e9a13ad88d67c04088da7a9aa58f2d2c][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.2][JA4: t13d1715h2_5b57614c22b0_3d5424432f57][ServerNames: *.internal.outlook.com,*.outlook.com,outlook.com,office365.com,*.office365.com,*.outlook.office365.com,*.office.com,outlook.office.com,substrate.office.com,attachment.outlook.live.net,attachment.outlook.office.net,attachment.outlook.officeppe.net,attachments.office.net,*.clo.footprintdns.com,*.nrb.footprintdns.com,ccs.login.microsoftonline.com,ccs-sdf.login.microsoftonline.com,substrate-sdf.office.com,attachments-sdf.office.net,*.live.com,mail.services.live.com,hotmail.com,*.hotmail.com][JA3S: 71d9ce75f347e6cf54268d7114ae6925][Issuer: C=US, O=DigiCert Inc, CN=DigiCert Cloud Services CA-1][Subject: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=outlook.com][Certificate SHA-1: 4E:39:B4:13:4B:8C:77:57:7D:80:3D:76:40:E8:88:22:05:00:1C:58][Firefox][Validity: 2021-12-22 00:00:00 - 2022-12-22 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 0,14,0,0,14,0,0,0,0,0,14,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,42,0,0]
22 TCP 192.168.1.245:46174 <-> 5.61.23.30:443 [proto: 91/TLS][Stack: TLS][IP: 22/VK][Encrypted][Confidence: DPI][FPC: 22/VK, Confidence: IP address][DPI packets: 6][cat: Web/5][Breed: Safe][10 pkts/2084 bytes <-> 10 pkts/3525 bytes][Goodput ratio: 68/82][0.23 sec][Hostname/SNI: 732231.ms.ok.ru][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.257 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 17/24 46/47 22/23][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 208/352 905/2236 268/643][nDPI Fingerprint: 10a15e66877bc8846ec3248d43598357][TCP Fingerprint: 2_64_64240_0c11e5ddde9b/Unknown][TLSv1.2][JA4: t13d1715h2_5b57614c22b0_5c2c66f702b0][ServerNames: *.ok.ru,odnoklassniki.ru,ok.me,okl.lt,oklive.app,tamtam.chat,tt.me,*.odnoklassniki.ru,*.ok.me,*.okl.lt,*.oklive.app,*.tamtam.chat,*.tt.me,*.ms.ok.ru,ms.ok.ru,ok.ru][JA3S: 4ef1b297bb817d8212165a86308bac5f][Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign RSA OV SSL CA 2018][Subject: C=RU, ST=Moscow, L=Moscow, O=VK LLC, CN=*.ok.ru][ECH: version 0xfe0d][Certificate SHA-1: 66:20:81:B9:D0:20:96:BF:13:93:E6:76:FF:C4:19:BD:F6:29:0E:A3][Firefox][Validity: 2023-10-04 08:36:03 - 2024-10-02 09:21:02][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 25,0,12,0,0,0,0,12,0,0,0,0,0,12,12,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12]
- 23 TCP 192.168.1.245:55362 <-> 44.218.3.81:443 [proto: 91.411/TLS.Bluesky][Stack: TLS.Bluesky][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 6][cat: SocialNetwork/6][Breed: Fun][4 pkts/931 bytes <-> 3 pkts/4550 bytes][Goodput ratio: 71/95][0.19 sec][Hostname/SNI: bsky.social][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.660 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 64/48 96/97 45/48][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 233/1517 725/4410 284/2046][nDPI Fingerprint: 6fd4981632b662065dfd7e0896907b0e][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1715h2_5b57614c22b0_5c2c66f702b0][JA3S: f4febc55ea12b31ae17cfb7e614afda8][ECH: version 0xfe0d][Firefox][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
- 24 TCP 192.168.1.245:50142 <-> 3.136.49.254:443 [proto: 91.411/TLS.Bluesky][Stack: TLS.Bluesky][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 6][cat: SocialNetwork/6][Breed: Fun][4 pkts/928 bytes <-> 3 pkts/4550 bytes][Goodput ratio: 71/95][0.24 sec][Hostname/SNI: bsky.app][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.661 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 78/60 117/119 55/60][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 232/1517 722/4410 283/2046][nDPI Fingerprint: 6fd4981632b662065dfd7e0896907b0e][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1715h2_5b57614c22b0_5c2c66f702b0][JA3S: f4febc55ea12b31ae17cfb7e614afda8][ECH: version 0xfe0d][Firefox][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
+ 23 TCP 192.168.1.245:55362 <-> 44.218.3.81:443 [proto: 91.411/TLS.Bluesky][Stack: TLS.Bluesky][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 6][cat: SocialNetwork/6][Breed: Fun][4 pkts/931 bytes <-> 3 pkts/4550 bytes][Goodput ratio: 71/95][0.19 sec][Hostname/SNI: bsky.social][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.660 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 64/48 96/97 45/48][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 233/1517 725/4410 284/2046][nDPI Fingerprint: 6fd4981632b662065dfd7e0896907b0e][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1715h2_5b57614c22b0_5c2c66f702b0][JA3S: f4febc55ea12b31ae17cfb7e614afda8][ECH: version 0xfe0d][Firefox][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
+ 24 TCP 192.168.1.245:50142 <-> 3.136.49.254:443 [proto: 91.411/TLS.Bluesky][Stack: TLS.Bluesky][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 6][cat: SocialNetwork/6][Breed: Fun][4 pkts/928 bytes <-> 3 pkts/4550 bytes][Goodput ratio: 71/95][0.24 sec][Hostname/SNI: bsky.app][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.661 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 78/60 117/119 55/60][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 232/1517 722/4410 283/2046][nDPI Fingerprint: 6fd4981632b662065dfd7e0896907b0e][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1715h2_5b57614c22b0_5c2c66f702b0][JA3S: f4febc55ea12b31ae17cfb7e614afda8][ECH: version 0xfe0d][Firefox][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
25 TCP 192.168.1.128:57878 <-> 52.113.194.132:443 [proto: 91.219/TLS.Microsoft365][Stack: TLS.Microsoft365][IP: 250/Teams][Encrypted][Confidence: DPI][FPC: 250/Teams, Confidence: IP address][DPI packets: 6][cat: Collaborative/15][Breed: Acceptable][3 pkts/857 bytes <-> 5 pkts/4534 bytes][Goodput ratio: 79/94][0.08 sec][Hostname/SNI: teams.office.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][bytes ratio: -0.682 (Download)][IAT c2s/s2c min/avg/max/stddev: 20/0 32/16 44/36 12/16][Pkt Len c2s/s2c min/avg/max/stddev: 74/66 286/907 571/1514 209/591][nDPI Fingerprint: f405dac8aa2f0b5ee1d6f28bd6582412][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.2][JA4: t13d1516h2_8daaf6152771_e5627efa2ab1][ServerNames: teams.office.com][JA3S: 104071bf77c5f0d7bae5f17542ba9428][Issuer: C=US, O=Microsoft Corporation, CN=Microsoft RSA TLS CA 01][Subject: CN=teams.office.com][Certificate SHA-1: 27:20:65:85:4C:34:BF:09:F0:25:56:B8:50:A7:4D:38:8C:45:82:80][Chrome][Validity: 2021-09-06 22:02:06 - 2022-09-06 22:02:06][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 0,0,0,0,16,0,0,0,0,0,16,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,34,0,0]
26 TCP 192.168.1.128:57336 <-> 23.1.68.189:443 [proto: 91.231/TLS.Playstation][Stack: TLS.Playstation][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Game/8][Breed: Fun][3 pkts/849 bytes <-> 5 pkts/4459 bytes][Goodput ratio: 76/92][0.07 sec][Hostname/SNI: www.playstation.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.680 (Download)][IAT c2s/s2c min/avg/max/stddev: 23/0 24/12 24/23 0/12][Pkt Len c2s/s2c min/avg/max/stddev: 74/74 283/892 583/1514 218/598][nDPI Fingerprint: e9a13ad88d67c04088da7a9aa58f2d2c][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.2][JA4: t13d1715h2_5b57614c22b0_3d5424432f57][ServerNames: playstation.com,webforms.playstation.com,www.playstation.com][JA3S: 19e4a55cecd087d9ebf88da03db13a0f][Issuer: C=US, O=DigiCert Inc, CN=DigiCert SHA2 Secure Server CA][Subject: C=US, ST=California, L=San Mateo, O=SONY INTERACTIVE ENTERTAINMENT LLC, CN=www.playstation.com][Certificate SHA-1: 19:BC:48:84:B7:B0:91:46:45:D5:DD:3B:B5:8D:8E:45:E8:42:1A:8A][Firefox][Validity: 2021-11-19 00:00:00 - 2022-11-18 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,0,16,0,0,0,0,16,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,34,0,0]
27 TCP 192.168.1.128:45014 <-> 129.226.107.210:443 [proto: 91.202/TLS.IFLIX][Stack: TLS.IFLIX][IP: 285/Tencent][Encrypted][Confidence: DPI][FPC: 285/Tencent, Confidence: IP address][DPI packets: 6][cat: Video/26][Breed: Fun][3 pkts/792 bytes <-> 5 pkts/4228 bytes][Goodput ratio: 77/93][0.97 sec][Hostname/SNI: www.iflix.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.684 (Download)][IAT c2s/s2c min/avg/max/stddev: 324/0 325/162 326/326 1/163][Pkt Len c2s/s2c min/avg/max/stddev: 74/66 264/846 571/1486 219/582][nDPI Fingerprint: e9a13ad88d67c04088da7a9aa58f2d2c][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.2][JA4: t13d1715h2_5b57614c22b0_3d5424432f57][ServerNames: jan18-2022-1.ias.iflix.com,access.iflix.com,accounts.iflix.com,debugaccess.iflix.com,hwvip.iflix.com,iflix.com,live.iflix.com,pbaccess.iflix.com,pbdebugaccess.iflix.com,test.iflix.com,testupload.iflix.com,tv.iflix.com,upload.iflix.com,vplay.iflix.com,www.iflix.com][JA3S: 00447ab319e9d94ba2b4c1248e155917][Issuer: C=US, O=DigiCert Inc, CN=DigiCert Secure Site CN CA G3][Subject: C=CN, ST=Guangdong Province, L=Shenzhen, O=Shenzhen Tencent Computer Systems Company Limited, CN=jan18-2022-1.ias.iflix.com][Certificate SHA-1: 6F:FD:C1:38:F4:2A:0B:65:51:9C:0E:11:86:63:B5:58:52:FC:96:B0][Firefox][Validity: 2022-01-18 00:00:00 - 2023-01-17 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,16,0,0,0,0,0,16,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,34,0,0,0]
@@ -154,26 +154,26 @@ JA Host Stats:
33 TCP [2001:b07:a3d:c112:9a00:ba78:86b1:e177]:48624 <-> [2001:67c:4e8:f004::9]:443 [proto: 91.185/TLS.Telegram][Stack: TLS.Telegram][IP: 185/Telegram][Encrypted][Confidence: DPI][FPC: 185/Telegram, Confidence: IP address][DPI packets: 6][cat: Chat/9][Breed: Acceptable][4 pkts/1011 bytes <-> 3 pkts/2682 bytes][Goodput ratio: 65/90][0.04 sec][Hostname/SNI: telegram.me][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.452 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 12/10 18/20 8/10][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 253/894 745/2502 284/1137][nDPI Fingerprint: cb16f625c17eff4cf124899944c34885][TCP Fingerprint: 2_64_65320_5c453b01be6e/Unknown][TLSv1.3][JA4: t13d1715h2_5b57614c22b0_5c2c66f702b0][JA3S: 15af977ce25de452b96affa2addb1036][ECH: version 0xfe0d][Firefox][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
34 UDP 192.168.1.128:36832 <-> 142.250.181.238:443 [proto: 188.126/QUIC.Google][Stack: QUIC.Google][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 188.126/QUIC.Google, Confidence: DPI][DPI packets: 1][cat: Web/5][Breed: Acceptable][1 pkts/1399 bytes <-> 1 pkts/1399 bytes][Goodput ratio: 97/97][0.02 sec][Hostname/SNI: plus.google.com][(Advertised) ALPNs: h3][TLS Supported Versions: TLSv1.3][nDPI Fingerprint: bc05628c034049e24d4aacd27d09cbbb][TLSv1.3][QUIC ver: V-1][JA4: q13d0314h3_55b375c5d22e_2d2a40a25571][Firefox][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0]
35 UDP 192.168.1.128:38642 <-> 216.58.212.142:443 [proto: 188.126/QUIC.Google][Stack: QUIC.Google][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 188.126/QUIC.Google, Confidence: DPI][DPI packets: 1][cat: Web/5][Breed: Acceptable][1 pkts/1399 bytes <-> 1 pkts/1399 bytes][Goodput ratio: 97/97][0.03 sec][Hostname/SNI: hangouts.google.com][(Advertised) ALPNs: h3][TLS Supported Versions: TLSv1.3][nDPI Fingerprint: 6b367fa615a4a426be02f014c0684ab7][TLSv1.3][QUIC ver: V-1][JA4: q13d0315h3_55b375c5d22e_9974e4f6be5b][Firefox][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0]
- 36 UDP 192.168.1.17:59392 -> 3.164.68.49:443 [proto: 188.450/QUIC.Kick][Stack: QUIC.Kick][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Video/26][Breed: Fun][3 pkts/2684 bytes -> 0 pkts/0 bytes][Goodput ratio: 95/0][0.02 sec][Hostname/SNI: clips.kick.com][(Advertised) ALPNs: h3][TLS Supported Versions: TLSv1.3][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][nDPI Fingerprint: 17c5c727938d4e42097b66453fdc0bcb][TLSv1.3][QUIC ver: V-1][JA4: q13d0314h3_55b375c5d22e_61e396c58b1f][ECH: version 0xfe0d][Firefox][Plen Bins: 0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,66,0,0,0,0,0,0,0,0]
+ 36 UDP 192.168.1.17:59392 -> 3.164.68.49:443 [proto: 188.450/QUIC.Kick][Stack: QUIC.Kick][IP: 464/AWS_Cloudfront][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 2][cat: Video/26][Breed: Fun][3 pkts/2684 bytes -> 0 pkts/0 bytes][Goodput ratio: 95/0][0.02 sec][Hostname/SNI: clips.kick.com][(Advertised) ALPNs: h3][TLS Supported Versions: TLSv1.3][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][nDPI Fingerprint: 17c5c727938d4e42097b66453fdc0bcb][TLSv1.3][QUIC ver: V-1][JA4: q13d0314h3_55b375c5d22e_61e396c58b1f][ECH: version 0xfe0d][Firefox][Plen Bins: 0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,66,0,0,0,0,0,0,0,0]
37 TCP 192.168.88.171:55280 <-> 124.237.225.21:443 [proto: 91.54/TLS.iQIYI][Stack: TLS.iQIYI][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 7][cat: Streaming/17][Breed: Fun][3 pkts/691 bytes <-> 4 pkts/1680 bytes][Goodput ratio: 75/86][< 1 sec][Hostname/SNI: msg.qy.net][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.417 (Download)][IAT c2s/s2c min/avg/max/stddev: 295/2 296/198 297/297 1/138][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 230/420 571/1494 241/620][nDPI Fingerprint: dd5bd88edac30c493f5345d60d8c0f4e][TCP Fingerprint: 2_128_64240_6bb88f5575fd/Windows][TLSv1.3][JA4: t13d3113h2_e8f1e7e78f70_1b3407e2c936][JA3S: 15af977ce25de452b96affa2addb1036][Firefox][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0]
38 TCP 192.168.88.171:55468 <-> 184.86.2.194:443 [proto: 91.54/TLS.iQIYI][Stack: TLS.iQIYI][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Streaming/17][Breed: Fun][3 pkts/742 bytes <-> 3 pkts/1620 bytes][Goodput ratio: 76/89][0.05 sec][Hostname/SNI: stc.iqiyipic.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][bytes ratio: -0.372 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 12/12 23/23 12/11][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 247/540 622/1494 265/675][nDPI Fingerprint: 73f3b8005a04de7aab82c07ea1680df4][TCP Fingerprint: 2_128_64240_6bb88f5575fd/Windows][TLSv1.3][JA4: t13d1516h2_8daaf6152771_02713d6af862][JA3S: 15af977ce25de452b96affa2addb1036][ECH: version 0xfe0d][Chrome][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0]
39 TCP 192.168.88.231:33920 <-> 185.5.161.203:443 [proto: 91.389/TLS.ElectronicArts][Stack: TLS.ElectronicArts][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Game/8][Breed: Fun][3 pkts/723 bytes <-> 3 pkts/1634 bytes][Goodput ratio: 71/87][0.08 sec][Hostname/SNI: origin-a.akamaihd.net][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.387 (Download)][IAT c2s/s2c min/avg/max/stddev: 6/19 16/24 26/28 10/4][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 241/545 583/1494 242/671][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: 41926a47f6ed09d10df69418d212ae20][TCP Fingerprint: 2_64_32120_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d571100_131602cb7446_24695f2957a7][JA3S: 15af977ce25de452b96affa2addb1036][Firefox][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0]
- 40 TCP 192.168.88.171:49217 <-> 54.208.106.218:443 [proto: 91.59/TLS.AdobeConnect][Stack: TLS.AdobeConnect][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 6][cat: Video/26][Breed: Acceptable][3 pkts/691 bytes <-> 3 pkts/1620 bytes][Goodput ratio: 75/89][0.28 sec][Hostname/SNI: meet27083742.adobeconnect.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][bytes ratio: -0.402 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 69/70 138/139 69/70][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 230/540 571/1494 241/675][nDPI Fingerprint: ac1867928681fc04fd12abce7c094c79][TCP Fingerprint: 2_128_64240_6bb88f5575fd/Windows][TLSv1.3][JA4: t13d1516h2_8daaf6152771_e5627efa2ab1][JA3S: f4febc55ea12b31ae17cfb7e614afda8][Chrome][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0]
+ 40 TCP 192.168.88.171:49217 <-> 54.208.106.218:443 [proto: 91.59/TLS.AdobeConnect][Stack: TLS.AdobeConnect][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 6][cat: Video/26][Breed: Acceptable][3 pkts/691 bytes <-> 3 pkts/1620 bytes][Goodput ratio: 75/89][0.28 sec][Hostname/SNI: meet27083742.adobeconnect.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][bytes ratio: -0.402 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 69/70 138/139 69/70][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 230/540 571/1494 241/675][nDPI Fingerprint: ac1867928681fc04fd12abce7c094c79][TCP Fingerprint: 2_128_64240_6bb88f5575fd/Windows][TLSv1.3][JA4: t13d1516h2_8daaf6152771_e5627efa2ab1][JA3S: f4febc55ea12b31ae17cfb7e614afda8][Chrome][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0]
41 TCP 192.168.88.171:55272 <-> 116.211.202.129:443 [proto: 91.54/TLS.iQIYI][Stack: TLS.iQIYI][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Streaming/17][Breed: Fun][3 pkts/691 bytes <-> 3 pkts/1620 bytes][Goodput ratio: 75/89][0.59 sec][Hostname/SNI: opportunarch.iqiyi.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.402 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 144/150 288/299 144/150][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 230/540 571/1494 241/675][nDPI Fingerprint: dd5bd88edac30c493f5345d60d8c0f4e][TCP Fingerprint: 2_128_64240_6bb88f5575fd/Windows][TLSv1.3][JA4: t13d3113h2_e8f1e7e78f70_1b3407e2c936][JA3S: 15af977ce25de452b96affa2addb1036][Firefox][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0]
42 TCP 192.168.1.128:40832 <-> 2.17.141.49:443 [proto: 91.179/TLS.eBay][Stack: TLS.eBay][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 4][cat: Shopping/27][Breed: Safe][2 pkts/657 bytes <-> 2 pkts/1588 bytes][Goodput ratio: 79/91][0.04 sec][Hostname/SNI: www.ebay.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][nDPI Fingerprint: e9a13ad88d67c04088da7a9aa58f2d2c][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1715h2_5b57614c22b0_3d5424432f57][JA3S: 15af977ce25de452b96affa2addb1036][Firefox][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0]
43 TCP 192.168.1.128:42884 <-> 185.125.190.21:443 [proto: 91.169/TLS.Canonical][Stack: TLS.Canonical][IP: 169/Canonical][Encrypted][Confidence: DPI][FPC: 169/Canonical, Confidence: IP address][DPI packets: 4][cat: Cloud/13][Breed: Acceptable][2 pkts/657 bytes <-> 2 pkts/1588 bytes][Goodput ratio: 79/91][0.06 sec][Hostname/SNI: assets.ubuntu.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][nDPI Fingerprint: e9a13ad88d67c04088da7a9aa58f2d2c][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1715h2_5b57614c22b0_3d5424432f57][JA3S: 15af977ce25de452b96affa2addb1036][Firefox][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0]
- 44 TCP 192.168.1.128:45898 <-> 15.160.39.187:443 [proto: 91.254/TLS.AppleSiri][Stack: TLS.AppleSiri][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 4][cat: VirtAssistant/32][Breed: Acceptable][2 pkts/657 bytes <-> 2 pkts/1588 bytes][Goodput ratio: 79/91][0.02 sec][Hostname/SNI: guzzoni.apple.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][nDPI Fingerprint: e9a13ad88d67c04088da7a9aa58f2d2c][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1715h2_5b57614c22b0_3d5424432f57][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Firefox][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0]
+ 44 TCP 192.168.1.128:45898 <-> 15.160.39.187:443 [proto: 91.254/TLS.AppleSiri][Stack: TLS.AppleSiri][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 4][cat: VirtAssistant/32][Breed: Acceptable][2 pkts/657 bytes <-> 2 pkts/1588 bytes][Goodput ratio: 79/91][0.02 sec][Hostname/SNI: guzzoni.apple.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][nDPI Fingerprint: e9a13ad88d67c04088da7a9aa58f2d2c][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1715h2_5b57614c22b0_3d5424432f57][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Firefox][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0]
45 TCP 192.168.1.128:46264 <-> 23.51.246.65:443 [proto: 91.231/TLS.Playstation][Stack: TLS.Playstation][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 4][cat: Game/8][Breed: Fun][2 pkts/657 bytes <-> 2 pkts/1588 bytes][Goodput ratio: 79/91][0.03 sec][Hostname/SNI: static.playstation.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][nDPI Fingerprint: e9a13ad88d67c04088da7a9aa58f2d2c][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1715h2_5b57614c22b0_3d5424432f57][JA3S: 15af977ce25de452b96affa2addb1036][Firefox][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0]
46 TCP 192.168.1.128:48140 <-> 23.1.66.79:443 [proto: 91.180/TLS.CNN][Stack: TLS.CNN][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 4][cat: Web/5][Breed: Safe][2 pkts/657 bytes <-> 2 pkts/1588 bytes][Goodput ratio: 79/91][0.04 sec][Hostname/SNI: cdn.cnn.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][nDPI Fingerprint: e9a13ad88d67c04088da7a9aa58f2d2c][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1715h2_5b57614c22b0_3d5424432f57][JA3S: 15af977ce25de452b96affa2addb1036][Firefox][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0]
47 TCP 192.168.1.128:48902 <-> 2.17.140.63:443 [proto: 91.47/TLS.Xbox][Stack: TLS.Xbox][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 4][cat: Game/8][Breed: Fun][2 pkts/657 bytes <-> 2 pkts/1588 bytes][Goodput ratio: 79/91][0.04 sec][Hostname/SNI: account.xbox.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][nDPI Fingerprint: e9a13ad88d67c04088da7a9aa58f2d2c][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1715h2_5b57614c22b0_3d5424432f57][JA3S: 15af977ce25de452b96affa2addb1036][Firefox][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0]
48 TCP 192.168.1.128:51432 <-> 95.101.195.214:443 [proto: 91.137/TLS.Hulu][Stack: TLS.Hulu][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 4][cat: Streaming/17][Breed: Fun][2 pkts/657 bytes <-> 2 pkts/1588 bytes][Goodput ratio: 79/91][0.05 sec][Hostname/SNI: hulu.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][nDPI Fingerprint: e9a13ad88d67c04088da7a9aa58f2d2c][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1715h2_5b57614c22b0_3d5424432f57][JA3S: 15af977ce25de452b96affa2addb1036][Firefox][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0]
49 TCP 192.168.1.17:55956 <-> 188.114.99.224:443 [proto: 91.450/TLS.Kick][Stack: TLS.Kick][IP: 220/Cloudflare][Encrypted][Confidence: DPI][FPC: 220/Cloudflare, Confidence: IP address][DPI packets: 5][cat: Video/26][Breed: Fun][4 pkts/2165 bytes <-> 1 pkts/74 bytes][Goodput ratio: 87/0][< 1 sec][Hostname/SNI: kick.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.2][JA4: t13d1717h2_5b57614c22b0_3cbfd9057e0d][ECH: version 0xfe0d][Firefox][PLAIN TEXT (kick.com)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0]
- 50 TCP 192.168.1.128:33664 <-> 108.138.185.106:443 [proto: 91.240/TLS.AmazonVideo][Stack: TLS.AmazonVideo][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 4][cat: Video/26][Breed: Fun][2 pkts/657 bytes <-> 2 pkts/1568 bytes][Goodput ratio: 79/91][0.02 sec][Hostname/SNI: www.primevideo.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][nDPI Fingerprint: e9a13ad88d67c04088da7a9aa58f2d2c][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1715h2_5b57614c22b0_3d5424432f57][JA3S: f4febc55ea12b31ae17cfb7e614afda8][Firefox][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0]
+ 50 TCP 192.168.1.128:33664 <-> 108.138.185.106:443 [proto: 91.240/TLS.AmazonVideo][Stack: TLS.AmazonVideo][IP: 464/AWS_Cloudfront][Encrypted][Confidence: DPI][FPC: 464/AWS_Cloudfront, Confidence: IP address][DPI packets: 4][cat: Video/26][Breed: Fun][2 pkts/657 bytes <-> 2 pkts/1568 bytes][Goodput ratio: 79/91][0.02 sec][Hostname/SNI: www.primevideo.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][nDPI Fingerprint: e9a13ad88d67c04088da7a9aa58f2d2c][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1715h2_5b57614c22b0_3d5424432f57][JA3S: f4febc55ea12b31ae17cfb7e614afda8][Firefox][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0]
51 TCP 192.168.1.128:39934 <-> 104.23.98.190:443 [proto: 91.232/TLS.Pastebin][Stack: TLS.Pastebin][IP: 220/Cloudflare][Encrypted][Confidence: DPI][FPC: 220/Cloudflare, Confidence: IP address][DPI packets: 4][cat: Download/7][Breed: Potentially_Dangerous][2 pkts/645 bytes <-> 2 pkts/1580 bytes][Goodput ratio: 80/92][0.04 sec][Hostname/SNI: pastebin.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][Risk: ** Unsafe Protocol **][Risk Score: 10][nDPI Fingerprint: e9a13ad88d67c04088da7a9aa58f2d2c][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1715h2_5b57614c22b0_3d5424432f57][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Firefox][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0]
- 52 TCP 192.168.1.128:43150 <-> 108.138.199.67:443 [proto: 91.210/TLS.Deezer][Stack: TLS.Deezer][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 4][cat: Music/25][Breed: Fun][2 pkts/657 bytes <-> 2 pkts/1568 bytes][Goodput ratio: 79/91][0.02 sec][Hostname/SNI: deezer.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][nDPI Fingerprint: e9a13ad88d67c04088da7a9aa58f2d2c][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1715h2_5b57614c22b0_3d5424432f57][JA3S: f4febc55ea12b31ae17cfb7e614afda8][Firefox][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0]
- 53 TCP 192.168.1.128:51806 <-> 18.66.196.102:443 [proto: 91.234/TLS.SoundCloud][Stack: TLS.SoundCloud][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 4][cat: Music/25][Breed: Fun][2 pkts/657 bytes <-> 2 pkts/1568 bytes][Goodput ratio: 79/91][0.02 sec][Hostname/SNI: soundcloud.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][nDPI Fingerprint: e9a13ad88d67c04088da7a9aa58f2d2c][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1715h2_5b57614c22b0_3d5424432f57][JA3S: f4febc55ea12b31ae17cfb7e614afda8][Firefox][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0]
+ 52 TCP 192.168.1.128:43150 <-> 108.138.199.67:443 [proto: 91.210/TLS.Deezer][Stack: TLS.Deezer][IP: 464/AWS_Cloudfront][Encrypted][Confidence: DPI][FPC: 464/AWS_Cloudfront, Confidence: IP address][DPI packets: 4][cat: Music/25][Breed: Fun][2 pkts/657 bytes <-> 2 pkts/1568 bytes][Goodput ratio: 79/91][0.02 sec][Hostname/SNI: deezer.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][nDPI Fingerprint: e9a13ad88d67c04088da7a9aa58f2d2c][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1715h2_5b57614c22b0_3d5424432f57][JA3S: f4febc55ea12b31ae17cfb7e614afda8][Firefox][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0]
+ 53 TCP 192.168.1.128:51806 <-> 18.66.196.102:443 [proto: 91.234/TLS.SoundCloud][Stack: TLS.SoundCloud][IP: 464/AWS_Cloudfront][Encrypted][Confidence: DPI][FPC: 464/AWS_Cloudfront, Confidence: IP address][DPI packets: 4][cat: Music/25][Breed: Fun][2 pkts/657 bytes <-> 2 pkts/1568 bytes][Goodput ratio: 79/91][0.02 sec][Hostname/SNI: soundcloud.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][nDPI Fingerprint: e9a13ad88d67c04088da7a9aa58f2d2c][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1715h2_5b57614c22b0_3d5424432f57][JA3S: f4febc55ea12b31ae17cfb7e614afda8][Firefox][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0]
54 TCP 192.168.1.128:53998 <-> 172.65.251.78:443 [proto: 91.262/TLS.GitLab][Stack: TLS.GitLab][IP: 220/Cloudflare][Encrypted][Confidence: DPI][FPC: 220/Cloudflare, Confidence: IP address][DPI packets: 4][cat: Collaborative/15][Breed: Acceptable][2 pkts/645 bytes <-> 2 pkts/1580 bytes][Goodput ratio: 80/92][0.05 sec][Hostname/SNI: www.gitlab.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][nDPI Fingerprint: e9a13ad88d67c04088da7a9aa58f2d2c][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1715h2_5b57614c22b0_3d5424432f57][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Firefox][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0]
- 55 TCP 192.168.1.128:57014 <-> 108.139.210.102:443 [proto: 91.246/TLS.Bloomberg][Stack: TLS.Bloomberg][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 4][cat: Cloud/13][Breed: Safe][2 pkts/657 bytes <-> 2 pkts/1568 bytes][Goodput ratio: 79/91][0.04 sec][Hostname/SNI: sourcepointcmp.bloomberg.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][nDPI Fingerprint: e9a13ad88d67c04088da7a9aa58f2d2c][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1715h2_5b57614c22b0_3d5424432f57][JA3S: f4febc55ea12b31ae17cfb7e614afda8][Firefox][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0]
+ 55 TCP 192.168.1.128:57014 <-> 108.139.210.102:443 [proto: 91.246/TLS.Bloomberg][Stack: TLS.Bloomberg][IP: 464/AWS_Cloudfront][Encrypted][Confidence: DPI][FPC: 464/AWS_Cloudfront, Confidence: IP address][DPI packets: 4][cat: Cloud/13][Breed: Safe][2 pkts/657 bytes <-> 2 pkts/1568 bytes][Goodput ratio: 79/91][0.04 sec][Hostname/SNI: sourcepointcmp.bloomberg.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][nDPI Fingerprint: e9a13ad88d67c04088da7a9aa58f2d2c][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1715h2_5b57614c22b0_3d5424432f57][JA3S: f4febc55ea12b31ae17cfb7e614afda8][Firefox][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0]
56 TCP 192.168.1.128:38858 <-> 142.250.180.142:443 [proto: 91.123/TLS.GoogleMaps][Stack: TLS.GoogleMaps][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 126/Google, Confidence: IP address][DPI packets: 4][cat: Web/5][Breed: Safe][2 pkts/657 bytes <-> 2 pkts/1558 bytes][Goodput ratio: 79/91][0.03 sec][Hostname/SNI: maps.google.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][nDPI Fingerprint: e9a13ad88d67c04088da7a9aa58f2d2c][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1715h2_5b57614c22b0_3d5424432f57][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Firefox][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0]
57 TCP 192.168.1.128:47122 <-> 35.201.112.136:443 [proto: 91.134/TLS.LastFM][Stack: TLS.LastFM][IP: 284/GoogleCloud][Encrypted][Confidence: DPI][FPC: 284/GoogleCloud, Confidence: IP address][DPI packets: 4][cat: Music/25][Breed: Fun][2 pkts/657 bytes <-> 2 pkts/1558 bytes][Goodput ratio: 79/91][0.02 sec][Hostname/SNI: kerve.last.fm][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][nDPI Fingerprint: e9a13ad88d67c04088da7a9aa58f2d2c][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1715h2_5b57614c22b0_3d5424432f57][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Firefox][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0]
58 TCP 192.168.1.128:50608 <-> 142.250.185.206:443 [proto: 91/TLS][Stack: TLS][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 126/Google, Confidence: IP address][DPI packets: 4][cat: Web/5][Breed: Safe][2 pkts/657 bytes <-> 2 pkts/1558 bytes][Goodput ratio: 79/91][0.04 sec][Hostname/SNI: googleplus.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][nDPI Fingerprint: e9a13ad88d67c04088da7a9aa58f2d2c][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1715h2_5b57614c22b0_3d5424432f57][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Firefox][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0]
@@ -190,4 +190,4 @@ JA Host Stats:
69 TCP 192.168.1.17:55718 <-> 213.180.204.183:80 [proto: 7.169/HTTP.Canonical][Stack: HTTP.Canonical][IP: 25/Yandex][ClearText][Confidence: DPI][FPC: 25/Yandex, Confidence: IP address][DPI packets: 4][cat: Cloud/13][Breed: Acceptable][3 pkts/415 bytes <-> 1 pkts/74 bytes][Goodput ratio: 50/0][0.01 sec][Hostname/SNI: ru.archive.ubuntu.com][URL: ru.archive.ubuntu.com/ubuntu/dists/noble/InRelease][User-Agent: Debian APT-HTTP/1.3 (2.7.14)][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][PLAIN TEXT (GET /ubuntu/dists/noble/InRelea)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
70 TCP 192.168.1.128:44954 <-> 34.96.123.111:80 [proto: 7/HTTP][Stack: HTTP][IP: 284/GoogleCloud][ClearText][Confidence: Match by port][FPC: 284/GoogleCloud, Confidence: IP address][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/74 bytes <-> 1 pkts/74 bytes][Goodput ratio: 0/0][0.01 sec][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
71 TCP 192.168.1.128:45936 <-> 208.85.40.158:80 [proto: 7/HTTP][Stack: HTTP][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/74 bytes <-> 1 pkts/74 bytes][Goodput ratio: 0/0][0.17 sec][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 72 TCP 192.168.1.128:52070 <-> 18.65.82.67:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: Match by port][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/74 bytes <-> 1 pkts/74 bytes][Goodput ratio: 0/0][0.02 sec][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 72 TCP 192.168.1.128:52070 <-> 18.65.82.67:80 [proto: 7/HTTP][Stack: HTTP][IP: 464/AWS_Cloudfront][ClearText][Confidence: Match by port][FPC: 464/AWS_Cloudfront, Confidence: IP address][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/74 bytes <-> 1 pkts/74 bytes][Goodput ratio: 0/0][0.02 sec][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/sites3.pcapng.out b/tests/cfgs/default/result/sites3.pcapng.out
index 7a5bc2bbf..d912f37a6 100644
--- a/tests/cfgs/default/result/sites3.pcapng.out
+++ b/tests/cfgs/default/result/sites3.pcapng.out
@@ -35,5 +35,5 @@ JA Host Stats:
1 TCP 192.168.43.159:19191 <-> 172.67.42.21:443 [proto: 91.108/TLS.Boosteroid][Stack: TLS.Boosteroid][IP: 220/Cloudflare][Encrypted][Confidence: DPI][FPC: 220/Cloudflare, Confidence: IP address][DPI packets: 9][cat: Game/8][Breed: Fun][18 pkts/5432 bytes <-> 52 pkts/48162 bytes][Goodput ratio: 82/94][5.65 sec][Hostname/SNI: cloud.boosteroid.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][bytes ratio: -0.797 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 392/58 2816/765 785/171][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 302/926 1414/1414 445/606][nDPI Fingerprint: 609e548909eae5913f964632ede9a4a6][TCP Fingerprint: 2_128_64240_6bb88f5575fd/Windows][TLSv1.3][JA4: t13d1516h2_8daaf6152771_d8a2da3f94cd][JA3S: eb1d94daa7e0344597e756a1fb6e7054][ECH: version 0xfe0d][Chrome][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 10,4,2,0,2,0,0,0,0,2,0,2,0,0,0,0,2,0,0,2,4,0,0,0,0,4,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,64,0,0,0,0,0]
- 2 TCP 192.168.43.159:19127 <-> 52.215.125.151:443 [proto: 91.107/TLS.Blacknut][Stack: TLS.Blacknut][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 8][cat: Game/8][Breed: Fun][24 pkts/13183 bytes <-> 41 pkts/23380 bytes][Goodput ratio: 90/90][12.69 sec][Hostname/SNI: www.blacknut.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][bytes ratio: -0.279 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 618/83 8607/293 2004/111][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 549/570 1414/1414 588/605][nDPI Fingerprint: 296a44756a75786d601c2159dfcee868][TCP Fingerprint: 2_128_64240_6bb88f5575fd/Windows][TLSv1.3][JA4: t13d1517h2_8daaf6152771_b6f405a00624][JA3S: fcb2d4d0991292272fcb1e464eedfd43][ECH: version 0xfe0d][Chrome][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 20,4,2,0,0,2,0,2,7,0,0,2,0,0,0,0,0,0,0,0,2,0,0,0,0,0,4,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,42,0,0,0,0,0]
+ 2 TCP 192.168.43.159:19127 <-> 52.215.125.151:443 [proto: 91.107/TLS.Blacknut][Stack: TLS.Blacknut][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 8][cat: Game/8][Breed: Fun][24 pkts/13183 bytes <-> 41 pkts/23380 bytes][Goodput ratio: 90/90][12.69 sec][Hostname/SNI: www.blacknut.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][bytes ratio: -0.279 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 618/83 8607/293 2004/111][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 549/570 1414/1414 588/605][nDPI Fingerprint: 296a44756a75786d601c2159dfcee868][TCP Fingerprint: 2_128_64240_6bb88f5575fd/Windows][TLSv1.3][JA4: t13d1517h2_8daaf6152771_b6f405a00624][JA3S: fcb2d4d0991292272fcb1e464eedfd43][ECH: version 0xfe0d][Chrome][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 20,4,2,0,0,2,0,2,7,0,0,2,0,0,0,0,0,0,0,0,2,0,0,0,0,0,4,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,42,0,0,0,0,0]
3 TCP 192.168.43.159:19180 <-> 172.98.56.177:443 [proto: 91.446/TLS.Rumble][Stack: TLS.Rumble][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 8][cat: Streaming/17][Breed: Fun][8 pkts/2519 bytes <-> 7 pkts/985 bytes][Goodput ratio: 82/60][8.16 sec][Hostname/SNI: wn0.rumble.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][bytes ratio: 0.438 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1291/186 6654/414 2404/188][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 315/141 1414/349 465/117][nDPI Fingerprint: 296a44756a75786d601c2159dfcee868][TCP Fingerprint: 2_128_64240_6bb88f5575fd/Windows][TLSv1.3][JA4: t13d1517h2_8daaf6152771_b6f405a00624][JA3S: fcb2d4d0991292272fcb1e464eedfd43][ECH: version 0xfe0d][Chrome][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,16,16,0,0,0,0,16,0,16,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/snapchat_call.pcapng.out b/tests/cfgs/default/result/snapchat_call.pcapng.out
index 53f38d733..e885df2e2 100644
--- a/tests/cfgs/default/result/snapchat_call.pcapng.out
+++ b/tests/cfgs/default/result/snapchat_call.pcapng.out
@@ -26,4 +26,4 @@ Acceptable 50 12772 1
VoIP 50 12772 1
- 1 UDP 192.168.12.169:42083 <-> 18.184.138.142:443 [proto: 188.255/QUIC.SnapchatCall][Stack: QUIC.SnapchatCall][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 20][cat: VoIP/10][Breed: Acceptable][25 pkts/5295 bytes <-> 25 pkts/7477 bytes][Goodput ratio: 80/86][8.29 sec][bytes ratio: -0.171 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 288/246 1313/1315 376/342][Pkt Len c2s/s2c min/avg/max/stddev: 65/62 212/299 1392/1392 365/419][Risk: ** Missing SNI TLS Extn **][Risk Score: 50][Risk Info: SNI should be present all time: attack ?][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][QUIC ver: Q046][Idle Timeout: 40][PLAIN TEXT (AESGCC20)][Plen Bins: 28,44,0,2,2,0,0,2,4,4,0,0,2,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0]
+ 1 UDP 192.168.12.169:42083 <-> 18.184.138.142:443 [proto: 188.255/QUIC.SnapchatCall][Stack: QUIC.SnapchatCall][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 20][cat: VoIP/10][Breed: Acceptable][25 pkts/5295 bytes <-> 25 pkts/7477 bytes][Goodput ratio: 80/86][8.29 sec][bytes ratio: -0.171 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 288/246 1313/1315 376/342][Pkt Len c2s/s2c min/avg/max/stddev: 65/62 212/299 1392/1392 365/419][Risk: ** Missing SNI TLS Extn **][Risk Score: 50][Risk Info: SNI should be present all time: attack ?][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][QUIC ver: Q046][Idle Timeout: 40][PLAIN TEXT (AESGCC20)][Plen Bins: 28,44,0,2,2,0,0,2,4,4,0,0,2,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/snapchat_call_v1.pcapng.out b/tests/cfgs/default/result/snapchat_call_v1.pcapng.out
index a4ac9a425..5576a0ca3 100644
--- a/tests/cfgs/default/result/snapchat_call_v1.pcapng.out
+++ b/tests/cfgs/default/result/snapchat_call_v1.pcapng.out
@@ -31,4 +31,4 @@ JA Host Stats:
1 192.168.12.169 1
- 1 UDP 192.168.12.169:47520 <-> 34.246.231.140:443 [proto: 188.255/QUIC.SnapchatCall][Stack: QUIC.Snapchat.SnapchatCall][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 188.199/QUIC.Snapchat, Confidence: DPI][DPI packets: 20][cat: VoIP/10][Breed: Acceptable][386 pkts/353569 bytes <-> 91 pkts/11745 bytes][Goodput ratio: 95/67][9.53 sec][Hostname/SNI: str1-euwest1-34-246-231-140.addlive.io][(Advertised) ALPNs: h3][TLS Supported Versions: TLSv1.3][bytes ratio: 0.936 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 24/89 284/262 25/53][Pkt Len c2s/s2c min/avg/max/stddev: 70/67 916/129 1301/1242 282/178][nDPI Fingerprint: c3ab26122aef9175dc9e711b55d73965][TLSv1.3][QUIC ver: V-1][JA4: q13d0309h3_55b375c5d22e_08189d42dc81][PLAIN TEXT (ktmbPg)][Plen Bins: 1,23,2,0,0,0,0,0,0,0,0,0,1,0,0,3,0,0,1,1,0,4,1,2,1,1,1,3,6,3,3,4,4,7,4,7,1,1,3,1,0,0,0,0,0,0,0,0]
+ 1 UDP 192.168.12.169:47520 <-> 34.246.231.140:443 [proto: 188.255/QUIC.SnapchatCall][Stack: QUIC.Snapchat.SnapchatCall][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 188.199/QUIC.Snapchat, Confidence: DPI][DPI packets: 20][cat: VoIP/10][Breed: Acceptable][386 pkts/353569 bytes <-> 91 pkts/11745 bytes][Goodput ratio: 95/67][9.53 sec][Hostname/SNI: str1-euwest1-34-246-231-140.addlive.io][(Advertised) ALPNs: h3][TLS Supported Versions: TLSv1.3][bytes ratio: 0.936 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 24/89 284/262 25/53][Pkt Len c2s/s2c min/avg/max/stddev: 70/67 916/129 1301/1242 282/178][nDPI Fingerprint: c3ab26122aef9175dc9e711b55d73965][TLSv1.3][QUIC ver: V-1][JA4: q13d0309h3_55b375c5d22e_08189d42dc81][PLAIN TEXT (ktmbPg)][Plen Bins: 1,23,2,0,0,0,0,0,0,0,0,0,1,0,0,3,0,0,1,1,0,4,1,2,1,1,1,3,6,3,3,4,4,7,4,7,1,1,3,1,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/snmp.pcap.out b/tests/cfgs/default/result/snmp.pcap.out
index 69ffc04e6..7b920dcd7 100644
--- a/tests/cfgs/default/result/snmp.pcap.out
+++ b/tests/cfgs/default/result/snmp.pcap.out
@@ -29,8 +29,8 @@ Network 72 14435 17
1 UDP 10.99.8.88:43242 <-> 10.100.253.146:161 [VLAN: 1308][proto: 14/SNMP][Stack: SNMP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 14/SNMP, Confidence: DPI][DPI packets: 2][cat: Network/14][Breed: Acceptable][3 pkts/2367 bytes <-> 3 pkts/1502 bytes][Goodput ratio: 94/91][0.11 sec][bytes ratio: 0.224 (Upload)][IAT c2s/s2c min/avg/max/stddev: 21/18 44/20 67/21 23/2][Pkt Len c2s/s2c min/avg/max/stddev: 611/75 789/501 1143/717 250/301][Risk: ** Error Code **][Risk Score: 10][Risk Info: SNMP Error 1][PLAIN TEXT (public)][Plen Bins: 16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 UDP 131.179.49.165:35970 <-> 254.158.1.169:161 [proto: 14/SNMP][Stack: SNMP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 14/SNMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][3 pkts/462 bytes <-> 3 pkts/534 bytes][Goodput ratio: 73/76][0.43 sec][bytes ratio: -0.072 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 143/142 144/144 145/146 1/2][Pkt Len c2s/s2c min/avg/max/stddev: 106/147 154/178 178/198 34/22][Plen Bins: 0,0,16,16,67,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 UDP 131.179.49.165:60694 <-> 254.158.1.169:161 [proto: 14/SNMP][Stack: SNMP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 14/SNMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][3 pkts/462 bytes <-> 3 pkts/527 bytes][Goodput ratio: 73/76][0.43 sec][bytes ratio: -0.066 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 117/150 134/154 150/158 16/4][Pkt Len c2s/s2c min/avg/max/stddev: 106/147 154/176 178/191 34/20][Plen Bins: 0,0,16,16,67,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 4 UDP 35.95.158.217:49306 <-> 30.79.214.36:161 [proto: 14/SNMP][Stack: SNMP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 14/SNMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][3 pkts/440 bytes <-> 3 pkts/514 bytes][Goodput ratio: 71/75][0.41 sec][bytes ratio: -0.078 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 119/146 134/150 150/153 16/4][Pkt Len c2s/s2c min/avg/max/stddev: 106/147 147/171 167/188 29/18][PLAIN TEXT (NOPRIV)][Plen Bins: 0,0,16,50,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 5 UDP 35.95.158.217:60440 <-> 30.79.214.36:161 [proto: 14/SNMP][Stack: SNMP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 14/SNMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][3 pkts/440 bytes <-> 3 pkts/507 bytes][Goodput ratio: 71/75][0.41 sec][bytes ratio: -0.071 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 102/149 132/156 163/164 30/8][Pkt Len c2s/s2c min/avg/max/stddev: 106/147 147/169 167/181 29/16][PLAIN TEXT (NOPRIV)][Plen Bins: 0,0,16,50,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 4 UDP 35.95.158.217:49306 <-> 30.79.214.36:161 [proto: 14/SNMP][Stack: SNMP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 14/SNMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][3 pkts/440 bytes <-> 3 pkts/514 bytes][Goodput ratio: 71/75][0.41 sec][bytes ratio: -0.078 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 119/146 134/150 150/153 16/4][Pkt Len c2s/s2c min/avg/max/stddev: 106/147 147/171 167/188 29/18][PLAIN TEXT (NOPRIV)][Plen Bins: 0,0,16,50,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 5 UDP 35.95.158.217:60440 <-> 30.79.214.36:161 [proto: 14/SNMP][Stack: SNMP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 14/SNMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][3 pkts/440 bytes <-> 3 pkts/507 bytes][Goodput ratio: 71/75][0.41 sec][bytes ratio: -0.071 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 102/149 132/156 163/164 30/8][Pkt Len c2s/s2c min/avg/max/stddev: 106/147 147/169 167/181 29/16][PLAIN TEXT (NOPRIV)][Plen Bins: 0,0,16,50,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
6 UDP 10.231.2.134:161 -> 10.72.247.4:61088 [VLAN: 908][proto: 14/SNMP][Stack: SNMP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 14/SNMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][4 pkts/924 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][54.00 sec][Risk: ** Error Code **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No client to server traffic / SNMP Error 19][PLAIN TEXT (000000)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
7 UDP 30.54.142.240:52435 <-> 250.58.112.87:161 [proto: 14/SNMP][Stack: SNMP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 14/SNMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][3 pkts/420 bytes <-> 3 pkts/493 bytes][Goodput ratio: 70/74][0.41 sec][bytes ratio: -0.080 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 114/150 132/150 151/151 18/0][Pkt Len c2s/s2c min/avg/max/stddev: 106/147 140/164 157/178 24/13][PLAIN TEXT (NOAUTHNOPRIV)][Plen Bins: 0,0,16,67,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
8 UDP 30.54.142.240:56251 <-> 250.58.112.87:161 [proto: 14/SNMP][Stack: SNMP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 14/SNMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][3 pkts/420 bytes <-> 3 pkts/485 bytes][Goodput ratio: 70/74][0.43 sec][bytes ratio: -0.072 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 138/147 144/148 149/149 6/1][Pkt Len c2s/s2c min/avg/max/stddev: 106/147 140/162 157/170 24/10][PLAIN TEXT (NOAUTHNOPRIV)][Plen Bins: 0,0,16,67,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -38,8 +38,8 @@ Network 72 14435 17
10 UDP 113.19.156.111:54318 -> 135.201.124.55:162 [proto: 14/SNMP][Stack: SNMP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 14/SNMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][2 pkts/564 bytes -> 0 pkts/0 bytes][Goodput ratio: 85/0][6.01 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (NOPRIV)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
11 UDP 124.53.196.176:54318 -> 103.248.22.47:162 [proto: 14/SNMP][Stack: SNMP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 14/SNMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][2 pkts/544 bytes -> 0 pkts/0 bytes][Goodput ratio: 84/0][7.35 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (NOAUTHNOPRIV)][Plen Bins: 0,0,0,0,0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
12 UDP 92.135.15.240:54318 -> 137.49.110.186:162 [proto: 14/SNMP][Stack: SNMP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 14/SNMP, Confidence: DPI][DPI packets: 2][cat: Network/14][Breed: Acceptable][2 pkts/410 bytes -> 0 pkts/0 bytes][Goodput ratio: 79/0][35.15 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (public2)][Plen Bins: 0,0,0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 13 UDP 65.2.162.193:58433 <-> 130.70.149.185:161 [proto: 14/SNMP][Stack: SNMP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 14/SNMP, Confidence: DPI][DPI packets: 2][cat: Network/14][Breed: Acceptable][2 pkts/170 bytes <-> 2 pkts/203 bytes][Goodput ratio: 50/58][0.36 sec][PLAIN TEXT (public)][Plen Bins: 0,75,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 13 UDP 65.2.162.193:58433 <-> 130.70.149.185:161 [proto: 14/SNMP][Stack: SNMP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 14/SNMP, Confidence: DPI][DPI packets: 2][cat: Network/14][Breed: Acceptable][2 pkts/170 bytes <-> 2 pkts/203 bytes][Goodput ratio: 50/58][0.36 sec][PLAIN TEXT (public)][Plen Bins: 0,75,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
14 UDP 176.211.60.43:37224 <-> 97.0.115.163:161 [proto: 14/SNMP][Stack: SNMP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 14/SNMP, Confidence: DPI][DPI packets: 2][cat: Network/14][Breed: Acceptable][2 pkts/170 bytes <-> 2 pkts/203 bytes][Goodput ratio: 50/58][0.28 sec][PLAIN TEXT (public)][Plen Bins: 0,75,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 15 UDP 65.2.162.193:59988 <-> 130.70.149.185:161 [proto: 14/SNMP][Stack: SNMP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 14/SNMP, Confidence: DPI][DPI packets: 2][cat: Network/14][Breed: Acceptable][2 pkts/170 bytes <-> 2 pkts/196 bytes][Goodput ratio: 50/57][0.26 sec][PLAIN TEXT (public)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 15 UDP 65.2.162.193:59988 <-> 130.70.149.185:161 [proto: 14/SNMP][Stack: SNMP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 14/SNMP, Confidence: DPI][DPI packets: 2][cat: Network/14][Breed: Acceptable][2 pkts/170 bytes <-> 2 pkts/196 bytes][Goodput ratio: 50/57][0.26 sec][PLAIN TEXT (public)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
16 UDP 176.211.60.43:43015 <-> 97.0.115.163:161 [proto: 14/SNMP][Stack: SNMP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 14/SNMP, Confidence: DPI][DPI packets: 2][cat: Network/14][Breed: Acceptable][2 pkts/170 bytes <-> 2 pkts/196 bytes][Goodput ratio: 50/57][0.26 sec][PLAIN TEXT (public)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
17 UDP 200.76.132.137:54318 -> 189.111.255.214:162 [proto: 14/SNMP][Stack: SNMP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 14/SNMP, Confidence: DPI][DPI packets: 2][cat: Network/14][Breed: Acceptable][2 pkts/355 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][12.24 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (public)][Plen Bins: 0,0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/srvloc.pcap.out b/tests/cfgs/default/result/srvloc.pcap.out
index f7b043e83..b8a8c7e39 100644
--- a/tests/cfgs/default/result/srvloc.pcap.out
+++ b/tests/cfgs/default/result/srvloc.pcap.out
@@ -248,9 +248,9 @@ RPC 629 57125 620
220 UDP 98.137.3.114:25821 -> 74.111.203.55:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/89 bytes -> 0 pkts/0 bytes][Goodput ratio: 52/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (service)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
221 UDP 99.199.77.211:14222 -> 165.114.202.61:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/89 bytes -> 0 pkts/0 bytes][Goodput ratio: 52/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (service)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
222 UDP 99.199.77.211:45829 -> 165.144.84.62:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/89 bytes -> 0 pkts/0 bytes][Goodput ratio: 52/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (service)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 223 UDP 100.56.155.112:1724 -> 90.147.171.51:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/89 bytes -> 0 pkts/0 bytes][Goodput ratio: 52/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (service)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 224 UDP 100.56.155.112:12751 -> 90.141.37.56:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/89 bytes -> 0 pkts/0 bytes][Goodput ratio: 52/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (service)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 225 UDP 100.56.155.112:53130 -> 90.111.212.50:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/89 bytes -> 0 pkts/0 bytes][Goodput ratio: 52/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (service)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 223 UDP 100.56.155.112:1724 -> 90.147.171.51:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/89 bytes -> 0 pkts/0 bytes][Goodput ratio: 52/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (service)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 224 UDP 100.56.155.112:12751 -> 90.141.37.56:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/89 bytes -> 0 pkts/0 bytes][Goodput ratio: 52/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (service)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 225 UDP 100.56.155.112:53130 -> 90.111.212.50:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/89 bytes -> 0 pkts/0 bytes][Goodput ratio: 52/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (service)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
226 UDP 103.71.146.222:26355 -> 90.141.37.56:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/89 bytes -> 0 pkts/0 bytes][Goodput ratio: 52/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (service)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
227 UDP 103.71.146.222:47772 -> 165.114.202.61:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/89 bytes -> 0 pkts/0 bytes][Goodput ratio: 52/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (service)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
228 UDP 103.71.146.222:64387 -> 90.147.171.51:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/89 bytes -> 0 pkts/0 bytes][Goodput ratio: 52/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (service)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -304,7 +304,7 @@ RPC 629 57125 620
276 UDP 231.223.121.213:15170 -> 90.147.171.51:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/89 bytes -> 0 pkts/0 bytes][Goodput ratio: 52/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (service)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
277 UDP 231.223.121.213:38016 -> 74.111.203.55:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/89 bytes -> 0 pkts/0 bytes][Goodput ratio: 52/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (service)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
278 UDP 7.110.179.205:58317 -> 165.144.84.62:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 279 UDP 54.251.198.222:40998 -> 165.144.84.62:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 279 UDP 54.251.198.222:40998 -> 165.144.84.62:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
280 UDP 55.94.8.63:43995 -> 90.145.180.58:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
281 UDP 56.82.128.250:53705 -> 186.112.202.53:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
282 UDP 56.174.92.201:12782 -> 165.114.202.61:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -383,7 +383,7 @@ RPC 629 57125 620
355 UDP 160.71.213.140:41896 -> 186.112.202.53:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
356 UDP 160.184.203.250:41825 -> 74.111.203.55:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
357 UDP 161.62.218.52:37093 -> 74.111.203.55:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 358 UDP 161.193.58.225:64776 -> 186.112.202.53:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 358 UDP 161.193.58.225:64776 -> 186.112.202.53:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
359 UDP 161.199.58.19:64864 -> 90.147.171.51:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
360 UDP 166.62.197.60:35606 -> 165.114.202.61:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
361 UDP 166.65.42.37:37412 -> 90.141.37.56:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -435,16 +435,16 @@ RPC 629 57125 620
407 UDP 33.216.90.56:53342 -> 90.147.171.51:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
408 UDP 33.216.90.56:56415 -> 165.144.84.62:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
409 UDP 34.16.223.107:49482 -> 165.144.84.62:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 284/GoogleCloud][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 410 UDP 34.214.128.211:50699 -> 74.111.203.55:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 411 UDP 34.220.38.0:54720 -> 186.112.202.53:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 410 UDP 34.214.128.211:50699 -> 74.111.203.55:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 411 UDP 34.220.38.0:54720 -> 186.112.202.53:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
412 UDP 37.36.31.210:53791 -> 165.144.84.62:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
413 UDP 37.40.101.196:53106 -> 85.111.52.57:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
414 UDP 37.234.100.32:56813 -> 90.145.180.58:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
415 UDP 38.236.38.224:52729 -> 165.114.202.61:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
416 UDP 38.238.166.9:56529 -> 90.147.171.51:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
417 UDP 44.49.31.2:51197 -> 90.147.171.51:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 418 UDP 44.239.95.30:56105 -> 74.111.203.55:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 419 UDP 44.242.231.77:50261 -> 186.112.202.53:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 418 UDP 44.239.95.30:56105 -> 74.111.203.55:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 419 UDP 44.242.231.77:50261 -> 186.112.202.53:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
420 UDP 46.204.255.75:55098 -> 165.144.84.62:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
421 UDP 47.51.0.222:53190 -> 69.109.187.54:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
422 UDP 47.236.248.231:52985 -> 90.141.37.56:427 [proto: 347/Service_Location_Protocol][Stack: Service_Location_Protocol][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 347/Service_Location_Protocol, Confidence: DPI][DPI packets: 1][cat: RPC/16][Breed: Acceptable][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/stun_signal.pcapng.out b/tests/cfgs/default/result/stun_signal.pcapng.out
index 784a5420c..c333da3c7 100644
--- a/tests/cfgs/default/result/stun_signal.pcapng.out
+++ b/tests/cfgs/default/result/stun_signal.pcapng.out
@@ -30,26 +30,26 @@ Acceptable 460 48496 23
VoIP 407 43310 21
Network 53 5186 2
- 1 UDP 192.168.12.169:43068 <-> 18.195.131.143:61156 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 265/AmazonAWS][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 7][cat: VoIP/10][Breed: Acceptable][48 pkts/4692 bytes <-> 58 pkts/7630 bytes][Goodput ratio: 57/68][12.11 sec][bytes ratio: -0.238 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 224/234 1055/1059 250/294][Pkt Len c2s/s2c min/avg/max/stddev: 70/70 98/132 146/306 23/72][Mapped IP/Port: 93.47.225.19:11914][PLAIN TEXT (BrDwrhkDr//9e)][Plen Bins: 26,31,15,15,5,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 2 UDP 192.168.12.169:47767 <-> 18.195.131.143:61498 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 265/AmazonAWS][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 7][cat: VoIP/10][Breed: Acceptable][18 pkts/1900 bytes <-> 35 pkts/6496 bytes][Goodput ratio: 60/77][2.67 sec][bytes ratio: -0.547 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 173/74 665/630 186/150][Pkt Len c2s/s2c min/avg/max/stddev: 70/70 106/186 146/306 26/92][Mapped IP/Port: 93.47.225.19:11932][PLAIN TEXT (80JiLM)][Plen Bins: 13,16,18,18,9,0,0,0,22,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 3 ICMP 35.158.183.167:0 <-> 192.168.12.169:0 [proto: 81/ICMP][Stack: ICMP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 81/ICMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][30 pkts/2780 bytes <-> 4 pkts/552 bytes][Goodput ratio: 55/69][51.83 sec][bytes ratio: 0.669 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 906/1 7931/1 2120/0][Pkt Len c2s/s2c min/avg/max/stddev: 90/138 93/138 98/138 4/0][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: No server to client traffic / Entropy: 5.051 (Executable?)][PLAIN TEXT (BJKHNYBG4)][Plen Bins: 0,88,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 4 UDP 192.168.12.169:43068 <-> 35.158.183.167:3478 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 265/AmazonAWS][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 7][cat: VoIP/10][Breed: Acceptable][13 pkts/1598 bytes <-> 13 pkts/1638 bytes][Goodput ratio: 66/67][31.02 sec][Hostname/SNI: signal.org][bytes ratio: -0.012 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/0 2090/2098 10035/10033 3616/3611][Pkt Len c2s/s2c min/avg/max/stddev: 62/102 123/126 174/190 47/25][Mapped IP/Port: 93.47.225.19:11910][Peer IP/Port: 18.195.131.143:61156][Relayed IP/Port: 35.158.183.167:64458][Rsp Origin IP/Port: 35.158.183.167:3478][Other IP/Port: 35.158.183.167:80][PLAIN TEXT (xYXlLJQ)][Plen Bins: 19,15,26,30,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 5 UDP 192.168.12.169:47767 <-> 35.158.122.211:3478 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 265/AmazonAWS][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 7][cat: VoIP/10][Breed: Acceptable][11 pkts/1338 bytes <-> 11 pkts/1354 bytes][Goodput ratio: 65/66][22.74 sec][Hostname/SNI: signal.org][bytes ratio: -0.006 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/0 2483/2337 10020/10020 3944/4010][Pkt Len c2s/s2c min/avg/max/stddev: 62/102 122/123 158/190 44/25][Mapped IP/Port: 93.47.225.19:11928][Peer IP/Port: 18.195.131.143:54054][Relayed IP/Port: 35.158.122.211:51358][Rsp Origin IP/Port: 35.158.122.211:3478][Other IP/Port: 35.158.122.211:80][PLAIN TEXT (rMfcsrHE)][Plen Bins: 18,18,27,31,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 6 UDP 192.168.12.169:39950 <-> 35.158.183.167:3478 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 265/AmazonAWS][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 7][cat: VoIP/10][Breed: Acceptable][11 pkts/1282 bytes <-> 11 pkts/1290 bytes][Goodput ratio: 64/64][30.98 sec][Hostname/SNI: signal.org][bytes ratio: -0.003 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/0 3757/3735 10023/10021 4493/4510][Pkt Len c2s/s2c min/avg/max/stddev: 62/102 117/117 162/134 48/13][Mapped IP/Port: 93.47.225.19:11911][Peer IP/Port: 18.195.131.143:61156][Relayed IP/Port: 35.158.183.167:52495][Rsp Origin IP/Port: 35.158.183.167:3478][Other IP/Port: 35.158.183.167:80][PLAIN TEXT (ovaKDk)][Plen Bins: 22,18,31,27,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 7 UDP 192.168.12.169:37970 <-> 35.158.122.211:3478 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 265/AmazonAWS][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 7][cat: VoIP/10][Breed: Acceptable][10 pkts/1196 bytes <-> 10 pkts/1164 bytes][Goodput ratio: 65/64][22.74 sec][Hostname/SNI: signal.org][bytes ratio: 0.014 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/0 1760/2672 10017/10018 3250/3952][Pkt Len c2s/s2c min/avg/max/stddev: 62/102 120/116 158/134 45/13][Mapped IP/Port: 93.47.225.19:11929][Peer IP/Port: 18.195.131.143:54054][Relayed IP/Port: 35.158.122.211:51073][Rsp Origin IP/Port: 35.158.122.211:3478][Other IP/Port: 35.158.122.211:80][PLAIN TEXT (BSFWxqj)][Plen Bins: 20,20,30,30,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 8 ICMP 35.158.122.211:0 <-> 192.168.12.169:0 [proto: 81/ICMP][Stack: ICMP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 81/ICMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][17 pkts/1578 bytes <-> 2 pkts/276 bytes][Goodput ratio: 55/69][22.73 sec][bytes ratio: 0.702 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1052/0 7992/0 2154/0][Pkt Len c2s/s2c min/avg/max/stddev: 90/138 93/138 98/138 4/0][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: No server to client traffic / Entropy: 5.051 (Executable?)][PLAIN TEXT (braaHWB)][Plen Bins: 0,89,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 9 UDP 192.168.12.169:39950 -> 35.158.183.167:443 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 265/AmazonAWS][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 7][cat: VoIP/10][Breed: Acceptable][16 pkts/1056 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][23.80 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 37/0 1416/0 7961/0 2721/0][Pkt Len c2s/s2c min/avg/max/stddev: 62/0 66/0 70/0 4/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 10 UDP 192.168.12.169:43068 -> 35.158.183.167:443 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 265/AmazonAWS][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 7][cat: VoIP/10][Breed: Acceptable][16 pkts/1056 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][23.82 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 60/0 1419/0 7937/0 2708/0][Pkt Len c2s/s2c min/avg/max/stddev: 62/0 66/0 70/0 4/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 11 UDP 192.168.12.169:39518 <-> 35.158.183.167:3478 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 78/STUN, Confidence: DPI][DPI packets: 7][cat: VoIP/10][Breed: Acceptable][4 pkts/448 bytes <-> 4 pkts/504 bytes][Goodput ratio: 62/67][4.85 sec][Hostname/SNI: signal.org][bytes ratio: -0.059 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 23/30 1612/1611 4762/4754 2228/2222][Pkt Len c2s/s2c min/avg/max/stddev: 62/110 112/126 158/134 46/10][Mapped IP/Port: 93.47.225.19:11888][Relayed IP/Port: 35.158.183.167:62696][Rsp Origin IP/Port: 35.158.183.167:3478][Other IP/Port: 35.158.183.167:80][PLAIN TEXT (GBLsrHn)][Plen Bins: 25,0,50,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 12 UDP 192.168.12.169:47204 <-> 35.158.183.167:3478 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 265/AmazonAWS][ClearText][Confidence: DPI (cache)][FPC: 78/STUN, Confidence: DPI][DPI packets: 7][cat: VoIP/10][Breed: Acceptable][4 pkts/448 bytes <-> 4 pkts/504 bytes][Goodput ratio: 62/67][4.85 sec][Hostname/SNI: signal.org][bytes ratio: -0.059 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 41/42 1612/1612 4721/4721 2198/2199][Pkt Len c2s/s2c min/avg/max/stddev: 62/110 112/126 158/134 46/10][Mapped IP/Port: 93.47.225.19:11889][Relayed IP/Port: 35.158.183.167:54498][Rsp Origin IP/Port: 35.158.183.167:3478][Other IP/Port: 35.158.183.167:80][PLAIN TEXT (nYAy610)][Plen Bins: 25,0,50,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 13 UDP 192.168.12.169:37970 -> 35.158.122.211:443 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 265/AmazonAWS][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 7][cat: VoIP/10][Breed: Acceptable][14 pkts/924 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][15.78 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 984/0 7992/0 2186/0][Pkt Len c2s/s2c min/avg/max/stddev: 62/0 66/0 70/0 4/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (braaHWB)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 14 UDP 192.168.12.169:47767 -> 35.158.122.211:443 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 265/AmazonAWS][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 7][cat: VoIP/10][Breed: Acceptable][14 pkts/924 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][15.78 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 982/0 8022/0 2200/0][Pkt Len c2s/s2c min/avg/max/stddev: 62/0 66/0 70/0 4/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (BtotYst)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 1 UDP 192.168.12.169:43068 <-> 18.195.131.143:61156 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 461/AWS_EC2][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 7][cat: VoIP/10][Breed: Acceptable][48 pkts/4692 bytes <-> 58 pkts/7630 bytes][Goodput ratio: 57/68][12.11 sec][bytes ratio: -0.238 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 224/234 1055/1059 250/294][Pkt Len c2s/s2c min/avg/max/stddev: 70/70 98/132 146/306 23/72][Mapped IP/Port: 93.47.225.19:11914][PLAIN TEXT (BrDwrhkDr//9e)][Plen Bins: 26,31,15,15,5,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 2 UDP 192.168.12.169:47767 <-> 18.195.131.143:61498 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 461/AWS_EC2][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 7][cat: VoIP/10][Breed: Acceptable][18 pkts/1900 bytes <-> 35 pkts/6496 bytes][Goodput ratio: 60/77][2.67 sec][bytes ratio: -0.547 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 173/74 665/630 186/150][Pkt Len c2s/s2c min/avg/max/stddev: 70/70 106/186 146/306 26/92][Mapped IP/Port: 93.47.225.19:11932][PLAIN TEXT (80JiLM)][Plen Bins: 13,16,18,18,9,0,0,0,22,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 3 ICMP 35.158.183.167:0 <-> 192.168.12.169:0 [proto: 81/ICMP][Stack: ICMP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 81/ICMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][30 pkts/2780 bytes <-> 4 pkts/552 bytes][Goodput ratio: 55/69][51.83 sec][bytes ratio: 0.669 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 906/1 7931/1 2120/0][Pkt Len c2s/s2c min/avg/max/stddev: 90/138 93/138 98/138 4/0][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: No server to client traffic / Entropy: 5.051 (Executable?)][PLAIN TEXT (BJKHNYBG4)][Plen Bins: 0,88,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 4 UDP 192.168.12.169:43068 <-> 35.158.183.167:3478 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 461/AWS_EC2][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 7][cat: VoIP/10][Breed: Acceptable][13 pkts/1598 bytes <-> 13 pkts/1638 bytes][Goodput ratio: 66/67][31.02 sec][Hostname/SNI: signal.org][bytes ratio: -0.012 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/0 2090/2098 10035/10033 3616/3611][Pkt Len c2s/s2c min/avg/max/stddev: 62/102 123/126 174/190 47/25][Mapped IP/Port: 93.47.225.19:11910][Peer IP/Port: 18.195.131.143:61156][Relayed IP/Port: 35.158.183.167:64458][Rsp Origin IP/Port: 35.158.183.167:3478][Other IP/Port: 35.158.183.167:80][PLAIN TEXT (xYXlLJQ)][Plen Bins: 19,15,26,30,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 5 UDP 192.168.12.169:47767 <-> 35.158.122.211:3478 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 461/AWS_EC2][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 7][cat: VoIP/10][Breed: Acceptable][11 pkts/1338 bytes <-> 11 pkts/1354 bytes][Goodput ratio: 65/66][22.74 sec][Hostname/SNI: signal.org][bytes ratio: -0.006 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/0 2483/2337 10020/10020 3944/4010][Pkt Len c2s/s2c min/avg/max/stddev: 62/102 122/123 158/190 44/25][Mapped IP/Port: 93.47.225.19:11928][Peer IP/Port: 18.195.131.143:54054][Relayed IP/Port: 35.158.122.211:51358][Rsp Origin IP/Port: 35.158.122.211:3478][Other IP/Port: 35.158.122.211:80][PLAIN TEXT (rMfcsrHE)][Plen Bins: 18,18,27,31,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 6 UDP 192.168.12.169:39950 <-> 35.158.183.167:3478 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 461/AWS_EC2][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 7][cat: VoIP/10][Breed: Acceptable][11 pkts/1282 bytes <-> 11 pkts/1290 bytes][Goodput ratio: 64/64][30.98 sec][Hostname/SNI: signal.org][bytes ratio: -0.003 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/0 3757/3735 10023/10021 4493/4510][Pkt Len c2s/s2c min/avg/max/stddev: 62/102 117/117 162/134 48/13][Mapped IP/Port: 93.47.225.19:11911][Peer IP/Port: 18.195.131.143:61156][Relayed IP/Port: 35.158.183.167:52495][Rsp Origin IP/Port: 35.158.183.167:3478][Other IP/Port: 35.158.183.167:80][PLAIN TEXT (ovaKDk)][Plen Bins: 22,18,31,27,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 7 UDP 192.168.12.169:37970 <-> 35.158.122.211:3478 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 461/AWS_EC2][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 7][cat: VoIP/10][Breed: Acceptable][10 pkts/1196 bytes <-> 10 pkts/1164 bytes][Goodput ratio: 65/64][22.74 sec][Hostname/SNI: signal.org][bytes ratio: 0.014 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/0 1760/2672 10017/10018 3250/3952][Pkt Len c2s/s2c min/avg/max/stddev: 62/102 120/116 158/134 45/13][Mapped IP/Port: 93.47.225.19:11929][Peer IP/Port: 18.195.131.143:54054][Relayed IP/Port: 35.158.122.211:51073][Rsp Origin IP/Port: 35.158.122.211:3478][Other IP/Port: 35.158.122.211:80][PLAIN TEXT (BSFWxqj)][Plen Bins: 20,20,30,30,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 8 ICMP 35.158.122.211:0 <-> 192.168.12.169:0 [proto: 81/ICMP][Stack: ICMP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 81/ICMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][17 pkts/1578 bytes <-> 2 pkts/276 bytes][Goodput ratio: 55/69][22.73 sec][bytes ratio: 0.702 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1052/0 7992/0 2154/0][Pkt Len c2s/s2c min/avg/max/stddev: 90/138 93/138 98/138 4/0][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: No server to client traffic / Entropy: 5.051 (Executable?)][PLAIN TEXT (braaHWB)][Plen Bins: 0,89,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 9 UDP 192.168.12.169:39950 -> 35.158.183.167:443 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 461/AWS_EC2][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 7][cat: VoIP/10][Breed: Acceptable][16 pkts/1056 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][23.80 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 37/0 1416/0 7961/0 2721/0][Pkt Len c2s/s2c min/avg/max/stddev: 62/0 66/0 70/0 4/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 10 UDP 192.168.12.169:43068 -> 35.158.183.167:443 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 461/AWS_EC2][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 7][cat: VoIP/10][Breed: Acceptable][16 pkts/1056 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][23.82 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 60/0 1419/0 7937/0 2708/0][Pkt Len c2s/s2c min/avg/max/stddev: 62/0 66/0 70/0 4/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 11 UDP 192.168.12.169:39518 <-> 35.158.183.167:3478 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 78/STUN, Confidence: DPI][DPI packets: 7][cat: VoIP/10][Breed: Acceptable][4 pkts/448 bytes <-> 4 pkts/504 bytes][Goodput ratio: 62/67][4.85 sec][Hostname/SNI: signal.org][bytes ratio: -0.059 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 23/30 1612/1611 4762/4754 2228/2222][Pkt Len c2s/s2c min/avg/max/stddev: 62/110 112/126 158/134 46/10][Mapped IP/Port: 93.47.225.19:11888][Relayed IP/Port: 35.158.183.167:62696][Rsp Origin IP/Port: 35.158.183.167:3478][Other IP/Port: 35.158.183.167:80][PLAIN TEXT (GBLsrHn)][Plen Bins: 25,0,50,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 12 UDP 192.168.12.169:47204 <-> 35.158.183.167:3478 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 461/AWS_EC2][ClearText][Confidence: DPI (cache)][FPC: 78/STUN, Confidence: DPI][DPI packets: 7][cat: VoIP/10][Breed: Acceptable][4 pkts/448 bytes <-> 4 pkts/504 bytes][Goodput ratio: 62/67][4.85 sec][Hostname/SNI: signal.org][bytes ratio: -0.059 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 41/42 1612/1612 4721/4721 2198/2199][Pkt Len c2s/s2c min/avg/max/stddev: 62/110 112/126 158/134 46/10][Mapped IP/Port: 93.47.225.19:11889][Relayed IP/Port: 35.158.183.167:54498][Rsp Origin IP/Port: 35.158.183.167:3478][Other IP/Port: 35.158.183.167:80][PLAIN TEXT (nYAy610)][Plen Bins: 25,0,50,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 13 UDP 192.168.12.169:37970 -> 35.158.122.211:443 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 461/AWS_EC2][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 7][cat: VoIP/10][Breed: Acceptable][14 pkts/924 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][15.78 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 984/0 7992/0 2186/0][Pkt Len c2s/s2c min/avg/max/stddev: 62/0 66/0 70/0 4/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (braaHWB)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 14 UDP 192.168.12.169:47767 -> 35.158.122.211:443 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 461/AWS_EC2][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 7][cat: VoIP/10][Breed: Acceptable][14 pkts/924 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][15.78 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 982/0 8022/0 2200/0][Pkt Len c2s/s2c min/avg/max/stddev: 62/0 66/0 70/0 4/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (BtotYst)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
15 UDP 192.168.12.169:37970 <-> 172.253.121.127:19302 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 126/Google][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 7][cat: VoIP/10][Breed: Acceptable][6 pkts/372 bytes <-> 6 pkts/444 bytes][Goodput ratio: 32/43][21.39 sec][bytes ratio: -0.088 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 250/250 4201/2720 10126/10103 4828/4263][Pkt Len c2s/s2c min/avg/max/stddev: 62/74 62/74 62/74 0/0][Mapped IP/Port: 93.47.225.19:11929][PLAIN TEXT (BNEmtWH)][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
16 UDP 192.168.12.169:39950 <-> 172.253.121.127:19302 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 126/Google][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 7][cat: VoIP/10][Breed: Acceptable][6 pkts/372 bytes <-> 6 pkts/444 bytes][Goodput ratio: 32/43][21.40 sec][bytes ratio: -0.088 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 248/248 4203/2720 10135/10132 4842/4279][Pkt Len c2s/s2c min/avg/max/stddev: 62/74 62/74 62/74 0/0][Mapped IP/Port: 93.47.225.19:11911][PLAIN TEXT (quISgYTP)][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
17 UDP 192.168.12.169:43068 <-> 172.253.121.127:19302 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 126/Google][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 7][cat: VoIP/10][Breed: Acceptable][6 pkts/372 bytes <-> 6 pkts/444 bytes][Goodput ratio: 32/43][21.38 sec][bytes ratio: -0.088 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 250/249 4201/2720 10128/10128 4837/4277][Pkt Len c2s/s2c min/avg/max/stddev: 62/74 62/74 62/74 0/0][Mapped IP/Port: 93.47.225.19:11910][PLAIN TEXT (BnDbEJB)][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
18 UDP 192.168.12.169:47767 <-> 172.253.121.127:19302 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 126/Google][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 7][cat: VoIP/10][Breed: Acceptable][6 pkts/372 bytes <-> 6 pkts/444 bytes][Goodput ratio: 32/43][21.39 sec][bytes ratio: -0.088 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 249/250 4202/2720 10130/10105 4830/4264][Pkt Len c2s/s2c min/avg/max/stddev: 62/74 62/74 62/74 0/0][Mapped IP/Port: 93.47.225.19:11928][PLAIN TEXT (lbMRpRo)][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 19 UDP 192.168.12.169:47767 <-> 18.195.131.143:54054 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 265/AmazonAWS][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 6][cat: VoIP/10][Breed: Acceptable][3 pkts/390 bytes <-> 3 pkts/350 bytes][Goodput ratio: 68/64][0.18 sec][bytes ratio: 0.054 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 6/4 48/52 90/101 42/48][Pkt Len c2s/s2c min/avg/max/stddev: 106/106 130/117 146/138 17/15][Mapped IP/Port: 93.47.225.19:11928][PLAIN TEXT (JUrAzE1)][Plen Bins: 0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 20 UDP 192.168.12.169:39518 -> 35.158.183.167:443 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 265/AmazonAWS][ClearText][Confidence: DPI (cache)][FPC: 78/STUN, Confidence: DPI][DPI packets: 7][cat: VoIP/10][Breed: Acceptable][10 pkts/660 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][3.82 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 64/0 424/0 1928/0 598/0][Pkt Len c2s/s2c min/avg/max/stddev: 62/0 66/0 70/0 4/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (BJKHNYBG4)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 21 UDP 192.168.12.169:47204 -> 35.158.183.167:443 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 265/AmazonAWS][ClearText][Confidence: DPI (cache)][FPC: 78/STUN, Confidence: DPI][DPI packets: 7][cat: VoIP/10][Breed: Acceptable][10 pkts/660 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][3.82 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 63/0 424/0 1928/0 597/0][Pkt Len c2s/s2c min/avg/max/stddev: 62/0 66/0 70/0 4/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 19 UDP 192.168.12.169:47767 <-> 18.195.131.143:54054 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 461/AWS_EC2][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 6][cat: VoIP/10][Breed: Acceptable][3 pkts/390 bytes <-> 3 pkts/350 bytes][Goodput ratio: 68/64][0.18 sec][bytes ratio: 0.054 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 6/4 48/52 90/101 42/48][Pkt Len c2s/s2c min/avg/max/stddev: 106/106 130/117 146/138 17/15][Mapped IP/Port: 93.47.225.19:11928][PLAIN TEXT (JUrAzE1)][Plen Bins: 0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 20 UDP 192.168.12.169:39518 -> 35.158.183.167:443 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 461/AWS_EC2][ClearText][Confidence: DPI (cache)][FPC: 78/STUN, Confidence: DPI][DPI packets: 7][cat: VoIP/10][Breed: Acceptable][10 pkts/660 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][3.82 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 64/0 424/0 1928/0 598/0][Pkt Len c2s/s2c min/avg/max/stddev: 62/0 66/0 70/0 4/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (BJKHNYBG4)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 21 UDP 192.168.12.169:47204 -> 35.158.183.167:443 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 461/AWS_EC2][ClearText][Confidence: DPI (cache)][FPC: 78/STUN, Confidence: DPI][DPI packets: 7][cat: VoIP/10][Breed: Acceptable][10 pkts/660 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][3.82 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 63/0 424/0 1928/0 597/0][Pkt Len c2s/s2c min/avg/max/stddev: 62/0 66/0 70/0 4/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
22 UDP 192.168.12.169:39518 <-> 172.253.121.127:19302 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 126/Google][ClearText][Confidence: DPI (cache)][FPC: 78/STUN, Confidence: DPI][DPI packets: 4][cat: VoIP/10][Breed: Acceptable][2 pkts/124 bytes <-> 2 pkts/148 bytes][Goodput ratio: 32/43][0.62 sec][Mapped IP/Port: 93.47.225.19:11888][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
23 UDP 192.168.12.169:47204 <-> 172.253.121.127:19302 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 126/Google][ClearText][Confidence: DPI (cache)][FPC: 78/STUN, Confidence: DPI][DPI packets: 4][cat: VoIP/10][Breed: Acceptable][2 pkts/124 bytes <-> 2 pkts/148 bytes][Goodput ratio: 32/43][0.63 sec][Mapped IP/Port: 93.47.225.19:11889][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/tailscale.pcap.out b/tests/cfgs/default/result/tailscale.pcap.out
index 9b8b4123b..1ab7c7562 100644
--- a/tests/cfgs/default/result/tailscale.pcap.out
+++ b/tests/cfgs/default/result/tailscale.pcap.out
@@ -26,4 +26,4 @@ Acceptable 107 16516 1
VPN 107 16516 1
- 1 UDP 192.168.88.3:41641 <-> 18.196.71.179:41641 [proto: 24/Tailscale][Stack: Tailscale][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 24/Tailscale, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][51 pkts/7842 bytes <-> 56 pkts/8674 bytes][Goodput ratio: 73/73][31.88 sec][bytes ratio: -0.050 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 28/0 586/517 2000/1880 588/502][Pkt Len c2s/s2c min/avg/max/stddev: 134/134 154/155 170/170 15/16][Plen Bins: 0,0,29,27,42,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 1 UDP 192.168.88.3:41641 <-> 18.196.71.179:41641 [proto: 24/Tailscale][Stack: Tailscale][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 24/Tailscale, Confidence: DPI][DPI packets: 1][cat: VPN/2][Breed: Acceptable][51 pkts/7842 bytes <-> 56 pkts/8674 bytes][Goodput ratio: 73/73][31.88 sec][bytes ratio: -0.050 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 28/0 586/517 2000/1880 588/502][Pkt Len c2s/s2c min/avg/max/stddev: 134/134 154/155 170/170 15/16][Plen Bins: 0,0,29,27,42,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/telegram_videocall.pcapng.out b/tests/cfgs/default/result/telegram_videocall.pcapng.out
index f7a008e15..b61ed2913 100644
--- a/tests/cfgs/default/result/telegram_videocall.pcapng.out
+++ b/tests/cfgs/default/result/telegram_videocall.pcapng.out
@@ -33,8 +33,8 @@ TLS 7 497 2
ICMPV6 5 350 2
Dropbox 2 348 1
Telegram 633 339051 7
-AmazonAWS 4 288 1
TelegramVoip 228 41561 16
+AWS_EC2 4 288 1
Safe 7 497 2
Acceptable 880 382620 32
@@ -69,8 +69,8 @@ Network 13 1372 7
22 UDP 192.168.12.169:42197 <-> 91.108.13.23:1400 [proto: 78.355/STUN.TelegramVoip][Stack: STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI (cache)][FPC: 78/STUN, Confidence: DPI][DPI packets: 4][cat: VoIP/10][Breed: Acceptable][2 pkts/124 bytes <-> 2 pkts/252 bytes][Goodput ratio: 32/66][10.27 sec][Mapped IP/Port: 93.47.225.70:11617][Rsp Origin IP/Port: 91.108.13.23:1400][Other IP/Port: 10.160.194.103:1401][PLAIN TEXT (BrHWdEqa2)][Plen Bins: 50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
23 UDP 192.168.12.169:42197 <-> 91.108.17.2:1400 [proto: 78.355/STUN.TelegramVoip][Stack: STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI (cache)][FPC: 78/STUN, Confidence: DPI][DPI packets: 4][cat: VoIP/10][Breed: Acceptable][2 pkts/124 bytes <-> 2 pkts/252 bytes][Goodput ratio: 32/66][10.30 sec][Mapped IP/Port: 93.47.225.70:11617][Rsp Origin IP/Port: 91.108.17.2:1400][Other IP/Port: 10.130.194.98:1401][PLAIN TEXT (BYyA/MmBER1)][Plen Bins: 50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
24 UDP 192.168.12.1:17500 -> 192.168.12.255:17500 [proto: 121/Dropbox][Stack: Dropbox][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 121/Dropbox, Confidence: DPI][DPI packets: 1][cat: Cloud/13][Breed: Acceptable][2 pkts/348 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][30.01 sec][PLAIN TEXT (version)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 25 TCP 18.195.162.93:443 <-> 192.168.12.169:38956 [proto: 91/TLS][Stack: TLS][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 1][cat: Web/5][Breed: Safe][2 pkts/163 bytes <-> 2 pkts/132 bytes][Goodput ratio: 19/0][5.09 sec][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 26 TCP 192.168.12.169:40710 <-> 52.58.18.25:5222 [proto: 265/AmazonAWS][Stack: AmazonAWS][IP: 265/AmazonAWS][Encrypted][Confidence: Match by IP][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 4][cat: Cloud/13][Breed: Acceptable][2 pkts/144 bytes <-> 2 pkts/144 bytes][Goodput ratio: 8/8][0.02 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 25 TCP 18.195.162.93:443 <-> 192.168.12.169:38956 [proto: 91/TLS][Stack: TLS][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 1][cat: Web/5][Breed: Safe][2 pkts/163 bytes <-> 2 pkts/132 bytes][Goodput ratio: 19/0][5.09 sec][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 26 TCP 192.168.12.169:40710 <-> 52.58.18.25:5222 [proto: 461/AWS_EC2][Stack: AWS_EC2][IP: 461/AWS_EC2][Encrypted][Confidence: Match by IP][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 4][cat: Cloud/13][Breed: Acceptable][2 pkts/144 bytes <-> 2 pkts/144 bytes][Goodput ratio: 8/8][0.02 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
27 ICMPV6 [fe80::98df:58ff:fefa:ebdc]:0 -> [ff02::2]:0 [proto: 102/ICMPV6][Stack: ICMPV6][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 102/ICMPV6, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][4 pkts/280 bytes -> 0 pkts/0 bytes][Goodput ratio: 11/0][32.62 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
28 ICMP 192.168.12.169:0 -> 91.108.9.35:0 [proto: 81/ICMP][Stack: ICMP][IP: 185/Telegram][ClearText][Confidence: DPI][FPC: 81/ICMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][2 pkts/276 bytes -> 0 pkts/0 bytes][Goodput ratio: 69/0][0.00 sec][Risk: ** Susp Entropy **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic / Entropy: 5.590 (Executable?)][PLAIN TEXT (ORtRLoo/fpi)][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
29 ICMP 192.168.12.169:0 -> 91.108.13.23:0 [proto: 81/ICMP][Stack: ICMP][IP: 185/Telegram][ClearText][Confidence: DPI][FPC: 81/ICMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][2 pkts/276 bytes -> 0 pkts/0 bytes][Goodput ratio: 69/0][0.00 sec][Risk: ** Susp Entropy **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic / Entropy: 5.612 (Executable?)][PLAIN TEXT (BuBNffVSd)][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/tls_change_cipher.pcap.out b/tests/cfgs/default/result/tls_change_cipher.pcap.out
index 1997f8e0c..f162efd5d 100644
--- a/tests/cfgs/default/result/tls_change_cipher.pcap.out
+++ b/tests/cfgs/default/result/tls_change_cipher.pcap.out
@@ -26,4 +26,4 @@ Safe 14 13753 1
Web 14 13753 1
- 1 TCP 18.139.7.8:443 <-> 172.29.190.157:62797 [VLAN: 113][proto: GTP:91/TLS][Stack: TLS][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 14][cat: Web/5][Breed: Safe][1 pkts/134 bytes <-> 13 pkts/13619 bytes][Goodput ratio: 0/88][4.99 sec][bytes ratio: -0.981 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/438 0/4677 0/1341][Pkt Len c2s/s2c min/avg/max/stddev: 134/194 134/1048 134/1458 0/494][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][PLAIN TEXT (oCpI.P7)][Plen Bins: 0,0,7,0,7,0,0,0,7,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,7,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,55,0,0,0,0,0,0]
+ 1 TCP 18.139.7.8:443 <-> 172.29.190.157:62797 [VLAN: 113][proto: GTP:91/TLS][Stack: TLS][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 14][cat: Web/5][Breed: Safe][1 pkts/134 bytes <-> 13 pkts/13619 bytes][Goodput ratio: 0/88][4.99 sec][bytes ratio: -0.981 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/438 0/4677 0/1341][Pkt Len c2s/s2c min/avg/max/stddev: 134/194 134/1048 134/1458 0/494][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][PLAIN TEXT (oCpI.P7)][Plen Bins: 0,0,7,0,7,0,0,0,7,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,7,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,55,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/tls_invalid_reads.pcap.out b/tests/cfgs/default/result/tls_invalid_reads.pcap.out
index d63e5b1c7..56155711f 100644
--- a/tests/cfgs/default/result/tls_invalid_reads.pcap.out
+++ b/tests/cfgs/default/result/tls_invalid_reads.pcap.out
@@ -38,5 +38,5 @@ JA Host Stats:
1 TCP 192.168.10.101:3967 <-> 206.33.61.113:443 [proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][Breed: Safe][4 pkts/330 bytes <-> 3 pkts/1497 bytes][Goodput ratio: 31/89][0.08 sec][bytes ratio: -0.639 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/38 25/19 58/38 24/19][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 82/499 156/905 43/346][Risk: ** Obsolete TLS (v1.1 or older) **** Weak TLS Cipher **][Risk Score: 200][Risk Info: Cipher TLS_RSA_WITH_RC4_128_MD5 / TLSv1][nDPI Fingerprint: 51544b1215f0d568b0df76079086930e][TCP Fingerprint: 2_128_64240_5a9ef1c58d0b/Unknown][TLSv1][JA3S: 53611273a714cb4789c8222932efd5a7][Cipher: TLS_RSA_WITH_RC4_128_MD5][Plen Bins: 0,0,0,33,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 2 TCP 10.191.139.17:58552 <-> 54.221.224.45:443 [VLAN: 2][proto: GTP:91.275/TLS.Crashlytics][Stack: TLS.Crashlytics][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 3][cat: DataTransfer/4][Breed: Acceptable][2 pkts/442 bytes <-> 1 pkts/118 bytes][Goodput ratio: 41/0][0.23 sec][Hostname/SNI: e.crashlytics.com][(Advertised) ALPNs: ][Risk: ** Uncommon TLS ALPN **** TLS Susp Extn **][Risk Score: 150][Risk Info: Invalid extension len / ][TCP Fingerprint: 2_64_65535_8c07a80cc645/Unknown][TLSv1.2][JA4: t12d200500_6e20beb92e8e_354730cf0bf0][Firefox][PLAIN TEXT (e.crashlytics.com)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 2 TCP 10.191.139.17:58552 <-> 54.221.224.45:443 [VLAN: 2][proto: GTP:91.275/TLS.Crashlytics][Stack: TLS.Crashlytics][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 3][cat: DataTransfer/4][Breed: Acceptable][2 pkts/442 bytes <-> 1 pkts/118 bytes][Goodput ratio: 41/0][0.23 sec][Hostname/SNI: e.crashlytics.com][(Advertised) ALPNs: ][Risk: ** Uncommon TLS ALPN **** TLS Susp Extn **][Risk Score: 150][Risk Info: Invalid extension len / ][TCP Fingerprint: 2_64_65535_8c07a80cc645/Unknown][TLSv1.2][JA4: t12d200500_6e20beb92e8e_354730cf0bf0][Firefox][PLAIN TEXT (e.crashlytics.com)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 TCP 74.80.160.99:3258 -> 67.217.77.28:443 [proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Web/5][Breed: Safe][1 pkts/64 bytes -> 0 pkts/0 bytes][Goodput ratio: 15/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/tls_multiple_synack_different_seq.pcapng.out b/tests/cfgs/default/result/tls_multiple_synack_different_seq.pcapng.out
index 48230b234..06b519d14 100644
--- a/tests/cfgs/default/result/tls_multiple_synack_different_seq.pcapng.out
+++ b/tests/cfgs/default/result/tls_multiple_synack_different_seq.pcapng.out
@@ -20,7 +20,7 @@ Patricia risk IPv6: 0/0 (search/found)
Patricia protocols: 2/0 (search/found)
Patricia protocols IPv6: 0/0 (search/found)
-AmazonAWS 10 6532 1
+AWS_S3 10 6532 1
Acceptable 10 6532 1
@@ -31,4 +31,4 @@ JA Host Stats:
1 10.10.10.1 1
- 1 TCP 10.10.10.1:443 <-> 192.168.0.1:59927 [proto: 91.265/TLS.AmazonAWS][Stack: TLS.AmazonAWS][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 10][cat: Cloud/13][Breed: Acceptable][9 pkts/5961 bytes <-> 1 pkts/571 bytes][Goodput ratio: 91/90][29.38 sec][Hostname/SNI: bolt-prod-s3-eu-west-1.s3.eu-west-1.amazonaws.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: 0.825 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 3672/0 15063/0 5728/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/571 662/571 1414/571 649/0][nDPI Fingerprint: 185917c2c68e40fcefbc020baabaecc4][TLSv1.2][JA4: t13d1515h2_8daaf6152771_de4a06bb82e3][ServerNames: s3-eu-west-1.amazonaws.com,*.s3-eu-west-1.amazonaws.com,s3.eu-west-1.amazonaws.com,*.s3.eu-west-1.amazonaws.com,s3.dualstack.eu-west-1.amazonaws.com,*.s3.dualstack.eu-west-1.amazonaws.com,*.s3.amazonaws.com,*.s3-control.eu-west-1.amazonaws.com,s3-control.eu-west-1.amazonaws.com,*.s3-control.dualstack.eu-west-1.amazonaws.com,s3-control.dualstack.eu-west-1.amazonaws.com,*.s3-accesspoint.eu-west-1.amazonaws.com,*.s3-accesspoint.dualstack.eu-west-1.amazonaws.com,*.s3.eu-west-1.vpce.amazonaws.com][JA3S: 704239182a9091e4453fdbfe0fd17586][Issuer: C=US, O=Amazon, OU=Server CA 1B, CN=Amazon][Subject: CN=*.s3-eu-west-1.amazonaws.com][Certificate SHA-1: 5A:47:18:0A:2F:90:02:C9:30:5C:B1:BE:D6:0D:5A:42:24:C8:81:76][Chrome][Validity: 2021-03-26 00:00:00 - 2022-03-08 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][PLAIN TEXT (Starfield Technologies)][Plen Bins: 0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,51,0,0,0,0,0]
+ 1 TCP 10.10.10.1:443 <-> 192.168.0.1:59927 [proto: 91.463/TLS.AWS_S3][Stack: TLS.AWS_S3][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 10][cat: Cloud/13][Breed: Acceptable][9 pkts/5961 bytes <-> 1 pkts/571 bytes][Goodput ratio: 91/90][29.38 sec][Hostname/SNI: bolt-prod-s3-eu-west-1.s3.eu-west-1.amazonaws.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: 0.825 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 3672/0 15063/0 5728/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/571 662/571 1414/571 649/0][nDPI Fingerprint: 185917c2c68e40fcefbc020baabaecc4][TLSv1.2][JA4: t13d1515h2_8daaf6152771_de4a06bb82e3][ServerNames: s3-eu-west-1.amazonaws.com,*.s3-eu-west-1.amazonaws.com,s3.eu-west-1.amazonaws.com,*.s3.eu-west-1.amazonaws.com,s3.dualstack.eu-west-1.amazonaws.com,*.s3.dualstack.eu-west-1.amazonaws.com,*.s3.amazonaws.com,*.s3-control.eu-west-1.amazonaws.com,s3-control.eu-west-1.amazonaws.com,*.s3-control.dualstack.eu-west-1.amazonaws.com,s3-control.dualstack.eu-west-1.amazonaws.com,*.s3-accesspoint.eu-west-1.amazonaws.com,*.s3-accesspoint.dualstack.eu-west-1.amazonaws.com,*.s3.eu-west-1.vpce.amazonaws.com][JA3S: 704239182a9091e4453fdbfe0fd17586][Issuer: C=US, O=Amazon, OU=Server CA 1B, CN=Amazon][Subject: CN=*.s3-eu-west-1.amazonaws.com][Certificate SHA-1: 5A:47:18:0A:2F:90:02:C9:30:5C:B1:BE:D6:0D:5A:42:24:C8:81:76][Chrome][Validity: 2021-03-26 00:00:00 - 2022-03-08 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][PLAIN TEXT (Starfield Technologies)][Plen Bins: 0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,51,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/viber.pcap.out b/tests/cfgs/default/result/viber.pcap.out
index 201bd8684..10cc0ec08 100644
--- a/tests/cfgs/default/result/viber.pcap.out
+++ b/tests/cfgs/default/result/viber.pcap.out
@@ -49,23 +49,23 @@ JA Host Stats:
1 192.168.0.17 3
- 1 TCP 192.168.0.17:53934 <-> 54.230.93.53:443 [proto: 91.144/TLS.Viber][Stack: TLS.Viber][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 144/Viber, Confidence: DNS][DPI packets: 8][cat: Chat/9][Breed: Fun][43 pkts/4571 bytes <-> 46 pkts/60087 bytes][Goodput ratio: 38/95][5.64 sec][Hostname/SNI: dl-media.viber.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: http/1.1][bytes ratio: -0.859 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 162/2 5370/40 907/7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 106/1306 774/1514 151/466][nDPI Fingerprint: 44c5026e8d830b6fbcdd2f7b0094b406][TCP Fingerprint: 2_64_65535_2e3cee914fc1/Unknown][TLSv1.2][JA4: t12d1409h2_c866b44c5a26_e08eabe7240f][ServerNames: *.viber.com,viber.com][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Issuer: C=US, O=thawte, Inc., CN=thawte SSL CA - G2][Subject: C=LU, ST=Luxembourg, L=Luxembourg, O=Viber Media Sarl, OU=IT, CN=*.viber.com][Certificate SHA-1: E1:11:26:E6:14:A5:E6:F7:F1:CB:68:D1:A6:95:A1:5E:11:48:72:2A][Firefox][Validity: 2016-06-26 00:00:00 - 2018-06-26 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,0,4,0,2,0,2,0,0,2,0,0,0,0,0,0,0,2,0,0,0,4,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,81,0,0]
- 2 TCP 192.168.0.17:57520 <-> 54.230.93.96:443 [proto: 91.144/TLS.Viber][Stack: TLS.Viber][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 144/Viber, Confidence: DNS][DPI packets: 8][cat: Chat/9][Breed: Fun][12 pkts/1848 bytes <-> 12 pkts/9317 bytes][Goodput ratio: 57/91][5.69 sec][Hostname/SNI: media.cdn.viber.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: http/1.1][bytes ratio: -0.669 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 622/10 5492/35 1722/14][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 154/776 435/1514 138/635][nDPI Fingerprint: 44c5026e8d830b6fbcdd2f7b0094b406][TCP Fingerprint: 2_64_65535_2e3cee914fc1/Unknown][TLSv1.2][JA4: t12d1409h2_c866b44c5a26_e08eabe7240f][ServerNames: *.cdn.viber.com][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Issuer: C=US, O=thawte, Inc., CN=thawte SSL CA - G2][Subject: C=LU, ST=Luxembourg, L=Luxembourg, O=Viber Media Sarl, OU=IT, CN=*.cdn.viber.com][Certificate SHA-1: B6:30:6F:02:75:A8:08:0A:AE:AA:9C:6C:9F:B5:8E:4C:82:02:3D:39][Firefox][Validity: 2016-07-03 00:00:00 - 2018-07-03 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,0,7,0,7,0,7,0,0,15,23,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,39,0,0]
- 3 TCP 192.168.0.17:49048 <-> 54.187.91.182:443 [proto: 91/TLS][Stack: TLS][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 9][cat: Web/5][Breed: Safe][13 pkts/2823 bytes <-> 14 pkts/6552 bytes][Goodput ratio: 69/86][1.00 sec][Hostname/SNI: brahe.apptimize.com][(Advertised) ALPNs: http/1.1][(Negotiated) ALPN: http/1.1][bytes ratio: -0.398 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 58/60 176/183 76/72][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 217/468 1514/1514 380/570][nDPI Fingerprint: 2c3b31e61c3602b0305229f06a47f6d1][TCP Fingerprint: 2_64_65535_2e3cee914fc1/Unknown][TLSv1.2][JA4: t12d1409h1_c866b44c5a26_e08eabe7240f][ServerNames: *.apptimize.com,apptimize.com][JA3S: 8d2a028aa94425f76ced7826b1f39039][Issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Organization Validation Secure Server CA][Subject: C=US, ST=CA, L=Mountain View, O=Apptimize, Inc, OU=PremiumSSL Wildcard, CN=*.apptimize.com][Certificate SHA-1: BC:4C:8F:EC:8B:7B:85:BD:54:61:8B:C0:7B:E7:A2:69:0B:F2:49:E5][Firefox][Validity: 2016-02-11 00:00:00 - 2019-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 7,15,0,7,0,15,0,0,7,0,0,0,7,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,31,0,0]
+ 1 TCP 192.168.0.17:53934 <-> 54.230.93.53:443 [proto: 91.144/TLS.Viber][Stack: TLS.Viber][IP: 464/AWS_Cloudfront][Encrypted][Confidence: DPI][FPC: 144/Viber, Confidence: DNS][DPI packets: 8][cat: Chat/9][Breed: Fun][43 pkts/4571 bytes <-> 46 pkts/60087 bytes][Goodput ratio: 38/95][5.64 sec][Hostname/SNI: dl-media.viber.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: http/1.1][bytes ratio: -0.859 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 162/2 5370/40 907/7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 106/1306 774/1514 151/466][nDPI Fingerprint: 44c5026e8d830b6fbcdd2f7b0094b406][TCP Fingerprint: 2_64_65535_2e3cee914fc1/Unknown][TLSv1.2][JA4: t12d1409h2_c866b44c5a26_e08eabe7240f][ServerNames: *.viber.com,viber.com][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Issuer: C=US, O=thawte, Inc., CN=thawte SSL CA - G2][Subject: C=LU, ST=Luxembourg, L=Luxembourg, O=Viber Media Sarl, OU=IT, CN=*.viber.com][Certificate SHA-1: E1:11:26:E6:14:A5:E6:F7:F1:CB:68:D1:A6:95:A1:5E:11:48:72:2A][Firefox][Validity: 2016-06-26 00:00:00 - 2018-06-26 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,0,4,0,2,0,2,0,0,2,0,0,0,0,0,0,0,2,0,0,0,4,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,81,0,0]
+ 2 TCP 192.168.0.17:57520 <-> 54.230.93.96:443 [proto: 91.144/TLS.Viber][Stack: TLS.Viber][IP: 464/AWS_Cloudfront][Encrypted][Confidence: DPI][FPC: 144/Viber, Confidence: DNS][DPI packets: 8][cat: Chat/9][Breed: Fun][12 pkts/1848 bytes <-> 12 pkts/9317 bytes][Goodput ratio: 57/91][5.69 sec][Hostname/SNI: media.cdn.viber.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: http/1.1][bytes ratio: -0.669 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 622/10 5492/35 1722/14][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 154/776 435/1514 138/635][nDPI Fingerprint: 44c5026e8d830b6fbcdd2f7b0094b406][TCP Fingerprint: 2_64_65535_2e3cee914fc1/Unknown][TLSv1.2][JA4: t12d1409h2_c866b44c5a26_e08eabe7240f][ServerNames: *.cdn.viber.com][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Issuer: C=US, O=thawte, Inc., CN=thawte SSL CA - G2][Subject: C=LU, ST=Luxembourg, L=Luxembourg, O=Viber Media Sarl, OU=IT, CN=*.cdn.viber.com][Certificate SHA-1: B6:30:6F:02:75:A8:08:0A:AE:AA:9C:6C:9F:B5:8E:4C:82:02:3D:39][Firefox][Validity: 2016-07-03 00:00:00 - 2018-07-03 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,0,7,0,7,0,7,0,0,15,23,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,39,0,0]
+ 3 TCP 192.168.0.17:49048 <-> 54.187.91.182:443 [proto: 91/TLS][Stack: TLS][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 9][cat: Web/5][Breed: Safe][13 pkts/2823 bytes <-> 14 pkts/6552 bytes][Goodput ratio: 69/86][1.00 sec][Hostname/SNI: brahe.apptimize.com][(Advertised) ALPNs: http/1.1][(Negotiated) ALPN: http/1.1][bytes ratio: -0.398 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 58/60 176/183 76/72][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 217/468 1514/1514 380/570][nDPI Fingerprint: 2c3b31e61c3602b0305229f06a47f6d1][TCP Fingerprint: 2_64_65535_2e3cee914fc1/Unknown][TLSv1.2][JA4: t12d1409h1_c866b44c5a26_e08eabe7240f][ServerNames: *.apptimize.com,apptimize.com][JA3S: 8d2a028aa94425f76ced7826b1f39039][Issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Organization Validation Secure Server CA][Subject: C=US, ST=CA, L=Mountain View, O=Apptimize, Inc, OU=PremiumSSL Wildcard, CN=*.apptimize.com][Certificate SHA-1: BC:4C:8F:EC:8B:7B:85:BD:54:61:8B:C0:7B:E7:A2:69:0B:F2:49:E5][Firefox][Validity: 2016-02-11 00:00:00 - 2019-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 7,15,0,7,0,15,0,0,7,0,0,0,7,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,31,0,0]
4 TCP 192.168.0.17:33208 <-> 52.0.253.101:4244 [proto: 144/Viber][Stack: Viber][IP: 144/Viber][Encrypted][Confidence: Match by port][FPC: 144/Viber, Confidence: IP address][DPI packets: 19][cat: Chat/9][Breed: Fun][32 pkts/6563 bytes <-> 26 pkts/2782 bytes][Goodput ratio: 68/38][46.77 sec][bytes ratio: 0.405 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1220/1489 7187/7333 2090/2188][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 205/107 657/176 184/43][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: Entropy: 7.553 (Encrypted or Random?)][Plen Bins: 0,3,57,18,0,0,0,0,0,0,3,3,0,3,0,0,9,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 TCP 192.168.0.17:43702 <-> 172.217.23.78:443 [proto: 91.126/TLS.Google][Stack: TLS.Google][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 126/Google, Confidence: DNS][DPI packets: 6][cat: Web/5][Breed: Acceptable][15 pkts/5339 bytes <-> 12 pkts/3436 bytes][Goodput ratio: 81/77][33.94 sec][Hostname/SNI: app-measurement.com][(Advertised) ALPNs: http/1.1][(Negotiated) ALPN: http/1.1][bytes ratio: 0.217 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2821/2646 23555/23575 6838/7399][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 356/286 1038/884 370/258][nDPI Fingerprint: e3d68c37325eb98086177cbd6c26ed94][TCP Fingerprint: 2_64_65535_2e3cee914fc1/Unknown][TLSv1.2][JA4: t12d1410h1_c866b44c5a26_f88f2b2eb673][JA3S: 67619a80665d7ab92d1041b1d11f9164][Safari][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,7,0,0,0,7,0,0,0,0,0,0,40,0,0,0,7,0,0,0,0,0,0,7,0,15,7,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 6 TCP 192.168.0.17:36986 <-> 54.69.166.226:443 [proto: 91/TLS][Stack: TLS][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 9][cat: Web/5][Breed: Safe][11 pkts/1437 bytes <-> 11 pkts/6412 bytes][Goodput ratio: 49/89][1.01 sec][Hostname/SNI: mapi.apptimize.com][(Advertised) ALPNs: http/1.1][(Negotiated) ALPN: http/1.1][bytes ratio: -0.634 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 104/51 273/178 102/80][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 131/583 432/1514 112/601][nDPI Fingerprint: 2c3b31e61c3602b0305229f06a47f6d1][TCP Fingerprint: 2_64_65535_2e3cee914fc1/Unknown][TLSv1.2][JA4: t12d1409h1_c866b44c5a26_e08eabe7240f][ServerNames: *.apptimize.com,apptimize.com][JA3S: 8d2a028aa94425f76ced7826b1f39039][Issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Organization Validation Secure Server CA][Subject: C=US, ST=CA, L=Mountain View, O=Apptimize, Inc, OU=PremiumSSL Wildcard, CN=*.apptimize.com][Certificate SHA-1: BC:4C:8F:EC:8B:7B:85:BD:54:61:8B:C0:7B:E7:A2:69:0B:F2:49:E5][Firefox][Validity: 2016-02-11 00:00:00 - 2019-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 18,0,0,9,0,9,0,0,9,0,0,9,0,0,0,0,18,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,27,0,0]
+ 6 TCP 192.168.0.17:36986 <-> 54.69.166.226:443 [proto: 91/TLS][Stack: TLS][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 9][cat: Web/5][Breed: Safe][11 pkts/1437 bytes <-> 11 pkts/6412 bytes][Goodput ratio: 49/89][1.01 sec][Hostname/SNI: mapi.apptimize.com][(Advertised) ALPNs: http/1.1][(Negotiated) ALPN: http/1.1][bytes ratio: -0.634 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 104/51 273/178 102/80][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 131/583 432/1514 112/601][nDPI Fingerprint: 2c3b31e61c3602b0305229f06a47f6d1][TCP Fingerprint: 2_64_65535_2e3cee914fc1/Unknown][TLSv1.2][JA4: t12d1409h1_c866b44c5a26_e08eabe7240f][ServerNames: *.apptimize.com,apptimize.com][JA3S: 8d2a028aa94425f76ced7826b1f39039][Issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Organization Validation Secure Server CA][Subject: C=US, ST=CA, L=Mountain View, O=Apptimize, Inc, OU=PremiumSSL Wildcard, CN=*.apptimize.com][Certificate SHA-1: BC:4C:8F:EC:8B:7B:85:BD:54:61:8B:C0:7B:E7:A2:69:0B:F2:49:E5][Firefox][Validity: 2016-02-11 00:00:00 - 2019-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 18,0,0,9,0,9,0,0,9,0,0,9,0,0,0,0,18,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,27,0,0]
7 TCP 192.168.0.17:55746 <-> 151.101.1.130:443 [proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][Breed: Safe][10 pkts/1534 bytes <-> 9 pkts/6239 bytes][Goodput ratio: 55/90][0.23 sec][Hostname/SNI: venetia.iad.appboy.com][(Advertised) ALPNs: http/1.1][bytes ratio: -0.605 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 29/19 152/60 47/24][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 153/693 631/1514 169/616][nDPI Fingerprint: 2c3b31e61c3602b0305229f06a47f6d1][TCP Fingerprint: 2_64_65535_2e3cee914fc1/Unknown][TLSv1.2][JA4: t12d1409h1_c866b44c5a26_e08eabe7240f][Firefox][Plen Bins: 0,0,11,0,0,11,0,0,11,0,11,0,0,0,0,0,0,11,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0]
- 8 TCP 192.168.0.17:36988 <-> 54.69.166.226:443 [proto: 91/TLS][Stack: TLS][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 6][cat: Web/5][Breed: Safe][11 pkts/1462 bytes <-> 11 pkts/6163 bytes][Goodput ratio: 48/88][0.92 sec][Hostname/SNI: mapi.apptimize.com][(Advertised) ALPNs: http/1.1][bytes ratio: -0.617 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 93/53 185/189 87/84][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 133/560 433/1514 111/605][nDPI Fingerprint: 2c3b31e61c3602b0305229f06a47f6d1][TCP Fingerprint: 2_64_65535_2e3cee914fc1/Unknown][TLSv1.2][JA4: t12d1409h1_c866b44c5a26_e08eabe7240f][Firefox][Plen Bins: 18,0,0,9,0,9,0,0,18,0,0,9,0,0,0,0,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,27,0,0]
- 9 UDP 192.168.0.17:47171 <-> 18.201.4.32:7985 [proto: 144/Viber][Stack: Viber][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 144/Viber, Confidence: DPI][DPI packets: 1][cat: Chat/9][Breed: Fun][24 pkts/5035 bytes <-> 22 pkts/2302 bytes][Goodput ratio: 80/60][7.22 sec][bytes ratio: 0.372 (Upload)][IAT c2s/s2c min/avg/max/stddev: 15/15 304/334 529/529 209/188][Pkt Len c2s/s2c min/avg/max/stddev: 54/76 210/105 299/118 115/20][PLAIN TEXT (Android)][Plen Bins: 19,15,32,0,0,0,0,0,32,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 10 UDP 192.168.0.17:38190 <-> 18.201.4.3:7985 [proto: 144/Viber][Stack: Viber][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 144/Viber, Confidence: DPI][DPI packets: 1][cat: Chat/9][Breed: Fun][25 pkts/4344 bytes <-> 18 pkts/1872 bytes][Goodput ratio: 76/60][5.68 sec][bytes ratio: 0.398 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 203/279 513/531 233/236][Pkt Len c2s/s2c min/avg/max/stddev: 54/76 174/104 299/118 120/20][PLAIN TEXT (Android)][Plen Bins: 30,13,27,0,0,0,0,0,27,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 8 TCP 192.168.0.17:36988 <-> 54.69.166.226:443 [proto: 91/TLS][Stack: TLS][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 6][cat: Web/5][Breed: Safe][11 pkts/1462 bytes <-> 11 pkts/6163 bytes][Goodput ratio: 48/88][0.92 sec][Hostname/SNI: mapi.apptimize.com][(Advertised) ALPNs: http/1.1][bytes ratio: -0.617 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 93/53 185/189 87/84][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 133/560 433/1514 111/605][nDPI Fingerprint: 2c3b31e61c3602b0305229f06a47f6d1][TCP Fingerprint: 2_64_65535_2e3cee914fc1/Unknown][TLSv1.2][JA4: t12d1409h1_c866b44c5a26_e08eabe7240f][Firefox][Plen Bins: 18,0,0,9,0,9,0,0,18,0,0,9,0,0,0,0,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,27,0,0]
+ 9 UDP 192.168.0.17:47171 <-> 18.201.4.32:7985 [proto: 144/Viber][Stack: Viber][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 144/Viber, Confidence: DPI][DPI packets: 1][cat: Chat/9][Breed: Fun][24 pkts/5035 bytes <-> 22 pkts/2302 bytes][Goodput ratio: 80/60][7.22 sec][bytes ratio: 0.372 (Upload)][IAT c2s/s2c min/avg/max/stddev: 15/15 304/334 529/529 209/188][Pkt Len c2s/s2c min/avg/max/stddev: 54/76 210/105 299/118 115/20][PLAIN TEXT (Android)][Plen Bins: 19,15,32,0,0,0,0,0,32,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 10 UDP 192.168.0.17:38190 <-> 18.201.4.3:7985 [proto: 144/Viber][Stack: Viber][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 144/Viber, Confidence: DPI][DPI packets: 1][cat: Chat/9][Breed: Fun][25 pkts/4344 bytes <-> 18 pkts/1872 bytes][Goodput ratio: 76/60][5.68 sec][bytes ratio: 0.398 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 203/279 513/531 233/236][Pkt Len c2s/s2c min/avg/max/stddev: 54/76 174/104 299/118 120/20][PLAIN TEXT (Android)][Plen Bins: 30,13,27,0,0,0,0,0,27,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
11 TCP 192.168.2.100:48690 <-> 52.0.252.145:4244 [proto: 144/Viber][Stack: Viber][IP: 144/Viber][Encrypted][Confidence: DPI][FPC: 144/Viber, Confidence: IP address][DPI packets: 4][cat: Chat/9][Breed: Fun][7 pkts/679 bytes <-> 8 pkts/3857 bytes][Goodput ratio: 29/86][1.11 sec][bytes ratio: -0.701 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 201/136 711/814 261/303][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 97/482 167/1506 43/573][TCP Fingerprint: 2_64_65535_685ad951a756/Android][Plen Bins: 12,0,25,25,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,12,0,0]
12 ICMP 192.168.0.17:0 <-> 192.168.0.15:0 [proto: 81/ICMP][Stack: ICMP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 81/ICMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/1514 bytes <-> 1 pkts/1514 bytes][Goodput ratio: 97/97][< 1 sec][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: No server to client traffic / Entropy: 5.196 (Executable?)][PLAIN TEXT (1234567890ABCDEFGHIJKLMNOPQ)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0]
13 UDP 192.168.12.156:40482 <-> 18.195.4.121:443 [proto: 78.414/STUN.ViberVoip][Stack: STUN.ViberVoip][IP: 144/Viber][ClearText][Confidence: DPI][FPC: 78/STUN, Confidence: DPI][DPI packets: 7][cat: VoIP/10][Breed: Acceptable][8 pkts/1228 bytes <-> 7 pkts/854 bytes][Goodput ratio: 73/65][3.28 sec][Hostname/SNI: viber.com][bytes ratio: 0.180 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 542/643 3151/3151 1167/1254][Pkt Len c2s/s2c min/avg/max/stddev: 62/82 154/122 234/182 54/33][Mapped IP/Port: 93.35.169.150:33171][Peer IP/Port: 18.195.4.121:61359][Relayed IP/Port: 18.195.4.121:61894][PLAIN TEXT (BiKtdr0)][Plen Bins: 13,20,13,13,33,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
14 TCP 192.168.2.100:41184 <-> 52.0.252.2:5242 [proto: 144/Viber][Stack: Viber][IP: 144/Viber][Encrypted][Confidence: DPI][FPC: 144/Viber, Confidence: IP address][DPI packets: 4][cat: Chat/9][Breed: Fun][6 pkts/428 bytes <-> 5 pkts/854 bytes][Goodput ratio: 6/60][0.55 sec][bytes ratio: -0.332 (Download)][IAT c2s/s2c min/avg/max/stddev: 6/0 89/70 156/141 59/70][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 71/171 90/582 9/206][TCP Fingerprint: 2_64_65535_685ad951a756/Android][Plen Bins: 50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
15 UDP 192.168.0.17:62872 <-> 192.168.0.15:53 [proto: 5/DNS][Stack: DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][Breed: Acceptable][1 pkts/78 bytes <-> 1 pkts/373 bytes][Goodput ratio: 46/89][0.00 sec][Hostname/SNI: mapi.apptimize.com][54.69.166.226][DNS Id: 0xfd63][PLAIN TEXT (apptimize)][Plen Bins: 0,50,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 16 TCP 192.168.0.17:33744 <-> 18.201.4.3:443 [proto: 91/TLS][Stack: TLS][IP: 265/AmazonAWS][Encrypted][Confidence: Match by port][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 6][cat: Web/5][Breed: Safe][4 pkts/272 bytes <-> 2 pkts/140 bytes][Goodput ratio: 0/0][5.72 sec][bytes ratio: 0.320 (Upload)][IAT c2s/s2c min/avg/max/stddev: 34/0 1907/0 5652/0 2648/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 68/70 74/74 3/4][TCP Fingerprint: 2_64_65535_2e3cee914fc1/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 17 TCP 192.168.0.17:45424 <-> 18.201.4.32:443 [proto: 91/TLS][Stack: TLS][IP: 265/AmazonAWS][Encrypted][Confidence: Match by port][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 6][cat: Web/5][Breed: Safe][4 pkts/272 bytes <-> 2 pkts/140 bytes][Goodput ratio: 0/0][7.27 sec][bytes ratio: 0.320 (Upload)][IAT c2s/s2c min/avg/max/stddev: 34/0 2422/0 7191/0 3372/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 68/70 74/74 3/4][TCP Fingerprint: 2_64_65535_2e3cee914fc1/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 16 TCP 192.168.0.17:33744 <-> 18.201.4.3:443 [proto: 91/TLS][Stack: TLS][IP: 461/AWS_EC2][Encrypted][Confidence: Match by port][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 6][cat: Web/5][Breed: Safe][4 pkts/272 bytes <-> 2 pkts/140 bytes][Goodput ratio: 0/0][5.72 sec][bytes ratio: 0.320 (Upload)][IAT c2s/s2c min/avg/max/stddev: 34/0 1907/0 5652/0 2648/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 68/70 74/74 3/4][TCP Fingerprint: 2_64_65535_2e3cee914fc1/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 17 TCP 192.168.0.17:45424 <-> 18.201.4.32:443 [proto: 91/TLS][Stack: TLS][IP: 461/AWS_EC2][Encrypted][Confidence: Match by port][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 6][cat: Web/5][Breed: Safe][4 pkts/272 bytes <-> 2 pkts/140 bytes][Goodput ratio: 0/0][7.27 sec][bytes ratio: 0.320 (Upload)][IAT c2s/s2c min/avg/max/stddev: 34/0 2422/0 7191/0 3372/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 68/70 74/74 3/4][TCP Fingerprint: 2_64_65535_2e3cee914fc1/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
18 UDP 192.168.0.17:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][Stack: MDNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 8/MDNS, Confidence: DPI][DPI packets: 4][cat: Network/14][Breed: Acceptable][4 pkts/412 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][20.01 sec][Hostname/SNI: _805741c9._sub._googlecast._tcp.local][_805741c9._sub._googlecast._tcp.local][PLAIN TEXT (805741C)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
19 UDP 192.168.0.17:35283 <-> 192.168.0.15:53 [proto: 5/DNS][Stack: DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][Breed: Acceptable][1 pkts/74 bytes <-> 1 pkts/303 bytes][Goodput ratio: 43/86][0.00 sec][Hostname/SNI: app.adjust.com][178.162.219.58][DNS Id: 0xcb9c][PLAIN TEXT (adjust)][Plen Bins: 0,50,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
20 UDP 192.168.0.17:45743 <-> 192.168.0.15:53 [proto: 5/DNS][Stack: DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][Breed: Acceptable][1 pkts/78 bytes <-> 1 pkts/203 bytes][Goodput ratio: 46/79][0.00 sec][Hostname/SNI: graph.facebook.com][31.13.86.8][DNS Id: 0xe183][PLAIN TEXT (facebook)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -75,7 +75,7 @@ JA Host Stats:
24 UDP 192.168.0.17:41993 <-> 172.217.23.106:443 [proto: 188/QUIC][Stack: QUIC][IP: 126/Google][Encrypted][Confidence: Match by port][FPC: 126/Google, Confidence: IP address][DPI packets: 3][cat: Web/5][Breed: Acceptable][2 pkts/130 bytes <-> 1 pkts/64 bytes][Goodput ratio: 35/34][0.00 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
25 UDP 192.168.0.17:35331 <-> 192.168.0.15:53 [proto: 5/DNS][Stack: DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][Breed: Acceptable][1 pkts/79 bytes <-> 1 pkts/95 bytes][Goodput ratio: 46/55][0.02 sec][Hostname/SNI: app-measurement.com][172.217.23.78][DNS Id: 0xfd87][PLAIN TEXT (measurement)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
26 UDP 192.168.0.17:50097 <-> 192.168.0.15:53 [proto: 5/DNS][Stack: DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][Breed: Acceptable][1 pkts/74 bytes <-> 1 pkts/90 bytes][Goodput ratio: 43/53][0.00 sec][Hostname/SNI: www.google.com][216.58.205.100][DNS Id: 0x8842][PLAIN TEXT (google)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 27 TCP 192.168.2.100:42900 -> 44.192.202.74:4244 [proto: 144/Viber][Stack: Viber][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 144/Viber, Confidence: DPI][DPI packets: 1][cat: Chat/9][Breed: Fun][1 pkts/162 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 27 TCP 192.168.2.100:42900 -> 44.192.202.74:4244 [proto: 144/Viber][Stack: Viber][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 144/Viber, Confidence: DPI][DPI packets: 1][cat: Chat/9][Breed: Fun][1 pkts/162 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
28 ICMPV6 [fe80::3207:4dff:fea3:5fa7]:0 -> [ff02::2]:0 [proto: 102/ICMPV6][Stack: ICMPV6][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 102/ICMPV6, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][2 pkts/140 bytes -> 0 pkts/0 bytes][Goodput ratio: 11/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 29 UDP 192.168.0.17:38190 <-> 18.201.4.3:7987 [proto: 144/Viber][Stack: Viber][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 144/Viber, Confidence: DPI][DPI packets: 1][cat: Chat/9][Breed: Fun][1 pkts/76 bytes <-> 1 pkts/62 bytes][Goodput ratio: 44/32][0.03 sec][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 30 UDP 192.168.0.17:47171 <-> 18.201.4.32:7987 [proto: 144/Viber][Stack: Viber][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 144/Viber, Confidence: DPI][DPI packets: 1][cat: Chat/9][Breed: Fun][1 pkts/76 bytes <-> 1 pkts/62 bytes][Goodput ratio: 44/32][0.03 sec][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 29 UDP 192.168.0.17:38190 <-> 18.201.4.3:7987 [proto: 144/Viber][Stack: Viber][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 144/Viber, Confidence: DPI][DPI packets: 1][cat: Chat/9][Breed: Fun][1 pkts/76 bytes <-> 1 pkts/62 bytes][Goodput ratio: 44/32][0.03 sec][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 30 UDP 192.168.0.17:47171 <-> 18.201.4.32:7987 [proto: 144/Viber][Stack: Viber][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 144/Viber, Confidence: DPI][DPI packets: 1][cat: Chat/9][Breed: Fun][1 pkts/76 bytes <-> 1 pkts/62 bytes][Goodput ratio: 44/32][0.03 sec][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/waze.pcap.out b/tests/cfgs/default/result/waze.pcap.out
index c272b829e..a404d3939 100644
--- a/tests/cfgs/default/result/waze.pcap.out
+++ b/tests/cfgs/default/result/waze.pcap.out
@@ -47,28 +47,28 @@ JA Host Stats:
1 10.8.0.1 2
- 1 TCP 10.8.0.1:36100 <-> 46.51.173.182:443 [proto: 91.135/TLS.Waze][Stack: TLS.Waze][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 6][cat: Web/5][Breed: Acceptable][52 pkts/10860 bytes <-> 55 pkts/74852 bytes][Goodput ratio: 74/96][19.68 sec][bytes ratio: -0.747 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 288/329 3806/5018 686/820][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 209/1361 590/17258 183/3378][Risk: ** Obsolete TLS (v1.1 or older) **** Weak TLS Cipher **][Risk Score: 200][Risk Info: Cipher TLS_RSA_WITH_AES_256_CBC_SHA / TLSv1][nDPI Fingerprint: 126eed69a38ebd23005a494940abe14f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1][JA4: t10i320300_771403ec58f7_a875e5012fde][ServerNames: *.world.waze.com][JA3S: 714ac86d50db68420429ca897688f5f3][Issuer: C=US, O=Google Inc, CN=Google Internet Authority G2][Subject: C=US, ST=California, L=Mountain View, O=Google Inc, CN=*.world.waze.com][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2014-11-06 16:09:20 - 2015-11-06 16:09:20][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA][Plen Bins: 0,5,0,0,21,1,5,3,3,1,10,1,0,0,0,0,14,0,0,0,0,0,1,0,1,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,23]
+ 1 TCP 10.8.0.1:36100 <-> 46.51.173.182:443 [proto: 91.135/TLS.Waze][Stack: TLS.Waze][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 6][cat: Web/5][Breed: Acceptable][52 pkts/10860 bytes <-> 55 pkts/74852 bytes][Goodput ratio: 74/96][19.68 sec][bytes ratio: -0.747 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 288/329 3806/5018 686/820][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 209/1361 590/17258 183/3378][Risk: ** Obsolete TLS (v1.1 or older) **** Weak TLS Cipher **][Risk Score: 200][Risk Info: Cipher TLS_RSA_WITH_AES_256_CBC_SHA / TLSv1][nDPI Fingerprint: 126eed69a38ebd23005a494940abe14f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1][JA4: t10i320300_771403ec58f7_a875e5012fde][ServerNames: *.world.waze.com][JA3S: 714ac86d50db68420429ca897688f5f3][Issuer: C=US, O=Google Inc, CN=Google Internet Authority G2][Subject: C=US, ST=California, L=Mountain View, O=Google Inc, CN=*.world.waze.com][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2014-11-06 16:09:20 - 2015-11-06 16:09:20][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA][Plen Bins: 0,5,0,0,21,1,5,3,3,1,10,1,0,0,0,0,14,0,0,0,0,0,1,0,1,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,23]
2 TCP 10.8.0.1:54915 <-> 65.39.128.135:80 [proto: 7/HTTP][Stack: HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Download/7][Breed: Acceptable][19 pkts/1309 bytes <-> 18 pkts/61896 bytes][Goodput ratio: 20/98][5.27 sec][Hostname/SNI: xtra1.gpsonextra.net][bytes ratio: -0.959 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 321/373 3680/3677 903/960][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 69/3439 317/11833 59/3468][URL: xtra1.gpsonextra.net/xtra2.bin][StatusCode: 200][Content-Type: application/octet-stream][Server: Cherokee][User-Agent: Android][Risk: ** Binary File/Data Transfer (Attempt) **][Risk Score: 50][Risk Info: Found binary mime octet-stream][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (GET /xtra)][Plen Bins: 0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,21,0,0,0,0,71]
- 3 TCP 10.8.0.1:39021 <-> 52.17.114.219:443 [proto: 91.135/TLS.Waze][Stack: TLS.Waze][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 8][cat: Web/5][Breed: Acceptable][17 pkts/1962 bytes <-> 16 pkts/56934 bytes][Goodput ratio: 52/98][2.64 sec][bytes ratio: -0.933 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 155/189 387/415 137/131][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 115/3558 590/21942 132/6125][Risk: ** Obsolete TLS (v1.1 or older) **][Risk Score: 100][Risk Info: TLSv1][nDPI Fingerprint: 126eed69a38ebd23005a494940abe14f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1][JA4: t10i320300_771403ec58f7_a875e5012fde][ServerNames: *.world.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Issuer: C=US, O=Google Inc, CN=Google Internet Authority G2][Subject: C=US, ST=California, L=Mountain View, O=Google Inc, CN=*.world.waze.com][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2014-11-06 16:09:20 - 2015-11-06 16:09:20][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 7,0,0,0,15,7,0,7,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,15,0,0,0,0,39]
- 4 TCP 10.8.0.1:36312 <-> 176.34.186.180:443 [proto: 91.135/TLS.Waze][Stack: TLS.Waze][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 8][cat: Web/5][Breed: Acceptable][17 pkts/2176 bytes <-> 15 pkts/42443 bytes][Goodput ratio: 57/98][3.70 sec][bytes ratio: -0.902 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 218/126 1449/293 383/116][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 128/2830 590/11186 147/3901][Risk: ** Obsolete TLS (v1.1 or older) **][Risk Score: 100][Risk Info: TLSv1][nDPI Fingerprint: 126eed69a38ebd23005a494940abe14f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1][JA4: t10i320300_771403ec58f7_a875e5012fde][ServerNames: *.world.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Issuer: C=US, O=Google Inc, CN=Google Internet Authority G2][Subject: C=US, ST=California, L=Mountain View, O=Google Inc, CN=*.world.waze.com][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2014-11-06 16:09:20 - 2015-11-06 16:09:20][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,7,0,0,7,7,0,7,0,0,7,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,21,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,35]
- 5 TCP 10.8.0.1:36316 <-> 176.34.186.180:443 [proto: 91.135/TLS.Waze][Stack: TLS.Waze][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 6][cat: Web/5][Breed: Acceptable][15 pkts/1540 bytes <-> 13 pkts/26346 bytes][Goodput ratio: 46/97][3.22 sec][bytes ratio: -0.890 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 237/155 1289/609 359/182][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 103/2027 411/8150 98/2612][Risk: ** Obsolete TLS (v1.1 or older) **][Risk Score: 100][Risk Info: TLSv1][nDPI Fingerprint: 126eed69a38ebd23005a494940abe14f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1][JA4: t10i320300_771403ec58f7_a875e5012fde][ServerNames: *.world.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Issuer: C=US, O=Google Inc, CN=Google Internet Authority G2][Subject: C=US, ST=California, L=Mountain View, O=Google Inc, CN=*.world.waze.com][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2014-11-06 16:09:20 - 2015-11-06 16:09:20][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,8,0,0,8,8,0,8,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33]
- 6 TCP 10.8.0.1:36102 <-> 46.51.173.182:443 [proto: 91.135/TLS.Waze][Stack: TLS.Waze][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 8][cat: Web/5][Breed: Acceptable][19 pkts/2646 bytes <-> 18 pkts/9338 bytes][Goodput ratio: 60/90][15.91 sec][bytes ratio: -0.558 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 578/1210 5838/5890 1445/1892][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 139/519 555/3660 141/939][Risk: ** Obsolete TLS (v1.1 or older) **** Weak TLS Cipher **][Risk Score: 200][Risk Info: Cipher TLS_RSA_WITH_AES_256_CBC_SHA / TLSv1][nDPI Fingerprint: 126eed69a38ebd23005a494940abe14f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1][JA4: t10i320300_771403ec58f7_a875e5012fde][ServerNames: *.world.waze.com][JA3S: 714ac86d50db68420429ca897688f5f3][Issuer: C=US, O=Google Inc, CN=Google Internet Authority G2][Subject: C=US, ST=California, L=Mountain View, O=Google Inc, CN=*.world.waze.com][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2014-11-06 16:09:20 - 2015-11-06 16:09:20][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA][Plen Bins: 0,14,0,0,7,14,0,7,14,0,7,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14]
- 7 TCP 10.8.0.1:39010 <-> 52.17.114.219:443 [proto: 91.135/TLS.Waze][Stack: TLS.Waze][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 6][cat: Web/5][Breed: Acceptable][8 pkts/1034 bytes <-> 8 pkts/8151 bytes][Goodput ratio: 56/95][1.29 sec][bytes ratio: -0.775 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/1 162/196 343/348 153/133][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 129/1019 283/4048 87/1610][Risk: ** Obsolete TLS (v1.1 or older) **][Risk Score: 100][Risk Info: TLSv1][nDPI Fingerprint: 126eed69a38ebd23005a494940abe14f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1][JA4: t10i320300_771403ec58f7_a875e5012fde][ServerNames: *.world.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Issuer: C=US, O=Google Inc, CN=Google Internet Authority G2][Subject: C=US, ST=California, L=Mountain View, O=Google Inc, CN=*.world.waze.com][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2014-11-06 16:09:20 - 2015-11-06 16:09:20][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,14,0,0,14,14,0,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,28]
- 8 TCP 10.8.0.1:51049 <-> 176.34.103.105:443 [proto: 91.135/TLS.Waze][Stack: TLS.Waze][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 10][cat: Web/5][Breed: Acceptable][12 pkts/1282 bytes <-> 11 pkts/6541 bytes][Goodput ratio: 48/91][3.03 sec][bytes ratio: -0.672 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/5 298/361 1175/1175 372/355][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 107/595 315/1422 85/584][Risk: ** Obsolete TLS (v1.1 or older) **][Risk Score: 100][Risk Info: TLSv1][nDPI Fingerprint: 126eed69a38ebd23005a494940abe14f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1][JA4: t10i320300_771403ec58f7_a875e5012fde][ServerNames: *.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Issuer: C=US, O=Google Inc, CN=Google Internet Authority G2][Subject: C=US, ST=California, L=Mountain View, O=Google Inc, CN=*.waze.com][Certificate SHA-1: A9:35:F0:16:17:A3:FD:73:EC:0C:03:24:F8:34:5A:8A:B3:D7:8D:57][Validity: 2015-01-12 13:36:11 - 2015-12-31 00:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,10,0,0,10,10,0,10,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,30,0,0,0,0,0]
- 9 TCP 10.8.0.1:51051 <-> 176.34.103.105:443 [proto: 91.135/TLS.Waze][Stack: TLS.Waze][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 8][cat: Web/5][Breed: Acceptable][11 pkts/1228 bytes <-> 10 pkts/6487 bytes][Goodput ratio: 50/92][2.56 sec][bytes ratio: -0.682 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 283/306 1174/1173 370/349][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 112/649 315/2165 88/739][Risk: ** Obsolete TLS (v1.1 or older) **][Risk Score: 100][Risk Info: TLSv1][nDPI Fingerprint: 126eed69a38ebd23005a494940abe14f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1][JA4: t10i320300_771403ec58f7_a875e5012fde][ServerNames: *.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Issuer: C=US, O=Google Inc, CN=Google Internet Authority G2][Subject: C=US, ST=California, L=Mountain View, O=Google Inc, CN=*.waze.com][Certificate SHA-1: A9:35:F0:16:17:A3:FD:73:EC:0C:03:24:F8:34:5A:8A:B3:D7:8D:57][Validity: 2015-01-12 13:36:11 - 2015-12-31 00:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,11,0,0,11,11,0,11,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,22,0,0,0,0,11]
- 10 TCP 10.8.0.1:36134 <-> 46.51.173.182:443 [proto: 91.135/TLS.Waze][Stack: TLS.Waze][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 6][cat: Web/5][Breed: Acceptable][12 pkts/1650 bytes <-> 12 pkts/4935 bytes][Goodput ratio: 59/87][6.85 sec][bytes ratio: -0.499 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 729/963 4966/4966 1534/1663][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 138/411 380/3201 124/875][Risk: ** Obsolete TLS (v1.1 or older) **** Weak TLS Cipher **][Risk Score: 200][Risk Info: Cipher TLS_RSA_WITH_AES_256_CBC_SHA / TLSv1][nDPI Fingerprint: 126eed69a38ebd23005a494940abe14f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1][JA4: t10i320300_771403ec58f7_a875e5012fde][ServerNames: *.world.waze.com][JA3S: 714ac86d50db68420429ca897688f5f3][Issuer: C=US, O=Google Inc, CN=Google Internet Authority G2][Subject: C=US, ST=California, L=Mountain View, O=Google Inc, CN=*.world.waze.com][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2014-11-06 16:09:20 - 2015-11-06 16:09:20][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA][Plen Bins: 0,12,0,0,12,12,0,12,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12]
- 11 TCP 10.8.0.1:36137 <-> 46.51.173.182:443 [proto: 91.135/TLS.Waze][Stack: TLS.Waze][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 8][cat: Web/5][Breed: Acceptable][12 pkts/1522 bytes <-> 11 pkts/4220 bytes][Goodput ratio: 56/86][2.36 sec][bytes ratio: -0.470 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 196/195 883/537 286/190][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 127/384 380/2189 107/640][Risk: ** Obsolete TLS (v1.1 or older) **** Weak TLS Cipher **][Risk Score: 200][Risk Info: Cipher TLS_RSA_WITH_AES_256_CBC_SHA / TLSv1][nDPI Fingerprint: 126eed69a38ebd23005a494940abe14f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1][JA4: t10i320300_771403ec58f7_a875e5012fde][ServerNames: *.world.waze.com][JA3S: 714ac86d50db68420429ca897688f5f3][Issuer: C=US, O=Google Inc, CN=Google Internet Authority G2][Subject: C=US, ST=California, L=Mountain View, O=Google Inc, CN=*.world.waze.com][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2014-11-06 16:09:20 - 2015-11-06 16:09:20][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA][Plen Bins: 0,0,0,0,12,12,12,25,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12]
- 12 TCP 10.8.0.1:36314 <-> 176.34.186.180:443 [proto: 91.135/TLS.Waze][Stack: TLS.Waze][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 8][cat: Web/5][Breed: Acceptable][11 pkts/1260 bytes <-> 9 pkts/4413 bytes][Goodput ratio: 51/89][3.32 sec][bytes ratio: -0.556 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 335/261 1332/645 428/236][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 115/490 347/2533 95/785][Risk: ** Obsolete TLS (v1.1 or older) **][Risk Score: 100][Risk Info: TLSv1][nDPI Fingerprint: 126eed69a38ebd23005a494940abe14f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1][JA4: t10i320300_771403ec58f7_a875e5012fde][ServerNames: *.world.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Issuer: C=US, O=Google Inc, CN=Google Internet Authority G2][Subject: C=US, ST=California, L=Mountain View, O=Google Inc, CN=*.world.waze.com][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2014-11-06 16:09:20 - 2015-11-06 16:09:20][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,12,0,0,12,12,12,12,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12]
- 13 TCP 10.8.0.1:51050 <-> 176.34.103.105:443 [proto: 91.135/TLS.Waze][Stack: TLS.Waze][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 8][cat: Web/5][Breed: Acceptable][9 pkts/1184 bytes <-> 9 pkts/4369 bytes][Goodput ratio: 57/89][2.45 sec][bytes ratio: -0.574 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 300/341 1397/1346 459/421][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 132/485 379/2165 108/725][Risk: ** Obsolete TLS (v1.1 or older) **][Risk Score: 100][Risk Info: TLSv1][nDPI Fingerprint: 126eed69a38ebd23005a494940abe14f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1][JA4: t10i320300_771403ec58f7_a875e5012fde][ServerNames: *.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Issuer: C=US, O=Google Inc, CN=Google Internet Authority G2][Subject: C=US, ST=California, L=Mountain View, O=Google Inc, CN=*.waze.com][Certificate SHA-1: A9:35:F0:16:17:A3:FD:73:EC:0C:03:24:F8:34:5A:8A:B3:D7:8D:57][Validity: 2015-01-12 13:36:11 - 2015-12-31 00:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,12,0,0,12,25,0,12,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,12]
- 14 TCP 10.8.0.1:45529 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][Stack: HTTP.Waze][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 8][cat: Web/5][Breed: Acceptable][9 pkts/591 bytes <-> 8 pkts/3424 bytes][Goodput ratio: 14/87][0.53 sec][Hostname/SNI: roadshields.waze.com][bytes ratio: -0.706 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/3 75/105 261/274 89/92][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 66/428 137/1678 26/651][URL: roadshields.waze.com/images/HD/CH2.png][StatusCode: 200][Content-Type: image/png][Server: AmazonS3][User-Agent: /3.9.4.0][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (GET /images/HD/CH)][Plen Bins: 25,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,25]
+ 3 TCP 10.8.0.1:39021 <-> 52.17.114.219:443 [proto: 91.135/TLS.Waze][Stack: TLS.Waze][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 8][cat: Web/5][Breed: Acceptable][17 pkts/1962 bytes <-> 16 pkts/56934 bytes][Goodput ratio: 52/98][2.64 sec][bytes ratio: -0.933 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 155/189 387/415 137/131][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 115/3558 590/21942 132/6125][Risk: ** Obsolete TLS (v1.1 or older) **][Risk Score: 100][Risk Info: TLSv1][nDPI Fingerprint: 126eed69a38ebd23005a494940abe14f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1][JA4: t10i320300_771403ec58f7_a875e5012fde][ServerNames: *.world.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Issuer: C=US, O=Google Inc, CN=Google Internet Authority G2][Subject: C=US, ST=California, L=Mountain View, O=Google Inc, CN=*.world.waze.com][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2014-11-06 16:09:20 - 2015-11-06 16:09:20][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 7,0,0,0,15,7,0,7,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,15,0,0,0,0,39]
+ 4 TCP 10.8.0.1:36312 <-> 176.34.186.180:443 [proto: 91.135/TLS.Waze][Stack: TLS.Waze][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 8][cat: Web/5][Breed: Acceptable][17 pkts/2176 bytes <-> 15 pkts/42443 bytes][Goodput ratio: 57/98][3.70 sec][bytes ratio: -0.902 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 218/126 1449/293 383/116][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 128/2830 590/11186 147/3901][Risk: ** Obsolete TLS (v1.1 or older) **][Risk Score: 100][Risk Info: TLSv1][nDPI Fingerprint: 126eed69a38ebd23005a494940abe14f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1][JA4: t10i320300_771403ec58f7_a875e5012fde][ServerNames: *.world.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Issuer: C=US, O=Google Inc, CN=Google Internet Authority G2][Subject: C=US, ST=California, L=Mountain View, O=Google Inc, CN=*.world.waze.com][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2014-11-06 16:09:20 - 2015-11-06 16:09:20][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,7,0,0,7,7,0,7,0,0,7,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,21,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,35]
+ 5 TCP 10.8.0.1:36316 <-> 176.34.186.180:443 [proto: 91.135/TLS.Waze][Stack: TLS.Waze][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 6][cat: Web/5][Breed: Acceptable][15 pkts/1540 bytes <-> 13 pkts/26346 bytes][Goodput ratio: 46/97][3.22 sec][bytes ratio: -0.890 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 237/155 1289/609 359/182][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 103/2027 411/8150 98/2612][Risk: ** Obsolete TLS (v1.1 or older) **][Risk Score: 100][Risk Info: TLSv1][nDPI Fingerprint: 126eed69a38ebd23005a494940abe14f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1][JA4: t10i320300_771403ec58f7_a875e5012fde][ServerNames: *.world.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Issuer: C=US, O=Google Inc, CN=Google Internet Authority G2][Subject: C=US, ST=California, L=Mountain View, O=Google Inc, CN=*.world.waze.com][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2014-11-06 16:09:20 - 2015-11-06 16:09:20][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,8,0,0,8,8,0,8,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33]
+ 6 TCP 10.8.0.1:36102 <-> 46.51.173.182:443 [proto: 91.135/TLS.Waze][Stack: TLS.Waze][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 8][cat: Web/5][Breed: Acceptable][19 pkts/2646 bytes <-> 18 pkts/9338 bytes][Goodput ratio: 60/90][15.91 sec][bytes ratio: -0.558 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 578/1210 5838/5890 1445/1892][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 139/519 555/3660 141/939][Risk: ** Obsolete TLS (v1.1 or older) **** Weak TLS Cipher **][Risk Score: 200][Risk Info: Cipher TLS_RSA_WITH_AES_256_CBC_SHA / TLSv1][nDPI Fingerprint: 126eed69a38ebd23005a494940abe14f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1][JA4: t10i320300_771403ec58f7_a875e5012fde][ServerNames: *.world.waze.com][JA3S: 714ac86d50db68420429ca897688f5f3][Issuer: C=US, O=Google Inc, CN=Google Internet Authority G2][Subject: C=US, ST=California, L=Mountain View, O=Google Inc, CN=*.world.waze.com][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2014-11-06 16:09:20 - 2015-11-06 16:09:20][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA][Plen Bins: 0,14,0,0,7,14,0,7,14,0,7,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14]
+ 7 TCP 10.8.0.1:39010 <-> 52.17.114.219:443 [proto: 91.135/TLS.Waze][Stack: TLS.Waze][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 6][cat: Web/5][Breed: Acceptable][8 pkts/1034 bytes <-> 8 pkts/8151 bytes][Goodput ratio: 56/95][1.29 sec][bytes ratio: -0.775 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/1 162/196 343/348 153/133][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 129/1019 283/4048 87/1610][Risk: ** Obsolete TLS (v1.1 or older) **][Risk Score: 100][Risk Info: TLSv1][nDPI Fingerprint: 126eed69a38ebd23005a494940abe14f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1][JA4: t10i320300_771403ec58f7_a875e5012fde][ServerNames: *.world.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Issuer: C=US, O=Google Inc, CN=Google Internet Authority G2][Subject: C=US, ST=California, L=Mountain View, O=Google Inc, CN=*.world.waze.com][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2014-11-06 16:09:20 - 2015-11-06 16:09:20][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,14,0,0,14,14,0,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,28]
+ 8 TCP 10.8.0.1:51049 <-> 176.34.103.105:443 [proto: 91.135/TLS.Waze][Stack: TLS.Waze][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 10][cat: Web/5][Breed: Acceptable][12 pkts/1282 bytes <-> 11 pkts/6541 bytes][Goodput ratio: 48/91][3.03 sec][bytes ratio: -0.672 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/5 298/361 1175/1175 372/355][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 107/595 315/1422 85/584][Risk: ** Obsolete TLS (v1.1 or older) **][Risk Score: 100][Risk Info: TLSv1][nDPI Fingerprint: 126eed69a38ebd23005a494940abe14f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1][JA4: t10i320300_771403ec58f7_a875e5012fde][ServerNames: *.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Issuer: C=US, O=Google Inc, CN=Google Internet Authority G2][Subject: C=US, ST=California, L=Mountain View, O=Google Inc, CN=*.waze.com][Certificate SHA-1: A9:35:F0:16:17:A3:FD:73:EC:0C:03:24:F8:34:5A:8A:B3:D7:8D:57][Validity: 2015-01-12 13:36:11 - 2015-12-31 00:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,10,0,0,10,10,0,10,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,30,0,0,0,0,0]
+ 9 TCP 10.8.0.1:51051 <-> 176.34.103.105:443 [proto: 91.135/TLS.Waze][Stack: TLS.Waze][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 8][cat: Web/5][Breed: Acceptable][11 pkts/1228 bytes <-> 10 pkts/6487 bytes][Goodput ratio: 50/92][2.56 sec][bytes ratio: -0.682 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 283/306 1174/1173 370/349][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 112/649 315/2165 88/739][Risk: ** Obsolete TLS (v1.1 or older) **][Risk Score: 100][Risk Info: TLSv1][nDPI Fingerprint: 126eed69a38ebd23005a494940abe14f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1][JA4: t10i320300_771403ec58f7_a875e5012fde][ServerNames: *.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Issuer: C=US, O=Google Inc, CN=Google Internet Authority G2][Subject: C=US, ST=California, L=Mountain View, O=Google Inc, CN=*.waze.com][Certificate SHA-1: A9:35:F0:16:17:A3:FD:73:EC:0C:03:24:F8:34:5A:8A:B3:D7:8D:57][Validity: 2015-01-12 13:36:11 - 2015-12-31 00:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,11,0,0,11,11,0,11,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,22,0,0,0,0,11]
+ 10 TCP 10.8.0.1:36134 <-> 46.51.173.182:443 [proto: 91.135/TLS.Waze][Stack: TLS.Waze][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 6][cat: Web/5][Breed: Acceptable][12 pkts/1650 bytes <-> 12 pkts/4935 bytes][Goodput ratio: 59/87][6.85 sec][bytes ratio: -0.499 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 729/963 4966/4966 1534/1663][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 138/411 380/3201 124/875][Risk: ** Obsolete TLS (v1.1 or older) **** Weak TLS Cipher **][Risk Score: 200][Risk Info: Cipher TLS_RSA_WITH_AES_256_CBC_SHA / TLSv1][nDPI Fingerprint: 126eed69a38ebd23005a494940abe14f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1][JA4: t10i320300_771403ec58f7_a875e5012fde][ServerNames: *.world.waze.com][JA3S: 714ac86d50db68420429ca897688f5f3][Issuer: C=US, O=Google Inc, CN=Google Internet Authority G2][Subject: C=US, ST=California, L=Mountain View, O=Google Inc, CN=*.world.waze.com][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2014-11-06 16:09:20 - 2015-11-06 16:09:20][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA][Plen Bins: 0,12,0,0,12,12,0,12,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12]
+ 11 TCP 10.8.0.1:36137 <-> 46.51.173.182:443 [proto: 91.135/TLS.Waze][Stack: TLS.Waze][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 8][cat: Web/5][Breed: Acceptable][12 pkts/1522 bytes <-> 11 pkts/4220 bytes][Goodput ratio: 56/86][2.36 sec][bytes ratio: -0.470 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 196/195 883/537 286/190][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 127/384 380/2189 107/640][Risk: ** Obsolete TLS (v1.1 or older) **** Weak TLS Cipher **][Risk Score: 200][Risk Info: Cipher TLS_RSA_WITH_AES_256_CBC_SHA / TLSv1][nDPI Fingerprint: 126eed69a38ebd23005a494940abe14f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1][JA4: t10i320300_771403ec58f7_a875e5012fde][ServerNames: *.world.waze.com][JA3S: 714ac86d50db68420429ca897688f5f3][Issuer: C=US, O=Google Inc, CN=Google Internet Authority G2][Subject: C=US, ST=California, L=Mountain View, O=Google Inc, CN=*.world.waze.com][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2014-11-06 16:09:20 - 2015-11-06 16:09:20][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA][Plen Bins: 0,0,0,0,12,12,12,25,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12]
+ 12 TCP 10.8.0.1:36314 <-> 176.34.186.180:443 [proto: 91.135/TLS.Waze][Stack: TLS.Waze][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 8][cat: Web/5][Breed: Acceptable][11 pkts/1260 bytes <-> 9 pkts/4413 bytes][Goodput ratio: 51/89][3.32 sec][bytes ratio: -0.556 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 335/261 1332/645 428/236][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 115/490 347/2533 95/785][Risk: ** Obsolete TLS (v1.1 or older) **][Risk Score: 100][Risk Info: TLSv1][nDPI Fingerprint: 126eed69a38ebd23005a494940abe14f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1][JA4: t10i320300_771403ec58f7_a875e5012fde][ServerNames: *.world.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Issuer: C=US, O=Google Inc, CN=Google Internet Authority G2][Subject: C=US, ST=California, L=Mountain View, O=Google Inc, CN=*.world.waze.com][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2014-11-06 16:09:20 - 2015-11-06 16:09:20][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,12,0,0,12,12,12,12,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12]
+ 13 TCP 10.8.0.1:51050 <-> 176.34.103.105:443 [proto: 91.135/TLS.Waze][Stack: TLS.Waze][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 8][cat: Web/5][Breed: Acceptable][9 pkts/1184 bytes <-> 9 pkts/4369 bytes][Goodput ratio: 57/89][2.45 sec][bytes ratio: -0.574 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 300/341 1397/1346 459/421][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 132/485 379/2165 108/725][Risk: ** Obsolete TLS (v1.1 or older) **][Risk Score: 100][Risk Info: TLSv1][nDPI Fingerprint: 126eed69a38ebd23005a494940abe14f][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1][JA4: t10i320300_771403ec58f7_a875e5012fde][ServerNames: *.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Issuer: C=US, O=Google Inc, CN=Google Internet Authority G2][Subject: C=US, ST=California, L=Mountain View, O=Google Inc, CN=*.waze.com][Certificate SHA-1: A9:35:F0:16:17:A3:FD:73:EC:0C:03:24:F8:34:5A:8A:B3:D7:8D:57][Validity: 2015-01-12 13:36:11 - 2015-12-31 00:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,12,0,0,12,25,0,12,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,12]
+ 14 TCP 10.8.0.1:45529 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][Stack: HTTP.Waze][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 464/AWS_Cloudfront, Confidence: IP address][DPI packets: 8][cat: Web/5][Breed: Acceptable][9 pkts/591 bytes <-> 8 pkts/3424 bytes][Goodput ratio: 14/87][0.53 sec][Hostname/SNI: roadshields.waze.com][bytes ratio: -0.706 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/3 75/105 261/274 89/92][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 66/428 137/1678 26/651][URL: roadshields.waze.com/images/HD/CH2.png][StatusCode: 200][Content-Type: image/png][Server: AmazonS3][User-Agent: /3.9.4.0][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (GET /images/HD/CH)][Plen Bins: 25,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,25]
15 TCP 10.8.0.1:36585 <-> 173.194.118.48:443 [proto: 91/TLS][Stack: TLS][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 126/Google, Confidence: IP address][DPI packets: 6][cat: Web/5][Breed: Safe][7 pkts/1137 bytes <-> 6 pkts/1005 bytes][Goodput ratio: 65/68][0.40 sec][bytes ratio: 0.062 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/2 32/74 53/188 24/69][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 162/168 572/602 177/200][Risk: ** Obsolete TLS (v1.1 or older) **** Weak TLS Cipher **][Risk Score: 200][Risk Info: Cipher TLS_ECDHE_RSA_WITH_RC4_128_SHA / TLSv1][nDPI Fingerprint: d8b65c2b6c348c9813c4a1a3a5bd1c18][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1][JA4: t10i140200_37d7d24289bf_33a13ba74d1c][JA3S: 23f1f6e2f0015c166df49fdab4280370][Cipher: TLS_ECDHE_RSA_WITH_RC4_128_SHA][Plen Bins: 0,20,0,0,20,20,0,0,0,0,0,0,0,0,0,0,20,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 16 TCP 10.8.0.1:45536 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][Stack: HTTP.Waze][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 8][cat: Web/5][Breed: Acceptable][8 pkts/594 bytes <-> 7 pkts/771 bytes][Goodput ratio: 24/51][0.14 sec][Hostname/SNI: cres.waze.com][bytes ratio: -0.130 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 23/29 134/84 50/39][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 74/110 194/447 46/138][URL: cres.waze.com/lang_asr/lang.portuguese_br_asr][StatusCode: 304][Server: AmazonS3][User-Agent: /3.9.4.0][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (GET /lang)][Plen Bins: 33,0,0,0,33,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 16 TCP 10.8.0.1:45536 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][Stack: HTTP.Waze][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 464/AWS_Cloudfront, Confidence: IP address][DPI packets: 8][cat: Web/5][Breed: Acceptable][8 pkts/594 bytes <-> 7 pkts/771 bytes][Goodput ratio: 24/51][0.14 sec][Hostname/SNI: cres.waze.com][bytes ratio: -0.130 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 23/29 134/84 50/39][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 74/110 194/447 46/138][URL: cres.waze.com/lang_asr/lang.portuguese_br_asr][StatusCode: 304][Server: AmazonS3][User-Agent: /3.9.4.0][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (GET /lang)][Plen Bins: 33,0,0,0,33,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
17 TCP 10.8.0.1:50828 <-> 108.168.176.228:443 [proto: 142/WhatsApp][Stack: WhatsApp][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 4][cat: Chat/9][Breed: Acceptable][8 pkts/673 bytes <-> 7 pkts/668 bytes][Goodput ratio: 33/43][0.55 sec][bytes ratio: 0.004 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/9 80/98 289/238 106/83][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 84/95 222/245 53/67][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (Android)][Plen Bins: 50,0,16,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 18 TCP 10.8.0.1:45546 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][Stack: HTTP.Waze][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 8][cat: Web/5][Breed: Acceptable][7 pkts/557 bytes <-> 7 pkts/771 bytes][Goodput ratio: 28/51][0.54 sec][Hostname/SNI: cres.waze.com][bytes ratio: -0.161 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 105/174 394/397 152/166][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 80/110 211/447 54/138][URL: cres.waze.com/newVconfig/1.0/3/prompts_conf.buf?rtserver-id=15][StatusCode: 304][Server: AmazonS3][User-Agent: /3.9.4.0][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (GET /newV)][Plen Bins: 33,0,0,0,33,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 19 TCP 10.8.0.1:45538 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][Stack: HTTP.Waze][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 8][cat: Web/5][Breed: Acceptable][7 pkts/555 bytes <-> 7 pkts/771 bytes][Goodput ratio: 28/51][0.29 sec][Hostname/SNI: cres.waze.com][bytes ratio: -0.163 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 42/70 177/177 68/77][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 79/110 209/447 53/138][URL: cres.waze.com/lang_tts/lang.portuguese_br_tts?rtserver-id=15][StatusCode: 304][Server: AmazonS3][User-Agent: /3.9.4.0][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (GET /lang)][Plen Bins: 33,0,0,0,33,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 20 TCP 10.8.0.1:45552 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][Stack: HTTP.Waze][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 8][cat: Web/5][Breed: Acceptable][7 pkts/552 bytes <-> 7 pkts/771 bytes][Goodput ratio: 28/51][0.23 sec][Hostname/SNI: cres.waze.com][bytes ratio: -0.166 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 34/56 169/168 67/79][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 79/110 206/447 52/138][URL: cres.waze.com/langs/1.0/lang.portuguese_br?rtserver-id=15][StatusCode: 304][Server: AmazonS3][User-Agent: /3.9.4.0][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (GET /langs/1.0/lang.portuguese)][Plen Bins: 33,0,0,0,33,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 21 TCP 10.8.0.1:45554 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][Stack: HTTP.Waze][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 8][cat: Web/5][Breed: Acceptable][7 pkts/550 bytes <-> 7 pkts/769 bytes][Goodput ratio: 28/51][0.14 sec][Hostname/SNI: cres.waze.com][bytes ratio: -0.166 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 26/42 126/125 50/58][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 79/110 204/445 52/137][URL: cres.waze.com/newVconfig/1.0/3/lang.conf?rtserver-id=15][StatusCode: 304][Server: AmazonS3][User-Agent: /3.9.4.0][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (GET /newV)][Plen Bins: 33,0,0,0,33,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 22 TCP 10.8.0.1:45540 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][Stack: HTTP.Waze][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 8][cat: Web/5][Breed: Acceptable][7 pkts/553 bytes <-> 7 pkts/733 bytes][Goodput ratio: 28/48][0.29 sec][Hostname/SNI: roadshields.waze.com][bytes ratio: -0.140 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 42/68 176/174 68/76][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 79/105 207/409 53/124][URL: roadshields.waze.com/shields_conf_new_latam?rtserver-id=15][StatusCode: 304][Server: AmazonS3][User-Agent: /3.9.4.0][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (GET /shields)][Plen Bins: 33,0,0,0,33,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 18 TCP 10.8.0.1:45546 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][Stack: HTTP.Waze][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 464/AWS_Cloudfront, Confidence: IP address][DPI packets: 8][cat: Web/5][Breed: Acceptable][7 pkts/557 bytes <-> 7 pkts/771 bytes][Goodput ratio: 28/51][0.54 sec][Hostname/SNI: cres.waze.com][bytes ratio: -0.161 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 105/174 394/397 152/166][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 80/110 211/447 54/138][URL: cres.waze.com/newVconfig/1.0/3/prompts_conf.buf?rtserver-id=15][StatusCode: 304][Server: AmazonS3][User-Agent: /3.9.4.0][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (GET /newV)][Plen Bins: 33,0,0,0,33,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 19 TCP 10.8.0.1:45538 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][Stack: HTTP.Waze][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 464/AWS_Cloudfront, Confidence: IP address][DPI packets: 8][cat: Web/5][Breed: Acceptable][7 pkts/555 bytes <-> 7 pkts/771 bytes][Goodput ratio: 28/51][0.29 sec][Hostname/SNI: cres.waze.com][bytes ratio: -0.163 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 42/70 177/177 68/77][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 79/110 209/447 53/138][URL: cres.waze.com/lang_tts/lang.portuguese_br_tts?rtserver-id=15][StatusCode: 304][Server: AmazonS3][User-Agent: /3.9.4.0][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (GET /lang)][Plen Bins: 33,0,0,0,33,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 20 TCP 10.8.0.1:45552 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][Stack: HTTP.Waze][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 464/AWS_Cloudfront, Confidence: IP address][DPI packets: 8][cat: Web/5][Breed: Acceptable][7 pkts/552 bytes <-> 7 pkts/771 bytes][Goodput ratio: 28/51][0.23 sec][Hostname/SNI: cres.waze.com][bytes ratio: -0.166 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 34/56 169/168 67/79][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 79/110 206/447 52/138][URL: cres.waze.com/langs/1.0/lang.portuguese_br?rtserver-id=15][StatusCode: 304][Server: AmazonS3][User-Agent: /3.9.4.0][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (GET /langs/1.0/lang.portuguese)][Plen Bins: 33,0,0,0,33,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 21 TCP 10.8.0.1:45554 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][Stack: HTTP.Waze][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 464/AWS_Cloudfront, Confidence: IP address][DPI packets: 8][cat: Web/5][Breed: Acceptable][7 pkts/550 bytes <-> 7 pkts/769 bytes][Goodput ratio: 28/51][0.14 sec][Hostname/SNI: cres.waze.com][bytes ratio: -0.166 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 26/42 126/125 50/58][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 79/110 204/445 52/137][URL: cres.waze.com/newVconfig/1.0/3/lang.conf?rtserver-id=15][StatusCode: 304][Server: AmazonS3][User-Agent: /3.9.4.0][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (GET /newV)][Plen Bins: 33,0,0,0,33,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 22 TCP 10.8.0.1:45540 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][Stack: HTTP.Waze][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 464/AWS_Cloudfront, Confidence: IP address][DPI packets: 8][cat: Web/5][Breed: Acceptable][7 pkts/553 bytes <-> 7 pkts/733 bytes][Goodput ratio: 28/48][0.29 sec][Hostname/SNI: roadshields.waze.com][bytes ratio: -0.140 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 42/68 176/174 68/76][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 79/105 207/409 53/124][URL: roadshields.waze.com/shields_conf_new_latam?rtserver-id=15][StatusCode: 304][Server: AmazonS3][User-Agent: /3.9.4.0][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (GET /shields)][Plen Bins: 33,0,0,0,33,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
23 TCP 10.16.37.157:41823 <-> 200.160.4.49:80 [proto: 7/HTTP][Stack: HTTP][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 4][cat: Web/5][Breed: Acceptable][2 pkts/120 bytes <-> 2 pkts/108 bytes][Goodput ratio: 0/0][0.00 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
24 TCP 10.16.37.157:43991 <-> 200.160.4.31:80 [proto: 7/HTTP][Stack: HTTP][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 4][cat: Web/5][Breed: Acceptable][2 pkts/120 bytes <-> 2 pkts/108 bytes][Goodput ratio: 0/0][0.01 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
25 TCP 10.16.37.157:46473 <-> 200.160.4.49:80 [proto: 7/HTTP][Stack: HTTP][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 4][cat: Web/5][Breed: Acceptable][2 pkts/120 bytes <-> 2 pkts/108 bytes][Goodput ratio: 0/0][0.01 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/webex.pcap.out b/tests/cfgs/default/result/webex.pcap.out
index b43807fb1..54e076fc4 100644
--- a/tests/cfgs/default/result/webex.pcap.out
+++ b/tests/cfgs/default/result/webex.pcap.out
@@ -53,7 +53,7 @@ JA Host Stats:
7 TCP 10.8.0.1:51154 <-> 62.109.224.120:443 [proto: 91.141/TLS.Webex][Stack: TLS.Webex][IP: 141/Webex][Encrypted][Confidence: DPI][FPC: 141/Webex, Confidence: IP address][DPI packets: 6][cat: VoIP/10][Breed: Acceptable][55 pkts/12583 bytes <-> 50 pkts/6703 bytes][Goodput ratio: 76/60][68.57 sec][bytes ratio: 0.305 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1424/790 16039/7189 2911/1473][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 229/134 590/3961 154/547][Risk: ** Obsolete TLS (v1.1 or older) **** Weak TLS Cipher **][Risk Score: 200][Risk Info: Cipher TLS_RSA_WITH_AES_256_CBC_SHA / TLSv1][nDPI Fingerprint: 243e6139d9b4c6b9b889def424d85b70][TCP Fingerprint: 2_64_14600_8c07a80cc645/Linux][TLSv1][JA4: t10i020200_f2d8273d9564_18d1e47e0978][ServerNames: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=us, ST=California, L=San Jose, O=Cisco Systems, Inc., OU=CSG, CN=*.webex.com][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2015-04-10 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA][Plen Bins: 0,5,40,16,1,11,3,1,0,0,5,0,3,0,0,1,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1]
8 UDP 10.8.0.1:64538 -> 172.16.1.75:5060 [proto: 100/SIP][Stack: SIP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 100/SIP, Confidence: DPI][DPI packets: 1][cat: VoIP/10][Breed: Acceptable][22 pkts/15356 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][95.92 sec][SIP From: ;tag=d3833767][SIP To: ][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1008/0 4783/0 32494/0 6932/0][Pkt Len c2s/s2c min/avg/max/stddev: 698/0 698/0 698/0 0/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (REGISTER sip)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
9 TCP 10.8.0.1:51857 <-> 62.109.229.158:443 [proto: 91.141/TLS.Webex][Stack: TLS.Webex][IP: 141/Webex][Encrypted][Confidence: DPI][FPC: 141/Webex, Confidence: IP address][DPI packets: 6][cat: VoIP/10][Breed: Acceptable][29 pkts/4559 bytes <-> 21 pkts/5801 bytes][Goodput ratio: 65/80][21.38 sec][bytes ratio: -0.120 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 796/452 6005/3010 1691/778][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 157/276 432/3961 108/830][Risk: ** Obsolete TLS (v1.1 or older) **** Weak TLS Cipher **][Risk Score: 200][Risk Info: Cipher TLS_RSA_WITH_AES_128_CBC_SHA / TLSv1][nDPI Fingerprint: 265bb6ba064759800a0118d131206482][TCP Fingerprint: 2_64_14600_8c07a80cc645/Linux][TLSv1][JA4: t10i440400_e56d601e95ee_282f11336259][ServerNames: *.webex.com][JA3S: 4192c0a946c5bd9b544b4656d9f624a4][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=us, ST=California, L=San Jose, O=Cisco Systems, Inc., OU=CSG, CN=*.webex.com][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2015-04-10 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,13,17,13,4,4,30,0,0,0,4,4,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4]
- 10 TCP 10.8.0.1:46211 <-> 54.241.32.14:443 [proto: 91/TLS][Stack: TLS][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 14][cat: Web/5][Breed: Safe][16 pkts/1984 bytes <-> 14 pkts/7584 bytes][Goodput ratio: 55/90][41.17 sec][Hostname/SNI: api.crittercism.com][bytes ratio: -0.585 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3166/655 34507/5259 9151/1546][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 124/542 590/1502 149/614][Risk: ** Obsolete TLS (v1.1 or older) **** Weak TLS Cipher **][Risk Score: 200][Risk Info: Cipher TLS_RSA_WITH_RC4_128_MD5 / TLSv1][nDPI Fingerprint: a5bb4e838c2002745dd8bb298c2b40df][TCP Fingerprint: 2_64_14600_8c07a80cc645/Linux][TLSv1][JA4: t10d350400_1f24bcc5f17d_a875e5012fde][ServerNames: *.crittercism.com,crittercism.com][JA3S: c800cea031c10ffe47e1d72c9264577a][Issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA][Subject: OU=Domain Control Validated, OU=PositiveSSL Wildcard, CN=*.crittercism.com][Certificate SHA-1: 68:8B:FC:77:1E:CA:80:33:0C:A9:0E:29:A6:E4:0D:FC:3A:AE:43:18][Validity: 2015-01-14 00:00:00 - 2020-01-13 23:59:59][Cipher: TLS_RSA_WITH_RC4_128_MD5][Plen Bins: 8,8,8,0,0,0,8,8,0,8,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,8,0,0,0,0,16,0,8,0,0]
+ 10 TCP 10.8.0.1:46211 <-> 54.241.32.14:443 [proto: 91/TLS][Stack: TLS][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 14][cat: Web/5][Breed: Safe][16 pkts/1984 bytes <-> 14 pkts/7584 bytes][Goodput ratio: 55/90][41.17 sec][Hostname/SNI: api.crittercism.com][bytes ratio: -0.585 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3166/655 34507/5259 9151/1546][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 124/542 590/1502 149/614][Risk: ** Obsolete TLS (v1.1 or older) **** Weak TLS Cipher **][Risk Score: 200][Risk Info: Cipher TLS_RSA_WITH_RC4_128_MD5 / TLSv1][nDPI Fingerprint: a5bb4e838c2002745dd8bb298c2b40df][TCP Fingerprint: 2_64_14600_8c07a80cc645/Linux][TLSv1][JA4: t10d350400_1f24bcc5f17d_a875e5012fde][ServerNames: *.crittercism.com,crittercism.com][JA3S: c800cea031c10ffe47e1d72c9264577a][Issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA][Subject: OU=Domain Control Validated, OU=PositiveSSL Wildcard, CN=*.crittercism.com][Certificate SHA-1: 68:8B:FC:77:1E:CA:80:33:0C:A9:0E:29:A6:E4:0D:FC:3A:AE:43:18][Validity: 2015-01-14 00:00:00 - 2020-01-13 23:59:59][Cipher: TLS_RSA_WITH_RC4_128_MD5][Plen Bins: 8,8,8,0,0,0,8,8,0,8,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,8,0,0,0,0,16,0,8,0,0]
11 TCP 10.8.0.1:41386 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][Stack: TLS.Webex][IP: 141/Webex][Encrypted][Confidence: DPI][FPC: 141/Webex, Confidence: IP address][DPI packets: 6][cat: VoIP/10][Breed: Acceptable][9 pkts/1417 bytes <-> 8 pkts/6984 bytes][Goodput ratio: 64/94][3.96 sec][bytes ratio: -0.663 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/2 523/352 2070/1020 730/365][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 157/873 576/3993 179/1444][Risk: ** Obsolete TLS (v1.1 or older) **** Weak TLS Cipher **][Risk Score: 200][Risk Info: Cipher TLS_RSA_WITH_AES_256_CBC_SHA / TLSv1][nDPI Fingerprint: 243e6139d9b4c6b9b889def424d85b70][TCP Fingerprint: 2_64_14600_8c07a80cc645/Linux][TLSv1][JA4: t10i020200_f2d8273d9564_18d1e47e0978][ServerNames: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=us, ST=California, L=San Jose, O=Cisco Systems, Inc., OU=CSG, CN=*.webex.com][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2015-04-10 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA][Plen Bins: 0,33,0,0,0,0,0,0,0,0,16,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33]
12 TCP 10.8.0.1:41419 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][Stack: TLS.Webex][IP: 141/Webex][Encrypted][Confidence: DPI][FPC: 141/Webex, Confidence: IP address][DPI packets: 6][cat: VoIP/10][Breed: Acceptable][7 pkts/1309 bytes <-> 7 pkts/6930 bytes][Goodput ratio: 70/95][1.07 sec][bytes ratio: -0.682 (Download)][IAT c2s/s2c min/avg/max/stddev: 4/51 160/195 357/356 154/126][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 187/990 576/3993 192/1508][Risk: ** Obsolete TLS (v1.1 or older) **** Weak TLS Cipher **][Risk Score: 200][Risk Info: Cipher TLS_RSA_WITH_AES_256_CBC_SHA / TLSv1][nDPI Fingerprint: 243e6139d9b4c6b9b889def424d85b70][TCP Fingerprint: 2_64_14600_8c07a80cc645/Linux][TLSv1][JA4: t10i020200_f2d8273d9564_18d1e47e0978][ServerNames: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=us, ST=California, L=San Jose, O=Cisco Systems, Inc., OU=CSG, CN=*.webex.com][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2015-04-10 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA][Plen Bins: 0,33,0,0,0,0,0,0,0,0,16,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33]
13 TCP 10.8.0.1:52730 <-> 173.243.4.76:443 [proto: 91.141/TLS.Webex][Stack: TLS.Webex][IP: 141/Webex][Encrypted][Confidence: DPI][FPC: 141/Webex, Confidence: IP address][DPI packets: 8][cat: VoIP/10][Breed: Acceptable][9 pkts/1369 bytes <-> 8 pkts/6621 bytes][Goodput ratio: 63/93][3.00 sec][bytes ratio: -0.657 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 385/312 2171/1116 743/396][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 152/828 528/2974 166/1099][Risk: ** Obsolete TLS (v1.1 or older) **** Weak TLS Cipher **][Risk Score: 200][Risk Info: Cipher TLS_RSA_WITH_AES_256_CBC_SHA / TLSv1][nDPI Fingerprint: 243e6139d9b4c6b9b889def424d85b70][TCP Fingerprint: 2_64_14600_8c07a80cc645/Linux][TLSv1][JA4: t10i020200_f2d8273d9564_18d1e47e0978][ServerNames: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=us, ST=California, L=San Jose, O=Cisco Systems, Inc., OU=CSG, CN=*.webex.com][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2015-04-10 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA][Plen Bins: 0,28,0,0,0,0,0,0,0,0,14,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,28]
@@ -100,4 +100,4 @@ JA Host Stats:
54 TCP 10.133.206.47:33459 <-> 80.74.110.68:443 [proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 1][cat: Web/5][Breed: Safe][3 pkts/209 bytes <-> 2 pkts/108 bytes][Goodput ratio: 11/0][0.06 sec][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
55 TCP 10.8.0.1:51859 <-> 62.109.229.158:443 [proto: 91/TLS][Stack: TLS][IP: 141/Webex][Encrypted][Confidence: Match by port][FPC: 141/Webex, Confidence: IP address][DPI packets: 3][cat: Web/5][Breed: Safe][2 pkts/128 bytes <-> 1 pkts/54 bytes][Goodput ratio: 0/0][1.00 sec][Risk: ** TCP Connection Issues **** Probing Attempt **][Risk Score: 100][Risk Info: TCP probing attempt / Connection refused (client)][TCP Fingerprint: 2_64_14600_8c07a80cc645/Linux][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
56 TCP 10.133.206.47:54651 <-> 185.63.147.10:443 [proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 3][cat: Web/5][Breed: Safe][1 pkts/66 bytes <-> 2 pkts/108 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 57 TCP 10.133.206.47:59447 <-> 107.20.242.44:443 [proto: 91/TLS][Stack: TLS][IP: 265/AmazonAWS][Encrypted][Confidence: Match by port][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 3][cat: Web/5][Breed: Safe][1 pkts/66 bytes <-> 2 pkts/108 bytes][Goodput ratio: 0/0][0.00 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 57 TCP 10.133.206.47:59447 <-> 107.20.242.44:443 [proto: 91/TLS][Stack: TLS][IP: 461/AWS_EC2][Encrypted][Confidence: Match by port][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 3][cat: Web/5][Breed: Safe][1 pkts/66 bytes <-> 2 pkts/108 bytes][Goodput ratio: 0/0][0.00 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/weibo.pcap.out b/tests/cfgs/default/result/weibo.pcap.out
index fdd718742..34162d192 100644
--- a/tests/cfgs/default/result/weibo.pcap.out
+++ b/tests/cfgs/default/result/weibo.pcap.out
@@ -74,7 +74,7 @@ JA Host Stats:
27 TCP 192.168.1.105:34699 <-> 216.58.212.65:443 [proto: 91/TLS][Stack: TLS][IP: 126/Google][Encrypted][Confidence: Match by port][FPC: 126/Google, Confidence: IP address][DPI packets: 2][cat: Web/5][Breed: Safe][1 pkts/66 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0/0][0.02 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
28 TCP 192.168.1.105:35154 <-> 216.58.210.206:443 [proto: 91/TLS][Stack: TLS][IP: 126/Google][Encrypted][Confidence: Match by port][FPC: 126/Google, Confidence: IP address][DPI packets: 2][cat: Web/5][Breed: Safe][1 pkts/66 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0/0][0.05 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
29 TCP 192.168.1.105:37802 <-> 216.58.212.69:443 [proto: 91/TLS][Stack: TLS][IP: 126/Google][Encrypted][Confidence: Match by port][FPC: 126/Google, Confidence: IP address][DPI packets: 2][cat: Web/5][Breed: Safe][1 pkts/66 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0/0][0.03 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 30 TCP 192.168.1.105:40440 <-> 54.225.163.210:443 [proto: 91/TLS][Stack: TLS][IP: 265/AmazonAWS][Encrypted][Confidence: Match by port][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 2][cat: Web/5][Breed: Safe][1 pkts/66 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0/0][0.14 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 30 TCP 192.168.1.105:40440 <-> 54.225.163.210:443 [proto: 91/TLS][Stack: TLS][IP: 461/AWS_EC2][Encrypted][Confidence: Match by port][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 2][cat: Web/5][Breed: Safe][1 pkts/66 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0/0][0.14 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
31 TCP 192.168.1.105:58480 <-> 216.58.214.78:443 [proto: 91/TLS][Stack: TLS][IP: 126/Google][Encrypted][Confidence: Match by port][FPC: 126/Google, Confidence: IP address][DPI packets: 2][cat: Web/5][Breed: Safe][1 pkts/66 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0/0][0.04 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
32 TCP 192.168.1.105:58481 <-> 216.58.214.78:443 [proto: 91/TLS][Stack: TLS][IP: 126/Google][Encrypted][Confidence: Match by port][FPC: 126/Google, Confidence: IP address][DPI packets: 2][cat: Web/5][Breed: Safe][1 pkts/66 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0/0][0.05 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
33 UDP 192.168.1.105:11798 -> 192.168.1.1:53 [proto: 5/DNS][Stack: DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/77 bytes -> 0 pkts/0 bytes][Goodput ratio: 45/0][< 1 sec][Hostname/SNI: account.weibo.com][0.0.0.0][DNS Id: 0xca7d][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (account)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/xiaomi.pcap.out b/tests/cfgs/default/result/xiaomi.pcap.out
index 0e009eb1b..0c5c9a2fc 100644
--- a/tests/cfgs/default/result/xiaomi.pcap.out
+++ b/tests/cfgs/default/result/xiaomi.pcap.out
@@ -26,8 +26,8 @@ Acceptable 52 11467 7
Web 52 11467 7
- 1 TCP 192.168.2.100:45106 <-> 18.193.233.122:5222 [proto: 287/Xiaomi][Stack: Xiaomi][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 4][cat: Web/5][Breed: Acceptable][8 pkts/2061 bytes <-> 7 pkts/1063 bytes][Goodput ratio: 74/56][359.14 sec][Hostname/SNI: fr-app-chat-global-xiaomi-net2-2117517874.eu-central-1.elb.amazonaws.com][bytes ratio: 0.319 (Upload)][IAT c2s/s2c min/avg/max/stddev: 7/1 59816/100 358553/211 133599/79][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 258/152 1014/488 311/142][User-Agent: Redmi Note 8T][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: Entropy: 5.758 (Executable?)][TCP Fingerprint: 2_64_65535_685ad951a756/Android][PLAIN TEXT (xiaomi.com)][Plen Bins: 14,0,14,14,0,0,14,0,0,0,14,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 2 TCP 192.168.2.100:37708 <-> 3.127.176.74:5222 [proto: 287/Xiaomi][Stack: Xiaomi][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 4][cat: Web/5][Breed: Acceptable][8 pkts/1983 bytes <-> 7 pkts/641 bytes][Goodput ratio: 73/27][455.15 sec][Hostname/SNI: fr-app-chat-global-xiaomi-net1-1667981913.eu-central-1.elb.amazonaws.com][bytes ratio: 0.511 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2/0 75808/90740 453408/453409 168869/181335][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 248/92 999/171 303/39][User-Agent: Redmi Note 9 Pro][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: Entropy: 5.872 (Executable?)][TCP Fingerprint: 2_64_65535_685ad951a756/Android][PLAIN TEXT (xiaomi.com)][Plen Bins: 16,0,16,16,0,0,0,16,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 1 TCP 192.168.2.100:45106 <-> 18.193.233.122:5222 [proto: 287/Xiaomi][Stack: Xiaomi][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 4][cat: Web/5][Breed: Acceptable][8 pkts/2061 bytes <-> 7 pkts/1063 bytes][Goodput ratio: 74/56][359.14 sec][Hostname/SNI: fr-app-chat-global-xiaomi-net2-2117517874.eu-central-1.elb.amazonaws.com][bytes ratio: 0.319 (Upload)][IAT c2s/s2c min/avg/max/stddev: 7/1 59816/100 358553/211 133599/79][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 258/152 1014/488 311/142][User-Agent: Redmi Note 8T][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: Entropy: 5.758 (Executable?)][TCP Fingerprint: 2_64_65535_685ad951a756/Android][PLAIN TEXT (xiaomi.com)][Plen Bins: 14,0,14,14,0,0,14,0,0,0,14,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 2 TCP 192.168.2.100:37708 <-> 3.127.176.74:5222 [proto: 287/Xiaomi][Stack: Xiaomi][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 4][cat: Web/5][Breed: Acceptable][8 pkts/1983 bytes <-> 7 pkts/641 bytes][Goodput ratio: 73/27][455.15 sec][Hostname/SNI: fr-app-chat-global-xiaomi-net1-1667981913.eu-central-1.elb.amazonaws.com][bytes ratio: 0.511 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2/0 75808/90740 453408/453409 168869/181335][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 248/92 999/171 303/39][User-Agent: Redmi Note 9 Pro][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: Entropy: 5.872 (Executable?)][TCP Fingerprint: 2_64_65535_685ad951a756/Android][PLAIN TEXT (xiaomi.com)][Plen Bins: 16,0,16,16,0,0,0,16,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 TCP 115.164.74.232:5222 <-> 192.168.247.13:38018 [proto: 287/Xiaomi][Stack: Xiaomi][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 2][cat: Web/5][Breed: Acceptable][4 pkts/456 bytes <-> 3 pkts/1283 bytes][Goodput ratio: 40/85][149.32 sec][Hostname/SNI: 47.241.35.73][bytes ratio: -0.476 (Download)][IAT c2s/s2c min/avg/max/stddev: 143/153 49772/74586 149015/149020 70175/74434][Pkt Len c2s/s2c min/avg/max/stddev: 74/78 114/428 172/980 41/395][User-Agent: M2010J19SG][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: Entropy: 5.561 (Executable?)][PLAIN TEXT (xiaomi.com)][Plen Bins: 34,0,16,16,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 TCP 97.39.119.172:5222 <-> 192.168.93.59:51488 [proto: 287/Xiaomi][Stack: Xiaomi][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 2][cat: Web/5][Breed: Acceptable][3 pkts/377 bytes <-> 2 pkts/1249 bytes][Goodput ratio: 45/89][0.25 sec][Hostname/SNI: 47.241.59.87][User-Agent: M2101K7BG][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: Entropy: 5.687 (Executable?)][PLAIN TEXT (xiaomi.com)][Plen Bins: 0,0,25,25,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 TCP 115.164.74.232:5222 <-> 192.168.244.219:45904 [proto: 287/Xiaomi][Stack: Xiaomi][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 2][cat: Web/5][Breed: Acceptable][3 pkts/378 bytes <-> 2 pkts/1244 bytes][Goodput ratio: 45/89][0.26 sec][Hostname/SNI: 47.241.35.73][User-Agent: Redmi Note 9S][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: Entropy: 5.814 (Executable?)][PLAIN TEXT (xiaomi.com)][Plen Bins: 0,0,25,25,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/zoom.pcap.out b/tests/cfgs/default/result/zoom.pcap.out
index 488cebe5e..3b240d697 100644
--- a/tests/cfgs/default/result/zoom.pcap.out
+++ b/tests/cfgs/default/result/zoom.pcap.out
@@ -57,14 +57,14 @@ JA Host Stats:
1 UDP 192.168.1.117:58327 <-> 109.94.160.99:8801 [proto: 189/Zoom][Stack: Zoom][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 189/Zoom, Confidence: DPI][DPI packets: 5][cat: Video/26][Breed: Acceptable][10 pkts/7806 bytes <-> 175 pkts/184434 bytes][Goodput ratio: 95/96][1.44 sec][bytes ratio: -0.919 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 14/8 32/35 11/5][Pkt Len c2s/s2c min/avg/max/stddev: 55/60 781/1054 1071/1071 444/129][PLAIN TEXT (replace)][Plen Bins: 1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,97,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 TCP 192.168.1.117:54871 <-> 109.94.160.99:443 [proto: 91.189/TLS.Zoom][Stack: TLS.Zoom][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 189/Zoom, Confidence: DNS][DPI packets: 11][cat: Video/26][Breed: Acceptable][127 pkts/54118 bytes <-> 83 pkts/17526 bytes][Goodput ratio: 84/69][2.00 sec][Hostname/SNI: zoomfrn99mmr.zoom.us][bytes ratio: 0.511 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 17/9 950/156 93/24][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 426/211 1506/1506 458/364][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: a2f2e73fc94f33cea302bfd6134f1543][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d930700_72a4e8475a2e_4446390ac224][ServerNames: *.zoom.us,zoom.us][JA3S: ada793d0f02b028a6c840504edccb652][Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http://certs.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2][Subject: OU=Domain Control Validated, CN=*.zoom.us][Certificate SHA-1: F7:5A:83:A8:77:24:55:D7:6D:2E:93:F6:6E:9C:C9:7E:AD:9B:3B:E8][Firefox][Validity: 2019-03-25 19:38:42 - 2021-03-25 19:38:42][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,20,12,4,2,6,3,2,2,2,4,5,10,1,0,0,1,0,0,1,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,17,0,0]
- 3 TCP 192.168.1.117:54866 <-> 52.202.62.236:443 [proto: 91.189/TLS.Zoom][Stack: TLS.Zoom][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 189/Zoom, Confidence: DNS][DPI packets: 10][cat: Video/26][Breed: Acceptable][16 pkts/3097 bytes <-> 17 pkts/18622 bytes][Goodput ratio: 71/95][0.61 sec][Hostname/SNI: www3.zoom.us][(Advertised) ALPNs: http/1.1][bytes ratio: -0.715 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 32/28 114/143 47/51][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 194/1095 864/1506 265/618][nDPI Fingerprint: ace4f0fab311e4e98322e5984dd34f5b][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d8008h1_9cedc1f1428b_046e095b7c4a][ServerNames: *.zoom.us,zoom.us][JA3S: 3c30f2c064a3aed8cd95de8d68c726a6][Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http://certs.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2][Subject: OU=Domain Control Validated, CN=*.zoom.us][Certificate SHA-1: F7:5A:83:A8:77:24:55:D7:6D:2E:93:F6:6E:9C:C9:7E:AD:9B:3B:E8][Firefox][Validity: 2019-03-25 19:38:42 - 2021-03-25 19:38:42][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,5,0,0,0,5,0,0,0,0,0,0,5,0,0,0,5,0,0,0,0,5,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,63,0,0]
- 4 TCP 192.168.1.117:54865 <-> 52.202.62.196:443 [proto: 91.189/TLS.Zoom][Stack: TLS.Zoom][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 10][cat: Video/26][Breed: Acceptable][15 pkts/2448 bytes <-> 15 pkts/16505 bytes][Goodput ratio: 66/95][0.50 sec][Hostname/SNI: zoom.us][(Advertised) ALPNs: http/1.1][bytes ratio: -0.742 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 31/22 112/136 46/46][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 163/1100 687/1506 200/623][nDPI Fingerprint: ace4f0fab311e4e98322e5984dd34f5b][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d8008h1_9cedc1f1428b_046e095b7c4a][ServerNames: *.zoom.us,zoom.us][JA3S: 3c30f2c064a3aed8cd95de8d68c726a6][Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http://certs.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2][Subject: OU=Domain Control Validated, CN=*.zoom.us][Certificate SHA-1: F7:5A:83:A8:77:24:55:D7:6D:2E:93:F6:6E:9C:C9:7E:AD:9B:3B:E8][Firefox][Validity: 2019-03-25 19:38:42 - 2021-03-25 19:38:42][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,6,0,0,0,6,0,0,6,0,0,0,0,0,0,0,6,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,6,0,0,0,0,57,0,0]
+ 3 TCP 192.168.1.117:54866 <-> 52.202.62.236:443 [proto: 91.189/TLS.Zoom][Stack: TLS.Zoom][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 189/Zoom, Confidence: DNS][DPI packets: 10][cat: Video/26][Breed: Acceptable][16 pkts/3097 bytes <-> 17 pkts/18622 bytes][Goodput ratio: 71/95][0.61 sec][Hostname/SNI: www3.zoom.us][(Advertised) ALPNs: http/1.1][bytes ratio: -0.715 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 32/28 114/143 47/51][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 194/1095 864/1506 265/618][nDPI Fingerprint: ace4f0fab311e4e98322e5984dd34f5b][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d8008h1_9cedc1f1428b_046e095b7c4a][ServerNames: *.zoom.us,zoom.us][JA3S: 3c30f2c064a3aed8cd95de8d68c726a6][Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http://certs.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2][Subject: OU=Domain Control Validated, CN=*.zoom.us][Certificate SHA-1: F7:5A:83:A8:77:24:55:D7:6D:2E:93:F6:6E:9C:C9:7E:AD:9B:3B:E8][Firefox][Validity: 2019-03-25 19:38:42 - 2021-03-25 19:38:42][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,5,0,0,0,5,0,0,0,0,0,0,5,0,0,0,5,0,0,0,0,5,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,63,0,0]
+ 4 TCP 192.168.1.117:54865 <-> 52.202.62.196:443 [proto: 91.189/TLS.Zoom][Stack: TLS.Zoom][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 10][cat: Video/26][Breed: Acceptable][15 pkts/2448 bytes <-> 15 pkts/16505 bytes][Goodput ratio: 66/95][0.50 sec][Hostname/SNI: zoom.us][(Advertised) ALPNs: http/1.1][bytes ratio: -0.742 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 31/22 112/136 46/46][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 163/1100 687/1506 200/623][nDPI Fingerprint: ace4f0fab311e4e98322e5984dd34f5b][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d8008h1_9cedc1f1428b_046e095b7c4a][ServerNames: *.zoom.us,zoom.us][JA3S: 3c30f2c064a3aed8cd95de8d68c726a6][Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http://certs.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2][Subject: OU=Domain Control Validated, CN=*.zoom.us][Certificate SHA-1: F7:5A:83:A8:77:24:55:D7:6D:2E:93:F6:6E:9C:C9:7E:AD:9B:3B:E8][Firefox][Validity: 2019-03-25 19:38:42 - 2021-03-25 19:38:42][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,6,0,0,0,6,0,0,6,0,0,0,0,0,0,0,6,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,6,0,0,0,0,57,0,0]
5 UDP 10.140.117.35:45634 <-> 193.122.35.237:8801 [VLAN: 113][proto: GTP:189/Zoom][Stack: Zoom][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 8][cat: Video/26][Breed: Acceptable][34 pkts/5678 bytes <-> 47 pkts/7940 bytes][Goodput ratio: 48/49][154.35 sec][bytes ratio: -0.166 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 39/2 1919/1250 3741/3741 1619/1357][Pkt Len c2s/s2c min/avg/max/stddev: 167/167 167/169 167/174 0/3][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
6 TCP 192.168.1.117:54868 <-> 213.19.144.104:443 [proto: 91.189/TLS.Zoom][Stack: TLS.Zoom][IP: 189/Zoom][Encrypted][Confidence: DPI][FPC: 189/Zoom, Confidence: IP address][DPI packets: 11][cat: Video/26][Breed: Acceptable][17 pkts/2534 bytes <-> 13 pkts/7180 bytes][Goodput ratio: 56/88][0.41 sec][Hostname/SNI: zoomam104zc.zoom.us][bytes ratio: -0.478 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 28/41 87/168 27/61][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 149/552 642/1506 175/612][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: a2f2e73fc94f33cea302bfd6134f1543][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d930700_72a4e8475a2e_4446390ac224][ServerNames: *.zoom.us,zoom.us][JA3S: ada793d0f02b028a6c840504edccb652][Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http://certs.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2][Subject: OU=Domain Control Validated, CN=*.zoom.us][Certificate SHA-1: F7:5A:83:A8:77:24:55:D7:6D:2E:93:F6:6E:9C:C9:7E:AD:9B:3B:E8][Firefox][Validity: 2019-03-25 19:38:42 - 2021-03-25 19:38:42][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 21,6,6,6,6,0,0,6,0,0,0,0,0,6,0,0,6,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,21,0,0]
7 TCP 192.168.1.117:54869 <-> 213.244.140.85:443 [proto: 91.189/TLS.Zoom][Stack: TLS.Zoom][IP: 189/Zoom][Encrypted][Confidence: DPI][FPC: 189/Zoom, Confidence: DNS][DPI packets: 11][cat: Video/26][Breed: Acceptable][16 pkts/2480 bytes <-> 13 pkts/7182 bytes][Goodput ratio: 57/88][0.39 sec][Hostname/SNI: zoomfr85zc.zoom.us][bytes ratio: -0.487 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 27/41 202/224 52/72][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 155/552 642/1506 178/612][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: a2f2e73fc94f33cea302bfd6134f1543][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d930700_72a4e8475a2e_4446390ac224][ServerNames: *.zoom.us,zoom.us][JA3S: ada793d0f02b028a6c840504edccb652][Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http://certs.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2][Subject: OU=Domain Control Validated, CN=*.zoom.us][Certificate SHA-1: F7:5A:83:A8:77:24:55:D7:6D:2E:93:F6:6E:9C:C9:7E:AD:9B:3B:E8][Firefox][Validity: 2019-03-25 19:38:42 - 2021-03-25 19:38:42][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 21,6,6,6,6,0,0,6,0,0,0,0,0,6,0,0,6,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,21,0,0]
8 TCP 192.168.1.117:54867 <-> 213.19.144.105:443 [proto: 91.189/TLS.Zoom][Stack: TLS.Zoom][IP: 189/Zoom][Encrypted][Confidence: DPI][FPC: 189/Zoom, Confidence: IP address][DPI packets: 11][cat: Video/26][Breed: Acceptable][16 pkts/2468 bytes <-> 13 pkts/7188 bytes][Goodput ratio: 58/88][0.42 sec][Hostname/SNI: zoomam105zc.zoom.us][bytes ratio: -0.489 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 30/43 147/178 40/63][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 154/553 642/1506 179/612][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: a2f2e73fc94f33cea302bfd6134f1543][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d930700_72a4e8475a2e_4446390ac224][ServerNames: *.zoom.us,zoom.us][JA3S: ada793d0f02b028a6c840504edccb652][Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http://certs.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2][Subject: OU=Domain Control Validated, CN=*.zoom.us][Certificate SHA-1: F7:5A:83:A8:77:24:55:D7:6D:2E:93:F6:6E:9C:C9:7E:AD:9B:3B:E8][Firefox][Validity: 2019-03-25 19:38:42 - 2021-03-25 19:38:42][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 21,6,6,6,6,0,0,6,0,0,0,0,0,6,0,0,6,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,21,0,0]
9 TCP 192.168.1.117:54870 <-> 213.244.140.84:443 [proto: 91.189/TLS.Zoom][Stack: TLS.Zoom][IP: 189/Zoom][Encrypted][Confidence: DPI][FPC: 189/Zoom, Confidence: DNS][DPI packets: 11][cat: Video/26][Breed: Acceptable][16 pkts/1832 bytes <-> 12 pkts/6702 bytes][Goodput ratio: 44/88][0.38 sec][Hostname/SNI: zoomfr84zc.zoom.us][bytes ratio: -0.571 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 28/40 187/280 49/91][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 114/558 583/1506 129/636][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: a2f2e73fc94f33cea302bfd6134f1543][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d930700_72a4e8475a2e_4446390ac224][ServerNames: *.zoom.us,zoom.us][JA3S: ada793d0f02b028a6c840504edccb652][Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http://certs.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2][Subject: OU=Domain Control Validated, CN=*.zoom.us][Certificate SHA-1: F7:5A:83:A8:77:24:55:D7:6D:2E:93:F6:6E:9C:C9:7E:AD:9B:3B:E8][Firefox][Validity: 2019-03-25 19:38:42 - 2021-03-25 19:38:42][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 25,0,8,8,8,0,0,8,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,25,0,0]
- 10 TCP 192.168.1.117:54864 <-> 52.202.62.238:443 [proto: 91.189/TLS.Zoom][Stack: TLS.Zoom][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 189/Zoom, Confidence: DNS][DPI packets: 10][cat: Video/26][Breed: Acceptable][10 pkts/2030 bytes <-> 8 pkts/6283 bytes][Goodput ratio: 72/93][0.47 sec][Hostname/SNI: log.zoom.us][(Advertised) ALPNs: http/1.1][bytes ratio: -0.512 (Download)][IAT c2s/s2c min/avg/max/stddev: 2/0 58/40 110/131 50/57][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 203/785 812/1506 256/675][nDPI Fingerprint: ace4f0fab311e4e98322e5984dd34f5b][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d8008h1_9cedc1f1428b_046e095b7c4a][ServerNames: *.zoom.us,zoom.us][JA3S: 3c30f2c064a3aed8cd95de8d68c726a6][Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http://certs.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2][Subject: OU=Domain Control Validated, CN=*.zoom.us][Certificate SHA-1: F7:5A:83:A8:77:24:55:D7:6D:2E:93:F6:6E:9C:C9:7E:AD:9B:3B:E8][Firefox][Validity: 2019-03-25 19:38:42 - 2021-03-25 19:38:42][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,11,0,0,0,22,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,33,0,0]
+ 10 TCP 192.168.1.117:54864 <-> 52.202.62.238:443 [proto: 91.189/TLS.Zoom][Stack: TLS.Zoom][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 189/Zoom, Confidence: DNS][DPI packets: 10][cat: Video/26][Breed: Acceptable][10 pkts/2030 bytes <-> 8 pkts/6283 bytes][Goodput ratio: 72/93][0.47 sec][Hostname/SNI: log.zoom.us][(Advertised) ALPNs: http/1.1][bytes ratio: -0.512 (Download)][IAT c2s/s2c min/avg/max/stddev: 2/0 58/40 110/131 50/57][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 203/785 812/1506 256/675][nDPI Fingerprint: ace4f0fab311e4e98322e5984dd34f5b][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d8008h1_9cedc1f1428b_046e095b7c4a][ServerNames: *.zoom.us,zoom.us][JA3S: 3c30f2c064a3aed8cd95de8d68c726a6][Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http://certs.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2][Subject: OU=Domain Control Validated, CN=*.zoom.us][Certificate SHA-1: F7:5A:83:A8:77:24:55:D7:6D:2E:93:F6:6E:9C:C9:7E:AD:9B:3B:E8][Firefox][Validity: 2019-03-25 19:38:42 - 2021-03-25 19:38:42][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,11,0,0,0,22,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,33,0,0]
11 TCP 192.168.1.117:53872 <-> 35.186.224.53:443 [proto: 91/TLS][Stack: TLS][IP: 284/GoogleCloud][Encrypted][Confidence: DPI][FPC: 284/GoogleCloud, Confidence: IP address][DPI packets: 5][cat: Web/5][Breed: Safe][8 pkts/2017 bytes <-> 8 pkts/4822 bytes][Goodput ratio: 74/89][0.07 sec][bytes ratio: -0.410 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 10/10 58/45 22/16][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 252/603 1434/1484 447/585][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][Plen Bins: 0,12,25,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,25,0,0,0]
12 TCP 192.168.1.117:54863 <-> 167.99.215.164:4434 [proto: 91.26/TLS.ntop][Stack: TLS.ntop][IP: 442/DigitalOcean][Encrypted][Confidence: DPI][FPC: 442/DigitalOcean, Confidence: IP address][DPI packets: 6][cat: Network/14][Breed: Safe][10 pkts/2198 bytes <-> 10 pkts/2067 bytes][Goodput ratio: 69/68][5.26 sec][Hostname/SNI: dati.ntop.org][bytes ratio: 0.031 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 645/740 5003/5003 1647/1741][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 220/207 932/1292 283/364][Risk: ** Known Proto on Non Std Port **** TLS (probably) Not Carrying HTTPS **][Risk Score: 60][Risk Info: No ALPN / Expected on port 443][nDPI Fingerprint: 9d2a0be8a341585134b88ab5f60d4681][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d800700_64d9932cae36_4446390ac224][JA3S: dd4b012f7a008e741554bd0a4ed12920][Firefox][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 16,0,0,0,34,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0]
13 TCP 192.168.1.117:54854 -> 172.217.21.72:443 [proto: 91.239/TLS.GoogleServices][Stack: TLS.GoogleServices][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 91.239/TLS.GoogleServices, Confidence: DPI][DPI packets: 4][cat: Web/5][Breed: Acceptable][4 pkts/1060 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][6.46 sec][Hostname/SNI: www.googletagmanager.com][(Advertised) ALPNs: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][Risk: ** Obsolete TLS (v1.1 or older) **** Unidirectional Traffic **][Risk Score: 110][Risk Info: No server to client traffic / TLSv1][TLSv1][JA4: t10d0909h2_61c4dbd01224_cc731f12afbb][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -85,7 +85,7 @@ JA Host Stats:
28 UDP 192.168.1.117:62988 <-> 192.168.1.1:53 [proto: 5/DNS][Stack: DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][Breed: Acceptable][1 pkts/72 bytes <-> 1 pkts/88 bytes][Goodput ratio: 41/52][0.04 sec][Hostname/SNI: www3.zoom.us][52.202.62.236][DNS Id: 0xa17d][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
29 UDP 192.168.1.117:64352 <-> 192.168.1.1:53 [proto: 5/DNS][Stack: DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][Breed: Acceptable][1 pkts/71 bytes <-> 1 pkts/87 bytes][Goodput ratio: 40/51][0.04 sec][Hostname/SNI: log.zoom.us][52.202.62.238][DNS Id: 0x7b5f][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
30 ICMP 192.168.1.117:0 -> 162.255.38.14:0 [proto: 81/ICMP][Stack: ICMP][IP: 189/Zoom][ClearText][Confidence: DPI][FPC: 81/ICMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][2 pkts/140 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][0.01 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 31 TCP 192.168.1.117:54798 <-> 13.225.84.182:443 [proto: 91/TLS][Stack: TLS][IP: 265/AmazonAWS][Encrypted][Confidence: Match by port][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 2][cat: Web/5][Breed: Safe][1 pkts/54 bytes <-> 1 pkts/60 bytes][Goodput ratio: 0/0][0.04 sec][Risk: ** TCP Connection Issues **** Probing Attempt **][Risk Score: 100][Risk Info: TCP probing attempt / Connection refused][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 31 TCP 192.168.1.117:54798 <-> 13.225.84.182:443 [proto: 91/TLS][Stack: TLS][IP: 464/AWS_Cloudfront][Encrypted][Confidence: Match by port][FPC: 464/AWS_Cloudfront, Confidence: IP address][DPI packets: 2][cat: Web/5][Breed: Safe][1 pkts/54 bytes <-> 1 pkts/60 bytes][Goodput ratio: 0/0][0.04 sec][Risk: ** TCP Connection Issues **** Probing Attempt **][Risk Score: 100][Risk Info: TCP probing attempt / Connection refused][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
32 UDP 192.168.1.117:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][Stack: MDNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 8/MDNS, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/87 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Hostname/SNI: _spotify-connect._tcp.local][_spotify-connect._tcp.local][PLAIN TEXT (spotify)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
33 UDP 192.168.1.117:57621 -> 192.168.1.255:57621 [proto: 156/Spotify][Stack: Spotify][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 156/Spotify, Confidence: DPI][DPI packets: 1][cat: Music/25][Breed: Fun][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][PLAIN TEXT (SpotUdp)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
34 ICMP 192.168.1.117:0 -> 192.168.1.1:0 [proto: 81/ICMP][Stack: ICMP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 81/ICMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/70 bytes -> 0 pkts/0 bytes][Goodput ratio: 39/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/disable_protocols/result/pluralsight.pcap.out b/tests/cfgs/disable_protocols/result/pluralsight.pcap.out
index 31bb17c06..33e82ccfa 100644
--- a/tests/cfgs/disable_protocols/result/pluralsight.pcap.out
+++ b/tests/cfgs/disable_protocols/result/pluralsight.pcap.out
@@ -31,9 +31,9 @@ JA Host Stats:
1 192.168.1.128 1
- 1 TCP 192.168.1.128:42642 <-> 54.69.188.18:443 [proto: 91.61/TLS.Pluralsight][Stack: TLS.Pluralsight][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 7][cat: Streaming/17][Breed: Fun][3 pkts/849 bytes <-> 6 pkts/6252 bytes][Goodput ratio: 76/94][0.57 sec][Hostname/SNI: pluralsight.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][bytes ratio: -0.761 (Download)][IAT c2s/s2c min/avg/max/stddev: 188/0 191/76 194/194 3/93][Pkt Len c2s/s2c min/avg/max/stddev: 74/74 283/1042 583/1514 218/605][nDPI Fingerprint: f405dac8aa2f0b5ee1d6f28bd6582412][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.2][JA4: t13d1516h2_8daaf6152771_e5627efa2ab1][ServerNames: *.pluralsight.com,pluralsight.com][JA3S: 8d2a028aa94425f76ced7826b1f39039][Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http://certs.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2][Subject: OU=Domain Control Validated, CN=*.pluralsight.com][Certificate SHA-1: 31:0B:3D:03:7A:6A:F8:86:8F:CE:62:30:E9:A2:F1:47:E5:6C:3D:F7][Chrome][Validity: 2020-05-02 16:02:08 - 2022-07-01 23:42:28][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,0,14,0,0,0,0,14,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,42,0,0]
+ 1 TCP 192.168.1.128:42642 <-> 54.69.188.18:443 [proto: 91.61/TLS.Pluralsight][Stack: TLS.Pluralsight][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 7][cat: Streaming/17][Breed: Fun][3 pkts/849 bytes <-> 6 pkts/6252 bytes][Goodput ratio: 76/94][0.57 sec][Hostname/SNI: pluralsight.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][bytes ratio: -0.761 (Download)][IAT c2s/s2c min/avg/max/stddev: 188/0 191/76 194/194 3/93][Pkt Len c2s/s2c min/avg/max/stddev: 74/74 283/1042 583/1514 218/605][nDPI Fingerprint: f405dac8aa2f0b5ee1d6f28bd6582412][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.2][JA4: t13d1516h2_8daaf6152771_e5627efa2ab1][ServerNames: *.pluralsight.com,pluralsight.com][JA3S: 8d2a028aa94425f76ced7826b1f39039][Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http://certs.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2][Subject: OU=Domain Control Validated, CN=*.pluralsight.com][Certificate SHA-1: 31:0B:3D:03:7A:6A:F8:86:8F:CE:62:30:E9:A2:F1:47:E5:6C:3D:F7][Chrome][Validity: 2020-05-02 16:02:08 - 2022-07-01 23:42:28][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,0,14,0,0,0,0,14,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,42,0,0]
2 TCP 192.168.1.128:42782 <-> 146.75.62.208:443 [proto: 91.61/TLS.Pluralsight][Stack: TLS.Pluralsight][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Streaming/17][Breed: Fun][3 pkts/816 bytes <-> 6 pkts/5407 bytes][Goodput ratio: 75/93][0.05 sec][Hostname/SNI: pluralsight2.imgix.net][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][bytes ratio: -0.738 (Download)][IAT c2s/s2c min/avg/max/stddev: 15/0 17/7 19/19 2/9][Pkt Len c2s/s2c min/avg/max/stddev: 74/74 272/901 583/1406 223/547][nDPI Fingerprint: f405dac8aa2f0b5ee1d6f28bd6582412][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.2][JA4: t13d1516h2_8daaf6152771_e5627efa2ab1][ServerNames: *.imgix.com,*.imgix.net,imgix.com,imgix.net][JA3S: 16c0b3e6a7b8173c16d944cfeaeee9cf][Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Atlas R3 DV TLS CA 2020][Subject: CN=*.imgix.com][Certificate SHA-1: C6:A8:D1:F3:16:08:C6:7F:9F:58:B9:3B:87:A6:A1:75:BC:67:F8:8D][Chrome][Validity: 2021-05-10 23:09:57 - 2022-06-11 23:09:56][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,14,0,0,0,0,0,14,0,0,0,0,0,0,0,14,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,42,0,0,0,0,0,0]
3 TCP 192.168.1.128:42790 <-> 146.75.62.208:443 [proto: 91.61/TLS.Pluralsight][Stack: TLS.Pluralsight][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Streaming/17][Breed: Fun][3 pkts/816 bytes <-> 6 pkts/5407 bytes][Goodput ratio: 75/93][0.06 sec][Hostname/SNI: pluralsight.imgix.net][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][bytes ratio: -0.738 (Download)][IAT c2s/s2c min/avg/max/stddev: 18/0 23/8 28/22 5/10][Pkt Len c2s/s2c min/avg/max/stddev: 74/74 272/901 583/1406 223/547][nDPI Fingerprint: f405dac8aa2f0b5ee1d6f28bd6582412][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.2][JA4: t13d1516h2_8daaf6152771_e5627efa2ab1][ServerNames: *.imgix.com,*.imgix.net,imgix.com,imgix.net][JA3S: 16c0b3e6a7b8173c16d944cfeaeee9cf][Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Atlas R3 DV TLS CA 2020][Subject: CN=*.imgix.com][Certificate SHA-1: C6:A8:D1:F3:16:08:C6:7F:9F:58:B9:3B:87:A6:A1:75:BC:67:F8:8D][Chrome][Validity: 2021-05-10 23:09:57 - 2022-06-11 23:09:56][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,14,0,0,0,0,0,14,0,0,0,0,0,0,0,14,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,42,0,0,0,0,0,0]
- 4 TCP 192.168.1.128:42618 <-> 18.203.201.56:443 [proto: 91.61/TLS.Pluralsight][Stack: TLS.Pluralsight][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 6][cat: Streaming/17][Breed: Fun][3 pkts/849 bytes <-> 6 pkts/4806 bytes][Goodput ratio: 76/92][0.13 sec][Hostname/SNI: stt.pluralsight.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][bytes ratio: -0.700 (Download)][IAT c2s/s2c min/avg/max/stddev: 41/0 44/17 46/45 2/20][Pkt Len c2s/s2c min/avg/max/stddev: 74/73 283/801 583/1514 218/713][nDPI Fingerprint: f405dac8aa2f0b5ee1d6f28bd6582412][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.2][JA4: t13d1516h2_8daaf6152771_e5627efa2ab1][ServerNames: stt.pluralsight.com][JA3S: c4b2785a87896e19d37eee932070cb22][Issuer: C=US, O=DigiCert Inc, CN=DigiCert TLS RSA SHA256 2020 CA1][Subject: C=US, ST=California, L=San Jose, O=Adobe Systems Incorporated, CN=stt.pluralsight.com][Certificate SHA-1: C5:A3:DE:6D:71:B1:15:77:EC:86:38:E6:30:1C:F5:AC:18:9D:BE:82][Chrome][Validity: 2021-10-01 00:00:00 - 2022-10-01 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 14,14,0,14,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,42,0,0]
+ 4 TCP 192.168.1.128:42618 <-> 18.203.201.56:443 [proto: 91.61/TLS.Pluralsight][Stack: TLS.Pluralsight][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 6][cat: Streaming/17][Breed: Fun][3 pkts/849 bytes <-> 6 pkts/4806 bytes][Goodput ratio: 76/92][0.13 sec][Hostname/SNI: stt.pluralsight.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][bytes ratio: -0.700 (Download)][IAT c2s/s2c min/avg/max/stddev: 41/0 44/17 46/45 2/20][Pkt Len c2s/s2c min/avg/max/stddev: 74/73 283/801 583/1514 218/713][nDPI Fingerprint: f405dac8aa2f0b5ee1d6f28bd6582412][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.2][JA4: t13d1516h2_8daaf6152771_e5627efa2ab1][ServerNames: stt.pluralsight.com][JA3S: c4b2785a87896e19d37eee932070cb22][Issuer: C=US, O=DigiCert Inc, CN=DigiCert TLS RSA SHA256 2020 CA1][Subject: C=US, ST=California, L=San Jose, O=Adobe Systems Incorporated, CN=stt.pluralsight.com][Certificate SHA-1: C5:A3:DE:6D:71:B1:15:77:EC:86:38:E6:30:1C:F5:AC:18:9D:BE:82][Chrome][Validity: 2021-10-01 00:00:00 - 2022-10-01 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 14,14,0,14,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,42,0,0]
5 TCP 192.168.1.128:44770 <-> 104.17.209.240:443 [proto: 91.61/TLS.Pluralsight][Stack: TLS.Pluralsight][IP: 220/Cloudflare][Encrypted][Confidence: DPI][FPC: 220/Cloudflare, Confidence: IP address][DPI packets: 4][cat: Streaming/17][Breed: Fun][2 pkts/645 bytes <-> 2 pkts/1580 bytes][Goodput ratio: 80/92][0.04 sec][Hostname/SNI: zn6qzq6caaucudesr-pluralsight.siteintercept.qualtrics.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][nDPI Fingerprint: f405dac8aa2f0b5ee1d6f28bd6582412][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1516h2_8daaf6152771_e5627efa2ab1][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Chrome][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0]
6 TCP 192.168.1.128:48948 <-> 104.19.162.127:443 [proto: 91.61/TLS.Pluralsight][Stack: TLS.Pluralsight][IP: 220/Cloudflare][Encrypted][Confidence: DPI][FPC: 220/Cloudflare, Confidence: IP address][DPI packets: 4][cat: Streaming/17][Breed: Fun][2 pkts/645 bytes <-> 2 pkts/1580 bytes][Goodput ratio: 80/92][0.05 sec][Hostname/SNI: www.pluralsight.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][nDPI Fingerprint: f405dac8aa2f0b5ee1d6f28bd6582412][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1516h2_8daaf6152771_e5627efa2ab1][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Chrome][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0]
diff --git a/tests/cfgs/enable_payload_stat/result/1kxun.pcap.out b/tests/cfgs/enable_payload_stat/result/1kxun.pcap.out
index 78a25be99..b54e0936c 100644
--- a/tests/cfgs/enable_payload_stat/result/1kxun.pcap.out
+++ b/tests/cfgs/enable_payload_stat/result/1kxun.pcap.out
@@ -106,13 +106,13 @@ JA Host Stats:
6 TCP 192.168.2.126:46212 <-> 172.105.121.82:80 [flowId: 143][proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][2 pkts/555 bytes <-> 12 pkts/124834 bytes][Goodput ratio: 76/99][1.58 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.991 (Download)][IAT c2s/s2c min/avg/max/stddev: 871/0 871/122 871/373 0/155][Pkt Len c2s/s2c min/avg/max/stddev: 277/386 278/10403 278/37506 0/10887][URL: pic.1kxun.com/video_kankan/images/releases/300/5183-51fb99a2391e774037ba21cbca307be4.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,14,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,57]
7 TCP 192.168.2.126:38316 <-> 172.105.121.82:80 [flowId: 170][proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/273 bytes <-> 23 pkts/118294 bytes][Goodput ratio: 76/99][1.43 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.995 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/46 0/393 0/113][Pkt Len c2s/s2c min/avg/max/stddev: 273/388 273/5143 273/24546 0/5526][URL: pic.1kxun.com/video_kankan/images/videos/40701-8fa7d916c55e31f90fa55f450b716505.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,4,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,20,0,67]
8 TCP 192.168.2.126:49380 <-> 14.136.136.108:80 [flowId: 159][proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 9][cat: Streaming/17][Breed: Fun][2 pkts/1172 bytes <-> 30 pkts/99876 bytes][Goodput ratio: 89/98][1.31 sec][Hostname/SNI: hkbn.content.1kxun.com][bytes ratio: -0.977 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/32 0/209 0/74][Pkt Len c2s/s2c min/avg/max/stddev: 580/351 586/3329 592/18786 6/3784][URL: hkbn.content.1kxun.com/manga-hant/images/project/cartoons/f05074256b39572ad852c1c95eb5f8a7.jpg][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (LGET /manga)][Plen Bins: 0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,53,0,34]
- 9 TCP 192.168.2.126:36636 <-> 18.64.103.30:80 [flowId: 183][proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 9][cat: Web/5][Breed: Acceptable][1 pkts/411 bytes <-> 29 pkts/98991 bytes][Goodput ratio: 84/98][0.08 sec][Hostname/SNI: hybird.rayjump.com][bytes ratio: -0.992 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/2 0/20 0/4][Pkt Len c2s/s2c min/avg/max/stddev: 411/1467 411/3413 411/5778 0/1722][URL: hybird.rayjump.com/rv-zip-2022/0428/tpl4-4209ad845e61d9ad67b6f04187d00be0.zip?md5filename=4209ad845e61d9ad67b6f04187d00be0&foldername=tpl4&layout=1&tpl=4&wfr=1&to=9999&alecfc=1&whs_chn=m][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /rv)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,30,0,0,63]
- 10 TCP 192.168.2.126:36654 <-> 18.64.103.30:80 [flowId: 185][proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 9][cat: Web/5][Breed: Acceptable][1 pkts/363 bytes <-> 25 pkts/90800 bytes][Goodput ratio: 82/98][0.10 sec][Hostname/SNI: hybird.rayjump.com][bytes ratio: -0.992 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/3 0/18 0/5][Pkt Len c2s/s2c min/avg/max/stddev: 363/1494 363/3632 363/4350 0/1035][URL: hybird.rayjump.com/rv-zip-2019/1113/mini-260291c208bf3376b5111db855e89451.zip?md5filename=260291c208bf3376b5111db855e89451&foldername=mini][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /rv)][Plen Bins: 0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,85]
+ 9 TCP 192.168.2.126:36636 <-> 18.64.103.30:80 [flowId: 183][proto: 7/HTTP][Stack: HTTP][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 9][cat: Web/5][Breed: Acceptable][1 pkts/411 bytes <-> 29 pkts/98991 bytes][Goodput ratio: 84/98][0.08 sec][Hostname/SNI: hybird.rayjump.com][bytes ratio: -0.992 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/2 0/20 0/4][Pkt Len c2s/s2c min/avg/max/stddev: 411/1467 411/3413 411/5778 0/1722][URL: hybird.rayjump.com/rv-zip-2022/0428/tpl4-4209ad845e61d9ad67b6f04187d00be0.zip?md5filename=4209ad845e61d9ad67b6f04187d00be0&foldername=tpl4&layout=1&tpl=4&wfr=1&to=9999&alecfc=1&whs_chn=m][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /rv)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,30,0,0,63]
+ 10 TCP 192.168.2.126:36654 <-> 18.64.103.30:80 [flowId: 185][proto: 7/HTTP][Stack: HTTP][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 9][cat: Web/5][Breed: Acceptable][1 pkts/363 bytes <-> 25 pkts/90800 bytes][Goodput ratio: 82/98][0.10 sec][Hostname/SNI: hybird.rayjump.com][bytes ratio: -0.992 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/3 0/18 0/5][Pkt Len c2s/s2c min/avg/max/stddev: 363/1494 363/3632 363/4350 0/1035][URL: hybird.rayjump.com/rv-zip-2019/1113/mini-260291c208bf3376b5111db855e89451.zip?md5filename=260291c208bf3376b5111db855e89451&foldername=mini][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /rv)][Plen Bins: 0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,85]
11 TCP 192.168.2.126:45416 <-> 161.117.13.29:80 [flowId: 149][proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][8 pkts/7202 bytes <-> 24 pkts/83277 bytes][Goodput ratio: 93/98][16.31 sec][Hostname/SNI: mangaweb.1kxun.mobi][bytes ratio: -0.841 (Download)][IAT c2s/s2c min/avg/max/stddev: 186/0 2919/772 6045/5959 2744/1789][Pkt Len c2s/s2c min/avg/max/stddev: 500/709 900/3470 1180/14466 215/3207][URL: mangaweb.1kxun.mobi/js/vendor.bundle.js?1644807874][StatusCode: 200][Content-Type: application/javascript][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /js/vendor.bundle.j)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,3,0,0,12,0,0,0,0,0,0,0,3,3,3,6,0,0,0,0,0,0,0,3,0,0,21,0,41]
12 TCP 192.168.2.126:38326 <-> 172.105.121.82:80 [flowId: 168][proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/273 bytes <-> 21 pkts/89010 bytes][Goodput ratio: 76/98][1.25 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.994 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/50 0/412 0/118][Pkt Len c2s/s2c min/avg/max/stddev: 273/387 273/4239 273/12489 0/2950][URL: pic.1kxun.com/video_kankan/images/videos/40730-48fd657abd5a1d3e45d03403ddcb0663.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,4,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,18,0,73]
13 TCP 192.168.2.126:46200 <-> 172.105.121.82:80 [flowId: 142][proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][2 pkts/556 bytes <-> 18 pkts/82689 bytes][Goodput ratio: 76/99][1.24 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.987 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/56 0/375 0/119][Pkt Len c2s/s2c min/avg/max/stddev: 278/386 278/4594 278/21666 0/5421][URL: pic.1kxun.com/video_kankan/images/releases/301/5027-d707192bfa2dabf22771a4d56454ab88.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,10,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,35,0,45]
14 TCP 192.168.2.126:46184 <-> 172.105.121.82:80 [flowId: 140][proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][3 pkts/829 bytes <-> 13 pkts/73655 bytes][Goodput ratio: 76/99][1.27 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.978 (Download)][IAT c2s/s2c min/avg/max/stddev: 392/0 392/81 392/368 0/134][Pkt Len c2s/s2c min/avg/max/stddev: 273/386 276/5666 278/23106 2/7129][URL: pic.1kxun.com/video_kankan/images/releases/299/4704-5017bcdcacc02cc3af4833cd1ed72a8f.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,18,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,25,0,37]
- 15 TCP 192.168.2.126:36640 <-> 18.64.103.30:80 [flowId: 184][proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 9][cat: Web/5][Breed: Acceptable][1 pkts/563 bytes <-> 20 pkts/65580 bytes][Goodput ratio: 88/98][0.06 sec][Hostname/SNI: hybird.rayjump.com][bytes ratio: -0.983 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/1 0/3 0/1][Pkt Len c2s/s2c min/avg/max/stddev: 563/1494 563/3279 563/5778 0/1489][URL: hybird.rayjump.com/rv-zip-2022/0428/endcard-dsp-1302-f2714a34f6661a70fedea1667fb7a9e4.zip?md5filename=f2714a34f6661a70fedea1667fb7a9e4&foldername=endcard-dsp-1302&mof=1&mof_uid=91199&n_imp=1&mof_pkg=com.sceneway.kankan&n_region=fk&alecfc=1&bait_click=1&mo][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /rv)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,62]
+ 15 TCP 192.168.2.126:36640 <-> 18.64.103.30:80 [flowId: 184][proto: 7/HTTP][Stack: HTTP][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 9][cat: Web/5][Breed: Acceptable][1 pkts/563 bytes <-> 20 pkts/65580 bytes][Goodput ratio: 88/98][0.06 sec][Hostname/SNI: hybird.rayjump.com][bytes ratio: -0.983 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/1 0/3 0/1][Pkt Len c2s/s2c min/avg/max/stddev: 563/1494 563/3279 563/5778 0/1489][URL: hybird.rayjump.com/rv-zip-2022/0428/endcard-dsp-1302-f2714a34f6661a70fedea1667fb7a9e4.zip?md5filename=f2714a34f6661a70fedea1667fb7a9e4&foldername=endcard-dsp-1302&mof=1&mof_uid=91199&n_imp=1&mof_pkg=com.sceneway.kankan&n_region=fk&alecfc=1&bait_click=1&mo][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /rv)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,62]
16 TCP 192.168.115.8:49600 <-> 106.187.35.246:80 [flowId: 27][proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 295/1kxun, Confidence: DNS][DPI packets: 9][cat: Streaming/17][Breed: Fun][18 pkts/1722 bytes <-> 51 pkts/61707 bytes][Goodput ratio: 42/95][45.37 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.946 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3472/1029 44994/45054 11986/6714][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 96/1210 416/1314 113/325][URL: pic.1kxun.com/video_kankan/images/videos/18283-jfyj3.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.9.7.1][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /video)][Plen Bins: 3,0,0,0,0,0,0,0,0,1,0,3,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,91,0,0,0,0,0,0,0,0]
17 TCP 192.168.2.126:45398 <-> 161.117.13.29:80 [flowId: 147][proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][3 pkts/2127 bytes <-> 18 pkts/58725 bytes][Goodput ratio: 91/98][4.35 sec][Hostname/SNI: mangaweb.1kxun.mobi][bytes ratio: -0.930 (Download)][IAT c2s/s2c min/avg/max/stddev: 229/0 229/262 229/3434 0/852][Pkt Len c2s/s2c min/avg/max/stddev: 490/551 709/3262 821/7266 155/2191][URL: mangaweb.1kxun.mobi/js/dependency-all.js][StatusCode: 200][Content-Type: application/javascript][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /js/dependency)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,4,0,0,0,0,0,0,0,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,39,0,43]
18 TCP 192.168.2.126:49354 <-> 14.136.136.108:80 [flowId: 156][proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][2 pkts/1184 bytes <-> 19 pkts/53234 bytes][Goodput ratio: 89/98][1.04 sec][Hostname/SNI: hkbn.content.1kxun.com][bytes ratio: -0.956 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/26 0/204 0/67][Pkt Len c2s/s2c min/avg/max/stddev: 592/351 592/2802 592/8706 0/2084][URL: hkbn.content.1kxun.com/manga-hant/images/project/cartoons/7e07d4417e0edc98d327d0ddfd3e227a.jpg?format=webp][StatusCode: 200][Content-Type: image/webp][Server: openresty/1.9.7.4][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (/GET /manga)][Plen Bins: 0,0,0,0,0,0,0,0,9,0,0,0,0,0,0,0,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,38,0,42]
@@ -123,12 +123,12 @@ JA Host Stats:
23 TCP 192.168.115.8:49599 <-> 106.187.35.246:80 [flowId: 26][proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 295/1kxun, Confidence: DNS][DPI packets: 9][cat: Streaming/17][Breed: Fun][16 pkts/1612 bytes <-> 27 pkts/29579 bytes][Goodput ratio: 45/95][45.24 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.897 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 12/6 66/65 23/18][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 101/1096 415/1314 119/461][URL: pic.1kxun.com/video_kankan/images/videos/13480-alps.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.9.7.1][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /video)][Plen Bins: 7,3,0,0,0,0,0,0,0,3,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,79,0,0,0,0,0,0,0,0]
24 TCP 192.168.2.126:44368 <-> 172.217.18.98:80 [flowId: 162][proto: 7.239/HTTP.GoogleServices][Stack: HTTP.GoogleServices][IP: 126/Google][ClearText][Confidence: DPI][FPC: 7.239/HTTP.GoogleServices, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/489 bytes <-> 16 pkts/29841 bytes][Goodput ratio: 86/96][0.06 sec][Hostname/SNI: www.googletagservices.com][bytes ratio: -0.968 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/2 0/22 0/6][Pkt Len c2s/s2c min/avg/max/stddev: 489/491 489/1865 489/2902 0/738][URL: www.googletagservices.com/tag/js/gpt.js][StatusCode: 200][Content-Type: text/javascript][Server: sffe][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /tag/js/gpt.j)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,59,0,0,29]
25 TCP 192.168.2.126:38354 <-> 142.250.186.34:80 [flowId: 154][proto: 7.126/HTTP.Google][Stack: HTTP.Google][IP: 126/Google][ClearText][Confidence: DPI][FPC: 7.126/HTTP.Google, Confidence: DPI][DPI packets: 9][cat: Advertisement/101][Breed: Tracker_Ads][1 pkts/586 bytes <-> 12 pkts/28355 bytes][Goodput ratio: 89/97][0.08 sec][Hostname/SNI: pagead2.googlesyndication.com][bytes ratio: -0.960 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/3 0/23 0/7][Pkt Len c2s/s2c min/avg/max/stddev: 586/687 586/2363 586/2902 0/788][URL: pagead2.googlesyndication.com/pagead/show_ads.js][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /pagead/show)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,23,0,0,62]
- 26 TCP 192.168.2.126:35664 <-> 18.66.2.90:80 [flowId: 181][proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/249 bytes <-> 9 pkts/27029 bytes][Goodput ratio: 73/98][0.02 sec][Hostname/SNI: cdn.liftoff.io][bytes ratio: -0.982 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/1 0/3 0/1][Pkt Len c2s/s2c min/avg/max/stddev: 249/797 249/3003 249/4350 0/1362][URL: cdn.liftoff.io/customers/45d4b09eba/image/lambda_jpg_89/398101234e6cf5b3a8d8.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: AmazonS3][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /customers/45)][Plen Bins: 0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,60]
+ 26 TCP 192.168.2.126:35664 <-> 18.66.2.90:80 [flowId: 181][proto: 7/HTTP][Stack: HTTP][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/249 bytes <-> 9 pkts/27029 bytes][Goodput ratio: 73/98][0.02 sec][Hostname/SNI: cdn.liftoff.io][bytes ratio: -0.982 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/1 0/3 0/1][Pkt Len c2s/s2c min/avg/max/stddev: 249/797 249/3003 249/4350 0/1362][URL: cdn.liftoff.io/customers/45d4b09eba/image/lambda_jpg_89/398101234e6cf5b3a8d8.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: AmazonS3][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /customers/45)][Plen Bins: 0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,60]
27 TCP 192.168.115.8:49603 <-> 106.187.35.246:80 [flowId: 30][proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 295/1kxun, Confidence: DNS][DPI packets: 9][cat: Streaming/17][Breed: Fun][12 pkts/1396 bytes <-> 22 pkts/24184 bytes][Goodput ratio: 52/95][45.24 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.891 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 5632/4 45001/65 14880/15][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 116/1099 415/1314 134/455][URL: pic.1kxun.com/video_kankan/images/videos/16649-ljdz.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.9.7.1][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /video)][Plen Bins: 8,0,0,0,0,0,0,0,0,4,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,75,0,0,0,0,0,0,0,0]
28 TCP 192.168.2.126:36732 <-> 142.250.186.174:80 [flowId: 155][proto: 7.126/HTTP.Google][Stack: HTTP.Google][IP: 126/Google][ClearText][Confidence: DPI][FPC: 7.126/HTTP.Google, Confidence: DPI][DPI packets: 2][cat: Advertisement/101][Breed: Tracker_Ads][1 pkts/487 bytes <-> 10 pkts/21123 bytes][Goodput ratio: 86/97][0.05 sec][Hostname/SNI: www.google-analytics.com][bytes ratio: -0.955 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/3 0/21 0/7][Pkt Len c2s/s2c min/avg/max/stddev: 487/677 487/2112 487/2902 0/822][URL: www.google-analytics.com/analytics.js][StatusCode: 200][Content-Type: text/javascript][Server: Golfe2][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /analytics.js HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,9,0,0,0,0,0,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,36,0,0,45]
29 TCP 192.168.2.126:45388 <-> 161.117.13.29:80 [flowId: 146][proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][2 pkts/1315 bytes <-> 8 pkts/18984 bytes][Goodput ratio: 90/97][4.33 sec][Hostname/SNI: mangaweb.1kxun.mobi][bytes ratio: -0.870 (Download)][IAT c2s/s2c min/avg/max/stddev: 3965/0 3965/593 3965/3966 0/1379][Pkt Len c2s/s2c min/avg/max/stddev: 509/1287 658/2373 806/8258 148/2234][URL: mangaweb.1kxun.mobi/js/swiper/swiper.min.css][StatusCode: 200][Content-Type: text/css][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /js/swiper/swiper.min.css H)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,10,0,0,0,0,40,0,20]
30 TCP 192.168.115.8:49609 <-> 42.120.51.152:8080 [flowId: 40][proto: 7/HTTP][Stack: HTTP][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 274/Alibaba, Confidence: IP address][DPI packets: 9][cat: Web/5][Breed: Acceptable][20 pkts/4716 bytes <-> 13 pkts/7005 bytes][Goodput ratio: 77/90][1.19 sec][Hostname/SNI: 42.120.51.152][bytes ratio: -0.195 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 49/52 298/178 81/57][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 236/539 499/1314 193/556][URL: 42.120.51.152:8080/api/proxy?url=http%3A%2F%2Fvv.video.qq.com%2Fgetvinfo][StatusCode: 100][Req Content-Type: application/x-www-form-urlencoded][User-Agent: Mozilla/5.0][Risk: ** Known Proto on Non Std Port **** HTTP/TLS/QUIC Numeric Hostname/SNI **][Risk Score: 60][Risk Info: Found host 42.120.51.152 / Expected on port 80][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (POST /api/proxy)][Plen Bins: 11,0,0,0,0,0,0,22,0,0,0,0,0,33,0,5,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,22,0,0,0,0,0,0,0,0]
- 31 TCP 192.168.2.126:37100 <-> 52.29.177.177:80 [flowId: 187][proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 4][cat: Web/5][Breed: Acceptable][12 pkts/8973 bytes <-> 4 pkts/687 bytes][Goodput ratio: 91/61][7.04 sec][Hostname/SNI: adx-tk.rayjump.com][bytes ratio: 0.858 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/185 697/1192 4610/2198 1454/1006][Pkt Len c2s/s2c min/avg/max/stddev: 86/169 748/172 1506/180 594/5][StatusCode: 204][Server: nginx][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /track)][Plen Bins: 25,0,0,25,0,0,0,0,0,0,0,0,0,0,12,6,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0]
+ 31 TCP 192.168.2.126:37100 <-> 52.29.177.177:80 [flowId: 187][proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 4][cat: Web/5][Breed: Acceptable][12 pkts/8973 bytes <-> 4 pkts/687 bytes][Goodput ratio: 91/61][7.04 sec][Hostname/SNI: adx-tk.rayjump.com][bytes ratio: 0.858 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/185 697/1192 4610/2198 1454/1006][Pkt Len c2s/s2c min/avg/max/stddev: 86/169 748/172 1506/180 594/5][StatusCode: 204][Server: nginx][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /track)][Plen Bins: 25,0,0,25,0,0,0,0,0,0,0,0,0,0,12,6,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0]
32 TCP 192.168.5.16:53627 <-> 203.69.81.73:80 [flowId: 108][proto: 7.315/HTTP.Line][Stack: HTTP.Line][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 315/Line, Confidence: DNS][DPI packets: 6][cat: Chat/9][Breed: Acceptable][6 pkts/676 bytes <-> 8 pkts/8822 bytes][Goodput ratio: 40/94][0.02 sec][Hostname/SNI: dl-obs.official.line.naver.jp][bytes ratio: -0.858 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 4/2 10/8 4/3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 113/1103 334/1514 99/610][URL: dl-obs.official.line.naver.jp/r/talk/m/4697716954688/preview][StatusCode: 200][Content-Type: image/jpeg][User-Agent: DESKTOP:MAC:10.10.5-YOSEMITE(4.7.2)][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (FGET /r/talk/m/4697716954688/pr)][Plen Bins: 0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,71,0,0]
33 TCP 192.168.5.16:53628 <-> 203.69.81.73:80 [flowId: 109][proto: 7.315/HTTP.Line][Stack: HTTP.Line][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 315/Line, Confidence: DNS][DPI packets: 6][cat: Chat/9][Breed: Acceptable][6 pkts/676 bytes <-> 8 pkts/8482 bytes][Goodput ratio: 40/94][0.01 sec][Hostname/SNI: dl-obs.official.line.naver.jp][bytes ratio: -0.852 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3/2 10/6 4/2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 113/1060 334/1514 99/620][URL: dl-obs.official.line.naver.jp/r/talk/m/4697716971500/preview][StatusCode: 200][Content-Type: image/jpeg][User-Agent: DESKTOP:MAC:10.10.5-YOSEMITE(4.7.2)][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GGET /r/talk/m/4697716971500/pr)][Plen Bins: 0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,71,0,0]
34 UDP [fe80::9bd:81dd:2fdc:5750]:1900 -> [ff02::c]:1900 [flowId: 83][proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][16 pkts/8921 bytes -> 0 pkts/0 bytes][Goodput ratio: 89/0][8.40 sec][Hostname/SNI: [ff02::c]][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 103/0 512/0 2044/0 527/0][Pkt Len c2s/s2c min/avg/max/stddev: 510/0 558/0 590/0 30/0][PLAIN TEXT (NOTIFY )][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,31,12,56,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -140,23 +140,23 @@ JA Host Stats:
40 TCP 192.168.2.126:38314 <-> 172.105.121.82:80 [flowId: 169][proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/273 bytes <-> 4 pkts/6346 bytes][Goodput ratio: 76/96][0.33 sec][Hostname/SNI: pic.1kxun.com][URL: pic.1kxun.com/video_kankan/images/videos/40750-585645353a7a47615755b7714c611835.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,20,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,40,0,20]
41 TCP 192.168.2.126:45414 <-> 161.117.13.29:80 [flowId: 148][proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][3 pkts/2118 bytes <-> 3 pkts/3518 bytes][Goodput ratio: 91/94][4.32 sec][Hostname/SNI: mangaweb.1kxun.mobi][bytes ratio: -0.248 (Download)][IAT c2s/s2c min/avg/max/stddev: 215/216 2066/2066 3917/3916 1851/1850][Pkt Len c2s/s2c min/avg/max/stddev: 482/758 706/1173 819/1456 158/300][URL: mangaweb.1kxun.mobi/js/fb-sdk.js][StatusCode: 200][Content-Type: application/javascript][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /js/fb)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,16,0,34,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,16,0,0,0,0]
42 TCP 192.168.2.126:47246 <-> 161.117.13.29:80 [flowId: 134][proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][2 pkts/1872 bytes <-> 2 pkts/3374 bytes][Goodput ratio: 93/96][1.30 sec][Hostname/SNI: kankan.1kxun.com][URL: kankan.1kxun.com/video_kankan_tags/v2/api/homePageVideoCollections/HomePageBanners?_brand=Google&_model=sdk_gphone_x86&_ov=Android11&_cpu=i686&_resolution=1080%2C1794&_package=com.sceneway.kankan&_v=2.8.2.1&_channel=1kxun&_carrier=310260&_android_id=b9e28][StatusCode: 200][Content-Type: application/json][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25]
- 43 TCP 192.168.2.126:36660 <-> 18.64.103.30:80 [flowId: 186][proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 4][cat: Web/5][Breed: Acceptable][1 pkts/328 bytes <-> 3 pkts/4733 bytes][Goodput ratio: 80/96][0.03 sec][Hostname/SNI: hybird.rayjump.com][URL: hybird.rayjump.com/rv/endv4.html?mof=1&ec_id=4&mof_uid=91199&n_imp=1&unit_id=8881&sdk_version=mal_8.7.4][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /rv/endv4.html)][Plen Bins: 0,0,0,0,0,0,0,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,25]
+ 43 TCP 192.168.2.126:36660 <-> 18.64.103.30:80 [flowId: 186][proto: 7/HTTP][Stack: HTTP][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 4][cat: Web/5][Breed: Acceptable][1 pkts/328 bytes <-> 3 pkts/4733 bytes][Goodput ratio: 80/96][0.03 sec][Hostname/SNI: hybird.rayjump.com][URL: hybird.rayjump.com/rv/endv4.html?mof=1&ec_id=4&mof_uid=91199&n_imp=1&unit_id=8881&sdk_version=mal_8.7.4][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /rv/endv4.html)][Plen Bins: 0,0,0,0,0,0,0,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,25]
44 TCP 192.168.115.8:49608 <-> 203.205.151.234:80 [flowId: 39][proto: 7.48/HTTP.QQ][Stack: HTTP.QQ][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 48/QQ, Confidence: DNS][DPI packets: 9][cat: Chat/9][Breed: Fun][18 pkts/3550 bytes <-> 7 pkts/1400 bytes][Goodput ratio: 71/72][1.09 sec][Hostname/SNI: vv.video.qq.com][bytes ratio: 0.434 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 70/191 476/506 136/201][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 197/200 499/372 176/149][URL: vv.video.qq.com/getvinfo][StatusCode: 100][Req Content-Type: application/x-www-form-urlencoded][User-Agent: Mozilla/5.0][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (POST /getvinfo HTTP/1.1)][Plen Bins: 15,0,0,0,0,15,15,0,0,23,0,0,0,30,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
45 UDP 192.168.119.1:67 -> 255.255.255.255:68 [flowId: 3][proto: 18/DHCP][Stack: DHCP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 18/DHCP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][14 pkts/4788 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][43.01 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 412/0 3106/0 12289/0 3176/0][Pkt Len c2s/s2c min/avg/max/stddev: 342/0 342/0 342/0 0/0][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
46 TCP 192.168.5.16:53580 <-> 31.13.87.36:443 [flowId: 105][proto: 91/TLS][Stack: TLS][IP: 119/Facebook][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 4][cat: Web/5][Breed: Safe][4 pkts/2050 bytes <-> 5 pkts/2297 bytes][Goodput ratio: 87/86][0.18 sec][bytes ratio: -0.057 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 4/0 60/44 176/133 82/54][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 512/459 1159/1464 468/536][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][Plen Bins: 0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,20,0,0,0,0]
47 TCP 192.168.115.8:49613 <-> 183.131.48.144:80 [flowId: 48][proto: 7/HTTP][Stack: HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 9][cat: Media/1][Breed: Acceptable][7 pkts/1408 bytes <-> 5 pkts/2611 bytes][Goodput ratio: 71/89][0.15 sec][Hostname/SNI: 183.131.48.144][bytes ratio: -0.299 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 14/25 69/67 28/30][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 201/522 557/1078 225/465][URL: 183.131.48.144/vlive.qqvideo.tc.qq.com/u0020mkrnds.p1203.1.mp4?vkey=7AB139BF6B32F53747E8FF192E6FE557B3A3D644C034E34BF6EAEB4E0774F2A92EF3AC5C007520BB925E5C8A18E6D302C2DAE0A295B26AA8FD1DC8069D47CE1B4A16A56870BD1ACA3E86ABE4C079659DB2182FC71217AB68CCD344CE656][StatusCode: 206][Content-Type: video/mp4][Risk: ** HTTP Susp User-Agent **** HTTP/TLS/QUIC Numeric Hostname/SNI **][Risk Score: 110][Risk Info: Found host 183.131.48.144 / Empty or missing User-Agent][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /vlive.qq)][Plen Bins: 0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,40,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,40,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
48 TCP 192.168.5.16:53623 <-> 192.168.115.75:443 [flowId: 44][proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][Breed: Safe][11 pkts/1959 bytes <-> 8 pkts/1683 bytes][Goodput ratio: 67/72][20.95 sec][Hostname/SNI: 192.168.115.75][bytes ratio: 0.076 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 2323/4176 15252/15254 4895/5951][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 178/210 1067/1055 288/323][Risk: ** Weak TLS Cipher **** HTTP/TLS/QUIC Numeric Hostname/SNI **** TLS (probably) Not Carrying HTTPS **][Risk Score: 120][Risk Info: No ALPN / 192.168.115.75 / Cipher TLS_RSA_WITH_AES_128_CBC_SHA][nDPI Fingerprint: aa7eafaa128c9b8a39bd010d912570a8][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12i370500_07a749158664_d075105c1994][JA3S: 573a9f3f80037fb40d481e2054def5bb][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 14,14,14,0,0,14,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
49 TCP 192.168.5.16:53625 <-> 192.168.115.75:443 [flowId: 86][proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][Breed: Safe][11 pkts/1955 bytes <-> 8 pkts/1683 bytes][Goodput ratio: 67/72][6.76 sec][Hostname/SNI: 192.168.115.75][bytes ratio: 0.075 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 746/1336 5987/5987 1865/2341][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 178/210 1067/1055 287/323][Risk: ** Weak TLS Cipher **** HTTP/TLS/QUIC Numeric Hostname/SNI **** TLS (probably) Not Carrying HTTPS **][Risk Score: 120][Risk Info: No ALPN / 192.168.115.75 / Cipher TLS_RSA_WITH_AES_128_CBC_SHA][nDPI Fingerprint: 50d11face9dc5e9cbfbd911e19a622a5][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12i370400_07a749158664_e64f6000bf4d][JA3S: 573a9f3f80037fb40d481e2054def5bb][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 14,14,14,0,0,14,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 50 TCP 192.168.2.126:42554 <-> 35.156.44.13:80 [flowId: 188][proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][4 pkts/3091 bytes <-> 2 pkts/444 bytes][Goodput ratio: 91/70][2.57 sec][Hostname/SNI: de01.rayjump.com][bytes ratio: 0.749 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2/2543 847/2543 2537/2543 1195/0][Pkt Len c2s/s2c min/avg/max/stddev: 86/222 773/222 1506/222 647/0][URL: de01.rayjump.com/onlyImpression?k=629bea20a4e5410001f01c7x&mp=fURPDr5tiUStf7V2fajMiaveHUveDAJ96aiPfU5IiARTfnHIGal9i%2BMefbMM6jxc6aRAGaxIi%2BMPfdMei%2BewDke6Go9bWUxIi099WUR%2Fi%2BegYFKgY75IhFx8%2BFJML7K%2FH5K9GaHIinhPfdleialM6azIHkPIG%2BeIGnR%2FiUjPWUNMWUR][StatusCode: 200][Content-Type: text/plain][Server: nginx][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (FGET /onlyImpression)][Plen Bins: 16,0,0,16,34,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,16,0,0]
+ 50 TCP 192.168.2.126:42554 <-> 35.156.44.13:80 [flowId: 188][proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][4 pkts/3091 bytes <-> 2 pkts/444 bytes][Goodput ratio: 91/70][2.57 sec][Hostname/SNI: de01.rayjump.com][bytes ratio: 0.749 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2/2543 847/2543 2537/2543 1195/0][Pkt Len c2s/s2c min/avg/max/stddev: 86/222 773/222 1506/222 647/0][URL: de01.rayjump.com/onlyImpression?k=629bea20a4e5410001f01c7x&mp=fURPDr5tiUStf7V2fajMiaveHUveDAJ96aiPfU5IiARTfnHIGal9i%2BMefbMM6jxc6aRAGaxIi%2BMPfdMei%2BewDke6Go9bWUxIi099WUR%2Fi%2BegYFKgY75IhFx8%2BFJML7K%2FH5K9GaHIinhPfdleialM6azIHkPIG%2BeIGnR%2FiUjPWUNMWUR][StatusCode: 200][Content-Type: text/plain][Server: nginx][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (FGET /onlyImpression)][Plen Bins: 16,0,0,16,34,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,16,0,0]
51 TCP 192.168.5.16:53629 <-> 192.168.115.75:443 [flowId: 116][proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][Breed: Safe][10 pkts/1895 bytes <-> 7 pkts/1623 bytes][Goodput ratio: 69/75][6.08 sec][Hostname/SNI: 192.168.115.75][bytes ratio: 0.077 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 753/1500 5998/5998 1982/2597][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 190/232 1067/1055 299/340][Risk: ** Weak TLS Cipher **** HTTP/TLS/QUIC Numeric Hostname/SNI **** TLS (probably) Not Carrying HTTPS **][Risk Score: 120][Risk Info: No ALPN / 192.168.115.75 / Cipher TLS_RSA_WITH_AES_128_CBC_SHA][nDPI Fingerprint: 50d11face9dc5e9cbfbd911e19a622a5][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12i370400_07a749158664_e64f6000bf4d][JA3S: 573a9f3f80037fb40d481e2054def5bb][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 14,14,14,0,0,14,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
52 TCP 192.168.115.8:49605 <-> 106.185.35.110:80 [flowId: 35][proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 295/1kxun, Confidence: DNS][DPI packets: 9][cat: Streaming/17][Breed: Fun][8 pkts/1128 bytes <-> 5 pkts/2282 bytes][Goodput ratio: 60/87][0.09 sec][Hostname/SNI: jp.kankan.1kxun.mobi][bytes ratio: -0.338 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 6/16 36/43 13/19][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 141/456 390/1314 144/512][URL: jp.kankan.1kxun.mobi/api/videos/10410.json][StatusCode: 200][Content-Type: application/json][Server: openresty/1.9.7.1][Risk: ** HTTP Susp User-Agent **][Risk Score: 100][Risk Info: Empty or missing User-Agent][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /api/videos/10410.j)][Plen Bins: 20,0,0,0,0,0,0,0,0,0,40,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0]
- 53 TCP 192.168.2.126:33042 <-> 3.122.190.70:80 [flowId: 194][proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][2 pkts/1986 bytes <-> 2 pkts/1328 bytes][Goodput ratio: 93/90][2.20 sec][Hostname/SNI: click.liftoff.io][URL: click.liftoff.io/v1/campaign_click/ddfWbX-c_ZpIF_3wE-XgJSwRJPn_5OpS9IR6X4XG91XQL6ssRLV4QPLSEQgWyRbP_OAHXGp-3z8zKxdRjL-BT6h7z46z4qmAWxR5DboEhr1DytY4W5gfQLUcV6yE3POR7PrQlrVbVtH-7uW1oie-jkR4naGHTVVHKv5kFXBJ9yTIX-JngaE2MMTER1HuBx9qTlyLhiZCtWSUSv4Ze5z4QuGqjWij][StatusCode: 200][Content-Type: image/png][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /v1/campaign)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 53 TCP 192.168.2.126:33042 <-> 3.122.190.70:80 [flowId: 194][proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][2 pkts/1986 bytes <-> 2 pkts/1328 bytes][Goodput ratio: 93/90][2.20 sec][Hostname/SNI: click.liftoff.io][URL: click.liftoff.io/v1/campaign_click/ddfWbX-c_ZpIF_3wE-XgJSwRJPn_5OpS9IR6X4XG91XQL6ssRLV4QPLSEQgWyRbP_OAHXGp-3z8zKxdRjL-BT6h7z46z4qmAWxR5DboEhr1DytY4W5gfQLUcV6yE3POR7PrQlrVbVtH-7uW1oie-jkR4naGHTVVHKv5kFXBJ9yTIX-JngaE2MMTER1HuBx9qTlyLhiZCtWSUSv4Ze5z4QuGqjWij][StatusCode: 200][Content-Type: image/png][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /v1/campaign)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
54 TCP 192.168.2.126:50176 <-> 161.117.13.29:80 [flowId: 167][proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/1185 bytes <-> 2 pkts/2082 bytes][Goodput ratio: 94/94][0.19 sec][Hostname/SNI: mangaweb.1kxun.mobi][URL: mangaweb.1kxun.mobi/images/list_default.png][StatusCode: 200][Content-Type: image/png][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /images/list)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,33,0,0]
55 TCP 192.168.5.16:53626 <-> 192.168.115.75:443 [flowId: 106][proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][Breed: Safe][11 pkts/1943 bytes <-> 8 pkts/1267 bytes][Goodput ratio: 66/63][8.90 sec][Hostname/SNI: 192.168.115.75][bytes ratio: 0.211 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 982/1763 6000/6000 1978/2381][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 177/158 1051/639 283/188][Risk: ** Weak TLS Cipher **** HTTP/TLS/QUIC Numeric Hostname/SNI **** TLS (probably) Not Carrying HTTPS **][Risk Score: 120][Risk Info: No ALPN / 192.168.115.75 / Cipher TLS_RSA_WITH_AES_128_CBC_SHA][nDPI Fingerprint: aa7eafaa128c9b8a39bd010d912570a8][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12i370500_07a749158664_d075105c1994][JA3S: 573a9f3f80037fb40d481e2054def5bb][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 14,14,14,0,0,14,14,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
56 TCP 192.168.115.8:49597 <-> 106.185.35.110:80 [flowId: 14][proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 295/1kxun, Confidence: DNS][DPI packets: 9][cat: Streaming/17][Breed: Fun][10 pkts/1394 bytes <-> 4 pkts/1464 bytes][Goodput ratio: 59/83][45.16 sec][Hostname/SNI: jp.kankan.1kxun.mobi][bytes ratio: -0.024 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/4 5639/28 44799/53 14801/24][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 139/366 468/1272 164/523][URL: jp.kankan.1kxun.mobi/api/videos/10410.json?callback=jQuery18306855657112319022_1470103242123&_=1470104377698][StatusCode: 200][Content-Type: application/x-javascript][Server: openresty/1.9.7.1][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /api/videos/10410.j)][Plen Bins: 40,0,0,0,0,0,0,0,0,0,0,0,40,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0]
57 TCP 192.168.2.126:35426 <-> 8.209.112.118:80 [flowId: 195][proto: 7/HTTP][Stack: HTTP][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 5][cat: Web/5][Breed: Acceptable][4 pkts/2668 bytes <-> 1 pkts/142 bytes][Goodput ratio: 92/62][0.02 sec][Hostname/SNI: analytics.rayjump.com][URL: analytics.rayjump.com/][StatusCode: 204][Req Content-Type: application/x-www-form-urlencoded][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (POST / HTTP/1.1)][Plen Bins: 20,0,20,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0]
- 58 TCP 192.168.2.126:41390 <-> 18.64.79.37:80 [flowId: 152][proto: 7.126/HTTP.Google][Stack: HTTP.Google][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7.126/HTTP.Google, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/492 bytes <-> 3 pkts/2123 bytes][Goodput ratio: 86/91][0.03 sec][Hostname/SNI: google.open-js.com][URL: google.open-js.com/doubleclick/ca0ecde2.js][StatusCode: 200][Content-Type: application/javascript][Server: AmazonS3][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (SGET /doubleclick/ca0)][Plen Bins: 0,25,0,0,0,0,0,0,0,0,0,0,0,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0]
- 59 TCP 192.168.2.126:56096 <-> 3.72.69.158:80 [flowId: 174][proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/857 bytes <-> 1 pkts/1706 bytes][Goodput ratio: 92/96][0.02 sec][Hostname/SNI: setting.rayjump.com][URL: setting.rayjump.com/setting?app_id=32456&sign=3c28ded04e0f4090229968618244b583&channel=&platform=1&os_version=11&package_name=com.sceneway.kankan&app_version_name=2.8.2.1&app_version_code=146&orientation=2&model=sdk_gphone_x86&brand=google&gaid=&mnc=&mcc=][StatusCode: 200][Content-Type: text/plain][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /setting)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
+ 58 TCP 192.168.2.126:41390 <-> 18.64.79.37:80 [flowId: 152][proto: 7.126/HTTP.Google][Stack: HTTP.Google][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7.126/HTTP.Google, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/492 bytes <-> 3 pkts/2123 bytes][Goodput ratio: 86/91][0.03 sec][Hostname/SNI: google.open-js.com][URL: google.open-js.com/doubleclick/ca0ecde2.js][StatusCode: 200][Content-Type: application/javascript][Server: AmazonS3][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (SGET /doubleclick/ca0)][Plen Bins: 0,25,0,0,0,0,0,0,0,0,0,0,0,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0]
+ 59 TCP 192.168.2.126:56096 <-> 3.72.69.158:80 [flowId: 174][proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/857 bytes <-> 1 pkts/1706 bytes][Goodput ratio: 92/96][0.02 sec][Hostname/SNI: setting.rayjump.com][URL: setting.rayjump.com/setting?app_id=32456&sign=3c28ded04e0f4090229968618244b583&channel=&platform=1&os_version=11&package_name=com.sceneway.kankan&app_version_name=2.8.2.1&app_version_code=146&orientation=2&model=sdk_gphone_x86&brand=google&gaid=&mnc=&mcc=][StatusCode: 200][Content-Type: text/plain][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /setting)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
60 TCP 31.13.87.1:443 <-> 192.168.5.16:53578 [flowId: 112][proto: 91/TLS][Stack: TLS][IP: 119/Facebook][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 3][cat: Web/5][Breed: Safe][5 pkts/1006 bytes <-> 5 pkts/1487 bytes][Goodput ratio: 67/78][0.26 sec][bytes ratio: -0.193 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 64/64 205/212 84/87][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 201/297 471/1223 139/463][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][Plen Bins: 0,0,40,20,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0]
61 UDP 192.168.5.57:55809 -> 239.255.255.250:1900 [flowId: 1][proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][14 pkts/2450 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][56.94 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2968/0 4488/0 17921/0 4136/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
62 TCP 192.168.115.8:49598 <-> 222.73.254.167:80 [flowId: 24][proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 295/1kxun, Confidence: DNS][DPI packets: 9][cat: Streaming/17][Breed: Fun][10 pkts/1406 bytes <-> 4 pkts/980 bytes][Goodput ratio: 60/75][45.21 sec][Hostname/SNI: kankan.1kxun.com][bytes ratio: 0.179 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/9 5643/40 44798/70 14800/30][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 141/245 474/788 167/314][URL: kankan.1kxun.com/api/videos/alsolikes/10410.json?callback=jQuery18306855657112319022_1470103242123&_=1470104377899][StatusCode: 200][Content-Type: application/json][Server: openresty/1.9.3.2][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /api/videos/alsolikes/10410)][Plen Bins: 40,0,0,0,0,0,0,0,0,0,0,0,0,40,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -166,23 +166,23 @@ JA Host Stats:
66 UDP 192.168.3.95:59468 -> 239.255.255.250:1900 [flowId: 20][proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][12 pkts/2100 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][45.06 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2967/0 4198/0 14952/0 3585/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
67 UDP 192.168.5.9:55484 -> 239.255.255.250:1900 [flowId: 50][proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][12 pkts/2100 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][49.87 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2968/0 4680/0 19869/0 5063/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
68 TCP 192.168.2.126:50148 <-> 161.117.13.29:80 [flowId: 164][proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/1180 bytes <-> 1 pkts/832 bytes][Goodput ratio: 94/92][0.18 sec][Hostname/SNI: mangaweb.1kxun.mobi][URL: mangaweb.1kxun.mobi/images/readpage_revision/like_1.png][StatusCode: 200][Content-Type: image/png][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /images/readpage)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 69 TCP 192.168.2.126:42566 <-> 35.156.44.13:80 [flowId: 189][proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 4][cat: Web/5][Breed: Acceptable][3 pkts/1770 bytes <-> 1 pkts/222 bytes][Goodput ratio: 89/70][0.03 sec][Hostname/SNI: de01.rayjump.com][StatusCode: 200][Content-Type: text/plain][Server: nginx][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gec][PLAIN TEXT (GGET /impression)][Plen Bins: 25,0,0,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0]
+ 69 TCP 192.168.2.126:42566 <-> 35.156.44.13:80 [flowId: 189][proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 4][cat: Web/5][Breed: Acceptable][3 pkts/1770 bytes <-> 1 pkts/222 bytes][Goodput ratio: 89/70][0.03 sec][Hostname/SNI: de01.rayjump.com][StatusCode: 200][Content-Type: text/plain][Server: nginx][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gec][PLAIN TEXT (GGET /impression)][Plen Bins: 25,0,0,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0]
70 TCP 192.168.5.16:53624 <-> 68.233.253.133:80 [flowId: 58][proto: 7/HTTP][Stack: HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][Breed: Acceptable][7 pkts/996 bytes <-> 5 pkts/986 bytes][Goodput ratio: 52/66][31.95 sec][Hostname/SNI: api.magicansoft.com][bytes ratio: 0.005 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/8 2391/3919 11352/11551 4481/5397][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 142/197 331/390 117/157][URL: api.magicansoft.com/comMagicanApi/composite/app.php/Global/Index/ip][StatusCode: 502][Content-Type: text/html][Server: MServer 1.2.2][User-Agent: Magican (unknown version) CFNetwork/720.5.7 Darwin/14.5.0 (x86_64)][Risk: ** Error Code **][Risk Score: 10][Risk Info: HTTP Error Code 502][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GET /comMagicanApi/composite/ap)][Plen Bins: 0,0,0,0,0,0,0,0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
71 TCP 192.168.2.126:50140 <-> 161.117.13.29:80 [flowId: 163][proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/1178 bytes <-> 1 pkts/748 bytes][Goodput ratio: 94/91][0.18 sec][Hostname/SNI: mangaweb.1kxun.mobi][URL: mangaweb.1kxun.mobi/images/readpage_revision/left.png][StatusCode: 200][Content-Type: image/png][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /images/readpage)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0]
72 TCP 192.168.2.126:50166 <-> 161.117.13.29:80 [flowId: 166][proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/1179 bytes <-> 1 pkts/746 bytes][Goodput ratio: 94/91][0.18 sec][Hostname/SNI: mangaweb.1kxun.mobi][URL: mangaweb.1kxun.mobi/images/readpage_revision/right.png][StatusCode: 200][Content-Type: image/png][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /images/readpage)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0]
73 TCP 192.168.2.126:47262 <-> 161.117.13.29:80 [flowId: 135][proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/937 bytes <-> 1 pkts/883 bytes][Goodput ratio: 93/92][0.31 sec][Hostname/SNI: kankan.1kxun.com][URL: kankan.1kxun.com/video_kankan_tags/v2/api/messages?min_id=0&access_token=&_brand=Google&_model=sdk_gphone_x86&_ov=Android11&_cpu=i686&_resolution=1080%2C1794&_package=com.sceneway.kankan&_v=2.8.2.1&_channel=1kxun&_carrier=310260&_android_id=b9e28776354d25][StatusCode: 301][Content-Type: text/html][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 74 TCP 192.168.2.126:51686 <-> 18.64.79.64:80 [flowId: 196][proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1295 bytes <-> 1 pkts/500 bytes][Goodput ratio: 95/87][0.60 sec][Hostname/SNI: net.rayjump.com][URL: net.rayjump.com/openapi/ad/v3?app_id=32456&unit_id=8881&sign=3c28ded04e0f4090229968618244b583&req_type=3&ad_num=20&tnum=1&only_impression=1&ping_mode=1&ttc_ids=%5B%5D&display_cids=%5B19944365299%5D&exclude_ids=%5B19944365299%5D&ad_source_id=1&session_id=6][StatusCode: 200][Content-Type: application/json][Server: nginx][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /openapi/ad/v)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0]
+ 74 TCP 192.168.2.126:51686 <-> 18.64.79.64:80 [flowId: 196][proto: 7/HTTP][Stack: HTTP][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1295 bytes <-> 1 pkts/500 bytes][Goodput ratio: 95/87][0.60 sec][Hostname/SNI: net.rayjump.com][URL: net.rayjump.com/openapi/ad/v3?app_id=32456&unit_id=8881&sign=3c28ded04e0f4090229968618244b583&req_type=3&ad_num=20&tnum=1&only_impression=1&ping_mode=1&ttc_ids=%5B%5D&display_cids=%5B19944365299%5D&exclude_ids=%5B19944365299%5D&ad_source_id=1&session_id=6][StatusCode: 200][Content-Type: application/json][Server: nginx][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /openapi/ad/v)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0]
75 TCP 192.168.2.126:50164 <-> 161.117.13.29:80 [flowId: 165][proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/1184 bytes <-> 1 pkts/574 bytes][Goodput ratio: 94/88][0.18 sec][Hostname/SNI: mangaweb.1kxun.mobi][URL: mangaweb.1kxun.mobi/images/readpage_revision/more_white.png][StatusCode: 200][Content-Type: image/png][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /images/readpage)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0]
76 UDP 192.168.101.33:55485 -> 239.255.255.250:1900 [flowId: 49][proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][10 pkts/1750 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][49.87 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2969/0 5541/0 19870/0 5205/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 77 TCP 192.168.2.126:41940 <-> 18.64.79.50:80 [flowId: 190][proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1315 bytes <-> 1 pkts/419 bytes][Goodput ratio: 95/84][0.04 sec][Hostname/SNI: tknet-cdn.rayjump.com][URL: tknet-cdn.rayjump.com/ad/log/play?k=629bea20a4e5410001f01c7x&mp=fURPDr5tiUStf7V2fajMiaveHUveDAJ96aiPfU5IiARTfnHIGal9i%2BMefbMefAEeGn3TfaiFfnRPGnEe6jxc6aRAGaxIi%2BMPfdMei%2BewDke6Go9bWUxIi099WUR%2Fi%2BegYFKgY75IhFx8%2BFJML7K%2FH5K9GaHIinhPfdleialM6azIHkPIG][StatusCode: 200][Content-Type: text/plain][Server: nginx][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /ad/log/play)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0]
+ 77 TCP 192.168.2.126:41940 <-> 18.64.79.50:80 [flowId: 190][proto: 7/HTTP][Stack: HTTP][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1315 bytes <-> 1 pkts/419 bytes][Goodput ratio: 95/84][0.04 sec][Hostname/SNI: tknet-cdn.rayjump.com][URL: tknet-cdn.rayjump.com/ad/log/play?k=629bea20a4e5410001f01c7x&mp=fURPDr5tiUStf7V2fajMiaveHUveDAJ96aiPfU5IiARTfnHIGal9i%2BMefbMefAEeGn3TfaiFfnRPGnEe6jxc6aRAGaxIi%2BMPfdMei%2BewDke6Go9bWUxIi099WUR%2Fi%2BegYFKgY75IhFx8%2BFJML7K%2FH5K9GaHIinhPfdleialM6azIHkPIG][StatusCode: 200][Content-Type: text/plain][Server: nginx][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /ad/log/play)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0]
78 TCP 192.168.2.126:49242 <-> 172.104.119.80:80 [flowId: 139][proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][2 pkts/1129 bytes <-> 2 pkts/582 bytes][Goodput ratio: 88/77][2.16 sec][Hostname/SNI: android.yingshi.tcclick.1kxun.com][URL: android.yingshi.tcclick.1kxun.com/api/upload.php][StatusCode: 500][Req Content-Type: application/octet-stream][Content-Type: text/html][Server: openresty/1.11.2.5][User-Agent: okhttp/3.10.0][Risk: ** Error Code **][Risk Score: 10][Risk Info: HTTP Error Code 500][PLAIN TEXT (aPOST /api/upload.php HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 79 TCP 192.168.2.126:56104 <-> 3.72.69.158:80 [flowId: 175][proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/896 bytes <-> 1 pkts/721 bytes][Goodput ratio: 93/91][0.02 sec][Hostname/SNI: setting.rayjump.com][URL: setting.rayjump.com/rewardsetting?app_id=32456&sign=3c28ded04e0f4090229968618244b583&unit_ids=%5B8881%5D&channel=&platform=1&os_version=11&package_name=com.sceneway.kankan&app_version_name=2.8.2.1&app_version_code=146&orientation=2&model=sdk_gphone_x86&br][StatusCode: 200][Content-Type: text/plain][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /rewardsetting)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 79 TCP 192.168.2.126:56104 <-> 3.72.69.158:80 [flowId: 175][proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/896 bytes <-> 1 pkts/721 bytes][Goodput ratio: 93/91][0.02 sec][Hostname/SNI: setting.rayjump.com][URL: setting.rayjump.com/rewardsetting?app_id=32456&sign=3c28ded04e0f4090229968618244b583&unit_ids=%5B8881%5D&channel=&platform=1&os_version=11&package_name=com.sceneway.kankan&app_version_name=2.8.2.1&app_version_code=146&orientation=2&model=sdk_gphone_x86&br][StatusCode: 200][Content-Type: text/plain][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /rewardsetting)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
80 UDP 192.168.5.49:51704 -> 239.255.255.250:1900 [flowId: 53][proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][9 pkts/1611 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][45.06 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2965/0 5631/0 15155/0 3855/0][Pkt Len c2s/s2c min/avg/max/stddev: 179/0 179/0 179/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
81 UDP 192.168.5.50:64674 -> 239.255.255.250:1900 [flowId: 5][proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][9 pkts/1611 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][57.02 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2949/0 7126/0 24065/0 7503/0][Pkt Len c2s/s2c min/avg/max/stddev: 179/0 179/0 179/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
82 UDP 192.168.5.37:57325 -> 239.255.255.250:1900 [flowId: 43][proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][9 pkts/1575 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][45.06 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2969/0 5632/0 18024/0 4843/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
83 TCP 192.168.2.126:59324 <-> 104.117.221.10:80 [flowId: 171][proto: 7/HTTP][Stack: HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/475 bytes <-> 1 pkts/1049 bytes][Goodput ratio: 86/94][0.04 sec][Hostname/SNI: m.vpon.com][URL: m.vpon.com/sdk/vpadn-sdk-core-v1.js][StatusCode: 200][Content-Type: application/x-javascript][Server: AkamaiNetStorage][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36(Mobile; vpadn-sdk-a-v4.6.4)][PLAIN TEXT (GET /sdk/vpadn)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
84 TCP 192.168.2.126:35200 <-> 103.29.71.30:80 [flowId: 144][proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/953 bytes <-> 1 pkts/563 bytes][Goodput ratio: 93/88][0.36 sec][Hostname/SNI: release.bigdata.1kxun.com][URL: release.bigdata.1kxun.com/c/35/13277?&_in_app=kankan&_udid=e6dbd30b-3b84-44b4-9751-631148a3ede9&_v=2.8.2.1&_package=com.sceneway.kankan&_model=sdk_gphone_x86&_ov=11&_brand=Google&_android_id=b9e28776354d259e&_gaid=5ac6a0ff-8d18-47bc-a902-2812cf0c251e&t=16][StatusCode: 302][Content-Type: text/html][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /c/35/13277)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 85 TCP 192.168.2.126:43272 <-> 18.64.79.58:80 [flowId: 178][proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1006 bytes <-> 1 pkts/500 bytes][Goodput ratio: 93/87][0.11 sec][Hostname/SNI: net.rayjump.com][URL: net.rayjump.com/openapi/ads?app_id=32456&unit_id=52498&sign=3c28ded04e0f4090229968618244b583&is_vast=1&ad_num=1&http_req=1&client_ip=92.219.40.235&useragent=Dalvik%2F2.1.0+%28Linux%3B+U%3B+Android+11%3B+sdk_gphone_x86+Build%2FRSR1.201013.001%29&os_version][StatusCode: 200][Content-Type: application/json][Server: nginx][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /openapi/ads)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 85 TCP 192.168.2.126:43272 <-> 18.64.79.58:80 [flowId: 178][proto: 7/HTTP][Stack: HTTP][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1006 bytes <-> 1 pkts/500 bytes][Goodput ratio: 93/87][0.11 sec][Hostname/SNI: net.rayjump.com][URL: net.rayjump.com/openapi/ads?app_id=32456&unit_id=52498&sign=3c28ded04e0f4090229968618244b583&is_vast=1&ad_num=1&http_req=1&client_ip=92.219.40.235&useragent=Dalvik%2F2.1.0+%28Linux%3B+U%3B+Android+11%3B+sdk_gphone_x86+Build%2FRSR1.201013.001%29&os_version][StatusCode: 200][Content-Type: application/json][Server: nginx][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /openapi/ads)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
86 TCP 192.168.115.8:49607 <-> 218.244.135.170:9099 [flowId: 37][proto: 7/HTTP][Stack: HTTP][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 274/Alibaba, Confidence: IP address][DPI packets: 8][cat: Web/5][Breed: Acceptable][10 pkts/880 bytes <-> 3 pkts/572 bytes][Goodput ratio: 36/69][0.74 sec][Hostname/SNI: 218.244.135.170][bytes ratio: 0.212 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/119 54/119 318/119 106/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 88/191 212/446 62/181][URL: 218.244.135.170:9099/api/qqlive_ckey/get?vid=y0013xaeeyo&platform=10902][StatusCode: 200][User-Agent: Mozilla/5.0][Risk: ** Known Proto on Non Std Port **** HTTP/TLS/QUIC Numeric Hostname/SNI **][Risk Score: 60][Risk Info: Found host 218.244.135.170 / Expected on port 80][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /api/qq)][Plen Bins: 25,0,0,0,50,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
87 UDP 192.168.5.47:60267 -> 239.255.255.250:1900 [flowId: 11][proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][8 pkts/1432 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][38.10 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2968/0 5442/0 17101/0 4875/0][Pkt Len c2s/s2c min/avg/max/stddev: 179/0 179/0 179/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
88 UDP 192.168.5.41:55312 -> 239.255.255.250:1900 [flowId: 6][proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][8 pkts/1400 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][57.22 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2949/0 8174/0 27242/0 8848/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -191,21 +191,21 @@ JA Host Stats:
91 TCP 192.168.2.126:53416 <-> 172.217.16.142:80 [flowId: 193][proto: 7.228/HTTP.PlayStore][Stack: HTTP.PlayStore][IP: 126/Google][ClearText][Confidence: DPI][FPC: 7.228/HTTP.PlayStore, Confidence: DPI][DPI packets: 2][cat: SoftwareUpdate/19][Breed: Safe][1 pkts/625 bytes <-> 1 pkts/734 bytes][Goodput ratio: 89/91][0.05 sec][Hostname/SNI: play.google.com][URL: play.google.com/store/apps/details?id=com.azarlive.android&referrer=adjust_external_click_id%3Dv.2_g.143845_a.f84f54bf-31cd-43ff-bd27-526ccc6457da_c.117_t.ua_u.e7df87247cbcea13%26utm_campaign%3DTest%2BCampaign%26utm_content%3DTest%2BSource%2BApp_123456789][StatusCode: 301][Content-Type: application/binary][Server: ESF][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /store/apps/details)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
92 TCP 192.168.2.126:58758 <-> 202.153.196.53:80 [flowId: 179][proto: 7/HTTP][Stack: HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1110 bytes <-> 1 pkts/236 bytes][Goodput ratio: 94/72][0.32 sec][Hostname/SNI: tw.api.vpon.com][URL: tw.api.vpon.com/api/webviewAdReq?s_w=411&s_h=731&u_w=411&u_h=683&u_sd=2.625&lang=en_US&ni=0&sdk=vpadn-sdk-a-v4.6.4&u_o=1&os_v=30&n_mnc=260&n_mcc=310&mnc=260&mcc=310&format=320x50_mb&msid=com.sceneway.kankan&app_name=30.android.com.sceneway.kankan&simulato][StatusCode: 200][Server: Apache-Coyote/1.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36(Mobile; vpadn-sdk-a-v4.6.4)][PLAIN TEXT (NGET /api/webviewAdReq)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
93 TCP 192.168.2.126:58760 <-> 202.153.196.53:80 [flowId: 180][proto: 7/HTTP][Stack: HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1110 bytes <-> 1 pkts/236 bytes][Goodput ratio: 94/72][1.09 sec][Hostname/SNI: tw.api.vpon.com][URL: tw.api.vpon.com/api/webviewAdReq?s_w=731&s_h=411&u_w=683&u_h=411&u_sd=2.625&lang=en_US&ni=0&sdk=vpadn-sdk-a-v4.6.4&u_o=2&os_v=30&n_mnc=260&n_mcc=310&mnc=260&mcc=310&format=320x50_mb&msid=com.sceneway.kankan&app_name=30.android.com.sceneway.kankan&simulato][StatusCode: 200][Server: Apache-Coyote/1.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36(Mobile; vpadn-sdk-a-v4.6.4)][PLAIN TEXT (GET /api/webviewAdReq)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 94 TCP 192.168.2.126:56094 <-> 3.72.69.158:80 [flowId: 172][proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/876 bytes <-> 1 pkts/460 bytes][Goodput ratio: 92/85][0.02 sec][Hostname/SNI: setting.rayjump.com][URL: setting.rayjump.com/rewardsetting?app_id=32456&sign=3c28ded04e0f4090229968618244b583&channel=&platform=1&os_version=11&package_name=com.sceneway.kankan&app_version_name=2.8.2.1&app_version_code=146&orientation=2&model=sdk_gphone_x86&brand=google&gaid=&mnc][StatusCode: 200][Content-Type: text/plain][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /rewardsetting)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 95 TCP 192.168.2.126:56098 <-> 3.72.69.158:80 [flowId: 173][proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/863 bytes <-> 1 pkts/460 bytes][Goodput ratio: 92/85][0.02 sec][Hostname/SNI: setting.rayjump.com][URL: setting.rayjump.com/rewardsetting?app_id=32456&sign=3c28ded04e0f4090229968618244b583&channel=&platform=1&os_version=11&package_name=com.sceneway.kankan&app_version_name=2.8.2.1&app_version_code=146&orientation=2&model=sdk_gphone_x86&brand=google&gaid=&mnc][StatusCode: 200][Content-Type: text/plain][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /rewardsetting)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 94 TCP 192.168.2.126:56094 <-> 3.72.69.158:80 [flowId: 172][proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/876 bytes <-> 1 pkts/460 bytes][Goodput ratio: 92/85][0.02 sec][Hostname/SNI: setting.rayjump.com][URL: setting.rayjump.com/rewardsetting?app_id=32456&sign=3c28ded04e0f4090229968618244b583&channel=&platform=1&os_version=11&package_name=com.sceneway.kankan&app_version_name=2.8.2.1&app_version_code=146&orientation=2&model=sdk_gphone_x86&brand=google&gaid=&mnc][StatusCode: 200][Content-Type: text/plain][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /rewardsetting)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 95 TCP 192.168.2.126:56098 <-> 3.72.69.158:80 [flowId: 173][proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/863 bytes <-> 1 pkts/460 bytes][Goodput ratio: 92/85][0.02 sec][Hostname/SNI: setting.rayjump.com][URL: setting.rayjump.com/rewardsetting?app_id=32456&sign=3c28ded04e0f4090229968618244b583&channel=&platform=1&os_version=11&package_name=com.sceneway.kankan&app_version_name=2.8.2.1&app_version_code=146&orientation=2&model=sdk_gphone_x86&brand=google&gaid=&mnc][StatusCode: 200][Content-Type: text/plain][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /rewardsetting)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
96 TCP 192.168.2.126:47272 <-> 161.117.13.29:80 [flowId: 136][proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/982 bytes <-> 1 pkts/331 bytes][Goodput ratio: 93/80][0.35 sec][Hostname/SNI: messages.1kxun.mobi][URL: messages.1kxun.mobi/api/messages/listForYingshi?client-uid=e6dbd30b-3b84-44b4-9751-631148a3ede9&min_id=0&access_token=&_brand=Google&_model=sdk_gphone_x86&_ov=Android11&_cpu=i686&_resolution=1080%2C1794&_package=com.sceneway.kankan&_v=2.8.2.1&_channel=1kx][StatusCode: 200][Content-Type: text/xml][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /api/messages/listForYingsh)][Plen Bins: 0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
97 TCP 192.168.2.126:56826 <-> 8.209.97.107:80 [flowId: 177][proto: 7/HTTP][Stack: HTTP][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 3][cat: Web/5][Breed: Acceptable][2 pkts/1156 bytes <-> 1 pkts/142 bytes][Goodput ratio: 91/62][0.02 sec][Hostname/SNI: analytics.rayjump.com][URL: analytics.rayjump.com/][StatusCode: 204][Req Content-Type: application/x-www-form-urlencoded][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (POST / HTTP/1.1)][Plen Bins: 0,0,33,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
98 UDP 192.168.5.48:49701 -> 239.255.255.250:1900 [flowId: 74][proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][7 pkts/1253 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][16.80 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1227/0 2799/0 5942/0 1567/0][Pkt Len c2s/s2c min/avg/max/stddev: 179/0 179/0 179/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 99 TCP 192.168.2.126:43266 -> 18.64.79.58:80 [flowId: 176][proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 1][cat: Web/5][Breed: Acceptable][1 pkts/1198 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][Hostname/SNI: net.rayjump.com][URL: net.rayjump.com/openapi/ad/v3?app_id=32456&unit_id=8881&sign=3c28ded04e0f4090229968618244b583&req_type=2&ad_num=20&tnum=1&only_impression=1&ping_mode=1&ttc_ids=%5B%5D&ad_source_id=1&ad_type=94&offset=0&channel=&platform=1&os_version=11&package_name=com.sc][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (GET /openapi/ad/v)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0]
+ 99 TCP 192.168.2.126:43266 -> 18.64.79.58:80 [flowId: 176][proto: 7/HTTP][Stack: HTTP][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 1][cat: Web/5][Breed: Acceptable][1 pkts/1198 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][Hostname/SNI: net.rayjump.com][URL: net.rayjump.com/openapi/ad/v3?app_id=32456&unit_id=8881&sign=3c28ded04e0f4090229968618244b583&req_type=2&ad_num=20&tnum=1&only_impression=1&ping_mode=1&ttc_ids=%5B%5D&ad_source_id=1&ad_type=94&offset=0&channel=&platform=1&os_version=11&package_name=com.sc][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (GET /openapi/ad/v)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0]
100 UDP 192.168.3.236:137 -> 192.168.255.255:137 [flowId: 63][proto: 10/NetBIOS][Stack: NetBIOS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 10/NetBIOS, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][13 pkts/1196 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][30.61 sec][Hostname/SNI: isatap][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 715/0 2708/0 9111/0 2902/0][Pkt Len c2s/s2c min/avg/max/stddev: 92/0 92/0 92/0 0/0][PLAIN TEXT (FDEBFEEBFACACACACACACACACACAAA)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 101 TCP 192.168.2.126:40204 <-> 18.235.204.9:80 [flowId: 192][proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/760 bytes <-> 1 pkts/237 bytes][Goodput ratio: 91/72][0.11 sec][Hostname/SNI: adexp.liftoff.io][URL: adexp.liftoff.io/event/vast/start/57aa80COXjCBIkZjg0ZjU0YmYtMzFjZC00M2ZmLWJkMjctNTI2Y2NjNjQ1N2RhGICaqoiTMCB1KMi9DzCiEDobY29tLnNjZW5ld2F5Lmthbmthbi5tYXJrZXQzQhhoYXdrZXItcmVuZGVyaW5nLWNvbnRyb2xKCmQ4MTI5YmY1ZTRQAloDREVVYAJoBHIJdXMtZWFzdC0x4AEBgAF1kgECZW6YAQK][StatusCode: 200][Content-Type: image/png][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /event/vast/start/57aa80COX)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 101 TCP 192.168.2.126:40204 <-> 18.235.204.9:80 [flowId: 192][proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/760 bytes <-> 1 pkts/237 bytes][Goodput ratio: 91/72][0.11 sec][Hostname/SNI: adexp.liftoff.io][URL: adexp.liftoff.io/event/vast/start/57aa80COXjCBIkZjg0ZjU0YmYtMzFjZC00M2ZmLWJkMjctNTI2Y2NjNjQ1N2RhGICaqoiTMCB1KMi9DzCiEDobY29tLnNjZW5ld2F5Lmthbmthbi5tYXJrZXQzQhhoYXdrZXItcmVuZGVyaW5nLWNvbnRyb2xKCmQ4MTI5YmY1ZTRQAloDREVVYAJoBHIJdXMtZWFzdC0x4AEBgAF1kgECZW6YAQK][StatusCode: 200][Content-Type: image/png][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /event/vast/start/57aa80COX)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
102 TCP 192.168.2.126:60962 <-> 172.104.93.92:1234 [flowId: 129][proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/604 bytes <-> 1 pkts/255 bytes][Goodput ratio: 89/74][0.31 sec][Hostname/SNI: ws.1kxun.mobi][URL: ws.1kxun.mobi:1234/?_brand=Google&_model=sdk_gphone_x86&_ov=Android11&_cpu=i686&_resolution=1080%2C1794&_package=com.sceneway.kankan&_v=2.8.2.1&_channel=1kxun&_carrier=310260&_android_id=b9e28776354d259e&_network=wifi&_aid=5ac6a0ff-8d18-47bc-a902-2812cf0c][StatusCode: 101][Server: swoole-websocket-server][User-Agent: okhttp/3.10.0][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 80][PLAIN TEXT (Google)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
103 TCP 192.168.2.126:60972 <-> 172.104.93.92:1234 [flowId: 130][proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/604 bytes <-> 1 pkts/255 bytes][Goodput ratio: 89/74][0.24 sec][Hostname/SNI: ws.1kxun.mobi][URL: ws.1kxun.mobi:1234/?_brand=Google&_model=sdk_gphone_x86&_ov=Android11&_cpu=i686&_resolution=1080%2C1794&_package=com.sceneway.kankan&_v=2.8.2.1&_channel=1kxun&_carrier=310260&_android_id=b9e28776354d259e&_network=wifi&_aid=5ac6a0ff-8d18-47bc-a902-2812cf0c][StatusCode: 101][Server: swoole-websocket-server][User-Agent: okhttp/3.10.0][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 80][PLAIN TEXT (Google)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
104 TCP 192.168.2.126:60984 <-> 172.104.93.92:1234 [flowId: 131][proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/604 bytes <-> 1 pkts/255 bytes][Goodput ratio: 89/74][0.27 sec][Hostname/SNI: ws.1kxun.mobi][URL: ws.1kxun.mobi:1234/?_brand=Google&_model=sdk_gphone_x86&_ov=Android11&_cpu=i686&_resolution=1080%2C1794&_package=com.sceneway.kankan&_v=2.8.2.1&_channel=1kxun&_carrier=310260&_android_id=b9e28776354d259e&_network=wifi&_aid=5ac6a0ff-8d18-47bc-a902-2812cf0c][StatusCode: 101][Server: swoole-websocket-server][User-Agent: okhttp/3.10.0][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 80][PLAIN TEXT (Google)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
105 TCP 192.168.2.126:41134 <-> 129.226.107.77:80 [flowId: 133][proto: 7.48/HTTP.QQ][Stack: HTTP.QQ][IP: 285/Tencent][ClearText][Confidence: DPI][FPC: 7.48/HTTP.QQ, Confidence: DPI][DPI packets: 2][cat: Chat/9][Breed: Fun][1 pkts/324 bytes <-> 1 pkts/518 bytes][Goodput ratio: 83/89][0.19 sec][Hostname/SNI: cgi.connect.qq.com][URL: cgi.connect.qq.com/qqconnectopen/openapi/policy_conf?status_os=11&status_version=30&status_machine=sdk_gphone_x86&sdkp=a&sdkv=3.1.0.lite&appid=100258135][StatusCode: 302][Content-Type: text/html][Server: stgw][User-Agent: AndroidSDK_30_generic_x86_arm_11][PLAIN TEXT (GET /qq)][Plen Bins: 0,0,0,0,0,0,0,0,50,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
106 TCP 192.168.2.126:38834 <-> 119.45.78.184:80 [flowId: 137][proto: 7.48/HTTP.QQ][Stack: HTTP.QQ][IP: 285/Tencent][ClearText][Confidence: DPI][FPC: 7.48/HTTP.QQ, Confidence: DPI][DPI packets: 3][cat: Chat/9][Breed: Fun][2 pkts/655 bytes <-> 1 pkts/170 bytes][Goodput ratio: 80/61][0.31 sec][Hostname/SNI: pingma.qq.com][URL: pingma.qq.com:80/mstat/report][StatusCode: 404][Risk: ** HTTP Susp User-Agent **** Error Code **][Risk Score: 110][Risk Info: HTTP Error Code 404 / Empty or missing User-Agent][PLAIN TEXT (POST /mstat/report HTTP/1.1)][Plen Bins: 0,0,0,33,33,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
107 UDP 192.168.5.45:138 -> 192.168.255.255:138 [flowId: 69][proto: 10.16/NetBIOS.SMBv1][Stack: NetBIOS.SMBv1][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 10.16/NetBIOS.SMBv1, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Dangerous][3 pkts/648 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][0.00 sec][Hostname/SNI: macbookair-e1d0][PLAIN TEXT ( ENEBEDECEPEPELEBEJ)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 108 TCP 192.168.2.126:54810 <-> 18.233.123.55:80 [flowId: 191][proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/490 bytes <-> 1 pkts/141 bytes][Goodput ratio: 86/53][0.11 sec][Hostname/SNI: impression-east.liftoff.io][URL: impression-east.liftoff.io/mintegral/beacon?ad_group_id=143845&channel_id=117&creative_id=253640&auction_id=f84f54bf-31cd-43ff-bd27-526ccc6457da&origin=haggler-mintegral021][StatusCode: 200][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /mintegral/beacon)][Plen Bins: 0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 108 TCP 192.168.2.126:54810 <-> 18.233.123.55:80 [flowId: 191][proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/490 bytes <-> 1 pkts/141 bytes][Goodput ratio: 86/53][0.11 sec][Hostname/SNI: impression-east.liftoff.io][URL: impression-east.liftoff.io/mintegral/beacon?ad_group_id=143845&channel_id=117&creative_id=253640&auction_id=f84f54bf-31cd-43ff-bd27-526ccc6457da&origin=haggler-mintegral021][StatusCode: 200][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /mintegral/beacon)][Plen Bins: 0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
109 TCP 192.168.2.126:51888 -> 119.28.164.143:80 [flowId: 153][proto: 7/HTTP][Stack: HTTP][IP: 285/Tencent][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 1][cat: Web/5][Breed: Acceptable][1 pkts/571 bytes -> 0 pkts/0 bytes][Goodput ratio: 90/0][< 1 sec][Hostname/SNI: qzonestyle.gtimg.cn][URL: qzonestyle.gtimg.cn/qzone/openapi/qc-1.0.1.js][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (GET /qzone/openapi/qc)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
110 TCP 192.168.2.126:47230 <-> 161.117.13.29:80 [flowId: 132][proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Download/7][Breed: Fun][1 pkts/223 bytes <-> 1 pkts/330 bytes][Goodput ratio: 70/80][0.18 sec][Hostname/SNI: kankan.1kxun.mobi][URL: kankan.1kxun.mobi/api.domain.conf][StatusCode: 200][Content-Type: application/octet-stream][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][Risk: ** Binary File/Data Transfer (Attempt) **][Risk Score: 50][Risk Info: Found binary mime octet-stream][PLAIN TEXT (GET /api.domain.conf HTTP/1.1)][Plen Bins: 0,0,0,0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
111 UDP 192.168.115.8:137 -> 192.168.255.255:137 [flowId: 17][proto: 10/NetBIOS][Stack: NetBIOS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 10/NetBIOS, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][6 pkts/552 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][1.50 sec][Hostname/SNI: wpad][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 300/0 749/0 367/0][Pkt Len c2s/s2c min/avg/max/stddev: 92/0 92/0 92/0 0/0][PLAIN TEXT ( FHFAEBEECACACACACACACACACACACA)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -216,7 +216,7 @@ JA Host Stats:
116 TCP 192.168.115.8:49596 <-> 203.66.182.87:443 [flowId: 56][proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][Breed: Safe][4 pkts/220 bytes <-> 2 pkts/132 bytes][Goodput ratio: 2/0][45.01 sec][bytes ratio: 0.250 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/45002 14999/45002 44996/45002 21211/0][Pkt Len c2s/s2c min/avg/max/stddev: 55/66 55/66 55/66 0/0][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
117 UDP 192.168.5.9:68 -> 255.255.255.255:67 [flowId: 73][proto: 18/DHCP][Stack: DHCP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 18/DHCP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/342 bytes -> 0 pkts/0 bytes][Goodput ratio: 87/0][< 1 sec][Hostname/SNI: joanna-pc][DHCP Fingerprint: 1,15,3,6,44,46,47,31,33,121,249,43,252][DHCP Class Ident: MSFT 5.0][PLAIN TEXT (Joanna)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
118 UDP 192.168.5.41:68 -> 255.255.255.255:67 [flowId: 104][proto: 18/DHCP][Stack: DHCP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 18/DHCP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/342 bytes -> 0 pkts/0 bytes][Goodput ratio: 87/0][< 1 sec][Hostname/SNI: kevin-pc][DHCP Fingerprint: 1,15,3,6,44,46,47,31,33,121,249,43,252][DHCP Class Ident: MSFT 5.0][PLAIN TEXT (MSFT 5.07)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 119 TCP 192.168.2.126:35666 -> 18.66.2.90:80 [flowId: 182][proto: 7.291/HTTP.MpegDash][Stack: HTTP.MpegDash][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7.291/HTTP.MpegDash, Confidence: DPI][DPI packets: 1][cat: Media/1][Breed: Fun][1 pkts/299 bytes -> 0 pkts/0 bytes][Goodput ratio: 78/0][< 1 sec][Hostname/SNI: cdn.liftoff.io][URL: cdn.liftoff.io/customers/45d4b09eba/videos/mobile/fd5692dd53042b199e03.mp4][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (GET /customers/45)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 119 TCP 192.168.2.126:35666 -> 18.66.2.90:80 [flowId: 182][proto: 7.291/HTTP.MpegDash][Stack: HTTP.MpegDash][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7.291/HTTP.MpegDash, Confidence: DPI][DPI packets: 1][cat: Media/1][Breed: Fun][1 pkts/299 bytes -> 0 pkts/0 bytes][Goodput ratio: 78/0][< 1 sec][Hostname/SNI: cdn.liftoff.io][URL: cdn.liftoff.io/customers/45d4b09eba/videos/mobile/fd5692dd53042b199e03.mp4][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (GET /customers/45)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
120 UDP 192.168.115.8:60724 <-> 8.8.8.8:53 [flowId: 25][proto: 5/DNS][Stack: DNS][IP: 126/Google][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 3][cat: Network/14][Breed: Acceptable][2 pkts/146 bytes <-> 1 pkts/137 bytes][Goodput ratio: 42/69][0.05 sec][Hostname/SNI: pic.1kxun.com][106.187.35.246][DNS Id: 0x2990][Plen Bins: 66,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
121 UDP 192.168.0.104:137 -> 192.168.255.255:137 [flowId: 117][proto: 10/NetBIOS][Stack: NetBIOS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 10/NetBIOS, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][3 pkts/276 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][1.54 sec][Hostname/SNI: sc.arrancar.org][PLAIN TEXT ( FDEDCOEBFC)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
122 UDP 192.168.115.8:51024 <-> 8.8.8.8:53 [flowId: 13][proto: 5/DNS][Stack: DNS][IP: 126/Google][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 3][cat: Network/14][Breed: Acceptable][2 pkts/160 bytes <-> 1 pkts/112 bytes][Goodput ratio: 47/62][0.02 sec][Hostname/SNI: jp.kankan.1kxun.mobi][106.185.35.110][DNS Id: 0xfd2c][PLAIN TEXT (kankan)][Plen Bins: 0,66,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/flow_risk_infos_disabled/result/http_invalid_server.pcap.out b/tests/cfgs/flow_risk_infos_disabled/result/http_invalid_server.pcap.out
index 00b1e81c7..dc8c6d19e 100644
--- a/tests/cfgs/flow_risk_infos_disabled/result/http_invalid_server.pcap.out
+++ b/tests/cfgs/flow_risk_infos_disabled/result/http_invalid_server.pcap.out
@@ -26,4 +26,4 @@ Safe 12 1301 1
Network 12 1301 1
- 1 TCP 192.168.1.29:51536 <-> 143.204.14.183:80 [proto: 7.63/HTTP.OCSP][Stack: HTTP.OCSP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 6][cat: Network/14][Breed: Safe][7 pkts/556 bytes <-> 5 pkts/745 bytes][Goodput ratio: 15/55][0.04 sec][Hostname/SNI: ocsp.rootg2.amazontrust.com][bytes ratio: -0.145 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 5/4 12/12 6/6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 79/149 148/468 28/160][URL: ocsp.rootg2.amazontrust.com/][StatusCode: 200][Content-Type: application/ocsp-response][Server: ¯\_(ăƒ„)_/¯][User-Agent: **][Risk: ** HTTP Susp User-Agent **** HTTP Susp Header **][Risk Score: 200][TCP Fingerprint: 2_64_65535_d29295416479/macOS][PLAIN TEXT (GET / HTTP/1.1)][Plen Bins: 33,0,33,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 1 TCP 192.168.1.29:51536 <-> 143.204.14.183:80 [proto: 7.63/HTTP.OCSP][Stack: HTTP.OCSP][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 464/AWS_Cloudfront, Confidence: IP address][DPI packets: 6][cat: Network/14][Breed: Safe][7 pkts/556 bytes <-> 5 pkts/745 bytes][Goodput ratio: 15/55][0.04 sec][Hostname/SNI: ocsp.rootg2.amazontrust.com][bytes ratio: -0.145 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 5/4 12/12 6/6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 79/149 148/468 28/160][URL: ocsp.rootg2.amazontrust.com/][StatusCode: 200][Content-Type: application/ocsp-response][Server: ¯\_(ăƒ„)_/¯][User-Agent: **][Risk: ** HTTP Susp User-Agent **** HTTP Susp Header **][Risk Score: 200][TCP Fingerprint: 2_64_65535_d29295416479/macOS][PLAIN TEXT (GET / HTTP/1.1)][Plen Bins: 33,0,33,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/fpc/result/1kxun.pcap.out b/tests/cfgs/fpc/result/1kxun.pcap.out
index c51ce8dad..007c550f5 100644
--- a/tests/cfgs/fpc/result/1kxun.pcap.out
+++ b/tests/cfgs/fpc/result/1kxun.pcap.out
@@ -82,13 +82,13 @@ JA Host Stats:
6 TCP 192.168.2.126:46212 <-> 172.105.121.82:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][2 pkts/555 bytes <-> 12 pkts/124834 bytes][Goodput ratio: 76/99][1.58 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.991 (Download)][IAT c2s/s2c min/avg/max/stddev: 871/0 871/122 871/373 0/155][Pkt Len c2s/s2c min/avg/max/stddev: 277/386 278/10403 278/37506 0/10887][URL: pic.1kxun.com/video_kankan/images/releases/300/5183-51fb99a2391e774037ba21cbca307be4.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,14,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,57]
7 TCP 192.168.2.126:38316 <-> 172.105.121.82:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/273 bytes <-> 23 pkts/118294 bytes][Goodput ratio: 76/99][1.43 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.995 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/46 0/393 0/113][Pkt Len c2s/s2c min/avg/max/stddev: 273/388 273/5143 273/24546 0/5526][URL: pic.1kxun.com/video_kankan/images/videos/40701-8fa7d916c55e31f90fa55f450b716505.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,4,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,20,0,67]
8 TCP 192.168.2.126:49380 <-> 14.136.136.108:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 9][cat: Streaming/17][Breed: Fun][2 pkts/1172 bytes <-> 30 pkts/99876 bytes][Goodput ratio: 89/98][1.31 sec][Hostname/SNI: hkbn.content.1kxun.com][bytes ratio: -0.977 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/32 0/209 0/74][Pkt Len c2s/s2c min/avg/max/stddev: 580/351 586/3329 592/18786 6/3784][URL: hkbn.content.1kxun.com/manga-hant/images/project/cartoons/f05074256b39572ad852c1c95eb5f8a7.jpg][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (LGET /manga)][Plen Bins: 0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,53,0,34]
- 9 TCP 192.168.2.126:36636 <-> 18.64.103.30:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 9][cat: Web/5][Breed: Acceptable][1 pkts/411 bytes <-> 29 pkts/98991 bytes][Goodput ratio: 84/98][0.08 sec][Hostname/SNI: hybird.rayjump.com][bytes ratio: -0.992 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/2 0/20 0/4][Pkt Len c2s/s2c min/avg/max/stddev: 411/1467 411/3413 411/5778 0/1722][URL: hybird.rayjump.com/rv-zip-2022/0428/tpl4-4209ad845e61d9ad67b6f04187d00be0.zip?md5filename=4209ad845e61d9ad67b6f04187d00be0&foldername=tpl4&layout=1&tpl=4&wfr=1&to=9999&alecfc=1&whs_chn=m][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /rv)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,30,0,0,63]
- 10 TCP 192.168.2.126:36654 <-> 18.64.103.30:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 9][cat: Web/5][Breed: Acceptable][1 pkts/363 bytes <-> 25 pkts/90800 bytes][Goodput ratio: 82/98][0.10 sec][Hostname/SNI: hybird.rayjump.com][bytes ratio: -0.992 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/3 0/18 0/5][Pkt Len c2s/s2c min/avg/max/stddev: 363/1494 363/3632 363/4350 0/1035][URL: hybird.rayjump.com/rv-zip-2019/1113/mini-260291c208bf3376b5111db855e89451.zip?md5filename=260291c208bf3376b5111db855e89451&foldername=mini][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /rv)][Plen Bins: 0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,85]
+ 9 TCP 192.168.2.126:36636 <-> 18.64.103.30:80 [proto: 7/HTTP][Stack: HTTP][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 9][cat: Web/5][Breed: Acceptable][1 pkts/411 bytes <-> 29 pkts/98991 bytes][Goodput ratio: 84/98][0.08 sec][Hostname/SNI: hybird.rayjump.com][bytes ratio: -0.992 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/2 0/20 0/4][Pkt Len c2s/s2c min/avg/max/stddev: 411/1467 411/3413 411/5778 0/1722][URL: hybird.rayjump.com/rv-zip-2022/0428/tpl4-4209ad845e61d9ad67b6f04187d00be0.zip?md5filename=4209ad845e61d9ad67b6f04187d00be0&foldername=tpl4&layout=1&tpl=4&wfr=1&to=9999&alecfc=1&whs_chn=m][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /rv)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,30,0,0,63]
+ 10 TCP 192.168.2.126:36654 <-> 18.64.103.30:80 [proto: 7/HTTP][Stack: HTTP][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 9][cat: Web/5][Breed: Acceptable][1 pkts/363 bytes <-> 25 pkts/90800 bytes][Goodput ratio: 82/98][0.10 sec][Hostname/SNI: hybird.rayjump.com][bytes ratio: -0.992 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/3 0/18 0/5][Pkt Len c2s/s2c min/avg/max/stddev: 363/1494 363/3632 363/4350 0/1035][URL: hybird.rayjump.com/rv-zip-2019/1113/mini-260291c208bf3376b5111db855e89451.zip?md5filename=260291c208bf3376b5111db855e89451&foldername=mini][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /rv)][Plen Bins: 0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,85]
11 TCP 192.168.2.126:45416 <-> 161.117.13.29:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][8 pkts/7202 bytes <-> 24 pkts/83277 bytes][Goodput ratio: 93/98][16.31 sec][Hostname/SNI: mangaweb.1kxun.mobi][bytes ratio: -0.841 (Download)][IAT c2s/s2c min/avg/max/stddev: 186/0 2919/772 6045/5959 2744/1789][Pkt Len c2s/s2c min/avg/max/stddev: 500/709 900/3470 1180/14466 215/3207][URL: mangaweb.1kxun.mobi/js/vendor.bundle.js?1644807874][StatusCode: 200][Content-Type: application/javascript][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /js/vendor.bundle.j)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,3,0,0,12,0,0,0,0,0,0,0,3,3,3,6,0,0,0,0,0,0,0,3,0,0,21,0,41]
12 TCP 192.168.2.126:38326 <-> 172.105.121.82:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/273 bytes <-> 21 pkts/89010 bytes][Goodput ratio: 76/98][1.25 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.994 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/50 0/412 0/118][Pkt Len c2s/s2c min/avg/max/stddev: 273/387 273/4239 273/12489 0/2950][URL: pic.1kxun.com/video_kankan/images/videos/40730-48fd657abd5a1d3e45d03403ddcb0663.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,4,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,18,0,73]
13 TCP 192.168.2.126:46200 <-> 172.105.121.82:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][2 pkts/556 bytes <-> 18 pkts/82689 bytes][Goodput ratio: 76/99][1.24 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.987 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/56 0/375 0/119][Pkt Len c2s/s2c min/avg/max/stddev: 278/386 278/4594 278/21666 0/5421][URL: pic.1kxun.com/video_kankan/images/releases/301/5027-d707192bfa2dabf22771a4d56454ab88.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,10,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,35,0,45]
14 TCP 192.168.2.126:46184 <-> 172.105.121.82:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][3 pkts/829 bytes <-> 13 pkts/73655 bytes][Goodput ratio: 76/99][1.27 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.978 (Download)][IAT c2s/s2c min/avg/max/stddev: 392/0 392/81 392/368 0/134][Pkt Len c2s/s2c min/avg/max/stddev: 273/386 276/5666 278/23106 2/7129][URL: pic.1kxun.com/video_kankan/images/releases/299/4704-5017bcdcacc02cc3af4833cd1ed72a8f.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,18,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,25,0,37]
- 15 TCP 192.168.2.126:36640 <-> 18.64.103.30:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 9][cat: Web/5][Breed: Acceptable][1 pkts/563 bytes <-> 20 pkts/65580 bytes][Goodput ratio: 88/98][0.06 sec][Hostname/SNI: hybird.rayjump.com][bytes ratio: -0.983 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/1 0/3 0/1][Pkt Len c2s/s2c min/avg/max/stddev: 563/1494 563/3279 563/5778 0/1489][URL: hybird.rayjump.com/rv-zip-2022/0428/endcard-dsp-1302-f2714a34f6661a70fedea1667fb7a9e4.zip?md5filename=f2714a34f6661a70fedea1667fb7a9e4&foldername=endcard-dsp-1302&mof=1&mof_uid=91199&n_imp=1&mof_pkg=com.sceneway.kankan&n_region=fk&alecfc=1&bait_click=1&mo][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /rv)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,62]
+ 15 TCP 192.168.2.126:36640 <-> 18.64.103.30:80 [proto: 7/HTTP][Stack: HTTP][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 9][cat: Web/5][Breed: Acceptable][1 pkts/563 bytes <-> 20 pkts/65580 bytes][Goodput ratio: 88/98][0.06 sec][Hostname/SNI: hybird.rayjump.com][bytes ratio: -0.983 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/1 0/3 0/1][Pkt Len c2s/s2c min/avg/max/stddev: 563/1494 563/3279 563/5778 0/1489][URL: hybird.rayjump.com/rv-zip-2022/0428/endcard-dsp-1302-f2714a34f6661a70fedea1667fb7a9e4.zip?md5filename=f2714a34f6661a70fedea1667fb7a9e4&foldername=endcard-dsp-1302&mof=1&mof_uid=91199&n_imp=1&mof_pkg=com.sceneway.kankan&n_region=fk&alecfc=1&bait_click=1&mo][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /rv)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,62]
16 TCP 192.168.115.8:49600 <-> 106.187.35.246:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 295/1kxun, Confidence: DNS][DPI packets: 9][cat: Streaming/17][Breed: Fun][18 pkts/1722 bytes <-> 51 pkts/61707 bytes][Goodput ratio: 42/95][45.37 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.946 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3472/1029 44994/45054 11986/6714][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 96/1210 416/1314 113/325][URL: pic.1kxun.com/video_kankan/images/videos/18283-jfyj3.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.9.7.1][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /video)][Plen Bins: 3,0,0,0,0,0,0,0,0,1,0,3,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,91,0,0,0,0,0,0,0,0]
17 TCP 192.168.2.126:45398 <-> 161.117.13.29:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][3 pkts/2127 bytes <-> 18 pkts/58725 bytes][Goodput ratio: 91/98][4.35 sec][Hostname/SNI: mangaweb.1kxun.mobi][bytes ratio: -0.930 (Download)][IAT c2s/s2c min/avg/max/stddev: 229/0 229/262 229/3434 0/852][Pkt Len c2s/s2c min/avg/max/stddev: 490/551 709/3262 821/7266 155/2191][URL: mangaweb.1kxun.mobi/js/dependency-all.js][StatusCode: 200][Content-Type: application/javascript][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /js/dependency)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,4,0,0,0,0,0,0,0,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,39,0,43]
18 TCP 192.168.2.126:49354 <-> 14.136.136.108:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][2 pkts/1184 bytes <-> 19 pkts/53234 bytes][Goodput ratio: 89/98][1.04 sec][Hostname/SNI: hkbn.content.1kxun.com][bytes ratio: -0.956 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/26 0/204 0/67][Pkt Len c2s/s2c min/avg/max/stddev: 592/351 592/2802 592/8706 0/2084][URL: hkbn.content.1kxun.com/manga-hant/images/project/cartoons/7e07d4417e0edc98d327d0ddfd3e227a.jpg?format=webp][StatusCode: 200][Content-Type: image/webp][Server: openresty/1.9.7.4][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (/GET /manga)][Plen Bins: 0,0,0,0,0,0,0,0,9,0,0,0,0,0,0,0,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,38,0,42]
@@ -99,12 +99,12 @@ JA Host Stats:
23 TCP 192.168.115.8:49599 <-> 106.187.35.246:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 295/1kxun, Confidence: DNS][DPI packets: 9][cat: Streaming/17][Breed: Fun][16 pkts/1612 bytes <-> 27 pkts/29579 bytes][Goodput ratio: 45/95][45.24 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.897 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 12/6 66/65 23/18][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 101/1096 415/1314 119/461][URL: pic.1kxun.com/video_kankan/images/videos/13480-alps.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.9.7.1][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /video)][Plen Bins: 7,3,0,0,0,0,0,0,0,3,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,79,0,0,0,0,0,0,0,0]
24 TCP 192.168.2.126:44368 <-> 172.217.18.98:80 [proto: 7.239/HTTP.GoogleServices][Stack: HTTP.GoogleServices][IP: 126/Google][ClearText][Confidence: DPI][FPC: 7.239/HTTP.GoogleServices, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/489 bytes <-> 16 pkts/29841 bytes][Goodput ratio: 86/96][0.06 sec][Hostname/SNI: www.googletagservices.com][bytes ratio: -0.968 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/2 0/22 0/6][Pkt Len c2s/s2c min/avg/max/stddev: 489/491 489/1865 489/2902 0/738][URL: www.googletagservices.com/tag/js/gpt.js][StatusCode: 200][Content-Type: text/javascript][Server: sffe][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /tag/js/gpt.j)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,59,0,0,29]
25 TCP 192.168.2.126:38354 <-> 142.250.186.34:80 [proto: 7.126/HTTP.Google][Stack: HTTP.Google][IP: 126/Google][ClearText][Confidence: DPI][FPC: 7.126/HTTP.Google, Confidence: DPI][DPI packets: 9][cat: Advertisement/101][Breed: Tracker_Ads][1 pkts/586 bytes <-> 12 pkts/28355 bytes][Goodput ratio: 89/97][0.08 sec][Hostname/SNI: pagead2.googlesyndication.com][bytes ratio: -0.960 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/3 0/23 0/7][Pkt Len c2s/s2c min/avg/max/stddev: 586/687 586/2363 586/2902 0/788][URL: pagead2.googlesyndication.com/pagead/show_ads.js][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /pagead/show)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,23,0,0,62]
- 26 TCP 192.168.2.126:35664 <-> 18.66.2.90:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/249 bytes <-> 9 pkts/27029 bytes][Goodput ratio: 73/98][0.02 sec][Hostname/SNI: cdn.liftoff.io][bytes ratio: -0.982 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/1 0/3 0/1][Pkt Len c2s/s2c min/avg/max/stddev: 249/797 249/3003 249/4350 0/1362][URL: cdn.liftoff.io/customers/45d4b09eba/image/lambda_jpg_89/398101234e6cf5b3a8d8.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: AmazonS3][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /customers/45)][Plen Bins: 0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,60]
+ 26 TCP 192.168.2.126:35664 <-> 18.66.2.90:80 [proto: 7/HTTP][Stack: HTTP][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/249 bytes <-> 9 pkts/27029 bytes][Goodput ratio: 73/98][0.02 sec][Hostname/SNI: cdn.liftoff.io][bytes ratio: -0.982 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/1 0/3 0/1][Pkt Len c2s/s2c min/avg/max/stddev: 249/797 249/3003 249/4350 0/1362][URL: cdn.liftoff.io/customers/45d4b09eba/image/lambda_jpg_89/398101234e6cf5b3a8d8.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: AmazonS3][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /customers/45)][Plen Bins: 0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,60]
27 TCP 192.168.115.8:49603 <-> 106.187.35.246:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 295/1kxun, Confidence: DNS][DPI packets: 9][cat: Streaming/17][Breed: Fun][12 pkts/1396 bytes <-> 22 pkts/24184 bytes][Goodput ratio: 52/95][45.24 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.891 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 5632/4 45001/65 14880/15][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 116/1099 415/1314 134/455][URL: pic.1kxun.com/video_kankan/images/videos/16649-ljdz.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.9.7.1][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /video)][Plen Bins: 8,0,0,0,0,0,0,0,0,4,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,75,0,0,0,0,0,0,0,0]
28 TCP 192.168.2.126:36732 <-> 142.250.186.174:80 [proto: 7.126/HTTP.Google][Stack: HTTP.Google][IP: 126/Google][ClearText][Confidence: DPI][FPC: 7.126/HTTP.Google, Confidence: DPI][DPI packets: 2][cat: Advertisement/101][Breed: Tracker_Ads][1 pkts/487 bytes <-> 10 pkts/21123 bytes][Goodput ratio: 86/97][0.05 sec][Hostname/SNI: www.google-analytics.com][bytes ratio: -0.955 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/3 0/21 0/7][Pkt Len c2s/s2c min/avg/max/stddev: 487/677 487/2112 487/2902 0/822][URL: www.google-analytics.com/analytics.js][StatusCode: 200][Content-Type: text/javascript][Server: Golfe2][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /analytics.js HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,9,0,0,0,0,0,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,36,0,0,45]
29 TCP 192.168.2.126:45388 <-> 161.117.13.29:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][2 pkts/1315 bytes <-> 8 pkts/18984 bytes][Goodput ratio: 90/97][4.33 sec][Hostname/SNI: mangaweb.1kxun.mobi][bytes ratio: -0.870 (Download)][IAT c2s/s2c min/avg/max/stddev: 3965/0 3965/593 3965/3966 0/1379][Pkt Len c2s/s2c min/avg/max/stddev: 509/1287 658/2373 806/8258 148/2234][URL: mangaweb.1kxun.mobi/js/swiper/swiper.min.css][StatusCode: 200][Content-Type: text/css][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /js/swiper/swiper.min.css H)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,10,0,0,0,0,40,0,20]
30 TCP 192.168.115.8:49609 <-> 42.120.51.152:8080 [proto: 7/HTTP][Stack: HTTP][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 274/Alibaba, Confidence: IP address][DPI packets: 9][cat: Web/5][Breed: Acceptable][20 pkts/4716 bytes <-> 13 pkts/7005 bytes][Goodput ratio: 77/90][1.19 sec][Hostname/SNI: 42.120.51.152][bytes ratio: -0.195 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 49/52 298/178 81/57][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 236/539 499/1314 193/556][URL: 42.120.51.152:8080/api/proxy?url=http%3A%2F%2Fvv.video.qq.com%2Fgetvinfo][StatusCode: 100][Req Content-Type: application/x-www-form-urlencoded][User-Agent: Mozilla/5.0][Risk: ** Known Proto on Non Std Port **** HTTP/TLS/QUIC Numeric Hostname/SNI **][Risk Score: 60][Risk Info: Found host 42.120.51.152 / Expected on port 80][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (POST /api/proxy)][Plen Bins: 11,0,0,0,0,0,0,22,0,0,0,0,0,33,0,5,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,22,0,0,0,0,0,0,0,0]
- 31 TCP 192.168.2.126:37100 <-> 52.29.177.177:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 4][cat: Web/5][Breed: Acceptable][12 pkts/8973 bytes <-> 4 pkts/687 bytes][Goodput ratio: 91/61][7.04 sec][Hostname/SNI: adx-tk.rayjump.com][bytes ratio: 0.858 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/185 697/1192 4610/2198 1454/1006][Pkt Len c2s/s2c min/avg/max/stddev: 86/169 748/172 1506/180 594/5][StatusCode: 204][Server: nginx][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /track)][Plen Bins: 25,0,0,25,0,0,0,0,0,0,0,0,0,0,12,6,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0]
+ 31 TCP 192.168.2.126:37100 <-> 52.29.177.177:80 [proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 4][cat: Web/5][Breed: Acceptable][12 pkts/8973 bytes <-> 4 pkts/687 bytes][Goodput ratio: 91/61][7.04 sec][Hostname/SNI: adx-tk.rayjump.com][bytes ratio: 0.858 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/185 697/1192 4610/2198 1454/1006][Pkt Len c2s/s2c min/avg/max/stddev: 86/169 748/172 1506/180 594/5][StatusCode: 204][Server: nginx][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /track)][Plen Bins: 25,0,0,25,0,0,0,0,0,0,0,0,0,0,12,6,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0]
32 TCP 192.168.5.16:53627 <-> 203.69.81.73:80 [proto: 7.315/HTTP.Line][Stack: HTTP.Line][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 315/Line, Confidence: DNS][DPI packets: 6][cat: Chat/9][Breed: Acceptable][6 pkts/676 bytes <-> 8 pkts/8822 bytes][Goodput ratio: 40/94][0.02 sec][Hostname/SNI: dl-obs.official.line.naver.jp][bytes ratio: -0.858 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 4/2 10/8 4/3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 113/1103 334/1514 99/610][URL: dl-obs.official.line.naver.jp/r/talk/m/4697716954688/preview][StatusCode: 200][Content-Type: image/jpeg][User-Agent: DESKTOP:MAC:10.10.5-YOSEMITE(4.7.2)][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (FGET /r/talk/m/4697716954688/pr)][Plen Bins: 0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,71,0,0]
33 TCP 192.168.5.16:53628 <-> 203.69.81.73:80 [proto: 7.315/HTTP.Line][Stack: HTTP.Line][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 315/Line, Confidence: DNS][DPI packets: 6][cat: Chat/9][Breed: Acceptable][6 pkts/676 bytes <-> 8 pkts/8482 bytes][Goodput ratio: 40/94][0.01 sec][Hostname/SNI: dl-obs.official.line.naver.jp][bytes ratio: -0.852 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3/2 10/6 4/2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 113/1060 334/1514 99/620][URL: dl-obs.official.line.naver.jp/r/talk/m/4697716971500/preview][StatusCode: 200][Content-Type: image/jpeg][User-Agent: DESKTOP:MAC:10.10.5-YOSEMITE(4.7.2)][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GGET /r/talk/m/4697716971500/pr)][Plen Bins: 0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,71,0,0]
34 UDP [fe80::9bd:81dd:2fdc:5750]:1900 -> [ff02::c]:1900 [proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][16 pkts/8921 bytes -> 0 pkts/0 bytes][Goodput ratio: 89/0][8.40 sec][Hostname/SNI: [ff02::c]][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 103/0 512/0 2044/0 527/0][Pkt Len c2s/s2c min/avg/max/stddev: 510/0 558/0 590/0 30/0][PLAIN TEXT (NOTIFY )][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,31,12,56,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -116,23 +116,23 @@ JA Host Stats:
40 TCP 192.168.2.126:38314 <-> 172.105.121.82:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/273 bytes <-> 4 pkts/6346 bytes][Goodput ratio: 76/96][0.33 sec][Hostname/SNI: pic.1kxun.com][URL: pic.1kxun.com/video_kankan/images/videos/40750-585645353a7a47615755b7714c611835.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,20,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,40,0,20]
41 TCP 192.168.2.126:45414 <-> 161.117.13.29:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][3 pkts/2118 bytes <-> 3 pkts/3518 bytes][Goodput ratio: 91/94][4.32 sec][Hostname/SNI: mangaweb.1kxun.mobi][bytes ratio: -0.248 (Download)][IAT c2s/s2c min/avg/max/stddev: 215/216 2066/2066 3917/3916 1851/1850][Pkt Len c2s/s2c min/avg/max/stddev: 482/758 706/1173 819/1456 158/300][URL: mangaweb.1kxun.mobi/js/fb-sdk.js][StatusCode: 200][Content-Type: application/javascript][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /js/fb)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,16,0,34,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,16,0,0,0,0]
42 TCP 192.168.2.126:47246 <-> 161.117.13.29:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][2 pkts/1872 bytes <-> 2 pkts/3374 bytes][Goodput ratio: 93/96][1.30 sec][Hostname/SNI: kankan.1kxun.com][URL: kankan.1kxun.com/video_kankan_tags/v2/api/homePageVideoCollections/HomePageBanners?_brand=Google&_model=sdk_gphone_x86&_ov=Android11&_cpu=i686&_resolution=1080%2C1794&_package=com.sceneway.kankan&_v=2.8.2.1&_channel=1kxun&_carrier=310260&_android_id=b9e28][StatusCode: 200][Content-Type: application/json][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25]
- 43 TCP 192.168.2.126:36660 <-> 18.64.103.30:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 4][cat: Web/5][Breed: Acceptable][1 pkts/328 bytes <-> 3 pkts/4733 bytes][Goodput ratio: 80/96][0.03 sec][Hostname/SNI: hybird.rayjump.com][URL: hybird.rayjump.com/rv/endv4.html?mof=1&ec_id=4&mof_uid=91199&n_imp=1&unit_id=8881&sdk_version=mal_8.7.4][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /rv/endv4.html)][Plen Bins: 0,0,0,0,0,0,0,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,25]
+ 43 TCP 192.168.2.126:36660 <-> 18.64.103.30:80 [proto: 7/HTTP][Stack: HTTP][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 4][cat: Web/5][Breed: Acceptable][1 pkts/328 bytes <-> 3 pkts/4733 bytes][Goodput ratio: 80/96][0.03 sec][Hostname/SNI: hybird.rayjump.com][URL: hybird.rayjump.com/rv/endv4.html?mof=1&ec_id=4&mof_uid=91199&n_imp=1&unit_id=8881&sdk_version=mal_8.7.4][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /rv/endv4.html)][Plen Bins: 0,0,0,0,0,0,0,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,25]
44 TCP 192.168.115.8:49608 <-> 203.205.151.234:80 [proto: 7.48/HTTP.QQ][Stack: HTTP.QQ][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 48/QQ, Confidence: DNS][DPI packets: 9][cat: Chat/9][Breed: Fun][18 pkts/3550 bytes <-> 7 pkts/1400 bytes][Goodput ratio: 71/72][1.09 sec][Hostname/SNI: vv.video.qq.com][bytes ratio: 0.434 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 70/191 476/506 136/201][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 197/200 499/372 176/149][URL: vv.video.qq.com/getvinfo][StatusCode: 100][Req Content-Type: application/x-www-form-urlencoded][User-Agent: Mozilla/5.0][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (POST /getvinfo HTTP/1.1)][Plen Bins: 15,0,0,0,0,15,15,0,0,23,0,0,0,30,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
45 UDP 192.168.119.1:67 -> 255.255.255.255:68 [proto: 18/DHCP][Stack: DHCP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 18/DHCP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][14 pkts/4788 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][43.01 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 412/0 3106/0 12289/0 3176/0][Pkt Len c2s/s2c min/avg/max/stddev: 342/0 342/0 342/0 0/0][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
46 TCP 192.168.5.16:53580 <-> 31.13.87.36:443 [proto: 91/TLS][Stack: TLS][IP: 119/Facebook][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 4][cat: Web/5][Breed: Safe][4 pkts/2050 bytes <-> 5 pkts/2297 bytes][Goodput ratio: 87/86][0.18 sec][bytes ratio: -0.057 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 4/0 60/44 176/133 82/54][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 512/459 1159/1464 468/536][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][Plen Bins: 0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,20,0,0,0,0]
47 TCP 192.168.115.8:49613 <-> 183.131.48.144:80 [proto: 7/HTTP][Stack: HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 9][cat: Media/1][Breed: Acceptable][7 pkts/1408 bytes <-> 5 pkts/2611 bytes][Goodput ratio: 71/89][0.15 sec][Hostname/SNI: 183.131.48.144][bytes ratio: -0.299 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 14/25 69/67 28/30][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 201/522 557/1078 225/465][URL: 183.131.48.144/vlive.qqvideo.tc.qq.com/u0020mkrnds.p1203.1.mp4?vkey=7AB139BF6B32F53747E8FF192E6FE557B3A3D644C034E34BF6EAEB4E0774F2A92EF3AC5C007520BB925E5C8A18E6D302C2DAE0A295B26AA8FD1DC8069D47CE1B4A16A56870BD1ACA3E86ABE4C079659DB2182FC71217AB68CCD344CE656][StatusCode: 206][Content-Type: video/mp4][Risk: ** HTTP Susp User-Agent **** HTTP/TLS/QUIC Numeric Hostname/SNI **][Risk Score: 110][Risk Info: Found host 183.131.48.144 / Empty or missing User-Agent][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /vlive.qq)][Plen Bins: 0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,40,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,40,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
48 TCP 192.168.5.16:53623 <-> 192.168.115.75:443 [proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][Breed: Safe][11 pkts/1959 bytes <-> 8 pkts/1683 bytes][Goodput ratio: 67/72][20.95 sec][Hostname/SNI: 192.168.115.75][bytes ratio: 0.076 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 2323/4176 15252/15254 4895/5951][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 178/210 1067/1055 288/323][Risk: ** Weak TLS Cipher **** HTTP/TLS/QUIC Numeric Hostname/SNI **** TLS (probably) Not Carrying HTTPS **][Risk Score: 120][Risk Info: No ALPN / 192.168.115.75 / Cipher TLS_RSA_WITH_AES_128_CBC_SHA][nDPI Fingerprint: aa7eafaa128c9b8a39bd010d912570a8][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12i370500_07a749158664_d075105c1994][JA3S: 573a9f3f80037fb40d481e2054def5bb][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 14,14,14,0,0,14,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
49 TCP 192.168.5.16:53625 <-> 192.168.115.75:443 [proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][Breed: Safe][11 pkts/1955 bytes <-> 8 pkts/1683 bytes][Goodput ratio: 67/72][6.76 sec][Hostname/SNI: 192.168.115.75][bytes ratio: 0.075 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 746/1336 5987/5987 1865/2341][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 178/210 1067/1055 287/323][Risk: ** Weak TLS Cipher **** HTTP/TLS/QUIC Numeric Hostname/SNI **** TLS (probably) Not Carrying HTTPS **][Risk Score: 120][Risk Info: No ALPN / 192.168.115.75 / Cipher TLS_RSA_WITH_AES_128_CBC_SHA][nDPI Fingerprint: 50d11face9dc5e9cbfbd911e19a622a5][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12i370400_07a749158664_e64f6000bf4d][JA3S: 573a9f3f80037fb40d481e2054def5bb][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 14,14,14,0,0,14,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 50 TCP 192.168.2.126:42554 <-> 35.156.44.13:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][4 pkts/3091 bytes <-> 2 pkts/444 bytes][Goodput ratio: 91/70][2.57 sec][Hostname/SNI: de01.rayjump.com][bytes ratio: 0.749 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2/2543 847/2543 2537/2543 1195/0][Pkt Len c2s/s2c min/avg/max/stddev: 86/222 773/222 1506/222 647/0][URL: de01.rayjump.com/onlyImpression?k=629bea20a4e5410001f01c7x&mp=fURPDr5tiUStf7V2fajMiaveHUveDAJ96aiPfU5IiARTfnHIGal9i%2BMefbMM6jxc6aRAGaxIi%2BMPfdMei%2BewDke6Go9bWUxIi099WUR%2Fi%2BegYFKgY75IhFx8%2BFJML7K%2FH5K9GaHIinhPfdleialM6azIHkPIG%2BeIGnR%2FiUjPWUNMWUR][StatusCode: 200][Content-Type: text/plain][Server: nginx][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (FGET /onlyImpression)][Plen Bins: 16,0,0,16,34,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,16,0,0]
+ 50 TCP 192.168.2.126:42554 <-> 35.156.44.13:80 [proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][4 pkts/3091 bytes <-> 2 pkts/444 bytes][Goodput ratio: 91/70][2.57 sec][Hostname/SNI: de01.rayjump.com][bytes ratio: 0.749 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2/2543 847/2543 2537/2543 1195/0][Pkt Len c2s/s2c min/avg/max/stddev: 86/222 773/222 1506/222 647/0][URL: de01.rayjump.com/onlyImpression?k=629bea20a4e5410001f01c7x&mp=fURPDr5tiUStf7V2fajMiaveHUveDAJ96aiPfU5IiARTfnHIGal9i%2BMefbMM6jxc6aRAGaxIi%2BMPfdMei%2BewDke6Go9bWUxIi099WUR%2Fi%2BegYFKgY75IhFx8%2BFJML7K%2FH5K9GaHIinhPfdleialM6azIHkPIG%2BeIGnR%2FiUjPWUNMWUR][StatusCode: 200][Content-Type: text/plain][Server: nginx][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (FGET /onlyImpression)][Plen Bins: 16,0,0,16,34,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,16,0,0]
51 TCP 192.168.5.16:53629 <-> 192.168.115.75:443 [proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][Breed: Safe][10 pkts/1895 bytes <-> 7 pkts/1623 bytes][Goodput ratio: 69/75][6.08 sec][Hostname/SNI: 192.168.115.75][bytes ratio: 0.077 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 753/1500 5998/5998 1982/2597][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 190/232 1067/1055 299/340][Risk: ** Weak TLS Cipher **** HTTP/TLS/QUIC Numeric Hostname/SNI **** TLS (probably) Not Carrying HTTPS **][Risk Score: 120][Risk Info: No ALPN / 192.168.115.75 / Cipher TLS_RSA_WITH_AES_128_CBC_SHA][nDPI Fingerprint: 50d11face9dc5e9cbfbd911e19a622a5][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12i370400_07a749158664_e64f6000bf4d][JA3S: 573a9f3f80037fb40d481e2054def5bb][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 14,14,14,0,0,14,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
52 TCP 192.168.115.8:49605 <-> 106.185.35.110:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 295/1kxun, Confidence: DNS][DPI packets: 9][cat: Streaming/17][Breed: Fun][8 pkts/1128 bytes <-> 5 pkts/2282 bytes][Goodput ratio: 60/87][0.09 sec][Hostname/SNI: jp.kankan.1kxun.mobi][bytes ratio: -0.338 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 6/16 36/43 13/19][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 141/456 390/1314 144/512][URL: jp.kankan.1kxun.mobi/api/videos/10410.json][StatusCode: 200][Content-Type: application/json][Server: openresty/1.9.7.1][Risk: ** HTTP Susp User-Agent **][Risk Score: 100][Risk Info: Empty or missing User-Agent][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /api/videos/10410.j)][Plen Bins: 20,0,0,0,0,0,0,0,0,0,40,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0]
- 53 TCP 192.168.2.126:33042 <-> 3.122.190.70:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][2 pkts/1986 bytes <-> 2 pkts/1328 bytes][Goodput ratio: 93/90][2.20 sec][Hostname/SNI: click.liftoff.io][URL: click.liftoff.io/v1/campaign_click/ddfWbX-c_ZpIF_3wE-XgJSwRJPn_5OpS9IR6X4XG91XQL6ssRLV4QPLSEQgWyRbP_OAHXGp-3z8zKxdRjL-BT6h7z46z4qmAWxR5DboEhr1DytY4W5gfQLUcV6yE3POR7PrQlrVbVtH-7uW1oie-jkR4naGHTVVHKv5kFXBJ9yTIX-JngaE2MMTER1HuBx9qTlyLhiZCtWSUSv4Ze5z4QuGqjWij][StatusCode: 200][Content-Type: image/png][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /v1/campaign)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 53 TCP 192.168.2.126:33042 <-> 3.122.190.70:80 [proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][2 pkts/1986 bytes <-> 2 pkts/1328 bytes][Goodput ratio: 93/90][2.20 sec][Hostname/SNI: click.liftoff.io][URL: click.liftoff.io/v1/campaign_click/ddfWbX-c_ZpIF_3wE-XgJSwRJPn_5OpS9IR6X4XG91XQL6ssRLV4QPLSEQgWyRbP_OAHXGp-3z8zKxdRjL-BT6h7z46z4qmAWxR5DboEhr1DytY4W5gfQLUcV6yE3POR7PrQlrVbVtH-7uW1oie-jkR4naGHTVVHKv5kFXBJ9yTIX-JngaE2MMTER1HuBx9qTlyLhiZCtWSUSv4Ze5z4QuGqjWij][StatusCode: 200][Content-Type: image/png][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /v1/campaign)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
54 TCP 192.168.2.126:50176 <-> 161.117.13.29:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/1185 bytes <-> 2 pkts/2082 bytes][Goodput ratio: 94/94][0.19 sec][Hostname/SNI: mangaweb.1kxun.mobi][URL: mangaweb.1kxun.mobi/images/list_default.png][StatusCode: 200][Content-Type: image/png][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /images/list)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,33,0,0]
55 TCP 192.168.5.16:53626 <-> 192.168.115.75:443 [proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][Breed: Safe][11 pkts/1943 bytes <-> 8 pkts/1267 bytes][Goodput ratio: 66/63][8.90 sec][Hostname/SNI: 192.168.115.75][bytes ratio: 0.211 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 982/1763 6000/6000 1978/2381][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 177/158 1051/639 283/188][Risk: ** Weak TLS Cipher **** HTTP/TLS/QUIC Numeric Hostname/SNI **** TLS (probably) Not Carrying HTTPS **][Risk Score: 120][Risk Info: No ALPN / 192.168.115.75 / Cipher TLS_RSA_WITH_AES_128_CBC_SHA][nDPI Fingerprint: aa7eafaa128c9b8a39bd010d912570a8][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12i370500_07a749158664_d075105c1994][JA3S: 573a9f3f80037fb40d481e2054def5bb][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 14,14,14,0,0,14,14,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
56 TCP 192.168.115.8:49597 <-> 106.185.35.110:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 295/1kxun, Confidence: DNS][DPI packets: 9][cat: Streaming/17][Breed: Fun][10 pkts/1394 bytes <-> 4 pkts/1464 bytes][Goodput ratio: 59/83][45.16 sec][Hostname/SNI: jp.kankan.1kxun.mobi][bytes ratio: -0.024 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/4 5639/28 44799/53 14801/24][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 139/366 468/1272 164/523][URL: jp.kankan.1kxun.mobi/api/videos/10410.json?callback=jQuery18306855657112319022_1470103242123&_=1470104377698][StatusCode: 200][Content-Type: application/x-javascript][Server: openresty/1.9.7.1][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /api/videos/10410.j)][Plen Bins: 40,0,0,0,0,0,0,0,0,0,0,0,40,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0]
57 TCP 192.168.2.126:35426 <-> 8.209.112.118:80 [proto: 7/HTTP][Stack: HTTP][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 5][cat: Web/5][Breed: Acceptable][4 pkts/2668 bytes <-> 1 pkts/142 bytes][Goodput ratio: 92/62][0.02 sec][Hostname/SNI: analytics.rayjump.com][URL: analytics.rayjump.com/][StatusCode: 204][Req Content-Type: application/x-www-form-urlencoded][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (POST / HTTP/1.1)][Plen Bins: 20,0,20,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0]
- 58 TCP 192.168.2.126:41390 <-> 18.64.79.37:80 [proto: 7.126/HTTP.Google][Stack: HTTP.Google][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7.126/HTTP.Google, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/492 bytes <-> 3 pkts/2123 bytes][Goodput ratio: 86/91][0.03 sec][Hostname/SNI: google.open-js.com][URL: google.open-js.com/doubleclick/ca0ecde2.js][StatusCode: 200][Content-Type: application/javascript][Server: AmazonS3][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (SGET /doubleclick/ca0)][Plen Bins: 0,25,0,0,0,0,0,0,0,0,0,0,0,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0]
- 59 TCP 192.168.2.126:56096 <-> 3.72.69.158:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/857 bytes <-> 1 pkts/1706 bytes][Goodput ratio: 92/96][0.02 sec][Hostname/SNI: setting.rayjump.com][URL: setting.rayjump.com/setting?app_id=32456&sign=3c28ded04e0f4090229968618244b583&channel=&platform=1&os_version=11&package_name=com.sceneway.kankan&app_version_name=2.8.2.1&app_version_code=146&orientation=2&model=sdk_gphone_x86&brand=google&gaid=&mnc=&mcc=][StatusCode: 200][Content-Type: text/plain][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /setting)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
+ 58 TCP 192.168.2.126:41390 <-> 18.64.79.37:80 [proto: 7.126/HTTP.Google][Stack: HTTP.Google][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7.126/HTTP.Google, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/492 bytes <-> 3 pkts/2123 bytes][Goodput ratio: 86/91][0.03 sec][Hostname/SNI: google.open-js.com][URL: google.open-js.com/doubleclick/ca0ecde2.js][StatusCode: 200][Content-Type: application/javascript][Server: AmazonS3][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (SGET /doubleclick/ca0)][Plen Bins: 0,25,0,0,0,0,0,0,0,0,0,0,0,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0]
+ 59 TCP 192.168.2.126:56096 <-> 3.72.69.158:80 [proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/857 bytes <-> 1 pkts/1706 bytes][Goodput ratio: 92/96][0.02 sec][Hostname/SNI: setting.rayjump.com][URL: setting.rayjump.com/setting?app_id=32456&sign=3c28ded04e0f4090229968618244b583&channel=&platform=1&os_version=11&package_name=com.sceneway.kankan&app_version_name=2.8.2.1&app_version_code=146&orientation=2&model=sdk_gphone_x86&brand=google&gaid=&mnc=&mcc=][StatusCode: 200][Content-Type: text/plain][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /setting)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
60 TCP 31.13.87.1:443 <-> 192.168.5.16:53578 [proto: 91/TLS][Stack: TLS][IP: 119/Facebook][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 3][cat: Web/5][Breed: Safe][5 pkts/1006 bytes <-> 5 pkts/1487 bytes][Goodput ratio: 67/78][0.26 sec][bytes ratio: -0.193 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 64/64 205/212 84/87][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 201/297 471/1223 139/463][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][Plen Bins: 0,0,40,20,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0]
61 UDP 192.168.5.57:55809 -> 239.255.255.250:1900 [proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][14 pkts/2450 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][56.94 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2968/0 4488/0 17921/0 4136/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
62 TCP 192.168.115.8:49598 <-> 222.73.254.167:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 295/1kxun, Confidence: DNS][DPI packets: 9][cat: Streaming/17][Breed: Fun][10 pkts/1406 bytes <-> 4 pkts/980 bytes][Goodput ratio: 60/75][45.21 sec][Hostname/SNI: kankan.1kxun.com][bytes ratio: 0.179 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/9 5643/40 44798/70 14800/30][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 141/245 474/788 167/314][URL: kankan.1kxun.com/api/videos/alsolikes/10410.json?callback=jQuery18306855657112319022_1470103242123&_=1470104377899][StatusCode: 200][Content-Type: application/json][Server: openresty/1.9.3.2][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /api/videos/alsolikes/10410)][Plen Bins: 40,0,0,0,0,0,0,0,0,0,0,0,0,40,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -142,23 +142,23 @@ JA Host Stats:
66 UDP 192.168.3.95:59468 -> 239.255.255.250:1900 [proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][12 pkts/2100 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][45.06 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2967/0 4198/0 14952/0 3585/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
67 UDP 192.168.5.9:55484 -> 239.255.255.250:1900 [proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][12 pkts/2100 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][49.87 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2968/0 4680/0 19869/0 5063/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
68 TCP 192.168.2.126:50148 <-> 161.117.13.29:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/1180 bytes <-> 1 pkts/832 bytes][Goodput ratio: 94/92][0.18 sec][Hostname/SNI: mangaweb.1kxun.mobi][URL: mangaweb.1kxun.mobi/images/readpage_revision/like_1.png][StatusCode: 200][Content-Type: image/png][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /images/readpage)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 69 TCP 192.168.2.126:42566 <-> 35.156.44.13:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 4][cat: Web/5][Breed: Acceptable][3 pkts/1770 bytes <-> 1 pkts/222 bytes][Goodput ratio: 89/70][0.03 sec][Hostname/SNI: de01.rayjump.com][StatusCode: 200][Content-Type: text/plain][Server: nginx][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gec][PLAIN TEXT (GGET /impression)][Plen Bins: 25,0,0,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0]
+ 69 TCP 192.168.2.126:42566 <-> 35.156.44.13:80 [proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 4][cat: Web/5][Breed: Acceptable][3 pkts/1770 bytes <-> 1 pkts/222 bytes][Goodput ratio: 89/70][0.03 sec][Hostname/SNI: de01.rayjump.com][StatusCode: 200][Content-Type: text/plain][Server: nginx][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gec][PLAIN TEXT (GGET /impression)][Plen Bins: 25,0,0,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0]
70 TCP 192.168.5.16:53624 <-> 68.233.253.133:80 [proto: 7/HTTP][Stack: HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][Breed: Acceptable][7 pkts/996 bytes <-> 5 pkts/986 bytes][Goodput ratio: 52/66][31.95 sec][Hostname/SNI: api.magicansoft.com][bytes ratio: 0.005 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/8 2391/3919 11352/11551 4481/5397][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 142/197 331/390 117/157][URL: api.magicansoft.com/comMagicanApi/composite/app.php/Global/Index/ip][StatusCode: 502][Content-Type: text/html][Server: MServer 1.2.2][User-Agent: Magican (unknown version) CFNetwork/720.5.7 Darwin/14.5.0 (x86_64)][Risk: ** Error Code **][Risk Score: 10][Risk Info: HTTP Error Code 502][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GET /comMagicanApi/composite/ap)][Plen Bins: 0,0,0,0,0,0,0,0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
71 TCP 192.168.2.126:50140 <-> 161.117.13.29:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/1178 bytes <-> 1 pkts/748 bytes][Goodput ratio: 94/91][0.18 sec][Hostname/SNI: mangaweb.1kxun.mobi][URL: mangaweb.1kxun.mobi/images/readpage_revision/left.png][StatusCode: 200][Content-Type: image/png][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /images/readpage)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0]
72 TCP 192.168.2.126:50166 <-> 161.117.13.29:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/1179 bytes <-> 1 pkts/746 bytes][Goodput ratio: 94/91][0.18 sec][Hostname/SNI: mangaweb.1kxun.mobi][URL: mangaweb.1kxun.mobi/images/readpage_revision/right.png][StatusCode: 200][Content-Type: image/png][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /images/readpage)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0]
73 TCP 192.168.2.126:47262 <-> 161.117.13.29:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/937 bytes <-> 1 pkts/883 bytes][Goodput ratio: 93/92][0.31 sec][Hostname/SNI: kankan.1kxun.com][URL: kankan.1kxun.com/video_kankan_tags/v2/api/messages?min_id=0&access_token=&_brand=Google&_model=sdk_gphone_x86&_ov=Android11&_cpu=i686&_resolution=1080%2C1794&_package=com.sceneway.kankan&_v=2.8.2.1&_channel=1kxun&_carrier=310260&_android_id=b9e28776354d25][StatusCode: 301][Content-Type: text/html][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 74 TCP 192.168.2.126:51686 <-> 18.64.79.64:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1295 bytes <-> 1 pkts/500 bytes][Goodput ratio: 95/87][0.60 sec][Hostname/SNI: net.rayjump.com][URL: net.rayjump.com/openapi/ad/v3?app_id=32456&unit_id=8881&sign=3c28ded04e0f4090229968618244b583&req_type=3&ad_num=20&tnum=1&only_impression=1&ping_mode=1&ttc_ids=%5B%5D&display_cids=%5B19944365299%5D&exclude_ids=%5B19944365299%5D&ad_source_id=1&session_id=6][StatusCode: 200][Content-Type: application/json][Server: nginx][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /openapi/ad/v)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0]
+ 74 TCP 192.168.2.126:51686 <-> 18.64.79.64:80 [proto: 7/HTTP][Stack: HTTP][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1295 bytes <-> 1 pkts/500 bytes][Goodput ratio: 95/87][0.60 sec][Hostname/SNI: net.rayjump.com][URL: net.rayjump.com/openapi/ad/v3?app_id=32456&unit_id=8881&sign=3c28ded04e0f4090229968618244b583&req_type=3&ad_num=20&tnum=1&only_impression=1&ping_mode=1&ttc_ids=%5B%5D&display_cids=%5B19944365299%5D&exclude_ids=%5B19944365299%5D&ad_source_id=1&session_id=6][StatusCode: 200][Content-Type: application/json][Server: nginx][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /openapi/ad/v)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0]
75 TCP 192.168.2.126:50164 <-> 161.117.13.29:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/1184 bytes <-> 1 pkts/574 bytes][Goodput ratio: 94/88][0.18 sec][Hostname/SNI: mangaweb.1kxun.mobi][URL: mangaweb.1kxun.mobi/images/readpage_revision/more_white.png][StatusCode: 200][Content-Type: image/png][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /images/readpage)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0]
76 UDP 192.168.101.33:55485 -> 239.255.255.250:1900 [proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][10 pkts/1750 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][49.87 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2969/0 5541/0 19870/0 5205/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 77 TCP 192.168.2.126:41940 <-> 18.64.79.50:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1315 bytes <-> 1 pkts/419 bytes][Goodput ratio: 95/84][0.04 sec][Hostname/SNI: tknet-cdn.rayjump.com][URL: tknet-cdn.rayjump.com/ad/log/play?k=629bea20a4e5410001f01c7x&mp=fURPDr5tiUStf7V2fajMiaveHUveDAJ96aiPfU5IiARTfnHIGal9i%2BMefbMefAEeGn3TfaiFfnRPGnEe6jxc6aRAGaxIi%2BMPfdMei%2BewDke6Go9bWUxIi099WUR%2Fi%2BegYFKgY75IhFx8%2BFJML7K%2FH5K9GaHIinhPfdleialM6azIHkPIG][StatusCode: 200][Content-Type: text/plain][Server: nginx][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /ad/log/play)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0]
+ 77 TCP 192.168.2.126:41940 <-> 18.64.79.50:80 [proto: 7/HTTP][Stack: HTTP][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1315 bytes <-> 1 pkts/419 bytes][Goodput ratio: 95/84][0.04 sec][Hostname/SNI: tknet-cdn.rayjump.com][URL: tknet-cdn.rayjump.com/ad/log/play?k=629bea20a4e5410001f01c7x&mp=fURPDr5tiUStf7V2fajMiaveHUveDAJ96aiPfU5IiARTfnHIGal9i%2BMefbMefAEeGn3TfaiFfnRPGnEe6jxc6aRAGaxIi%2BMPfdMei%2BewDke6Go9bWUxIi099WUR%2Fi%2BegYFKgY75IhFx8%2BFJML7K%2FH5K9GaHIinhPfdleialM6azIHkPIG][StatusCode: 200][Content-Type: text/plain][Server: nginx][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /ad/log/play)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0]
78 TCP 192.168.2.126:49242 <-> 172.104.119.80:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][2 pkts/1129 bytes <-> 2 pkts/582 bytes][Goodput ratio: 88/77][2.16 sec][Hostname/SNI: android.yingshi.tcclick.1kxun.com][URL: android.yingshi.tcclick.1kxun.com/api/upload.php][StatusCode: 500][Req Content-Type: application/octet-stream][Content-Type: text/html][Server: openresty/1.11.2.5][User-Agent: okhttp/3.10.0][Risk: ** Error Code **][Risk Score: 10][Risk Info: HTTP Error Code 500][PLAIN TEXT (aPOST /api/upload.php HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 79 TCP 192.168.2.126:56104 <-> 3.72.69.158:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/896 bytes <-> 1 pkts/721 bytes][Goodput ratio: 93/91][0.02 sec][Hostname/SNI: setting.rayjump.com][URL: setting.rayjump.com/rewardsetting?app_id=32456&sign=3c28ded04e0f4090229968618244b583&unit_ids=%5B8881%5D&channel=&platform=1&os_version=11&package_name=com.sceneway.kankan&app_version_name=2.8.2.1&app_version_code=146&orientation=2&model=sdk_gphone_x86&br][StatusCode: 200][Content-Type: text/plain][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /rewardsetting)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 79 TCP 192.168.2.126:56104 <-> 3.72.69.158:80 [proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/896 bytes <-> 1 pkts/721 bytes][Goodput ratio: 93/91][0.02 sec][Hostname/SNI: setting.rayjump.com][URL: setting.rayjump.com/rewardsetting?app_id=32456&sign=3c28ded04e0f4090229968618244b583&unit_ids=%5B8881%5D&channel=&platform=1&os_version=11&package_name=com.sceneway.kankan&app_version_name=2.8.2.1&app_version_code=146&orientation=2&model=sdk_gphone_x86&br][StatusCode: 200][Content-Type: text/plain][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /rewardsetting)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
80 UDP 192.168.5.49:51704 -> 239.255.255.250:1900 [proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][9 pkts/1611 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][45.06 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2965/0 5631/0 15155/0 3855/0][Pkt Len c2s/s2c min/avg/max/stddev: 179/0 179/0 179/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
81 UDP 192.168.5.50:64674 -> 239.255.255.250:1900 [proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][9 pkts/1611 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][57.02 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2949/0 7126/0 24065/0 7503/0][Pkt Len c2s/s2c min/avg/max/stddev: 179/0 179/0 179/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
82 UDP 192.168.5.37:57325 -> 239.255.255.250:1900 [proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][9 pkts/1575 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][45.06 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2969/0 5632/0 18024/0 4843/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
83 TCP 192.168.2.126:59324 <-> 104.117.221.10:80 [proto: 7/HTTP][Stack: HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/475 bytes <-> 1 pkts/1049 bytes][Goodput ratio: 86/94][0.04 sec][Hostname/SNI: m.vpon.com][URL: m.vpon.com/sdk/vpadn-sdk-core-v1.js][StatusCode: 200][Content-Type: application/x-javascript][Server: AkamaiNetStorage][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36(Mobile; vpadn-sdk-a-v4.6.4)][PLAIN TEXT (GET /sdk/vpadn)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
84 TCP 192.168.2.126:35200 <-> 103.29.71.30:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/953 bytes <-> 1 pkts/563 bytes][Goodput ratio: 93/88][0.36 sec][Hostname/SNI: release.bigdata.1kxun.com][URL: release.bigdata.1kxun.com/c/35/13277?&_in_app=kankan&_udid=e6dbd30b-3b84-44b4-9751-631148a3ede9&_v=2.8.2.1&_package=com.sceneway.kankan&_model=sdk_gphone_x86&_ov=11&_brand=Google&_android_id=b9e28776354d259e&_gaid=5ac6a0ff-8d18-47bc-a902-2812cf0c251e&t=16][StatusCode: 302][Content-Type: text/html][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /c/35/13277)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 85 TCP 192.168.2.126:43272 <-> 18.64.79.58:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1006 bytes <-> 1 pkts/500 bytes][Goodput ratio: 93/87][0.11 sec][Hostname/SNI: net.rayjump.com][URL: net.rayjump.com/openapi/ads?app_id=32456&unit_id=52498&sign=3c28ded04e0f4090229968618244b583&is_vast=1&ad_num=1&http_req=1&client_ip=92.219.40.235&useragent=Dalvik%2F2.1.0+%28Linux%3B+U%3B+Android+11%3B+sdk_gphone_x86+Build%2FRSR1.201013.001%29&os_version][StatusCode: 200][Content-Type: application/json][Server: nginx][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /openapi/ads)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 85 TCP 192.168.2.126:43272 <-> 18.64.79.58:80 [proto: 7/HTTP][Stack: HTTP][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1006 bytes <-> 1 pkts/500 bytes][Goodput ratio: 93/87][0.11 sec][Hostname/SNI: net.rayjump.com][URL: net.rayjump.com/openapi/ads?app_id=32456&unit_id=52498&sign=3c28ded04e0f4090229968618244b583&is_vast=1&ad_num=1&http_req=1&client_ip=92.219.40.235&useragent=Dalvik%2F2.1.0+%28Linux%3B+U%3B+Android+11%3B+sdk_gphone_x86+Build%2FRSR1.201013.001%29&os_version][StatusCode: 200][Content-Type: application/json][Server: nginx][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /openapi/ads)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
86 TCP 192.168.115.8:49607 <-> 218.244.135.170:9099 [proto: 7/HTTP][Stack: HTTP][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 274/Alibaba, Confidence: IP address][DPI packets: 8][cat: Web/5][Breed: Acceptable][10 pkts/880 bytes <-> 3 pkts/572 bytes][Goodput ratio: 36/69][0.74 sec][Hostname/SNI: 218.244.135.170][bytes ratio: 0.212 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/119 54/119 318/119 106/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 88/191 212/446 62/181][URL: 218.244.135.170:9099/api/qqlive_ckey/get?vid=y0013xaeeyo&platform=10902][StatusCode: 200][User-Agent: Mozilla/5.0][Risk: ** Known Proto on Non Std Port **** HTTP/TLS/QUIC Numeric Hostname/SNI **][Risk Score: 60][Risk Info: Found host 218.244.135.170 / Expected on port 80][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /api/qq)][Plen Bins: 25,0,0,0,50,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
87 UDP 192.168.5.47:60267 -> 239.255.255.250:1900 [proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][8 pkts/1432 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][38.10 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2968/0 5442/0 17101/0 4875/0][Pkt Len c2s/s2c min/avg/max/stddev: 179/0 179/0 179/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
88 UDP 192.168.5.41:55312 -> 239.255.255.250:1900 [proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][8 pkts/1400 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][57.22 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2949/0 8174/0 27242/0 8848/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -167,21 +167,21 @@ JA Host Stats:
91 TCP 192.168.2.126:53416 <-> 172.217.16.142:80 [proto: 7.228/HTTP.PlayStore][Stack: HTTP.PlayStore][IP: 126/Google][ClearText][Confidence: DPI][FPC: 7.228/HTTP.PlayStore, Confidence: DPI][DPI packets: 2][cat: SoftwareUpdate/19][Breed: Safe][1 pkts/625 bytes <-> 1 pkts/734 bytes][Goodput ratio: 89/91][0.05 sec][Hostname/SNI: play.google.com][URL: play.google.com/store/apps/details?id=com.azarlive.android&referrer=adjust_external_click_id%3Dv.2_g.143845_a.f84f54bf-31cd-43ff-bd27-526ccc6457da_c.117_t.ua_u.e7df87247cbcea13%26utm_campaign%3DTest%2BCampaign%26utm_content%3DTest%2BSource%2BApp_123456789][StatusCode: 301][Content-Type: application/binary][Server: ESF][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /store/apps/details)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
92 TCP 192.168.2.126:58758 <-> 202.153.196.53:80 [proto: 7/HTTP][Stack: HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1110 bytes <-> 1 pkts/236 bytes][Goodput ratio: 94/72][0.32 sec][Hostname/SNI: tw.api.vpon.com][URL: tw.api.vpon.com/api/webviewAdReq?s_w=411&s_h=731&u_w=411&u_h=683&u_sd=2.625&lang=en_US&ni=0&sdk=vpadn-sdk-a-v4.6.4&u_o=1&os_v=30&n_mnc=260&n_mcc=310&mnc=260&mcc=310&format=320x50_mb&msid=com.sceneway.kankan&app_name=30.android.com.sceneway.kankan&simulato][StatusCode: 200][Server: Apache-Coyote/1.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36(Mobile; vpadn-sdk-a-v4.6.4)][PLAIN TEXT (NGET /api/webviewAdReq)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
93 TCP 192.168.2.126:58760 <-> 202.153.196.53:80 [proto: 7/HTTP][Stack: HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1110 bytes <-> 1 pkts/236 bytes][Goodput ratio: 94/72][1.09 sec][Hostname/SNI: tw.api.vpon.com][URL: tw.api.vpon.com/api/webviewAdReq?s_w=731&s_h=411&u_w=683&u_h=411&u_sd=2.625&lang=en_US&ni=0&sdk=vpadn-sdk-a-v4.6.4&u_o=2&os_v=30&n_mnc=260&n_mcc=310&mnc=260&mcc=310&format=320x50_mb&msid=com.sceneway.kankan&app_name=30.android.com.sceneway.kankan&simulato][StatusCode: 200][Server: Apache-Coyote/1.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36(Mobile; vpadn-sdk-a-v4.6.4)][PLAIN TEXT (GET /api/webviewAdReq)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 94 TCP 192.168.2.126:56094 <-> 3.72.69.158:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/876 bytes <-> 1 pkts/460 bytes][Goodput ratio: 92/85][0.02 sec][Hostname/SNI: setting.rayjump.com][URL: setting.rayjump.com/rewardsetting?app_id=32456&sign=3c28ded04e0f4090229968618244b583&channel=&platform=1&os_version=11&package_name=com.sceneway.kankan&app_version_name=2.8.2.1&app_version_code=146&orientation=2&model=sdk_gphone_x86&brand=google&gaid=&mnc][StatusCode: 200][Content-Type: text/plain][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /rewardsetting)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 95 TCP 192.168.2.126:56098 <-> 3.72.69.158:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/863 bytes <-> 1 pkts/460 bytes][Goodput ratio: 92/85][0.02 sec][Hostname/SNI: setting.rayjump.com][URL: setting.rayjump.com/rewardsetting?app_id=32456&sign=3c28ded04e0f4090229968618244b583&channel=&platform=1&os_version=11&package_name=com.sceneway.kankan&app_version_name=2.8.2.1&app_version_code=146&orientation=2&model=sdk_gphone_x86&brand=google&gaid=&mnc][StatusCode: 200][Content-Type: text/plain][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /rewardsetting)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 94 TCP 192.168.2.126:56094 <-> 3.72.69.158:80 [proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/876 bytes <-> 1 pkts/460 bytes][Goodput ratio: 92/85][0.02 sec][Hostname/SNI: setting.rayjump.com][URL: setting.rayjump.com/rewardsetting?app_id=32456&sign=3c28ded04e0f4090229968618244b583&channel=&platform=1&os_version=11&package_name=com.sceneway.kankan&app_version_name=2.8.2.1&app_version_code=146&orientation=2&model=sdk_gphone_x86&brand=google&gaid=&mnc][StatusCode: 200][Content-Type: text/plain][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /rewardsetting)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 95 TCP 192.168.2.126:56098 <-> 3.72.69.158:80 [proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/863 bytes <-> 1 pkts/460 bytes][Goodput ratio: 92/85][0.02 sec][Hostname/SNI: setting.rayjump.com][URL: setting.rayjump.com/rewardsetting?app_id=32456&sign=3c28ded04e0f4090229968618244b583&channel=&platform=1&os_version=11&package_name=com.sceneway.kankan&app_version_name=2.8.2.1&app_version_code=146&orientation=2&model=sdk_gphone_x86&brand=google&gaid=&mnc][StatusCode: 200][Content-Type: text/plain][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /rewardsetting)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
96 TCP 192.168.2.126:47272 <-> 161.117.13.29:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/982 bytes <-> 1 pkts/331 bytes][Goodput ratio: 93/80][0.35 sec][Hostname/SNI: messages.1kxun.mobi][URL: messages.1kxun.mobi/api/messages/listForYingshi?client-uid=e6dbd30b-3b84-44b4-9751-631148a3ede9&min_id=0&access_token=&_brand=Google&_model=sdk_gphone_x86&_ov=Android11&_cpu=i686&_resolution=1080%2C1794&_package=com.sceneway.kankan&_v=2.8.2.1&_channel=1kx][StatusCode: 200][Content-Type: text/xml][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /api/messages/listForYingsh)][Plen Bins: 0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
97 TCP 192.168.2.126:56826 <-> 8.209.97.107:80 [proto: 7/HTTP][Stack: HTTP][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 3][cat: Web/5][Breed: Acceptable][2 pkts/1156 bytes <-> 1 pkts/142 bytes][Goodput ratio: 91/62][0.02 sec][Hostname/SNI: analytics.rayjump.com][URL: analytics.rayjump.com/][StatusCode: 204][Req Content-Type: application/x-www-form-urlencoded][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (POST / HTTP/1.1)][Plen Bins: 0,0,33,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
98 UDP 192.168.5.48:49701 -> 239.255.255.250:1900 [proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][7 pkts/1253 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][16.80 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1227/0 2799/0 5942/0 1567/0][Pkt Len c2s/s2c min/avg/max/stddev: 179/0 179/0 179/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 99 TCP 192.168.2.126:43266 -> 18.64.79.58:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 1][cat: Web/5][Breed: Acceptable][1 pkts/1198 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][Hostname/SNI: net.rayjump.com][URL: net.rayjump.com/openapi/ad/v3?app_id=32456&unit_id=8881&sign=3c28ded04e0f4090229968618244b583&req_type=2&ad_num=20&tnum=1&only_impression=1&ping_mode=1&ttc_ids=%5B%5D&ad_source_id=1&ad_type=94&offset=0&channel=&platform=1&os_version=11&package_name=com.sc][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (GET /openapi/ad/v)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0]
+ 99 TCP 192.168.2.126:43266 -> 18.64.79.58:80 [proto: 7/HTTP][Stack: HTTP][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 1][cat: Web/5][Breed: Acceptable][1 pkts/1198 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][Hostname/SNI: net.rayjump.com][URL: net.rayjump.com/openapi/ad/v3?app_id=32456&unit_id=8881&sign=3c28ded04e0f4090229968618244b583&req_type=2&ad_num=20&tnum=1&only_impression=1&ping_mode=1&ttc_ids=%5B%5D&ad_source_id=1&ad_type=94&offset=0&channel=&platform=1&os_version=11&package_name=com.sc][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (GET /openapi/ad/v)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0]
100 UDP 192.168.3.236:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][Stack: NetBIOS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 10/NetBIOS, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][13 pkts/1196 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][30.61 sec][Hostname/SNI: isatap][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 715/0 2708/0 9111/0 2902/0][Pkt Len c2s/s2c min/avg/max/stddev: 92/0 92/0 92/0 0/0][PLAIN TEXT (FDEBFEEBFACACACACACACACACACAAA)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 101 TCP 192.168.2.126:40204 <-> 18.235.204.9:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/760 bytes <-> 1 pkts/237 bytes][Goodput ratio: 91/72][0.11 sec][Hostname/SNI: adexp.liftoff.io][URL: adexp.liftoff.io/event/vast/start/57aa80COXjCBIkZjg0ZjU0YmYtMzFjZC00M2ZmLWJkMjctNTI2Y2NjNjQ1N2RhGICaqoiTMCB1KMi9DzCiEDobY29tLnNjZW5ld2F5Lmthbmthbi5tYXJrZXQzQhhoYXdrZXItcmVuZGVyaW5nLWNvbnRyb2xKCmQ4MTI5YmY1ZTRQAloDREVVYAJoBHIJdXMtZWFzdC0x4AEBgAF1kgECZW6YAQK][StatusCode: 200][Content-Type: image/png][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /event/vast/start/57aa80COX)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 101 TCP 192.168.2.126:40204 <-> 18.235.204.9:80 [proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/760 bytes <-> 1 pkts/237 bytes][Goodput ratio: 91/72][0.11 sec][Hostname/SNI: adexp.liftoff.io][URL: adexp.liftoff.io/event/vast/start/57aa80COXjCBIkZjg0ZjU0YmYtMzFjZC00M2ZmLWJkMjctNTI2Y2NjNjQ1N2RhGICaqoiTMCB1KMi9DzCiEDobY29tLnNjZW5ld2F5Lmthbmthbi5tYXJrZXQzQhhoYXdrZXItcmVuZGVyaW5nLWNvbnRyb2xKCmQ4MTI5YmY1ZTRQAloDREVVYAJoBHIJdXMtZWFzdC0x4AEBgAF1kgECZW6YAQK][StatusCode: 200][Content-Type: image/png][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /event/vast/start/57aa80COX)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
102 TCP 192.168.2.126:60962 <-> 172.104.93.92:1234 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/604 bytes <-> 1 pkts/255 bytes][Goodput ratio: 89/74][0.31 sec][Hostname/SNI: ws.1kxun.mobi][URL: ws.1kxun.mobi:1234/?_brand=Google&_model=sdk_gphone_x86&_ov=Android11&_cpu=i686&_resolution=1080%2C1794&_package=com.sceneway.kankan&_v=2.8.2.1&_channel=1kxun&_carrier=310260&_android_id=b9e28776354d259e&_network=wifi&_aid=5ac6a0ff-8d18-47bc-a902-2812cf0c][StatusCode: 101][Server: swoole-websocket-server][User-Agent: okhttp/3.10.0][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 80][PLAIN TEXT (Google)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
103 TCP 192.168.2.126:60972 <-> 172.104.93.92:1234 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/604 bytes <-> 1 pkts/255 bytes][Goodput ratio: 89/74][0.24 sec][Hostname/SNI: ws.1kxun.mobi][URL: ws.1kxun.mobi:1234/?_brand=Google&_model=sdk_gphone_x86&_ov=Android11&_cpu=i686&_resolution=1080%2C1794&_package=com.sceneway.kankan&_v=2.8.2.1&_channel=1kxun&_carrier=310260&_android_id=b9e28776354d259e&_network=wifi&_aid=5ac6a0ff-8d18-47bc-a902-2812cf0c][StatusCode: 101][Server: swoole-websocket-server][User-Agent: okhttp/3.10.0][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 80][PLAIN TEXT (Google)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
104 TCP 192.168.2.126:60984 <-> 172.104.93.92:1234 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/604 bytes <-> 1 pkts/255 bytes][Goodput ratio: 89/74][0.27 sec][Hostname/SNI: ws.1kxun.mobi][URL: ws.1kxun.mobi:1234/?_brand=Google&_model=sdk_gphone_x86&_ov=Android11&_cpu=i686&_resolution=1080%2C1794&_package=com.sceneway.kankan&_v=2.8.2.1&_channel=1kxun&_carrier=310260&_android_id=b9e28776354d259e&_network=wifi&_aid=5ac6a0ff-8d18-47bc-a902-2812cf0c][StatusCode: 101][Server: swoole-websocket-server][User-Agent: okhttp/3.10.0][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 80][PLAIN TEXT (Google)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
105 TCP 192.168.2.126:41134 <-> 129.226.107.77:80 [proto: 7.48/HTTP.QQ][Stack: HTTP.QQ][IP: 285/Tencent][ClearText][Confidence: DPI][FPC: 7.48/HTTP.QQ, Confidence: DPI][DPI packets: 2][cat: Chat/9][Breed: Fun][1 pkts/324 bytes <-> 1 pkts/518 bytes][Goodput ratio: 83/89][0.19 sec][Hostname/SNI: cgi.connect.qq.com][URL: cgi.connect.qq.com/qqconnectopen/openapi/policy_conf?status_os=11&status_version=30&status_machine=sdk_gphone_x86&sdkp=a&sdkv=3.1.0.lite&appid=100258135][StatusCode: 302][Content-Type: text/html][Server: stgw][User-Agent: AndroidSDK_30_generic_x86_arm_11][PLAIN TEXT (GET /qq)][Plen Bins: 0,0,0,0,0,0,0,0,50,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
106 TCP 192.168.2.126:38834 <-> 119.45.78.184:80 [proto: 7.48/HTTP.QQ][Stack: HTTP.QQ][IP: 285/Tencent][ClearText][Confidence: DPI][FPC: 7.48/HTTP.QQ, Confidence: DPI][DPI packets: 3][cat: Chat/9][Breed: Fun][2 pkts/655 bytes <-> 1 pkts/170 bytes][Goodput ratio: 80/61][0.31 sec][Hostname/SNI: pingma.qq.com][URL: pingma.qq.com:80/mstat/report][StatusCode: 404][Risk: ** HTTP Susp User-Agent **** Error Code **][Risk Score: 110][Risk Info: HTTP Error Code 404 / Empty or missing User-Agent][PLAIN TEXT (POST /mstat/report HTTP/1.1)][Plen Bins: 0,0,0,33,33,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
107 UDP 192.168.5.45:138 -> 192.168.255.255:138 [proto: 10.16/NetBIOS.SMBv1][Stack: NetBIOS.SMBv1][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 10.16/NetBIOS.SMBv1, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Dangerous][3 pkts/648 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][0.00 sec][Hostname/SNI: macbookair-e1d0][PLAIN TEXT ( ENEBEDECEPEPELEBEJ)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 108 TCP 192.168.2.126:54810 <-> 18.233.123.55:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/490 bytes <-> 1 pkts/141 bytes][Goodput ratio: 86/53][0.11 sec][Hostname/SNI: impression-east.liftoff.io][URL: impression-east.liftoff.io/mintegral/beacon?ad_group_id=143845&channel_id=117&creative_id=253640&auction_id=f84f54bf-31cd-43ff-bd27-526ccc6457da&origin=haggler-mintegral021][StatusCode: 200][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /mintegral/beacon)][Plen Bins: 0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 108 TCP 192.168.2.126:54810 <-> 18.233.123.55:80 [proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/490 bytes <-> 1 pkts/141 bytes][Goodput ratio: 86/53][0.11 sec][Hostname/SNI: impression-east.liftoff.io][URL: impression-east.liftoff.io/mintegral/beacon?ad_group_id=143845&channel_id=117&creative_id=253640&auction_id=f84f54bf-31cd-43ff-bd27-526ccc6457da&origin=haggler-mintegral021][StatusCode: 200][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /mintegral/beacon)][Plen Bins: 0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
109 TCP 192.168.2.126:51888 -> 119.28.164.143:80 [proto: 7/HTTP][Stack: HTTP][IP: 285/Tencent][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 1][cat: Web/5][Breed: Acceptable][1 pkts/571 bytes -> 0 pkts/0 bytes][Goodput ratio: 90/0][< 1 sec][Hostname/SNI: qzonestyle.gtimg.cn][URL: qzonestyle.gtimg.cn/qzone/openapi/qc-1.0.1.js][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (GET /qzone/openapi/qc)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
110 TCP 192.168.2.126:47230 <-> 161.117.13.29:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Download/7][Breed: Fun][1 pkts/223 bytes <-> 1 pkts/330 bytes][Goodput ratio: 70/80][0.18 sec][Hostname/SNI: kankan.1kxun.mobi][URL: kankan.1kxun.mobi/api.domain.conf][StatusCode: 200][Content-Type: application/octet-stream][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][Risk: ** Binary File/Data Transfer (Attempt) **][Risk Score: 50][Risk Info: Found binary mime octet-stream][PLAIN TEXT (GET /api.domain.conf HTTP/1.1)][Plen Bins: 0,0,0,0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
111 UDP 192.168.115.8:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][Stack: NetBIOS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 10/NetBIOS, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][6 pkts/552 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][1.50 sec][Hostname/SNI: wpad][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 300/0 749/0 367/0][Pkt Len c2s/s2c min/avg/max/stddev: 92/0 92/0 92/0 0/0][PLAIN TEXT ( FHFAEBEECACACACACACACACACACACA)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -192,7 +192,7 @@ JA Host Stats:
116 TCP 192.168.115.8:49596 <-> 203.66.182.87:443 [proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][Breed: Safe][4 pkts/220 bytes <-> 2 pkts/132 bytes][Goodput ratio: 2/0][45.01 sec][bytes ratio: 0.250 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/45002 14999/45002 44996/45002 21211/0][Pkt Len c2s/s2c min/avg/max/stddev: 55/66 55/66 55/66 0/0][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
117 UDP 192.168.5.9:68 -> 255.255.255.255:67 [proto: 18/DHCP][Stack: DHCP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 18/DHCP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/342 bytes -> 0 pkts/0 bytes][Goodput ratio: 87/0][< 1 sec][Hostname/SNI: joanna-pc][DHCP Fingerprint: 1,15,3,6,44,46,47,31,33,121,249,43,252][DHCP Class Ident: MSFT 5.0][PLAIN TEXT (Joanna)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
118 UDP 192.168.5.41:68 -> 255.255.255.255:67 [proto: 18/DHCP][Stack: DHCP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 18/DHCP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/342 bytes -> 0 pkts/0 bytes][Goodput ratio: 87/0][< 1 sec][Hostname/SNI: kevin-pc][DHCP Fingerprint: 1,15,3,6,44,46,47,31,33,121,249,43,252][DHCP Class Ident: MSFT 5.0][PLAIN TEXT (MSFT 5.07)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 119 TCP 192.168.2.126:35666 -> 18.66.2.90:80 [proto: 7.291/HTTP.MpegDash][Stack: HTTP.MpegDash][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7.291/HTTP.MpegDash, Confidence: DPI][DPI packets: 1][cat: Media/1][Breed: Fun][1 pkts/299 bytes -> 0 pkts/0 bytes][Goodput ratio: 78/0][< 1 sec][Hostname/SNI: cdn.liftoff.io][URL: cdn.liftoff.io/customers/45d4b09eba/videos/mobile/fd5692dd53042b199e03.mp4][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (GET /customers/45)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 119 TCP 192.168.2.126:35666 -> 18.66.2.90:80 [proto: 7.291/HTTP.MpegDash][Stack: HTTP.MpegDash][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7.291/HTTP.MpegDash, Confidence: DPI][DPI packets: 1][cat: Media/1][Breed: Fun][1 pkts/299 bytes -> 0 pkts/0 bytes][Goodput ratio: 78/0][< 1 sec][Hostname/SNI: cdn.liftoff.io][URL: cdn.liftoff.io/customers/45d4b09eba/videos/mobile/fd5692dd53042b199e03.mp4][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (GET /customers/45)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
120 UDP 192.168.115.8:60724 <-> 8.8.8.8:53 [proto: 5/DNS][Stack: DNS][IP: 126/Google][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 3][cat: Network/14][Breed: Acceptable][2 pkts/146 bytes <-> 1 pkts/137 bytes][Goodput ratio: 42/69][0.05 sec][Hostname/SNI: pic.1kxun.com][106.187.35.246][DNS Id: 0x2990][Plen Bins: 66,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
121 UDP 192.168.0.104:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][Stack: NetBIOS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 10/NetBIOS, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][3 pkts/276 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][1.54 sec][Hostname/SNI: sc.arrancar.org][PLAIN TEXT ( FDEDCOEBFC)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
122 UDP 192.168.115.8:51024 <-> 8.8.8.8:53 [proto: 5/DNS][Stack: DNS][IP: 126/Google][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 3][cat: Network/14][Breed: Acceptable][2 pkts/160 bytes <-> 1 pkts/112 bytes][Goodput ratio: 47/62][0.02 sec][Hostname/SNI: jp.kankan.1kxun.mobi][106.185.35.110][DNS Id: 0xfd2c][PLAIN TEXT (kankan)][Plen Bins: 0,66,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/guess_ip_before_port_enabled/result/1kxun.pcap.out b/tests/cfgs/guess_ip_before_port_enabled/result/1kxun.pcap.out
index 46a6c49e0..976c57471 100644
--- a/tests/cfgs/guess_ip_before_port_enabled/result/1kxun.pcap.out
+++ b/tests/cfgs/guess_ip_before_port_enabled/result/1kxun.pcap.out
@@ -78,13 +78,13 @@ JA Host Stats:
6 TCP 192.168.2.126:46212 <-> 172.105.121.82:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][2 pkts/555 bytes <-> 12 pkts/124834 bytes][Goodput ratio: 76/99][1.58 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.991 (Download)][IAT c2s/s2c min/avg/max/stddev: 871/0 871/122 871/373 0/155][Pkt Len c2s/s2c min/avg/max/stddev: 277/386 278/10403 278/37506 0/10887][URL: pic.1kxun.com/video_kankan/images/releases/300/5183-51fb99a2391e774037ba21cbca307be4.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,14,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,57]
7 TCP 192.168.2.126:38316 <-> 172.105.121.82:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/273 bytes <-> 23 pkts/118294 bytes][Goodput ratio: 76/99][1.43 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.995 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/46 0/393 0/113][Pkt Len c2s/s2c min/avg/max/stddev: 273/388 273/5143 273/24546 0/5526][URL: pic.1kxun.com/video_kankan/images/videos/40701-8fa7d916c55e31f90fa55f450b716505.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,4,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,20,0,67]
8 TCP 192.168.2.126:49380 <-> 14.136.136.108:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 9][cat: Streaming/17][Breed: Fun][2 pkts/1172 bytes <-> 30 pkts/99876 bytes][Goodput ratio: 89/98][1.31 sec][Hostname/SNI: hkbn.content.1kxun.com][bytes ratio: -0.977 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/32 0/209 0/74][Pkt Len c2s/s2c min/avg/max/stddev: 580/351 586/3329 592/18786 6/3784][URL: hkbn.content.1kxun.com/manga-hant/images/project/cartoons/f05074256b39572ad852c1c95eb5f8a7.jpg][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (LGET /manga)][Plen Bins: 0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,53,0,34]
- 9 TCP 192.168.2.126:36636 <-> 18.64.103.30:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 9][cat: Web/5][Breed: Acceptable][1 pkts/411 bytes <-> 29 pkts/98991 bytes][Goodput ratio: 84/98][0.08 sec][Hostname/SNI: hybird.rayjump.com][bytes ratio: -0.992 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/2 0/20 0/4][Pkt Len c2s/s2c min/avg/max/stddev: 411/1467 411/3413 411/5778 0/1722][URL: hybird.rayjump.com/rv-zip-2022/0428/tpl4-4209ad845e61d9ad67b6f04187d00be0.zip?md5filename=4209ad845e61d9ad67b6f04187d00be0&foldername=tpl4&layout=1&tpl=4&wfr=1&to=9999&alecfc=1&whs_chn=m][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /rv)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,30,0,0,63]
- 10 TCP 192.168.2.126:36654 <-> 18.64.103.30:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 9][cat: Web/5][Breed: Acceptable][1 pkts/363 bytes <-> 25 pkts/90800 bytes][Goodput ratio: 82/98][0.10 sec][Hostname/SNI: hybird.rayjump.com][bytes ratio: -0.992 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/3 0/18 0/5][Pkt Len c2s/s2c min/avg/max/stddev: 363/1494 363/3632 363/4350 0/1035][URL: hybird.rayjump.com/rv-zip-2019/1113/mini-260291c208bf3376b5111db855e89451.zip?md5filename=260291c208bf3376b5111db855e89451&foldername=mini][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /rv)][Plen Bins: 0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,85]
+ 9 TCP 192.168.2.126:36636 <-> 18.64.103.30:80 [proto: 7/HTTP][Stack: HTTP][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 9][cat: Web/5][Breed: Acceptable][1 pkts/411 bytes <-> 29 pkts/98991 bytes][Goodput ratio: 84/98][0.08 sec][Hostname/SNI: hybird.rayjump.com][bytes ratio: -0.992 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/2 0/20 0/4][Pkt Len c2s/s2c min/avg/max/stddev: 411/1467 411/3413 411/5778 0/1722][URL: hybird.rayjump.com/rv-zip-2022/0428/tpl4-4209ad845e61d9ad67b6f04187d00be0.zip?md5filename=4209ad845e61d9ad67b6f04187d00be0&foldername=tpl4&layout=1&tpl=4&wfr=1&to=9999&alecfc=1&whs_chn=m][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /rv)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,30,0,0,63]
+ 10 TCP 192.168.2.126:36654 <-> 18.64.103.30:80 [proto: 7/HTTP][Stack: HTTP][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 9][cat: Web/5][Breed: Acceptable][1 pkts/363 bytes <-> 25 pkts/90800 bytes][Goodput ratio: 82/98][0.10 sec][Hostname/SNI: hybird.rayjump.com][bytes ratio: -0.992 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/3 0/18 0/5][Pkt Len c2s/s2c min/avg/max/stddev: 363/1494 363/3632 363/4350 0/1035][URL: hybird.rayjump.com/rv-zip-2019/1113/mini-260291c208bf3376b5111db855e89451.zip?md5filename=260291c208bf3376b5111db855e89451&foldername=mini][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /rv)][Plen Bins: 0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,85]
11 TCP 192.168.2.126:45416 <-> 161.117.13.29:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][8 pkts/7202 bytes <-> 24 pkts/83277 bytes][Goodput ratio: 93/98][16.31 sec][Hostname/SNI: mangaweb.1kxun.mobi][bytes ratio: -0.841 (Download)][IAT c2s/s2c min/avg/max/stddev: 186/0 2919/772 6045/5959 2744/1789][Pkt Len c2s/s2c min/avg/max/stddev: 500/709 900/3470 1180/14466 215/3207][URL: mangaweb.1kxun.mobi/js/vendor.bundle.js?1644807874][StatusCode: 200][Content-Type: application/javascript][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /js/vendor.bundle.j)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,3,0,0,12,0,0,0,0,0,0,0,3,3,3,6,0,0,0,0,0,0,0,3,0,0,21,0,41]
12 TCP 192.168.2.126:38326 <-> 172.105.121.82:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/273 bytes <-> 21 pkts/89010 bytes][Goodput ratio: 76/98][1.25 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.994 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/50 0/412 0/118][Pkt Len c2s/s2c min/avg/max/stddev: 273/387 273/4239 273/12489 0/2950][URL: pic.1kxun.com/video_kankan/images/videos/40730-48fd657abd5a1d3e45d03403ddcb0663.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,4,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,18,0,73]
13 TCP 192.168.2.126:46200 <-> 172.105.121.82:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][2 pkts/556 bytes <-> 18 pkts/82689 bytes][Goodput ratio: 76/99][1.24 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.987 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/56 0/375 0/119][Pkt Len c2s/s2c min/avg/max/stddev: 278/386 278/4594 278/21666 0/5421][URL: pic.1kxun.com/video_kankan/images/releases/301/5027-d707192bfa2dabf22771a4d56454ab88.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,10,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,35,0,45]
14 TCP 192.168.2.126:46184 <-> 172.105.121.82:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][3 pkts/829 bytes <-> 13 pkts/73655 bytes][Goodput ratio: 76/99][1.27 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.978 (Download)][IAT c2s/s2c min/avg/max/stddev: 392/0 392/81 392/368 0/134][Pkt Len c2s/s2c min/avg/max/stddev: 273/386 276/5666 278/23106 2/7129][URL: pic.1kxun.com/video_kankan/images/releases/299/4704-5017bcdcacc02cc3af4833cd1ed72a8f.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,18,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,25,0,37]
- 15 TCP 192.168.2.126:36640 <-> 18.64.103.30:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 9][cat: Web/5][Breed: Acceptable][1 pkts/563 bytes <-> 20 pkts/65580 bytes][Goodput ratio: 88/98][0.06 sec][Hostname/SNI: hybird.rayjump.com][bytes ratio: -0.983 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/1 0/3 0/1][Pkt Len c2s/s2c min/avg/max/stddev: 563/1494 563/3279 563/5778 0/1489][URL: hybird.rayjump.com/rv-zip-2022/0428/endcard-dsp-1302-f2714a34f6661a70fedea1667fb7a9e4.zip?md5filename=f2714a34f6661a70fedea1667fb7a9e4&foldername=endcard-dsp-1302&mof=1&mof_uid=91199&n_imp=1&mof_pkg=com.sceneway.kankan&n_region=fk&alecfc=1&bait_click=1&mo][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /rv)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,62]
+ 15 TCP 192.168.2.126:36640 <-> 18.64.103.30:80 [proto: 7/HTTP][Stack: HTTP][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 9][cat: Web/5][Breed: Acceptable][1 pkts/563 bytes <-> 20 pkts/65580 bytes][Goodput ratio: 88/98][0.06 sec][Hostname/SNI: hybird.rayjump.com][bytes ratio: -0.983 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/1 0/3 0/1][Pkt Len c2s/s2c min/avg/max/stddev: 563/1494 563/3279 563/5778 0/1489][URL: hybird.rayjump.com/rv-zip-2022/0428/endcard-dsp-1302-f2714a34f6661a70fedea1667fb7a9e4.zip?md5filename=f2714a34f6661a70fedea1667fb7a9e4&foldername=endcard-dsp-1302&mof=1&mof_uid=91199&n_imp=1&mof_pkg=com.sceneway.kankan&n_region=fk&alecfc=1&bait_click=1&mo][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /rv)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,62]
16 TCP 192.168.115.8:49600 <-> 106.187.35.246:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 295/1kxun, Confidence: DNS][DPI packets: 9][cat: Streaming/17][Breed: Fun][18 pkts/1722 bytes <-> 51 pkts/61707 bytes][Goodput ratio: 42/95][45.37 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.946 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3472/1029 44994/45054 11986/6714][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 96/1210 416/1314 113/325][URL: pic.1kxun.com/video_kankan/images/videos/18283-jfyj3.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.9.7.1][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /video)][Plen Bins: 3,0,0,0,0,0,0,0,0,1,0,3,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,91,0,0,0,0,0,0,0,0]
17 TCP 192.168.2.126:45398 <-> 161.117.13.29:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][3 pkts/2127 bytes <-> 18 pkts/58725 bytes][Goodput ratio: 91/98][4.35 sec][Hostname/SNI: mangaweb.1kxun.mobi][bytes ratio: -0.930 (Download)][IAT c2s/s2c min/avg/max/stddev: 229/0 229/262 229/3434 0/852][Pkt Len c2s/s2c min/avg/max/stddev: 490/551 709/3262 821/7266 155/2191][URL: mangaweb.1kxun.mobi/js/dependency-all.js][StatusCode: 200][Content-Type: application/javascript][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /js/dependency)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,4,0,0,0,0,0,0,0,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,39,0,43]
18 TCP 192.168.2.126:49354 <-> 14.136.136.108:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][2 pkts/1184 bytes <-> 19 pkts/53234 bytes][Goodput ratio: 89/98][1.04 sec][Hostname/SNI: hkbn.content.1kxun.com][bytes ratio: -0.956 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/26 0/204 0/67][Pkt Len c2s/s2c min/avg/max/stddev: 592/351 592/2802 592/8706 0/2084][URL: hkbn.content.1kxun.com/manga-hant/images/project/cartoons/7e07d4417e0edc98d327d0ddfd3e227a.jpg?format=webp][StatusCode: 200][Content-Type: image/webp][Server: openresty/1.9.7.4][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (/GET /manga)][Plen Bins: 0,0,0,0,0,0,0,0,9,0,0,0,0,0,0,0,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,38,0,42]
@@ -95,12 +95,12 @@ JA Host Stats:
23 TCP 192.168.115.8:49599 <-> 106.187.35.246:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 295/1kxun, Confidence: DNS][DPI packets: 9][cat: Streaming/17][Breed: Fun][16 pkts/1612 bytes <-> 27 pkts/29579 bytes][Goodput ratio: 45/95][45.24 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.897 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 12/6 66/65 23/18][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 101/1096 415/1314 119/461][URL: pic.1kxun.com/video_kankan/images/videos/13480-alps.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.9.7.1][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /video)][Plen Bins: 7,3,0,0,0,0,0,0,0,3,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,79,0,0,0,0,0,0,0,0]
24 TCP 192.168.2.126:44368 <-> 172.217.18.98:80 [proto: 7.239/HTTP.GoogleServices][Stack: HTTP.GoogleServices][IP: 126/Google][ClearText][Confidence: DPI][FPC: 7.239/HTTP.GoogleServices, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/489 bytes <-> 16 pkts/29841 bytes][Goodput ratio: 86/96][0.06 sec][Hostname/SNI: www.googletagservices.com][bytes ratio: -0.968 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/2 0/22 0/6][Pkt Len c2s/s2c min/avg/max/stddev: 489/491 489/1865 489/2902 0/738][URL: www.googletagservices.com/tag/js/gpt.js][StatusCode: 200][Content-Type: text/javascript][Server: sffe][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /tag/js/gpt.j)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,59,0,0,29]
25 TCP 192.168.2.126:38354 <-> 142.250.186.34:80 [proto: 7.126/HTTP.Google][Stack: HTTP.Google][IP: 126/Google][ClearText][Confidence: DPI][FPC: 7.126/HTTP.Google, Confidence: DPI][DPI packets: 9][cat: Advertisement/101][Breed: Tracker_Ads][1 pkts/586 bytes <-> 12 pkts/28355 bytes][Goodput ratio: 89/97][0.08 sec][Hostname/SNI: pagead2.googlesyndication.com][bytes ratio: -0.960 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/3 0/23 0/7][Pkt Len c2s/s2c min/avg/max/stddev: 586/687 586/2363 586/2902 0/788][URL: pagead2.googlesyndication.com/pagead/show_ads.js][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /pagead/show)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,23,0,0,62]
- 26 TCP 192.168.2.126:35664 <-> 18.66.2.90:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/249 bytes <-> 9 pkts/27029 bytes][Goodput ratio: 73/98][0.02 sec][Hostname/SNI: cdn.liftoff.io][bytes ratio: -0.982 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/1 0/3 0/1][Pkt Len c2s/s2c min/avg/max/stddev: 249/797 249/3003 249/4350 0/1362][URL: cdn.liftoff.io/customers/45d4b09eba/image/lambda_jpg_89/398101234e6cf5b3a8d8.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: AmazonS3][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /customers/45)][Plen Bins: 0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,60]
+ 26 TCP 192.168.2.126:35664 <-> 18.66.2.90:80 [proto: 7/HTTP][Stack: HTTP][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/249 bytes <-> 9 pkts/27029 bytes][Goodput ratio: 73/98][0.02 sec][Hostname/SNI: cdn.liftoff.io][bytes ratio: -0.982 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/1 0/3 0/1][Pkt Len c2s/s2c min/avg/max/stddev: 249/797 249/3003 249/4350 0/1362][URL: cdn.liftoff.io/customers/45d4b09eba/image/lambda_jpg_89/398101234e6cf5b3a8d8.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: AmazonS3][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /customers/45)][Plen Bins: 0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,60]
27 TCP 192.168.115.8:49603 <-> 106.187.35.246:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 295/1kxun, Confidence: DNS][DPI packets: 9][cat: Streaming/17][Breed: Fun][12 pkts/1396 bytes <-> 22 pkts/24184 bytes][Goodput ratio: 52/95][45.24 sec][Hostname/SNI: pic.1kxun.com][bytes ratio: -0.891 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 5632/4 45001/65 14880/15][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 116/1099 415/1314 134/455][URL: pic.1kxun.com/video_kankan/images/videos/16649-ljdz.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.9.7.1][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /video)][Plen Bins: 8,0,0,0,0,0,0,0,0,4,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,75,0,0,0,0,0,0,0,0]
28 TCP 192.168.2.126:36732 <-> 142.250.186.174:80 [proto: 7.126/HTTP.Google][Stack: HTTP.Google][IP: 126/Google][ClearText][Confidence: DPI][FPC: 7.126/HTTP.Google, Confidence: DPI][DPI packets: 2][cat: Advertisement/101][Breed: Tracker_Ads][1 pkts/487 bytes <-> 10 pkts/21123 bytes][Goodput ratio: 86/97][0.05 sec][Hostname/SNI: www.google-analytics.com][bytes ratio: -0.955 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/3 0/21 0/7][Pkt Len c2s/s2c min/avg/max/stddev: 487/677 487/2112 487/2902 0/822][URL: www.google-analytics.com/analytics.js][StatusCode: 200][Content-Type: text/javascript][Server: Golfe2][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /analytics.js HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,9,0,0,0,0,0,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,36,0,0,45]
29 TCP 192.168.2.126:45388 <-> 161.117.13.29:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][2 pkts/1315 bytes <-> 8 pkts/18984 bytes][Goodput ratio: 90/97][4.33 sec][Hostname/SNI: mangaweb.1kxun.mobi][bytes ratio: -0.870 (Download)][IAT c2s/s2c min/avg/max/stddev: 3965/0 3965/593 3965/3966 0/1379][Pkt Len c2s/s2c min/avg/max/stddev: 509/1287 658/2373 806/8258 148/2234][URL: mangaweb.1kxun.mobi/js/swiper/swiper.min.css][StatusCode: 200][Content-Type: text/css][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /js/swiper/swiper.min.css H)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,10,0,0,0,0,40,0,20]
30 TCP 192.168.115.8:49609 <-> 42.120.51.152:8080 [proto: 7/HTTP][Stack: HTTP][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 274/Alibaba, Confidence: IP address][DPI packets: 9][cat: Web/5][Breed: Acceptable][20 pkts/4716 bytes <-> 13 pkts/7005 bytes][Goodput ratio: 77/90][1.19 sec][Hostname/SNI: 42.120.51.152][bytes ratio: -0.195 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 49/52 298/178 81/57][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 236/539 499/1314 193/556][URL: 42.120.51.152:8080/api/proxy?url=http%3A%2F%2Fvv.video.qq.com%2Fgetvinfo][StatusCode: 100][Req Content-Type: application/x-www-form-urlencoded][User-Agent: Mozilla/5.0][Risk: ** Known Proto on Non Std Port **** HTTP/TLS/QUIC Numeric Hostname/SNI **][Risk Score: 60][Risk Info: Found host 42.120.51.152 / Expected on port 80][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (POST /api/proxy)][Plen Bins: 11,0,0,0,0,0,0,22,0,0,0,0,0,33,0,5,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,22,0,0,0,0,0,0,0,0]
- 31 TCP 192.168.2.126:37100 <-> 52.29.177.177:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 4][cat: Web/5][Breed: Acceptable][12 pkts/8973 bytes <-> 4 pkts/687 bytes][Goodput ratio: 91/61][7.04 sec][Hostname/SNI: adx-tk.rayjump.com][bytes ratio: 0.858 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/185 697/1192 4610/2198 1454/1006][Pkt Len c2s/s2c min/avg/max/stddev: 86/169 748/172 1506/180 594/5][StatusCode: 204][Server: nginx][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /track)][Plen Bins: 25,0,0,25,0,0,0,0,0,0,0,0,0,0,12,6,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0]
+ 31 TCP 192.168.2.126:37100 <-> 52.29.177.177:80 [proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 4][cat: Web/5][Breed: Acceptable][12 pkts/8973 bytes <-> 4 pkts/687 bytes][Goodput ratio: 91/61][7.04 sec][Hostname/SNI: adx-tk.rayjump.com][bytes ratio: 0.858 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/185 697/1192 4610/2198 1454/1006][Pkt Len c2s/s2c min/avg/max/stddev: 86/169 748/172 1506/180 594/5][StatusCode: 204][Server: nginx][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /track)][Plen Bins: 25,0,0,25,0,0,0,0,0,0,0,0,0,0,12,6,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0]
32 TCP 192.168.5.16:53627 <-> 203.69.81.73:80 [proto: 7.315/HTTP.Line][Stack: HTTP.Line][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 315/Line, Confidence: DNS][DPI packets: 6][cat: Chat/9][Breed: Acceptable][6 pkts/676 bytes <-> 8 pkts/8822 bytes][Goodput ratio: 40/94][0.02 sec][Hostname/SNI: dl-obs.official.line.naver.jp][bytes ratio: -0.858 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 4/2 10/8 4/3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 113/1103 334/1514 99/610][URL: dl-obs.official.line.naver.jp/r/talk/m/4697716954688/preview][StatusCode: 200][Content-Type: image/jpeg][User-Agent: DESKTOP:MAC:10.10.5-YOSEMITE(4.7.2)][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (FGET /r/talk/m/4697716954688/pr)][Plen Bins: 0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,71,0,0]
33 TCP 192.168.5.16:53628 <-> 203.69.81.73:80 [proto: 7.315/HTTP.Line][Stack: HTTP.Line][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 315/Line, Confidence: DNS][DPI packets: 6][cat: Chat/9][Breed: Acceptable][6 pkts/676 bytes <-> 8 pkts/8482 bytes][Goodput ratio: 40/94][0.01 sec][Hostname/SNI: dl-obs.official.line.naver.jp][bytes ratio: -0.852 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3/2 10/6 4/2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 113/1060 334/1514 99/620][URL: dl-obs.official.line.naver.jp/r/talk/m/4697716971500/preview][StatusCode: 200][Content-Type: image/jpeg][User-Agent: DESKTOP:MAC:10.10.5-YOSEMITE(4.7.2)][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GGET /r/talk/m/4697716971500/pr)][Plen Bins: 0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,71,0,0]
34 UDP [fe80::9bd:81dd:2fdc:5750]:1900 -> [ff02::c]:1900 [proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][16 pkts/8921 bytes -> 0 pkts/0 bytes][Goodput ratio: 89/0][8.40 sec][Hostname/SNI: [ff02::c]][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 103/0 512/0 2044/0 527/0][Pkt Len c2s/s2c min/avg/max/stddev: 510/0 558/0 590/0 30/0][PLAIN TEXT (NOTIFY )][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,31,12,56,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -112,23 +112,23 @@ JA Host Stats:
40 TCP 192.168.2.126:38314 <-> 172.105.121.82:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/273 bytes <-> 4 pkts/6346 bytes][Goodput ratio: 76/96][0.33 sec][Hostname/SNI: pic.1kxun.com][URL: pic.1kxun.com/video_kankan/images/videos/40750-585645353a7a47615755b7714c611835.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,20,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,40,0,20]
41 TCP 192.168.2.126:45414 <-> 161.117.13.29:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][3 pkts/2118 bytes <-> 3 pkts/3518 bytes][Goodput ratio: 91/94][4.32 sec][Hostname/SNI: mangaweb.1kxun.mobi][bytes ratio: -0.248 (Download)][IAT c2s/s2c min/avg/max/stddev: 215/216 2066/2066 3917/3916 1851/1850][Pkt Len c2s/s2c min/avg/max/stddev: 482/758 706/1173 819/1456 158/300][URL: mangaweb.1kxun.mobi/js/fb-sdk.js][StatusCode: 200][Content-Type: application/javascript][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /js/fb)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,16,0,34,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,16,0,0,0,0]
42 TCP 192.168.2.126:47246 <-> 161.117.13.29:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][2 pkts/1872 bytes <-> 2 pkts/3374 bytes][Goodput ratio: 93/96][1.30 sec][Hostname/SNI: kankan.1kxun.com][URL: kankan.1kxun.com/video_kankan_tags/v2/api/homePageVideoCollections/HomePageBanners?_brand=Google&_model=sdk_gphone_x86&_ov=Android11&_cpu=i686&_resolution=1080%2C1794&_package=com.sceneway.kankan&_v=2.8.2.1&_channel=1kxun&_carrier=310260&_android_id=b9e28][StatusCode: 200][Content-Type: application/json][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25]
- 43 TCP 192.168.2.126:36660 <-> 18.64.103.30:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 4][cat: Web/5][Breed: Acceptable][1 pkts/328 bytes <-> 3 pkts/4733 bytes][Goodput ratio: 80/96][0.03 sec][Hostname/SNI: hybird.rayjump.com][URL: hybird.rayjump.com/rv/endv4.html?mof=1&ec_id=4&mof_uid=91199&n_imp=1&unit_id=8881&sdk_version=mal_8.7.4][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /rv/endv4.html)][Plen Bins: 0,0,0,0,0,0,0,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,25]
+ 43 TCP 192.168.2.126:36660 <-> 18.64.103.30:80 [proto: 7/HTTP][Stack: HTTP][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 4][cat: Web/5][Breed: Acceptable][1 pkts/328 bytes <-> 3 pkts/4733 bytes][Goodput ratio: 80/96][0.03 sec][Hostname/SNI: hybird.rayjump.com][URL: hybird.rayjump.com/rv/endv4.html?mof=1&ec_id=4&mof_uid=91199&n_imp=1&unit_id=8881&sdk_version=mal_8.7.4][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /rv/endv4.html)][Plen Bins: 0,0,0,0,0,0,0,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,25]
44 TCP 192.168.115.8:49608 <-> 203.205.151.234:80 [proto: 7.48/HTTP.QQ][Stack: HTTP.QQ][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 48/QQ, Confidence: DNS][DPI packets: 9][cat: Chat/9][Breed: Fun][18 pkts/3550 bytes <-> 7 pkts/1400 bytes][Goodput ratio: 71/72][1.09 sec][Hostname/SNI: vv.video.qq.com][bytes ratio: 0.434 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 70/191 476/506 136/201][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 197/200 499/372 176/149][URL: vv.video.qq.com/getvinfo][StatusCode: 100][Req Content-Type: application/x-www-form-urlencoded][User-Agent: Mozilla/5.0][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (POST /getvinfo HTTP/1.1)][Plen Bins: 15,0,0,0,0,15,15,0,0,23,0,0,0,30,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
45 UDP 192.168.119.1:67 -> 255.255.255.255:68 [proto: 18/DHCP][Stack: DHCP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 18/DHCP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][14 pkts/4788 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][43.01 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 412/0 3106/0 12289/0 3176/0][Pkt Len c2s/s2c min/avg/max/stddev: 342/0 342/0 342/0 0/0][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
46 TCP 192.168.5.16:53580 <-> 31.13.87.36:443 [proto: 91/TLS][Stack: TLS][IP: 119/Facebook][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 4][cat: Web/5][Breed: Safe][4 pkts/2050 bytes <-> 5 pkts/2297 bytes][Goodput ratio: 87/86][0.18 sec][bytes ratio: -0.057 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 4/0 60/44 176/133 82/54][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 512/459 1159/1464 468/536][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][Plen Bins: 0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,20,0,0,0,0]
47 TCP 192.168.115.8:49613 <-> 183.131.48.144:80 [proto: 7/HTTP][Stack: HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 9][cat: Media/1][Breed: Acceptable][7 pkts/1408 bytes <-> 5 pkts/2611 bytes][Goodput ratio: 71/89][0.15 sec][Hostname/SNI: 183.131.48.144][bytes ratio: -0.299 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 14/25 69/67 28/30][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 201/522 557/1078 225/465][URL: 183.131.48.144/vlive.qqvideo.tc.qq.com/u0020mkrnds.p1203.1.mp4?vkey=7AB139BF6B32F53747E8FF192E6FE557B3A3D644C034E34BF6EAEB4E0774F2A92EF3AC5C007520BB925E5C8A18E6D302C2DAE0A295B26AA8FD1DC8069D47CE1B4A16A56870BD1ACA3E86ABE4C079659DB2182FC71217AB68CCD344CE656][StatusCode: 206][Content-Type: video/mp4][Risk: ** HTTP Susp User-Agent **** HTTP/TLS/QUIC Numeric Hostname/SNI **][Risk Score: 110][Risk Info: Found host 183.131.48.144 / Empty or missing User-Agent][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /vlive.qq)][Plen Bins: 0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,40,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,40,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
48 TCP 192.168.5.16:53623 <-> 192.168.115.75:443 [proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][Breed: Safe][11 pkts/1959 bytes <-> 8 pkts/1683 bytes][Goodput ratio: 67/72][20.95 sec][Hostname/SNI: 192.168.115.75][bytes ratio: 0.076 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 2323/4176 15252/15254 4895/5951][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 178/210 1067/1055 288/323][Risk: ** Weak TLS Cipher **** HTTP/TLS/QUIC Numeric Hostname/SNI **** TLS (probably) Not Carrying HTTPS **][Risk Score: 120][Risk Info: No ALPN / 192.168.115.75 / Cipher TLS_RSA_WITH_AES_128_CBC_SHA][nDPI Fingerprint: aa7eafaa128c9b8a39bd010d912570a8][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12i370500_07a749158664_d075105c1994][JA3S: 573a9f3f80037fb40d481e2054def5bb][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 14,14,14,0,0,14,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
49 TCP 192.168.5.16:53625 <-> 192.168.115.75:443 [proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][Breed: Safe][11 pkts/1955 bytes <-> 8 pkts/1683 bytes][Goodput ratio: 67/72][6.76 sec][Hostname/SNI: 192.168.115.75][bytes ratio: 0.075 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 746/1336 5987/5987 1865/2341][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 178/210 1067/1055 287/323][Risk: ** Weak TLS Cipher **** HTTP/TLS/QUIC Numeric Hostname/SNI **** TLS (probably) Not Carrying HTTPS **][Risk Score: 120][Risk Info: No ALPN / 192.168.115.75 / Cipher TLS_RSA_WITH_AES_128_CBC_SHA][nDPI Fingerprint: 50d11face9dc5e9cbfbd911e19a622a5][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12i370400_07a749158664_e64f6000bf4d][JA3S: 573a9f3f80037fb40d481e2054def5bb][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 14,14,14,0,0,14,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 50 TCP 192.168.2.126:42554 <-> 35.156.44.13:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][4 pkts/3091 bytes <-> 2 pkts/444 bytes][Goodput ratio: 91/70][2.57 sec][Hostname/SNI: de01.rayjump.com][bytes ratio: 0.749 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2/2543 847/2543 2537/2543 1195/0][Pkt Len c2s/s2c min/avg/max/stddev: 86/222 773/222 1506/222 647/0][URL: de01.rayjump.com/onlyImpression?k=629bea20a4e5410001f01c7x&mp=fURPDr5tiUStf7V2fajMiaveHUveDAJ96aiPfU5IiARTfnHIGal9i%2BMefbMM6jxc6aRAGaxIi%2BMPfdMei%2BewDke6Go9bWUxIi099WUR%2Fi%2BegYFKgY75IhFx8%2BFJML7K%2FH5K9GaHIinhPfdleialM6azIHkPIG%2BeIGnR%2FiUjPWUNMWUR][StatusCode: 200][Content-Type: text/plain][Server: nginx][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (FGET /onlyImpression)][Plen Bins: 16,0,0,16,34,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,16,0,0]
+ 50 TCP 192.168.2.126:42554 <-> 35.156.44.13:80 [proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][4 pkts/3091 bytes <-> 2 pkts/444 bytes][Goodput ratio: 91/70][2.57 sec][Hostname/SNI: de01.rayjump.com][bytes ratio: 0.749 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2/2543 847/2543 2537/2543 1195/0][Pkt Len c2s/s2c min/avg/max/stddev: 86/222 773/222 1506/222 647/0][URL: de01.rayjump.com/onlyImpression?k=629bea20a4e5410001f01c7x&mp=fURPDr5tiUStf7V2fajMiaveHUveDAJ96aiPfU5IiARTfnHIGal9i%2BMefbMM6jxc6aRAGaxIi%2BMPfdMei%2BewDke6Go9bWUxIi099WUR%2Fi%2BegYFKgY75IhFx8%2BFJML7K%2FH5K9GaHIinhPfdleialM6azIHkPIG%2BeIGnR%2FiUjPWUNMWUR][StatusCode: 200][Content-Type: text/plain][Server: nginx][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (FGET /onlyImpression)][Plen Bins: 16,0,0,16,34,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,16,0,0]
51 TCP 192.168.5.16:53629 <-> 192.168.115.75:443 [proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][Breed: Safe][10 pkts/1895 bytes <-> 7 pkts/1623 bytes][Goodput ratio: 69/75][6.08 sec][Hostname/SNI: 192.168.115.75][bytes ratio: 0.077 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 753/1500 5998/5998 1982/2597][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 190/232 1067/1055 299/340][Risk: ** Weak TLS Cipher **** HTTP/TLS/QUIC Numeric Hostname/SNI **** TLS (probably) Not Carrying HTTPS **][Risk Score: 120][Risk Info: No ALPN / 192.168.115.75 / Cipher TLS_RSA_WITH_AES_128_CBC_SHA][nDPI Fingerprint: 50d11face9dc5e9cbfbd911e19a622a5][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12i370400_07a749158664_e64f6000bf4d][JA3S: 573a9f3f80037fb40d481e2054def5bb][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 14,14,14,0,0,14,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
52 TCP 192.168.115.8:49605 <-> 106.185.35.110:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 295/1kxun, Confidence: DNS][DPI packets: 9][cat: Streaming/17][Breed: Fun][8 pkts/1128 bytes <-> 5 pkts/2282 bytes][Goodput ratio: 60/87][0.09 sec][Hostname/SNI: jp.kankan.1kxun.mobi][bytes ratio: -0.338 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 6/16 36/43 13/19][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 141/456 390/1314 144/512][URL: jp.kankan.1kxun.mobi/api/videos/10410.json][StatusCode: 200][Content-Type: application/json][Server: openresty/1.9.7.1][Risk: ** HTTP Susp User-Agent **][Risk Score: 100][Risk Info: Empty or missing User-Agent][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /api/videos/10410.j)][Plen Bins: 20,0,0,0,0,0,0,0,0,0,40,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0]
- 53 TCP 192.168.2.126:33042 <-> 3.122.190.70:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][2 pkts/1986 bytes <-> 2 pkts/1328 bytes][Goodput ratio: 93/90][2.20 sec][Hostname/SNI: click.liftoff.io][URL: click.liftoff.io/v1/campaign_click/ddfWbX-c_ZpIF_3wE-XgJSwRJPn_5OpS9IR6X4XG91XQL6ssRLV4QPLSEQgWyRbP_OAHXGp-3z8zKxdRjL-BT6h7z46z4qmAWxR5DboEhr1DytY4W5gfQLUcV6yE3POR7PrQlrVbVtH-7uW1oie-jkR4naGHTVVHKv5kFXBJ9yTIX-JngaE2MMTER1HuBx9qTlyLhiZCtWSUSv4Ze5z4QuGqjWij][StatusCode: 200][Content-Type: image/png][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /v1/campaign)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 53 TCP 192.168.2.126:33042 <-> 3.122.190.70:80 [proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][2 pkts/1986 bytes <-> 2 pkts/1328 bytes][Goodput ratio: 93/90][2.20 sec][Hostname/SNI: click.liftoff.io][URL: click.liftoff.io/v1/campaign_click/ddfWbX-c_ZpIF_3wE-XgJSwRJPn_5OpS9IR6X4XG91XQL6ssRLV4QPLSEQgWyRbP_OAHXGp-3z8zKxdRjL-BT6h7z46z4qmAWxR5DboEhr1DytY4W5gfQLUcV6yE3POR7PrQlrVbVtH-7uW1oie-jkR4naGHTVVHKv5kFXBJ9yTIX-JngaE2MMTER1HuBx9qTlyLhiZCtWSUSv4Ze5z4QuGqjWij][StatusCode: 200][Content-Type: image/png][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /v1/campaign)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
54 TCP 192.168.2.126:50176 <-> 161.117.13.29:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/1185 bytes <-> 2 pkts/2082 bytes][Goodput ratio: 94/94][0.19 sec][Hostname/SNI: mangaweb.1kxun.mobi][URL: mangaweb.1kxun.mobi/images/list_default.png][StatusCode: 200][Content-Type: image/png][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /images/list)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,33,0,0]
55 TCP 192.168.5.16:53626 <-> 192.168.115.75:443 [proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][Breed: Safe][11 pkts/1943 bytes <-> 8 pkts/1267 bytes][Goodput ratio: 66/63][8.90 sec][Hostname/SNI: 192.168.115.75][bytes ratio: 0.211 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 982/1763 6000/6000 1978/2381][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 177/158 1051/639 283/188][Risk: ** Weak TLS Cipher **** HTTP/TLS/QUIC Numeric Hostname/SNI **** TLS (probably) Not Carrying HTTPS **][Risk Score: 120][Risk Info: No ALPN / 192.168.115.75 / Cipher TLS_RSA_WITH_AES_128_CBC_SHA][nDPI Fingerprint: aa7eafaa128c9b8a39bd010d912570a8][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12i370500_07a749158664_d075105c1994][JA3S: 573a9f3f80037fb40d481e2054def5bb][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 14,14,14,0,0,14,14,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
56 TCP 192.168.115.8:49597 <-> 106.185.35.110:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 295/1kxun, Confidence: DNS][DPI packets: 9][cat: Streaming/17][Breed: Fun][10 pkts/1394 bytes <-> 4 pkts/1464 bytes][Goodput ratio: 59/83][45.16 sec][Hostname/SNI: jp.kankan.1kxun.mobi][bytes ratio: -0.024 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/4 5639/28 44799/53 14801/24][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 139/366 468/1272 164/523][URL: jp.kankan.1kxun.mobi/api/videos/10410.json?callback=jQuery18306855657112319022_1470103242123&_=1470104377698][StatusCode: 200][Content-Type: application/x-javascript][Server: openresty/1.9.7.1][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /api/videos/10410.j)][Plen Bins: 40,0,0,0,0,0,0,0,0,0,0,0,40,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0]
57 TCP 192.168.2.126:35426 <-> 8.209.112.118:80 [proto: 7/HTTP][Stack: HTTP][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 5][cat: Web/5][Breed: Acceptable][4 pkts/2668 bytes <-> 1 pkts/142 bytes][Goodput ratio: 92/62][0.02 sec][Hostname/SNI: analytics.rayjump.com][URL: analytics.rayjump.com/][StatusCode: 204][Req Content-Type: application/x-www-form-urlencoded][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (POST / HTTP/1.1)][Plen Bins: 20,0,20,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0]
- 58 TCP 192.168.2.126:41390 <-> 18.64.79.37:80 [proto: 7.126/HTTP.Google][Stack: HTTP.Google][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7.126/HTTP.Google, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/492 bytes <-> 3 pkts/2123 bytes][Goodput ratio: 86/91][0.03 sec][Hostname/SNI: google.open-js.com][URL: google.open-js.com/doubleclick/ca0ecde2.js][StatusCode: 200][Content-Type: application/javascript][Server: AmazonS3][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (SGET /doubleclick/ca0)][Plen Bins: 0,25,0,0,0,0,0,0,0,0,0,0,0,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0]
- 59 TCP 192.168.2.126:56096 <-> 3.72.69.158:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/857 bytes <-> 1 pkts/1706 bytes][Goodput ratio: 92/96][0.02 sec][Hostname/SNI: setting.rayjump.com][URL: setting.rayjump.com/setting?app_id=32456&sign=3c28ded04e0f4090229968618244b583&channel=&platform=1&os_version=11&package_name=com.sceneway.kankan&app_version_name=2.8.2.1&app_version_code=146&orientation=2&model=sdk_gphone_x86&brand=google&gaid=&mnc=&mcc=][StatusCode: 200][Content-Type: text/plain][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /setting)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
+ 58 TCP 192.168.2.126:41390 <-> 18.64.79.37:80 [proto: 7.126/HTTP.Google][Stack: HTTP.Google][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7.126/HTTP.Google, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/492 bytes <-> 3 pkts/2123 bytes][Goodput ratio: 86/91][0.03 sec][Hostname/SNI: google.open-js.com][URL: google.open-js.com/doubleclick/ca0ecde2.js][StatusCode: 200][Content-Type: application/javascript][Server: AmazonS3][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (SGET /doubleclick/ca0)][Plen Bins: 0,25,0,0,0,0,0,0,0,0,0,0,0,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0]
+ 59 TCP 192.168.2.126:56096 <-> 3.72.69.158:80 [proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/857 bytes <-> 1 pkts/1706 bytes][Goodput ratio: 92/96][0.02 sec][Hostname/SNI: setting.rayjump.com][URL: setting.rayjump.com/setting?app_id=32456&sign=3c28ded04e0f4090229968618244b583&channel=&platform=1&os_version=11&package_name=com.sceneway.kankan&app_version_name=2.8.2.1&app_version_code=146&orientation=2&model=sdk_gphone_x86&brand=google&gaid=&mnc=&mcc=][StatusCode: 200][Content-Type: text/plain][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /setting)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
60 TCP 31.13.87.1:443 <-> 192.168.5.16:53578 [proto: 91/TLS][Stack: TLS][IP: 119/Facebook][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 3][cat: Web/5][Breed: Safe][5 pkts/1006 bytes <-> 5 pkts/1487 bytes][Goodput ratio: 67/78][0.26 sec][bytes ratio: -0.193 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 64/64 205/212 84/87][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 201/297 471/1223 139/463][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][Plen Bins: 0,0,40,20,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0]
61 UDP 192.168.5.57:55809 -> 239.255.255.250:1900 [proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][14 pkts/2450 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][56.94 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2968/0 4488/0 17921/0 4136/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
62 TCP 192.168.115.8:49598 <-> 222.73.254.167:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 295/1kxun, Confidence: DNS][DPI packets: 9][cat: Streaming/17][Breed: Fun][10 pkts/1406 bytes <-> 4 pkts/980 bytes][Goodput ratio: 60/75][45.21 sec][Hostname/SNI: kankan.1kxun.com][bytes ratio: 0.179 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/9 5643/40 44798/70 14800/30][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 141/245 474/788 167/314][URL: kankan.1kxun.com/api/videos/alsolikes/10410.json?callback=jQuery18306855657112319022_1470103242123&_=1470104377899][StatusCode: 200][Content-Type: application/json][Server: openresty/1.9.3.2][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /api/videos/alsolikes/10410)][Plen Bins: 40,0,0,0,0,0,0,0,0,0,0,0,0,40,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -138,23 +138,23 @@ JA Host Stats:
66 UDP 192.168.3.95:59468 -> 239.255.255.250:1900 [proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][12 pkts/2100 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][45.06 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2967/0 4198/0 14952/0 3585/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
67 UDP 192.168.5.9:55484 -> 239.255.255.250:1900 [proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][12 pkts/2100 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][49.87 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2968/0 4680/0 19869/0 5063/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
68 TCP 192.168.2.126:50148 <-> 161.117.13.29:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/1180 bytes <-> 1 pkts/832 bytes][Goodput ratio: 94/92][0.18 sec][Hostname/SNI: mangaweb.1kxun.mobi][URL: mangaweb.1kxun.mobi/images/readpage_revision/like_1.png][StatusCode: 200][Content-Type: image/png][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /images/readpage)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 69 TCP 192.168.2.126:42566 <-> 35.156.44.13:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 4][cat: Web/5][Breed: Acceptable][3 pkts/1770 bytes <-> 1 pkts/222 bytes][Goodput ratio: 89/70][0.03 sec][Hostname/SNI: de01.rayjump.com][StatusCode: 200][Content-Type: text/plain][Server: nginx][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gec][PLAIN TEXT (GGET /impression)][Plen Bins: 25,0,0,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0]
+ 69 TCP 192.168.2.126:42566 <-> 35.156.44.13:80 [proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 4][cat: Web/5][Breed: Acceptable][3 pkts/1770 bytes <-> 1 pkts/222 bytes][Goodput ratio: 89/70][0.03 sec][Hostname/SNI: de01.rayjump.com][StatusCode: 200][Content-Type: text/plain][Server: nginx][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gec][PLAIN TEXT (GGET /impression)][Plen Bins: 25,0,0,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0]
70 TCP 192.168.5.16:53624 <-> 68.233.253.133:80 [proto: 7/HTTP][Stack: HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][Breed: Acceptable][7 pkts/996 bytes <-> 5 pkts/986 bytes][Goodput ratio: 52/66][31.95 sec][Hostname/SNI: api.magicansoft.com][bytes ratio: 0.005 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/8 2391/3919 11352/11551 4481/5397][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 142/197 331/390 117/157][URL: api.magicansoft.com/comMagicanApi/composite/app.php/Global/Index/ip][StatusCode: 502][Content-Type: text/html][Server: MServer 1.2.2][User-Agent: Magican (unknown version) CFNetwork/720.5.7 Darwin/14.5.0 (x86_64)][Risk: ** Error Code **][Risk Score: 10][Risk Info: HTTP Error Code 502][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GET /comMagicanApi/composite/ap)][Plen Bins: 0,0,0,0,0,0,0,0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
71 TCP 192.168.2.126:50140 <-> 161.117.13.29:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/1178 bytes <-> 1 pkts/748 bytes][Goodput ratio: 94/91][0.18 sec][Hostname/SNI: mangaweb.1kxun.mobi][URL: mangaweb.1kxun.mobi/images/readpage_revision/left.png][StatusCode: 200][Content-Type: image/png][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /images/readpage)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0]
72 TCP 192.168.2.126:50166 <-> 161.117.13.29:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/1179 bytes <-> 1 pkts/746 bytes][Goodput ratio: 94/91][0.18 sec][Hostname/SNI: mangaweb.1kxun.mobi][URL: mangaweb.1kxun.mobi/images/readpage_revision/right.png][StatusCode: 200][Content-Type: image/png][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /images/readpage)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0]
73 TCP 192.168.2.126:47262 <-> 161.117.13.29:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/937 bytes <-> 1 pkts/883 bytes][Goodput ratio: 93/92][0.31 sec][Hostname/SNI: kankan.1kxun.com][URL: kankan.1kxun.com/video_kankan_tags/v2/api/messages?min_id=0&access_token=&_brand=Google&_model=sdk_gphone_x86&_ov=Android11&_cpu=i686&_resolution=1080%2C1794&_package=com.sceneway.kankan&_v=2.8.2.1&_channel=1kxun&_carrier=310260&_android_id=b9e28776354d25][StatusCode: 301][Content-Type: text/html][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /video)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 74 TCP 192.168.2.126:51686 <-> 18.64.79.64:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1295 bytes <-> 1 pkts/500 bytes][Goodput ratio: 95/87][0.60 sec][Hostname/SNI: net.rayjump.com][URL: net.rayjump.com/openapi/ad/v3?app_id=32456&unit_id=8881&sign=3c28ded04e0f4090229968618244b583&req_type=3&ad_num=20&tnum=1&only_impression=1&ping_mode=1&ttc_ids=%5B%5D&display_cids=%5B19944365299%5D&exclude_ids=%5B19944365299%5D&ad_source_id=1&session_id=6][StatusCode: 200][Content-Type: application/json][Server: nginx][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /openapi/ad/v)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0]
+ 74 TCP 192.168.2.126:51686 <-> 18.64.79.64:80 [proto: 7/HTTP][Stack: HTTP][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1295 bytes <-> 1 pkts/500 bytes][Goodput ratio: 95/87][0.60 sec][Hostname/SNI: net.rayjump.com][URL: net.rayjump.com/openapi/ad/v3?app_id=32456&unit_id=8881&sign=3c28ded04e0f4090229968618244b583&req_type=3&ad_num=20&tnum=1&only_impression=1&ping_mode=1&ttc_ids=%5B%5D&display_cids=%5B19944365299%5D&exclude_ids=%5B19944365299%5D&ad_source_id=1&session_id=6][StatusCode: 200][Content-Type: application/json][Server: nginx][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /openapi/ad/v)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0]
75 TCP 192.168.2.126:50164 <-> 161.117.13.29:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/1184 bytes <-> 1 pkts/574 bytes][Goodput ratio: 94/88][0.18 sec][Hostname/SNI: mangaweb.1kxun.mobi][URL: mangaweb.1kxun.mobi/images/readpage_revision/more_white.png][StatusCode: 200][Content-Type: image/png][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /images/readpage)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0]
76 UDP 192.168.101.33:55485 -> 239.255.255.250:1900 [proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][10 pkts/1750 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][49.87 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2969/0 5541/0 19870/0 5205/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 77 TCP 192.168.2.126:41940 <-> 18.64.79.50:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1315 bytes <-> 1 pkts/419 bytes][Goodput ratio: 95/84][0.04 sec][Hostname/SNI: tknet-cdn.rayjump.com][URL: tknet-cdn.rayjump.com/ad/log/play?k=629bea20a4e5410001f01c7x&mp=fURPDr5tiUStf7V2fajMiaveHUveDAJ96aiPfU5IiARTfnHIGal9i%2BMefbMefAEeGn3TfaiFfnRPGnEe6jxc6aRAGaxIi%2BMPfdMei%2BewDke6Go9bWUxIi099WUR%2Fi%2BegYFKgY75IhFx8%2BFJML7K%2FH5K9GaHIinhPfdleialM6azIHkPIG][StatusCode: 200][Content-Type: text/plain][Server: nginx][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /ad/log/play)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0]
+ 77 TCP 192.168.2.126:41940 <-> 18.64.79.50:80 [proto: 7/HTTP][Stack: HTTP][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1315 bytes <-> 1 pkts/419 bytes][Goodput ratio: 95/84][0.04 sec][Hostname/SNI: tknet-cdn.rayjump.com][URL: tknet-cdn.rayjump.com/ad/log/play?k=629bea20a4e5410001f01c7x&mp=fURPDr5tiUStf7V2fajMiaveHUveDAJ96aiPfU5IiARTfnHIGal9i%2BMefbMefAEeGn3TfaiFfnRPGnEe6jxc6aRAGaxIi%2BMPfdMei%2BewDke6Go9bWUxIi099WUR%2Fi%2BegYFKgY75IhFx8%2BFJML7K%2FH5K9GaHIinhPfdleialM6azIHkPIG][StatusCode: 200][Content-Type: text/plain][Server: nginx][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /ad/log/play)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0]
78 TCP 192.168.2.126:49242 <-> 172.104.119.80:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][2 pkts/1129 bytes <-> 2 pkts/582 bytes][Goodput ratio: 88/77][2.16 sec][Hostname/SNI: android.yingshi.tcclick.1kxun.com][URL: android.yingshi.tcclick.1kxun.com/api/upload.php][StatusCode: 500][Req Content-Type: application/octet-stream][Content-Type: text/html][Server: openresty/1.11.2.5][User-Agent: okhttp/3.10.0][Risk: ** Error Code **][Risk Score: 10][Risk Info: HTTP Error Code 500][PLAIN TEXT (aPOST /api/upload.php HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 79 TCP 192.168.2.126:56104 <-> 3.72.69.158:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/896 bytes <-> 1 pkts/721 bytes][Goodput ratio: 93/91][0.02 sec][Hostname/SNI: setting.rayjump.com][URL: setting.rayjump.com/rewardsetting?app_id=32456&sign=3c28ded04e0f4090229968618244b583&unit_ids=%5B8881%5D&channel=&platform=1&os_version=11&package_name=com.sceneway.kankan&app_version_name=2.8.2.1&app_version_code=146&orientation=2&model=sdk_gphone_x86&br][StatusCode: 200][Content-Type: text/plain][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /rewardsetting)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 79 TCP 192.168.2.126:56104 <-> 3.72.69.158:80 [proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/896 bytes <-> 1 pkts/721 bytes][Goodput ratio: 93/91][0.02 sec][Hostname/SNI: setting.rayjump.com][URL: setting.rayjump.com/rewardsetting?app_id=32456&sign=3c28ded04e0f4090229968618244b583&unit_ids=%5B8881%5D&channel=&platform=1&os_version=11&package_name=com.sceneway.kankan&app_version_name=2.8.2.1&app_version_code=146&orientation=2&model=sdk_gphone_x86&br][StatusCode: 200][Content-Type: text/plain][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /rewardsetting)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
80 UDP 192.168.5.49:51704 -> 239.255.255.250:1900 [proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][9 pkts/1611 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][45.06 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2965/0 5631/0 15155/0 3855/0][Pkt Len c2s/s2c min/avg/max/stddev: 179/0 179/0 179/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
81 UDP 192.168.5.50:64674 -> 239.255.255.250:1900 [proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][9 pkts/1611 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][57.02 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2949/0 7126/0 24065/0 7503/0][Pkt Len c2s/s2c min/avg/max/stddev: 179/0 179/0 179/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
82 UDP 192.168.5.37:57325 -> 239.255.255.250:1900 [proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][9 pkts/1575 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][45.06 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2969/0 5632/0 18024/0 4843/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
83 TCP 192.168.2.126:59324 <-> 104.117.221.10:80 [proto: 7/HTTP][Stack: HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/475 bytes <-> 1 pkts/1049 bytes][Goodput ratio: 86/94][0.04 sec][Hostname/SNI: m.vpon.com][URL: m.vpon.com/sdk/vpadn-sdk-core-v1.js][StatusCode: 200][Content-Type: application/x-javascript][Server: AkamaiNetStorage][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36(Mobile; vpadn-sdk-a-v4.6.4)][PLAIN TEXT (GET /sdk/vpadn)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
84 TCP 192.168.2.126:35200 <-> 103.29.71.30:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/953 bytes <-> 1 pkts/563 bytes][Goodput ratio: 93/88][0.36 sec][Hostname/SNI: release.bigdata.1kxun.com][URL: release.bigdata.1kxun.com/c/35/13277?&_in_app=kankan&_udid=e6dbd30b-3b84-44b4-9751-631148a3ede9&_v=2.8.2.1&_package=com.sceneway.kankan&_model=sdk_gphone_x86&_ov=11&_brand=Google&_android_id=b9e28776354d259e&_gaid=5ac6a0ff-8d18-47bc-a902-2812cf0c251e&t=16][StatusCode: 302][Content-Type: text/html][Server: openresty/1.13.6.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /c/35/13277)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 85 TCP 192.168.2.126:43272 <-> 18.64.79.58:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1006 bytes <-> 1 pkts/500 bytes][Goodput ratio: 93/87][0.11 sec][Hostname/SNI: net.rayjump.com][URL: net.rayjump.com/openapi/ads?app_id=32456&unit_id=52498&sign=3c28ded04e0f4090229968618244b583&is_vast=1&ad_num=1&http_req=1&client_ip=92.219.40.235&useragent=Dalvik%2F2.1.0+%28Linux%3B+U%3B+Android+11%3B+sdk_gphone_x86+Build%2FRSR1.201013.001%29&os_version][StatusCode: 200][Content-Type: application/json][Server: nginx][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /openapi/ads)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 85 TCP 192.168.2.126:43272 <-> 18.64.79.58:80 [proto: 7/HTTP][Stack: HTTP][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1006 bytes <-> 1 pkts/500 bytes][Goodput ratio: 93/87][0.11 sec][Hostname/SNI: net.rayjump.com][URL: net.rayjump.com/openapi/ads?app_id=32456&unit_id=52498&sign=3c28ded04e0f4090229968618244b583&is_vast=1&ad_num=1&http_req=1&client_ip=92.219.40.235&useragent=Dalvik%2F2.1.0+%28Linux%3B+U%3B+Android+11%3B+sdk_gphone_x86+Build%2FRSR1.201013.001%29&os_version][StatusCode: 200][Content-Type: application/json][Server: nginx][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][PLAIN TEXT (GET /openapi/ads)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
86 TCP 192.168.115.8:49607 <-> 218.244.135.170:9099 [proto: 7/HTTP][Stack: HTTP][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 274/Alibaba, Confidence: IP address][DPI packets: 8][cat: Web/5][Breed: Acceptable][10 pkts/880 bytes <-> 3 pkts/572 bytes][Goodput ratio: 36/69][0.74 sec][Hostname/SNI: 218.244.135.170][bytes ratio: 0.212 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/119 54/119 318/119 106/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 88/191 212/446 62/181][URL: 218.244.135.170:9099/api/qqlive_ckey/get?vid=y0013xaeeyo&platform=10902][StatusCode: 200][User-Agent: Mozilla/5.0][Risk: ** Known Proto on Non Std Port **** HTTP/TLS/QUIC Numeric Hostname/SNI **][Risk Score: 60][Risk Info: Found host 218.244.135.170 / Expected on port 80][TCP Fingerprint: 2_128_8192_bfcc4e683d79/Unknown][PLAIN TEXT (GET /api/qq)][Plen Bins: 25,0,0,0,50,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
87 UDP 192.168.5.47:60267 -> 239.255.255.250:1900 [proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][8 pkts/1432 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][38.10 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2968/0 5442/0 17101/0 4875/0][Pkt Len c2s/s2c min/avg/max/stddev: 179/0 179/0 179/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
88 UDP 192.168.5.41:55312 -> 239.255.255.250:1900 [proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][8 pkts/1400 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][57.22 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2949/0 8174/0 27242/0 8848/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -163,21 +163,21 @@ JA Host Stats:
91 TCP 192.168.2.126:53416 <-> 172.217.16.142:80 [proto: 7.228/HTTP.PlayStore][Stack: HTTP.PlayStore][IP: 126/Google][ClearText][Confidence: DPI][FPC: 7.228/HTTP.PlayStore, Confidence: DPI][DPI packets: 2][cat: SoftwareUpdate/19][Breed: Safe][1 pkts/625 bytes <-> 1 pkts/734 bytes][Goodput ratio: 89/91][0.05 sec][Hostname/SNI: play.google.com][URL: play.google.com/store/apps/details?id=com.azarlive.android&referrer=adjust_external_click_id%3Dv.2_g.143845_a.f84f54bf-31cd-43ff-bd27-526ccc6457da_c.117_t.ua_u.e7df87247cbcea13%26utm_campaign%3DTest%2BCampaign%26utm_content%3DTest%2BSource%2BApp_123456789][StatusCode: 301][Content-Type: application/binary][Server: ESF][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /store/apps/details)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
92 TCP 192.168.2.126:58758 <-> 202.153.196.53:80 [proto: 7/HTTP][Stack: HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1110 bytes <-> 1 pkts/236 bytes][Goodput ratio: 94/72][0.32 sec][Hostname/SNI: tw.api.vpon.com][URL: tw.api.vpon.com/api/webviewAdReq?s_w=411&s_h=731&u_w=411&u_h=683&u_sd=2.625&lang=en_US&ni=0&sdk=vpadn-sdk-a-v4.6.4&u_o=1&os_v=30&n_mnc=260&n_mcc=310&mnc=260&mcc=310&format=320x50_mb&msid=com.sceneway.kankan&app_name=30.android.com.sceneway.kankan&simulato][StatusCode: 200][Server: Apache-Coyote/1.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36(Mobile; vpadn-sdk-a-v4.6.4)][PLAIN TEXT (NGET /api/webviewAdReq)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
93 TCP 192.168.2.126:58760 <-> 202.153.196.53:80 [proto: 7/HTTP][Stack: HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/1110 bytes <-> 1 pkts/236 bytes][Goodput ratio: 94/72][1.09 sec][Hostname/SNI: tw.api.vpon.com][URL: tw.api.vpon.com/api/webviewAdReq?s_w=731&s_h=411&u_w=683&u_h=411&u_sd=2.625&lang=en_US&ni=0&sdk=vpadn-sdk-a-v4.6.4&u_o=2&os_v=30&n_mnc=260&n_mcc=310&mnc=260&mcc=310&format=320x50_mb&msid=com.sceneway.kankan&app_name=30.android.com.sceneway.kankan&simulato][StatusCode: 200][Server: Apache-Coyote/1.1][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36(Mobile; vpadn-sdk-a-v4.6.4)][PLAIN TEXT (GET /api/webviewAdReq)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 94 TCP 192.168.2.126:56094 <-> 3.72.69.158:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/876 bytes <-> 1 pkts/460 bytes][Goodput ratio: 92/85][0.02 sec][Hostname/SNI: setting.rayjump.com][URL: setting.rayjump.com/rewardsetting?app_id=32456&sign=3c28ded04e0f4090229968618244b583&channel=&platform=1&os_version=11&package_name=com.sceneway.kankan&app_version_name=2.8.2.1&app_version_code=146&orientation=2&model=sdk_gphone_x86&brand=google&gaid=&mnc][StatusCode: 200][Content-Type: text/plain][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /rewardsetting)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 95 TCP 192.168.2.126:56098 <-> 3.72.69.158:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/863 bytes <-> 1 pkts/460 bytes][Goodput ratio: 92/85][0.02 sec][Hostname/SNI: setting.rayjump.com][URL: setting.rayjump.com/rewardsetting?app_id=32456&sign=3c28ded04e0f4090229968618244b583&channel=&platform=1&os_version=11&package_name=com.sceneway.kankan&app_version_name=2.8.2.1&app_version_code=146&orientation=2&model=sdk_gphone_x86&brand=google&gaid=&mnc][StatusCode: 200][Content-Type: text/plain][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /rewardsetting)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 94 TCP 192.168.2.126:56094 <-> 3.72.69.158:80 [proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/876 bytes <-> 1 pkts/460 bytes][Goodput ratio: 92/85][0.02 sec][Hostname/SNI: setting.rayjump.com][URL: setting.rayjump.com/rewardsetting?app_id=32456&sign=3c28ded04e0f4090229968618244b583&channel=&platform=1&os_version=11&package_name=com.sceneway.kankan&app_version_name=2.8.2.1&app_version_code=146&orientation=2&model=sdk_gphone_x86&brand=google&gaid=&mnc][StatusCode: 200][Content-Type: text/plain][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /rewardsetting)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 95 TCP 192.168.2.126:56098 <-> 3.72.69.158:80 [proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/863 bytes <-> 1 pkts/460 bytes][Goodput ratio: 92/85][0.02 sec][Hostname/SNI: setting.rayjump.com][URL: setting.rayjump.com/rewardsetting?app_id=32456&sign=3c28ded04e0f4090229968618244b583&channel=&platform=1&os_version=11&package_name=com.sceneway.kankan&app_version_name=2.8.2.1&app_version_code=146&orientation=2&model=sdk_gphone_x86&brand=google&gaid=&mnc][StatusCode: 200][Content-Type: text/plain][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (GET /rewardsetting)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
96 TCP 192.168.2.126:47272 <-> 161.117.13.29:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/982 bytes <-> 1 pkts/331 bytes][Goodput ratio: 93/80][0.35 sec][Hostname/SNI: messages.1kxun.mobi][URL: messages.1kxun.mobi/api/messages/listForYingshi?client-uid=e6dbd30b-3b84-44b4-9751-631148a3ede9&min_id=0&access_token=&_brand=Google&_model=sdk_gphone_x86&_ov=Android11&_cpu=i686&_resolution=1080%2C1794&_package=com.sceneway.kankan&_v=2.8.2.1&_channel=1kx][StatusCode: 200][Content-Type: text/xml][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][PLAIN TEXT (GET /api/messages/listForYingsh)][Plen Bins: 0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
97 TCP 192.168.2.126:56826 <-> 8.209.97.107:80 [proto: 7/HTTP][Stack: HTTP][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 3][cat: Web/5][Breed: Acceptable][2 pkts/1156 bytes <-> 1 pkts/142 bytes][Goodput ratio: 91/62][0.02 sec][Hostname/SNI: analytics.rayjump.com][URL: analytics.rayjump.com/][StatusCode: 204][Req Content-Type: application/x-www-form-urlencoded][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (POST / HTTP/1.1)][Plen Bins: 0,0,33,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
98 UDP 192.168.5.48:49701 -> 239.255.255.250:1900 [proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][7 pkts/1253 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][16.80 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1227/0 2799/0 5942/0 1567/0][Pkt Len c2s/s2c min/avg/max/stddev: 179/0 179/0 179/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 99 TCP 192.168.2.126:43266 -> 18.64.79.58:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 1][cat: Web/5][Breed: Acceptable][1 pkts/1198 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][Hostname/SNI: net.rayjump.com][URL: net.rayjump.com/openapi/ad/v3?app_id=32456&unit_id=8881&sign=3c28ded04e0f4090229968618244b583&req_type=2&ad_num=20&tnum=1&only_impression=1&ping_mode=1&ttc_ids=%5B%5D&ad_source_id=1&ad_type=94&offset=0&channel=&platform=1&os_version=11&package_name=com.sc][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (GET /openapi/ad/v)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0]
+ 99 TCP 192.168.2.126:43266 -> 18.64.79.58:80 [proto: 7/HTTP][Stack: HTTP][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 1][cat: Web/5][Breed: Acceptable][1 pkts/1198 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][Hostname/SNI: net.rayjump.com][URL: net.rayjump.com/openapi/ad/v3?app_id=32456&unit_id=8881&sign=3c28ded04e0f4090229968618244b583&req_type=2&ad_num=20&tnum=1&only_impression=1&ping_mode=1&ttc_ids=%5B%5D&ad_source_id=1&ad_type=94&offset=0&channel=&platform=1&os_version=11&package_name=com.sc][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (GET /openapi/ad/v)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0]
100 UDP 192.168.3.236:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][Stack: NetBIOS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 10/NetBIOS, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][13 pkts/1196 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][30.61 sec][Hostname/SNI: isatap][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 715/0 2708/0 9111/0 2902/0][Pkt Len c2s/s2c min/avg/max/stddev: 92/0 92/0 92/0 0/0][PLAIN TEXT (FDEBFEEBFACACACACACACACACACAAA)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 101 TCP 192.168.2.126:40204 <-> 18.235.204.9:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/760 bytes <-> 1 pkts/237 bytes][Goodput ratio: 91/72][0.11 sec][Hostname/SNI: adexp.liftoff.io][URL: adexp.liftoff.io/event/vast/start/57aa80COXjCBIkZjg0ZjU0YmYtMzFjZC00M2ZmLWJkMjctNTI2Y2NjNjQ1N2RhGICaqoiTMCB1KMi9DzCiEDobY29tLnNjZW5ld2F5Lmthbmthbi5tYXJrZXQzQhhoYXdrZXItcmVuZGVyaW5nLWNvbnRyb2xKCmQ4MTI5YmY1ZTRQAloDREVVYAJoBHIJdXMtZWFzdC0x4AEBgAF1kgECZW6YAQK][StatusCode: 200][Content-Type: image/png][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /event/vast/start/57aa80COX)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 101 TCP 192.168.2.126:40204 <-> 18.235.204.9:80 [proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/760 bytes <-> 1 pkts/237 bytes][Goodput ratio: 91/72][0.11 sec][Hostname/SNI: adexp.liftoff.io][URL: adexp.liftoff.io/event/vast/start/57aa80COXjCBIkZjg0ZjU0YmYtMzFjZC00M2ZmLWJkMjctNTI2Y2NjNjQ1N2RhGICaqoiTMCB1KMi9DzCiEDobY29tLnNjZW5ld2F5Lmthbmthbi5tYXJrZXQzQhhoYXdrZXItcmVuZGVyaW5nLWNvbnRyb2xKCmQ4MTI5YmY1ZTRQAloDREVVYAJoBHIJdXMtZWFzdC0x4AEBgAF1kgECZW6YAQK][StatusCode: 200][Content-Type: image/png][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /event/vast/start/57aa80COX)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
102 TCP 192.168.2.126:60962 <-> 172.104.93.92:1234 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/604 bytes <-> 1 pkts/255 bytes][Goodput ratio: 89/74][0.31 sec][Hostname/SNI: ws.1kxun.mobi][URL: ws.1kxun.mobi:1234/?_brand=Google&_model=sdk_gphone_x86&_ov=Android11&_cpu=i686&_resolution=1080%2C1794&_package=com.sceneway.kankan&_v=2.8.2.1&_channel=1kxun&_carrier=310260&_android_id=b9e28776354d259e&_network=wifi&_aid=5ac6a0ff-8d18-47bc-a902-2812cf0c][StatusCode: 101][Server: swoole-websocket-server][User-Agent: okhttp/3.10.0][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 80][PLAIN TEXT (Google)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
103 TCP 192.168.2.126:60972 <-> 172.104.93.92:1234 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/604 bytes <-> 1 pkts/255 bytes][Goodput ratio: 89/74][0.24 sec][Hostname/SNI: ws.1kxun.mobi][URL: ws.1kxun.mobi:1234/?_brand=Google&_model=sdk_gphone_x86&_ov=Android11&_cpu=i686&_resolution=1080%2C1794&_package=com.sceneway.kankan&_v=2.8.2.1&_channel=1kxun&_carrier=310260&_android_id=b9e28776354d259e&_network=wifi&_aid=5ac6a0ff-8d18-47bc-a902-2812cf0c][StatusCode: 101][Server: swoole-websocket-server][User-Agent: okhttp/3.10.0][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 80][PLAIN TEXT (Google)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
104 TCP 192.168.2.126:60984 <-> 172.104.93.92:1234 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Streaming/17][Breed: Fun][1 pkts/604 bytes <-> 1 pkts/255 bytes][Goodput ratio: 89/74][0.27 sec][Hostname/SNI: ws.1kxun.mobi][URL: ws.1kxun.mobi:1234/?_brand=Google&_model=sdk_gphone_x86&_ov=Android11&_cpu=i686&_resolution=1080%2C1794&_package=com.sceneway.kankan&_v=2.8.2.1&_channel=1kxun&_carrier=310260&_android_id=b9e28776354d259e&_network=wifi&_aid=5ac6a0ff-8d18-47bc-a902-2812cf0c][StatusCode: 101][Server: swoole-websocket-server][User-Agent: okhttp/3.10.0][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 80][PLAIN TEXT (Google)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
105 TCP 192.168.2.126:41134 <-> 129.226.107.77:80 [proto: 7.48/HTTP.QQ][Stack: HTTP.QQ][IP: 285/Tencent][ClearText][Confidence: DPI][FPC: 7.48/HTTP.QQ, Confidence: DPI][DPI packets: 2][cat: Chat/9][Breed: Fun][1 pkts/324 bytes <-> 1 pkts/518 bytes][Goodput ratio: 83/89][0.19 sec][Hostname/SNI: cgi.connect.qq.com][URL: cgi.connect.qq.com/qqconnectopen/openapi/policy_conf?status_os=11&status_version=30&status_machine=sdk_gphone_x86&sdkp=a&sdkv=3.1.0.lite&appid=100258135][StatusCode: 302][Content-Type: text/html][Server: stgw][User-Agent: AndroidSDK_30_generic_x86_arm_11][PLAIN TEXT (GET /qq)][Plen Bins: 0,0,0,0,0,0,0,0,50,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
106 TCP 192.168.2.126:38834 <-> 119.45.78.184:80 [proto: 7.48/HTTP.QQ][Stack: HTTP.QQ][IP: 285/Tencent][ClearText][Confidence: DPI][FPC: 7.48/HTTP.QQ, Confidence: DPI][DPI packets: 3][cat: Chat/9][Breed: Fun][2 pkts/655 bytes <-> 1 pkts/170 bytes][Goodput ratio: 80/61][0.31 sec][Hostname/SNI: pingma.qq.com][URL: pingma.qq.com:80/mstat/report][StatusCode: 404][Risk: ** HTTP Susp User-Agent **** Error Code **][Risk Score: 110][Risk Info: HTTP Error Code 404 / Empty or missing User-Agent][PLAIN TEXT (POST /mstat/report HTTP/1.1)][Plen Bins: 0,0,0,33,33,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
107 UDP 192.168.5.45:138 -> 192.168.255.255:138 [proto: 10.16/NetBIOS.SMBv1][Stack: NetBIOS.SMBv1][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 10.16/NetBIOS.SMBv1, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Dangerous][3 pkts/648 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][0.00 sec][Hostname/SNI: macbookair-e1d0][PLAIN TEXT ( ENEBEDECEPEPELEBEJ)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 108 TCP 192.168.2.126:54810 <-> 18.233.123.55:80 [proto: 7/HTTP][Stack: HTTP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/490 bytes <-> 1 pkts/141 bytes][Goodput ratio: 86/53][0.11 sec][Hostname/SNI: impression-east.liftoff.io][URL: impression-east.liftoff.io/mintegral/beacon?ad_group_id=143845&channel_id=117&creative_id=253640&auction_id=f84f54bf-31cd-43ff-bd27-526ccc6457da&origin=haggler-mintegral021][StatusCode: 200][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /mintegral/beacon)][Plen Bins: 0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 108 TCP 192.168.2.126:54810 <-> 18.233.123.55:80 [proto: 7/HTTP][Stack: HTTP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 2][cat: Web/5][Breed: Acceptable][1 pkts/490 bytes <-> 1 pkts/141 bytes][Goodput ratio: 86/53][0.11 sec][Hostname/SNI: impression-east.liftoff.io][URL: impression-east.liftoff.io/mintegral/beacon?ad_group_id=143845&channel_id=117&creative_id=253640&auction_id=f84f54bf-31cd-43ff-bd27-526ccc6457da&origin=haggler-mintegral021][StatusCode: 200][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][PLAIN TEXT (GET /mintegral/beacon)][Plen Bins: 0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
109 TCP 192.168.2.126:51888 -> 119.28.164.143:80 [proto: 7/HTTP][Stack: HTTP][IP: 285/Tencent][ClearText][Confidence: DPI][FPC: 7/HTTP, Confidence: DPI][DPI packets: 1][cat: Web/5][Breed: Acceptable][1 pkts/571 bytes -> 0 pkts/0 bytes][Goodput ratio: 90/0][< 1 sec][Hostname/SNI: qzonestyle.gtimg.cn][URL: qzonestyle.gtimg.cn/qzone/openapi/qc-1.0.1.js][User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86 Build/RSR1.201013.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (GET /qzone/openapi/qc)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
110 TCP 192.168.2.126:47230 <-> 161.117.13.29:80 [proto: 7.295/HTTP.1kxun][Stack: HTTP.1kxun][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 7.295/HTTP.1kxun, Confidence: DPI][DPI packets: 2][cat: Download/7][Breed: Fun][1 pkts/223 bytes <-> 1 pkts/330 bytes][Goodput ratio: 70/80][0.18 sec][Hostname/SNI: kankan.1kxun.mobi][URL: kankan.1kxun.mobi/api.domain.conf][StatusCode: 200][Content-Type: application/octet-stream][Server: openresty/1.13.6.1][User-Agent: okhttp/3.10.0][Risk: ** Binary File/Data Transfer (Attempt) **][Risk Score: 50][Risk Info: Found binary mime octet-stream][PLAIN TEXT (GET /api.domain.conf HTTP/1.1)][Plen Bins: 0,0,0,0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
111 UDP 192.168.115.8:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][Stack: NetBIOS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 10/NetBIOS, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][6 pkts/552 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][1.50 sec][Hostname/SNI: wpad][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 300/0 749/0 367/0][Pkt Len c2s/s2c min/avg/max/stddev: 92/0 92/0 92/0 0/0][PLAIN TEXT ( FHFAEBEECACACACACACACACACACACA)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -188,7 +188,7 @@ JA Host Stats:
116 TCP 192.168.115.8:49596 <-> 203.66.182.87:443 [proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][Breed: Safe][4 pkts/220 bytes <-> 2 pkts/132 bytes][Goodput ratio: 2/0][45.01 sec][bytes ratio: 0.250 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/45002 14999/45002 44996/45002 21211/0][Pkt Len c2s/s2c min/avg/max/stddev: 55/66 55/66 55/66 0/0][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
117 UDP 192.168.5.9:68 -> 255.255.255.255:67 [proto: 18/DHCP][Stack: DHCP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 18/DHCP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/342 bytes -> 0 pkts/0 bytes][Goodput ratio: 87/0][< 1 sec][Hostname/SNI: joanna-pc][DHCP Fingerprint: 1,15,3,6,44,46,47,31,33,121,249,43,252][DHCP Class Ident: MSFT 5.0][PLAIN TEXT (Joanna)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
118 UDP 192.168.5.41:68 -> 255.255.255.255:67 [proto: 18/DHCP][Stack: DHCP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 18/DHCP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/342 bytes -> 0 pkts/0 bytes][Goodput ratio: 87/0][< 1 sec][Hostname/SNI: kevin-pc][DHCP Fingerprint: 1,15,3,6,44,46,47,31,33,121,249,43,252][DHCP Class Ident: MSFT 5.0][PLAIN TEXT (MSFT 5.07)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 119 TCP 192.168.2.126:35666 -> 18.66.2.90:80 [proto: 7.291/HTTP.MpegDash][Stack: HTTP.MpegDash][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 7.291/HTTP.MpegDash, Confidence: DPI][DPI packets: 1][cat: Media/1][Breed: Fun][1 pkts/299 bytes -> 0 pkts/0 bytes][Goodput ratio: 78/0][< 1 sec][Hostname/SNI: cdn.liftoff.io][URL: cdn.liftoff.io/customers/45d4b09eba/videos/mobile/fd5692dd53042b199e03.mp4][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (GET /customers/45)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 119 TCP 192.168.2.126:35666 -> 18.66.2.90:80 [proto: 7.291/HTTP.MpegDash][Stack: HTTP.MpegDash][IP: 464/AWS_Cloudfront][ClearText][Confidence: DPI][FPC: 7.291/HTTP.MpegDash, Confidence: DPI][DPI packets: 1][cat: Media/1][Breed: Fun][1 pkts/299 bytes -> 0 pkts/0 bytes][Goodput ratio: 78/0][< 1 sec][Hostname/SNI: cdn.liftoff.io][URL: cdn.liftoff.io/customers/45d4b09eba/videos/mobile/fd5692dd53042b199e03.mp4][User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; sdk_gphone_x86 Build/RSR1.201013.001)][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (GET /customers/45)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
120 UDP 192.168.115.8:60724 <-> 8.8.8.8:53 [proto: 5/DNS][Stack: DNS][IP: 126/Google][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 3][cat: Network/14][Breed: Acceptable][2 pkts/146 bytes <-> 1 pkts/137 bytes][Goodput ratio: 42/69][0.05 sec][Hostname/SNI: pic.1kxun.com][106.187.35.246][DNS Id: 0x2990][Plen Bins: 66,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
121 UDP 192.168.0.104:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][Stack: NetBIOS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 10/NetBIOS, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][3 pkts/276 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][1.54 sec][Hostname/SNI: sc.arrancar.org][PLAIN TEXT ( FDEDCOEBFC)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
122 UDP 192.168.115.8:51024 <-> 8.8.8.8:53 [proto: 5/DNS][Stack: DNS][IP: 126/Google][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 3][cat: Network/14][Breed: Acceptable][2 pkts/160 bytes <-> 1 pkts/112 bytes][Goodput ratio: 47/62][0.02 sec][Hostname/SNI: jp.kankan.1kxun.mobi][106.185.35.110][DNS Id: 0xfd2c][PLAIN TEXT (kankan)][Plen Bins: 0,66,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/guessing_disable/result/webex.pcap.out b/tests/cfgs/guessing_disable/result/webex.pcap.out
index d874d66a2..99bb1e7fc 100644
--- a/tests/cfgs/guessing_disable/result/webex.pcap.out
+++ b/tests/cfgs/guessing_disable/result/webex.pcap.out
@@ -53,7 +53,7 @@ JA Host Stats:
7 TCP 10.8.0.1:51154 <-> 62.109.224.120:443 [proto: 91.141/TLS.Webex][Stack: TLS.Webex][IP: 141/Webex][Encrypted][Confidence: DPI][FPC: 141/Webex, Confidence: IP address][DPI packets: 6][cat: VoIP/10][Breed: Acceptable][55 pkts/12583 bytes <-> 50 pkts/6703 bytes][Goodput ratio: 76/60][68.57 sec][bytes ratio: 0.305 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1424/790 16039/7189 2911/1473][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 229/134 590/3961 154/547][Risk: ** Obsolete TLS (v1.1 or older) **** Weak TLS Cipher **][Risk Score: 200][Risk Info: Cipher TLS_RSA_WITH_AES_256_CBC_SHA / TLSv1][nDPI Fingerprint: 243e6139d9b4c6b9b889def424d85b70][TCP Fingerprint: 2_64_14600_8c07a80cc645/Linux][TLSv1][JA4: t10i020200_f2d8273d9564_18d1e47e0978][ServerNames: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=us, ST=California, L=San Jose, O=Cisco Systems, Inc., OU=CSG, CN=*.webex.com][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2015-04-10 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA][Plen Bins: 0,5,40,16,1,11,3,1,0,0,5,0,3,0,0,1,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1]
8 UDP 10.8.0.1:64538 -> 172.16.1.75:5060 [proto: 100/SIP][Stack: SIP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 100/SIP, Confidence: DPI][DPI packets: 1][cat: VoIP/10][Breed: Acceptable][22 pkts/15356 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][95.92 sec][SIP From: ;tag=d3833767][SIP To: ][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1008/0 4783/0 32494/0 6932/0][Pkt Len c2s/s2c min/avg/max/stddev: 698/0 698/0 698/0 0/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (REGISTER sip)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
9 TCP 10.8.0.1:51857 <-> 62.109.229.158:443 [proto: 91.141/TLS.Webex][Stack: TLS.Webex][IP: 141/Webex][Encrypted][Confidence: DPI][FPC: 141/Webex, Confidence: IP address][DPI packets: 6][cat: VoIP/10][Breed: Acceptable][29 pkts/4559 bytes <-> 21 pkts/5801 bytes][Goodput ratio: 65/80][21.38 sec][bytes ratio: -0.120 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 796/452 6005/3010 1691/778][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 157/276 432/3961 108/830][Risk: ** Obsolete TLS (v1.1 or older) **** Weak TLS Cipher **][Risk Score: 200][Risk Info: Cipher TLS_RSA_WITH_AES_128_CBC_SHA / TLSv1][nDPI Fingerprint: 265bb6ba064759800a0118d131206482][TCP Fingerprint: 2_64_14600_8c07a80cc645/Linux][TLSv1][JA4: t10i440400_e56d601e95ee_282f11336259][ServerNames: *.webex.com][JA3S: 4192c0a946c5bd9b544b4656d9f624a4][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=us, ST=California, L=San Jose, O=Cisco Systems, Inc., OU=CSG, CN=*.webex.com][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2015-04-10 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,13,17,13,4,4,30,0,0,0,4,4,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4]
- 10 TCP 10.8.0.1:46211 <-> 54.241.32.14:443 [proto: 91/TLS][Stack: TLS][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 14][cat: Web/5][Breed: Safe][16 pkts/1984 bytes <-> 14 pkts/7584 bytes][Goodput ratio: 55/90][41.17 sec][Hostname/SNI: api.crittercism.com][bytes ratio: -0.585 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3166/655 34507/5259 9151/1546][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 124/542 590/1502 149/614][Risk: ** Obsolete TLS (v1.1 or older) **** Weak TLS Cipher **][Risk Score: 200][Risk Info: Cipher TLS_RSA_WITH_RC4_128_MD5 / TLSv1][nDPI Fingerprint: a5bb4e838c2002745dd8bb298c2b40df][TCP Fingerprint: 2_64_14600_8c07a80cc645/Linux][TLSv1][JA4: t10d350400_1f24bcc5f17d_a875e5012fde][ServerNames: *.crittercism.com,crittercism.com][JA3S: c800cea031c10ffe47e1d72c9264577a][Issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA][Subject: OU=Domain Control Validated, OU=PositiveSSL Wildcard, CN=*.crittercism.com][Certificate SHA-1: 68:8B:FC:77:1E:CA:80:33:0C:A9:0E:29:A6:E4:0D:FC:3A:AE:43:18][Validity: 2015-01-14 00:00:00 - 2020-01-13 23:59:59][Cipher: TLS_RSA_WITH_RC4_128_MD5][Plen Bins: 8,8,8,0,0,0,8,8,0,8,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,8,0,0,0,0,16,0,8,0,0]
+ 10 TCP 10.8.0.1:46211 <-> 54.241.32.14:443 [proto: 91/TLS][Stack: TLS][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 14][cat: Web/5][Breed: Safe][16 pkts/1984 bytes <-> 14 pkts/7584 bytes][Goodput ratio: 55/90][41.17 sec][Hostname/SNI: api.crittercism.com][bytes ratio: -0.585 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3166/655 34507/5259 9151/1546][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 124/542 590/1502 149/614][Risk: ** Obsolete TLS (v1.1 or older) **** Weak TLS Cipher **][Risk Score: 200][Risk Info: Cipher TLS_RSA_WITH_RC4_128_MD5 / TLSv1][nDPI Fingerprint: a5bb4e838c2002745dd8bb298c2b40df][TCP Fingerprint: 2_64_14600_8c07a80cc645/Linux][TLSv1][JA4: t10d350400_1f24bcc5f17d_a875e5012fde][ServerNames: *.crittercism.com,crittercism.com][JA3S: c800cea031c10ffe47e1d72c9264577a][Issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA][Subject: OU=Domain Control Validated, OU=PositiveSSL Wildcard, CN=*.crittercism.com][Certificate SHA-1: 68:8B:FC:77:1E:CA:80:33:0C:A9:0E:29:A6:E4:0D:FC:3A:AE:43:18][Validity: 2015-01-14 00:00:00 - 2020-01-13 23:59:59][Cipher: TLS_RSA_WITH_RC4_128_MD5][Plen Bins: 8,8,8,0,0,0,8,8,0,8,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,8,0,0,0,0,16,0,8,0,0]
11 TCP 10.8.0.1:41386 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][Stack: TLS.Webex][IP: 141/Webex][Encrypted][Confidence: DPI][FPC: 141/Webex, Confidence: IP address][DPI packets: 6][cat: VoIP/10][Breed: Acceptable][9 pkts/1417 bytes <-> 8 pkts/6984 bytes][Goodput ratio: 64/94][3.96 sec][bytes ratio: -0.663 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/2 523/352 2070/1020 730/365][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 157/873 576/3993 179/1444][Risk: ** Obsolete TLS (v1.1 or older) **** Weak TLS Cipher **][Risk Score: 200][Risk Info: Cipher TLS_RSA_WITH_AES_256_CBC_SHA / TLSv1][nDPI Fingerprint: 243e6139d9b4c6b9b889def424d85b70][TCP Fingerprint: 2_64_14600_8c07a80cc645/Linux][TLSv1][JA4: t10i020200_f2d8273d9564_18d1e47e0978][ServerNames: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=us, ST=California, L=San Jose, O=Cisco Systems, Inc., OU=CSG, CN=*.webex.com][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2015-04-10 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA][Plen Bins: 0,33,0,0,0,0,0,0,0,0,16,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33]
12 TCP 10.8.0.1:41419 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][Stack: TLS.Webex][IP: 141/Webex][Encrypted][Confidence: DPI][FPC: 141/Webex, Confidence: IP address][DPI packets: 6][cat: VoIP/10][Breed: Acceptable][7 pkts/1309 bytes <-> 7 pkts/6930 bytes][Goodput ratio: 70/95][1.07 sec][bytes ratio: -0.682 (Download)][IAT c2s/s2c min/avg/max/stddev: 4/51 160/195 357/356 154/126][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 187/990 576/3993 192/1508][Risk: ** Obsolete TLS (v1.1 or older) **** Weak TLS Cipher **][Risk Score: 200][Risk Info: Cipher TLS_RSA_WITH_AES_256_CBC_SHA / TLSv1][nDPI Fingerprint: 243e6139d9b4c6b9b889def424d85b70][TCP Fingerprint: 2_64_14600_8c07a80cc645/Linux][TLSv1][JA4: t10i020200_f2d8273d9564_18d1e47e0978][ServerNames: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=us, ST=California, L=San Jose, O=Cisco Systems, Inc., OU=CSG, CN=*.webex.com][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2015-04-10 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA][Plen Bins: 0,33,0,0,0,0,0,0,0,0,16,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33]
13 TCP 10.8.0.1:52730 <-> 173.243.4.76:443 [proto: 91.141/TLS.Webex][Stack: TLS.Webex][IP: 141/Webex][Encrypted][Confidence: DPI][FPC: 141/Webex, Confidence: IP address][DPI packets: 8][cat: VoIP/10][Breed: Acceptable][9 pkts/1369 bytes <-> 8 pkts/6621 bytes][Goodput ratio: 63/93][3.00 sec][bytes ratio: -0.657 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 385/312 2171/1116 743/396][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 152/828 528/2974 166/1099][Risk: ** Obsolete TLS (v1.1 or older) **** Weak TLS Cipher **][Risk Score: 200][Risk Info: Cipher TLS_RSA_WITH_AES_256_CBC_SHA / TLSv1][nDPI Fingerprint: 243e6139d9b4c6b9b889def424d85b70][TCP Fingerprint: 2_64_14600_8c07a80cc645/Linux][TLSv1][JA4: t10i020200_f2d8273d9564_18d1e47e0978][ServerNames: *.webex.com][JA3S: 91589ea825a2ee41810c85fab06d2ef6][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=us, ST=California, L=San Jose, O=Cisco Systems, Inc., OU=CSG, CN=*.webex.com][Certificate SHA-1: 61:C9:DE:EE:FA:AE:DC:17:A0:36:B9:68:F9:17:F6:5A:90:7B:14:E1][Validity: 2015-04-10 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA][Plen Bins: 0,28,0,0,0,0,0,0,0,0,14,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,28]
@@ -103,4 +103,4 @@ Undetected flows:
1 UDP 10.8.0.1:51772 <-> 62.109.229.158:9000 [proto: 0/Unknown][Stack: Unknown][IP: 141/Webex][ClearText][Confidence: Unknown][FPC: 141/Webex, Confidence: IP address][DPI packets: 7][Breed: Unrated][14 pkts/1071 bytes <-> 2 pkts/100 bytes][Goodput ratio: 45/16][20.24 sec][bytes ratio: 0.829 (Upload)][IAT c2s/s2c min/avg/max/stddev: 122/117 1602/117 8966/117 2266/0][Pkt Len c2s/s2c min/avg/max/stddev: 47/50 76/50 84/50 14/0][Plen Bins: 31,68,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 TCP 10.8.0.1:51859 <-> 62.109.229.158:443 [proto: 0/Unknown][Stack: Unknown][IP: 141/Webex][ClearText][Confidence: Unknown][FPC: 141/Webex, Confidence: IP address][DPI packets: 3][Breed: Unrated][2 pkts/128 bytes <-> 1 pkts/54 bytes][Goodput ratio: 0/0][1.00 sec][Risk: ** TCP Connection Issues **** Probing Attempt **][Risk Score: 100][Risk Info: TCP probing attempt / Connection refused (client)][TCP Fingerprint: 2_64_14600_8c07a80cc645/Linux][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 TCP 10.133.206.47:54651 <-> 185.63.147.10:443 [proto: 0/Unknown][Stack: Unknown][IP: 0/Unknown][ClearText][Confidence: Unknown][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 3][Breed: Unrated][1 pkts/66 bytes <-> 2 pkts/108 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 4 TCP 10.133.206.47:59447 <-> 107.20.242.44:443 [proto: 0/Unknown][Stack: Unknown][IP: 265/AmazonAWS][ClearText][Confidence: Unknown][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 3][Breed: Unrated][1 pkts/66 bytes <-> 2 pkts/108 bytes][Goodput ratio: 0/0][0.00 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 4 TCP 10.133.206.47:59447 <-> 107.20.242.44:443 [proto: 0/Unknown][Stack: Unknown][IP: 461/AWS_EC2][ClearText][Confidence: Unknown][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 3][Breed: Unrated][1 pkts/66 bytes <-> 2 pkts/108 bytes][Goodput ratio: 0/0][0.00 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/hostname_dns_check/result/netflix.pcap.out b/tests/cfgs/hostname_dns_check/result/netflix.pcap.out
index 2967de4dd..d165734f4 100644
--- a/tests/cfgs/hostname_dns_check/result/netflix.pcap.out
+++ b/tests/cfgs/hostname_dns_check/result/netflix.pcap.out
@@ -50,49 +50,49 @@ JA Host Stats:
1 TCP 192.168.1.7:53171 <-> 23.246.3.140:80 [proto: 7/HTTP][Stack: HTTP][IP: 133/NetFlix][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: IP address][DPI packets: 5][cat: Download/7][Breed: Acceptable][21 pkts/1868 bytes <-> 34 pkts/45139 bytes][Goodput ratio: 19/95][2.09 sec][Hostname/SNI: 23.246.3.140][bytes ratio: -0.921 (Download)][IAT c2s/s2c min/avg/max/stddev: 5/2 70/47 708/633 171/121][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 89/1328 420/1514 75/457][URL: 23.246.3.140/range/0-65535?o=AQEfKq2oMrLRiWL-p-VeIZ6WKRq-X6LMvaLqgxWBCuFbh09MpreORUUOO5Tx1683HPnLY6BPjN_9mlDuYihGZoXu9u0ozH8RFioBN_JDNiRscidjvoSdWmlyZgPNansW0lkBr4X81HvloOi8BS_exVSPhMyJQTB5bg&v=3&e=1484347850&t=-8u4vlcPuFqcOLnLyb9DDtK-bB4&random=357509657][StatusCode: 200][Content-Type: application/octet-stream][Server: nginx][User-Agent: netflix-ios-app][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** Binary File/Data Transfer (Attempt) **][Risk Score: 60][Risk Info: Found binary mime octet-stream / Found host 23.246.3.140][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GET /range/0)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,90,0,0]
2 TCP 192.168.1.7:53148 <-> 184.25.204.25:80 [proto: 7.133/HTTP.NetFlix][Stack: HTTP.NetFlix][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 6][cat: Video/26][Breed: Fun][31 pkts/2893 bytes <-> 32 pkts/44112 bytes][Goodput ratio: 17/95][42.46 sec][Hostname/SNI: art-2.nflximg.net][bytes ratio: -0.877 (Download)][IAT c2s/s2c min/avg/max/stddev: 11/0 425/43 3643/161 850/35][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 93/1378 312/1514 59/421][URL: art-2.nflximg.net/af7a5/362643424e775d0393ddb46e145c2375367af7a5.webp][StatusCode: 200][Content-Type: image/webp][Server: AmazonS3][User-Agent: Argo/9.1.0 (iPhone; iOS 10.2; Scale/2.00)][Risk: ** Unresolved hostname **][Risk Score: 50][Risk Info: art-2.nflximg.net][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GET /af)][Plen Bins: 0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,93,0,0]
3 TCP 192.168.1.7:53163 <-> 23.246.11.145:80 [proto: 7/HTTP][Stack: HTTP][IP: 133/NetFlix][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: IP address][DPI packets: 5][cat: Download/7][Breed: Acceptable][21 pkts/1826 bytes <-> 32 pkts/43179 bytes][Goodput ratio: 19/95][1.58 sec][Hostname/SNI: 23.246.11.145][bytes ratio: -0.919 (Download)][IAT c2s/s2c min/avg/max/stddev: 3/4 53/52 354/582 87/111][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 87/1349 422/1514 75/443][URL: 23.246.11.145/range/0-65535?o=AQEfKq2oMrLRiWL-p-VeIZ6WKRq-X6LMvaLqgxWBCuFbh09MpreORUUOO5Tx1683HPnLY6BPjN_9mlDuYihGZoXu9u0ozH8RFioBN_JDNiRscidjvoSdWmlyZgPNansW0lkBr4X81HvloOi8BS_exVSPhMyJQTB5bg&v=3&e=1484347850&t=5xfYVtna3GdYXL71uNs6DZ-X84Y&random=39307082][StatusCode: 200][Content-Type: application/octet-stream][Server: nginx][User-Agent: netflix-ios-app][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** Binary File/Data Transfer (Attempt) **][Risk Score: 60][Risk Info: Found binary mime octet-stream / Found host 23.246.11.145][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GET /range/0)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,93,0,0]
- 4 TCP 192.168.1.7:53133 <-> 52.89.39.139:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][30 pkts/6328 bytes <-> 39 pkts/37610 bytes][Goodput ratio: 69/93][38.50 sec][Hostname/SNI: api-global.netflix.com][bytes ratio: -0.712 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1640/1232 30390/30443 6288/5475][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 211/964 1514/1514 376/637][Risk: ** TLS (probably) Not Carrying HTTPS **** Unresolved hostname **][Risk Score: 60][Risk Info: api-global.netflix.com / No ALPN][nDPI Fingerprint: 15361284fb021f89cd17f0128d681563][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d190700_b5dc49c6fcca_3304d8368043][ServerNames: api-latam.netflix.com,htmltvui.netflix.com,api-eu.netflix.com,uiboot.netflix.com,api-global.netflix.com,api-user.netflix.com,api-us.netflix.com,api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=api.netflix.com][Certificate SHA-1: FC:5B:F6:86:AE:E5:22:0D:60:0C:C3:DF:8F:02:80:3F:A3:60:0E:3C][Firefox][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 5,5,5,0,2,2,5,0,0,0,0,0,0,0,2,2,0,0,0,2,0,2,0,0,0,0,0,0,0,2,5,0,0,0,0,0,0,0,0,0,0,0,2,0,0,57,0,0]
+ 4 TCP 192.168.1.7:53133 <-> 52.89.39.139:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][30 pkts/6328 bytes <-> 39 pkts/37610 bytes][Goodput ratio: 69/93][38.50 sec][Hostname/SNI: api-global.netflix.com][bytes ratio: -0.712 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1640/1232 30390/30443 6288/5475][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 211/964 1514/1514 376/637][Risk: ** TLS (probably) Not Carrying HTTPS **** Unresolved hostname **][Risk Score: 60][Risk Info: api-global.netflix.com / No ALPN][nDPI Fingerprint: 15361284fb021f89cd17f0128d681563][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d190700_b5dc49c6fcca_3304d8368043][ServerNames: api-latam.netflix.com,htmltvui.netflix.com,api-eu.netflix.com,uiboot.netflix.com,api-global.netflix.com,api-user.netflix.com,api-us.netflix.com,api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=api.netflix.com][Certificate SHA-1: FC:5B:F6:86:AE:E5:22:0D:60:0C:C3:DF:8F:02:80:3F:A3:60:0E:3C][Firefox][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 5,5,5,0,2,2,5,0,0,0,0,0,0,0,2,2,0,0,0,2,0,2,0,0,0,0,0,0,0,2,5,0,0,0,0,0,0,0,0,0,0,0,2,0,0,57,0,0]
5 TCP 192.168.1.7:53252 <-> 184.25.204.10:80 [proto: 7.133/HTTP.NetFlix][Stack: HTTP.NetFlix][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Video/26][Breed: Fun][12 pkts/1221 bytes <-> 29 pkts/41018 bytes][Goodput ratio: 20/95][1.39 sec][Hostname/SNI: art-1.nflximg.net][bytes ratio: -0.942 (Download)][IAT c2s/s2c min/avg/max/stddev: 11/0 28/35 45/81 10/18][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 102/1414 311/1514 64/366][URL: art-1.nflximg.net/8b1fa/eaa1b78cd72ca4dbdcab527691d2fcab37c8b1fa.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: AmazonS3][User-Agent: Argo/9.1.0 (iPhone; iOS 10.2; Scale/2.00)][Risk: ** Unresolved hostname **][Risk Score: 50][Risk Info: art-1.nflximg.net][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GET /8b)][Plen Bins: 0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,96,0,0]
6 TCP 192.168.1.7:53179 <-> 23.246.11.141:80 [proto: 7/HTTP][Stack: HTTP][IP: 133/NetFlix][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: IP address][DPI packets: 5][cat: Download/7][Breed: Acceptable][31 pkts/2596 bytes <-> 29 pkts/37544 bytes][Goodput ratio: 14/95][7.33 sec][Hostname/SNI: 23.246.11.141][bytes ratio: -0.871 (Download)][IAT c2s/s2c min/avg/max/stddev: 2/0 267/77 1392/465 372/115][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 84/1295 424/1514 63/489][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJJiXLBugGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThpPflHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=JqTg0NiANIn4-aRwn3uKtWdoQ7M&random=114897][StatusCode: 200][Content-Type: application/octet-stream][Server: nginx][User-Agent: netflix-ios-app][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** Binary File/Data Transfer (Attempt) **][Risk Score: 60][Risk Info: Found binary mime octet-stream / Found host 23.246.11.141][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (czGET /range/0)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,89,0,0]
7 TCP 192.168.1.7:53251 <-> 184.25.204.10:80 [proto: 7.133/HTTP.NetFlix][Stack: HTTP.NetFlix][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Video/26][Breed: Fun][16 pkts/1558 bytes <-> 25 pkts/33413 bytes][Goodput ratio: 31/95][2.07 sec][Hostname/SNI: art-1.nflximg.net][bytes ratio: -0.911 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 166/94 1389/1416 394/300][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 97/1337 311/1514 81/428][URL: art-1.nflximg.net/4e36d/6289889020d6cc6dfb3038c35564a41e1ca4e36d.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: AmazonS3][User-Agent: Argo/9.1.0 (iPhone; iOS 10.2; Scale/2.00)][Risk: ** Unresolved hostname **][Risk Score: 50][Risk Info: art-1.nflximg.net][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GET /4e)][Plen Bins: 0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,4,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,84,0,0]
- 8 TCP 192.168.1.7:53151 <-> 54.201.191.132:80 [proto: 7.133/HTTP.NetFlix][Stack: HTTP.NetFlix][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 10][cat: Video/26][Breed: Fun][15 pkts/3626 bytes <-> 26 pkts/29544 bytes][Goodput ratio: 72/94][31.31 sec][Hostname/SNI: appboot.netflix.com][bytes ratio: -0.781 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3092/21 30728/135 9212/28][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 242/1136 1514/1514 405/584][URL: appboot.netflix.com/appboot/NFAPPL-02-][StatusCode: 200][Req Content-Type: application/x-www-form-urlencoded][Content-Type: application/x-msl+json][Server: appboot-:7001 i-0b273b4c40f4e78a3][User-Agent: Argo/900 CFNetwork/808.2.16 Darwin/16.3.0][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (POST /appboot/NFAPPL)][Plen Bins: 0,0,0,0,0,0,0,0,0,4,4,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,4,0,0,0,4,0,0,0,0,0,0,0,4,0,0,0,0,0,0,75,0,0]
+ 8 TCP 192.168.1.7:53151 <-> 54.201.191.132:80 [proto: 7.133/HTTP.NetFlix][Stack: HTTP.NetFlix][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 10][cat: Video/26][Breed: Fun][15 pkts/3626 bytes <-> 26 pkts/29544 bytes][Goodput ratio: 72/94][31.31 sec][Hostname/SNI: appboot.netflix.com][bytes ratio: -0.781 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3092/21 30728/135 9212/28][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 242/1136 1514/1514 405/584][URL: appboot.netflix.com/appboot/NFAPPL-02-][StatusCode: 200][Req Content-Type: application/x-www-form-urlencoded][Content-Type: application/x-msl+json][Server: appboot-:7001 i-0b273b4c40f4e78a3][User-Agent: Argo/900 CFNetwork/808.2.16 Darwin/16.3.0][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (POST /appboot/NFAPPL)][Plen Bins: 0,0,0,0,0,0,0,0,0,4,4,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,4,0,0,0,4,0,0,0,0,0,0,0,4,0,0,0,0,0,0,75,0,0]
9 TCP 192.168.1.7:53182 <-> 23.246.11.141:80 [proto: 7/HTTP][Stack: HTTP][IP: 133/NetFlix][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: IP address][DPI packets: 5][cat: Download/7][Breed: Acceptable][33 pkts/2732 bytes <-> 25 pkts/30064 bytes][Goodput ratio: 13/94][7.16 sec][Hostname/SNI: 23.246.11.141][bytes ratio: -0.833 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 254/199 1162/1131 295/282][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 83/1203 424/1514 61/564][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJZ2VKhqgGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzTho_flHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=LQ7LyXSnZaXKEHAHaRRHk-S7dKE&random=420981][StatusCode: 200][Content-Type: application/octet-stream][Server: nginx][User-Agent: netflix-ios-app][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** Binary File/Data Transfer (Attempt) **][Risk Score: 60][Risk Info: Found binary mime octet-stream / Found host 23.246.11.141][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GET /range/0)][Plen Bins: 4,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,83,0,0]
10 TCP 192.168.1.7:53173 <-> 23.246.11.133:80 [proto: 7/HTTP][Stack: HTTP][IP: 133/NetFlix][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: IP address][DPI packets: 5][cat: Download/7][Breed: Acceptable][24 pkts/2041 bytes <-> 25 pkts/30064 bytes][Goodput ratio: 17/94][5.93 sec][Hostname/SNI: 23.246.11.133][bytes ratio: -0.873 (Download)][IAT c2s/s2c min/avg/max/stddev: 4/4 245/165 985/775 248/180][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 85/1203 423/1514 71/564][URL: 23.246.11.133/range/0-65535?o=AQEfKq2oMrLRiWL1ouVaJZ2bLBChGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_ngHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=SixKQmLLJNvShj-pfML-2h4QaqQ&random=727666][StatusCode: 200][Content-Type: application/octet-stream][Server: nginx][User-Agent: netflix-ios-app][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** Binary File/Data Transfer (Attempt) **][Risk Score: 60][Risk Info: Found binary mime octet-stream / Found host 23.246.11.133][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GET /range/0)][Plen Bins: 4,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,83,0,0]
11 TCP 192.168.1.7:53175 <-> 23.246.11.141:80 [proto: 7/HTTP][Stack: HTTP][IP: 133/NetFlix][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: IP address][DPI packets: 5][cat: Download/7][Breed: Acceptable][31 pkts/2571 bytes <-> 22 pkts/28042 bytes][Goodput ratio: 14/95][7.15 sec][Hostname/SNI: 23.246.11.141][bytes ratio: -0.832 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/4 265/326 1355/1382 337/387][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 83/1275 423/1514 62/517][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJJ2TLhuiGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThpP7lHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=Dh278u2UpApOCGUj5RxV8azNWX8&random=323765][StatusCode: 200][Content-Type: application/octet-stream][Server: nginx][User-Agent: netflix-ios-app][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** Binary File/Data Transfer (Attempt) **][Risk Score: 60][Risk Info: Found binary mime octet-stream / Found host 23.246.11.141][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GET /range/0)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,90,0,0]
- 12 TCP 192.168.1.7:53239 <-> 52.41.30.5:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][22 pkts/6384 bytes <-> 26 pkts/23277 bytes][Goodput ratio: 77/93][1.73 sec][Hostname/SNI: api-global.netflix.com][(Advertised) ALPNs: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: -0.570 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 48/42 437/291 101/61][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 290/895 1514/1514 442/626][Risk: ** Unresolved hostname **][Risk Score: 50][Risk Info: api-global.netflix.com][nDPI Fingerprint: c09146840233f2d01024016e84e44fa3][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d1910h2_b5dc49c6fcca_f44caba5725b][ServerNames: api-latam.netflix.com,htmltvui.netflix.com,api-eu.netflix.com,uiboot.netflix.com,api-global.netflix.com,api-user.netflix.com,api-us.netflix.com,api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=api.netflix.com][Certificate SHA-1: FC:5B:F6:86:AE:E5:22:0D:60:0C:C3:DF:8F:02:80:3F:A3:60:0E:3C][Firefox][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 3,10,3,0,0,0,3,0,0,0,0,0,3,6,0,0,3,0,0,3,0,3,0,3,0,0,0,0,0,0,3,0,3,0,0,0,0,0,0,0,0,0,0,3,0,47,0,0]
+ 12 TCP 192.168.1.7:53239 <-> 52.41.30.5:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][22 pkts/6384 bytes <-> 26 pkts/23277 bytes][Goodput ratio: 77/93][1.73 sec][Hostname/SNI: api-global.netflix.com][(Advertised) ALPNs: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: -0.570 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 48/42 437/291 101/61][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 290/895 1514/1514 442/626][Risk: ** Unresolved hostname **][Risk Score: 50][Risk Info: api-global.netflix.com][nDPI Fingerprint: c09146840233f2d01024016e84e44fa3][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d1910h2_b5dc49c6fcca_f44caba5725b][ServerNames: api-latam.netflix.com,htmltvui.netflix.com,api-eu.netflix.com,uiboot.netflix.com,api-global.netflix.com,api-user.netflix.com,api-us.netflix.com,api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=api.netflix.com][Certificate SHA-1: FC:5B:F6:86:AE:E5:22:0D:60:0C:C3:DF:8F:02:80:3F:A3:60:0E:3C][Firefox][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 3,10,3,0,0,0,3,0,0,0,0,0,3,6,0,0,3,0,0,3,0,3,0,3,0,0,0,0,0,0,3,0,3,0,0,0,0,0,0,0,0,0,0,3,0,47,0,0]
13 TCP 192.168.1.7:53177 <-> 23.246.11.141:80 [proto: 7/HTTP][Stack: HTTP][IP: 133/NetFlix][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: IP address][DPI packets: 5][cat: Download/7][Breed: Acceptable][32 pkts/2572 bytes <-> 23 pkts/26661 bytes][Goodput ratio: 14/94][7.05 sec][Hostname/SNI: 23.246.11.141][bytes ratio: -0.824 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 248/271 635/1046 213/317][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 80/1159 426/1514 62/603][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQIpyTIBGjGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_biCFrUjHWqh5ipQCtzf4OVWQ&v=3&e=1484347850&t=8Z78vL2i9OzihCA3M1LinMYcMY4&random=2386][StatusCode: 200][Content-Type: application/octet-stream][Server: nginx][User-Agent: netflix-ios-app][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** Binary File/Data Transfer (Attempt) **][Risk Score: 60][Risk Info: Found binary mime octet-stream / Found host 23.246.11.141][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (fGET /range/0)][Plen Bins: 0,5,0,0,0,0,0,0,0,0,0,5,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,80,0,0]
14 TCP 192.168.1.7:53176 <-> 23.246.11.141:80 [proto: 7/HTTP][Stack: HTTP][IP: 133/NetFlix][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: IP address][DPI packets: 5][cat: Download/7][Breed: Acceptable][36 pkts/3030 bytes <-> 21 pkts/25455 bytes][Goodput ratio: 12/95][8.05 sec][Hostname/SNI: 23.246.11.141][bytes ratio: -0.787 (Download)][IAT c2s/s2c min/avg/max/stddev: 5/4 258/237 1250/1203 331/381][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 84/1212 424/1514 58/551][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJJqTIRqhGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_vlHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=TnP59JB1wb5UTOCr0m-KQU2kGPo&random=413473][StatusCode: 200][Content-Type: application/octet-stream][Server: nginx][User-Agent: netflix-ios-app][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** Binary File/Data Transfer (Attempt) **][Risk Score: 60][Risk Info: Found binary mime octet-stream / Found host 23.246.11.141][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GET /range/0)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,84,0,0]
15 TCP 192.168.1.7:53180 <-> 23.246.11.141:80 [proto: 7/HTTP][Stack: HTTP][IP: 133/NetFlix][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: IP address][DPI packets: 5][cat: Download/7][Breed: Acceptable][34 pkts/2864 bytes <-> 21 pkts/25456 bytes][Goodput ratio: 13/95][5.76 sec][Hostname/SNI: 23.246.11.141][bytes ratio: -0.798 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 168/223 1162/1317 246/337][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 84/1212 426/1514 60/551][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJ5yTLBCkGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_3mCFrUjHWqh5ipQCtzf4OVWQ&v=3&e=1484347850&t=r5jtnnEcR8hDCkPImfEiWqWAjKk&random=1846][StatusCode: 200][Content-Type: application/octet-stream][Server: nginx][User-Agent: netflix-ios-app][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** Binary File/Data Transfer (Attempt) **][Risk Score: 60][Risk Info: Found binary mime octet-stream / Found host 23.246.11.141][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GET /range/0)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,84,0,0]
16 TCP 192.168.1.7:53178 <-> 23.246.11.141:80 [proto: 7/HTTP][Stack: HTTP][IP: 133/NetFlix][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: IP address][DPI packets: 5][cat: Download/7][Breed: Acceptable][30 pkts/2553 bytes <-> 22 pkts/25510 bytes][Goodput ratio: 14/94][7.56 sec][Hostname/SNI: 23.246.11.141][bytes ratio: -0.818 (Download)][IAT c2s/s2c min/avg/max/stddev: 3/4 298/146 1317/530 354/131][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 85/1160 423/1514 63/590][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJJmULRajGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThpfblHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=zezrDJDQvgO2TiYC1dT3imH4QC8&random=169467][StatusCode: 200][Content-Type: application/octet-stream][Server: nginx][User-Agent: netflix-ios-app][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** Binary File/Data Transfer (Attempt) **][Risk Score: 60][Risk Info: Found binary mime octet-stream / Found host 23.246.11.141][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GET /range/0)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,84,0,0]
- 17 TCP 192.168.1.7:53203 <-> 52.37.36.252:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][28 pkts/22704 bytes <-> 17 pkts/5248 bytes][Goodput ratio: 92/78][32.21 sec][Hostname/SNI: ichnaea.netflix.com][(Advertised) ALPNs: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: 0.624 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 48/84 332/331 94/95][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 811/309 1514/1514 700/493][Risk: ** Unresolved hostname **][Risk Score: 50][Risk Info: ichnaea.netflix.com][nDPI Fingerprint: 4622f42680948581d3f684ed1e8246dd][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d1909h2_b5dc49c6fcca_2cdefc264be7][ServerNames: ichnaea.netflix.com,beacon.netflix.com,presentationtracking.netflix.com,nmtracking.netflix.com,customerevents.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=customerevents.netflix.com][Certificate SHA-1: 50:D6:DB:AF:1D:A3:83:52:E6:0E:15:8F:98:78:EE:2F:23:FD:E2:3F][Firefox][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 8,8,4,0,0,4,0,4,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,60,0,0]
- 18 TCP 192.168.1.7:53249 <-> 52.41.30.5:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 6][cat: Video/26][Breed: Fun][25 pkts/5934 bytes <-> 27 pkts/19952 bytes][Goodput ratio: 72/91][0.86 sec][Hostname/SNI: api-global.netflix.com][bytes ratio: -0.542 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 31/33 266/316 64/70][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 237/739 1514/1514 407/542][Risk: ** TLS (probably) Not Carrying HTTPS **** Unresolved hostname **][Risk Score: 60][Risk Info: api-global.netflix.com / No ALPN][nDPI Fingerprint: 15361284fb021f89cd17f0128d681563][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d190700_b5dc49c6fcca_3304d8368043][JA3S: 303951d4c50efb2e991652225a6f02b1][Firefox][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 3,3,0,0,3,3,3,0,0,0,0,3,0,3,3,7,0,0,7,7,3,3,0,3,0,0,0,0,0,3,0,0,0,0,0,0,0,0,3,0,0,3,0,0,0,30,0,0]
+ 17 TCP 192.168.1.7:53203 <-> 52.37.36.252:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][28 pkts/22704 bytes <-> 17 pkts/5248 bytes][Goodput ratio: 92/78][32.21 sec][Hostname/SNI: ichnaea.netflix.com][(Advertised) ALPNs: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: 0.624 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 48/84 332/331 94/95][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 811/309 1514/1514 700/493][Risk: ** Unresolved hostname **][Risk Score: 50][Risk Info: ichnaea.netflix.com][nDPI Fingerprint: 4622f42680948581d3f684ed1e8246dd][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d1909h2_b5dc49c6fcca_2cdefc264be7][ServerNames: ichnaea.netflix.com,beacon.netflix.com,presentationtracking.netflix.com,nmtracking.netflix.com,customerevents.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=customerevents.netflix.com][Certificate SHA-1: 50:D6:DB:AF:1D:A3:83:52:E6:0E:15:8F:98:78:EE:2F:23:FD:E2:3F][Firefox][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 8,8,4,0,0,4,0,4,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,60,0,0]
+ 18 TCP 192.168.1.7:53249 <-> 52.41.30.5:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 6][cat: Video/26][Breed: Fun][25 pkts/5934 bytes <-> 27 pkts/19952 bytes][Goodput ratio: 72/91][0.86 sec][Hostname/SNI: api-global.netflix.com][bytes ratio: -0.542 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 31/33 266/316 64/70][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 237/739 1514/1514 407/542][Risk: ** TLS (probably) Not Carrying HTTPS **** Unresolved hostname **][Risk Score: 60][Risk Info: api-global.netflix.com / No ALPN][nDPI Fingerprint: 15361284fb021f89cd17f0128d681563][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d190700_b5dc49c6fcca_3304d8368043][JA3S: 303951d4c50efb2e991652225a6f02b1][Firefox][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 3,3,0,0,3,3,3,0,0,0,0,3,0,3,3,7,0,0,7,7,3,3,0,3,0,0,0,0,0,3,0,0,0,0,0,0,0,0,3,0,0,3,0,0,0,30,0,0]
19 TCP 192.168.1.7:53174 <-> 23.246.11.141:80 [proto: 7/HTTP][Stack: HTTP][IP: 133/NetFlix][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: IP address][DPI packets: 5][cat: Download/7][Breed: Acceptable][35 pkts/2920 bytes <-> 19 pkts/22428 bytes][Goodput ratio: 12/94][7.38 sec][Hostname/SNI: 23.246.11.141][bytes ratio: -0.770 (Download)][IAT c2s/s2c min/avg/max/stddev: 5/0 222/250 636/1132 227/337][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 83/1180 424/1514 59/570][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJpmQIRekGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThrvnlHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=mQfOf90-RY2Gd2ii20KJpCcYQVk&random=134564][StatusCode: 200][Content-Type: application/octet-stream][Server: nginx][User-Agent: netflix-ios-app][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** Binary File/Data Transfer (Attempt) **][Risk Score: 60][Risk Info: Found binary mime octet-stream / Found host 23.246.11.141][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GET /range/0)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,83,0,0]
20 TCP 192.168.1.7:53181 <-> 23.246.11.141:80 [proto: 7/HTTP][Stack: HTTP][IP: 133/NetFlix][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: IP address][DPI packets: 5][cat: Download/7][Breed: Acceptable][34 pkts/2879 bytes <-> 20 pkts/22373 bytes][Goodput ratio: 12/94][8.26 sec][Hostname/SNI: 23.246.11.141][bytes ratio: -0.772 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 238/289 1152/1208 301/406][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 85/1119 425/1514 60/614][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQLJ2TIBepGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThpPbiCFrUjHWqh5ipQCtzf4OVWQ&v=3&e=1484347850&t=tTXu3c6FnJtfi6z0IJp3hw8eDv8&random=1294][StatusCode: 200][Content-Type: application/octet-stream][Server: nginx][User-Agent: netflix-ios-app][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** Binary File/Data Transfer (Attempt) **][Risk Score: 60][Risk Info: Found binary mime octet-stream / Found host 23.246.11.141][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GET /range/0)][Plen Bins: 0,0,0,0,0,0,0,0,5,0,0,5,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,84,0,0]
21 TCP 192.168.1.7:53217 <-> 23.246.11.141:80 [proto: 7/HTTP][Stack: HTTP][IP: 133/NetFlix][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: IP address][DPI packets: 5][cat: Download/7][Breed: Acceptable][12 pkts/1831 bytes <-> 18 pkts/23224 bytes][Goodput ratio: 56/95][0.40 sec][Hostname/SNI: 23.246.11.141][bytes ratio: -0.854 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 13/22 30/71 10/19][Pkt Len c2s/s2c min/avg/max/stddev: 66/74 153/1290 584/1514 191/435][URL: 23.246.11.141/?o=AQEfKq2oMrLRiWL2puNQJJ2TLhuiGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThpP7lHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=Dh278u2UpApOCGUj5RxV8azNWX8][StatusCode: 206][Content-Type: application/octet-stream][Server: nginx][User-Agent: AppleCoreMedia/1.0.0.14C92 (iPhone; U; CPU OS 10_2 like Mac OS X; en_us)][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** Binary File/Data Transfer (Attempt) **][Risk Score: 60][Risk Info: Found binary mime octet-stream / Found host 23.246.11.141][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (oMrLRiWL2)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,5,5,5,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,74,0,0]
22 TCP 192.168.1.7:53172 <-> 23.246.11.133:80 [proto: 7/HTTP][Stack: HTTP][IP: 133/NetFlix][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: IP address][DPI packets: 5][cat: Download/7][Breed: Acceptable][30 pkts/2610 bytes <-> 20 pkts/22422 bytes][Goodput ratio: 14/94][7.09 sec][Hostname/SNI: 23.246.11.133][bytes ratio: -0.791 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 255/290 811/1178 267/325][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 87/1121 424/1514 63/611][URL: 23.246.11.133/range/0-65535?o=AQEfKq2oMrLRiWL1ouVaJpeQLBWjGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_7lHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=JfEef80K02ynIjLLoi-HZB1uQ10&random=247333][StatusCode: 200][Content-Type: application/octet-stream][Server: nginx][User-Agent: netflix-ios-app][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** Binary File/Data Transfer (Attempt) **][Risk Score: 60][Risk Info: Found binary mime octet-stream / Found host 23.246.11.133][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GET /range/0)][Plen Bins: 0,0,0,0,0,0,0,0,0,5,0,5,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,84,0,0]
23 TCP 192.168.1.7:53183 <-> 23.246.3.140:80 [proto: 7/HTTP][Stack: HTTP][IP: 133/NetFlix][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: IP address][DPI packets: 5][cat: Download/7][Breed: Acceptable][17 pkts/2227 bytes <-> 16 pkts/20481 bytes][Goodput ratio: 46/95][2.05 sec][Hostname/SNI: 23.246.3.140][bytes ratio: -0.804 (Download)][IAT c2s/s2c min/avg/max/stddev: 6/5 143/82 730/279 218/83][Pkt Len c2s/s2c min/avg/max/stddev: 66/74 131/1280 578/1514 162/436][URL: 23.246.3.140/?o=AQEfKq2oMrLRiWL-p-VeIZ6WKRq-X6LMvaLqgxWBCuFbh09MpreORUUOO5Tx1683HPnLY6BPjN_9mlDuYihGZoXu9u0ozH8RFioBN_JDNiRscidjvoSdWmlyZgPNansW0lkBr4X81HvloOi8BS_exVSPhMyJQTB5bg&v=3&e=1484347850&t=-8u4vlcPuFqcOLnLyb9DDtK-bB4][StatusCode: 206][Content-Type: application/octet-stream][Server: nginx][User-Agent: AppleCoreMedia/1.0.0.14C92 (iPhone; U; CPU OS 10_2 like Mac OS X; en_us)][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** Binary File/Data Transfer (Attempt) **][Risk Score: 60][Risk Info: Found binary mime octet-stream / Found host 23.246.3.140][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (oMrLRiWL)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,5,5,5,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,73,0,0]
- 24 TCP 192.168.1.7:53202 <-> 54.191.17.51:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][22 pkts/10686 bytes <-> 16 pkts/7850 bytes][Goodput ratio: 86/86][0.92 sec][Hostname/SNI: ios.nccp.netflix.com][bytes ratio: 0.153 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 46/54 282/127 72/35][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 486/491 1514/1514 603/610][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: d13b20842ba6aba0b08d1d9b953b074e][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d910600_383454ac02f4_8587f467d9ea][ServerNames: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: CN=Primary Certificate Authority (2009), ST=California, C=US, O=Netflix Inc, OU=Electronic Delivery, L=Los Gatos][Subject: CN=*.nccp.netflix.com, O=Netflix, Inc., OU=Operations, C=US, ST=California, L=Los Gatos][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Firefox][Validity: 2001-01-17 20:32:09 - 2018-03-24 20:32:09][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 10,15,0,5,0,0,0,0,0,0,5,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,5,0,0,0,5,0,0,0,0,0,0,5,37,0,0]
+ 24 TCP 192.168.1.7:53202 <-> 54.191.17.51:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][22 pkts/10686 bytes <-> 16 pkts/7850 bytes][Goodput ratio: 86/86][0.92 sec][Hostname/SNI: ios.nccp.netflix.com][bytes ratio: 0.153 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 46/54 282/127 72/35][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 486/491 1514/1514 603/610][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: d13b20842ba6aba0b08d1d9b953b074e][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d910600_383454ac02f4_8587f467d9ea][ServerNames: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: CN=Primary Certificate Authority (2009), ST=California, C=US, O=Netflix Inc, OU=Electronic Delivery, L=Los Gatos][Subject: CN=*.nccp.netflix.com, O=Netflix, Inc., OU=Operations, C=US, ST=California, L=Los Gatos][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Firefox][Validity: 2001-01-17 20:32:09 - 2018-03-24 20:32:09][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 10,15,0,5,0,0,0,0,0,0,5,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,5,0,0,0,5,0,0,0,0,0,0,5,37,0,0]
25 TCP 192.168.1.7:53153 <-> 184.25.204.24:80 [proto: 7.133/HTTP.NetFlix][Stack: HTTP.NetFlix][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Video/26][Breed: Fun][6 pkts/636 bytes <-> 13 pkts/16794 bytes][Goodput ratio: 34/95][0.87 sec][Hostname/SNI: tp.akam.nflximg.com][bytes ratio: -0.927 (Download)][IAT c2s/s2c min/avg/max/stddev: 2/27 41/71 80/192 29/49][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 106/1292 282/1514 79/521][URL: tp.akam.nflximg.com/tpa3/616/2041779616.bif][StatusCode: 200][Content-Type: text/plain][Server: Apache][User-Agent: Argo/900 CFNetwork/808.2.16 Darwin/16.3.0][Risk: ** HTTP Susp Content **** Unresolved hostname **][Risk Score: 150][Risk Info: tp.akam.nflximg.com / Susp content 89424946][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GET /tpa3/616/2041779616.bif HT)][Plen Bins: 0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,91,0,0]
- 26 TCP 192.168.1.7:53152 <-> 52.89.39.139:80 [proto: 7.133/HTTP.NetFlix][Stack: HTTP.NetFlix][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 12][cat: Video/26][Breed: Fun][14 pkts/10001 bytes <-> 13 pkts/6504 bytes][Goodput ratio: 91/87][31.72 sec][Hostname/SNI: api-global.netflix.com][bytes ratio: 0.212 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/5 2877/42 31088/123 8921/33][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 714/500 1514/1514 676/651][URL: api-global.netflix.com/msl/nrdjs/2.1.2][Req Content-Type: application/x-www-form-urlencoded][User-Agent: Argo/900 CFNetwork/808.2.16 Darwin/16.3.0][Risk: ** Unresolved hostname **][Risk Score: 50][Risk Info: api-global.netflix.com][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (POST /msl/nrdjs/2.1.2 HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9,0,0,0,9,0,0,0,0,72,0,0]
- 27 TCP 192.168.1.7:53162 <-> 54.191.17.51:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][18 pkts/5661 bytes <-> 13 pkts/9059 bytes][Goodput ratio: 79/90][1.01 sec][Hostname/SNI: ios.nccp.netflix.com][bytes ratio: -0.231 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 65/96 322/423 89/121][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 314/697 1514/1514 477/667][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: d13b20842ba6aba0b08d1d9b953b074e][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d910600_383454ac02f4_8587f467d9ea][ServerNames: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: CN=Primary Certificate Authority (2009), ST=California, C=US, O=Netflix Inc, OU=Electronic Delivery, L=Los Gatos][Subject: CN=*.nccp.netflix.com, O=Netflix, Inc., OU=Operations, C=US, ST=California, L=Los Gatos][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Firefox][Validity: 2001-01-17 20:32:09 - 2018-03-24 20:32:09][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 13,13,0,6,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,6,0,0,0,6,0,0,0,0,6,0,0,34,0,0]
- 28 TCP 192.168.1.7:53132 <-> 52.89.39.139:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][22 pkts/6028 bytes <-> 18 pkts/7459 bytes][Goodput ratio: 76/84][38.49 sec][Hostname/SNI: api-global.netflix.com][bytes ratio: -0.106 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2129/2946 30585/30636 7105/8237][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 274/414 1514/1514 437/546][Risk: ** TLS (probably) Not Carrying HTTPS **** Unresolved hostname **][Risk Score: 60][Risk Info: api-global.netflix.com / No ALPN][nDPI Fingerprint: 15361284fb021f89cd17f0128d681563][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d190700_b5dc49c6fcca_3304d8368043][ServerNames: api-latam.netflix.com,htmltvui.netflix.com,api-eu.netflix.com,uiboot.netflix.com,api-global.netflix.com,api-user.netflix.com,api-us.netflix.com,api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=api.netflix.com][Certificate SHA-1: FC:5B:F6:86:AE:E5:22:0D:60:0C:C3:DF:8F:02:80:3F:A3:60:0E:3C][Firefox][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 10,21,5,0,5,0,10,0,0,0,0,0,0,5,0,0,0,0,0,5,0,0,0,5,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,26,0,0]
+ 26 TCP 192.168.1.7:53152 <-> 52.89.39.139:80 [proto: 7.133/HTTP.NetFlix][Stack: HTTP.NetFlix][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 12][cat: Video/26][Breed: Fun][14 pkts/10001 bytes <-> 13 pkts/6504 bytes][Goodput ratio: 91/87][31.72 sec][Hostname/SNI: api-global.netflix.com][bytes ratio: 0.212 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/5 2877/42 31088/123 8921/33][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 714/500 1514/1514 676/651][URL: api-global.netflix.com/msl/nrdjs/2.1.2][Req Content-Type: application/x-www-form-urlencoded][User-Agent: Argo/900 CFNetwork/808.2.16 Darwin/16.3.0][Risk: ** Unresolved hostname **][Risk Score: 50][Risk Info: api-global.netflix.com][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (POST /msl/nrdjs/2.1.2 HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9,0,0,0,9,0,0,0,0,72,0,0]
+ 27 TCP 192.168.1.7:53162 <-> 54.191.17.51:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][18 pkts/5661 bytes <-> 13 pkts/9059 bytes][Goodput ratio: 79/90][1.01 sec][Hostname/SNI: ios.nccp.netflix.com][bytes ratio: -0.231 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 65/96 322/423 89/121][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 314/697 1514/1514 477/667][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: d13b20842ba6aba0b08d1d9b953b074e][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d910600_383454ac02f4_8587f467d9ea][ServerNames: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: CN=Primary Certificate Authority (2009), ST=California, C=US, O=Netflix Inc, OU=Electronic Delivery, L=Los Gatos][Subject: CN=*.nccp.netflix.com, O=Netflix, Inc., OU=Operations, C=US, ST=California, L=Los Gatos][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Firefox][Validity: 2001-01-17 20:32:09 - 2018-03-24 20:32:09][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 13,13,0,6,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,6,0,0,0,6,0,0,0,0,6,0,0,34,0,0]
+ 28 TCP 192.168.1.7:53132 <-> 52.89.39.139:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][22 pkts/6028 bytes <-> 18 pkts/7459 bytes][Goodput ratio: 76/84][38.49 sec][Hostname/SNI: api-global.netflix.com][bytes ratio: -0.106 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2129/2946 30585/30636 7105/8237][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 274/414 1514/1514 437/546][Risk: ** TLS (probably) Not Carrying HTTPS **** Unresolved hostname **][Risk Score: 60][Risk Info: api-global.netflix.com / No ALPN][nDPI Fingerprint: 15361284fb021f89cd17f0128d681563][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d190700_b5dc49c6fcca_3304d8368043][ServerNames: api-latam.netflix.com,htmltvui.netflix.com,api-eu.netflix.com,uiboot.netflix.com,api-global.netflix.com,api-user.netflix.com,api-us.netflix.com,api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=api.netflix.com][Certificate SHA-1: FC:5B:F6:86:AE:E5:22:0D:60:0C:C3:DF:8F:02:80:3F:A3:60:0E:3C][Firefox][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 10,21,5,0,5,0,10,0,0,0,0,0,0,5,0,0,0,0,0,5,0,0,0,5,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,26,0,0]
29 TCP 192.168.1.7:53150 <-> 184.25.204.25:80 [proto: 7.133/HTTP.NetFlix][Stack: HTTP.NetFlix][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 6][cat: Video/26][Breed: Fun][10 pkts/941 bytes <-> 11 pkts/12318 bytes][Goodput ratio: 26/94][32.06 sec][Hostname/SNI: art-2.nflximg.net][bytes ratio: -0.858 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 4565/34 30963/63 10780/17][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 94/1120 311/1514 72/644][URL: art-2.nflximg.net/87b33/bed1223a0040fdc97bac4e906332e462c6e87b33.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: AmazonS3][User-Agent: Argo/9.1.0 (iPhone; iOS 10.2; Scale/2.00)][Risk: ** Unresolved hostname **][Risk Score: 50][Risk Info: art-2.nflximg.net][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GET /87)][Plen Bins: 0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,88,0,0]
30 TCP 192.168.1.7:53149 <-> 184.25.204.25:80 [proto: 7.133/HTTP.NetFlix][Stack: HTTP.NetFlix][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 6][cat: Video/26][Breed: Fun][6 pkts/653 bytes <-> 10 pkts/12252 bytes][Goodput ratio: 37/95][0.33 sec][Hostname/SNI: art-2.nflximg.net][bytes ratio: -0.899 (Download)][IAT c2s/s2c min/avg/max/stddev: 6/13 43/34 101/70 35/18][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 109/1225 311/1514 91/578][URL: art-2.nflximg.net/5758c/bb636e44b87ef854c331ed7b7b6e157e4945758c.jpg][StatusCode: 200][Content-Type: image/jpeg][Server: AmazonS3][User-Agent: Argo/9.1.0 (iPhone; iOS 10.2; Scale/2.00)][Risk: ** Unresolved hostname **][Risk Score: 50][Risk Info: art-2.nflximg.net][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GET /5758)][Plen Bins: 0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,88,0,0]
- 31 TCP 192.168.1.7:53119 <-> 54.69.204.241:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][20 pkts/7639 bytes <-> 16 pkts/5235 bytes][Goodput ratio: 83/80][30.85 sec][Hostname/SNI: ichnaea.netflix.com][(Advertised) ALPNs: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: 0.187 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1923/16 30431/72 7361/24][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 382/327 1514/1514 559/501][Risk: ** Unresolved hostname **][Risk Score: 50][Risk Info: ichnaea.netflix.com][nDPI Fingerprint: 4622f42680948581d3f684ed1e8246dd][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d1909h2_b5dc49c6fcca_2cdefc264be7][ServerNames: ichnaea.netflix.com,beacon.netflix.com,presentationtracking.netflix.com,nmtracking.netflix.com,customerevents.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=customerevents.netflix.com][Certificate SHA-1: 50:D6:DB:AF:1D:A3:83:52:E6:0E:15:8F:98:78:EE:2F:23:FD:E2:3F][Firefox][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 11,24,5,0,0,5,0,5,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,31,0,0]
+ 31 TCP 192.168.1.7:53119 <-> 54.69.204.241:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][20 pkts/7639 bytes <-> 16 pkts/5235 bytes][Goodput ratio: 83/80][30.85 sec][Hostname/SNI: ichnaea.netflix.com][(Advertised) ALPNs: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: 0.187 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1923/16 30431/72 7361/24][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 382/327 1514/1514 559/501][Risk: ** Unresolved hostname **][Risk Score: 50][Risk Info: ichnaea.netflix.com][nDPI Fingerprint: 4622f42680948581d3f684ed1e8246dd][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d1909h2_b5dc49c6fcca_2cdefc264be7][ServerNames: ichnaea.netflix.com,beacon.netflix.com,presentationtracking.netflix.com,nmtracking.netflix.com,customerevents.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=customerevents.netflix.com][Certificate SHA-1: 50:D6:DB:AF:1D:A3:83:52:E6:0E:15:8F:98:78:EE:2F:23:FD:E2:3F][Firefox][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 11,24,5,0,0,5,0,5,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,31,0,0]
32 TCP 192.168.1.7:53184 <-> 23.246.11.141:80 [proto: 7/HTTP][Stack: HTTP][IP: 133/NetFlix][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: IP address][DPI packets: 5][cat: Download/7][Breed: Acceptable][9 pkts/1658 bytes <-> 10 pkts/11113 bytes][Goodput ratio: 62/94][0.68 sec][Hostname/SNI: 23.246.11.141][bytes ratio: -0.740 (Download)][IAT c2s/s2c min/avg/max/stddev: 2/5 73/76 356/206 117/70][Pkt Len c2s/s2c min/avg/max/stddev: 66/74 184/1111 581/1514 211/518][URL: 23.246.11.141/?o=AQEfKq2oMrLRiWL2puNQJJqTIRqhGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_vlHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=TnP59JB1wb5UTOCr0m-KQU2kGPo][StatusCode: 206][Content-Type: application/octet-stream][Server: nginx][User-Agent: AppleCoreMedia/1.0.0.14C92 (iPhone; U; CPU OS 10_2 like Mac OS X; en_us)][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** Binary File/Data Transfer (Attempt) **][Risk Score: 60][Risk Info: Found binary mime octet-stream / Found host 23.246.11.141][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (oMrLRiWL2)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9,9,9,9,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,54,0,0]
- 33 TCP 192.168.1.7:53118 <-> 54.69.204.241:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][19 pkts/7588 bytes <-> 15 pkts/5140 bytes][Goodput ratio: 83/81][30.38 sec][Hostname/SNI: ichnaea.netflix.com][(Advertised) ALPNs: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: 0.192 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2017/14 30033/55 7488/20][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 399/343 1514/1514 569/514][Risk: ** Unresolved hostname **][Risk Score: 50][Risk Info: ichnaea.netflix.com][nDPI Fingerprint: 4622f42680948581d3f684ed1e8246dd][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d1909h2_b5dc49c6fcca_2cdefc264be7][ServerNames: ichnaea.netflix.com,beacon.netflix.com,presentationtracking.netflix.com,nmtracking.netflix.com,customerevents.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=customerevents.netflix.com][Certificate SHA-1: 50:D6:DB:AF:1D:A3:83:52:E6:0E:15:8F:98:78:EE:2F:23:FD:E2:3F][Firefox][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 12,18,6,0,0,6,0,6,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,31,0,0]
+ 33 TCP 192.168.1.7:53118 <-> 54.69.204.241:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][19 pkts/7588 bytes <-> 15 pkts/5140 bytes][Goodput ratio: 83/81][30.38 sec][Hostname/SNI: ichnaea.netflix.com][(Advertised) ALPNs: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: 0.192 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2017/14 30033/55 7488/20][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 399/343 1514/1514 569/514][Risk: ** Unresolved hostname **][Risk Score: 50][Risk Info: ichnaea.netflix.com][nDPI Fingerprint: 4622f42680948581d3f684ed1e8246dd][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d1909h2_b5dc49c6fcca_2cdefc264be7][ServerNames: ichnaea.netflix.com,beacon.netflix.com,presentationtracking.netflix.com,nmtracking.netflix.com,customerevents.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=customerevents.netflix.com][Certificate SHA-1: 50:D6:DB:AF:1D:A3:83:52:E6:0E:15:8F:98:78:EE:2F:23:FD:E2:3F][Firefox][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 12,18,6,0,0,6,0,6,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,31,0,0]
34 TCP 192.168.1.7:53210 <-> 23.246.11.133:80 [proto: 7/HTTP][Stack: HTTP][IP: 133/NetFlix][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: IP address][DPI packets: 5][cat: Download/7][Breed: Acceptable][8 pkts/1564 bytes <-> 9 pkts/9556 bytes][Goodput ratio: 65/94][0.27 sec][Hostname/SNI: 23.246.11.133][bytes ratio: -0.719 (Download)][IAT c2s/s2c min/avg/max/stddev: 3/5 26/29 45/41 14/13][Pkt Len c2s/s2c min/avg/max/stddev: 66/74 196/1062 581/1514 221/531][URL: 23.246.11.133/?o=AQEfKq2oMrLRiWL1ouVaJpeQLBWjGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_7lHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=JfEef80K02ynIjLLoi-HZB1uQ10][StatusCode: 206][Content-Type: application/octet-stream][Server: nginx][User-Agent: AppleCoreMedia/1.0.0.14C92 (iPhone; U; CPU OS 10_2 like Mac OS X; en_us)][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** Binary File/Data Transfer (Attempt) **][Risk Score: 60][Risk Info: Found binary mime octet-stream / Found host 23.246.11.133][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (oMrLRiWL1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,10,20,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0]
- 35 TCP 192.168.1.7:53238 <-> 52.32.22.214:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][17 pkts/5528 bytes <-> 14 pkts/5406 bytes][Goodput ratio: 80/83][3.15 sec][Hostname/SNI: ios.nccp.netflix.com][bytes ratio: 0.011 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 218/303 2449/2522 645/743][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 325/386 1514/1514 478/534][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: d13b20842ba6aba0b08d1d9b953b074e][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d910600_383454ac02f4_8587f467d9ea][ServerNames: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: CN=Primary Certificate Authority (2009), ST=California, C=US, O=Netflix Inc, OU=Electronic Delivery, L=Los Gatos][Subject: CN=*.nccp.netflix.com, O=Netflix, Inc., OU=Operations, C=US, ST=California, L=Los Gatos][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Firefox][Validity: 2001-01-17 20:32:09 - 2018-03-24 20:32:09][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 13,21,6,6,0,0,0,6,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,6,0,0,0,0,0,0,6,0,0,0,0,21,0,0]
- 36 TCP 192.168.1.7:53116 <-> 52.32.196.36:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 7][cat: Video/26][Breed: Fun][11 pkts/3220 bytes <-> 11 pkts/7133 bytes][Goodput ratio: 77/90][0.34 sec][Hostname/SNI: api-global.netflix.com][(Advertised) ALPNs: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: -0.378 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 22/29 75/67 27/28][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 293/648 1514/1514 432/662][Risk: ** Unresolved hostname **][Risk Score: 50][Risk Info: api-global.netflix.com][nDPI Fingerprint: 4622f42680948581d3f684ed1e8246dd][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d1909h2_b5dc49c6fcca_2cdefc264be7][ServerNames: api-latam.netflix.com,htmltvui.netflix.com,api-eu.netflix.com,uiboot.netflix.com,api-global.netflix.com,api-user.netflix.com,api-us.netflix.com,api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=api.netflix.com][Certificate SHA-1: FC:5B:F6:86:AE:E5:22:0D:60:0C:C3:DF:8F:02:80:3F:A3:60:0E:3C][Firefox][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 7,15,7,0,0,0,7,7,0,0,0,7,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,40,0,0]
- 37 TCP 192.168.1.7:53248 <-> 52.32.22.214:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][12 pkts/5165 bytes <-> 10 pkts/5074 bytes][Goodput ratio: 84/87][0.34 sec][Hostname/SNI: ios.nccp.netflix.com][bytes ratio: 0.009 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 31/31 85/65 31/27][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 430/507 1514/1514 533/591][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: d13b20842ba6aba0b08d1d9b953b074e][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d910600_383454ac02f4_8587f467d9ea][ServerNames: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: CN=Primary Certificate Authority (2009), ST=California, C=US, O=Netflix Inc, OU=Electronic Delivery, L=Los Gatos][Subject: CN=*.nccp.netflix.com, O=Netflix, Inc., OU=Operations, C=US, ST=California, L=Los Gatos][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Firefox][Validity: 2001-01-17 20:32:09 - 2018-03-24 20:32:09][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,25,0,8,0,0,0,0,8,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,8,0,0,0,0,0,8,0,0,0,0,0,25,0,0]
- 38 TCP 192.168.1.7:53105 <-> 54.69.204.241:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][21 pkts/3051 bytes <-> 16 pkts/6234 bytes][Goodput ratio: 55/83][31.02 sec][Hostname/SNI: ichnaea.netflix.com][(Advertised) ALPNs: spdy/3.1;spdy/3;http/1.1][bytes ratio: -0.343 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1820/45 30348/363 7132/103][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 145/390 422/1514 132/520][Risk: ** Unresolved hostname **][Risk Score: 50][Risk Info: ichnaea.netflix.com][nDPI Fingerprint: d6616c767e56c5cc0cbd4e2f5e9c4a4c][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d1909s1_b5dc49c6fcca_2cdefc264be7][ServerNames: ichnaea.netflix.com,beacon.netflix.com,presentationtracking.netflix.com,nmtracking.netflix.com,customerevents.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=customerevents.netflix.com][Certificate SHA-1: 50:D6:DB:AF:1D:A3:83:52:E6:0E:15:8F:98:78:EE:2F:23:FD:E2:3F][Firefox][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 11,27,5,0,0,5,5,0,0,11,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0]
- 39 TCP 192.168.1.7:53193 <-> 54.191.17.51:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][10 pkts/5203 bytes <-> 6 pkts/3037 bytes][Goodput ratio: 87/87][0.31 sec][Hostname/SNI: ios.nccp.netflix.com][bytes ratio: 0.263 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 31/50 123/73 41/30][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 520/506 1514/1514 583/592][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: d13b20842ba6aba0b08d1d9b953b074e][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d910600_383454ac02f4_8587f467d9ea][ServerNames: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: CN=Primary Certificate Authority (2009), ST=California, C=US, O=Netflix Inc, OU=Electronic Delivery, L=Los Gatos][Subject: CN=*.nccp.netflix.com, O=Netflix, Inc., OU=Operations, C=US, ST=California, L=Los Gatos][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Firefox][Validity: 2001-01-17 20:32:09 - 2018-03-24 20:32:09][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,22,0,11,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,11,0,0,0,0,0,0,0,0,0,0,0,33,0,0]
- 40 TCP 192.168.1.7:53114 <-> 54.191.17.51:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][14 pkts/3109 bytes <-> 11 pkts/5119 bytes][Goodput ratio: 70/86][0.32 sec][Hostname/SNI: ios.nccp.netflix.com][bytes ratio: -0.244 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 24/22 72/63 26/25][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 222/465 1514/1514 382/579][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: d13b20842ba6aba0b08d1d9b953b074e][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d910600_383454ac02f4_8587f467d9ea][ServerNames: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: CN=Primary Certificate Authority (2009), ST=California, C=US, O=Netflix Inc, OU=Electronic Delivery, L=Los Gatos][Subject: CN=*.nccp.netflix.com, O=Netflix, Inc., OU=Operations, C=US, ST=California, L=Los Gatos][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Firefox][Validity: 2001-01-17 20:32:09 - 2018-03-24 20:32:09][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 16,25,0,8,0,0,0,0,8,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,25,0,0]
- 41 TCP 192.168.1.7:53134 <-> 52.89.39.139:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 6][cat: Video/26][Breed: Fun][14 pkts/3548 bytes <-> 11 pkts/4653 bytes][Goodput ratio: 74/84][30.77 sec][Hostname/SNI: api-global.netflix.com][bytes ratio: -0.135 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 29/22 143/79 43/29][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 253/423 1514/1514 422/512][Risk: ** TLS (probably) Not Carrying HTTPS **** Unresolved hostname **][Risk Score: 60][Risk Info: api-global.netflix.com / No ALPN][nDPI Fingerprint: 15361284fb021f89cd17f0128d681563][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d190700_b5dc49c6fcca_3304d8368043][JA3S: 303951d4c50efb2e991652225a6f02b1][Firefox][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 18,9,0,0,9,0,9,0,0,0,0,0,9,0,0,0,0,0,9,0,0,0,0,0,0,0,0,0,9,0,0,0,0,0,0,0,0,0,0,9,0,0,0,0,0,18,0,0]
- 42 TCP 192.168.1.7:53115 <-> 52.32.196.36:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 7][cat: Video/26][Breed: Fun][16 pkts/1657 bytes <-> 12 pkts/5005 bytes][Goodput ratio: 36/84][30.93 sec][Hostname/SNI: api-global.netflix.com][(Advertised) ALPNs: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: -0.503 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2373/20 30602/58 8149/26][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 104/417 309/1514 78/548][Risk: ** Unresolved hostname **][Risk Score: 50][Risk Info: api-global.netflix.com][nDPI Fingerprint: 4622f42680948581d3f684ed1e8246dd][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d1909h2_b5dc49c6fcca_2cdefc264be7][ServerNames: api-latam.netflix.com,htmltvui.netflix.com,api-eu.netflix.com,uiboot.netflix.com,api-global.netflix.com,api-user.netflix.com,api-us.netflix.com,api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=api.netflix.com][Certificate SHA-1: FC:5B:F6:86:AE:E5:22:0D:60:0C:C3:DF:8F:02:80:3F:A3:60:0E:3C][Firefox][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 15,23,15,0,0,0,7,15,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,15,0,0]
+ 35 TCP 192.168.1.7:53238 <-> 52.32.22.214:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][17 pkts/5528 bytes <-> 14 pkts/5406 bytes][Goodput ratio: 80/83][3.15 sec][Hostname/SNI: ios.nccp.netflix.com][bytes ratio: 0.011 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 218/303 2449/2522 645/743][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 325/386 1514/1514 478/534][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: d13b20842ba6aba0b08d1d9b953b074e][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d910600_383454ac02f4_8587f467d9ea][ServerNames: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: CN=Primary Certificate Authority (2009), ST=California, C=US, O=Netflix Inc, OU=Electronic Delivery, L=Los Gatos][Subject: CN=*.nccp.netflix.com, O=Netflix, Inc., OU=Operations, C=US, ST=California, L=Los Gatos][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Firefox][Validity: 2001-01-17 20:32:09 - 2018-03-24 20:32:09][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 13,21,6,6,0,0,0,6,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,6,0,0,0,0,0,0,6,0,0,0,0,21,0,0]
+ 36 TCP 192.168.1.7:53116 <-> 52.32.196.36:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 7][cat: Video/26][Breed: Fun][11 pkts/3220 bytes <-> 11 pkts/7133 bytes][Goodput ratio: 77/90][0.34 sec][Hostname/SNI: api-global.netflix.com][(Advertised) ALPNs: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: -0.378 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 22/29 75/67 27/28][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 293/648 1514/1514 432/662][Risk: ** Unresolved hostname **][Risk Score: 50][Risk Info: api-global.netflix.com][nDPI Fingerprint: 4622f42680948581d3f684ed1e8246dd][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d1909h2_b5dc49c6fcca_2cdefc264be7][ServerNames: api-latam.netflix.com,htmltvui.netflix.com,api-eu.netflix.com,uiboot.netflix.com,api-global.netflix.com,api-user.netflix.com,api-us.netflix.com,api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=api.netflix.com][Certificate SHA-1: FC:5B:F6:86:AE:E5:22:0D:60:0C:C3:DF:8F:02:80:3F:A3:60:0E:3C][Firefox][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 7,15,7,0,0,0,7,7,0,0,0,7,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,40,0,0]
+ 37 TCP 192.168.1.7:53248 <-> 52.32.22.214:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][12 pkts/5165 bytes <-> 10 pkts/5074 bytes][Goodput ratio: 84/87][0.34 sec][Hostname/SNI: ios.nccp.netflix.com][bytes ratio: 0.009 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 31/31 85/65 31/27][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 430/507 1514/1514 533/591][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: d13b20842ba6aba0b08d1d9b953b074e][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d910600_383454ac02f4_8587f467d9ea][ServerNames: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: CN=Primary Certificate Authority (2009), ST=California, C=US, O=Netflix Inc, OU=Electronic Delivery, L=Los Gatos][Subject: CN=*.nccp.netflix.com, O=Netflix, Inc., OU=Operations, C=US, ST=California, L=Los Gatos][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Firefox][Validity: 2001-01-17 20:32:09 - 2018-03-24 20:32:09][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,25,0,8,0,0,0,0,8,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,8,0,0,0,0,0,8,0,0,0,0,0,25,0,0]
+ 38 TCP 192.168.1.7:53105 <-> 54.69.204.241:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][21 pkts/3051 bytes <-> 16 pkts/6234 bytes][Goodput ratio: 55/83][31.02 sec][Hostname/SNI: ichnaea.netflix.com][(Advertised) ALPNs: spdy/3.1;spdy/3;http/1.1][bytes ratio: -0.343 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1820/45 30348/363 7132/103][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 145/390 422/1514 132/520][Risk: ** Unresolved hostname **][Risk Score: 50][Risk Info: ichnaea.netflix.com][nDPI Fingerprint: d6616c767e56c5cc0cbd4e2f5e9c4a4c][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d1909s1_b5dc49c6fcca_2cdefc264be7][ServerNames: ichnaea.netflix.com,beacon.netflix.com,presentationtracking.netflix.com,nmtracking.netflix.com,customerevents.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=customerevents.netflix.com][Certificate SHA-1: 50:D6:DB:AF:1D:A3:83:52:E6:0E:15:8F:98:78:EE:2F:23:FD:E2:3F][Firefox][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 11,27,5,0,0,5,5,0,0,11,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0]
+ 39 TCP 192.168.1.7:53193 <-> 54.191.17.51:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][10 pkts/5203 bytes <-> 6 pkts/3037 bytes][Goodput ratio: 87/87][0.31 sec][Hostname/SNI: ios.nccp.netflix.com][bytes ratio: 0.263 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 31/50 123/73 41/30][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 520/506 1514/1514 583/592][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: d13b20842ba6aba0b08d1d9b953b074e][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d910600_383454ac02f4_8587f467d9ea][ServerNames: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: CN=Primary Certificate Authority (2009), ST=California, C=US, O=Netflix Inc, OU=Electronic Delivery, L=Los Gatos][Subject: CN=*.nccp.netflix.com, O=Netflix, Inc., OU=Operations, C=US, ST=California, L=Los Gatos][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Firefox][Validity: 2001-01-17 20:32:09 - 2018-03-24 20:32:09][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,22,0,11,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,11,0,0,0,0,0,0,0,0,0,0,0,33,0,0]
+ 40 TCP 192.168.1.7:53114 <-> 54.191.17.51:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 7][cat: Video/26][Breed: Fun][14 pkts/3109 bytes <-> 11 pkts/5119 bytes][Goodput ratio: 70/86][0.32 sec][Hostname/SNI: ios.nccp.netflix.com][bytes ratio: -0.244 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 24/22 72/63 26/25][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 222/465 1514/1514 382/579][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: d13b20842ba6aba0b08d1d9b953b074e][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d910600_383454ac02f4_8587f467d9ea][ServerNames: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: CN=Primary Certificate Authority (2009), ST=California, C=US, O=Netflix Inc, OU=Electronic Delivery, L=Los Gatos][Subject: CN=*.nccp.netflix.com, O=Netflix, Inc., OU=Operations, C=US, ST=California, L=Los Gatos][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Firefox][Validity: 2001-01-17 20:32:09 - 2018-03-24 20:32:09][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 16,25,0,8,0,0,0,0,8,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,25,0,0]
+ 41 TCP 192.168.1.7:53134 <-> 52.89.39.139:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 6][cat: Video/26][Breed: Fun][14 pkts/3548 bytes <-> 11 pkts/4653 bytes][Goodput ratio: 74/84][30.77 sec][Hostname/SNI: api-global.netflix.com][bytes ratio: -0.135 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 29/22 143/79 43/29][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 253/423 1514/1514 422/512][Risk: ** TLS (probably) Not Carrying HTTPS **** Unresolved hostname **][Risk Score: 60][Risk Info: api-global.netflix.com / No ALPN][nDPI Fingerprint: 15361284fb021f89cd17f0128d681563][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d190700_b5dc49c6fcca_3304d8368043][JA3S: 303951d4c50efb2e991652225a6f02b1][Firefox][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 18,9,0,0,9,0,9,0,0,0,0,0,9,0,0,0,0,0,9,0,0,0,0,0,0,0,0,0,9,0,0,0,0,0,0,0,0,0,0,9,0,0,0,0,0,18,0,0]
+ 42 TCP 192.168.1.7:53115 <-> 52.32.196.36:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 7][cat: Video/26][Breed: Fun][16 pkts/1657 bytes <-> 12 pkts/5005 bytes][Goodput ratio: 36/84][30.93 sec][Hostname/SNI: api-global.netflix.com][(Advertised) ALPNs: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: -0.503 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2373/20 30602/58 8149/26][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 104/417 309/1514 78/548][Risk: ** Unresolved hostname **][Risk Score: 50][Risk Info: api-global.netflix.com][nDPI Fingerprint: 4622f42680948581d3f684ed1e8246dd][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d1909h2_b5dc49c6fcca_2cdefc264be7][ServerNames: api-latam.netflix.com,htmltvui.netflix.com,api-eu.netflix.com,uiboot.netflix.com,api-global.netflix.com,api-user.netflix.com,api-us.netflix.com,api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=api.netflix.com][Certificate SHA-1: FC:5B:F6:86:AE:E5:22:0D:60:0C:C3:DF:8F:02:80:3F:A3:60:0E:3C][Firefox][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 15,23,15,0,0,0,7,15,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,15,0,0]
43 TCP 192.168.1.7:53141 <-> 104.86.97.179:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 9][cat: Video/26][Breed: Fun][19 pkts/2356 bytes <-> 8 pkts/4069 bytes][Goodput ratio: 46/87][0.12 sec][Hostname/SNI: art-s.nflximg.net][(Advertised) ALPNs: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][(Negotiated) ALPN: h2][bytes ratio: -0.267 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 6/7 26/21 9/8][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 124/509 293/1514 58/602][Risk: ** Unresolved hostname **][Risk Score: 50][Risk Info: art-s.nflximg.net][nDPI Fingerprint: 4622f42680948581d3f684ed1e8246dd][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d1909h2_b5dc49c6fcca_2cdefc264be7][ServerNames: secure.cdn.nflximg.net,*.nflxext.com,*.nflxvideo.net,*.nflxsearch.net,*.nrd.nflximg.net,*.nflximg.net][JA3S: ef6b224ce027c8e21e5a25d8a58255a3][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=Los Gatos, O=Netflix, Inc., OU=Content Delivery Operations, CN=secure.cdn.nflximg.net][Certificate SHA-1: 0D:EF:D1:E6:29:11:1A:A5:88:B3:2F:04:65:D6:D7:AD:84:A2:52:26][Firefox][Validity: 2016-04-06 00:00:00 - 2017-04-05 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 5,28,39,0,5,0,0,5,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0]
44 TCP 192.168.1.7:53164 <-> 23.246.10.139:80 [proto: 7/HTTP][Stack: HTTP][IP: 133/NetFlix][ClearText][Confidence: DPI][FPC: 133/NetFlix, Confidence: IP address][DPI packets: 5][cat: Download/7][Breed: Acceptable][5 pkts/698 bytes <-> 5 pkts/5198 bytes][Goodput ratio: 51/93][0.08 sec][Hostname/SNI: 23.246.10.139][bytes ratio: -0.763 (Download)][IAT c2s/s2c min/avg/max/stddev: 5/1 18/14 35/35 11/13][Pkt Len c2s/s2c min/avg/max/stddev: 66/74 140/1040 422/1514 141/603][URL: 23.246.10.139/range/0-65535?o=AQEfKq2oMrLRiWL-p-VeIZ6WKRq-X6LMvaLqgxWBCuFbh09MpreORUUOO5Tx1683HPnLY6BPjN_9mlDuYihGZoXu9u0ozH8RFioBN_JDNiRscidjvoSdWmlyZgPNansW0lkBr4X81HvloOi8BS_exVSPhMyJQTB5bg&v=3&e=1484347850&t=-djGXIcbFBNzyfugqEWcrgtCpyY&random=34073607][StatusCode: 200][Content-Type: application/octet-stream][Server: nginx][User-Agent: netflix-ios-app][Risk: ** HTTP/TLS/QUIC Numeric Hostname/SNI **** Binary File/Data Transfer (Attempt) **][Risk Score: 60][Risk Info: Found binary mime octet-stream / Found host 23.246.10.139][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][PLAIN TEXT (GET /range/0)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,60,0,0]
- 45 TCP 192.168.1.7:53250 <-> 52.41.30.5:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 6][cat: Video/26][Breed: Fun][10 pkts/2830 bytes <-> 7 pkts/2484 bytes][Goodput ratio: 76/81][0.21 sec][Hostname/SNI: api-global.netflix.com][bytes ratio: 0.065 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 26/20 92/54 34/22][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 283/355 1450/1066 419/413][Risk: ** TLS (probably) Not Carrying HTTPS **** Unresolved hostname **][Risk Score: 60][Risk Info: api-global.netflix.com / No ALPN][nDPI Fingerprint: 15361284fb021f89cd17f0128d681563][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d190700_b5dc49c6fcca_3304d8368043][JA3S: 303951d4c50efb2e991652225a6f02b1][Firefox][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 12,12,0,0,12,0,12,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,12,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0]
- 46 TCP 192.168.1.7:53117 <-> 52.32.196.36:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 6][cat: Video/26][Breed: Fun][12 pkts/1294 bytes <-> 8 pkts/1723 bytes][Goodput ratio: 39/69][30.71 sec][Hostname/SNI: api-global.netflix.com][bytes ratio: -0.142 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 3064/6120 30486/30536 9141/12208][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 108/215 309/989 83/296][Risk: ** TLS (probably) Not Carrying HTTPS **** Unresolved hostname **][Risk Score: 60][Risk Info: api-global.netflix.com / No ALPN][nDPI Fingerprint: 15361284fb021f89cd17f0128d681563][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d190700_b5dc49c6fcca_3304d8368043][JA3S: 303951d4c50efb2e991652225a6f02b1][Firefox][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 25,12,12,0,12,0,12,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 45 TCP 192.168.1.7:53250 <-> 52.41.30.5:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 133/NetFlix, Confidence: DNS][DPI packets: 6][cat: Video/26][Breed: Fun][10 pkts/2830 bytes <-> 7 pkts/2484 bytes][Goodput ratio: 76/81][0.21 sec][Hostname/SNI: api-global.netflix.com][bytes ratio: 0.065 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 26/20 92/54 34/22][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 283/355 1450/1066 419/413][Risk: ** TLS (probably) Not Carrying HTTPS **** Unresolved hostname **][Risk Score: 60][Risk Info: api-global.netflix.com / No ALPN][nDPI Fingerprint: 15361284fb021f89cd17f0128d681563][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d190700_b5dc49c6fcca_3304d8368043][JA3S: 303951d4c50efb2e991652225a6f02b1][Firefox][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 12,12,0,0,12,0,12,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,12,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0]
+ 46 TCP 192.168.1.7:53117 <-> 52.32.196.36:443 [proto: 91.133/TLS.NetFlix][Stack: TLS.NetFlix][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 6][cat: Video/26][Breed: Fun][12 pkts/1294 bytes <-> 8 pkts/1723 bytes][Goodput ratio: 39/69][30.71 sec][Hostname/SNI: api-global.netflix.com][bytes ratio: -0.142 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 3064/6120 30486/30536 9141/12208][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 108/215 309/989 83/296][Risk: ** TLS (probably) Not Carrying HTTPS **** Unresolved hostname **][Risk Score: 60][Risk Info: api-global.netflix.com / No ALPN][nDPI Fingerprint: 15361284fb021f89cd17f0128d681563][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d190700_b5dc49c6fcca_3304d8368043][JA3S: 303951d4c50efb2e991652225a6f02b1][Firefox][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 25,12,12,0,12,0,12,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
47 UDP 192.168.1.7:53776 -> 239.255.255.250:1900 [proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 12/SSDP, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][16 pkts/2648 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][79.13 sec][Hostname/SNI: 239.255.255.250][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 105/0 4588/0 14907/0 6547/0][Pkt Len c2s/s2c min/avg/max/stddev: 164/0 166/0 167/0 2/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
48 UDP 192.168.1.7:51543 <-> 192.168.1.1:53 [proto: 5/DNS][Stack: DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 3][cat: Network/14][Breed: Acceptable][2 pkts/160 bytes <-> 2 pkts/646 bytes][Goodput ratio: 47/87][0.02 sec][Hostname/SNI: ios.nccp.netflix.com][54.191.17.51][DNS Id: 0x2956][PLAIN TEXT (netflix)][Plen Bins: 0,50,0,0,0,0,0,25,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
49 UDP 192.168.1.7:51622 <-> 192.168.1.1:53 [proto: 5/DNS][Stack: DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 3][cat: Network/14][Breed: Acceptable][2 pkts/160 bytes <-> 2 pkts/646 bytes][Goodput ratio: 47/87][0.04 sec][Hostname/SNI: ios.nccp.netflix.com][52.32.22.214][DNS Id: 0x2859][PLAIN TEXT (netflix)][Plen Bins: 0,50,0,0,0,0,0,25,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -106,5 +106,5 @@ JA Host Stats:
57 UDP 192.168.1.7:57719 <-> 192.168.1.1:53 [proto: 5/DNS][Stack: DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][Breed: Acceptable][1 pkts/85 bytes <-> 1 pkts/137 bytes][Goodput ratio: 50/69][0.02 sec][Hostname/SNI: sha2.san.akam.nflximg.net][104.86.97.179][DNS Id: 0x3158][PLAIN TEXT (akamaiedge)][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
58 UDP 192.168.1.7:57093 <-> 192.168.1.1:53 [proto: 5/DNS][Stack: DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][Breed: Acceptable][1 pkts/81 bytes <-> 1 pkts/113 bytes][Goodput ratio: 48/62][0.02 sec][Hostname/SNI: a1907.dscg.akamai.net][184.25.204.10][DNS Id: 0x91f0][PLAIN TEXT (akamai)][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
59 UDP 192.168.1.7:51728 <-> 192.168.1.1:53 [proto: 5/DNS][Stack: DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][Breed: Acceptable][1 pkts/80 bytes <-> 1 pkts/112 bytes][Goodput ratio: 47/62][0.02 sec][Hostname/SNI: a803.dscg.akamai.net][184.25.204.24][DNS Id: 0x041a][PLAIN TEXT (akamai)][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 60 TCP 192.168.1.7:52929 -> 52.24.87.6:443 [proto: 91/TLS][Stack: TLS][IP: 265/AmazonAWS][Encrypted][Confidence: Match by port][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 2][cat: Web/5][Breed: Safe][2 pkts/126 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][14.20 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 60 TCP 192.168.1.7:52929 -> 52.24.87.6:443 [proto: 91/TLS][Stack: TLS][IP: 461/AWS_EC2][Encrypted][Confidence: Match by port][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 2][cat: Web/5][Breed: Safe][2 pkts/126 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][14.20 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
61 IGMP 192.168.1.7:0 -> 239.255.255.250:0 [proto: 82/IGMP][Stack: IGMP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 82/IGMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/huge_number_of_custom_protocols/result/synscan.pcap.out b/tests/cfgs/huge_number_of_custom_protocols/result/synscan.pcap.out
index 6e9a191ba..14b6c84be 100644
--- a/tests/cfgs/huge_number_of_custom_protocols/result/synscan.pcap.out
+++ b/tests/cfgs/huge_number_of_custom_protocols/result/synscan.pcap.out
@@ -270,468 +270,468 @@ IoT-Scada 4 232 4
Crypto_Currency 2 116 2
1 TCP 172.16.0.8:36050 <-> 64.13.134.52:22 [proto: 92/SSH][Stack: SSH][IP: 0/Unknown][Encrypted][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: RemoteAccess/12][Breed: Acceptable][1 pkts/58 bytes <-> 4 pkts/240 bytes][Goodput ratio: 0/0][21.68 sec][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 2 TCP 172.16.0.8:36050 <-> 64.13.134.52:53 [proto: 611/domain][Stack: domain][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes <-> 4 pkts/240 bytes][Goodput ratio: 0/0][21.09 sec][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 2 TCP 172.16.0.8:36050 <-> 64.13.134.52:53 [proto: 619/domain][Stack: domain][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes <-> 4 pkts/240 bytes][Goodput ratio: 0/0][21.09 sec][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 TCP 172.16.0.8:36050 <-> 64.13.134.52:80 [proto: 7/HTTP][Stack: HTTP][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Web/5][Breed: Acceptable][1 pkts/58 bytes <-> 4 pkts/240 bytes][Goodput ratio: 0/0][21.27 sec][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 TCP 172.16.0.8:36050 <-> 64.13.134.52:25 [proto: 3/SMTP][Stack: SMTP][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Email/3][Breed: Acceptable][1 pkts/58 bytes <-> 1 pkts/60 bytes][Goodput ratio: 0/0][0.06 sec][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 5 TCP 172.16.0.8:36050 <-> 64.13.134.52:70 [proto: 666/gopher][Stack: gopher][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes <-> 1 pkts/60 bytes][Goodput ratio: 0/0][0.06 sec][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 6 TCP 172.16.0.8:36050 <-> 64.13.134.52:113 [proto: 510/auth][Stack: auth][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes <-> 1 pkts/60 bytes][Goodput ratio: 0/0][0.06 sec][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 7 TCP 172.16.0.8:36061 <-> 64.13.134.52:113 [proto: 510/auth][Stack: auth][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes <-> 1 pkts/60 bytes][Goodput ratio: 0/0][0.06 sec][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 8 TCP 172.16.0.8:36050 -> 64.13.134.52:1 [proto: 1054/tcpmux][Stack: tcpmux][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 9 TCP 172.16.0.8:36050 -> 64.13.134.52:3 [proto: 558/compressnet][Stack: compressnet][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 10 TCP 172.16.0.8:36050 -> 64.13.134.52:7 [proto: 622/echo][Stack: echo][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 11 TCP 172.16.0.8:36050 -> 64.13.134.52:9 [proto: 603/discard][Stack: discard][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 12 TCP 172.16.0.8:36050 -> 64.13.134.52:13 [proto: 585/daytime][Stack: daytime][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 13 TCP 172.16.0.8:36050 -> 64.13.134.52:17 [proto: 930/qotd][Stack: qotd][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 14 TCP 172.16.0.8:36050 -> 64.13.134.52:19 [proto: 541/chargen][Stack: chargen][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 15 TCP 172.16.0.8:36050 -> 64.13.134.52:20 [proto: 652/ftp][Stack: ftp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 5 TCP 172.16.0.8:36050 <-> 64.13.134.52:70 [proto: 674/gopher][Stack: gopher][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes <-> 1 pkts/60 bytes][Goodput ratio: 0/0][0.06 sec][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 6 TCP 172.16.0.8:36050 <-> 64.13.134.52:113 [proto: 518/auth][Stack: auth][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes <-> 1 pkts/60 bytes][Goodput ratio: 0/0][0.06 sec][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 7 TCP 172.16.0.8:36061 <-> 64.13.134.52:113 [proto: 518/auth][Stack: auth][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes <-> 1 pkts/60 bytes][Goodput ratio: 0/0][0.06 sec][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 8 TCP 172.16.0.8:36050 -> 64.13.134.52:1 [proto: 1062/tcpmux][Stack: tcpmux][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 9 TCP 172.16.0.8:36050 -> 64.13.134.52:3 [proto: 566/compressnet][Stack: compressnet][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 10 TCP 172.16.0.8:36050 -> 64.13.134.52:7 [proto: 630/echo][Stack: echo][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 11 TCP 172.16.0.8:36050 -> 64.13.134.52:9 [proto: 611/discard][Stack: discard][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 12 TCP 172.16.0.8:36050 -> 64.13.134.52:13 [proto: 593/daytime][Stack: daytime][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 13 TCP 172.16.0.8:36050 -> 64.13.134.52:17 [proto: 938/qotd][Stack: qotd][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 14 TCP 172.16.0.8:36050 -> 64.13.134.52:19 [proto: 549/chargen][Stack: chargen][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 15 TCP 172.16.0.8:36050 -> 64.13.134.52:20 [proto: 660/ftp][Stack: ftp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
16 TCP 172.16.0.8:36050 -> 64.13.134.52:21 [proto: 1/FTP_CONTROL][Stack: FTP_CONTROL][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Download/7][Breed: Unsafe][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unsafe Protocol **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
17 TCP 172.16.0.8:36050 -> 64.13.134.52:23 [proto: 77/Telnet][Stack: Telnet][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: RemoteAccess/12][Breed: Unsafe][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 18 TCP 172.16.0.8:36050 -> 64.13.134.52:33 [proto: 616/dsp][Stack: dsp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 19 TCP 172.16.0.8:36050 -> 64.13.134.52:37 [proto: 1065/time][Stack: time][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 20 TCP 172.16.0.8:36050 -> 64.13.134.52:42 [proto: 1118/wins][Stack: wins][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 21 TCP 172.16.0.8:36050 -> 64.13.134.52:43 [proto: 844/nicname][Stack: nicname][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 22 TCP 172.16.0.8:36050 -> 64.13.134.52:49 [proto: 1050/tacacs][Stack: tacacs][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 23 TCP 172.16.0.8:36050 -> 64.13.134.52:79 [proto: 648/finger][Stack: finger][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 24 TCP 172.16.0.8:36050 -> 64.13.134.52:82 [proto: 1125/xfer][Stack: xfer][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 25 TCP 172.16.0.8:36050 -> 64.13.134.52:83 [proto: 791/mit-ml][Stack: mit-ml][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 26 TCP 172.16.0.8:36050 -> 64.13.134.52:84 [proto: 573/ctf][Stack: ctf][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 27 TCP 172.16.0.8:36050 -> 64.13.134.52:85 [proto: 791/mit-ml][Stack: mit-ml][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 18 TCP 172.16.0.8:36050 -> 64.13.134.52:33 [proto: 624/dsp][Stack: dsp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 19 TCP 172.16.0.8:36050 -> 64.13.134.52:37 [proto: 1073/time][Stack: time][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 20 TCP 172.16.0.8:36050 -> 64.13.134.52:42 [proto: 1126/wins][Stack: wins][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 21 TCP 172.16.0.8:36050 -> 64.13.134.52:43 [proto: 852/nicname][Stack: nicname][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 22 TCP 172.16.0.8:36050 -> 64.13.134.52:49 [proto: 1058/tacacs][Stack: tacacs][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 23 TCP 172.16.0.8:36050 -> 64.13.134.52:79 [proto: 656/finger][Stack: finger][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 24 TCP 172.16.0.8:36050 -> 64.13.134.52:82 [proto: 1133/xfer][Stack: xfer][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 25 TCP 172.16.0.8:36050 -> 64.13.134.52:83 [proto: 799/mit-ml][Stack: mit-ml][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 26 TCP 172.16.0.8:36050 -> 64.13.134.52:84 [proto: 581/ctf][Stack: ctf][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 27 TCP 172.16.0.8:36050 -> 64.13.134.52:85 [proto: 799/mit-ml][Stack: mit-ml][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
28 TCP 172.16.0.8:36050 -> 64.13.134.52:88 [proto: 111/Kerberos][Stack: Kerberos][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 29 TCP 172.16.0.8:36050 -> 64.13.134.52:89 [proto: 1036/su-mit-tg][Stack: su-mit-tg][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 30 TCP 172.16.0.8:36050 -> 64.13.134.52:90 [proto: 610/dnsix][Stack: dnsix][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 31 TCP 172.16.0.8:36050 -> 64.13.134.52:99 [proto: 783/metagram][Stack: metagram][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 32 TCP 172.16.0.8:36050 -> 64.13.134.52:106 [proto: 459/3com-tsmux][Stack: 3com-tsmux][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 33 TCP 172.16.0.8:36050 -> 64.13.134.52:109 [proto: 907/pop2][Stack: pop2][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 29 TCP 172.16.0.8:36050 -> 64.13.134.52:89 [proto: 1044/su-mit-tg][Stack: su-mit-tg][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 30 TCP 172.16.0.8:36050 -> 64.13.134.52:90 [proto: 618/dnsix][Stack: dnsix][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 31 TCP 172.16.0.8:36050 -> 64.13.134.52:99 [proto: 791/metagram][Stack: metagram][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 32 TCP 172.16.0.8:36050 -> 64.13.134.52:106 [proto: 467/3com-tsmux][Stack: 3com-tsmux][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 33 TCP 172.16.0.8:36050 -> 64.13.134.52:109 [proto: 915/pop2][Stack: pop2][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
34 TCP 172.16.0.8:36050 -> 64.13.134.52:110 [proto: 2/POP3][Stack: POP3][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Email/3][Breed: Unsafe][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 35 TCP 172.16.0.8:36050 -> 64.13.134.52:111 [proto: 1038/sunrpc][Stack: sunrpc][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 36 TCP 172.16.0.8:36050 -> 64.13.134.52:119 [proto: 853/nntp][Stack: nntp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 37 TCP 172.16.0.8:36050 -> 64.13.134.52:125 [proto: 757/locus][Stack: locus][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 38 TCP 172.16.0.8:36050 -> 64.13.134.52:135 [proto: 632/epmap][Stack: epmap][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 35 TCP 172.16.0.8:36050 -> 64.13.134.52:111 [proto: 1046/sunrpc][Stack: sunrpc][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 36 TCP 172.16.0.8:36050 -> 64.13.134.52:119 [proto: 861/nntp][Stack: nntp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 37 TCP 172.16.0.8:36050 -> 64.13.134.52:125 [proto: 765/locus][Stack: locus][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 38 TCP 172.16.0.8:36050 -> 64.13.134.52:135 [proto: 640/epmap][Stack: epmap][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
39 TCP 172.16.0.8:36050 -> 64.13.134.52:139 [proto: 10/NetBIOS][Stack: NetBIOS][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: System/18][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
40 TCP 172.16.0.8:36050 -> 64.13.134.52:143 [proto: 4/IMAP][Stack: IMAP][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Email/3][Breed: Unsafe][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 41 TCP 172.16.0.8:36050 -> 64.13.134.52:144 [proto: 1081/uma][Stack: uma][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 42 TCP 172.16.0.8:36050 -> 64.13.134.52:146 [proto: 730/iso-tp][Stack: iso-tp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 41 TCP 172.16.0.8:36050 -> 64.13.134.52:144 [proto: 1089/uma][Stack: uma][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 42 TCP 172.16.0.8:36050 -> 64.13.134.52:146 [proto: 738/iso-tp][Stack: iso-tp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
43 TCP 172.16.0.8:36050 -> 64.13.134.52:161 [proto: 14/SNMP][Stack: SNMP][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 44 TCP 172.16.0.8:36050 -> 64.13.134.52:163 [proto: 553/cmip][Stack: cmip][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 44 TCP 172.16.0.8:36050 -> 64.13.134.52:163 [proto: 561/cmip][Stack: cmip][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
45 TCP 172.16.0.8:36050 -> 64.13.134.52:179 [proto: 13/BGP][Stack: BGP][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 46 TCP 172.16.0.8:36050 -> 64.13.134.52:199 [proto: 1007/smux][Stack: smux][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 47 TCP 172.16.0.8:36050 -> 64.13.134.52:211 [proto: 460/914c_g][Stack: 914c_g][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 48 TCP 172.16.0.8:36050 -> 64.13.134.52:212 [proto: 478/anet][Stack: anet][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 49 TCP 172.16.0.8:36050 -> 64.13.134.52:222 [proto: 963/rsh-spx][Stack: rsh-spx][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 50 TCP 172.16.0.8:36050 -> 64.13.134.52:256 [proto: 937/rap][Stack: rap][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 51 TCP 172.16.0.8:36050 -> 64.13.134.52:259 [proto: 637/esro][Stack: esro][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 52 TCP 172.16.0.8:36050 -> 64.13.134.52:264 [proto: 518/bgmp][Stack: bgmp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 53 TCP 172.16.0.8:36050 -> 64.13.134.52:280 [proto: 684/http-mgm][Stack: http-mgm][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 54 TCP 172.16.0.8:36050 -> 64.13.134.52:301 [proto: 909/port301][Stack: port301][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 55 TCP 172.16.0.8:36050 -> 64.13.134.52:311 [proto: 502/asip][Stack: asip][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 56 TCP 172.16.0.8:36050 -> 64.13.134.52:366 [proto: 870/odmr][Stack: odmr][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 46 TCP 172.16.0.8:36050 -> 64.13.134.52:199 [proto: 1015/smux][Stack: smux][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 47 TCP 172.16.0.8:36050 -> 64.13.134.52:211 [proto: 468/914c_g][Stack: 914c_g][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 48 TCP 172.16.0.8:36050 -> 64.13.134.52:212 [proto: 486/anet][Stack: anet][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 49 TCP 172.16.0.8:36050 -> 64.13.134.52:222 [proto: 971/rsh-spx][Stack: rsh-spx][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 50 TCP 172.16.0.8:36050 -> 64.13.134.52:256 [proto: 945/rap][Stack: rap][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 51 TCP 172.16.0.8:36050 -> 64.13.134.52:259 [proto: 645/esro][Stack: esro][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 52 TCP 172.16.0.8:36050 -> 64.13.134.52:264 [proto: 526/bgmp][Stack: bgmp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 53 TCP 172.16.0.8:36050 -> 64.13.134.52:280 [proto: 692/http-mgm][Stack: http-mgm][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 54 TCP 172.16.0.8:36050 -> 64.13.134.52:301 [proto: 917/port301][Stack: port301][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 55 TCP 172.16.0.8:36050 -> 64.13.134.52:311 [proto: 510/asip][Stack: asip][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 56 TCP 172.16.0.8:36050 -> 64.13.134.52:366 [proto: 878/odmr][Stack: odmr][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
57 TCP 172.16.0.8:36050 -> 64.13.134.52:389 [proto: 112/LDAP][Stack: LDAP][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: System/18][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 58 TCP 172.16.0.8:36050 -> 64.13.134.52:406 [proto: 707/imsp][Stack: imsp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 59 TCP 172.16.0.8:36050 -> 64.13.134.52:407 [proto: 1064/timbuktu][Stack: timbuktu][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 60 TCP 172.16.0.8:36050 -> 64.13.134.52:416 [proto: 995/silverplatter][Stack: silverplatter][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 61 TCP 172.16.0.8:36050 -> 64.13.134.52:417 [proto: 875/onmux][Stack: onmux][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 62 TCP 172.16.0.8:36050 -> 64.13.134.52:425 [proto: 697/icad-elL][Stack: icad-elL][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 63 TCP 172.16.0.8:36050 -> 64.13.134.52:427 [proto: 1044/svrloc][Stack: svrloc][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 64 TCP 172.16.0.8:36050 -> 64.13.134.52:443 [proto: 686/https][Stack: https][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 65 TCP 172.16.0.8:36050 -> 64.13.134.52:444 [proto: 1011/snpp][Stack: snpp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 66 TCP 172.16.0.8:36050 -> 64.13.134.52:445 [proto: 788/microsoft-ds][Stack: microsoft-ds][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 67 TCP 172.16.0.8:36050 -> 64.13.134.52:458 [proto: 489/appleqtc][Stack: appleqtc][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 68 TCP 172.16.0.8:36050 -> 64.13.134.52:464 [proto: 745/kpasswd][Stack: kpasswd][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 69 TCP 172.16.0.8:36050 -> 64.13.134.52:465 [proto: 1086/urd_igmpv3lite][Stack: urd_igmpv3lite][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 70 TCP 172.16.0.8:36050 -> 64.13.134.52:481 [proto: 898/ph][Stack: ph][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 71 TCP 172.16.0.8:36050 -> 64.13.134.52:497 [proto: 581/dantz][Stack: dantz][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 72 TCP 172.16.0.8:36050 -> 64.13.134.52:500 [proto: 726/isakmp][Stack: isakmp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 73 TCP 172.16.0.8:36050 -> 64.13.134.52:512 [proto: 641/exec_comsat][Stack: exec_comsat][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 74 TCP 172.16.0.8:36050 -> 64.13.134.52:513 [proto: 758/login_who][Stack: login_who][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 75 TCP 172.16.0.8:36050 -> 64.13.134.52:514 [proto: 990/shell_syslog][Stack: shell_syslog][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 76 TCP 172.16.0.8:36050 -> 64.13.134.52:515 [proto: 911/printer][Stack: printer][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 77 TCP 172.16.0.8:36050 -> 64.13.134.52:524 [proto: 823/ncp][Stack: ncp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 78 TCP 172.16.0.8:36050 -> 64.13.134.52:541 [proto: 1090/uucp][Stack: uucp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 79 TCP 172.16.0.8:36050 -> 64.13.134.52:543 [proto: 743/klogin][Stack: klogin][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 80 TCP 172.16.0.8:36050 -> 64.13.134.52:544 [proto: 747/kshell][Stack: kshell][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 81 TCP 172.16.0.8:36050 -> 64.13.134.52:545 [proto: 489/appleqtc][Stack: appleqtc][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 58 TCP 172.16.0.8:36050 -> 64.13.134.52:406 [proto: 715/imsp][Stack: imsp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 59 TCP 172.16.0.8:36050 -> 64.13.134.52:407 [proto: 1072/timbuktu][Stack: timbuktu][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 60 TCP 172.16.0.8:36050 -> 64.13.134.52:416 [proto: 1003/silverplatter][Stack: silverplatter][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 61 TCP 172.16.0.8:36050 -> 64.13.134.52:417 [proto: 883/onmux][Stack: onmux][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 62 TCP 172.16.0.8:36050 -> 64.13.134.52:425 [proto: 705/icad-elL][Stack: icad-elL][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 63 TCP 172.16.0.8:36050 -> 64.13.134.52:427 [proto: 1052/svrloc][Stack: svrloc][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 64 TCP 172.16.0.8:36050 -> 64.13.134.52:443 [proto: 694/https][Stack: https][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 65 TCP 172.16.0.8:36050 -> 64.13.134.52:444 [proto: 1019/snpp][Stack: snpp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 66 TCP 172.16.0.8:36050 -> 64.13.134.52:445 [proto: 796/microsoft-ds][Stack: microsoft-ds][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 67 TCP 172.16.0.8:36050 -> 64.13.134.52:458 [proto: 497/appleqtc][Stack: appleqtc][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 68 TCP 172.16.0.8:36050 -> 64.13.134.52:464 [proto: 753/kpasswd][Stack: kpasswd][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 69 TCP 172.16.0.8:36050 -> 64.13.134.52:465 [proto: 1094/urd_igmpv3lite][Stack: urd_igmpv3lite][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 70 TCP 172.16.0.8:36050 -> 64.13.134.52:481 [proto: 906/ph][Stack: ph][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 71 TCP 172.16.0.8:36050 -> 64.13.134.52:497 [proto: 589/dantz][Stack: dantz][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 72 TCP 172.16.0.8:36050 -> 64.13.134.52:500 [proto: 734/isakmp][Stack: isakmp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 73 TCP 172.16.0.8:36050 -> 64.13.134.52:512 [proto: 649/exec_comsat][Stack: exec_comsat][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 74 TCP 172.16.0.8:36050 -> 64.13.134.52:513 [proto: 766/login_who][Stack: login_who][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 75 TCP 172.16.0.8:36050 -> 64.13.134.52:514 [proto: 998/shell_syslog][Stack: shell_syslog][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 76 TCP 172.16.0.8:36050 -> 64.13.134.52:515 [proto: 919/printer][Stack: printer][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 77 TCP 172.16.0.8:36050 -> 64.13.134.52:524 [proto: 831/ncp][Stack: ncp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 78 TCP 172.16.0.8:36050 -> 64.13.134.52:541 [proto: 1098/uucp][Stack: uucp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 79 TCP 172.16.0.8:36050 -> 64.13.134.52:543 [proto: 751/klogin][Stack: klogin][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 80 TCP 172.16.0.8:36050 -> 64.13.134.52:544 [proto: 755/kshell][Stack: kshell][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 81 TCP 172.16.0.8:36050 -> 64.13.134.52:545 [proto: 497/appleqtc][Stack: appleqtc][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
82 TCP 172.16.0.8:36050 -> 64.13.134.52:548 [proto: 97/AFP][Stack: AFP][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: DataTransfer/4][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
83 TCP 172.16.0.8:36050 -> 64.13.134.52:554 [proto: 50/RTSP][Stack: RTSP][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Media/1][Breed: Fun][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 84 TCP 172.16.0.8:36050 -> 64.13.134.52:555 [proto: 614/dsf][Stack: dsf][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 85 TCP 172.16.0.8:36050 -> 64.13.134.52:563 [proto: 854/nntps][Stack: nntps][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 86 TCP 172.16.0.8:36050 -> 64.13.134.52:587 [proto: 1033/submission][Stack: submission][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 87 TCP 172.16.0.8:36050 -> 64.13.134.52:593 [proto: 685/http-rpc-epmap][Stack: http-rpc-epmap][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 88 TCP 172.16.0.8:36050 -> 64.13.134.52:616 [proto: 976/sco][Stack: sco][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 89 TCP 172.16.0.8:36050 -> 64.13.134.52:617 [proto: 976/sco][Stack: sco][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 90 TCP 172.16.0.8:36050 -> 64.13.134.52:625 [proto: 590/dec_dlm][Stack: dec_dlm][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 84 TCP 172.16.0.8:36050 -> 64.13.134.52:555 [proto: 622/dsf][Stack: dsf][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 85 TCP 172.16.0.8:36050 -> 64.13.134.52:563 [proto: 862/nntps][Stack: nntps][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 86 TCP 172.16.0.8:36050 -> 64.13.134.52:587 [proto: 1041/submission][Stack: submission][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 87 TCP 172.16.0.8:36050 -> 64.13.134.52:593 [proto: 693/http-rpc-epmap][Stack: http-rpc-epmap][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 88 TCP 172.16.0.8:36050 -> 64.13.134.52:616 [proto: 984/sco][Stack: sco][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 89 TCP 172.16.0.8:36050 -> 64.13.134.52:617 [proto: 984/sco][Stack: sco][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 90 TCP 172.16.0.8:36050 -> 64.13.134.52:625 [proto: 598/dec_dlm][Stack: dec_dlm][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
91 TCP 172.16.0.8:36050 -> 64.13.134.52:631 [proto: 6/IPP][Stack: IPP][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: System/18][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 92 TCP 172.16.0.8:36050 -> 64.13.134.52:636 [proto: 752/ldaps][Stack: ldaps][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 92 TCP 172.16.0.8:36050 -> 64.13.134.52:636 [proto: 760/ldaps][Stack: ldaps][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
93 TCP 172.16.0.8:36050 -> 64.13.134.52:646 [proto: 409/LDP][Stack: LDP][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 94 TCP 172.16.0.8:36050 -> 64.13.134.52:648 [proto: 962/rrp][Stack: rrp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 95 TCP 172.16.0.8:36050 -> 64.13.134.52:666 [proto: 777/mdqs][Stack: mdqs][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 96 TCP 172.16.0.8:36050 -> 64.13.134.52:667 [proto: 604/disclose][Stack: disclose][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 97 TCP 172.16.0.8:36050 -> 64.13.134.52:668 [proto: 778/mecomm][Stack: mecomm][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 98 TCP 172.16.0.8:36050 -> 64.13.134.52:683 [proto: 563/corba-iiop][Stack: corba-iiop][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 99 TCP 172.16.0.8:36050 -> 64.13.134.52:687 [proto: 503/asipwismar][Stack: asipwismar][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 100 TCP 172.16.0.8:36050 -> 64.13.134.52:691 [proto: 804/msexch-routing][Stack: msexch-routing][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 101 TCP 172.16.0.8:36050 -> 64.13.134.52:700 [proto: 633/epp][Stack: epp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 102 TCP 172.16.0.8:36050 -> 64.13.134.52:705 [proto: 473/agentx][Stack: agentx][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 103 TCP 172.16.0.8:36050 -> 64.13.134.52:711 [proto: 546/cisco-tdp][Stack: cisco-tdp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 104 TCP 172.16.0.8:36050 -> 64.13.134.52:714 [proto: 724/iris][Stack: iris][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 94 TCP 172.16.0.8:36050 -> 64.13.134.52:648 [proto: 970/rrp][Stack: rrp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 95 TCP 172.16.0.8:36050 -> 64.13.134.52:666 [proto: 785/mdqs][Stack: mdqs][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 96 TCP 172.16.0.8:36050 -> 64.13.134.52:667 [proto: 612/disclose][Stack: disclose][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 97 TCP 172.16.0.8:36050 -> 64.13.134.52:668 [proto: 786/mecomm][Stack: mecomm][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 98 TCP 172.16.0.8:36050 -> 64.13.134.52:683 [proto: 571/corba-iiop][Stack: corba-iiop][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 99 TCP 172.16.0.8:36050 -> 64.13.134.52:687 [proto: 511/asipwismar][Stack: asipwismar][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 100 TCP 172.16.0.8:36050 -> 64.13.134.52:691 [proto: 812/msexch-routing][Stack: msexch-routing][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 101 TCP 172.16.0.8:36050 -> 64.13.134.52:700 [proto: 641/epp][Stack: epp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 102 TCP 172.16.0.8:36050 -> 64.13.134.52:705 [proto: 481/agentx][Stack: agentx][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 103 TCP 172.16.0.8:36050 -> 64.13.134.52:711 [proto: 554/cisco-tdp][Stack: cisco-tdp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 104 TCP 172.16.0.8:36050 -> 64.13.134.52:714 [proto: 732/iris][Stack: iris][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
105 TCP 172.16.0.8:36050 -> 64.13.134.52:749 [proto: 111/Kerberos][Stack: Kerberos][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 106 TCP 172.16.0.8:36050 -> 64.13.134.52:765 [proto: 1111/webster][Stack: webster][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 107 TCP 172.16.0.8:36050 -> 64.13.134.52:777 [proto: 815/multiling-http][Stack: multiling-http][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 108 TCP 172.16.0.8:36050 -> 64.13.134.52:800 [proto: 775/mdbs_daemon][Stack: mdbs_daemon][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 109 TCP 172.16.0.8:36050 -> 64.13.134.52:801 [proto: 598/device][Stack: device][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 106 TCP 172.16.0.8:36050 -> 64.13.134.52:765 [proto: 1119/webster][Stack: webster][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 107 TCP 172.16.0.8:36050 -> 64.13.134.52:777 [proto: 823/multiling-http][Stack: multiling-http][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 108 TCP 172.16.0.8:36050 -> 64.13.134.52:800 [proto: 783/mdbs_daemon][Stack: mdbs_daemon][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 109 TCP 172.16.0.8:36050 -> 64.13.134.52:801 [proto: 606/device][Stack: device][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
110 TCP 172.16.0.8:36050 -> 64.13.134.52:873 [proto: 166/RSYNC][Stack: RSYNC][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: DataTransfer/4][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 111 TCP 172.16.0.8:36050 -> 64.13.134.52:888 [proto: 464/accessbuilder][Stack: accessbuilder][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 112 TCP 172.16.0.8:36050 -> 64.13.134.52:900 [proto: 873/omginitialrefs][Stack: omginitialrefs][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 113 TCP 172.16.0.8:36050 -> 64.13.134.52:901 [proto: 1002/smpnameres][Stack: smpnameres][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 114 TCP 172.16.0.8:36050 -> 64.13.134.52:902 [proto: 700/ideafarm][Stack: ideafarm][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 115 TCP 172.16.0.8:36050 -> 64.13.134.52:903 [proto: 700/ideafarm][Stack: ideafarm][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 116 TCP 172.16.0.8:36050 -> 64.13.134.52:911 [proto: 1123/xact-backup][Stack: xact-backup][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 117 TCP 172.16.0.8:36050 -> 64.13.134.52:912 [proto: 486/apex][Stack: apex][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 111 TCP 172.16.0.8:36050 -> 64.13.134.52:888 [proto: 472/accessbuilder][Stack: accessbuilder][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 112 TCP 172.16.0.8:36050 -> 64.13.134.52:900 [proto: 881/omginitialrefs][Stack: omginitialrefs][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 113 TCP 172.16.0.8:36050 -> 64.13.134.52:901 [proto: 1010/smpnameres][Stack: smpnameres][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 114 TCP 172.16.0.8:36050 -> 64.13.134.52:902 [proto: 708/ideafarm][Stack: ideafarm][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 115 TCP 172.16.0.8:36050 -> 64.13.134.52:903 [proto: 708/ideafarm][Stack: ideafarm][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 116 TCP 172.16.0.8:36050 -> 64.13.134.52:911 [proto: 1131/xact-backup][Stack: xact-backup][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 117 TCP 172.16.0.8:36050 -> 64.13.134.52:912 [proto: 494/apex][Stack: apex][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
118 TCP 172.16.0.8:36050 -> 64.13.134.52:990 [proto: 311/FTPS][Stack: FTPS][IP: 0/Unknown][Encrypted][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Download/7][Breed: Unsafe][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][nDPI Fingerprint: dc35321a2b21259e06875b77f1765678][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 119 TCP 172.16.0.8:36050 -> 64.13.134.52:992 [proto: 1059/telnets][Stack: telnets][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 119 TCP 172.16.0.8:36050 -> 64.13.134.52:992 [proto: 1067/telnets][Stack: telnets][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
120 TCP 172.16.0.8:36050 -> 64.13.134.52:993 [proto: 51/IMAPS][Stack: IMAPS][IP: 0/Unknown][Encrypted][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Email/3][Breed: Safe][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][nDPI Fingerprint: dc35321a2b21259e06875b77f1765678][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 121 TCP 172.16.0.8:36050 -> 64.13.134.52:995 [proto: 908/pop3s][Stack: pop3s][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 122 TCP 172.16.0.8:36050 -> 64.13.134.52:999 [proto: 657/garcon_applix][Stack: garcon_applix][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 123 TCP 172.16.0.8:36050 -> 64.13.134.52:1000 [proto: 533/cadlock2][Stack: cadlock2][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 124 TCP 172.16.0.8:36050 -> 64.13.134.52:1010 [proto: 1041/surf][Stack: surf][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 125 TCP 172.16.0.8:36050 -> 64.13.134.52:1021 [proto: 642/exp1][Stack: exp1][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 126 TCP 172.16.0.8:36050 -> 64.13.134.52:1022 [proto: 643/exp2][Stack: exp2][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 127 TCP 172.16.0.8:36050 -> 64.13.134.52:1023 [proto: 537/carboncopy][Stack: carboncopy][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 128 TCP 172.16.0.8:36050 -> 64.13.134.52:1034 [proto: 469/activesync][Stack: activesync][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 129 TCP 172.16.0.8:36050 -> 64.13.134.52:1037 [proto: 476/ams][Stack: ams][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 130 TCP 172.16.0.8:36050 -> 64.13.134.52:1042 [proto: 472/afrog][Stack: afrog][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 131 TCP 172.16.0.8:36050 -> 64.13.134.52:1055 [proto: 482/ansyslmd][Stack: ansyslmd][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 132 TCP 172.16.0.8:36050 -> 64.13.134.52:1078 [proto: 513/avocent-proxy][Stack: avocent-proxy][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 133 TCP 172.16.0.8:36050 -> 64.13.134.52:1079 [proto: 504/asprovatalk][Stack: asprovatalk][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 121 TCP 172.16.0.8:36050 -> 64.13.134.52:995 [proto: 916/pop3s][Stack: pop3s][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 122 TCP 172.16.0.8:36050 -> 64.13.134.52:999 [proto: 665/garcon_applix][Stack: garcon_applix][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 123 TCP 172.16.0.8:36050 -> 64.13.134.52:1000 [proto: 541/cadlock2][Stack: cadlock2][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 124 TCP 172.16.0.8:36050 -> 64.13.134.52:1010 [proto: 1049/surf][Stack: surf][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 125 TCP 172.16.0.8:36050 -> 64.13.134.52:1021 [proto: 650/exp1][Stack: exp1][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 126 TCP 172.16.0.8:36050 -> 64.13.134.52:1022 [proto: 651/exp2][Stack: exp2][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 127 TCP 172.16.0.8:36050 -> 64.13.134.52:1023 [proto: 545/carboncopy][Stack: carboncopy][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 128 TCP 172.16.0.8:36050 -> 64.13.134.52:1034 [proto: 477/activesync][Stack: activesync][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 129 TCP 172.16.0.8:36050 -> 64.13.134.52:1037 [proto: 484/ams][Stack: ams][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 130 TCP 172.16.0.8:36050 -> 64.13.134.52:1042 [proto: 480/afrog][Stack: afrog][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 131 TCP 172.16.0.8:36050 -> 64.13.134.52:1055 [proto: 490/ansyslmd][Stack: ansyslmd][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 132 TCP 172.16.0.8:36050 -> 64.13.134.52:1078 [proto: 521/avocent-proxy][Stack: avocent-proxy][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 133 TCP 172.16.0.8:36050 -> 64.13.134.52:1079 [proto: 512/asprovatalk][Stack: asprovatalk][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
134 TCP 172.16.0.8:36050 -> 64.13.134.52:1080 [proto: 172/SOCKS][Stack: SOCKS][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Web/5][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 135 TCP 172.16.0.8:36050 -> 64.13.134.52:1082 [proto: 477/amt-esd-prot][Stack: amt-esd-prot][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 136 TCP 172.16.0.8:36050 -> 64.13.134.52:1083 [proto: 481/ansoft-lm][Stack: ansoft-lm][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 137 TCP 172.16.0.8:36050 -> 64.13.134.52:1084 [proto: 481/ansoft-lm][Stack: ansoft-lm][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 138 TCP 172.16.0.8:36050 -> 64.13.134.52:1085 [proto: 1110/webobjects][Stack: webobjects][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 139 TCP 172.16.0.8:36050 -> 64.13.134.52:1098 [proto: 955/rmi][Stack: rmi][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 140 TCP 172.16.0.8:36050 -> 64.13.134.52:1099 [proto: 955/rmi][Stack: rmi][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 141 TCP 172.16.0.8:36050 -> 64.13.134.52:1102 [proto: 470/adobeserver][Stack: adobeserver][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 142 TCP 172.16.0.8:36050 -> 64.13.134.52:1110 [proto: 843/nfsd][Stack: nfsd][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 143 TCP 172.16.0.8:36050 -> 64.13.134.52:1117 [proto: 495/ardus][Stack: ardus][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 135 TCP 172.16.0.8:36050 -> 64.13.134.52:1082 [proto: 485/amt-esd-prot][Stack: amt-esd-prot][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 136 TCP 172.16.0.8:36050 -> 64.13.134.52:1083 [proto: 489/ansoft-lm][Stack: ansoft-lm][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 137 TCP 172.16.0.8:36050 -> 64.13.134.52:1084 [proto: 489/ansoft-lm][Stack: ansoft-lm][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 138 TCP 172.16.0.8:36050 -> 64.13.134.52:1085 [proto: 1118/webobjects][Stack: webobjects][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 139 TCP 172.16.0.8:36050 -> 64.13.134.52:1098 [proto: 963/rmi][Stack: rmi][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 140 TCP 172.16.0.8:36050 -> 64.13.134.52:1099 [proto: 963/rmi][Stack: rmi][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 141 TCP 172.16.0.8:36050 -> 64.13.134.52:1102 [proto: 478/adobeserver][Stack: adobeserver][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 142 TCP 172.16.0.8:36050 -> 64.13.134.52:1110 [proto: 851/nfsd][Stack: nfsd][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 143 TCP 172.16.0.8:36050 -> 64.13.134.52:1117 [proto: 503/ardus][Stack: ardus][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
144 TCP 172.16.0.8:36050 -> 64.13.134.52:1119 [proto: 213/Blizzard][Stack: Blizzard][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Game/8][Breed: Fun][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 145 TCP 172.16.0.8:36050 -> 64.13.134.52:1122 [proto: 511/availant-mgr][Stack: availant-mgr][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 146 TCP 172.16.0.8:36050 -> 64.13.134.52:1352 [proto: 759/lotusnote][Stack: lotusnote][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 147 TCP 172.16.0.8:36050 -> 64.13.134.52:1433 [proto: 813/ms-sql][Stack: ms-sql][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 145 TCP 172.16.0.8:36050 -> 64.13.134.52:1122 [proto: 519/availant-mgr][Stack: availant-mgr][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 146 TCP 172.16.0.8:36050 -> 64.13.134.52:1352 [proto: 767/lotusnote][Stack: lotusnote][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 147 TCP 172.16.0.8:36050 -> 64.13.134.52:1433 [proto: 821/ms-sql][Stack: ms-sql][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
148 TCP 172.16.0.8:36050 -> 64.13.134.52:1434 [proto: 114/MsSQL-TDS][Stack: MsSQL-TDS][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Database/11][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 149 TCP 172.16.0.8:36050 -> 64.13.134.52:1494 [proto: 548/citrix_ica][Stack: citrix_ica][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 150 TCP 172.16.0.8:36050 -> 64.13.134.52:1503 [proto: 833/netmeeting][Stack: netmeeting][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 149 TCP 172.16.0.8:36050 -> 64.13.134.52:1494 [proto: 556/citrix_ica][Stack: citrix_ica][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 150 TCP 172.16.0.8:36050 -> 64.13.134.52:1503 [proto: 841/netmeeting][Stack: netmeeting][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
151 TCP 172.16.0.8:36050 -> 64.13.134.52:1521 [proto: 167/Oracle][Stack: Oracle][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Database/11][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 152 TCP 172.16.0.8:36050 -> 64.13.134.52:1524 [proto: 883/oracle_1522-1546][Stack: oracle_1522-1546][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 153 TCP 172.16.0.8:36050 -> 64.13.134.52:1533 [proto: 883/oracle_1522-1546][Stack: oracle_1522-1546][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 154 TCP 172.16.0.8:36050 -> 64.13.134.52:1666 [proto: 895/perforce][Stack: perforce][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 152 TCP 172.16.0.8:36050 -> 64.13.134.52:1524 [proto: 891/oracle_1522-1546][Stack: oracle_1522-1546][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 153 TCP 172.16.0.8:36050 -> 64.13.134.52:1533 [proto: 891/oracle_1522-1546][Stack: oracle_1522-1546][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 154 TCP 172.16.0.8:36050 -> 64.13.134.52:1666 [proto: 903/perforce][Stack: perforce][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
155 TCP 172.16.0.8:36050 -> 64.13.134.52:1719 [proto: 158/H323][Stack: H323][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: VoIP/10][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 156 TCP 172.16.0.8:36050 -> 64.13.134.52:1720 [proto: 833/netmeeting][Stack: netmeeting][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 156 TCP 172.16.0.8:36050 -> 64.13.134.52:1720 [proto: 841/netmeeting][Stack: netmeeting][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
157 TCP 172.16.0.8:36050 -> 64.13.134.52:1723 [proto: 115/PPTP][Stack: PPTP][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 158 TCP 172.16.0.8:36050 -> 64.13.134.52:1755 [proto: 801/MSNetShow][Stack: MSNetShow][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 159 TCP 172.16.0.8:36050 -> 64.13.134.52:1801 [proto: 807/msmq][Stack: msmq][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 158 TCP 172.16.0.8:36050 -> 64.13.134.52:1755 [proto: 809/MSNetShow][Stack: MSNetShow][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 159 TCP 172.16.0.8:36050 -> 64.13.134.52:1801 [proto: 815/msmq][Stack: msmq][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
160 TCP 172.16.0.8:36050 -> 64.13.134.52:1812 [proto: 146/Radius][Stack: Radius][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 161 TCP 172.16.0.8:36050 -> 64.13.134.52:1863 [proto: 808/MSN][Stack: MSN][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 161 TCP 172.16.0.8:36050 -> 64.13.134.52:1863 [proto: 816/MSN][Stack: MSN][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
162 TCP 172.16.0.8:36050 -> 64.13.134.52:1900 [proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: System/18][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
163 TCP 172.16.0.8:36050 -> 64.13.134.52:1935 [proto: 174/RTMP][Stack: RTMP][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Media/1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
164 TCP 172.16.0.8:36050 -> 64.13.134.52:2000 [proto: 164/CiscoSkinny][Stack: CiscoSkinny][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: VoIP/10][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
165 TCP 172.16.0.8:36050 -> 64.13.134.52:2002 [proto: 383/Roughtime][Stack: Roughtime][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: System/18][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
166 TCP 172.16.0.8:36050 -> 64.13.134.52:2049 [proto: 11/NFS][Stack: NFS][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: DataTransfer/4][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
167 TCP 172.16.0.8:36050 -> 64.13.134.52:2190 [proto: 308/TiVoConnect][Stack: TiVoConnect][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Network/14][Breed: Fun][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 168 TCP 172.16.0.8:36050 -> 64.13.134.52:2196 [proto: 488/apple-push][Stack: apple-push][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 169 TCP 172.16.0.8:36050 -> 64.13.134.52:2401 [proto: 577/cvspserver][Stack: cvspserver][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 168 TCP 172.16.0.8:36050 -> 64.13.134.52:2196 [proto: 496/apple-push][Stack: apple-push][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 169 TCP 172.16.0.8:36050 -> 64.13.134.52:2401 [proto: 585/cvspserver][Stack: cvspserver][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
170 TCP 172.16.0.8:36050 -> 64.13.134.52:2604 [proto: 184/OSPF][Stack: OSPF][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Network/14][Breed: Safe][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
171 TCP 172.16.0.8:36050 -> 64.13.134.52:2605 [proto: 13/BGP][Stack: BGP][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 172 TCP 172.16.0.8:36050 -> 64.13.134.52:2701 [proto: 1004/sms][Stack: sms][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 173 TCP 172.16.0.8:36050 -> 64.13.134.52:2702 [proto: 1004/sms][Stack: sms][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 174 TCP 172.16.0.8:36050 -> 64.13.134.52:3001 [proto: 825/NessusSecScan][Stack: NessusSecScan][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 175 TCP 172.16.0.8:36050 -> 64.13.134.52:3031 [proto: 634/eppc][Stack: eppc][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 176 TCP 172.16.0.8:36050 -> 64.13.134.52:3128 [proto: 1021/squid-proxy][Stack: squid-proxy][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 177 TCP 172.16.0.8:36050 -> 64.13.134.52:3268 [proto: 805/msft-gc][Stack: msft-gc][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 178 TCP 172.16.0.8:36050 -> 64.13.134.52:3269 [proto: 805/msft-gc][Stack: msft-gc][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 179 TCP 172.16.0.8:36050 -> 64.13.134.52:3283 [proto: 828/net-assistant][Stack: net-assistant][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 172 TCP 172.16.0.8:36050 -> 64.13.134.52:2701 [proto: 1012/sms][Stack: sms][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 173 TCP 172.16.0.8:36050 -> 64.13.134.52:2702 [proto: 1012/sms][Stack: sms][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 174 TCP 172.16.0.8:36050 -> 64.13.134.52:3001 [proto: 833/NessusSecScan][Stack: NessusSecScan][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 175 TCP 172.16.0.8:36050 -> 64.13.134.52:3031 [proto: 642/eppc][Stack: eppc][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 176 TCP 172.16.0.8:36050 -> 64.13.134.52:3128 [proto: 1029/squid-proxy][Stack: squid-proxy][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 177 TCP 172.16.0.8:36050 -> 64.13.134.52:3268 [proto: 813/msft-gc][Stack: msft-gc][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 178 TCP 172.16.0.8:36050 -> 64.13.134.52:3269 [proto: 813/msft-gc][Stack: msft-gc][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 179 TCP 172.16.0.8:36050 -> 64.13.134.52:3283 [proto: 836/net-assistant][Stack: net-assistant][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
180 TCP 172.16.0.8:36050 -> 64.13.134.52:3300 [proto: 381/Ceph][Stack: Ceph][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: DataTransfer/4][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
181 TCP 172.16.0.8:36050 -> 64.13.134.52:3306 [proto: 20/MySQL][Stack: MySQL][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Database/11][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 182 TCP 172.16.0.8:36050 -> 64.13.134.52:3389 [proto: 942/remotedesktop][Stack: remotedesktop][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 183 TCP 172.16.0.8:36050 -> 64.13.134.52:3659 [proto: 490/apple-sasl][Stack: apple-sasl][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 184 TCP 172.16.0.8:36050 -> 64.13.134.52:3689 [proto: 734/iTunes][Stack: iTunes][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 185 TCP 172.16.0.8:36050 -> 64.13.134.52:3690 [proto: 1043/svn][Stack: svn][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 186 TCP 172.16.0.8:36050 -> 64.13.134.52:4000 [proto: 699/icq][Stack: icq][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 187 TCP 172.16.0.8:36050 -> 64.13.134.52:4111 [proto: 1127/xgrid][Stack: xgrid][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 182 TCP 172.16.0.8:36050 -> 64.13.134.52:3389 [proto: 950/remotedesktop][Stack: remotedesktop][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 183 TCP 172.16.0.8:36050 -> 64.13.134.52:3659 [proto: 498/apple-sasl][Stack: apple-sasl][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 184 TCP 172.16.0.8:36050 -> 64.13.134.52:3689 [proto: 742/iTunes][Stack: iTunes][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 185 TCP 172.16.0.8:36050 -> 64.13.134.52:3690 [proto: 1051/svn][Stack: svn][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 186 TCP 172.16.0.8:36050 -> 64.13.134.52:4000 [proto: 707/icq][Stack: icq][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 187 TCP 172.16.0.8:36050 -> 64.13.134.52:4111 [proto: 1135/xgrid][Stack: xgrid][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
188 TCP 172.16.0.8:36050 -> 64.13.134.52:4343 [proto: 170/Whois-DAS][Stack: Whois-DAS][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
189 TCP 172.16.0.8:36050 -> 64.13.134.52:4662 [proto: 36/eDonkey][Stack: eDonkey][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Download/7][Breed: Unsafe][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
190 TCP 172.16.0.8:36050 -> 64.13.134.52:4899 [proto: 391/Radmin][Stack: Radmin][IP: 0/Unknown][Encrypted][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: RemoteAccess/12][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
191 TCP 172.16.0.8:36050 -> 64.13.134.52:5001 [proto: 243/TargusDataspeed][Stack: TargusDataspeed][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 192 TCP 172.16.0.8:36050 -> 64.13.134.52:5003 [proto: 651/fmpro-internal][Stack: fmpro-internal][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 192 TCP 172.16.0.8:36050 -> 64.13.134.52:5003 [proto: 659/fmpro-internal][Stack: fmpro-internal][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
193 TCP 172.16.0.8:36050 -> 64.13.134.52:5004 [proto: 87/RTP][Stack: RTP][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Media/1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 194 TCP 172.16.0.8:36050 -> 64.13.134.52:5009 [proto: 1116/winfs][Stack: winfs][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 195 TCP 172.16.0.8:36050 -> 64.13.134.52:5050 [proto: 1135/YahooMessenger][Stack: YahooMessenger][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 194 TCP 172.16.0.8:36050 -> 64.13.134.52:5009 [proto: 1124/winfs][Stack: winfs][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 195 TCP 172.16.0.8:36050 -> 64.13.134.52:5050 [proto: 1143/YahooMessenger][Stack: YahooMessenger][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
196 TCP 172.16.0.8:36050 -> 64.13.134.52:5060 [proto: 100/SIP][Stack: SIP][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: VoIP/10][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 197 TCP 172.16.0.8:36050 -> 64.13.134.52:5061 [proto: 997/sip_secure][Stack: sip_secure][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 198 TCP 172.16.0.8:36050 -> 64.13.134.52:5100 [proto: 1014/socalia][Stack: socalia][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 199 TCP 172.16.0.8:36050 -> 64.13.134.52:5190 [proto: 484/aol][Stack: aol][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 200 TCP 172.16.0.8:36050 -> 64.13.134.52:5222 [proto: 1129/xmpp_jabber][Stack: xmpp_jabber][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 201 TCP 172.16.0.8:36050 -> 64.13.134.52:5269 [proto: 1129/xmpp_jabber][Stack: xmpp_jabber][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 197 TCP 172.16.0.8:36050 -> 64.13.134.52:5061 [proto: 1005/sip_secure][Stack: sip_secure][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 198 TCP 172.16.0.8:36050 -> 64.13.134.52:5100 [proto: 1022/socalia][Stack: socalia][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 199 TCP 172.16.0.8:36050 -> 64.13.134.52:5190 [proto: 492/aol][Stack: aol][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 200 TCP 172.16.0.8:36050 -> 64.13.134.52:5222 [proto: 1137/xmpp_jabber][Stack: xmpp_jabber][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 201 TCP 172.16.0.8:36050 -> 64.13.134.52:5269 [proto: 1137/xmpp_jabber][Stack: xmpp_jabber][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
202 TCP 172.16.0.8:36050 -> 64.13.134.52:5432 [proto: 19/PostgreSQL][Stack: PostgreSQL][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Database/11][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 203 TCP 172.16.0.8:36050 -> 64.13.134.52:5555 [proto: 916/Prolin][Stack: Prolin][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 204 TCP 172.16.0.8:36050 -> 64.13.134.52:5631 [proto: 891/pcanywhere][Stack: pcanywhere][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 205 TCP 172.16.0.8:36050 -> 64.13.134.52:5678 [proto: 960/rrac][Stack: rrac][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 203 TCP 172.16.0.8:36050 -> 64.13.134.52:5555 [proto: 924/Prolin][Stack: Prolin][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 204 TCP 172.16.0.8:36050 -> 64.13.134.52:5631 [proto: 899/pcanywhere][Stack: pcanywhere][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 205 TCP 172.16.0.8:36050 -> 64.13.134.52:5678 [proto: 968/rrac][Stack: rrac][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
206 TCP 172.16.0.8:36050 -> 64.13.134.52:5800 [proto: 89/VNC][Stack: VNC][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: RemoteAccess/12][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
207 TCP 172.16.0.8:36050 -> 64.13.134.52:5900 [proto: 89/VNC][Stack: VNC][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: RemoteAccess/12][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
208 TCP 172.16.0.8:36050 -> 64.13.134.52:5901 [proto: 89/VNC][Stack: VNC][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: RemoteAccess/12][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 209 TCP 172.16.0.8:36050 -> 64.13.134.52:5988 [proto: 1109/wbem-http][Stack: wbem-http][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 210 TCP 172.16.0.8:36050 -> 64.13.134.52:6000 [proto: 1122/XWindow][Stack: XWindow][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 209 TCP 172.16.0.8:36050 -> 64.13.134.52:5988 [proto: 1117/wbem-http][Stack: wbem-http][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 210 TCP 172.16.0.8:36050 -> 64.13.134.52:6000 [proto: 1130/XWindow][Stack: XWindow][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
211 TCP 172.16.0.8:36050 -> 64.13.134.52:6112 [proto: 109/GuildWars2][Stack: GuildWars2][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Game/8][Breed: Fun][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
212 TCP 172.16.0.8:36050 -> 64.13.134.52:6346 [proto: 35/Gnutella][Stack: Gnutella][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Download/7][Breed: Potentially_Dangerous][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
213 TCP 172.16.0.8:36050 -> 64.13.134.52:6667 [proto: 65/IRC][Stack: IRC][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Chat/9][Breed: Unsafe][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
214 TCP 172.16.0.8:36050 -> 64.13.134.52:6789 [proto: 381/Ceph][Stack: Ceph][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: DataTransfer/4][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
215 TCP 172.16.0.8:36050 -> 64.13.134.52:6881 [proto: 37/BitTorrent][Stack: BitTorrent][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Download/7][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 216 TCP 172.16.0.8:36050 -> 64.13.134.52:6901 [proto: 809/msnmessenger][Stack: msnmessenger][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 216 TCP 172.16.0.8:36050 -> 64.13.134.52:6901 [proto: 817/msnmessenger][Stack: msnmessenger][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
217 TCP 172.16.0.8:36050 -> 64.13.134.52:7000 [proto: 264/Cassandra][Stack: Cassandra][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Database/11][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 218 TCP 172.16.0.8:36050 -> 64.13.134.52:7070 [proto: 494/arcp][Stack: arcp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 218 TCP 172.16.0.8:36050 -> 64.13.134.52:7070 [proto: 502/arcp][Stack: arcp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
219 TCP 172.16.0.8:36050 -> 64.13.134.52:8000 [proto: 7/HTTP][Stack: HTTP][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Web/5][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 220 TCP 172.16.0.8:36050 -> 64.13.134.52:8007 [proto: 736/jserv][Stack: jserv][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 221 TCP 172.16.0.8:36050 -> 64.13.134.52:8008 [proto: 687/http-s_alt][Stack: http-s_alt][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 222 TCP 172.16.0.8:36050 -> 64.13.134.52:8009 [proto: 996/simco][Stack: simco][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 220 TCP 172.16.0.8:36050 -> 64.13.134.52:8007 [proto: 744/jserv][Stack: jserv][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 221 TCP 172.16.0.8:36050 -> 64.13.134.52:8008 [proto: 695/http-s_alt][Stack: http-s_alt][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 222 TCP 172.16.0.8:36050 -> 64.13.134.52:8009 [proto: 1004/simco][Stack: simco][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
223 TCP 172.16.0.8:36050 -> 64.13.134.52:8010 [proto: 139/AJP][Stack: AJP][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Web/5][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
224 TCP 172.16.0.8:36050 -> 64.13.134.52:8080 [proto: 131/HTTP_Proxy][Stack: HTTP_Proxy][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Web/5][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 225 TCP 172.16.0.8:36050 -> 64.13.134.52:8088 [proto: 936/radan-http][Stack: radan-http][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 226 TCP 172.16.0.8:36050 -> 64.13.134.52:8181 [proto: 720/IPSwitch_IMail][Stack: IPSwitch_IMail][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 227 TCP 172.16.0.8:36050 -> 64.13.134.52:8200 [proto: 667/GoToMeeting][Stack: GoToMeeting][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 225 TCP 172.16.0.8:36050 -> 64.13.134.52:8088 [proto: 944/radan-http][Stack: radan-http][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 226 TCP 172.16.0.8:36050 -> 64.13.134.52:8181 [proto: 728/IPSwitch_IMail][Stack: IPSwitch_IMail][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 227 TCP 172.16.0.8:36050 -> 64.13.134.52:8200 [proto: 675/GoToMeeting][Stack: GoToMeeting][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
228 TCP 172.16.0.8:36050 -> 64.13.134.52:8333 [proto: 343/BITCOIN][Stack: BITCOIN][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Crypto_Currency/106][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 229 TCP 172.16.0.8:36050 -> 64.13.134.52:8383 [proto: 720/IPSwitch_IMail][Stack: IPSwitch_IMail][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 230 TCP 172.16.0.8:36050 -> 64.13.134.52:8443 [proto: 893/pcsync-https][Stack: pcsync-https][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 231 TCP 172.16.0.8:36050 -> 64.13.134.52:8800 [proto: 1039/sunwebadmin][Stack: sunwebadmin][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 232 TCP 172.16.0.8:36050 -> 64.13.134.52:9080 [proto: 694/IBM_WebSphere-App][Stack: IBM_WebSphere-App][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 233 TCP 172.16.0.8:36050 -> 64.13.134.52:9100 [proto: 912/printer_pdl][Stack: printer_pdl][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 229 TCP 172.16.0.8:36050 -> 64.13.134.52:8383 [proto: 728/IPSwitch_IMail][Stack: IPSwitch_IMail][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 230 TCP 172.16.0.8:36050 -> 64.13.134.52:8443 [proto: 901/pcsync-https][Stack: pcsync-https][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 231 TCP 172.16.0.8:36050 -> 64.13.134.52:8800 [proto: 1047/sunwebadmin][Stack: sunwebadmin][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 232 TCP 172.16.0.8:36050 -> 64.13.134.52:9080 [proto: 702/IBM_WebSphere-App][Stack: IBM_WebSphere-App][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 233 TCP 172.16.0.8:36050 -> 64.13.134.52:9100 [proto: 920/printer_pdl][Stack: printer_pdl][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
234 TCP 172.16.0.8:36050 -> 64.13.134.52:9418 [proto: 226/Git][Stack: Git][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Collaborative/15][Breed: Safe][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
235 TCP 172.16.0.8:36050 -> 64.13.134.52:9999 [proto: 332/TPLINK_SHP][Stack: TPLINK_SHP][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: IoT-Scada/31][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
236 TCP 172.16.0.8:36050 -> 64.13.134.52:10000 [proto: 161/CiscoVPN][Stack: CiscoVPN][IP: 0/Unknown][Encrypted][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
237 TCP 172.16.0.8:36050 -> 64.13.134.52:20000 [proto: 244/DNP3][Stack: DNP3][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: IoT-Scada/31][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 238 TCP 172.16.0.8:36051 -> 64.13.134.52:1 [proto: 1054/tcpmux][Stack: tcpmux][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 239 TCP 172.16.0.8:36051 -> 64.13.134.52:3 [proto: 558/compressnet][Stack: compressnet][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 240 TCP 172.16.0.8:36051 -> 64.13.134.52:7 [proto: 622/echo][Stack: echo][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 241 TCP 172.16.0.8:36051 -> 64.13.134.52:9 [proto: 603/discard][Stack: discard][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 242 TCP 172.16.0.8:36051 -> 64.13.134.52:13 [proto: 585/daytime][Stack: daytime][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 243 TCP 172.16.0.8:36051 -> 64.13.134.52:17 [proto: 930/qotd][Stack: qotd][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 244 TCP 172.16.0.8:36051 -> 64.13.134.52:19 [proto: 541/chargen][Stack: chargen][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 245 TCP 172.16.0.8:36051 -> 64.13.134.52:20 [proto: 652/ftp][Stack: ftp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 238 TCP 172.16.0.8:36051 -> 64.13.134.52:1 [proto: 1062/tcpmux][Stack: tcpmux][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 239 TCP 172.16.0.8:36051 -> 64.13.134.52:3 [proto: 566/compressnet][Stack: compressnet][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 240 TCP 172.16.0.8:36051 -> 64.13.134.52:7 [proto: 630/echo][Stack: echo][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 241 TCP 172.16.0.8:36051 -> 64.13.134.52:9 [proto: 611/discard][Stack: discard][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 242 TCP 172.16.0.8:36051 -> 64.13.134.52:13 [proto: 593/daytime][Stack: daytime][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 243 TCP 172.16.0.8:36051 -> 64.13.134.52:17 [proto: 938/qotd][Stack: qotd][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 244 TCP 172.16.0.8:36051 -> 64.13.134.52:19 [proto: 549/chargen][Stack: chargen][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 245 TCP 172.16.0.8:36051 -> 64.13.134.52:20 [proto: 660/ftp][Stack: ftp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
246 TCP 172.16.0.8:36051 -> 64.13.134.52:21 [proto: 1/FTP_CONTROL][Stack: FTP_CONTROL][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Download/7][Breed: Unsafe][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unsafe Protocol **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
247 TCP 172.16.0.8:36051 -> 64.13.134.52:23 [proto: 77/Telnet][Stack: Telnet][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: RemoteAccess/12][Breed: Unsafe][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 248 TCP 172.16.0.8:36051 -> 64.13.134.52:33 [proto: 616/dsp][Stack: dsp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 249 TCP 172.16.0.8:36051 -> 64.13.134.52:37 [proto: 1065/time][Stack: time][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 250 TCP 172.16.0.8:36051 -> 64.13.134.52:42 [proto: 1118/wins][Stack: wins][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 251 TCP 172.16.0.8:36051 -> 64.13.134.52:43 [proto: 844/nicname][Stack: nicname][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 252 TCP 172.16.0.8:36051 -> 64.13.134.52:49 [proto: 1050/tacacs][Stack: tacacs][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 253 TCP 172.16.0.8:36051 -> 64.13.134.52:79 [proto: 648/finger][Stack: finger][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 254 TCP 172.16.0.8:36051 -> 64.13.134.52:82 [proto: 1125/xfer][Stack: xfer][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 255 TCP 172.16.0.8:36051 -> 64.13.134.52:83 [proto: 791/mit-ml][Stack: mit-ml][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 256 TCP 172.16.0.8:36051 -> 64.13.134.52:84 [proto: 573/ctf][Stack: ctf][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 257 TCP 172.16.0.8:36051 -> 64.13.134.52:85 [proto: 791/mit-ml][Stack: mit-ml][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 248 TCP 172.16.0.8:36051 -> 64.13.134.52:33 [proto: 624/dsp][Stack: dsp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 249 TCP 172.16.0.8:36051 -> 64.13.134.52:37 [proto: 1073/time][Stack: time][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 250 TCP 172.16.0.8:36051 -> 64.13.134.52:42 [proto: 1126/wins][Stack: wins][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 251 TCP 172.16.0.8:36051 -> 64.13.134.52:43 [proto: 852/nicname][Stack: nicname][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 252 TCP 172.16.0.8:36051 -> 64.13.134.52:49 [proto: 1058/tacacs][Stack: tacacs][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 253 TCP 172.16.0.8:36051 -> 64.13.134.52:79 [proto: 656/finger][Stack: finger][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 254 TCP 172.16.0.8:36051 -> 64.13.134.52:82 [proto: 1133/xfer][Stack: xfer][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 255 TCP 172.16.0.8:36051 -> 64.13.134.52:83 [proto: 799/mit-ml][Stack: mit-ml][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 256 TCP 172.16.0.8:36051 -> 64.13.134.52:84 [proto: 581/ctf][Stack: ctf][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 257 TCP 172.16.0.8:36051 -> 64.13.134.52:85 [proto: 799/mit-ml][Stack: mit-ml][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
258 TCP 172.16.0.8:36051 -> 64.13.134.52:88 [proto: 111/Kerberos][Stack: Kerberos][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 259 TCP 172.16.0.8:36051 -> 64.13.134.52:89 [proto: 1036/su-mit-tg][Stack: su-mit-tg][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 260 TCP 172.16.0.8:36051 -> 64.13.134.52:90 [proto: 610/dnsix][Stack: dnsix][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 261 TCP 172.16.0.8:36051 -> 64.13.134.52:99 [proto: 783/metagram][Stack: metagram][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 262 TCP 172.16.0.8:36051 -> 64.13.134.52:106 [proto: 459/3com-tsmux][Stack: 3com-tsmux][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 263 TCP 172.16.0.8:36051 -> 64.13.134.52:109 [proto: 907/pop2][Stack: pop2][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 259 TCP 172.16.0.8:36051 -> 64.13.134.52:89 [proto: 1044/su-mit-tg][Stack: su-mit-tg][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 260 TCP 172.16.0.8:36051 -> 64.13.134.52:90 [proto: 618/dnsix][Stack: dnsix][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 261 TCP 172.16.0.8:36051 -> 64.13.134.52:99 [proto: 791/metagram][Stack: metagram][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 262 TCP 172.16.0.8:36051 -> 64.13.134.52:106 [proto: 467/3com-tsmux][Stack: 3com-tsmux][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 263 TCP 172.16.0.8:36051 -> 64.13.134.52:109 [proto: 915/pop2][Stack: pop2][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
264 TCP 172.16.0.8:36051 -> 64.13.134.52:110 [proto: 2/POP3][Stack: POP3][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Email/3][Breed: Unsafe][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 265 TCP 172.16.0.8:36051 -> 64.13.134.52:111 [proto: 1038/sunrpc][Stack: sunrpc][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 266 TCP 172.16.0.8:36051 -> 64.13.134.52:119 [proto: 853/nntp][Stack: nntp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 267 TCP 172.16.0.8:36051 -> 64.13.134.52:125 [proto: 757/locus][Stack: locus][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 268 TCP 172.16.0.8:36051 -> 64.13.134.52:135 [proto: 632/epmap][Stack: epmap][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 265 TCP 172.16.0.8:36051 -> 64.13.134.52:111 [proto: 1046/sunrpc][Stack: sunrpc][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 266 TCP 172.16.0.8:36051 -> 64.13.134.52:119 [proto: 861/nntp][Stack: nntp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 267 TCP 172.16.0.8:36051 -> 64.13.134.52:125 [proto: 765/locus][Stack: locus][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 268 TCP 172.16.0.8:36051 -> 64.13.134.52:135 [proto: 640/epmap][Stack: epmap][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
269 TCP 172.16.0.8:36051 -> 64.13.134.52:139 [proto: 10/NetBIOS][Stack: NetBIOS][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: System/18][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
270 TCP 172.16.0.8:36051 -> 64.13.134.52:143 [proto: 4/IMAP][Stack: IMAP][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Email/3][Breed: Unsafe][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 271 TCP 172.16.0.8:36051 -> 64.13.134.52:144 [proto: 1081/uma][Stack: uma][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 272 TCP 172.16.0.8:36051 -> 64.13.134.52:146 [proto: 730/iso-tp][Stack: iso-tp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 271 TCP 172.16.0.8:36051 -> 64.13.134.52:144 [proto: 1089/uma][Stack: uma][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 272 TCP 172.16.0.8:36051 -> 64.13.134.52:146 [proto: 738/iso-tp][Stack: iso-tp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
273 TCP 172.16.0.8:36051 -> 64.13.134.52:161 [proto: 14/SNMP][Stack: SNMP][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 274 TCP 172.16.0.8:36051 -> 64.13.134.52:163 [proto: 553/cmip][Stack: cmip][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 274 TCP 172.16.0.8:36051 -> 64.13.134.52:163 [proto: 561/cmip][Stack: cmip][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
275 TCP 172.16.0.8:36051 -> 64.13.134.52:179 [proto: 13/BGP][Stack: BGP][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 276 TCP 172.16.0.8:36051 -> 64.13.134.52:199 [proto: 1007/smux][Stack: smux][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 277 TCP 172.16.0.8:36051 -> 64.13.134.52:211 [proto: 460/914c_g][Stack: 914c_g][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 278 TCP 172.16.0.8:36051 -> 64.13.134.52:212 [proto: 478/anet][Stack: anet][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 279 TCP 172.16.0.8:36051 -> 64.13.134.52:222 [proto: 963/rsh-spx][Stack: rsh-spx][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 280 TCP 172.16.0.8:36051 -> 64.13.134.52:256 [proto: 937/rap][Stack: rap][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 281 TCP 172.16.0.8:36051 -> 64.13.134.52:259 [proto: 637/esro][Stack: esro][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 282 TCP 172.16.0.8:36051 -> 64.13.134.52:264 [proto: 518/bgmp][Stack: bgmp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 283 TCP 172.16.0.8:36051 -> 64.13.134.52:280 [proto: 684/http-mgm][Stack: http-mgm][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 284 TCP 172.16.0.8:36051 -> 64.13.134.52:301 [proto: 909/port301][Stack: port301][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 285 TCP 172.16.0.8:36051 -> 64.13.134.52:311 [proto: 502/asip][Stack: asip][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 286 TCP 172.16.0.8:36051 -> 64.13.134.52:366 [proto: 870/odmr][Stack: odmr][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 276 TCP 172.16.0.8:36051 -> 64.13.134.52:199 [proto: 1015/smux][Stack: smux][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 277 TCP 172.16.0.8:36051 -> 64.13.134.52:211 [proto: 468/914c_g][Stack: 914c_g][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 278 TCP 172.16.0.8:36051 -> 64.13.134.52:212 [proto: 486/anet][Stack: anet][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 279 TCP 172.16.0.8:36051 -> 64.13.134.52:222 [proto: 971/rsh-spx][Stack: rsh-spx][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 280 TCP 172.16.0.8:36051 -> 64.13.134.52:256 [proto: 945/rap][Stack: rap][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 281 TCP 172.16.0.8:36051 -> 64.13.134.52:259 [proto: 645/esro][Stack: esro][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 282 TCP 172.16.0.8:36051 -> 64.13.134.52:264 [proto: 526/bgmp][Stack: bgmp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 283 TCP 172.16.0.8:36051 -> 64.13.134.52:280 [proto: 692/http-mgm][Stack: http-mgm][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 284 TCP 172.16.0.8:36051 -> 64.13.134.52:301 [proto: 917/port301][Stack: port301][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 285 TCP 172.16.0.8:36051 -> 64.13.134.52:311 [proto: 510/asip][Stack: asip][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 286 TCP 172.16.0.8:36051 -> 64.13.134.52:366 [proto: 878/odmr][Stack: odmr][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
287 TCP 172.16.0.8:36051 -> 64.13.134.52:389 [proto: 112/LDAP][Stack: LDAP][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: System/18][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 288 TCP 172.16.0.8:36051 -> 64.13.134.52:406 [proto: 707/imsp][Stack: imsp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 289 TCP 172.16.0.8:36051 -> 64.13.134.52:407 [proto: 1064/timbuktu][Stack: timbuktu][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 290 TCP 172.16.0.8:36051 -> 64.13.134.52:416 [proto: 995/silverplatter][Stack: silverplatter][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 291 TCP 172.16.0.8:36051 -> 64.13.134.52:417 [proto: 875/onmux][Stack: onmux][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 292 TCP 172.16.0.8:36051 -> 64.13.134.52:425 [proto: 697/icad-elL][Stack: icad-elL][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 293 TCP 172.16.0.8:36051 -> 64.13.134.52:427 [proto: 1044/svrloc][Stack: svrloc][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 294 TCP 172.16.0.8:36051 -> 64.13.134.52:443 [proto: 686/https][Stack: https][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 295 TCP 172.16.0.8:36051 -> 64.13.134.52:444 [proto: 1011/snpp][Stack: snpp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 296 TCP 172.16.0.8:36051 -> 64.13.134.52:445 [proto: 788/microsoft-ds][Stack: microsoft-ds][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 297 TCP 172.16.0.8:36051 -> 64.13.134.52:458 [proto: 489/appleqtc][Stack: appleqtc][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 298 TCP 172.16.0.8:36051 -> 64.13.134.52:464 [proto: 745/kpasswd][Stack: kpasswd][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 299 TCP 172.16.0.8:36051 -> 64.13.134.52:465 [proto: 1086/urd_igmpv3lite][Stack: urd_igmpv3lite][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 300 TCP 172.16.0.8:36051 -> 64.13.134.52:481 [proto: 898/ph][Stack: ph][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 301 TCP 172.16.0.8:36051 -> 64.13.134.52:497 [proto: 581/dantz][Stack: dantz][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 302 TCP 172.16.0.8:36051 -> 64.13.134.52:500 [proto: 726/isakmp][Stack: isakmp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 303 TCP 172.16.0.8:36051 -> 64.13.134.52:512 [proto: 641/exec_comsat][Stack: exec_comsat][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 304 TCP 172.16.0.8:36051 -> 64.13.134.52:513 [proto: 758/login_who][Stack: login_who][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 305 TCP 172.16.0.8:36051 -> 64.13.134.52:514 [proto: 990/shell_syslog][Stack: shell_syslog][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 306 TCP 172.16.0.8:36051 -> 64.13.134.52:515 [proto: 911/printer][Stack: printer][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 307 TCP 172.16.0.8:36051 -> 64.13.134.52:524 [proto: 823/ncp][Stack: ncp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 308 TCP 172.16.0.8:36051 -> 64.13.134.52:541 [proto: 1090/uucp][Stack: uucp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 309 TCP 172.16.0.8:36051 -> 64.13.134.52:543 [proto: 743/klogin][Stack: klogin][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 310 TCP 172.16.0.8:36051 -> 64.13.134.52:544 [proto: 747/kshell][Stack: kshell][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 311 TCP 172.16.0.8:36051 -> 64.13.134.52:545 [proto: 489/appleqtc][Stack: appleqtc][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 288 TCP 172.16.0.8:36051 -> 64.13.134.52:406 [proto: 715/imsp][Stack: imsp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 289 TCP 172.16.0.8:36051 -> 64.13.134.52:407 [proto: 1072/timbuktu][Stack: timbuktu][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 290 TCP 172.16.0.8:36051 -> 64.13.134.52:416 [proto: 1003/silverplatter][Stack: silverplatter][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 291 TCP 172.16.0.8:36051 -> 64.13.134.52:417 [proto: 883/onmux][Stack: onmux][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 292 TCP 172.16.0.8:36051 -> 64.13.134.52:425 [proto: 705/icad-elL][Stack: icad-elL][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 293 TCP 172.16.0.8:36051 -> 64.13.134.52:427 [proto: 1052/svrloc][Stack: svrloc][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 294 TCP 172.16.0.8:36051 -> 64.13.134.52:443 [proto: 694/https][Stack: https][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 295 TCP 172.16.0.8:36051 -> 64.13.134.52:444 [proto: 1019/snpp][Stack: snpp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 296 TCP 172.16.0.8:36051 -> 64.13.134.52:445 [proto: 796/microsoft-ds][Stack: microsoft-ds][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 297 TCP 172.16.0.8:36051 -> 64.13.134.52:458 [proto: 497/appleqtc][Stack: appleqtc][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 298 TCP 172.16.0.8:36051 -> 64.13.134.52:464 [proto: 753/kpasswd][Stack: kpasswd][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 299 TCP 172.16.0.8:36051 -> 64.13.134.52:465 [proto: 1094/urd_igmpv3lite][Stack: urd_igmpv3lite][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 300 TCP 172.16.0.8:36051 -> 64.13.134.52:481 [proto: 906/ph][Stack: ph][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 301 TCP 172.16.0.8:36051 -> 64.13.134.52:497 [proto: 589/dantz][Stack: dantz][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 302 TCP 172.16.0.8:36051 -> 64.13.134.52:500 [proto: 734/isakmp][Stack: isakmp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 303 TCP 172.16.0.8:36051 -> 64.13.134.52:512 [proto: 649/exec_comsat][Stack: exec_comsat][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 304 TCP 172.16.0.8:36051 -> 64.13.134.52:513 [proto: 766/login_who][Stack: login_who][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 305 TCP 172.16.0.8:36051 -> 64.13.134.52:514 [proto: 998/shell_syslog][Stack: shell_syslog][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 306 TCP 172.16.0.8:36051 -> 64.13.134.52:515 [proto: 919/printer][Stack: printer][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 307 TCP 172.16.0.8:36051 -> 64.13.134.52:524 [proto: 831/ncp][Stack: ncp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 308 TCP 172.16.0.8:36051 -> 64.13.134.52:541 [proto: 1098/uucp][Stack: uucp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 309 TCP 172.16.0.8:36051 -> 64.13.134.52:543 [proto: 751/klogin][Stack: klogin][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 310 TCP 172.16.0.8:36051 -> 64.13.134.52:544 [proto: 755/kshell][Stack: kshell][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 311 TCP 172.16.0.8:36051 -> 64.13.134.52:545 [proto: 497/appleqtc][Stack: appleqtc][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
312 TCP 172.16.0.8:36051 -> 64.13.134.52:548 [proto: 97/AFP][Stack: AFP][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: DataTransfer/4][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
313 TCP 172.16.0.8:36051 -> 64.13.134.52:554 [proto: 50/RTSP][Stack: RTSP][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Media/1][Breed: Fun][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 314 TCP 172.16.0.8:36051 -> 64.13.134.52:555 [proto: 614/dsf][Stack: dsf][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 315 TCP 172.16.0.8:36051 -> 64.13.134.52:563 [proto: 854/nntps][Stack: nntps][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 316 TCP 172.16.0.8:36051 -> 64.13.134.52:587 [proto: 1033/submission][Stack: submission][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 317 TCP 172.16.0.8:36051 -> 64.13.134.52:593 [proto: 685/http-rpc-epmap][Stack: http-rpc-epmap][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 318 TCP 172.16.0.8:36051 -> 64.13.134.52:616 [proto: 976/sco][Stack: sco][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 319 TCP 172.16.0.8:36051 -> 64.13.134.52:617 [proto: 976/sco][Stack: sco][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 320 TCP 172.16.0.8:36051 -> 64.13.134.52:625 [proto: 590/dec_dlm][Stack: dec_dlm][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 314 TCP 172.16.0.8:36051 -> 64.13.134.52:555 [proto: 622/dsf][Stack: dsf][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 315 TCP 172.16.0.8:36051 -> 64.13.134.52:563 [proto: 862/nntps][Stack: nntps][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 316 TCP 172.16.0.8:36051 -> 64.13.134.52:587 [proto: 1041/submission][Stack: submission][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 317 TCP 172.16.0.8:36051 -> 64.13.134.52:593 [proto: 693/http-rpc-epmap][Stack: http-rpc-epmap][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 318 TCP 172.16.0.8:36051 -> 64.13.134.52:616 [proto: 984/sco][Stack: sco][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 319 TCP 172.16.0.8:36051 -> 64.13.134.52:617 [proto: 984/sco][Stack: sco][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 320 TCP 172.16.0.8:36051 -> 64.13.134.52:625 [proto: 598/dec_dlm][Stack: dec_dlm][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
321 TCP 172.16.0.8:36051 -> 64.13.134.52:631 [proto: 6/IPP][Stack: IPP][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: System/18][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 322 TCP 172.16.0.8:36051 -> 64.13.134.52:636 [proto: 752/ldaps][Stack: ldaps][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 322 TCP 172.16.0.8:36051 -> 64.13.134.52:636 [proto: 760/ldaps][Stack: ldaps][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
323 TCP 172.16.0.8:36051 -> 64.13.134.52:646 [proto: 409/LDP][Stack: LDP][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 324 TCP 172.16.0.8:36051 -> 64.13.134.52:648 [proto: 962/rrp][Stack: rrp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 325 TCP 172.16.0.8:36051 -> 64.13.134.52:666 [proto: 777/mdqs][Stack: mdqs][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 326 TCP 172.16.0.8:36051 -> 64.13.134.52:667 [proto: 604/disclose][Stack: disclose][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 327 TCP 172.16.0.8:36051 -> 64.13.134.52:668 [proto: 778/mecomm][Stack: mecomm][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 328 TCP 172.16.0.8:36051 -> 64.13.134.52:683 [proto: 563/corba-iiop][Stack: corba-iiop][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 329 TCP 172.16.0.8:36051 -> 64.13.134.52:687 [proto: 503/asipwismar][Stack: asipwismar][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 330 TCP 172.16.0.8:36051 -> 64.13.134.52:691 [proto: 804/msexch-routing][Stack: msexch-routing][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 331 TCP 172.16.0.8:36051 -> 64.13.134.52:700 [proto: 633/epp][Stack: epp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 332 TCP 172.16.0.8:36051 -> 64.13.134.52:705 [proto: 473/agentx][Stack: agentx][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 333 TCP 172.16.0.8:36051 -> 64.13.134.52:711 [proto: 546/cisco-tdp][Stack: cisco-tdp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 334 TCP 172.16.0.8:36051 -> 64.13.134.52:714 [proto: 724/iris][Stack: iris][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 324 TCP 172.16.0.8:36051 -> 64.13.134.52:648 [proto: 970/rrp][Stack: rrp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 325 TCP 172.16.0.8:36051 -> 64.13.134.52:666 [proto: 785/mdqs][Stack: mdqs][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 326 TCP 172.16.0.8:36051 -> 64.13.134.52:667 [proto: 612/disclose][Stack: disclose][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 327 TCP 172.16.0.8:36051 -> 64.13.134.52:668 [proto: 786/mecomm][Stack: mecomm][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 328 TCP 172.16.0.8:36051 -> 64.13.134.52:683 [proto: 571/corba-iiop][Stack: corba-iiop][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 329 TCP 172.16.0.8:36051 -> 64.13.134.52:687 [proto: 511/asipwismar][Stack: asipwismar][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 330 TCP 172.16.0.8:36051 -> 64.13.134.52:691 [proto: 812/msexch-routing][Stack: msexch-routing][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 331 TCP 172.16.0.8:36051 -> 64.13.134.52:700 [proto: 641/epp][Stack: epp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 332 TCP 172.16.0.8:36051 -> 64.13.134.52:705 [proto: 481/agentx][Stack: agentx][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 333 TCP 172.16.0.8:36051 -> 64.13.134.52:711 [proto: 554/cisco-tdp][Stack: cisco-tdp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 334 TCP 172.16.0.8:36051 -> 64.13.134.52:714 [proto: 732/iris][Stack: iris][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
335 TCP 172.16.0.8:36051 -> 64.13.134.52:749 [proto: 111/Kerberos][Stack: Kerberos][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 336 TCP 172.16.0.8:36051 -> 64.13.134.52:765 [proto: 1111/webster][Stack: webster][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 337 TCP 172.16.0.8:36051 -> 64.13.134.52:777 [proto: 815/multiling-http][Stack: multiling-http][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 338 TCP 172.16.0.8:36051 -> 64.13.134.52:800 [proto: 775/mdbs_daemon][Stack: mdbs_daemon][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 339 TCP 172.16.0.8:36051 -> 64.13.134.52:801 [proto: 598/device][Stack: device][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 336 TCP 172.16.0.8:36051 -> 64.13.134.52:765 [proto: 1119/webster][Stack: webster][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 337 TCP 172.16.0.8:36051 -> 64.13.134.52:777 [proto: 823/multiling-http][Stack: multiling-http][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 338 TCP 172.16.0.8:36051 -> 64.13.134.52:800 [proto: 783/mdbs_daemon][Stack: mdbs_daemon][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 339 TCP 172.16.0.8:36051 -> 64.13.134.52:801 [proto: 606/device][Stack: device][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
340 TCP 172.16.0.8:36051 -> 64.13.134.52:873 [proto: 166/RSYNC][Stack: RSYNC][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: DataTransfer/4][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 341 TCP 172.16.0.8:36051 -> 64.13.134.52:888 [proto: 464/accessbuilder][Stack: accessbuilder][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 342 TCP 172.16.0.8:36051 -> 64.13.134.52:900 [proto: 873/omginitialrefs][Stack: omginitialrefs][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 343 TCP 172.16.0.8:36051 -> 64.13.134.52:901 [proto: 1002/smpnameres][Stack: smpnameres][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 344 TCP 172.16.0.8:36051 -> 64.13.134.52:902 [proto: 700/ideafarm][Stack: ideafarm][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 345 TCP 172.16.0.8:36051 -> 64.13.134.52:903 [proto: 700/ideafarm][Stack: ideafarm][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 346 TCP 172.16.0.8:36051 -> 64.13.134.52:911 [proto: 1123/xact-backup][Stack: xact-backup][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 347 TCP 172.16.0.8:36051 -> 64.13.134.52:912 [proto: 486/apex][Stack: apex][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 341 TCP 172.16.0.8:36051 -> 64.13.134.52:888 [proto: 472/accessbuilder][Stack: accessbuilder][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 342 TCP 172.16.0.8:36051 -> 64.13.134.52:900 [proto: 881/omginitialrefs][Stack: omginitialrefs][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 343 TCP 172.16.0.8:36051 -> 64.13.134.52:901 [proto: 1010/smpnameres][Stack: smpnameres][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 344 TCP 172.16.0.8:36051 -> 64.13.134.52:902 [proto: 708/ideafarm][Stack: ideafarm][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 345 TCP 172.16.0.8:36051 -> 64.13.134.52:903 [proto: 708/ideafarm][Stack: ideafarm][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 346 TCP 172.16.0.8:36051 -> 64.13.134.52:911 [proto: 1131/xact-backup][Stack: xact-backup][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 347 TCP 172.16.0.8:36051 -> 64.13.134.52:912 [proto: 494/apex][Stack: apex][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
348 TCP 172.16.0.8:36051 -> 64.13.134.52:990 [proto: 311/FTPS][Stack: FTPS][IP: 0/Unknown][Encrypted][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Download/7][Breed: Unsafe][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][nDPI Fingerprint: 8a78112b25c216ad058df2e9ca4ef668][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 349 TCP 172.16.0.8:36051 -> 64.13.134.52:992 [proto: 1059/telnets][Stack: telnets][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 349 TCP 172.16.0.8:36051 -> 64.13.134.52:992 [proto: 1067/telnets][Stack: telnets][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
350 TCP 172.16.0.8:36051 -> 64.13.134.52:993 [proto: 51/IMAPS][Stack: IMAPS][IP: 0/Unknown][Encrypted][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Email/3][Breed: Safe][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][nDPI Fingerprint: dc35321a2b21259e06875b77f1765678][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 351 TCP 172.16.0.8:36051 -> 64.13.134.52:995 [proto: 908/pop3s][Stack: pop3s][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 352 TCP 172.16.0.8:36051 -> 64.13.134.52:999 [proto: 657/garcon_applix][Stack: garcon_applix][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 353 TCP 172.16.0.8:36051 -> 64.13.134.52:1000 [proto: 533/cadlock2][Stack: cadlock2][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 354 TCP 172.16.0.8:36051 -> 64.13.134.52:1010 [proto: 1041/surf][Stack: surf][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 355 TCP 172.16.0.8:36051 -> 64.13.134.52:1021 [proto: 642/exp1][Stack: exp1][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 356 TCP 172.16.0.8:36051 -> 64.13.134.52:1022 [proto: 643/exp2][Stack: exp2][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 357 TCP 172.16.0.8:36051 -> 64.13.134.52:1023 [proto: 537/carboncopy][Stack: carboncopy][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 358 TCP 172.16.0.8:36051 -> 64.13.134.52:1034 [proto: 469/activesync][Stack: activesync][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 359 TCP 172.16.0.8:36051 -> 64.13.134.52:1037 [proto: 476/ams][Stack: ams][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 360 TCP 172.16.0.8:36051 -> 64.13.134.52:1042 [proto: 472/afrog][Stack: afrog][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 361 TCP 172.16.0.8:36051 -> 64.13.134.52:1055 [proto: 482/ansyslmd][Stack: ansyslmd][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 362 TCP 172.16.0.8:36051 -> 64.13.134.52:1078 [proto: 513/avocent-proxy][Stack: avocent-proxy][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 363 TCP 172.16.0.8:36051 -> 64.13.134.52:1079 [proto: 504/asprovatalk][Stack: asprovatalk][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 351 TCP 172.16.0.8:36051 -> 64.13.134.52:995 [proto: 916/pop3s][Stack: pop3s][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 352 TCP 172.16.0.8:36051 -> 64.13.134.52:999 [proto: 665/garcon_applix][Stack: garcon_applix][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 353 TCP 172.16.0.8:36051 -> 64.13.134.52:1000 [proto: 541/cadlock2][Stack: cadlock2][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 354 TCP 172.16.0.8:36051 -> 64.13.134.52:1010 [proto: 1049/surf][Stack: surf][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 355 TCP 172.16.0.8:36051 -> 64.13.134.52:1021 [proto: 650/exp1][Stack: exp1][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 356 TCP 172.16.0.8:36051 -> 64.13.134.52:1022 [proto: 651/exp2][Stack: exp2][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 357 TCP 172.16.0.8:36051 -> 64.13.134.52:1023 [proto: 545/carboncopy][Stack: carboncopy][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 358 TCP 172.16.0.8:36051 -> 64.13.134.52:1034 [proto: 477/activesync][Stack: activesync][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 359 TCP 172.16.0.8:36051 -> 64.13.134.52:1037 [proto: 484/ams][Stack: ams][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 360 TCP 172.16.0.8:36051 -> 64.13.134.52:1042 [proto: 480/afrog][Stack: afrog][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 361 TCP 172.16.0.8:36051 -> 64.13.134.52:1055 [proto: 490/ansyslmd][Stack: ansyslmd][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 362 TCP 172.16.0.8:36051 -> 64.13.134.52:1078 [proto: 521/avocent-proxy][Stack: avocent-proxy][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 363 TCP 172.16.0.8:36051 -> 64.13.134.52:1079 [proto: 512/asprovatalk][Stack: asprovatalk][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
364 TCP 172.16.0.8:36051 -> 64.13.134.52:1080 [proto: 172/SOCKS][Stack: SOCKS][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Web/5][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 365 TCP 172.16.0.8:36051 -> 64.13.134.52:1082 [proto: 477/amt-esd-prot][Stack: amt-esd-prot][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 366 TCP 172.16.0.8:36051 -> 64.13.134.52:1083 [proto: 481/ansoft-lm][Stack: ansoft-lm][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 367 TCP 172.16.0.8:36051 -> 64.13.134.52:1084 [proto: 481/ansoft-lm][Stack: ansoft-lm][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 368 TCP 172.16.0.8:36051 -> 64.13.134.52:1085 [proto: 1110/webobjects][Stack: webobjects][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 369 TCP 172.16.0.8:36051 -> 64.13.134.52:1098 [proto: 955/rmi][Stack: rmi][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 370 TCP 172.16.0.8:36051 -> 64.13.134.52:1099 [proto: 955/rmi][Stack: rmi][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 371 TCP 172.16.0.8:36051 -> 64.13.134.52:1102 [proto: 470/adobeserver][Stack: adobeserver][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 372 TCP 172.16.0.8:36051 -> 64.13.134.52:1110 [proto: 843/nfsd][Stack: nfsd][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 373 TCP 172.16.0.8:36051 -> 64.13.134.52:1117 [proto: 495/ardus][Stack: ardus][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 365 TCP 172.16.0.8:36051 -> 64.13.134.52:1082 [proto: 485/amt-esd-prot][Stack: amt-esd-prot][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 366 TCP 172.16.0.8:36051 -> 64.13.134.52:1083 [proto: 489/ansoft-lm][Stack: ansoft-lm][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 367 TCP 172.16.0.8:36051 -> 64.13.134.52:1084 [proto: 489/ansoft-lm][Stack: ansoft-lm][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 368 TCP 172.16.0.8:36051 -> 64.13.134.52:1085 [proto: 1118/webobjects][Stack: webobjects][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 369 TCP 172.16.0.8:36051 -> 64.13.134.52:1098 [proto: 963/rmi][Stack: rmi][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 370 TCP 172.16.0.8:36051 -> 64.13.134.52:1099 [proto: 963/rmi][Stack: rmi][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 371 TCP 172.16.0.8:36051 -> 64.13.134.52:1102 [proto: 478/adobeserver][Stack: adobeserver][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 372 TCP 172.16.0.8:36051 -> 64.13.134.52:1110 [proto: 851/nfsd][Stack: nfsd][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 373 TCP 172.16.0.8:36051 -> 64.13.134.52:1117 [proto: 503/ardus][Stack: ardus][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
374 TCP 172.16.0.8:36051 -> 64.13.134.52:1119 [proto: 213/Blizzard][Stack: Blizzard][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Game/8][Breed: Fun][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 375 TCP 172.16.0.8:36051 -> 64.13.134.52:1122 [proto: 511/availant-mgr][Stack: availant-mgr][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 376 TCP 172.16.0.8:36051 -> 64.13.134.52:1352 [proto: 759/lotusnote][Stack: lotusnote][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 377 TCP 172.16.0.8:36051 -> 64.13.134.52:1433 [proto: 813/ms-sql][Stack: ms-sql][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 375 TCP 172.16.0.8:36051 -> 64.13.134.52:1122 [proto: 519/availant-mgr][Stack: availant-mgr][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 376 TCP 172.16.0.8:36051 -> 64.13.134.52:1352 [proto: 767/lotusnote][Stack: lotusnote][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 377 TCP 172.16.0.8:36051 -> 64.13.134.52:1433 [proto: 821/ms-sql][Stack: ms-sql][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
378 TCP 172.16.0.8:36051 -> 64.13.134.52:1434 [proto: 114/MsSQL-TDS][Stack: MsSQL-TDS][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Database/11][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 379 TCP 172.16.0.8:36051 -> 64.13.134.52:1494 [proto: 548/citrix_ica][Stack: citrix_ica][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 380 TCP 172.16.0.8:36051 -> 64.13.134.52:1503 [proto: 833/netmeeting][Stack: netmeeting][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 379 TCP 172.16.0.8:36051 -> 64.13.134.52:1494 [proto: 556/citrix_ica][Stack: citrix_ica][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 380 TCP 172.16.0.8:36051 -> 64.13.134.52:1503 [proto: 841/netmeeting][Stack: netmeeting][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
381 TCP 172.16.0.8:36051 -> 64.13.134.52:1521 [proto: 167/Oracle][Stack: Oracle][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Database/11][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 382 TCP 172.16.0.8:36051 -> 64.13.134.52:1524 [proto: 883/oracle_1522-1546][Stack: oracle_1522-1546][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 383 TCP 172.16.0.8:36051 -> 64.13.134.52:1533 [proto: 883/oracle_1522-1546][Stack: oracle_1522-1546][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 384 TCP 172.16.0.8:36051 -> 64.13.134.52:1666 [proto: 895/perforce][Stack: perforce][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 382 TCP 172.16.0.8:36051 -> 64.13.134.52:1524 [proto: 891/oracle_1522-1546][Stack: oracle_1522-1546][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 383 TCP 172.16.0.8:36051 -> 64.13.134.52:1533 [proto: 891/oracle_1522-1546][Stack: oracle_1522-1546][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 384 TCP 172.16.0.8:36051 -> 64.13.134.52:1666 [proto: 903/perforce][Stack: perforce][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
385 TCP 172.16.0.8:36051 -> 64.13.134.52:1719 [proto: 158/H323][Stack: H323][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: VoIP/10][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 386 TCP 172.16.0.8:36051 -> 64.13.134.52:1720 [proto: 833/netmeeting][Stack: netmeeting][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 386 TCP 172.16.0.8:36051 -> 64.13.134.52:1720 [proto: 841/netmeeting][Stack: netmeeting][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
387 TCP 172.16.0.8:36051 -> 64.13.134.52:1723 [proto: 115/PPTP][Stack: PPTP][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 388 TCP 172.16.0.8:36051 -> 64.13.134.52:1755 [proto: 801/MSNetShow][Stack: MSNetShow][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 389 TCP 172.16.0.8:36051 -> 64.13.134.52:1801 [proto: 807/msmq][Stack: msmq][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 388 TCP 172.16.0.8:36051 -> 64.13.134.52:1755 [proto: 809/MSNetShow][Stack: MSNetShow][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 389 TCP 172.16.0.8:36051 -> 64.13.134.52:1801 [proto: 815/msmq][Stack: msmq][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
390 TCP 172.16.0.8:36051 -> 64.13.134.52:1812 [proto: 146/Radius][Stack: Radius][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 391 TCP 172.16.0.8:36051 -> 64.13.134.52:1863 [proto: 808/MSN][Stack: MSN][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 391 TCP 172.16.0.8:36051 -> 64.13.134.52:1863 [proto: 816/MSN][Stack: MSN][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
392 TCP 172.16.0.8:36051 -> 64.13.134.52:1900 [proto: 12/SSDP][Stack: SSDP][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: System/18][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
393 TCP 172.16.0.8:36051 -> 64.13.134.52:1935 [proto: 174/RTMP][Stack: RTMP][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Media/1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
394 TCP 172.16.0.8:36051 -> 64.13.134.52:2000 [proto: 164/CiscoSkinny][Stack: CiscoSkinny][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: VoIP/10][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
395 TCP 172.16.0.8:36051 -> 64.13.134.52:2002 [proto: 383/Roughtime][Stack: Roughtime][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: System/18][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
396 TCP 172.16.0.8:36051 -> 64.13.134.52:2049 [proto: 11/NFS][Stack: NFS][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: DataTransfer/4][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
397 TCP 172.16.0.8:36051 -> 64.13.134.52:2190 [proto: 308/TiVoConnect][Stack: TiVoConnect][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Network/14][Breed: Fun][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 398 TCP 172.16.0.8:36051 -> 64.13.134.52:2196 [proto: 488/apple-push][Stack: apple-push][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 399 TCP 172.16.0.8:36051 -> 64.13.134.52:2401 [proto: 577/cvspserver][Stack: cvspserver][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 398 TCP 172.16.0.8:36051 -> 64.13.134.52:2196 [proto: 496/apple-push][Stack: apple-push][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 399 TCP 172.16.0.8:36051 -> 64.13.134.52:2401 [proto: 585/cvspserver][Stack: cvspserver][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
400 TCP 172.16.0.8:36051 -> 64.13.134.52:2604 [proto: 184/OSPF][Stack: OSPF][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Network/14][Breed: Safe][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
401 TCP 172.16.0.8:36051 -> 64.13.134.52:2605 [proto: 13/BGP][Stack: BGP][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 402 TCP 172.16.0.8:36051 -> 64.13.134.52:2701 [proto: 1004/sms][Stack: sms][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 403 TCP 172.16.0.8:36051 -> 64.13.134.52:2702 [proto: 1004/sms][Stack: sms][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 404 TCP 172.16.0.8:36051 -> 64.13.134.52:3001 [proto: 825/NessusSecScan][Stack: NessusSecScan][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 405 TCP 172.16.0.8:36051 -> 64.13.134.52:3031 [proto: 634/eppc][Stack: eppc][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 406 TCP 172.16.0.8:36051 -> 64.13.134.52:3128 [proto: 1021/squid-proxy][Stack: squid-proxy][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 407 TCP 172.16.0.8:36051 -> 64.13.134.52:3268 [proto: 805/msft-gc][Stack: msft-gc][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 408 TCP 172.16.0.8:36051 -> 64.13.134.52:3269 [proto: 805/msft-gc][Stack: msft-gc][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 409 TCP 172.16.0.8:36051 -> 64.13.134.52:3283 [proto: 828/net-assistant][Stack: net-assistant][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 402 TCP 172.16.0.8:36051 -> 64.13.134.52:2701 [proto: 1012/sms][Stack: sms][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 403 TCP 172.16.0.8:36051 -> 64.13.134.52:2702 [proto: 1012/sms][Stack: sms][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 404 TCP 172.16.0.8:36051 -> 64.13.134.52:3001 [proto: 833/NessusSecScan][Stack: NessusSecScan][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 405 TCP 172.16.0.8:36051 -> 64.13.134.52:3031 [proto: 642/eppc][Stack: eppc][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 406 TCP 172.16.0.8:36051 -> 64.13.134.52:3128 [proto: 1029/squid-proxy][Stack: squid-proxy][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 407 TCP 172.16.0.8:36051 -> 64.13.134.52:3268 [proto: 813/msft-gc][Stack: msft-gc][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 408 TCP 172.16.0.8:36051 -> 64.13.134.52:3269 [proto: 813/msft-gc][Stack: msft-gc][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 409 TCP 172.16.0.8:36051 -> 64.13.134.52:3283 [proto: 836/net-assistant][Stack: net-assistant][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
410 TCP 172.16.0.8:36051 -> 64.13.134.52:3300 [proto: 381/Ceph][Stack: Ceph][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: DataTransfer/4][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
411 TCP 172.16.0.8:36051 -> 64.13.134.52:3306 [proto: 20/MySQL][Stack: MySQL][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Database/11][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 412 TCP 172.16.0.8:36051 -> 64.13.134.52:3389 [proto: 942/remotedesktop][Stack: remotedesktop][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 413 TCP 172.16.0.8:36051 -> 64.13.134.52:3659 [proto: 490/apple-sasl][Stack: apple-sasl][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 414 TCP 172.16.0.8:36051 -> 64.13.134.52:3689 [proto: 734/iTunes][Stack: iTunes][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 415 TCP 172.16.0.8:36051 -> 64.13.134.52:3690 [proto: 1043/svn][Stack: svn][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 416 TCP 172.16.0.8:36051 -> 64.13.134.52:4000 [proto: 699/icq][Stack: icq][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 417 TCP 172.16.0.8:36051 -> 64.13.134.52:4111 [proto: 1127/xgrid][Stack: xgrid][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 412 TCP 172.16.0.8:36051 -> 64.13.134.52:3389 [proto: 950/remotedesktop][Stack: remotedesktop][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 413 TCP 172.16.0.8:36051 -> 64.13.134.52:3659 [proto: 498/apple-sasl][Stack: apple-sasl][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 414 TCP 172.16.0.8:36051 -> 64.13.134.52:3689 [proto: 742/iTunes][Stack: iTunes][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 415 TCP 172.16.0.8:36051 -> 64.13.134.52:3690 [proto: 1051/svn][Stack: svn][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 416 TCP 172.16.0.8:36051 -> 64.13.134.52:4000 [proto: 707/icq][Stack: icq][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 417 TCP 172.16.0.8:36051 -> 64.13.134.52:4111 [proto: 1135/xgrid][Stack: xgrid][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
418 TCP 172.16.0.8:36051 -> 64.13.134.52:4343 [proto: 170/Whois-DAS][Stack: Whois-DAS][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
419 TCP 172.16.0.8:36051 -> 64.13.134.52:4662 [proto: 36/eDonkey][Stack: eDonkey][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Download/7][Breed: Unsafe][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
420 TCP 172.16.0.8:36051 -> 64.13.134.52:4899 [proto: 391/Radmin][Stack: Radmin][IP: 0/Unknown][Encrypted][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: RemoteAccess/12][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
421 TCP 172.16.0.8:36051 -> 64.13.134.52:5001 [proto: 243/TargusDataspeed][Stack: TargusDataspeed][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 422 TCP 172.16.0.8:36051 -> 64.13.134.52:5003 [proto: 651/fmpro-internal][Stack: fmpro-internal][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 422 TCP 172.16.0.8:36051 -> 64.13.134.52:5003 [proto: 659/fmpro-internal][Stack: fmpro-internal][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
423 TCP 172.16.0.8:36051 -> 64.13.134.52:5004 [proto: 87/RTP][Stack: RTP][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Media/1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 424 TCP 172.16.0.8:36051 -> 64.13.134.52:5009 [proto: 1116/winfs][Stack: winfs][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 425 TCP 172.16.0.8:36051 -> 64.13.134.52:5050 [proto: 1135/YahooMessenger][Stack: YahooMessenger][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 424 TCP 172.16.0.8:36051 -> 64.13.134.52:5009 [proto: 1124/winfs][Stack: winfs][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 425 TCP 172.16.0.8:36051 -> 64.13.134.52:5050 [proto: 1143/YahooMessenger][Stack: YahooMessenger][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
426 TCP 172.16.0.8:36051 -> 64.13.134.52:5060 [proto: 100/SIP][Stack: SIP][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: VoIP/10][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 427 TCP 172.16.0.8:36051 -> 64.13.134.52:5061 [proto: 997/sip_secure][Stack: sip_secure][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 428 TCP 172.16.0.8:36051 -> 64.13.134.52:5100 [proto: 1014/socalia][Stack: socalia][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 429 TCP 172.16.0.8:36051 -> 64.13.134.52:5190 [proto: 484/aol][Stack: aol][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 430 TCP 172.16.0.8:36051 -> 64.13.134.52:5222 [proto: 1129/xmpp_jabber][Stack: xmpp_jabber][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 431 TCP 172.16.0.8:36051 -> 64.13.134.52:5269 [proto: 1129/xmpp_jabber][Stack: xmpp_jabber][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 427 TCP 172.16.0.8:36051 -> 64.13.134.52:5061 [proto: 1005/sip_secure][Stack: sip_secure][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 428 TCP 172.16.0.8:36051 -> 64.13.134.52:5100 [proto: 1022/socalia][Stack: socalia][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 429 TCP 172.16.0.8:36051 -> 64.13.134.52:5190 [proto: 492/aol][Stack: aol][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 430 TCP 172.16.0.8:36051 -> 64.13.134.52:5222 [proto: 1137/xmpp_jabber][Stack: xmpp_jabber][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 431 TCP 172.16.0.8:36051 -> 64.13.134.52:5269 [proto: 1137/xmpp_jabber][Stack: xmpp_jabber][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
432 TCP 172.16.0.8:36051 -> 64.13.134.52:5432 [proto: 19/PostgreSQL][Stack: PostgreSQL][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Database/11][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 433 TCP 172.16.0.8:36051 -> 64.13.134.52:5555 [proto: 916/Prolin][Stack: Prolin][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 434 TCP 172.16.0.8:36051 -> 64.13.134.52:5631 [proto: 891/pcanywhere][Stack: pcanywhere][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 435 TCP 172.16.0.8:36051 -> 64.13.134.52:5678 [proto: 960/rrac][Stack: rrac][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 433 TCP 172.16.0.8:36051 -> 64.13.134.52:5555 [proto: 924/Prolin][Stack: Prolin][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 434 TCP 172.16.0.8:36051 -> 64.13.134.52:5631 [proto: 899/pcanywhere][Stack: pcanywhere][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 435 TCP 172.16.0.8:36051 -> 64.13.134.52:5678 [proto: 968/rrac][Stack: rrac][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
436 TCP 172.16.0.8:36051 -> 64.13.134.52:5800 [proto: 89/VNC][Stack: VNC][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: RemoteAccess/12][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
437 TCP 172.16.0.8:36051 -> 64.13.134.52:5900 [proto: 89/VNC][Stack: VNC][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: RemoteAccess/12][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
438 TCP 172.16.0.8:36051 -> 64.13.134.52:5901 [proto: 89/VNC][Stack: VNC][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: RemoteAccess/12][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 439 TCP 172.16.0.8:36051 -> 64.13.134.52:5988 [proto: 1109/wbem-http][Stack: wbem-http][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 440 TCP 172.16.0.8:36051 -> 64.13.134.52:6000 [proto: 1122/XWindow][Stack: XWindow][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 439 TCP 172.16.0.8:36051 -> 64.13.134.52:5988 [proto: 1117/wbem-http][Stack: wbem-http][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 440 TCP 172.16.0.8:36051 -> 64.13.134.52:6000 [proto: 1130/XWindow][Stack: XWindow][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
441 TCP 172.16.0.8:36051 -> 64.13.134.52:6112 [proto: 109/GuildWars2][Stack: GuildWars2][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Game/8][Breed: Fun][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
442 TCP 172.16.0.8:36051 -> 64.13.134.52:6346 [proto: 35/Gnutella][Stack: Gnutella][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Download/7][Breed: Potentially_Dangerous][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
443 TCP 172.16.0.8:36051 -> 64.13.134.52:6667 [proto: 65/IRC][Stack: IRC][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Chat/9][Breed: Unsafe][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
444 TCP 172.16.0.8:36051 -> 64.13.134.52:6789 [proto: 381/Ceph][Stack: Ceph][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: DataTransfer/4][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
445 TCP 172.16.0.8:36051 -> 64.13.134.52:6881 [proto: 37/BitTorrent][Stack: BitTorrent][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Download/7][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 446 TCP 172.16.0.8:36051 -> 64.13.134.52:6901 [proto: 809/msnmessenger][Stack: msnmessenger][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 446 TCP 172.16.0.8:36051 -> 64.13.134.52:6901 [proto: 817/msnmessenger][Stack: msnmessenger][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
447 TCP 172.16.0.8:36051 -> 64.13.134.52:7000 [proto: 264/Cassandra][Stack: Cassandra][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Database/11][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 448 TCP 172.16.0.8:36051 -> 64.13.134.52:7070 [proto: 494/arcp][Stack: arcp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 448 TCP 172.16.0.8:36051 -> 64.13.134.52:7070 [proto: 502/arcp][Stack: arcp][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
449 TCP 172.16.0.8:36051 -> 64.13.134.52:8000 [proto: 7/HTTP][Stack: HTTP][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Web/5][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 450 TCP 172.16.0.8:36051 -> 64.13.134.52:8007 [proto: 736/jserv][Stack: jserv][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 451 TCP 172.16.0.8:36051 -> 64.13.134.52:8008 [proto: 687/http-s_alt][Stack: http-s_alt][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 452 TCP 172.16.0.8:36051 -> 64.13.134.52:8009 [proto: 996/simco][Stack: simco][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 450 TCP 172.16.0.8:36051 -> 64.13.134.52:8007 [proto: 744/jserv][Stack: jserv][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 451 TCP 172.16.0.8:36051 -> 64.13.134.52:8008 [proto: 695/http-s_alt][Stack: http-s_alt][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 452 TCP 172.16.0.8:36051 -> 64.13.134.52:8009 [proto: 1004/simco][Stack: simco][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
453 TCP 172.16.0.8:36051 -> 64.13.134.52:8010 [proto: 139/AJP][Stack: AJP][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Web/5][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
454 TCP 172.16.0.8:36051 -> 64.13.134.52:8080 [proto: 131/HTTP_Proxy][Stack: HTTP_Proxy][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Web/5][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 455 TCP 172.16.0.8:36051 -> 64.13.134.52:8088 [proto: 936/radan-http][Stack: radan-http][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 456 TCP 172.16.0.8:36051 -> 64.13.134.52:8181 [proto: 720/IPSwitch_IMail][Stack: IPSwitch_IMail][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 457 TCP 172.16.0.8:36051 -> 64.13.134.52:8200 [proto: 667/GoToMeeting][Stack: GoToMeeting][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 455 TCP 172.16.0.8:36051 -> 64.13.134.52:8088 [proto: 944/radan-http][Stack: radan-http][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 456 TCP 172.16.0.8:36051 -> 64.13.134.52:8181 [proto: 728/IPSwitch_IMail][Stack: IPSwitch_IMail][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 457 TCP 172.16.0.8:36051 -> 64.13.134.52:8200 [proto: 675/GoToMeeting][Stack: GoToMeeting][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
458 TCP 172.16.0.8:36051 -> 64.13.134.52:8333 [proto: 343/BITCOIN][Stack: BITCOIN][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Crypto_Currency/106][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 459 TCP 172.16.0.8:36051 -> 64.13.134.52:8383 [proto: 720/IPSwitch_IMail][Stack: IPSwitch_IMail][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 460 TCP 172.16.0.8:36051 -> 64.13.134.52:8443 [proto: 893/pcsync-https][Stack: pcsync-https][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 461 TCP 172.16.0.8:36051 -> 64.13.134.52:8800 [proto: 1039/sunwebadmin][Stack: sunwebadmin][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 462 TCP 172.16.0.8:36051 -> 64.13.134.52:9080 [proto: 694/IBM_WebSphere-App][Stack: IBM_WebSphere-App][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 463 TCP 172.16.0.8:36051 -> 64.13.134.52:9100 [proto: 912/printer_pdl][Stack: printer_pdl][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 459 TCP 172.16.0.8:36051 -> 64.13.134.52:8383 [proto: 728/IPSwitch_IMail][Stack: IPSwitch_IMail][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 460 TCP 172.16.0.8:36051 -> 64.13.134.52:8443 [proto: 901/pcsync-https][Stack: pcsync-https][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 461 TCP 172.16.0.8:36051 -> 64.13.134.52:8800 [proto: 1047/sunwebadmin][Stack: sunwebadmin][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 462 TCP 172.16.0.8:36051 -> 64.13.134.52:9080 [proto: 702/IBM_WebSphere-App][Stack: IBM_WebSphere-App][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 463 TCP 172.16.0.8:36051 -> 64.13.134.52:9100 [proto: 920/printer_pdl][Stack: printer_pdl][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
464 TCP 172.16.0.8:36051 -> 64.13.134.52:9418 [proto: 226/Git][Stack: Git][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Collaborative/15][Breed: Safe][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
465 TCP 172.16.0.8:36051 -> 64.13.134.52:9999 [proto: 332/TPLINK_SHP][Stack: TPLINK_SHP][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: IoT-Scada/31][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
466 TCP 172.16.0.8:36051 -> 64.13.134.52:10000 [proto: 161/CiscoVPN][Stack: CiscoVPN][IP: 0/Unknown][Encrypted][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: VPN/2][Breed: Acceptable][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/monitoring/result/stun_signal.pcapng.out b/tests/cfgs/monitoring/result/stun_signal.pcapng.out
index 47e0a43d0..ad7ad0584 100644
--- a/tests/cfgs/monitoring/result/stun_signal.pcapng.out
+++ b/tests/cfgs/monitoring/result/stun_signal.pcapng.out
@@ -30,26 +30,26 @@ Acceptable 460 48496 23
VoIP 407 43310 21
Network 53 5186 2
- 1 UDP 192.168.12.169:43068 <-> 18.195.131.143:61156 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 265/AmazonAWS][Stream Content: Audio][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 106][DPI packets before monitoring: 33][cat: VoIP/10][Breed: Acceptable][48 pkts/4692 bytes <-> 58 pkts/7630 bytes][Goodput ratio: 57/68][12.11 sec][bytes ratio: -0.238 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 224/234 1055/1059 250/294][Pkt Len c2s/s2c min/avg/max/stddev: 70/70 98/132 146/306 23/72][Mapped IP/Port: 93.47.225.19:11914, 18.195.131.143:61156][RTP packets: 15/1][PLAIN TEXT (BrDwrhkDr//9e)][Plen Bins: 26,31,15,15,5,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 2 UDP 192.168.12.169:47767 <-> 18.195.131.143:61498 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 265/AmazonAWS][Stream Content: Audio][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 53][DPI packets before monitoring: 33][cat: VoIP/10][Breed: Acceptable][18 pkts/1900 bytes <-> 35 pkts/6496 bytes][Goodput ratio: 60/77][2.67 sec][bytes ratio: -0.547 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 173/74 665/630 186/150][Pkt Len c2s/s2c min/avg/max/stddev: 70/70 106/186 146/306 26/92][Mapped IP/Port: 93.47.225.19:11932, 18.195.131.143:61498][RTP packets: 19/1][PLAIN TEXT (80JiLM)][Plen Bins: 13,16,18,18,9,0,0,0,22,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 3 ICMP 35.158.183.167:0 <-> 192.168.12.169:0 [proto: 81/ICMP][Stack: ICMP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 81/ICMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][30 pkts/2780 bytes <-> 4 pkts/552 bytes][Goodput ratio: 55/69][51.83 sec][bytes ratio: 0.669 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 906/1 7931/1 2120/0][Pkt Len c2s/s2c min/avg/max/stddev: 90/138 93/138 98/138 4/0][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: No server to client traffic / Entropy: 5.051 (Executable?)][PLAIN TEXT (BJKHNYBG4)][Plen Bins: 0,88,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 4 UDP 192.168.12.169:43068 <-> 35.158.183.167:3478 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 265/AmazonAWS][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 26][cat: VoIP/10][Breed: Acceptable][13 pkts/1598 bytes <-> 13 pkts/1638 bytes][Goodput ratio: 66/67][31.02 sec][Hostname/SNI: signal.org][bytes ratio: -0.012 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/0 2090/2098 10035/10033 3616/3611][Pkt Len c2s/s2c min/avg/max/stddev: 62/102 123/126 174/190 47/25][Mapped IP/Port: 93.47.225.19:11910, 35.158.183.167:64458, 18.195.131.143:61156][Peer IP/Port: 18.195.131.143:61156, 18.195.131.143:52463, 18.195.131.143:57646, 18.195.131.143:58207][Relayed IP/Port: 35.158.183.167:64458][Rsp Origin IP/Port: 35.158.183.167:3478][Other IP/Port: 35.158.183.167:80][PLAIN TEXT (xYXlLJQ)][Plen Bins: 19,15,26,30,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 5 UDP 192.168.12.169:47767 <-> 35.158.122.211:3478 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 265/AmazonAWS][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 22][cat: VoIP/10][Breed: Acceptable][11 pkts/1338 bytes <-> 11 pkts/1354 bytes][Goodput ratio: 65/66][22.74 sec][Hostname/SNI: signal.org][bytes ratio: -0.006 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/0 2483/2337 10020/10020 3944/4010][Pkt Len c2s/s2c min/avg/max/stddev: 62/102 122/123 158/190 44/25][Mapped IP/Port: 93.47.225.19:11928, 18.195.131.143:55640][Peer IP/Port: 18.195.131.143:54054, 18.195.131.143:61498, 18.195.131.143:55640, 18.195.131.143:50716][Relayed IP/Port: 35.158.122.211:51358][Rsp Origin IP/Port: 35.158.122.211:3478][Other IP/Port: 35.158.122.211:80][PLAIN TEXT (rMfcsrHE)][Plen Bins: 18,18,27,31,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 6 UDP 192.168.12.169:39950 <-> 35.158.183.167:3478 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 265/AmazonAWS][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 22][cat: VoIP/10][Breed: Acceptable][11 pkts/1282 bytes <-> 11 pkts/1290 bytes][Goodput ratio: 64/64][30.98 sec][Hostname/SNI: signal.org][bytes ratio: -0.003 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/0 3757/3735 10023/10021 4493/4510][Pkt Len c2s/s2c min/avg/max/stddev: 62/102 117/117 162/134 48/13][Mapped IP/Port: 93.47.225.19:11911][Peer IP/Port: 18.195.131.143:61156, 18.195.131.143:52463, 18.195.131.143:57646, 18.195.131.143:58207][Relayed IP/Port: 35.158.183.167:52495][Rsp Origin IP/Port: 35.158.183.167:3478][Other IP/Port: 35.158.183.167:80][PLAIN TEXT (ovaKDk)][Plen Bins: 22,18,31,27,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 7 UDP 192.168.12.169:37970 <-> 35.158.122.211:3478 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 265/AmazonAWS][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 20][cat: VoIP/10][Breed: Acceptable][10 pkts/1196 bytes <-> 10 pkts/1164 bytes][Goodput ratio: 65/64][22.74 sec][Hostname/SNI: signal.org][bytes ratio: 0.014 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/0 1760/2672 10017/10018 3250/3952][Pkt Len c2s/s2c min/avg/max/stddev: 62/102 120/116 158/134 45/13][Mapped IP/Port: 93.47.225.19:11929][Peer IP/Port: 18.195.131.143:54054, 18.195.131.143:61498, 18.195.131.143:55640, 18.195.131.143:50716][Relayed IP/Port: 35.158.122.211:51073][Rsp Origin IP/Port: 35.158.122.211:3478][Other IP/Port: 35.158.122.211:80][PLAIN TEXT (BSFWxqj)][Plen Bins: 20,20,30,30,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 8 ICMP 35.158.122.211:0 <-> 192.168.12.169:0 [proto: 81/ICMP][Stack: ICMP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 81/ICMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][17 pkts/1578 bytes <-> 2 pkts/276 bytes][Goodput ratio: 55/69][22.73 sec][bytes ratio: 0.702 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1052/0 7992/0 2154/0][Pkt Len c2s/s2c min/avg/max/stddev: 90/138 93/138 98/138 4/0][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: No server to client traffic / Entropy: 5.051 (Executable?)][PLAIN TEXT (braaHWB)][Plen Bins: 0,89,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 9 UDP 192.168.12.169:39950 -> 35.158.183.167:443 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 265/AmazonAWS][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 16][cat: VoIP/10][Breed: Acceptable][16 pkts/1056 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][23.80 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 37/0 1416/0 7961/0 2721/0][Pkt Len c2s/s2c min/avg/max/stddev: 62/0 66/0 70/0 4/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 10 UDP 192.168.12.169:43068 -> 35.158.183.167:443 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 265/AmazonAWS][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 16][cat: VoIP/10][Breed: Acceptable][16 pkts/1056 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][23.82 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 60/0 1419/0 7937/0 2708/0][Pkt Len c2s/s2c min/avg/max/stddev: 62/0 66/0 70/0 4/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 11 UDP 192.168.12.169:39518 <-> 35.158.183.167:3478 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 78/STUN, Confidence: DPI][DPI packets: 8][cat: VoIP/10][Breed: Acceptable][4 pkts/448 bytes <-> 4 pkts/504 bytes][Goodput ratio: 62/67][4.85 sec][Hostname/SNI: signal.org][bytes ratio: -0.059 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 23/30 1612/1611 4762/4754 2228/2222][Pkt Len c2s/s2c min/avg/max/stddev: 62/110 112/126 158/134 46/10][Mapped IP/Port: 93.47.225.19:11888][Relayed IP/Port: 35.158.183.167:62696][Rsp Origin IP/Port: 35.158.183.167:3478][Other IP/Port: 35.158.183.167:80][PLAIN TEXT (GBLsrHn)][Plen Bins: 25,0,50,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 12 UDP 192.168.12.169:47204 <-> 35.158.183.167:3478 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 265/AmazonAWS][ClearText][Confidence: DPI (cache)][FPC: 78/STUN, Confidence: DPI][DPI packets: 8][cat: VoIP/10][Breed: Acceptable][4 pkts/448 bytes <-> 4 pkts/504 bytes][Goodput ratio: 62/67][4.85 sec][Hostname/SNI: signal.org][bytes ratio: -0.059 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 41/42 1612/1612 4721/4721 2198/2199][Pkt Len c2s/s2c min/avg/max/stddev: 62/110 112/126 158/134 46/10][Mapped IP/Port: 93.47.225.19:11889][Relayed IP/Port: 35.158.183.167:54498][Rsp Origin IP/Port: 35.158.183.167:3478][Other IP/Port: 35.158.183.167:80][PLAIN TEXT (nYAy610)][Plen Bins: 25,0,50,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 13 UDP 192.168.12.169:37970 -> 35.158.122.211:443 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 265/AmazonAWS][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 14][cat: VoIP/10][Breed: Acceptable][14 pkts/924 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][15.78 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 984/0 7992/0 2186/0][Pkt Len c2s/s2c min/avg/max/stddev: 62/0 66/0 70/0 4/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (braaHWB)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 14 UDP 192.168.12.169:47767 -> 35.158.122.211:443 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 265/AmazonAWS][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 14][cat: VoIP/10][Breed: Acceptable][14 pkts/924 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][15.78 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 982/0 8022/0 2200/0][Pkt Len c2s/s2c min/avg/max/stddev: 62/0 66/0 70/0 4/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (BtotYst)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 1 UDP 192.168.12.169:43068 <-> 18.195.131.143:61156 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 461/AWS_EC2][Stream Content: Audio][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 106][DPI packets before monitoring: 33][cat: VoIP/10][Breed: Acceptable][48 pkts/4692 bytes <-> 58 pkts/7630 bytes][Goodput ratio: 57/68][12.11 sec][bytes ratio: -0.238 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 224/234 1055/1059 250/294][Pkt Len c2s/s2c min/avg/max/stddev: 70/70 98/132 146/306 23/72][Mapped IP/Port: 93.47.225.19:11914, 18.195.131.143:61156][RTP packets: 15/1][PLAIN TEXT (BrDwrhkDr//9e)][Plen Bins: 26,31,15,15,5,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 2 UDP 192.168.12.169:47767 <-> 18.195.131.143:61498 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 461/AWS_EC2][Stream Content: Audio][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 53][DPI packets before monitoring: 33][cat: VoIP/10][Breed: Acceptable][18 pkts/1900 bytes <-> 35 pkts/6496 bytes][Goodput ratio: 60/77][2.67 sec][bytes ratio: -0.547 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 173/74 665/630 186/150][Pkt Len c2s/s2c min/avg/max/stddev: 70/70 106/186 146/306 26/92][Mapped IP/Port: 93.47.225.19:11932, 18.195.131.143:61498][RTP packets: 19/1][PLAIN TEXT (80JiLM)][Plen Bins: 13,16,18,18,9,0,0,0,22,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 3 ICMP 35.158.183.167:0 <-> 192.168.12.169:0 [proto: 81/ICMP][Stack: ICMP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 81/ICMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][30 pkts/2780 bytes <-> 4 pkts/552 bytes][Goodput ratio: 55/69][51.83 sec][bytes ratio: 0.669 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 906/1 7931/1 2120/0][Pkt Len c2s/s2c min/avg/max/stddev: 90/138 93/138 98/138 4/0][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: No server to client traffic / Entropy: 5.051 (Executable?)][PLAIN TEXT (BJKHNYBG4)][Plen Bins: 0,88,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 4 UDP 192.168.12.169:43068 <-> 35.158.183.167:3478 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 461/AWS_EC2][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 26][cat: VoIP/10][Breed: Acceptable][13 pkts/1598 bytes <-> 13 pkts/1638 bytes][Goodput ratio: 66/67][31.02 sec][Hostname/SNI: signal.org][bytes ratio: -0.012 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/0 2090/2098 10035/10033 3616/3611][Pkt Len c2s/s2c min/avg/max/stddev: 62/102 123/126 174/190 47/25][Mapped IP/Port: 93.47.225.19:11910, 35.158.183.167:64458, 18.195.131.143:61156][Peer IP/Port: 18.195.131.143:61156, 18.195.131.143:52463, 18.195.131.143:57646, 18.195.131.143:58207][Relayed IP/Port: 35.158.183.167:64458][Rsp Origin IP/Port: 35.158.183.167:3478][Other IP/Port: 35.158.183.167:80][PLAIN TEXT (xYXlLJQ)][Plen Bins: 19,15,26,30,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 5 UDP 192.168.12.169:47767 <-> 35.158.122.211:3478 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 461/AWS_EC2][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 22][cat: VoIP/10][Breed: Acceptable][11 pkts/1338 bytes <-> 11 pkts/1354 bytes][Goodput ratio: 65/66][22.74 sec][Hostname/SNI: signal.org][bytes ratio: -0.006 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/0 2483/2337 10020/10020 3944/4010][Pkt Len c2s/s2c min/avg/max/stddev: 62/102 122/123 158/190 44/25][Mapped IP/Port: 93.47.225.19:11928, 18.195.131.143:55640][Peer IP/Port: 18.195.131.143:54054, 18.195.131.143:61498, 18.195.131.143:55640, 18.195.131.143:50716][Relayed IP/Port: 35.158.122.211:51358][Rsp Origin IP/Port: 35.158.122.211:3478][Other IP/Port: 35.158.122.211:80][PLAIN TEXT (rMfcsrHE)][Plen Bins: 18,18,27,31,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 6 UDP 192.168.12.169:39950 <-> 35.158.183.167:3478 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 461/AWS_EC2][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 22][cat: VoIP/10][Breed: Acceptable][11 pkts/1282 bytes <-> 11 pkts/1290 bytes][Goodput ratio: 64/64][30.98 sec][Hostname/SNI: signal.org][bytes ratio: -0.003 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/0 3757/3735 10023/10021 4493/4510][Pkt Len c2s/s2c min/avg/max/stddev: 62/102 117/117 162/134 48/13][Mapped IP/Port: 93.47.225.19:11911][Peer IP/Port: 18.195.131.143:61156, 18.195.131.143:52463, 18.195.131.143:57646, 18.195.131.143:58207][Relayed IP/Port: 35.158.183.167:52495][Rsp Origin IP/Port: 35.158.183.167:3478][Other IP/Port: 35.158.183.167:80][PLAIN TEXT (ovaKDk)][Plen Bins: 22,18,31,27,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 7 UDP 192.168.12.169:37970 <-> 35.158.122.211:3478 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 461/AWS_EC2][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 20][cat: VoIP/10][Breed: Acceptable][10 pkts/1196 bytes <-> 10 pkts/1164 bytes][Goodput ratio: 65/64][22.74 sec][Hostname/SNI: signal.org][bytes ratio: 0.014 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/0 1760/2672 10017/10018 3250/3952][Pkt Len c2s/s2c min/avg/max/stddev: 62/102 120/116 158/134 45/13][Mapped IP/Port: 93.47.225.19:11929][Peer IP/Port: 18.195.131.143:54054, 18.195.131.143:61498, 18.195.131.143:55640, 18.195.131.143:50716][Relayed IP/Port: 35.158.122.211:51073][Rsp Origin IP/Port: 35.158.122.211:3478][Other IP/Port: 35.158.122.211:80][PLAIN TEXT (BSFWxqj)][Plen Bins: 20,20,30,30,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 8 ICMP 35.158.122.211:0 <-> 192.168.12.169:0 [proto: 81/ICMP][Stack: ICMP][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 81/ICMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][17 pkts/1578 bytes <-> 2 pkts/276 bytes][Goodput ratio: 55/69][22.73 sec][bytes ratio: 0.702 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1052/0 7992/0 2154/0][Pkt Len c2s/s2c min/avg/max/stddev: 90/138 93/138 98/138 4/0][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: No server to client traffic / Entropy: 5.051 (Executable?)][PLAIN TEXT (braaHWB)][Plen Bins: 0,89,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 9 UDP 192.168.12.169:39950 -> 35.158.183.167:443 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 461/AWS_EC2][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 16][cat: VoIP/10][Breed: Acceptable][16 pkts/1056 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][23.80 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 37/0 1416/0 7961/0 2721/0][Pkt Len c2s/s2c min/avg/max/stddev: 62/0 66/0 70/0 4/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 10 UDP 192.168.12.169:43068 -> 35.158.183.167:443 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 461/AWS_EC2][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 16][cat: VoIP/10][Breed: Acceptable][16 pkts/1056 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][23.82 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 60/0 1419/0 7937/0 2708/0][Pkt Len c2s/s2c min/avg/max/stddev: 62/0 66/0 70/0 4/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 11 UDP 192.168.12.169:39518 <-> 35.158.183.167:3478 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 461/AWS_EC2][ClearText][Confidence: DPI][FPC: 78/STUN, Confidence: DPI][DPI packets: 8][cat: VoIP/10][Breed: Acceptable][4 pkts/448 bytes <-> 4 pkts/504 bytes][Goodput ratio: 62/67][4.85 sec][Hostname/SNI: signal.org][bytes ratio: -0.059 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 23/30 1612/1611 4762/4754 2228/2222][Pkt Len c2s/s2c min/avg/max/stddev: 62/110 112/126 158/134 46/10][Mapped IP/Port: 93.47.225.19:11888][Relayed IP/Port: 35.158.183.167:62696][Rsp Origin IP/Port: 35.158.183.167:3478][Other IP/Port: 35.158.183.167:80][PLAIN TEXT (GBLsrHn)][Plen Bins: 25,0,50,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 12 UDP 192.168.12.169:47204 <-> 35.158.183.167:3478 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 461/AWS_EC2][ClearText][Confidence: DPI (cache)][FPC: 78/STUN, Confidence: DPI][DPI packets: 8][cat: VoIP/10][Breed: Acceptable][4 pkts/448 bytes <-> 4 pkts/504 bytes][Goodput ratio: 62/67][4.85 sec][Hostname/SNI: signal.org][bytes ratio: -0.059 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 41/42 1612/1612 4721/4721 2198/2199][Pkt Len c2s/s2c min/avg/max/stddev: 62/110 112/126 158/134 46/10][Mapped IP/Port: 93.47.225.19:11889][Relayed IP/Port: 35.158.183.167:54498][Rsp Origin IP/Port: 35.158.183.167:3478][Other IP/Port: 35.158.183.167:80][PLAIN TEXT (nYAy610)][Plen Bins: 25,0,50,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 13 UDP 192.168.12.169:37970 -> 35.158.122.211:443 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 461/AWS_EC2][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 14][cat: VoIP/10][Breed: Acceptable][14 pkts/924 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][15.78 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 984/0 7992/0 2186/0][Pkt Len c2s/s2c min/avg/max/stddev: 62/0 66/0 70/0 4/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (braaHWB)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 14 UDP 192.168.12.169:47767 -> 35.158.122.211:443 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 461/AWS_EC2][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 14][cat: VoIP/10][Breed: Acceptable][14 pkts/924 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][15.78 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 982/0 8022/0 2200/0][Pkt Len c2s/s2c min/avg/max/stddev: 62/0 66/0 70/0 4/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (BtotYst)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
15 UDP 192.168.12.169:37970 <-> 172.253.121.127:19302 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 126/Google][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 12][cat: VoIP/10][Breed: Acceptable][6 pkts/372 bytes <-> 6 pkts/444 bytes][Goodput ratio: 32/43][21.39 sec][bytes ratio: -0.088 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 250/250 4201/2720 10126/10103 4828/4263][Pkt Len c2s/s2c min/avg/max/stddev: 62/74 62/74 62/74 0/0][Mapped IP/Port: 93.47.225.19:11929][PLAIN TEXT (BNEmtWH)][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
16 UDP 192.168.12.169:39950 <-> 172.253.121.127:19302 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 126/Google][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 12][cat: VoIP/10][Breed: Acceptable][6 pkts/372 bytes <-> 6 pkts/444 bytes][Goodput ratio: 32/43][21.40 sec][bytes ratio: -0.088 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 248/248 4203/2720 10135/10132 4842/4279][Pkt Len c2s/s2c min/avg/max/stddev: 62/74 62/74 62/74 0/0][Mapped IP/Port: 93.47.225.19:11911][PLAIN TEXT (quISgYTP)][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
17 UDP 192.168.12.169:43068 <-> 172.253.121.127:19302 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 126/Google][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 12][cat: VoIP/10][Breed: Acceptable][6 pkts/372 bytes <-> 6 pkts/444 bytes][Goodput ratio: 32/43][21.38 sec][bytes ratio: -0.088 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 250/249 4201/2720 10128/10128 4837/4277][Pkt Len c2s/s2c min/avg/max/stddev: 62/74 62/74 62/74 0/0][Mapped IP/Port: 93.47.225.19:11910][PLAIN TEXT (BnDbEJB)][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
18 UDP 192.168.12.169:47767 <-> 172.253.121.127:19302 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 126/Google][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 12][cat: VoIP/10][Breed: Acceptable][6 pkts/372 bytes <-> 6 pkts/444 bytes][Goodput ratio: 32/43][21.39 sec][bytes ratio: -0.088 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 249/250 4202/2720 10130/10105 4830/4264][Pkt Len c2s/s2c min/avg/max/stddev: 62/74 62/74 62/74 0/0][Mapped IP/Port: 93.47.225.19:11928][PLAIN TEXT (lbMRpRo)][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 19 UDP 192.168.12.169:47767 <-> 18.195.131.143:54054 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 265/AmazonAWS][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 6][cat: VoIP/10][Breed: Acceptable][3 pkts/390 bytes <-> 3 pkts/350 bytes][Goodput ratio: 68/64][0.18 sec][bytes ratio: 0.054 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 6/4 48/52 90/101 42/48][Pkt Len c2s/s2c min/avg/max/stddev: 106/106 130/117 146/138 17/15][Mapped IP/Port: 93.47.225.19:11928, 18.195.131.143:54054][PLAIN TEXT (JUrAzE1)][Plen Bins: 0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 20 UDP 192.168.12.169:39518 -> 35.158.183.167:443 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 265/AmazonAWS][ClearText][Confidence: DPI (cache)][FPC: 78/STUN, Confidence: DPI][DPI packets: 10][cat: VoIP/10][Breed: Acceptable][10 pkts/660 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][3.82 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 64/0 424/0 1928/0 598/0][Pkt Len c2s/s2c min/avg/max/stddev: 62/0 66/0 70/0 4/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (BJKHNYBG4)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 21 UDP 192.168.12.169:47204 -> 35.158.183.167:443 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 265/AmazonAWS][ClearText][Confidence: DPI (cache)][FPC: 78/STUN, Confidence: DPI][DPI packets: 10][cat: VoIP/10][Breed: Acceptable][10 pkts/660 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][3.82 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 63/0 424/0 1928/0 597/0][Pkt Len c2s/s2c min/avg/max/stddev: 62/0 66/0 70/0 4/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 19 UDP 192.168.12.169:47767 <-> 18.195.131.143:54054 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 461/AWS_EC2][ClearText][Confidence: DPI (cache)][FPC: 78.269/STUN.SignalVoip, Confidence: DPI][DPI packets: 6][cat: VoIP/10][Breed: Acceptable][3 pkts/390 bytes <-> 3 pkts/350 bytes][Goodput ratio: 68/64][0.18 sec][bytes ratio: 0.054 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 6/4 48/52 90/101 42/48][Pkt Len c2s/s2c min/avg/max/stddev: 106/106 130/117 146/138 17/15][Mapped IP/Port: 93.47.225.19:11928, 18.195.131.143:54054][PLAIN TEXT (JUrAzE1)][Plen Bins: 0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 20 UDP 192.168.12.169:39518 -> 35.158.183.167:443 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 461/AWS_EC2][ClearText][Confidence: DPI (cache)][FPC: 78/STUN, Confidence: DPI][DPI packets: 10][cat: VoIP/10][Breed: Acceptable][10 pkts/660 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][3.82 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 64/0 424/0 1928/0 598/0][Pkt Len c2s/s2c min/avg/max/stddev: 62/0 66/0 70/0 4/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (BJKHNYBG4)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 21 UDP 192.168.12.169:47204 -> 35.158.183.167:443 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 461/AWS_EC2][ClearText][Confidence: DPI (cache)][FPC: 78/STUN, Confidence: DPI][DPI packets: 10][cat: VoIP/10][Breed: Acceptable][10 pkts/660 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][3.82 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 63/0 424/0 1928/0 597/0][Pkt Len c2s/s2c min/avg/max/stddev: 62/0 66/0 70/0 4/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
22 UDP 192.168.12.169:39518 <-> 172.253.121.127:19302 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 126/Google][ClearText][Confidence: DPI (cache)][FPC: 78/STUN, Confidence: DPI][DPI packets: 4][cat: VoIP/10][Breed: Acceptable][2 pkts/124 bytes <-> 2 pkts/148 bytes][Goodput ratio: 32/43][0.62 sec][Mapped IP/Port: 93.47.225.19:11888][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
23 UDP 192.168.12.169:47204 <-> 172.253.121.127:19302 [proto: 78.269/STUN.SignalVoip][Stack: STUN.SignalVoip][IP: 126/Google][ClearText][Confidence: DPI (cache)][FPC: 78/STUN, Confidence: DPI][DPI packets: 4][cat: VoIP/10][Breed: Acceptable][2 pkts/124 bytes <-> 2 pkts/148 bytes][Goodput ratio: 32/43][0.63 sec][Mapped IP/Port: 93.47.225.19:11889][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/monitoring/result/telegram_videocall.pcapng.out b/tests/cfgs/monitoring/result/telegram_videocall.pcapng.out
index 3b16a2fce..b501c1b32 100644
--- a/tests/cfgs/monitoring/result/telegram_videocall.pcapng.out
+++ b/tests/cfgs/monitoring/result/telegram_videocall.pcapng.out
@@ -33,8 +33,8 @@ TLS 7 497 2
ICMPV6 5 350 2
Dropbox 2 348 1
Telegram 633 339051 7
-AmazonAWS 4 288 1
TelegramVoip 228 41561 16
+AWS_EC2 4 288 1
Safe 7 497 2
Acceptable 880 382620 32
@@ -69,8 +69,8 @@ Network 13 1372 7
22 UDP 192.168.12.169:42197 <-> 91.108.13.23:1400 [proto: 78.355/STUN.TelegramVoip][Stack: STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI (cache)][FPC: 78/STUN, Confidence: DPI][DPI packets: 4][cat: VoIP/10][Breed: Acceptable][2 pkts/124 bytes <-> 2 pkts/252 bytes][Goodput ratio: 32/66][10.27 sec][Mapped IP/Port: 93.47.225.70:11617][Rsp Origin IP/Port: 91.108.13.23:1400][Other IP/Port: 10.160.194.103:1401][PLAIN TEXT (BrHWdEqa2)][Plen Bins: 50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
23 UDP 192.168.12.169:42197 <-> 91.108.17.2:1400 [proto: 78.355/STUN.TelegramVoip][Stack: STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI (cache)][FPC: 78/STUN, Confidence: DPI][DPI packets: 4][cat: VoIP/10][Breed: Acceptable][2 pkts/124 bytes <-> 2 pkts/252 bytes][Goodput ratio: 32/66][10.30 sec][Mapped IP/Port: 93.47.225.70:11617][Rsp Origin IP/Port: 91.108.17.2:1400][Other IP/Port: 10.130.194.98:1401][PLAIN TEXT (BYyA/MmBER1)][Plen Bins: 50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
24 UDP 192.168.12.1:17500 -> 192.168.12.255:17500 [proto: 121/Dropbox][Stack: Dropbox][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 121/Dropbox, Confidence: DPI][DPI packets: 1][cat: Cloud/13][Breed: Acceptable][2 pkts/348 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][30.01 sec][PLAIN TEXT (version)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 25 TCP 18.195.162.93:443 <-> 192.168.12.169:38956 [proto: 91/TLS][Stack: TLS][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 1][cat: Web/5][Breed: Safe][2 pkts/163 bytes <-> 2 pkts/132 bytes][Goodput ratio: 19/0][5.09 sec][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 26 TCP 192.168.12.169:40710 <-> 52.58.18.25:5222 [proto: 265/AmazonAWS][Stack: AmazonAWS][IP: 265/AmazonAWS][Encrypted][Confidence: Match by IP][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 4][cat: Cloud/13][Breed: Acceptable][2 pkts/144 bytes <-> 2 pkts/144 bytes][Goodput ratio: 8/8][0.02 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 25 TCP 18.195.162.93:443 <-> 192.168.12.169:38956 [proto: 91/TLS][Stack: TLS][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 1][cat: Web/5][Breed: Safe][2 pkts/163 bytes <-> 2 pkts/132 bytes][Goodput ratio: 19/0][5.09 sec][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 26 TCP 192.168.12.169:40710 <-> 52.58.18.25:5222 [proto: 461/AWS_EC2][Stack: AWS_EC2][IP: 461/AWS_EC2][Encrypted][Confidence: Match by IP][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 4][cat: Cloud/13][Breed: Acceptable][2 pkts/144 bytes <-> 2 pkts/144 bytes][Goodput ratio: 8/8][0.02 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
27 ICMPV6 [fe80::98df:58ff:fefa:ebdc]:0 -> [ff02::2]:0 [proto: 102/ICMPV6][Stack: ICMPV6][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 102/ICMPV6, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][4 pkts/280 bytes -> 0 pkts/0 bytes][Goodput ratio: 11/0][32.62 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
28 ICMP 192.168.12.169:0 -> 91.108.9.35:0 [proto: 81/ICMP][Stack: ICMP][IP: 185/Telegram][ClearText][Confidence: DPI][FPC: 81/ICMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][2 pkts/276 bytes -> 0 pkts/0 bytes][Goodput ratio: 69/0][0.00 sec][Risk: ** Susp Entropy **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic / Entropy: 5.590 (Executable?)][PLAIN TEXT (ORtRLoo/fpi)][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
29 ICMP 192.168.12.169:0 -> 91.108.13.23:0 [proto: 81/ICMP][Stack: ICMP][IP: 185/Telegram][ClearText][Confidence: DPI][FPC: 81/ICMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][2 pkts/276 bytes -> 0 pkts/0 bytes][Goodput ratio: 69/0][0.00 sec][Risk: ** Susp Entropy **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic / Entropy: 5.612 (Executable?)][PLAIN TEXT (BuBNffVSd)][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/stun_only_peer_address_enabled/result/telegram_videocall.pcapng.out b/tests/cfgs/stun_only_peer_address_enabled/result/telegram_videocall.pcapng.out
index 23beb21b9..f9373dca2 100644
--- a/tests/cfgs/stun_only_peer_address_enabled/result/telegram_videocall.pcapng.out
+++ b/tests/cfgs/stun_only_peer_address_enabled/result/telegram_videocall.pcapng.out
@@ -33,8 +33,8 @@ TLS 7 497 2
ICMPV6 5 350 2
Dropbox 2 348 1
Telegram 633 339051 7
-AmazonAWS 4 288 1
TelegramVoip 228 41561 16
+AWS_EC2 4 288 1
Safe 7 497 2
Acceptable 880 382620 32
@@ -69,8 +69,8 @@ Network 13 1372 7
22 UDP 192.168.12.169:42197 <-> 91.108.13.23:1400 [proto: 78.355/STUN.TelegramVoip][Stack: STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI (cache)][FPC: 78/STUN, Confidence: DPI][DPI packets: 4][cat: VoIP/10][Breed: Acceptable][2 pkts/124 bytes <-> 2 pkts/252 bytes][Goodput ratio: 32/66][10.27 sec][PLAIN TEXT (BrHWdEqa2)][Plen Bins: 50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
23 UDP 192.168.12.169:42197 <-> 91.108.17.2:1400 [proto: 78.355/STUN.TelegramVoip][Stack: STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI (cache)][FPC: 78/STUN, Confidence: DPI][DPI packets: 4][cat: VoIP/10][Breed: Acceptable][2 pkts/124 bytes <-> 2 pkts/252 bytes][Goodput ratio: 32/66][10.30 sec][PLAIN TEXT (BYyA/MmBER1)][Plen Bins: 50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
24 UDP 192.168.12.1:17500 -> 192.168.12.255:17500 [proto: 121/Dropbox][Stack: Dropbox][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 121/Dropbox, Confidence: DPI][DPI packets: 1][cat: Cloud/13][Breed: Acceptable][2 pkts/348 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][30.01 sec][PLAIN TEXT (version)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 25 TCP 18.195.162.93:443 <-> 192.168.12.169:38956 [proto: 91/TLS][Stack: TLS][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 1][cat: Web/5][Breed: Safe][2 pkts/163 bytes <-> 2 pkts/132 bytes][Goodput ratio: 19/0][5.09 sec][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 26 TCP 192.168.12.169:40710 <-> 52.58.18.25:5222 [proto: 265/AmazonAWS][Stack: AmazonAWS][IP: 265/AmazonAWS][Encrypted][Confidence: Match by IP][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 4][cat: Cloud/13][Breed: Acceptable][2 pkts/144 bytes <-> 2 pkts/144 bytes][Goodput ratio: 8/8][0.02 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 25 TCP 18.195.162.93:443 <-> 192.168.12.169:38956 [proto: 91/TLS][Stack: TLS][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 1][cat: Web/5][Breed: Safe][2 pkts/163 bytes <-> 2 pkts/132 bytes][Goodput ratio: 19/0][5.09 sec][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 26 TCP 192.168.12.169:40710 <-> 52.58.18.25:5222 [proto: 461/AWS_EC2][Stack: AWS_EC2][IP: 461/AWS_EC2][Encrypted][Confidence: Match by IP][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 4][cat: Cloud/13][Breed: Acceptable][2 pkts/144 bytes <-> 2 pkts/144 bytes][Goodput ratio: 8/8][0.02 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
27 ICMPV6 [fe80::98df:58ff:fefa:ebdc]:0 -> [ff02::2]:0 [proto: 102/ICMPV6][Stack: ICMPV6][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 102/ICMPV6, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][4 pkts/280 bytes -> 0 pkts/0 bytes][Goodput ratio: 11/0][32.62 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
28 ICMP 192.168.12.169:0 -> 91.108.9.35:0 [proto: 81/ICMP][Stack: ICMP][IP: 185/Telegram][ClearText][Confidence: DPI][FPC: 81/ICMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][2 pkts/276 bytes -> 0 pkts/0 bytes][Goodput ratio: 69/0][0.00 sec][Risk: ** Susp Entropy **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic / Entropy: 5.590 (Executable?)][PLAIN TEXT (ORtRLoo/fpi)][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
29 ICMP 192.168.12.169:0 -> 91.108.13.23:0 [proto: 81/ICMP][Stack: ICMP][IP: 185/Telegram][ClearText][Confidence: DPI][FPC: 81/ICMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][2 pkts/276 bytes -> 0 pkts/0 bytes][Goodput ratio: 69/0][0.00 sec][Risk: ** Susp Entropy **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic / Entropy: 5.612 (Executable?)][PLAIN TEXT (BuBNffVSd)][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/zoom_extra_dissection/result/zoom.pcap.out b/tests/cfgs/zoom_extra_dissection/result/zoom.pcap.out
index 7ec326f52..57ce4faa7 100644
--- a/tests/cfgs/zoom_extra_dissection/result/zoom.pcap.out
+++ b/tests/cfgs/zoom_extra_dissection/result/zoom.pcap.out
@@ -57,14 +57,14 @@ JA Host Stats:
1 UDP 192.168.1.117:58327 <-> 109.94.160.99:8801 [proto: 189/Zoom][Stack: Zoom][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 189/Zoom, Confidence: DPI][DPI packets: 185][cat: Video/26][Breed: Acceptable][10 pkts/7806 bytes <-> 175 pkts/184434 bytes][Goodput ratio: 95/96][1.44 sec][bytes ratio: -0.919 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 14/8 32/35 11/5][Pkt Len c2s/s2c min/avg/max/stddev: 55/60 781/1054 1071/1071 444/129][PLAIN TEXT (replace)][Plen Bins: 1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,97,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 TCP 192.168.1.117:54871 <-> 109.94.160.99:443 [proto: 91.189/TLS.Zoom][Stack: TLS.Zoom][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 189/Zoom, Confidence: DNS][DPI packets: 11][cat: Video/26][Breed: Acceptable][127 pkts/54118 bytes <-> 83 pkts/17526 bytes][Goodput ratio: 84/69][2.00 sec][Hostname/SNI: zoomfrn99mmr.zoom.us][bytes ratio: 0.511 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 17/9 950/156 93/24][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 426/211 1506/1506 458/364][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: a2f2e73fc94f33cea302bfd6134f1543][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d930700_72a4e8475a2e_4446390ac224][ServerNames: *.zoom.us,zoom.us][JA3S: ada793d0f02b028a6c840504edccb652][Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http://certs.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2][Subject: OU=Domain Control Validated, CN=*.zoom.us][Certificate SHA-1: F7:5A:83:A8:77:24:55:D7:6D:2E:93:F6:6E:9C:C9:7E:AD:9B:3B:E8][Firefox][Validity: 2019-03-25 19:38:42 - 2021-03-25 19:38:42][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,20,12,4,2,6,3,2,2,2,4,5,10,1,0,0,1,0,0,1,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,17,0,0]
- 3 TCP 192.168.1.117:54866 <-> 52.202.62.236:443 [proto: 91.189/TLS.Zoom][Stack: TLS.Zoom][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 189/Zoom, Confidence: DNS][DPI packets: 10][cat: Video/26][Breed: Acceptable][16 pkts/3097 bytes <-> 17 pkts/18622 bytes][Goodput ratio: 71/95][0.61 sec][Hostname/SNI: www3.zoom.us][(Advertised) ALPNs: http/1.1][bytes ratio: -0.715 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 32/28 114/143 47/51][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 194/1095 864/1506 265/618][nDPI Fingerprint: ace4f0fab311e4e98322e5984dd34f5b][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d8008h1_9cedc1f1428b_046e095b7c4a][ServerNames: *.zoom.us,zoom.us][JA3S: 3c30f2c064a3aed8cd95de8d68c726a6][Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http://certs.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2][Subject: OU=Domain Control Validated, CN=*.zoom.us][Certificate SHA-1: F7:5A:83:A8:77:24:55:D7:6D:2E:93:F6:6E:9C:C9:7E:AD:9B:3B:E8][Firefox][Validity: 2019-03-25 19:38:42 - 2021-03-25 19:38:42][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,5,0,0,0,5,0,0,0,0,0,0,5,0,0,0,5,0,0,0,0,5,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,63,0,0]
- 4 TCP 192.168.1.117:54865 <-> 52.202.62.196:443 [proto: 91.189/TLS.Zoom][Stack: TLS.Zoom][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 10][cat: Video/26][Breed: Acceptable][15 pkts/2448 bytes <-> 15 pkts/16505 bytes][Goodput ratio: 66/95][0.50 sec][Hostname/SNI: zoom.us][(Advertised) ALPNs: http/1.1][bytes ratio: -0.742 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 31/22 112/136 46/46][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 163/1100 687/1506 200/623][nDPI Fingerprint: ace4f0fab311e4e98322e5984dd34f5b][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d8008h1_9cedc1f1428b_046e095b7c4a][ServerNames: *.zoom.us,zoom.us][JA3S: 3c30f2c064a3aed8cd95de8d68c726a6][Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http://certs.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2][Subject: OU=Domain Control Validated, CN=*.zoom.us][Certificate SHA-1: F7:5A:83:A8:77:24:55:D7:6D:2E:93:F6:6E:9C:C9:7E:AD:9B:3B:E8][Firefox][Validity: 2019-03-25 19:38:42 - 2021-03-25 19:38:42][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,6,0,0,0,6,0,0,6,0,0,0,0,0,0,0,6,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,6,0,0,0,0,57,0,0]
+ 3 TCP 192.168.1.117:54866 <-> 52.202.62.236:443 [proto: 91.189/TLS.Zoom][Stack: TLS.Zoom][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 189/Zoom, Confidence: DNS][DPI packets: 10][cat: Video/26][Breed: Acceptable][16 pkts/3097 bytes <-> 17 pkts/18622 bytes][Goodput ratio: 71/95][0.61 sec][Hostname/SNI: www3.zoom.us][(Advertised) ALPNs: http/1.1][bytes ratio: -0.715 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 32/28 114/143 47/51][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 194/1095 864/1506 265/618][nDPI Fingerprint: ace4f0fab311e4e98322e5984dd34f5b][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d8008h1_9cedc1f1428b_046e095b7c4a][ServerNames: *.zoom.us,zoom.us][JA3S: 3c30f2c064a3aed8cd95de8d68c726a6][Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http://certs.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2][Subject: OU=Domain Control Validated, CN=*.zoom.us][Certificate SHA-1: F7:5A:83:A8:77:24:55:D7:6D:2E:93:F6:6E:9C:C9:7E:AD:9B:3B:E8][Firefox][Validity: 2019-03-25 19:38:42 - 2021-03-25 19:38:42][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,5,0,0,0,5,0,0,0,0,0,0,5,0,0,0,5,0,0,0,0,5,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,63,0,0]
+ 4 TCP 192.168.1.117:54865 <-> 52.202.62.196:443 [proto: 91.189/TLS.Zoom][Stack: TLS.Zoom][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 461/AWS_EC2, Confidence: IP address][DPI packets: 10][cat: Video/26][Breed: Acceptable][15 pkts/2448 bytes <-> 15 pkts/16505 bytes][Goodput ratio: 66/95][0.50 sec][Hostname/SNI: zoom.us][(Advertised) ALPNs: http/1.1][bytes ratio: -0.742 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 31/22 112/136 46/46][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 163/1100 687/1506 200/623][nDPI Fingerprint: ace4f0fab311e4e98322e5984dd34f5b][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d8008h1_9cedc1f1428b_046e095b7c4a][ServerNames: *.zoom.us,zoom.us][JA3S: 3c30f2c064a3aed8cd95de8d68c726a6][Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http://certs.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2][Subject: OU=Domain Control Validated, CN=*.zoom.us][Certificate SHA-1: F7:5A:83:A8:77:24:55:D7:6D:2E:93:F6:6E:9C:C9:7E:AD:9B:3B:E8][Firefox][Validity: 2019-03-25 19:38:42 - 2021-03-25 19:38:42][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,6,0,0,0,6,0,0,6,0,0,0,0,0,0,0,6,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,6,0,0,0,0,57,0,0]
5 UDP 10.140.117.35:45634 <-> 193.122.35.237:8801 [VLAN: 113][proto: GTP:189/Zoom][Stack: Zoom][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 81][cat: Video/26][Breed: Acceptable][34 pkts/5678 bytes <-> 47 pkts/7940 bytes][Goodput ratio: 48/49][154.35 sec][bytes ratio: -0.166 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 39/2 1919/1250 3741/3741 1619/1357][Pkt Len c2s/s2c min/avg/max/stddev: 167/167 167/169 167/174 0/3][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
6 TCP 192.168.1.117:54868 <-> 213.19.144.104:443 [proto: 91.189/TLS.Zoom][Stack: TLS.Zoom][IP: 189/Zoom][Encrypted][Confidence: DPI][FPC: 189/Zoom, Confidence: IP address][DPI packets: 11][cat: Video/26][Breed: Acceptable][17 pkts/2534 bytes <-> 13 pkts/7180 bytes][Goodput ratio: 56/88][0.41 sec][Hostname/SNI: zoomam104zc.zoom.us][bytes ratio: -0.478 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 28/41 87/168 27/61][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 149/552 642/1506 175/612][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: a2f2e73fc94f33cea302bfd6134f1543][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d930700_72a4e8475a2e_4446390ac224][ServerNames: *.zoom.us,zoom.us][JA3S: ada793d0f02b028a6c840504edccb652][Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http://certs.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2][Subject: OU=Domain Control Validated, CN=*.zoom.us][Certificate SHA-1: F7:5A:83:A8:77:24:55:D7:6D:2E:93:F6:6E:9C:C9:7E:AD:9B:3B:E8][Firefox][Validity: 2019-03-25 19:38:42 - 2021-03-25 19:38:42][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 21,6,6,6,6,0,0,6,0,0,0,0,0,6,0,0,6,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,21,0,0]
7 TCP 192.168.1.117:54869 <-> 213.244.140.85:443 [proto: 91.189/TLS.Zoom][Stack: TLS.Zoom][IP: 189/Zoom][Encrypted][Confidence: DPI][FPC: 189/Zoom, Confidence: DNS][DPI packets: 11][cat: Video/26][Breed: Acceptable][16 pkts/2480 bytes <-> 13 pkts/7182 bytes][Goodput ratio: 57/88][0.39 sec][Hostname/SNI: zoomfr85zc.zoom.us][bytes ratio: -0.487 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 27/41 202/224 52/72][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 155/552 642/1506 178/612][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: a2f2e73fc94f33cea302bfd6134f1543][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d930700_72a4e8475a2e_4446390ac224][ServerNames: *.zoom.us,zoom.us][JA3S: ada793d0f02b028a6c840504edccb652][Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http://certs.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2][Subject: OU=Domain Control Validated, CN=*.zoom.us][Certificate SHA-1: F7:5A:83:A8:77:24:55:D7:6D:2E:93:F6:6E:9C:C9:7E:AD:9B:3B:E8][Firefox][Validity: 2019-03-25 19:38:42 - 2021-03-25 19:38:42][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 21,6,6,6,6,0,0,6,0,0,0,0,0,6,0,0,6,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,21,0,0]
8 TCP 192.168.1.117:54867 <-> 213.19.144.105:443 [proto: 91.189/TLS.Zoom][Stack: TLS.Zoom][IP: 189/Zoom][Encrypted][Confidence: DPI][FPC: 189/Zoom, Confidence: IP address][DPI packets: 11][cat: Video/26][Breed: Acceptable][16 pkts/2468 bytes <-> 13 pkts/7188 bytes][Goodput ratio: 58/88][0.42 sec][Hostname/SNI: zoomam105zc.zoom.us][bytes ratio: -0.489 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 30/43 147/178 40/63][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 154/553 642/1506 179/612][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: a2f2e73fc94f33cea302bfd6134f1543][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d930700_72a4e8475a2e_4446390ac224][ServerNames: *.zoom.us,zoom.us][JA3S: ada793d0f02b028a6c840504edccb652][Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http://certs.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2][Subject: OU=Domain Control Validated, CN=*.zoom.us][Certificate SHA-1: F7:5A:83:A8:77:24:55:D7:6D:2E:93:F6:6E:9C:C9:7E:AD:9B:3B:E8][Firefox][Validity: 2019-03-25 19:38:42 - 2021-03-25 19:38:42][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 21,6,6,6,6,0,0,6,0,0,0,0,0,6,0,0,6,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,21,0,0]
9 TCP 192.168.1.117:54870 <-> 213.244.140.84:443 [proto: 91.189/TLS.Zoom][Stack: TLS.Zoom][IP: 189/Zoom][Encrypted][Confidence: DPI][FPC: 189/Zoom, Confidence: DNS][DPI packets: 11][cat: Video/26][Breed: Acceptable][16 pkts/1832 bytes <-> 12 pkts/6702 bytes][Goodput ratio: 44/88][0.38 sec][Hostname/SNI: zoomfr84zc.zoom.us][bytes ratio: -0.571 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 28/40 187/280 49/91][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 114/558 583/1506 129/636][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][nDPI Fingerprint: a2f2e73fc94f33cea302bfd6134f1543][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d930700_72a4e8475a2e_4446390ac224][ServerNames: *.zoom.us,zoom.us][JA3S: ada793d0f02b028a6c840504edccb652][Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http://certs.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2][Subject: OU=Domain Control Validated, CN=*.zoom.us][Certificate SHA-1: F7:5A:83:A8:77:24:55:D7:6D:2E:93:F6:6E:9C:C9:7E:AD:9B:3B:E8][Firefox][Validity: 2019-03-25 19:38:42 - 2021-03-25 19:38:42][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 25,0,8,8,8,0,0,8,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,25,0,0]
- 10 TCP 192.168.1.117:54864 <-> 52.202.62.238:443 [proto: 91.189/TLS.Zoom][Stack: TLS.Zoom][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 189/Zoom, Confidence: DNS][DPI packets: 10][cat: Video/26][Breed: Acceptable][10 pkts/2030 bytes <-> 8 pkts/6283 bytes][Goodput ratio: 72/93][0.47 sec][Hostname/SNI: log.zoom.us][(Advertised) ALPNs: http/1.1][bytes ratio: -0.512 (Download)][IAT c2s/s2c min/avg/max/stddev: 2/0 58/40 110/131 50/57][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 203/785 812/1506 256/675][nDPI Fingerprint: ace4f0fab311e4e98322e5984dd34f5b][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d8008h1_9cedc1f1428b_046e095b7c4a][ServerNames: *.zoom.us,zoom.us][JA3S: 3c30f2c064a3aed8cd95de8d68c726a6][Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http://certs.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2][Subject: OU=Domain Control Validated, CN=*.zoom.us][Certificate SHA-1: F7:5A:83:A8:77:24:55:D7:6D:2E:93:F6:6E:9C:C9:7E:AD:9B:3B:E8][Firefox][Validity: 2019-03-25 19:38:42 - 2021-03-25 19:38:42][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,11,0,0,0,22,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,33,0,0]
+ 10 TCP 192.168.1.117:54864 <-> 52.202.62.238:443 [proto: 91.189/TLS.Zoom][Stack: TLS.Zoom][IP: 461/AWS_EC2][Encrypted][Confidence: DPI][FPC: 189/Zoom, Confidence: DNS][DPI packets: 10][cat: Video/26][Breed: Acceptable][10 pkts/2030 bytes <-> 8 pkts/6283 bytes][Goodput ratio: 72/93][0.47 sec][Hostname/SNI: log.zoom.us][(Advertised) ALPNs: http/1.1][bytes ratio: -0.512 (Download)][IAT c2s/s2c min/avg/max/stddev: 2/0 58/40 110/131 50/57][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 203/785 812/1506 256/675][nDPI Fingerprint: ace4f0fab311e4e98322e5984dd34f5b][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d8008h1_9cedc1f1428b_046e095b7c4a][ServerNames: *.zoom.us,zoom.us][JA3S: 3c30f2c064a3aed8cd95de8d68c726a6][Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http://certs.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2][Subject: OU=Domain Control Validated, CN=*.zoom.us][Certificate SHA-1: F7:5A:83:A8:77:24:55:D7:6D:2E:93:F6:6E:9C:C9:7E:AD:9B:3B:E8][Firefox][Validity: 2019-03-25 19:38:42 - 2021-03-25 19:38:42][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,11,0,0,0,22,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,33,0,0]
11 TCP 192.168.1.117:53872 <-> 35.186.224.53:443 [proto: 91/TLS][Stack: TLS][IP: 284/GoogleCloud][Encrypted][Confidence: DPI][FPC: 284/GoogleCloud, Confidence: IP address][DPI packets: 5][cat: Web/5][Breed: Safe][8 pkts/2017 bytes <-> 8 pkts/4822 bytes][Goodput ratio: 74/89][0.07 sec][bytes ratio: -0.410 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 10/10 58/45 22/16][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 252/603 1434/1484 447/585][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][Plen Bins: 0,12,25,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,25,0,0,0]
12 TCP 192.168.1.117:54863 <-> 167.99.215.164:4434 [proto: 91.26/TLS.ntop][Stack: TLS.ntop][IP: 442/DigitalOcean][Encrypted][Confidence: DPI][FPC: 442/DigitalOcean, Confidence: IP address][DPI packets: 6][cat: Network/14][Breed: Safe][10 pkts/2198 bytes <-> 10 pkts/2067 bytes][Goodput ratio: 69/68][5.26 sec][Hostname/SNI: dati.ntop.org][bytes ratio: 0.031 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 645/740 5003/5003 1647/1741][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 220/207 932/1292 283/364][Risk: ** Known Proto on Non Std Port **** TLS (probably) Not Carrying HTTPS **][Risk Score: 60][Risk Info: No ALPN / Expected on port 443][nDPI Fingerprint: 9d2a0be8a341585134b88ab5f60d4681][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA4: t12d800700_64d9932cae36_4446390ac224][JA3S: dd4b012f7a008e741554bd0a4ed12920][Firefox][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 16,0,0,0,34,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0]
13 TCP 192.168.1.117:54854 -> 172.217.21.72:443 [proto: 91.239/TLS.GoogleServices][Stack: TLS.GoogleServices][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 91.239/TLS.GoogleServices, Confidence: DPI][DPI packets: 4][cat: Web/5][Breed: Acceptable][4 pkts/1060 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][6.46 sec][Hostname/SNI: www.googletagmanager.com][(Advertised) ALPNs: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][Risk: ** Obsolete TLS (v1.1 or older) **** Unidirectional Traffic **][Risk Score: 110][Risk Info: No server to client traffic / TLSv1][TLSv1][JA4: t10d0909h2_61c4dbd01224_cc731f12afbb][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -85,7 +85,7 @@ JA Host Stats:
28 UDP 192.168.1.117:62988 <-> 192.168.1.1:53 [proto: 5/DNS][Stack: DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][Breed: Acceptable][1 pkts/72 bytes <-> 1 pkts/88 bytes][Goodput ratio: 41/52][0.04 sec][Hostname/SNI: www3.zoom.us][52.202.62.236][DNS Id: 0xa17d][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
29 UDP 192.168.1.117:64352 <-> 192.168.1.1:53 [proto: 5/DNS][Stack: DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][Breed: Acceptable][1 pkts/71 bytes <-> 1 pkts/87 bytes][Goodput ratio: 40/51][0.04 sec][Hostname/SNI: log.zoom.us][52.202.62.238][DNS Id: 0x7b5f][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
30 ICMP 192.168.1.117:0 -> 162.255.38.14:0 [proto: 81/ICMP][Stack: ICMP][IP: 189/Zoom][ClearText][Confidence: DPI][FPC: 81/ICMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][2 pkts/140 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][0.01 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 31 TCP 192.168.1.117:54798 <-> 13.225.84.182:443 [proto: 91/TLS][Stack: TLS][IP: 265/AmazonAWS][Encrypted][Confidence: Match by port][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 2][cat: Web/5][Breed: Safe][1 pkts/54 bytes <-> 1 pkts/60 bytes][Goodput ratio: 0/0][0.04 sec][Risk: ** TCP Connection Issues **** Probing Attempt **][Risk Score: 100][Risk Info: TCP probing attempt / Connection refused][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 31 TCP 192.168.1.117:54798 <-> 13.225.84.182:443 [proto: 91/TLS][Stack: TLS][IP: 464/AWS_Cloudfront][Encrypted][Confidence: Match by port][FPC: 464/AWS_Cloudfront, Confidence: IP address][DPI packets: 2][cat: Web/5][Breed: Safe][1 pkts/54 bytes <-> 1 pkts/60 bytes][Goodput ratio: 0/0][0.04 sec][Risk: ** TCP Connection Issues **** Probing Attempt **][Risk Score: 100][Risk Info: TCP probing attempt / Connection refused][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
32 UDP 192.168.1.117:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][Stack: MDNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 8/MDNS, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/87 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Hostname/SNI: _spotify-connect._tcp.local][_spotify-connect._tcp.local][PLAIN TEXT (spotify)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
33 UDP 192.168.1.117:57621 -> 192.168.1.255:57621 [proto: 156/Spotify][Stack: Spotify][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 156/Spotify, Confidence: DPI][DPI packets: 1][cat: Music/25][Breed: Fun][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][PLAIN TEXT (SpotUdp)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
34 ICMP 192.168.1.117:0 -> 192.168.1.1:0 [proto: 81/ICMP][Stack: ICMP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 81/ICMP, Confidence: DPI][DPI packets: 1][cat: Network/14][Breed: Acceptable][1 pkts/70 bytes -> 0 pkts/0 bytes][Goodput ratio: 39/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/utils/aws_domains_download.sh b/utils/aws_domains_download.sh
new file mode 100755
index 000000000..723392b34
--- /dev/null
+++ b/utils/aws_domains_download.sh
@@ -0,0 +1,53 @@
+#!/usr/bin/env bash
+
+set -e
+
+cd "$(dirname "${0}")" || exit 1
+
+DEST_COGNITO=../src/lib/inc_generated/ndpi_domains_aws_cognito_match.c.inc
+DEST_API_GATEWAY=../src/lib/inc_generated/ndpi_domains_aws_api_gateway_match.c.inc
+DEST_EC2=../src/lib/inc_generated/ndpi_domains_aws_ec2_match.c.inc
+DEST_EMR=../src/lib/inc_generated/ndpi_domains_aws_emr_match.c.inc
+DEST_S3=../src/lib/inc_generated/ndpi_domains_aws_s3_match.c.inc
+DEST_CLOUDFRONT=../src/lib/inc_generated/ndpi_domains_aws_cloudfront_match.c.inc
+TMP=/tmp/suffix.txt
+LIST=/tmp/aws_domains.list
+ORIGIN="https://publicsuffix.org/list/public_suffix_list.dat"
+
+echo "(1) Downloading file... ${ORIGIN}"
+http_response=$(curl -L -s -o $TMP -w "%{http_code}" ${ORIGIN})
+if [ $http_response != "200" ]; then
+ echo "Error $http_response: you probably need to update the list url!"
+ exit 1
+fi
+
+echo "(2) Processing domains..."
+
+#COGNITO
+grep "cognito" $TMP | sort -u | uniq > $LIST
+./domains2list.py $LIST "AWS_Cognito" NDPI_PROTOCOL_AWS_COGNITO NDPI_PROTOCOL_CATEGORY_CLOUD NDPI_PROTOCOL_ACCEPTABLE > $DEST_COGNITO
+
+#API GATEWAY
+grep "execute-api" $TMP | sort -u | uniq > $LIST
+./domains2list.py $LIST "AWS_API_Gateway" NDPI_PROTOCOL_AWS_API_GATEWAY NDPI_PROTOCOL_CATEGORY_CLOUD NDPI_PROTOCOL_ACCEPTABLE > $DEST_API_GATEWAY
+
+#EC2
+grep "compute" $TMP | grep "amazonaws" | sort -u | uniq > $LIST
+./domains2list.py $LIST "AWS_EC2" NDPI_PROTOCOL_AWS_EC2 NDPI_PROTOCOL_CATEGORY_CLOUD NDPI_PROTOCOL_ACCEPTABLE > $DEST_EC2
+
+#EMR
+grep "emr" $TMP | grep "amazonaws" | sort -u | uniq > $LIST
+./domains2list.py $LIST "AWS_EMR" NDPI_PROTOCOL_AWS_EMR NDPI_PROTOCOL_CATEGORY_CLOUD NDPI_PROTOCOL_ACCEPTABLE > $DEST_EMR
+
+#S3
+grep "s3" $TMP | grep "amazonaws" | sort -u | uniq > $LIST
+./domains2list.py $LIST "AWS_S3" NDPI_PROTOCOL_AWS_S3 NDPI_PROTOCOL_CATEGORY_CLOUD NDPI_PROTOCOL_ACCEPTABLE > $DEST_S3
+
+#CLOUDFRONT
+grep "cloudfront" $TMP | sort -u | uniq > $LIST
+./domains2list.py $LIST "AWS_Cloudfront" NDPI_PROTOCOL_AWS_CLOUDFRONT NDPI_PROTOCOL_CATEGORY_CLOUD NDPI_PROTOCOL_ACCEPTABLE > $DEST_CLOUDFRONT
+
+rm -f $TMP $LIST
+
+echo "(3) AWS domains are available in $DEST_COGNITO, $DEST_API_GATEWAY, $DEST_EC2, $DEST_EMR, $DEST_S3, $DEST_CLOUDFRONT"
+exit 0
diff --git a/utils/aws_ip_addresses_download.sh b/utils/aws_ip_addresses_download.sh
index de7409759..12611bea6 100755
--- a/utils/aws_ip_addresses_download.sh
+++ b/utils/aws_ip_addresses_download.sh
@@ -5,6 +5,12 @@ cd "$(dirname "${0}")" || exit 1
. ./common.sh || exit 1
DEST=../src/lib/inc_generated/ndpi_amazon_aws_match.c.inc
+DEST_API_GATEWAY=../src/lib/inc_generated/ndpi_amazon_aws_api_gateway_match.c.inc
+DEST_KINESIS=../src/lib/inc_generated/ndpi_amazon_aws_kinesis_match.c.inc
+DEST_EC2=../src/lib/inc_generated/ndpi_amazon_aws_ec2_match.c.inc
+DEST_S3=../src/lib/inc_generated/ndpi_amazon_aws_s3_match.c.inc
+DEST_CLOUDFRONT=../src/lib/inc_generated/ndpi_amazon_aws_cloudfront_match.c.inc
+DEST_DYNAMODB=../src/lib/inc_generated/ndpi_amazon_aws_dynamodb_match.c.inc
TMP=/tmp/aws.json
LIST=/tmp/aws.list
LIST6=/tmp/aws.list6
@@ -19,18 +25,64 @@ check_http_response "${http_response}"
is_file_empty "${TMP}"
echo "(2) Processing IP addresses..."
-jq -r '.prefixes | .[].ip_prefix' $TMP > $LIST
-is_file_empty "${LIST}"
+
+#API_GATEWAY
+jq -r '.prefixes[] | select(.service=="API_GATEWAY") | .ip_prefix' $TMP > $LIST
./mergeipaddrlist.py $LIST > $LIST_MERGED
-is_file_empty "${LIST_MERGED}"
-jq -r '.ipv6_prefixes | .[].ipv6_prefix' $TMP > $LIST6
-is_file_empty "${LIST6}"
+jq -r '.ipv6_prefixes[] | select(.service=="API_GATEWAY") | .ipv6_prefix' $TMP > $LIST6
+./mergeipaddrlist.py $LIST6 > $LIST6_MERGED
+./ipaddr2list.py $LIST_MERGED NDPI_PROTOCOL_AWS_API_GATEWAY $LIST6_MERGED > $DEST_API_GATEWAY
+is_file_empty "${DEST_API_GATEWAY}"
+
+#KINESIS
+jq -r '.prefixes[] | select(.service=="KINESIS_VIDEO_STREAMS") | .ip_prefix' $TMP > $LIST
+./mergeipaddrlist.py $LIST > $LIST_MERGED
+jq -r '.ipv6_prefixes[] | select(.service=="KINESIS_VIDEO_STREAMS") | .ipv6_prefix' $TMP > $LIST6
+./mergeipaddrlist.py $LIST6 > $LIST6_MERGED
+./ipaddr2list.py $LIST_MERGED NDPI_PROTOCOL_AWS_KINESIS $LIST6_MERGED > $DEST_KINESIS
+is_file_empty "${DEST_KINESIS}"
+
+#EC2
+jq -r '.prefixes[] | select(.service=="EC2_INSTANCE_CONNECT" or .service=="EC2") | .ip_prefix' $TMP > $LIST
+./mergeipaddrlist.py $LIST > $LIST_MERGED
+jq -r '.ipv6_prefixes[] | select(.service=="EC2_INSTANCE_CONNECT" or .service=="EC2") | .ipv6_prefix' $TMP > $LIST6
+./mergeipaddrlist.py $LIST6 > $LIST6_MERGED
+./ipaddr2list.py $LIST_MERGED NDPI_PROTOCOL_AWS_EC2 $LIST6_MERGED > $DEST_EC2
+is_file_empty "${DEST_EC2}"
+
+#S3
+jq -r '.prefixes[] | select(.service=="S3") | .ip_prefix' $TMP > $LIST
+./mergeipaddrlist.py $LIST > $LIST_MERGED
+jq -r '.ipv6_prefixes[] | select(.service=="S3") | .ipv6_prefix' $TMP > $LIST6
+./mergeipaddrlist.py $LIST6 > $LIST6_MERGED
+./ipaddr2list.py $LIST_MERGED NDPI_PROTOCOL_AWS_S3 $LIST6_MERGED > $DEST_S3
+is_file_empty "${DEST_S3}"
+
+#CLOUDFRONT
+jq -r '.prefixes[] | select(.service=="CLOUDFRONT") | .ip_prefix' $TMP > $LIST
+./mergeipaddrlist.py $LIST > $LIST_MERGED
+jq -r '.ipv6_prefixes[] | select(.service=="CLOUDFRONT") | .ipv6_prefix' $TMP > $LIST6
+./mergeipaddrlist.py $LIST6 > $LIST6_MERGED
+./ipaddr2list.py $LIST_MERGED NDPI_PROTOCOL_AWS_CLOUDFRONT $LIST6_MERGED > $DEST_CLOUDFRONT
+is_file_empty "${DEST_CLOUDFRONT}"
+
+#DYNAMODB
+jq -r '.prefixes[] | select(.service=="DYNAMODB") | .ip_prefix' $TMP > $LIST
+./mergeipaddrlist.py $LIST > $LIST_MERGED
+jq -r '.ipv6_prefixes[] | select(.service=="DYNAMODB") | .ipv6_prefix' $TMP > $LIST6
+./mergeipaddrlist.py $LIST6 > $LIST6_MERGED
+./ipaddr2list.py $LIST_MERGED NDPI_PROTOCOL_AWS_DYNAMODB $LIST6_MERGED > $DEST_DYNAMODB
+is_file_empty "${DEST_DYNAMODB}"
+
+#Generic
+jq -r '.prefixes[] | select(.service | IN("API_GATEWAY","KINESIS_VIDEO_STREAMS","EC2_INSTANCE_CONNECT","EC2","S3","CLOUDFRONT","DYNAMODB") | not) | .ip_prefix' $TMP > $LIST
+./mergeipaddrlist.py $LIST > $LIST_MERGED
+jq -r '.ipv6_prefixes[] | select(.service | IN("API_GATEWAY","KINESIS_VIDEO_STREAMS","EC2_INSTANCE_CONNECT","EC2","S3","CLOUDFRONT","DYNAMODB") | not) | .ipv6_prefix' $TMP > $LIST6
./mergeipaddrlist.py $LIST6 > $LIST6_MERGED
-is_file_empty "${LIST6_MERGED}"
./ipaddr2list.py $LIST_MERGED NDPI_PROTOCOL_AMAZON_AWS $LIST6_MERGED > $DEST
is_file_empty "${DEST}"
rm -f ${TMP} ${LIST} ${LIST6} ${LIST_MERGED} ${LIST6_MERGED}
-echo "(3) Amazon AWS IPs are available in $DEST"
+echo "(3) Amazon AWS IPs are available in $DEST, $DEST_API_GATEWAY, $DEST_KINESIS, $DEST_EC2, $DEST_S3, $DEST_CLOUDFRONT, $DEST_DYNAMODB"
exit 0
diff --git a/utils/update_every_lists.sh b/utils/update_every_lists.sh
index c0b437abb..c6bbc429f 100755
--- a/utils/update_every_lists.sh
+++ b/utils/update_every_lists.sh
@@ -53,6 +53,8 @@ RETVAL=$(( RETVAL + $? ))
./microsoft_domains_download.sh
RETVAL=$(( RETVAL + $? ))
+./aws_domains_download.sh
+RETVAL=$(( RETVAL + $? ))
./crypto_mining_lists_download.sh
RETVAL=$(( RETVAL + $? ))