vrr/nDPI
2
0
Fork 0
mirror of https://github.com/vel21ripn/nDPI.git synced 2026-05-19 16:28:13 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

Added ndpi_bin_XXX API

Browse source 
Added packet lenght distribution bins
This commit is contained in:
Luca Deri 2020-06-22 01:02:54 +02:00
parent 2a137100da
commit 1a62f4c799
142 changed files with 4409 additions and 4189 deletions
Download patch file Download diff file Expand all files Collapse all files

46
example/ndpiReader.c
View file

@ -976,6 +976,33 @@ static char* is_unsafe_cipher(ndpi_cipher_weakness c) {
/* ********************************** */
void print_bin(const char *label, struct ndpi_bin *b) {
u_int8_t i;
FILE *out = results_file ? results_file : stdout;
ndpi_normalize_bin(b);
fprintf(out, "[%s: ", label);
for(i=0; i<b->num_bins; i++) {
switch(b->family) {
case ndpi_bin_family8:
fprintf(out, "%s%u", (i > 0) ? "," : "", b->u.bins8[i]);
break;
case ndpi_bin_family16:
fprintf(out, "%s%u", (i > 0) ? "," : "", b->u.bins16[i]);
break;
case ndpi_bin_family32:
fprintf(out, "%s%u", (i > 0) ? "," : "", b->u.bins32[i]);
break;
}
}
fprintf(out, "]");
}
/* ********************************** */
/**
* @brief Print the flow
*/
@ -1273,12 +1300,23 @@ static void printFlow(u_int16_t id, struct ndpi_flow_info *flow, u_int16_t threa
fprintf(out, "[Validity: %s - %s]", notBefore, notAfter);
}
if(flow->ssh_tls.server_cipher != '\0') fprintf(out, "[Cipher: %s]", ndpi_cipher2str(flow->ssh_tls.server_cipher));
if(flow->bittorent_hash[0] != '\0') fprintf(out, "[BT Hash: %s]", flow->bittorent_hash);
if(flow->dhcp_fingerprint[0] != '\0') fprintf(out, "[DHCP Fingerprint: %s]", flow->dhcp_fingerprint);
if(flow->ssh_tls.server_cipher != '\0') fprintf(out, "[Cipher: %s]",
ndpi_cipher2str(flow->ssh_tls.server_cipher));
if(flow->bittorent_hash[0] != '\0') fprintf(out, "[BT Hash: %s]",
flow->bittorent_hash);
if(flow->dhcp_fingerprint[0] != '\0') fprintf(out, "[DHCP Fingerprint: %s]",
flow->dhcp_fingerprint);
if(flow->has_human_readeable_strings) fprintf(out, "[PLAIN TEXT (%s)]", flow->human_readeable_string_buffer);
if(flow->has_human_readeable_strings) fprintf(out, "[PLAIN TEXT (%s)]",
flow->human_readeable_string_buffer);
#ifdef DIRECTION_BINS
print_bin("Plen c2s", &flow->payload_len_bin_src2dst);
print_bin("Plen s2c", &flow->payload_len_bin_dst2src);
#else
print_bin("Plen Bins", &flow->payload_len_bin);
#endif
fprintf(out, "\n");
}

70
example/reader_util.c
View file

@ -77,6 +77,11 @@
#define DLT_LINUX_SLL 113
#endif
#define PLEN_MAX 1504
#define PLEN_BIN_LEN 32
#define PLEN_NUM_BINS 47 /* 47*32 = 1504 */
#define MAX_NUM_BIN_PKTS 256
#include "ndpi_main.h"
#include "reader_util.h"
#include "ndpi_classify.h"
@ -458,6 +463,13 @@ void ndpi_flow_info_freer(void *node) {
ndpi_free_flow_data_analysis(flow);
ndpi_free_flow_tls_data(flow);
#ifdef DIRECTION_BINS
ndpi_free_bin(&flow->payload_len_bin_src2dst);
ndpi_free_bin(&flow->payload_len_bin_dst2src);
#else
ndpi_free_bin(&flow->payload_len_bin);
#endif
ndpi_free(flow);
}
@ -826,6 +838,13 @@ static struct ndpi_flow_info *get_ndpi_flow_info(struct ndpi_workflow * workflow
newflow->pktlen_s_to_c = ndpi_alloc_data_analysis(DATA_ANALUYSIS_SLIDING_WINDOW),
newflow->iat_flow = ndpi_alloc_data_analysis(DATA_ANALUYSIS_SLIDING_WINDOW);
#ifdef DIRECTION_BINS
ndpi_init_bin(&newflow->payload_len_bin_src2dst, ndpi_bin_family8, PLEN_NUM_BINS);
ndpi_init_bin(&newflow->payload_len_bin_dst2src, ndpi_bin_family8, PLEN_NUM_BINS);
#else
ndpi_init_bin(&newflow->payload_len_bin, ndpi_bin_family8, PLEN_NUM_BINS);
#endif
if(version == IPVERSION) {
inet_ntop(AF_INET, &newflow->src_ip, newflow->src_name, sizeof(newflow->src_name));
inet_ntop(AF_INET, &newflow->dst_ip, newflow->dst_name, sizeof(newflow->dst_name));
@ -838,6 +857,11 @@ static struct ndpi_flow_info *get_ndpi_flow_info(struct ndpi_workflow * workflow
if((newflow->ndpi_flow = ndpi_flow_malloc(SIZEOF_FLOW_STRUCT)) == NULL) {
NDPI_LOG(0, workflow->ndpi_struct, NDPI_LOG_ERROR, "[NDPI] %s(2): not enough memory\n", __FUNCTION__);
#ifdef DIRECTION_BINS
ndpi_free_bin(&newflow->payload_len_bin_src2dst), ndpi_free_bin(&newflow->payload_len_bin_dst2src);
#else
ndpi_free_bin(&newflow->payload_len_bin);
#endif
free(newflow);
return(NULL);
} else
@ -845,6 +869,11 @@ static struct ndpi_flow_info *get_ndpi_flow_info(struct ndpi_workflow * workflow
if((newflow->src_id = ndpi_malloc(SIZEOF_ID_STRUCT)) == NULL) {
NDPI_LOG(0, workflow->ndpi_struct, NDPI_LOG_ERROR, "[NDPI] %s(3): not enough memory\n", __FUNCTION__);
#ifdef DIRECTION_BINS
ndpi_free_bin(&newflow->payload_len_bin_src2dst), ndpi_free_bin(&newflow->payload_len_bin_dst2src);
#else
ndpi_free_bin(&newflow->payload_len_bin);
#endif
free(newflow);
return(NULL);
} else
@ -852,6 +881,11 @@ static struct ndpi_flow_info *get_ndpi_flow_info(struct ndpi_workflow * workflow
if((newflow->dst_id = ndpi_malloc(SIZEOF_ID_STRUCT)) == NULL) {
NDPI_LOG(0, workflow->ndpi_struct, NDPI_LOG_ERROR, "[NDPI] %s(4): not enough memory\n", __FUNCTION__);
#ifdef DIRECTION_BINS
ndpi_free_bin(&newflow->payload_len_bin_src2dst), ndpi_free_bin(&newflow->payload_len_bin_dst2src);
#else
ndpi_free_bin(&newflow->payload_len_bin);
#endif
free(newflow);
return(NULL);
} else
@ -1213,6 +1247,20 @@ void update_tcp_flags_count(struct ndpi_flow_info* flow, struct ndpi_tcphdr* tcp
}
}
/* ****************************************************** */
u_int8_t plen2slot(u_int16_t plen) {
/*
Slots [32 bytes lenght]
0..31, 32..63 ...
*/
if(plen > PLEN_MAX)
return(PLEN_NUM_BINS-1);
else
return(plen/PLEN_BIN_LEN);
}
/* ****************************************************** */
/**
Function to process the packet:
@ -1291,9 +1339,10 @@ static struct ndpi_proto packet_processing(struct ndpi_workflow * workflow,
ndpi_data_add_value(flow->iat_flow, ms);
}
}
memcpy(&flow->entropy.flow_last_pkt_time, &when, sizeof(when));
if(src_to_dst_direction) {
memcpy(&flow->entropy.flow_last_pkt_time, &when, sizeof(when));
if(src_to_dst_direction) {
if(flow->entropy.src2dst_last_pkt_time.tv_sec) {
ndpi_timer_sub(&when, &flow->entropy.src2dst_last_pkt_time, &tdiff);
@ -1309,7 +1358,12 @@ static struct ndpi_proto packet_processing(struct ndpi_workflow * workflow,
ndpi_data_add_value(flow->pktlen_c_to_s, rawsize);
flow->src2dst_packets++, flow->src2dst_bytes += rawsize, flow->src2dst_goodput_bytes += payload_len;
memcpy(&flow->entropy.src2dst_last_pkt_time, &when, sizeof(when));
} else {
#ifdef DIRECTION_BINS
if(payload_len && (flow->src2dst_packets < MAX_NUM_BIN_PKTS))
ndpi_inc_bin(&flow->payload_len_bin_src2dst, plen2slot(payload_len));
#endif
} else {
if(flow->entropy.dst2src_last_pkt_time.tv_sec && (!begin_or_end_tcp)) {
ndpi_timer_sub(&when, &flow->entropy.dst2src_last_pkt_time, &tdiff);
@ -1322,8 +1376,18 @@ static struct ndpi_proto packet_processing(struct ndpi_workflow * workflow,
ndpi_data_add_value(flow->pktlen_s_to_c, rawsize);
flow->dst2src_packets++, flow->dst2src_bytes += rawsize, flow->dst2src_goodput_bytes += payload_len;
memcpy(&flow->entropy.dst2src_last_pkt_time, &when, sizeof(when));
#ifdef DIRECTION_BINS
if(payload_len && (flow->dst2src_packets < MAX_NUM_BIN_PKTS))
ndpi_inc_bin(&flow->payload_len_bin_dst2src, plen2slot(payload_len));
#endif
}
#ifndef DIRECTION_BINS
if(payload_len && ((flow->src2dst_packets+flow->dst2src_packets) < MAX_NUM_BIN_PKTS))
ndpi_inc_bin(&flow->payload_len_bin, plen2slot(payload_len));
#endif
if(enable_payload_analyzer && (payload_len > 0))
ndpi_payload_analyzer(flow, src_to_dst_direction,
payload, payload_len,

7
example/reader_util.h
View file

@ -226,6 +226,13 @@ typedef struct ndpi_flow_info {
struct ndpi_entropy entropy;
struct ndpi_entropy last_entropy;
/* Payload lenght bins */
#ifdef DIRECTION_BINS
struct ndpi_bin payload_len_bin_src2dst, payload_len_bin_dst2src;
#else
struct ndpi_bin payload_len_bin;
#endif
} ndpi_flow_info_t;

7
src/include/ndpi_api.h.in
View file

@ -1064,6 +1064,13 @@ extern "C" {
/* Get cardinality estimation */
double ndpi_hll_count(struct ndpi_hll *hll);
/* ******************************* */
int ndpi_init_bin(struct ndpi_bin *b, enum ndpi_bin_family f, u_int8_t num_bins);
void ndpi_free_bin(struct ndpi_bin *b);
void ndpi_inc_bin(struct ndpi_bin *b, u_int8_t slot_id);
void ndpi_normalize_bin(struct ndpi_bin *b);
#ifdef __cplusplus
}

21
src/include/ndpi_typedefs.h
View file

@ -1498,4 +1498,25 @@ struct ndpi_hll {
u_int8_t *registers;
};
/* **************************************** */
enum ndpi_bin_family {
ndpi_bin_family8,
ndpi_bin_family16,
ndpi_bin_family32
};
struct ndpi_bin {
u_int8_t num_bins;
enum ndpi_bin_family family;
u_int32_t num_incs;
union {
u_int8_t *bins8; /* num_bins bins */
u_int16_t *bins16; /* num_bins bins */
u_int32_t *bins32; /* num_bins bins */
} u;
};
#endif /* __NDPI_TYPEDEFS_H__ */

83
src/lib/ndpi_analyze.c
View file

@ -233,3 +233,86 @@ void ndpi_hll_add_number(struct ndpi_hll *hll, u_int32_t value) {
double ndpi_hll_count(struct ndpi_hll *hll) {
return(hll_count(hll));
}
/* ********************************************************************************* */
/* ********************************************************************************* */
int ndpi_init_bin(struct ndpi_bin *b, enum ndpi_bin_family f, u_int8_t num_bins) {
b->num_bins = num_bins, b->family = f, b->num_incs = 0;
switch(f) {
case ndpi_bin_family8:
if((b->u.bins8 = (u_int8_t*)calloc(num_bins, sizeof(u_int8_t))) == NULL)
return(-1);
break;
case ndpi_bin_family16:
if((b->u.bins16 = (u_int16_t*)calloc(num_bins, sizeof(u_int16_t))) == NULL)
return(-1);
break;
case ndpi_bin_family32:
if((b->u.bins32 = (u_int32_t*)calloc(num_bins, sizeof(u_int32_t))) == NULL)
return(-1);
break;
}
return(0);
}
void ndpi_free_bin(struct ndpi_bin *b) {
switch(b->family) {
case ndpi_bin_family8:
free(b->u.bins8);
break;
case ndpi_bin_family16:
free(b->u.bins16);
break;
case ndpi_bin_family32:
free(b->u.bins32);
break;
}
}
void ndpi_inc_bin(struct ndpi_bin *b, u_int8_t slot_id) {
if(slot_id >= b->num_bins) slot_id = 0;
b->num_incs += 1;
switch(b->family) {
case ndpi_bin_family8:
b->u.bins8[slot_id]++;
break;
case ndpi_bin_family16:
b->u.bins16[slot_id]++;
break;
case ndpi_bin_family32:
b->u.bins32[slot_id]++;
break;
}
}
/*
Each bin slot is transformed in a % with respect to the value total
*/
void ndpi_normalize_bin(struct ndpi_bin *b) {
u_int8_t i;
if(b->num_incs == 0) return;
switch(b->family) {
case ndpi_bin_family8:
for(i=0; i<b->num_bins; i++)
b->u.bins8[i] = (b->u.bins8[i]*100) / b->num_incs;
break;
case ndpi_bin_family16:
for(i=0; i<b->num_bins; i++)
b->u.bins16[i] = (b->u.bins16[i]*100) / b->num_incs;
break;
case ndpi_bin_family32:
for(i=0; i<b->num_bins; i++)
b->u.bins32[i] = (b->u.bins32[i]*100) / b->num_incs;
break;
}
}

258
tests/result/1kxun.pcap.out
View file

@ -20,135 +20,135 @@ JA3 Host Stats:
1 192.168.5.16 2
1 TCP 192.168.115.8:49613 <-> 183.131.48.144:80 [proto: 7/HTTP][cat: Media/1][260 pkts/15070 bytes <-> 159 pkts/168623 bytes][Goodput ratio: 7/95][51.74 sec][Host: 183.131.48.144][bytes ratio: -0.836 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 190/321 862/665 236/194][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 58/1061 557/1078 44/127][URL: 183.131.48.144/vlive.qqvideo.tc.qq.com/u0020mkrnds.p1203.1.mp4?vkey=7AB139BF6B32F53747E8FF192E6FE557B3A3D644C034E34BF6EAEB4E0774F2A92EF3AC5C007520BB925E5C8A18E6D302C2DAE0A295B26AA8FD1DC8069D47CE1B4A16A56870BD1ACA3E86ABE4C079659DB2182FC71217AB68CCD344CE656][StatusCode: 206][Content-Type: video/mp4][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (GET /vlive.qq)]
2 TCP 192.168.115.8:49600 <-> 106.187.35.246:80 [proto: 7/HTTP][cat: Streaming/17][18 pkts/1722 bytes <-> 51 pkts/61707 bytes][Goodput ratio: 42/95][45.37 sec][Host: pic.1kxun.com][bytes ratio: -0.946 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3472/1029 44994/45054 11986/6714][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 96/1210 416/1314 113/325][URL: pic.1kxun.com/video_kankan/images/videos/18283-jfyj3.jpg][StatusCode: 200][Content-Type: image/jpeg][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][PLAIN TEXT (GET /video)]
3 TCP 192.168.115.8:49601 <-> 106.187.35.246:80 [proto: 7/HTTP][cat: Streaming/17][18 pkts/2440 bytes <-> 43 pkts/49237 bytes][Goodput ratio: 59/95][45.30 sec][Host: pic.1kxun.com][bytes ratio: -0.906 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3466/4 44999/62 11990/13][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 136/1145 415/1314 149/400][URL: pic.1kxun.com/video_kankan/images/videos/3578-ywzj.jpg][StatusCode: 200][Content-Type: image/jpeg][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][PLAIN TEXT (GET /video)]
4 TCP 192.168.115.8:49602 <-> 106.187.35.246:80 [proto: 7/HTTP][cat: Streaming/17][24 pkts/2786 bytes <-> 41 pkts/46203 bytes][Goodput ratio: 52/95][45.33 sec][Host: pic.1kxun.com][bytes ratio: -0.886 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2649/12 44748/253 10525/45][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 116/1127 415/1314 133/398][URL: pic.1kxun.com/video_kankan/images/videos/3713-ydm.jpg][StatusCode: 200][Content-Type: image/jpeg][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][PLAIN TEXT (GET /video)]
5 TCP 192.168.115.8:49604 <-> 106.187.35.246:80 [proto: 7/HTTP][cat: Streaming/17][20 pkts/2564 bytes <-> 38 pkts/43013 bytes][Goodput ratio: 57/95][45.32 sec][Host: pic.1kxun.com][bytes ratio: -0.887 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3007/1410 44996/45052 11222/7838][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 128/1132 423/1314 145/403][URL: pic.1kxun.com/video_kankan/images/videos/4657-jfyj.jpg][StatusCode: 200][Content-Type: image/jpeg][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][PLAIN TEXT (GET /video)]
6 TCP 192.168.115.8:49606 <-> 106.185.35.110:80 [proto: 7/HTTP][cat: Streaming/17][22 pkts/1926 bytes <-> 28 pkts/33821 bytes][Goodput ratio: 37/95][0.42 sec][Host: jp.kankan.1kxun.mobi][bytes ratio: -0.892 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 16/8 194/109 46/24][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 88/1208 411/1314 102/329][URL: jp.kankan.1kxun.mobi/api/movies/mp4script/10410?definition=true][StatusCode: 200][Content-Type: text/xml][PLAIN TEXT (GET /api/movies/mp4)]
7 TCP 192.168.115.8:49599 <-> 106.187.35.246:80 [proto: 7/HTTP][cat: Streaming/17][16 pkts/1612 bytes <-> 27 pkts/29579 bytes][Goodput ratio: 45/95][45.24 sec][Host: pic.1kxun.com][bytes ratio: -0.897 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 12/6 66/65 23/18][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 101/1096 415/1314 119/461][URL: pic.1kxun.com/video_kankan/images/videos/13480-alps.jpg][StatusCode: 200][Content-Type: image/jpeg][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][PLAIN TEXT (GET /video)]
8 TCP 192.168.115.8:49603 <-> 106.187.35.246:80 [proto: 7/HTTP][cat: Streaming/17][12 pkts/1396 bytes <-> 22 pkts/24184 bytes][Goodput ratio: 52/95][45.24 sec][Host: pic.1kxun.com][bytes ratio: -0.891 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 5632/4 45001/65 14880/15][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 116/1099 415/1314 134/455][URL: pic.1kxun.com/video_kankan/images/videos/16649-ljdz.jpg][StatusCode: 200][Content-Type: image/jpeg][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][PLAIN TEXT (GET /video)]
9 TCP 192.168.115.8:49609 <-> 42.120.51.152:8080 [proto: 7/HTTP][cat: Web/5][20 pkts/4716 bytes <-> 13 pkts/7005 bytes][Goodput ratio: 77/90][1.19 sec][Host: 42.120.51.152][bytes ratio: -0.195 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 49/52 298/178 81/57][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 236/539 499/1314 193/556][URL: 42.120.51.152:8080/api/proxy?url=http%3A%2F%2Fvv.video.qq.com%2Fgetvinfo][StatusCode: 100][Content-Type: application/x-www-form-urlencoded][User-Agent: Mozilla/5.0][Risk: ** Known protocol on non standard port **][PLAIN TEXT (POST /api/proxy)]
10 TCP 192.168.5.16:53627 <-> 203.69.81.73:80 [proto: 7/HTTP][cat: Web/5][6 pkts/676 bytes <-> 8 pkts/8822 bytes][Goodput ratio: 40/94][0.02 sec][Host: dl-obs.official.line.naver.jp][bytes ratio: -0.858 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 4/2 10/8 4/3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 113/1103 334/1514 99/610][URL: dl-obs.official.line.naver.jp/r/talk/m/4697716954688/preview][StatusCode: 200][Content-Type: image/jpeg][User-Agent: DESKTOP:MAC:10.10.5-YOSEMITE(4.7.2)][PLAIN TEXT (FGET /r/talk/m/4697716954688/pr)]
11 TCP 192.168.5.16:53628 <-> 203.69.81.73:80 [proto: 7/HTTP][cat: Web/5][6 pkts/676 bytes <-> 8 pkts/8482 bytes][Goodput ratio: 40/94][0.01 sec][Host: dl-obs.official.line.naver.jp][bytes ratio: -0.852 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3/2 10/6 4/2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 113/1060 334/1514 99/620][URL: dl-obs.official.line.naver.jp/r/talk/m/4697716971500/preview][StatusCode: 200][Content-Type: image/jpeg][User-Agent: DESKTOP:MAC:10.10.5-YOSEMITE(4.7.2)][PLAIN TEXT (GGET /r/talk/m/4697716971500/pr)]
12 UDP [fe80::9bd:81dd:2fdc:5750]:1900 -> [ff02::c]:1900 [proto: 12/SSDP][cat: System/18][16 pkts/8921 bytes -> 0 pkts/0 bytes][Goodput ratio: 89/0][8.40 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 103/0 512/0 2044/0 527/0][Pkt Len c2s/s2c min/avg/max/stddev: 510/0 558/0 590/0 30/0][PLAIN TEXT (NOTIFY )]
13 UDP 192.168.5.49:1900 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][16 pkts/8473 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][8.40 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 102/0 512/0 2044/0 527/0][Pkt Len c2s/s2c min/avg/max/stddev: 482/0 530/0 562/0 30/0][PLAIN TEXT (NOTIFY )]
14 TCP 119.235.235.84:443 <-> 192.168.5.16:53406 [proto: 91/TLS][cat: Web/5][13 pkts/6269 bytes <-> 10 pkts/1165 bytes][Goodput ratio: 88/51][18.02 sec][bytes ratio: 0.687 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/31 352/2546 3289/14274 980/4917][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 482/116 1514/386 582/101]
15 TCP 192.168.115.8:49608 <-> 203.205.151.234:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][18 pkts/3550 bytes <-> 7 pkts/1400 bytes][Goodput ratio: 71/72][1.09 sec][Host: vv.video.qq.com][bytes ratio: 0.434 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 70/191 476/506 136/201][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 197/200 499/372 176/149][URL: vv.video.qq.com/getvinfo][StatusCode: 100][User-Agent: Mozilla/5.0][PLAIN TEXT (POST /getvinfo HTTP/1.1)]
16 UDP 192.168.119.1:67 -> 255.255.255.255:68 [proto: 18/DHCP][cat: Network/14][14 pkts/4788 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][43.01 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 412/0 3106/0 12289/0 3176/0][Pkt Len c2s/s2c min/avg/max/stddev: 342/0 342/0 342/0 0/0]
17 TCP 192.168.5.16:53580 <-> 31.13.87.36:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][4 pkts/2050 bytes <-> 5 pkts/2297 bytes][Goodput ratio: 87/86][0.18 sec][bytes ratio: -0.057 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 4/0 60/44 176/133 82/54][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 512/459 1159/1464 468/536]
18 TCP 192.168.5.16:53623 <-> 192.168.115.75:443 [proto: 91/TLS][cat: Web/5][11 pkts/1959 bytes <-> 8 pkts/1683 bytes][Goodput ratio: 67/72][20.95 sec][bytes ratio: 0.076 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 2323/4176 15252/15254 4895/5951][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 178/210 1067/1055 288/323][Risk: ** Weak TLS cipher **** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: 192.168.115.75][JA3C: 799135475da362592a4be9199d258726][JA3S: 573a9f3f80037fb40d481e2054def5bb (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA]
19 TCP 192.168.5.16:53625 <-> 192.168.115.75:443 [proto: 91/TLS][cat: Web/5][11 pkts/1955 bytes <-> 8 pkts/1683 bytes][Goodput ratio: 67/72][6.76 sec][bytes ratio: 0.075 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 746/1336 5987/5987 1865/2341][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 178/210 1067/1055 287/323][Risk: ** Weak TLS cipher **** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: 192.168.115.75][JA3C: 618ee2509ef52bf0b8216e1564eea909][JA3S: 573a9f3f80037fb40d481e2054def5bb (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA]
20 TCP 192.168.5.16:53629 <-> 192.168.115.75:443 [proto: 91/TLS][cat: Web/5][10 pkts/1895 bytes <-> 7 pkts/1623 bytes][Goodput ratio: 69/75][6.08 sec][bytes ratio: 0.077 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 753/1500 5998/5998 1982/2597][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 190/232 1067/1055 299/340][Risk: ** Weak TLS cipher **** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: 192.168.115.75][JA3C: 618ee2509ef52bf0b8216e1564eea909][JA3S: 573a9f3f80037fb40d481e2054def5bb (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA]
21 TCP 192.168.115.8:49605 <-> 106.185.35.110:80 [proto: 7/HTTP][cat: Streaming/17][8 pkts/1128 bytes <-> 5 pkts/2282 bytes][Goodput ratio: 60/87][0.09 sec][Host: jp.kankan.1kxun.mobi][bytes ratio: -0.338 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 6/16 36/43 13/19][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 141/456 390/1314 144/512][URL: jp.kankan.1kxun.mobi/api/videos/10410.json][StatusCode: 200][Content-Type: application/json][PLAIN TEXT (GET /api/videos/10410.j)]
22 TCP 192.168.5.16:53626 <-> 192.168.115.75:443 [proto: 91/TLS][cat: Web/5][11 pkts/1943 bytes <-> 8 pkts/1267 bytes][Goodput ratio: 66/63][8.90 sec][bytes ratio: 0.211 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 982/1763 6000/6000 1978/2381][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 177/158 1051/639 283/188][Risk: ** Weak TLS cipher **** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: 192.168.115.75][JA3C: 799135475da362592a4be9199d258726][JA3S: 573a9f3f80037fb40d481e2054def5bb (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA]
23 TCP 192.168.115.8:49597 <-> 106.185.35.110:80 [proto: 7/HTTP][cat: Streaming/17][10 pkts/1394 bytes <-> 4 pkts/1464 bytes][Goodput ratio: 59/83][45.16 sec][Host: jp.kankan.1kxun.mobi][bytes ratio: -0.024 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/4 5639/28 44799/53 14801/24][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 139/366 468/1272 164/523][URL: jp.kankan.1kxun.mobi/api/videos/10410.json?callback=jQuery18306855657112319022_1470103242123&_=1470104377698][StatusCode: 200][Content-Type: application/x-javascript][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][PLAIN TEXT (GET /api/videos/10410.j)]
24 TCP 31.13.87.1:443 <-> 192.168.5.16:53578 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][5 pkts/1006 bytes <-> 5 pkts/1487 bytes][Goodput ratio: 67/78][0.26 sec][bytes ratio: -0.193 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 64/64 205/212 84/87][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 201/297 471/1223 139/463]
25 UDP 192.168.5.57:55809 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][14 pkts/2450 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][56.94 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2968/0 4488/0 17921/0 4136/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )]
26 TCP 192.168.115.8:49598 <-> 222.73.254.167:80 [proto: 7/HTTP][cat: Streaming/17][10 pkts/1406 bytes <-> 4 pkts/980 bytes][Goodput ratio: 60/75][45.21 sec][Host: kankan.1kxun.com][bytes ratio: 0.179 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/9 5643/40 44798/70 14800/30][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 141/245 474/788 167/314][URL: kankan.1kxun.com/api/videos/alsolikes/10410.json?callback=jQuery18306855657112319022_1470103242123&_=1470104377899][StatusCode: 200][Content-Type: application/json][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][PLAIN TEXT (GET /api/videos/alsolikes/10410)]
27 TCP 192.168.115.8:49612 <-> 183.131.48.145:80 [proto: 7/HTTP][cat: Web/5][10 pkts/1428 bytes <-> 4 pkts/867 bytes][Goodput ratio: 60/73][0.23 sec][Host: 183.131.48.145][bytes ratio: 0.244 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 28/42 74/83 34/42][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 143/217 486/687 172/271][URL: 183.131.48.145/vlive.qqvideo.tc.qq.com/u0020mkrnds.p1203.1.mp4?vkey=7AB139BF6B32F53747E8FF192E6FE557B3A3D644C034E34BF6EAEB4E0774F2A92EF3AC5C007520BB925E5C8A18E6D302C2DAE0A295B26AA8FD1DC8069D47CE1B4A16A56870BD1ACA3E86ABE4C079659DB2182FC71217AB68CCD344CE656][StatusCode: 302][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (GET /vlive.qq)]
28 UDP 192.168.5.44:51389 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][13 pkts/2275 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][59.19 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2967/0 5110/0 15056/0 4451/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )]
29 UDP 192.168.3.95:59468 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][12 pkts/2100 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][45.06 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2967/0 4198/0 14952/0 3585/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )]
30 UDP 192.168.5.9:55484 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][12 pkts/2100 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][49.87 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2968/0 4680/0 19869/0 5063/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )]
31 TCP 192.168.5.16:53624 <-> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][7 pkts/996 bytes <-> 5 pkts/986 bytes][Goodput ratio: 52/66][31.95 sec][Host: api.magicansoft.com][bytes ratio: 0.005 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/8 2391/3919 11352/11551 4481/5397][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 142/197 331/390 117/157][URL: api.magicansoft.com/comMagicanApi/composite/app.php/Global/Index/ip][StatusCode: 502][Content-Type: text/html][User-Agent: Magican (unknown version) CFNetwork/720.5.7 Darwin/14.5.0 (x86_64)][PLAIN TEXT (GET /comMagicanApi/composite/ap)]
32 UDP 192.168.101.33:55485 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][10 pkts/1750 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][49.87 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2969/0 5541/0 19870/0 5205/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )]
33 UDP 192.168.5.49:51704 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1611 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][45.06 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2965/0 5631/0 15155/0 3855/0][Pkt Len c2s/s2c min/avg/max/stddev: 179/0 179/0 179/0 0/0][PLAIN TEXT (SEARCH )]
34 UDP 192.168.5.50:64674 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1611 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][57.02 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2949/0 7126/0 24065/0 7503/0][Pkt Len c2s/s2c min/avg/max/stddev: 179/0 179/0 179/0 0/0][PLAIN TEXT (SEARCH )]
35 UDP 192.168.5.37:57325 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1575 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][45.06 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2969/0 5632/0 18024/0 4843/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )]
36 TCP 192.168.115.8:49607 <-> 218.244.135.170:9099 [proto: 7/HTTP][cat: Web/5][10 pkts/880 bytes <-> 3 pkts/572 bytes][Goodput ratio: 36/69][0.74 sec][Host: 218.244.135.170][bytes ratio: 0.212 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/119 54/119 318/119 106/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 88/191 212/446 62/181][URL: 218.244.135.170:9099/api/qqlive_ckey/get?vid=y0013xaeeyo&platform=10902][StatusCode: 200][User-Agent: Mozilla/5.0][Risk: ** Known protocol on non standard port **][PLAIN TEXT (GET /api/qq)]
37 UDP 192.168.5.47:60267 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][8 pkts/1432 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][38.10 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2968/0 5442/0 17101/0 4875/0][Pkt Len c2s/s2c min/avg/max/stddev: 179/0 179/0 179/0 0/0][PLAIN TEXT (SEARCH )]
38 UDP 192.168.5.41:55312 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][8 pkts/1400 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][57.22 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2949/0 8174/0 27242/0 8848/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )]
39 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][4 pkts/1368 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][46.39 sec][Host: shen][DHCP Fingerprint: 1,121,3,6,15,119,252][PLAIN TEXT (android)]
40 UDP 192.168.5.16:68 <-> 192.168.119.1:67 [proto: 18/DHCP][cat: Network/14][2 pkts/684 bytes <-> 2 pkts/684 bytes][Goodput ratio: 88/88][30.01 sec][Host: macbook-air][DHCP Fingerprint: 1,3,6,15,119,95,252,44,46]
41 UDP 192.168.5.48:49701 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][7 pkts/1253 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][16.80 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1227/0 2799/0 5942/0 1567/0][Pkt Len c2s/s2c min/avg/max/stddev: 179/0 179/0 179/0 0/0][PLAIN TEXT (SEARCH )]
42 UDP 192.168.3.236:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][13 pkts/1196 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][30.61 sec][Host: isatap][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 715/0 2708/0 9111/0 2902/0][Pkt Len c2s/s2c min/avg/max/stddev: 92/0 92/0 92/0 0/0][PLAIN TEXT (FDEBFEEBFACACACACACACACACACAAA)]
43 UDP 192.168.5.45:138 -> 192.168.255.255:138 [proto: 10.16/NetBIOS.SMBv1][cat: System/18][3 pkts/648 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][0.00 sec][Host: macbookair-e1d0][PLAIN TEXT ( ENEBEDECEPEPELEBEJ)]
44 UDP 192.168.115.8:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][6 pkts/552 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][1.50 sec][Host: wpad][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 300/0 749/0 367/0][Pkt Len c2s/s2c min/avg/max/stddev: 92/0 92/0 92/0 0/0][PLAIN TEXT ( FHFAEBEECACACACACACACACACACACA)]
45 UDP 192.168.5.67:138 -> 192.168.255.255:138 [proto: 10.16/NetBIOS.SMBv1][cat: System/18][2 pkts/549 bytes -> 0 pkts/0 bytes][Goodput ratio: 85/0][< 1 sec][Host: sanji-lifebook-][PLAIN TEXT ( FDEBEOEKEJ)]
46 UDP [fe80::406:55a8:6453:25dd]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network/14][5 pkts/490 bytes -> 0 pkts/0 bytes][Goodput ratio: 37/0][15.56 sec]
47 UDP [fe80::beee:7bff:fe0c:b3de]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network/14][4 pkts/392 bytes -> 0 pkts/0 bytes][Goodput ratio: 37/0][14.54 sec]
48 UDP 192.168.5.16:63372 <-> 168.95.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/89 bytes <-> 1 pkts/289 bytes][Goodput ratio: 52/85][0.01 sec][Host: dl-obs.official.line.naver.jp][203.69.81.73][PLAIN TEXT (official)]
49 TCP 192.168.115.8:49596 <-> 203.66.182.87:443 [proto: 91/TLS][cat: Web/5][4 pkts/220 bytes <-> 2 pkts/132 bytes][Goodput ratio: 2/0][45.01 sec][bytes ratio: 0.250 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/45002 14999/45002 44996/45002 21211/0][Pkt Len c2s/s2c min/avg/max/stddev: 55/66 55/66 55/66 0/0]
50 UDP 192.168.5.9:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][1 pkts/342 bytes -> 0 pkts/0 bytes][Goodput ratio: 87/0][< 1 sec][Host: joanna-pc][DHCP Fingerprint: 1,15,3,6,44,46,47,31,33,121,249,43,252][PLAIN TEXT (Joanna)]
51 UDP 192.168.5.41:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][1 pkts/342 bytes -> 0 pkts/0 bytes][Goodput ratio: 87/0][< 1 sec][Host: kevin-pc][DHCP Fingerprint: 1,15,3,6,44,46,47,31,33,121,249,43,252][PLAIN TEXT (MSFT 5.07)]
52 UDP 192.168.115.8:60724 <-> 8.8.8.8:53 [proto: 5.126/DNS.Google][cat: Streaming/17][2 pkts/146 bytes <-> 1 pkts/137 bytes][Goodput ratio: 42/69][0.05 sec][Host: pic.1kxun.com][106.187.35.246]
53 UDP 192.168.0.104:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][3 pkts/276 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][1.54 sec][Host: sc.arrancar.org][PLAIN TEXT ( FDEDCOEBFC)]
54 UDP 192.168.115.8:51024 <-> 8.8.8.8:53 [proto: 5.126/DNS.Google][cat: Streaming/17][2 pkts/160 bytes <-> 1 pkts/112 bytes][Goodput ratio: 47/62][0.02 sec][Host: jp.kankan.1kxun.mobi][106.185.35.110][PLAIN TEXT (kankan)]
55 UDP 192.168.115.8:54420 <-> 8.8.8.8:53 [proto: 5.48/DNS.QQ][cat: Chat/9][2 pkts/150 bytes <-> 1 pkts/116 bytes][Goodput ratio: 44/63][0.04 sec][Host: vv.video.qq.com][203.205.151.234]
56 UDP 192.168.115.8:52723 <-> 8.8.8.8:53 [proto: 5.126/DNS.Google][cat: Streaming/17][2 pkts/152 bytes <-> 1 pkts/108 bytes][Goodput ratio: 44/61][1.05 sec][Host: kankan.1kxun.com][222.73.254.113][PLAIN TEXT (kankan)]
57 UDP 192.168.115.8:52723 <-> 168.95.1.1:53 [proto: 5/DNS][cat: Streaming/17][2 pkts/152 bytes <-> 1 pkts/108 bytes][Goodput ratio: 44/61][0.00 sec][Host: kankan.1kxun.com][222.73.254.167][PLAIN TEXT (kankan)]
58 UDP 192.168.115.8:51458 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][4 pkts/256 bytes -> 0 pkts/0 bytes][Goodput ratio: 34/0][0.10 sec][Host: wpad]
59 TCP 192.168.5.16:53613 -> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][3 pkts/198 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][36.19 sec]
60 UDP [fe80::9bd:81dd:2fdc:5750]:61548 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/190 bytes -> 0 pkts/0 bytes][Goodput ratio: 35/0][0.41 sec][Host: caesar-thinkpad][PLAIN TEXT (caesar)]
61 UDP [fe80::9bd:81dd:2fdc:5750]:64568 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/190 bytes -> 0 pkts/0 bytes][Goodput ratio: 35/0][0.41 sec][Host: caesar-thinkpad][PLAIN TEXT (caesar)]
62 UDP 192.168.5.45:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][2 pkts/184 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][1.02 sec][Host: nasfile][PLAIN TEXT ( EOEBFDEGEJEMEFCACACACACACACACA)]
63 UDP [fe80::e98f:bae2:19f7:6b0f]:51451 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/184 bytes -> 0 pkts/0 bytes][Goodput ratio: 32/0][0.41 sec][Host: ____________]
64 UDP [fe80::e98f:bae2:19f7:6b0f]:54888 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/184 bytes -> 0 pkts/0 bytes][Goodput ratio: 32/0][0.10 sec][Host: ____________]
65 UDP [fe80::e98f:bae2:19f7:6b0f]:58779 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/184 bytes -> 0 pkts/0 bytes][Goodput ratio: 32/0][0.41 sec][Host: ____________]
66 UDP [fe80::e034:7be:d8f9:6197]:49766 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/182 bytes -> 0 pkts/0 bytes][Goodput ratio: 32/0][0.41 sec][Host: charming-pc][PLAIN TEXT (charming)]
67 UDP [fe80::5d92:62a8:ebde:1319]:49735 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/178 bytes -> 0 pkts/0 bytes][Goodput ratio: 30/0][0.10 sec][Host: wangs-ltw]
68 UDP [fe80::5d92:62a8:ebde:1319]:58468 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/178 bytes -> 0 pkts/0 bytes][Goodput ratio: 30/0][0.10 sec][Host: wangs-ltw]
69 TCP 192.168.115.8:49581 <-> 64.233.189.128:80 [proto: 7.126/HTTP.Google][cat: Web/5][2 pkts/110 bytes <-> 1 pkts/66 bytes][Goodput ratio: 2/0][0.01 sec]
70 UDP [fe80::4568:efbc:40b1:1346]:50194 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/176 bytes -> 0 pkts/0 bytes][Goodput ratio: 29/0][0.10 sec][Host: kevin-pc]
71 UDP [fe80::4568:efbc:40b1:1346]:57148 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/176 bytes -> 0 pkts/0 bytes][Goodput ratio: 29/0][0.10 sec][Host: kevin-pc]
72 UDP [fe80::5d92:62a8:ebde:1319]:61172 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/174 bytes -> 0 pkts/0 bytes][Goodput ratio: 29/0][0.10 sec][Host: sonusav][PLAIN TEXT (sonusav)]
73 UDP [fe80::5d92:62a8:ebde:1319]:53938 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Goodput ratio: 28/0][0.10 sec][Host: isatap][PLAIN TEXT (isatap)]
74 UDP [fe80::5d92:62a8:ebde:1319]:63659 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Goodput ratio: 28/0][0.11 sec][Host: isatap][PLAIN TEXT (isatap)]
75 UDP [fe80::edf5:240a:c8c0:8312]:53962 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Goodput ratio: 28/0][0.41 sec][Host: ro_x1c]
76 UDP [fe80::edf5:240a:c8c0:8312]:61603 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Goodput ratio: 28/0][0.41 sec][Host: ro_x1c]
77 UDP 192.168.5.49:61548 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/150 bytes -> 0 pkts/0 bytes][Goodput ratio: 44/0][0.41 sec][Host: caesar-thinkpad][PLAIN TEXT (caesar)]
78 UDP 192.168.5.49:64568 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/150 bytes -> 0 pkts/0 bytes][Goodput ratio: 44/0][0.41 sec][Host: caesar-thinkpad][PLAIN TEXT (caesar)]
79 UDP 192.168.3.95:51451 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/144 bytes -> 0 pkts/0 bytes][Goodput ratio: 41/0][0.41 sec][Host: ____________]
80 UDP 192.168.3.95:54888 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/144 bytes -> 0 pkts/0 bytes][Goodput ratio: 41/0][0.10 sec][Host: ____________]
81 UDP 192.168.3.95:58779 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/144 bytes -> 0 pkts/0 bytes][Goodput ratio: 41/0][0.41 sec][Host: ____________]
82 UDP 192.168.5.50:57143 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/142 bytes -> 0 pkts/0 bytes][Goodput ratio: 41/0][0.41 sec][Host: charming-pc][PLAIN TEXT (charming)]
83 UDP 192.168.5.50:62756 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/142 bytes -> 0 pkts/0 bytes][Goodput ratio: 41/0][0.41 sec][Host: charming-pc][PLAIN TEXT (charming)]
84 UDP 192.168.5.48:59797 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/140 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][0.41 sec][Host: kasper-mac][PLAIN TEXT (Kasper)]
85 UDP 192.168.3.236:62069 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Goodput ratio: 39/0][0.10 sec][Host: wangs-ltw]
86 UDP 192.168.3.236:65496 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Goodput ratio: 39/0][0.10 sec][Host: wangs-ltw]
87 UDP 192.168.5.9:58456 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Goodput ratio: 39/0][0.10 sec][Host: joanna-pc][PLAIN TEXT (Joanna)]
88 UDP 192.168.5.9:62822 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Goodput ratio: 39/0][0.10 sec][Host: joanna-pc][PLAIN TEXT (Joanna)]
89 UDP 192.168.101.33:58456 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Goodput ratio: 39/0][0.10 sec][Host: joanna-pc][PLAIN TEXT (Joanna)]
90 UDP 192.168.101.33:62822 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Goodput ratio: 39/0][0.10 sec][Host: joanna-pc][PLAIN TEXT (Joanna)]
91 UDP 192.168.5.37:54506 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Goodput ratio: 38/0][0.41 sec][Host: notebook][PLAIN TEXT (notebook)]
92 UDP 192.168.5.37:56366 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Goodput ratio: 38/0][0.41 sec][Host: notebook][PLAIN TEXT (notebook)]
93 UDP 192.168.5.41:54470 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Goodput ratio: 38/0][0.10 sec][Host: kevin-pc]
94 UDP 192.168.5.44:58702 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Goodput ratio: 38/0][0.10 sec][Host: jason-pc]
95 UDP 192.168.5.44:59571 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Goodput ratio: 38/0][0.10 sec][Host: jason-pc]
96 UDP 192.168.5.57:64428 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Goodput ratio: 38/0][0.10 sec][Host: usher-pc]
97 UDP 192.168.5.57:65150 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Goodput ratio: 38/0][0.10 sec][Host: usher-pc]
98 UDP 192.168.3.236:51714 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][0.11 sec][Host: isatap][PLAIN TEXT (isatap)]
99 UDP 192.168.3.236:56043 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][0.10 sec][Host: isatap][PLAIN TEXT (isatap)]
100 UDP 192.168.5.47:53962 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][0.41 sec][Host: ro_x1c]
101 UDP 192.168.5.47:61603 -> 224.0.0.252:5355 [proto: 87/RTP][cat: Media/1][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][0.41 sec]
102 TCP 192.168.5.16:53605 -> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][2 pkts/126 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][22.90 sec]
103 TCP 192.168.5.16:53622 <-> 192.168.115.75:443 [proto: 91/TLS][cat: Web/5][1 pkts/60 bytes <-> 1 pkts/60 bytes][Goodput ratio: 0/0][0.00 sec]
104 UDP [fe80::f65c:89ff:fe89:e607]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network/14][1 pkts/98 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][< 1 sec]
105 UDP 192.168.5.45:59461 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Host: gfile][PLAIN TEXT ( EHEGEJEMEFCACACACACACACACACACA)]
106 UDP 192.168.5.45:59789 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Host: sanji-lifebook-][PLAIN TEXT ( FDEBEOEKEJ)]
107 UDP [fe80::e034:7be:d8f9:6197]:57143 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/91 bytes -> 0 pkts/0 bytes][Goodput ratio: 32/0][< 1 sec][Host: charming-pc][PLAIN TEXT (charming)]
108 UDP [fe80::e034:7be:d8f9:6197]:62756 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/91 bytes -> 0 pkts/0 bytes][Goodput ratio: 32/0][< 1 sec][Host: charming-pc][PLAIN TEXT (charming)]
109 UDP 192.168.5.16:123 -> 17.253.26.125:123 [proto: 9.140/NTP.Apple][cat: System/18][1 pkts/90 bytes -> 0 pkts/0 bytes][Goodput ratio: 53/0][< 1 sec]
110 UDP 192.168.5.64:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][PLAIN TEXT (googlecast)]
111 UDP 192.168.5.50:49766 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][< 1 sec][Host: charming-pc][PLAIN TEXT (charming)]
112 UDP 192.168.5.50:50030 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][< 1 sec][Host: charming-pc][PLAIN TEXT (charming)]
113 UDP 192.168.5.41:55593 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/68 bytes -> 0 pkts/0 bytes][Goodput ratio: 38/0][< 1 sec][Host: kevin-pc]
114 UDP 192.168.5.44:59062 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/68 bytes -> 0 pkts/0 bytes][Goodput ratio: 38/0][< 1 sec][Host: jason-pc]
115 UDP 192.168.3.236:59730 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/67 bytes -> 0 pkts/0 bytes][Goodput ratio: 37/0][< 1 sec][Host: sonusav][PLAIN TEXT (sonusav)]
1 TCP 192.168.115.8:49613 <-> 183.131.48.144:80 [proto: 7/HTTP][cat: Media/1][260 pkts/15070 bytes <-> 159 pkts/168623 bytes][Goodput ratio: 7/95][51.74 sec][Host: 183.131.48.144][bytes ratio: -0.836 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 190/321 862/665 236/194][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 58/1061 557/1078 44/127][URL: 183.131.48.144/vlive.qqvideo.tc.qq.com/u0020mkrnds.p1203.1.mp4?vkey=7AB139BF6B32F53747E8FF192E6FE557B3A3D644C034E34BF6EAEB4E0774F2A92EF3AC5C007520BB925E5C8A18E6D302C2DAE0A295B26AA8FD1DC8069D47CE1B4A16A56870BD1ACA3E86ABE4C079659DB2182FC71217AB68CCD344CE656][StatusCode: 206][Content-Type: video/mp4][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (GET /vlive.qq)][Plen Bins: 0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,96,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 TCP 192.168.115.8:49600 <-> 106.187.35.246:80 [proto: 7/HTTP][cat: Streaming/17][18 pkts/1722 bytes <-> 51 pkts/61707 bytes][Goodput ratio: 42/95][45.37 sec][Host: pic.1kxun.com][bytes ratio: -0.946 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3472/1029 44994/45054 11986/6714][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 96/1210 416/1314 113/325][URL: pic.1kxun.com/video_kankan/images/videos/18283-jfyj3.jpg][StatusCode: 200][Content-Type: image/jpeg][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][PLAIN TEXT (GET /video)][Plen Bins: 3,0,0,0,0,0,0,0,0,1,0,3,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,88,0,0,0,0,0,0,0]
3 TCP 192.168.115.8:49601 <-> 106.187.35.246:80 [proto: 7/HTTP][cat: Streaming/17][18 pkts/2440 bytes <-> 43 pkts/49237 bytes][Goodput ratio: 59/95][45.30 sec][Host: pic.1kxun.com][bytes ratio: -0.906 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3466/4 44999/62 11990/13][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 136/1145 415/1314 149/400][URL: pic.1kxun.com/video_kankan/images/videos/3578-ywzj.jpg][StatusCode: 200][Content-Type: image/jpeg][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][PLAIN TEXT (GET /video)][Plen Bins: 4,2,0,0,0,0,0,0,0,4,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,78,0,0,0,0,0,0,0]
4 TCP 192.168.115.8:49602 <-> 106.187.35.246:80 [proto: 7/HTTP][cat: Streaming/17][24 pkts/2786 bytes <-> 41 pkts/46203 bytes][Goodput ratio: 52/95][45.33 sec][Host: pic.1kxun.com][bytes ratio: -0.886 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2649/12 44748/253 10525/45][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 116/1127 415/1314 133/398][URL: pic.1kxun.com/video_kankan/images/videos/3713-ydm.jpg][StatusCode: 200][Content-Type: image/jpeg][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][PLAIN TEXT (GET /video)][Plen Bins: 4,0,0,0,0,0,0,0,0,4,0,9,0,0,4,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,75,0,0,0,0,0,0,0]
5 TCP 192.168.115.8:49604 <-> 106.187.35.246:80 [proto: 7/HTTP][cat: Streaming/17][20 pkts/2564 bytes <-> 38 pkts/43013 bytes][Goodput ratio: 57/95][45.32 sec][Host: pic.1kxun.com][bytes ratio: -0.887 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3007/1410 44996/45052 11222/7838][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 128/1132 423/1314 145/403][URL: pic.1kxun.com/video_kankan/images/videos/4657-jfyj.jpg][StatusCode: 200][Content-Type: image/jpeg][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][PLAIN TEXT (GET /video)][Plen Bins: 4,0,0,0,0,0,0,0,0,4,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,75,0,0,0,0,0,0,0]
6 TCP 192.168.115.8:49606 <-> 106.185.35.110:80 [proto: 7/HTTP][cat: Streaming/17][22 pkts/1926 bytes <-> 28 pkts/33821 bytes][Goodput ratio: 37/95][0.42 sec][Host: jp.kankan.1kxun.mobi][bytes ratio: -0.892 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 16/8 194/109 46/24][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 88/1208 411/1314 102/329][URL: jp.kankan.1kxun.mobi/api/movies/mp4script/10410?definition=true][StatusCode: 200][Content-Type: text/xml][PLAIN TEXT (GET /api/movies/mp4)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,89,0,0,0,0,0,0,0]
7 TCP 192.168.115.8:49599 <-> 106.187.35.246:80 [proto: 7/HTTP][cat: Streaming/17][16 pkts/1612 bytes <-> 27 pkts/29579 bytes][Goodput ratio: 45/95][45.24 sec][Host: pic.1kxun.com][bytes ratio: -0.897 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 12/6 66/65 23/18][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 101/1096 415/1314 119/461][URL: pic.1kxun.com/video_kankan/images/videos/13480-alps.jpg][StatusCode: 200][Content-Type: image/jpeg][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][PLAIN TEXT (GET /video)][Plen Bins: 7,3,0,0,0,0,0,0,0,3,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,78,0,0,0,0,0,0,0]
8 TCP 192.168.115.8:49603 <-> 106.187.35.246:80 [proto: 7/HTTP][cat: Streaming/17][12 pkts/1396 bytes <-> 22 pkts/24184 bytes][Goodput ratio: 52/95][45.24 sec][Host: pic.1kxun.com][bytes ratio: -0.891 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 5632/4 45001/65 14880/15][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 116/1099 415/1314 134/455][URL: pic.1kxun.com/video_kankan/images/videos/16649-ljdz.jpg][StatusCode: 200][Content-Type: image/jpeg][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][PLAIN TEXT (GET /video)][Plen Bins: 8,0,0,0,0,0,0,0,0,4,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,73,0,0,0,0,0,0,0]
9 TCP 192.168.115.8:49609 <-> 42.120.51.152:8080 [proto: 7/HTTP][cat: Web/5][20 pkts/4716 bytes <-> 13 pkts/7005 bytes][Goodput ratio: 77/90][1.19 sec][Host: 42.120.51.152][bytes ratio: -0.195 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 49/52 298/178 81/57][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 236/539 499/1314 193/556][URL: 42.120.51.152:8080/api/proxy?url=http%3A%2F%2Fvv.video.qq.com%2Fgetvinfo][StatusCode: 100][Content-Type: application/x-www-form-urlencoded][User-Agent: Mozilla/5.0][Risk: ** Known protocol on non standard port **][PLAIN TEXT (POST /api/proxy)][Plen Bins: 11,0,0,0,0,0,0,22,0,0,0,0,0,33,0,5,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,22,0,0,0,0,0,0,0]
10 TCP 192.168.5.16:53627 <-> 203.69.81.73:80 [proto: 7/HTTP][cat: Web/5][6 pkts/676 bytes <-> 8 pkts/8822 bytes][Goodput ratio: 40/94][0.02 sec][Host: dl-obs.official.line.naver.jp][bytes ratio: -0.858 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 4/2 10/8 4/3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 113/1103 334/1514 99/610][URL: dl-obs.official.line.naver.jp/r/talk/m/4697716954688/preview][StatusCode: 200][Content-Type: image/jpeg][User-Agent: DESKTOP:MAC:10.10.5-YOSEMITE(4.7.2)][PLAIN TEXT (FGET /r/talk/m/4697716954688/pr)][Plen Bins: 0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,71,0]
11 TCP 192.168.5.16:53628 <-> 203.69.81.73:80 [proto: 7/HTTP][cat: Web/5][6 pkts/676 bytes <-> 8 pkts/8482 bytes][Goodput ratio: 40/94][0.01 sec][Host: dl-obs.official.line.naver.jp][bytes ratio: -0.852 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3/2 10/6 4/2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 113/1060 334/1514 99/620][URL: dl-obs.official.line.naver.jp/r/talk/m/4697716971500/preview][StatusCode: 200][Content-Type: image/jpeg][User-Agent: DESKTOP:MAC:10.10.5-YOSEMITE(4.7.2)][PLAIN TEXT (GGET /r/talk/m/4697716971500/pr)][Plen Bins: 0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,71,0]
12 UDP [fe80::9bd:81dd:2fdc:5750]:1900 -> [ff02::c]:1900 [proto: 12/SSDP][cat: System/18][16 pkts/8921 bytes -> 0 pkts/0 bytes][Goodput ratio: 89/0][8.40 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 103/0 512/0 2044/0 527/0][Pkt Len c2s/s2c min/avg/max/stddev: 510/0 558/0 590/0 30/0][PLAIN TEXT (NOTIFY )][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,31,12,56,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
13 UDP 192.168.5.49:1900 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][16 pkts/8473 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][8.40 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 102/0 512/0 2044/0 527/0][Pkt Len c2s/s2c min/avg/max/stddev: 482/0 530/0 562/0 30/0][PLAIN TEXT (NOTIFY )][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,12,18,50,18,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
14 TCP 119.235.235.84:443 <-> 192.168.5.16:53406 [proto: 91/TLS][cat: Web/5][13 pkts/6269 bytes <-> 10 pkts/1165 bytes][Goodput ratio: 88/51][18.02 sec][bytes ratio: 0.687 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/31 352/2546 3289/14274 980/4917][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 482/116 1514/386 582/101][Plen Bins: 23,7,0,0,0,15,7,0,7,0,7,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,23,0]
15 TCP 192.168.115.8:49608 <-> 203.205.151.234:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][18 pkts/3550 bytes <-> 7 pkts/1400 bytes][Goodput ratio: 71/72][1.09 sec][Host: vv.video.qq.com][bytes ratio: 0.434 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 70/191 476/506 136/201][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 197/200 499/372 176/149][URL: vv.video.qq.com/getvinfo][StatusCode: 100][User-Agent: Mozilla/5.0][PLAIN TEXT (POST /getvinfo HTTP/1.1)][Plen Bins: 15,0,0,0,0,15,15,0,0,23,0,0,0,30,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
16 UDP 192.168.119.1:67 -> 255.255.255.255:68 [proto: 18/DHCP][cat: Network/14][14 pkts/4788 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][43.01 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 412/0 3106/0 12289/0 3176/0][Pkt Len c2s/s2c min/avg/max/stddev: 342/0 342/0 342/0 0/0][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
17 TCP 192.168.5.16:53580 <-> 31.13.87.36:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][4 pkts/2050 bytes <-> 5 pkts/2297 bytes][Goodput ratio: 87/86][0.18 sec][bytes ratio: -0.057 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 4/0 60/44 176/133 82/54][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 512/459 1159/1464 468/536][Plen Bins: 0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,20,0,0,0]
18 TCP 192.168.5.16:53623 <-> 192.168.115.75:443 [proto: 91/TLS][cat: Web/5][11 pkts/1959 bytes <-> 8 pkts/1683 bytes][Goodput ratio: 67/72][20.95 sec][bytes ratio: 0.076 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 2323/4176 15252/15254 4895/5951][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 178/210 1067/1055 288/323][Risk: ** Weak TLS cipher **** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: 192.168.115.75][JA3C: 799135475da362592a4be9199d258726][JA3S: 573a9f3f80037fb40d481e2054def5bb (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 14,14,14,0,0,14,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
19 TCP 192.168.5.16:53625 <-> 192.168.115.75:443 [proto: 91/TLS][cat: Web/5][11 pkts/1955 bytes <-> 8 pkts/1683 bytes][Goodput ratio: 67/72][6.76 sec][bytes ratio: 0.075 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 746/1336 5987/5987 1865/2341][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 178/210 1067/1055 287/323][Risk: ** Weak TLS cipher **** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: 192.168.115.75][JA3C: 618ee2509ef52bf0b8216e1564eea909][JA3S: 573a9f3f80037fb40d481e2054def5bb (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 14,14,14,0,0,14,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
20 TCP 192.168.5.16:53629 <-> 192.168.115.75:443 [proto: 91/TLS][cat: Web/5][10 pkts/1895 bytes <-> 7 pkts/1623 bytes][Goodput ratio: 69/75][6.08 sec][bytes ratio: 0.077 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 753/1500 5998/5998 1982/2597][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 190/232 1067/1055 299/340][Risk: ** Weak TLS cipher **** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: 192.168.115.75][JA3C: 618ee2509ef52bf0b8216e1564eea909][JA3S: 573a9f3f80037fb40d481e2054def5bb (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 14,14,14,0,0,14,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
21 TCP 192.168.115.8:49605 <-> 106.185.35.110:80 [proto: 7/HTTP][cat: Streaming/17][8 pkts/1128 bytes <-> 5 pkts/2282 bytes][Goodput ratio: 60/87][0.09 sec][Host: jp.kankan.1kxun.mobi][bytes ratio: -0.338 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 6/16 36/43 13/19][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 141/456 390/1314 144/512][URL: jp.kankan.1kxun.mobi/api/videos/10410.json][StatusCode: 200][Content-Type: application/json][PLAIN TEXT (GET /api/videos/10410.j)][Plen Bins: 20,0,0,0,0,0,0,0,0,0,40,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0]
22 TCP 192.168.5.16:53626 <-> 192.168.115.75:443 [proto: 91/TLS][cat: Web/5][11 pkts/1943 bytes <-> 8 pkts/1267 bytes][Goodput ratio: 66/63][8.90 sec][bytes ratio: 0.211 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 982/1763 6000/6000 1978/2381][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 177/158 1051/639 283/188][Risk: ** Weak TLS cipher **** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: 192.168.115.75][JA3C: 799135475da362592a4be9199d258726][JA3S: 573a9f3f80037fb40d481e2054def5bb (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 14,14,14,0,0,14,14,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
23 TCP 192.168.115.8:49597 <-> 106.185.35.110:80 [proto: 7/HTTP][cat: Streaming/17][10 pkts/1394 bytes <-> 4 pkts/1464 bytes][Goodput ratio: 59/83][45.16 sec][Host: jp.kankan.1kxun.mobi][bytes ratio: -0.024 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/4 5639/28 44799/53 14801/24][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 139/366 468/1272 164/523][URL: jp.kankan.1kxun.mobi/api/videos/10410.json?callback=jQuery18306855657112319022_1470103242123&_=1470104377698][StatusCode: 200][Content-Type: application/x-javascript][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][PLAIN TEXT (GET /api/videos/10410.j)][Plen Bins: 40,0,0,0,0,0,0,0,0,0,0,0,40,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0]
24 TCP 31.13.87.1:443 <-> 192.168.5.16:53578 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][5 pkts/1006 bytes <-> 5 pkts/1487 bytes][Goodput ratio: 67/78][0.26 sec][bytes ratio: -0.193 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 64/64 205/212 84/87][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 201/297 471/1223 139/463][Plen Bins: 0,0,40,20,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0]
25 UDP 192.168.5.57:55809 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][14 pkts/2450 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][56.94 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2968/0 4488/0 17921/0 4136/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
26 TCP 192.168.115.8:49598 <-> 222.73.254.167:80 [proto: 7/HTTP][cat: Streaming/17][10 pkts/1406 bytes <-> 4 pkts/980 bytes][Goodput ratio: 60/75][45.21 sec][Host: kankan.1kxun.com][bytes ratio: 0.179 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/9 5643/40 44798/70 14800/30][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 141/245 474/788 167/314][URL: kankan.1kxun.com/api/videos/alsolikes/10410.json?callback=jQuery18306855657112319022_1470103242123&_=1470104377899][StatusCode: 200][Content-Type: application/json][User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22][PLAIN TEXT (GET /api/videos/alsolikes/10410)][Plen Bins: 40,0,0,0,0,0,0,0,0,0,0,0,0,40,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
27 TCP 192.168.115.8:49612 <-> 183.131.48.145:80 [proto: 7/HTTP][cat: Web/5][10 pkts/1428 bytes <-> 4 pkts/867 bytes][Goodput ratio: 60/73][0.23 sec][Host: 183.131.48.145][bytes ratio: 0.244 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 28/42 74/83 34/42][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 143/217 486/687 172/271][URL: 183.131.48.145/vlive.qqvideo.tc.qq.com/u0020mkrnds.p1203.1.mp4?vkey=7AB139BF6B32F53747E8FF192E6FE557B3A3D644C034E34BF6EAEB4E0774F2A92EF3AC5C007520BB925E5C8A18E6D302C2DAE0A295B26AA8FD1DC8069D47CE1B4A16A56870BD1ACA3E86ABE4C079659DB2182FC71217AB68CCD344CE656][StatusCode: 302][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (GET /vlive.qq)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,66,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
28 UDP 192.168.5.44:51389 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][13 pkts/2275 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][59.19 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2967/0 5110/0 15056/0 4451/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
29 UDP 192.168.3.95:59468 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][12 pkts/2100 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][45.06 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2967/0 4198/0 14952/0 3585/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
30 UDP 192.168.5.9:55484 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][12 pkts/2100 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][49.87 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2968/0 4680/0 19869/0 5063/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
31 TCP 192.168.5.16:53624 <-> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][7 pkts/996 bytes <-> 5 pkts/986 bytes][Goodput ratio: 52/66][31.95 sec][Host: api.magicansoft.com][bytes ratio: 0.005 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/8 2391/3919 11352/11551 4481/5397][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 142/197 331/390 117/157][URL: api.magicansoft.com/comMagicanApi/composite/app.php/Global/Index/ip][StatusCode: 502][Content-Type: text/html][User-Agent: Magican (unknown version) CFNetwork/720.5.7 Darwin/14.5.0 (x86_64)][PLAIN TEXT (GET /comMagicanApi/composite/ap)][Plen Bins: 0,0,0,0,0,0,0,0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
32 UDP 192.168.101.33:55485 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][10 pkts/1750 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][49.87 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2969/0 5541/0 19870/0 5205/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
33 UDP 192.168.5.49:51704 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1611 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][45.06 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2965/0 5631/0 15155/0 3855/0][Pkt Len c2s/s2c min/avg/max/stddev: 179/0 179/0 179/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
34 UDP 192.168.5.50:64674 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1611 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][57.02 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2949/0 7126/0 24065/0 7503/0][Pkt Len c2s/s2c min/avg/max/stddev: 179/0 179/0 179/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
35 UDP 192.168.5.37:57325 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1575 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][45.06 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2969/0 5632/0 18024/0 4843/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
36 TCP 192.168.115.8:49607 <-> 218.244.135.170:9099 [proto: 7/HTTP][cat: Web/5][10 pkts/880 bytes <-> 3 pkts/572 bytes][Goodput ratio: 36/69][0.74 sec][Host: 218.244.135.170][bytes ratio: 0.212 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/119 54/119 318/119 106/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 88/191 212/446 62/181][URL: 218.244.135.170:9099/api/qqlive_ckey/get?vid=y0013xaeeyo&platform=10902][StatusCode: 200][User-Agent: Mozilla/5.0][Risk: ** Known protocol on non standard port **][PLAIN TEXT (GET /api/qq)][Plen Bins: 25,0,0,0,50,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
37 UDP 192.168.5.47:60267 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][8 pkts/1432 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][38.10 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2968/0 5442/0 17101/0 4875/0][Pkt Len c2s/s2c min/avg/max/stddev: 179/0 179/0 179/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
38 UDP 192.168.5.41:55312 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][8 pkts/1400 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][57.22 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2949/0 8174/0 27242/0 8848/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
39 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][4 pkts/1368 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][46.39 sec][Host: shen][DHCP Fingerprint: 1,121,3,6,15,119,252][PLAIN TEXT (android)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
40 UDP 192.168.5.16:68 <-> 192.168.119.1:67 [proto: 18/DHCP][cat: Network/14][2 pkts/684 bytes <-> 2 pkts/684 bytes][Goodput ratio: 88/88][30.01 sec][Host: macbook-air][DHCP Fingerprint: 1,3,6,15,119,95,252,44,46][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
41 UDP 192.168.5.48:49701 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][7 pkts/1253 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][16.80 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1227/0 2799/0 5942/0 1567/0][Pkt Len c2s/s2c min/avg/max/stddev: 179/0 179/0 179/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
42 UDP 192.168.3.236:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][13 pkts/1196 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][30.61 sec][Host: isatap][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 715/0 2708/0 9111/0 2902/0][Pkt Len c2s/s2c min/avg/max/stddev: 92/0 92/0 92/0 0/0][PLAIN TEXT (FDEBFEEBFACACACACACACACACACAAA)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
43 UDP 192.168.5.45:138 -> 192.168.255.255:138 [proto: 10.16/NetBIOS.SMBv1][cat: System/18][3 pkts/648 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][0.00 sec][Host: macbookair-e1d0][PLAIN TEXT ( ENEBEDECEPEPELEBEJ)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
44 UDP 192.168.115.8:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][6 pkts/552 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][1.50 sec][Host: wpad][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 300/0 749/0 367/0][Pkt Len c2s/s2c min/avg/max/stddev: 92/0 92/0 92/0 0/0][PLAIN TEXT ( FHFAEBEECACACACACACACACACACACA)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
45 UDP 192.168.5.67:138 -> 192.168.255.255:138 [proto: 10.16/NetBIOS.SMBv1][cat: System/18][2 pkts/549 bytes -> 0 pkts/0 bytes][Goodput ratio: 85/0][< 1 sec][Host: sanji-lifebook-][PLAIN TEXT ( FDEBEOEKEJ)][Plen Bins: 0,0,0,0,0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
46 UDP [fe80::406:55a8:6453:25dd]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network/14][5 pkts/490 bytes -> 0 pkts/0 bytes][Goodput ratio: 37/0][15.56 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
47 UDP [fe80::beee:7bff:fe0c:b3de]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network/14][4 pkts/392 bytes -> 0 pkts/0 bytes][Goodput ratio: 37/0][14.54 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
48 UDP 192.168.5.16:63372 <-> 168.95.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/89 bytes <-> 1 pkts/289 bytes][Goodput ratio: 52/85][0.01 sec][Host: dl-obs.official.line.naver.jp][203.69.81.73][PLAIN TEXT (official)][Plen Bins: 0,50,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
49 TCP 192.168.115.8:49596 <-> 203.66.182.87:443 [proto: 91/TLS][cat: Web/5][4 pkts/220 bytes <-> 2 pkts/132 bytes][Goodput ratio: 2/0][45.01 sec][bytes ratio: 0.250 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/45002 14999/45002 44996/45002 21211/0][Pkt Len c2s/s2c min/avg/max/stddev: 55/66 55/66 55/66 0/0][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
50 UDP 192.168.5.9:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][1 pkts/342 bytes -> 0 pkts/0 bytes][Goodput ratio: 87/0][< 1 sec][Host: joanna-pc][DHCP Fingerprint: 1,15,3,6,44,46,47,31,33,121,249,43,252][PLAIN TEXT (Joanna)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
51 UDP 192.168.5.41:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][1 pkts/342 bytes -> 0 pkts/0 bytes][Goodput ratio: 87/0][< 1 sec][Host: kevin-pc][DHCP Fingerprint: 1,15,3,6,44,46,47,31,33,121,249,43,252][PLAIN TEXT (MSFT 5.07)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
52 UDP 192.168.115.8:60724 <-> 8.8.8.8:53 [proto: 5.126/DNS.Google][cat: Streaming/17][2 pkts/146 bytes <-> 1 pkts/137 bytes][Goodput ratio: 42/69][0.05 sec][Host: pic.1kxun.com][106.187.35.246][Plen Bins: 66,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
53 UDP 192.168.0.104:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][3 pkts/276 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][1.54 sec][Host: sc.arrancar.org][PLAIN TEXT ( FDEDCOEBFC)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
54 UDP 192.168.115.8:51024 <-> 8.8.8.8:53 [proto: 5.126/DNS.Google][cat: Streaming/17][2 pkts/160 bytes <-> 1 pkts/112 bytes][Goodput ratio: 47/62][0.02 sec][Host: jp.kankan.1kxun.mobi][106.185.35.110][PLAIN TEXT (kankan)][Plen Bins: 0,66,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
55 UDP 192.168.115.8:54420 <-> 8.8.8.8:53 [proto: 5.48/DNS.QQ][cat: Chat/9][2 pkts/150 bytes <-> 1 pkts/116 bytes][Goodput ratio: 44/63][0.04 sec][Host: vv.video.qq.com][203.205.151.234][Plen Bins: 0,66,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
56 UDP 192.168.115.8:52723 <-> 8.8.8.8:53 [proto: 5.126/DNS.Google][cat: Streaming/17][2 pkts/152 bytes <-> 1 pkts/108 bytes][Goodput ratio: 44/61][1.05 sec][Host: kankan.1kxun.com][222.73.254.113][PLAIN TEXT (kankan)][Plen Bins: 0,66,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
57 UDP 192.168.115.8:52723 <-> 168.95.1.1:53 [proto: 5/DNS][cat: Streaming/17][2 pkts/152 bytes <-> 1 pkts/108 bytes][Goodput ratio: 44/61][0.00 sec][Host: kankan.1kxun.com][222.73.254.167][PLAIN TEXT (kankan)][Plen Bins: 0,66,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
58 UDP 192.168.115.8:51458 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][4 pkts/256 bytes -> 0 pkts/0 bytes][Goodput ratio: 34/0][0.10 sec][Host: wpad][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
59 TCP 192.168.5.16:53613 -> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][3 pkts/198 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][36.19 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
60 UDP [fe80::9bd:81dd:2fdc:5750]:61548 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/190 bytes -> 0 pkts/0 bytes][Goodput ratio: 35/0][0.41 sec][Host: caesar-thinkpad][PLAIN TEXT (caesar)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
61 UDP [fe80::9bd:81dd:2fdc:5750]:64568 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/190 bytes -> 0 pkts/0 bytes][Goodput ratio: 35/0][0.41 sec][Host: caesar-thinkpad][PLAIN TEXT (caesar)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
62 UDP 192.168.5.45:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][2 pkts/184 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][1.02 sec][Host: nasfile][PLAIN TEXT ( EOEBFDEGEJEMEFCACACACACACACACA)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
63 UDP [fe80::e98f:bae2:19f7:6b0f]:51451 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/184 bytes -> 0 pkts/0 bytes][Goodput ratio: 32/0][0.41 sec][Host: ____________][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
64 UDP [fe80::e98f:bae2:19f7:6b0f]:54888 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/184 bytes -> 0 pkts/0 bytes][Goodput ratio: 32/0][0.10 sec][Host: ____________][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
65 UDP [fe80::e98f:bae2:19f7:6b0f]:58779 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/184 bytes -> 0 pkts/0 bytes][Goodput ratio: 32/0][0.41 sec][Host: ____________][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
66 UDP [fe80::e034:7be:d8f9:6197]:49766 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/182 bytes -> 0 pkts/0 bytes][Goodput ratio: 32/0][0.41 sec][Host: charming-pc][PLAIN TEXT (charming)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
67 UDP [fe80::5d92:62a8:ebde:1319]:49735 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/178 bytes -> 0 pkts/0 bytes][Goodput ratio: 30/0][0.10 sec][Host: wangs-ltw][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
68 UDP [fe80::5d92:62a8:ebde:1319]:58468 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/178 bytes -> 0 pkts/0 bytes][Goodput ratio: 30/0][0.10 sec][Host: wangs-ltw][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
69 TCP 192.168.115.8:49581 <-> 64.233.189.128:80 [proto: 7.126/HTTP.Google][cat: Web/5][2 pkts/110 bytes <-> 1 pkts/66 bytes][Goodput ratio: 2/0][0.01 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
70 UDP [fe80::4568:efbc:40b1:1346]:50194 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/176 bytes -> 0 pkts/0 bytes][Goodput ratio: 29/0][0.10 sec][Host: kevin-pc][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
71 UDP [fe80::4568:efbc:40b1:1346]:57148 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/176 bytes -> 0 pkts/0 bytes][Goodput ratio: 29/0][0.10 sec][Host: kevin-pc][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
72 UDP [fe80::5d92:62a8:ebde:1319]:61172 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/174 bytes -> 0 pkts/0 bytes][Goodput ratio: 29/0][0.10 sec][Host: sonusav][PLAIN TEXT (sonusav)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
73 UDP [fe80::5d92:62a8:ebde:1319]:53938 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Goodput ratio: 28/0][0.10 sec][Host: isatap][PLAIN TEXT (isatap)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
74 UDP [fe80::5d92:62a8:ebde:1319]:63659 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Goodput ratio: 28/0][0.11 sec][Host: isatap][PLAIN TEXT (isatap)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
75 UDP [fe80::edf5:240a:c8c0:8312]:53962 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Goodput ratio: 28/0][0.41 sec][Host: ro_x1c][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
76 UDP [fe80::edf5:240a:c8c0:8312]:61603 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Goodput ratio: 28/0][0.41 sec][Host: ro_x1c][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
77 UDP 192.168.5.49:61548 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/150 bytes -> 0 pkts/0 bytes][Goodput ratio: 44/0][0.41 sec][Host: caesar-thinkpad][PLAIN TEXT (caesar)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
78 UDP 192.168.5.49:64568 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/150 bytes -> 0 pkts/0 bytes][Goodput ratio: 44/0][0.41 sec][Host: caesar-thinkpad][PLAIN TEXT (caesar)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
79 UDP 192.168.3.95:51451 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/144 bytes -> 0 pkts/0 bytes][Goodput ratio: 41/0][0.41 sec][Host: ____________][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
80 UDP 192.168.3.95:54888 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/144 bytes -> 0 pkts/0 bytes][Goodput ratio: 41/0][0.10 sec][Host: ____________][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
81 UDP 192.168.3.95:58779 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/144 bytes -> 0 pkts/0 bytes][Goodput ratio: 41/0][0.41 sec][Host: ____________][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
82 UDP 192.168.5.50:57143 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/142 bytes -> 0 pkts/0 bytes][Goodput ratio: 41/0][0.41 sec][Host: charming-pc][PLAIN TEXT (charming)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
83 UDP 192.168.5.50:62756 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/142 bytes -> 0 pkts/0 bytes][Goodput ratio: 41/0][0.41 sec][Host: charming-pc][PLAIN TEXT (charming)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
84 UDP 192.168.5.48:59797 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/140 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][0.41 sec][Host: kasper-mac][PLAIN TEXT (Kasper)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
85 UDP 192.168.3.236:62069 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Goodput ratio: 39/0][0.10 sec][Host: wangs-ltw][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
86 UDP 192.168.3.236:65496 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Goodput ratio: 39/0][0.10 sec][Host: wangs-ltw][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
87 UDP 192.168.5.9:58456 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Goodput ratio: 39/0][0.10 sec][Host: joanna-pc][PLAIN TEXT (Joanna)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
88 UDP 192.168.5.9:62822 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Goodput ratio: 39/0][0.10 sec][Host: joanna-pc][PLAIN TEXT (Joanna)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
89 UDP 192.168.101.33:58456 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Goodput ratio: 39/0][0.10 sec][Host: joanna-pc][PLAIN TEXT (Joanna)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
90 UDP 192.168.101.33:62822 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Goodput ratio: 39/0][0.10 sec][Host: joanna-pc][PLAIN TEXT (Joanna)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
91 UDP 192.168.5.37:54506 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Goodput ratio: 38/0][0.41 sec][Host: notebook][PLAIN TEXT (notebook)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
92 UDP 192.168.5.37:56366 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Goodput ratio: 38/0][0.41 sec][Host: notebook][PLAIN TEXT (notebook)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
93 UDP 192.168.5.41:54470 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Goodput ratio: 38/0][0.10 sec][Host: kevin-pc][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
94 UDP 192.168.5.44:58702 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Goodput ratio: 38/0][0.10 sec][Host: jason-pc][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
95 UDP 192.168.5.44:59571 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Goodput ratio: 38/0][0.10 sec][Host: jason-pc][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
96 UDP 192.168.5.57:64428 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Goodput ratio: 38/0][0.10 sec][Host: usher-pc][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
97 UDP 192.168.5.57:65150 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Goodput ratio: 38/0][0.10 sec][Host: usher-pc][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
98 UDP 192.168.3.236:51714 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][0.11 sec][Host: isatap][PLAIN TEXT (isatap)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
99 UDP 192.168.3.236:56043 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][0.10 sec][Host: isatap][PLAIN TEXT (isatap)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
100 UDP 192.168.5.47:53962 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][0.41 sec][Host: ro_x1c][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
101 UDP 192.168.5.47:61603 -> 224.0.0.252:5355 [proto: 87/RTP][cat: Media/1][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][0.41 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
102 TCP 192.168.5.16:53605 -> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][2 pkts/126 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][22.90 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
103 TCP 192.168.5.16:53622 <-> 192.168.115.75:443 [proto: 91/TLS][cat: Web/5][1 pkts/60 bytes <-> 1 pkts/60 bytes][Goodput ratio: 0/0][0.00 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
104 UDP [fe80::f65c:89ff:fe89:e607]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network/14][1 pkts/98 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][< 1 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
105 UDP 192.168.5.45:59461 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Host: gfile][PLAIN TEXT ( EHEGEJEMEFCACACACACACACACACACA)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
106 UDP 192.168.5.45:59789 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Host: sanji-lifebook-][PLAIN TEXT ( FDEBEOEKEJ)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
107 UDP [fe80::e034:7be:d8f9:6197]:57143 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/91 bytes -> 0 pkts/0 bytes][Goodput ratio: 32/0][< 1 sec][Host: charming-pc][PLAIN TEXT (charming)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
108 UDP [fe80::e034:7be:d8f9:6197]:62756 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/91 bytes -> 0 pkts/0 bytes][Goodput ratio: 32/0][< 1 sec][Host: charming-pc][PLAIN TEXT (charming)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
109 UDP 192.168.5.16:123 -> 17.253.26.125:123 [proto: 9.140/NTP.Apple][cat: System/18][1 pkts/90 bytes -> 0 pkts/0 bytes][Goodput ratio: 53/0][< 1 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
110 UDP 192.168.5.64:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][PLAIN TEXT (googlecast)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
111 UDP 192.168.5.50:49766 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][< 1 sec][Host: charming-pc][PLAIN TEXT (charming)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
112 UDP 192.168.5.50:50030 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][< 1 sec][Host: charming-pc][PLAIN TEXT (charming)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
113 UDP 192.168.5.41:55593 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/68 bytes -> 0 pkts/0 bytes][Goodput ratio: 38/0][< 1 sec][Host: kevin-pc][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
114 UDP 192.168.5.44:59062 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/68 bytes -> 0 pkts/0 bytes][Goodput ratio: 38/0][< 1 sec][Host: jason-pc][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
115 UDP 192.168.3.236:59730 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/67 bytes -> 0 pkts/0 bytes][Goodput ratio: 37/0][< 1 sec][Host: sonusav][PLAIN TEXT (sonusav)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Undetected flows:
1 UDP 192.168.10.110:60480 -> 255.255.255.255:62976 [proto: 0/Unknown][5 pkts/1795 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][40.04 sec]
2 UDP [2001:b030:214:100:c2a0:bbff:fe73:eb47]:62976 -> [ff02::1]:62976 [proto: 0/Unknown][2 pkts/782 bytes -> 0 pkts/0 bytes][Goodput ratio: 84/0][30.00 sec][PLAIN TEXT (Switch)]
3 UDP [2001:b020:6::c2a0:bbff:fe73:eb57]:62976 -> [ff02::1]:62976 [proto: 0/Unknown][2 pkts/782 bytes -> 0 pkts/0 bytes][Goodput ratio: 84/0][30.01 sec][PLAIN TEXT (Switch)]
4 UDP 192.168.10.7:62976 -> 255.255.255.255:62976 [proto: 0/Unknown][2 pkts/718 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][30.11 sec][PLAIN TEXT (Switch)]
5 UDP 192.168.125.30:62976 -> 255.255.255.255:62976 [proto: 0/Unknown][2 pkts/718 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][30.10 sec][PLAIN TEXT (Switch)]
6 UDP 192.168.140.140:62976 -> 255.255.255.255:62976 [proto: 0/Unknown][1 pkts/359 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][< 1 sec][PLAIN TEXT (Switch)]
7 UDP [fe80::4e5e:cff:feea:365]:5678 -> [ff02::1]:5678 [proto: 0/Unknown][1 pkts/197 bytes -> 0 pkts/0 bytes][Goodput ratio: 68/0][< 1 sec][PLAIN TEXT (6.35.1 )]
8 UDP [fe80::4e5e:cff:fe9a:ec54]:5678 -> [ff02::1]:5678 [proto: 0/Unknown][1 pkts/185 bytes -> 0 pkts/0 bytes][Goodput ratio: 66/0][< 1 sec][PLAIN TEXT (6.35.1 )]
9 UDP 192.168.119.1:56861 -> 255.255.255.255:5678 [proto: 0/Unknown][1 pkts/177 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][PLAIN TEXT (6.35.1 )]
10 UDP 59.120.208.218:50151 -> 255.255.255.255:1947 [proto: 0/Unknown][2 pkts/164 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][34.71 sec][PLAIN TEXT (AABHZW50cmljZV9)]
11 UDP 192.168.2.186:32768 -> 255.255.255.255:1947 [proto: 0/Unknown][2 pkts/164 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][34.72 sec][PLAIN TEXT (icRVSoU)]
12 UDP 192.168.119.2:43786 -> 255.255.255.255:5678 [proto: 0/Unknown][1 pkts/163 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][< 1 sec][PLAIN TEXT (6.35.4 )]
13 UDP 192.168.0.100:50925 -> 255.255.255.255:5678 [proto: 0/Unknown][1 pkts/142 bytes -> 0 pkts/0 bytes][Goodput ratio: 70/0][< 1 sec][PLAIN TEXT (6.35.1 )]
14 UDP 59.120.208.212:32768 -> 255.255.255.255:1947 [proto: 0/Unknown][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][PLAIN TEXT (dDYcTc4)]
1 UDP 192.168.10.110:60480 -> 255.255.255.255:62976 [proto: 0/Unknown][5 pkts/1795 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][40.04 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 UDP [2001:b030:214:100:c2a0:bbff:fe73:eb47]:62976 -> [ff02::1]:62976 [proto: 0/Unknown][2 pkts/782 bytes -> 0 pkts/0 bytes][Goodput ratio: 84/0][30.00 sec][PLAIN TEXT (Switch)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 UDP [2001:b020:6::c2a0:bbff:fe73:eb57]:62976 -> [ff02::1]:62976 [proto: 0/Unknown][2 pkts/782 bytes -> 0 pkts/0 bytes][Goodput ratio: 84/0][30.01 sec][PLAIN TEXT (Switch)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 UDP 192.168.10.7:62976 -> 255.255.255.255:62976 [proto: 0/Unknown][2 pkts/718 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][30.11 sec][PLAIN TEXT (Switch)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 UDP 192.168.125.30:62976 -> 255.255.255.255:62976 [proto: 0/Unknown][2 pkts/718 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][30.10 sec][PLAIN TEXT (Switch)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
6 UDP 192.168.140.140:62976 -> 255.255.255.255:62976 [proto: 0/Unknown][1 pkts/359 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][< 1 sec][PLAIN TEXT (Switch)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
7 UDP [fe80::4e5e:cff:feea:365]:5678 -> [ff02::1]:5678 [proto: 0/Unknown][1 pkts/197 bytes -> 0 pkts/0 bytes][Goodput ratio: 68/0][< 1 sec][PLAIN TEXT (6.35.1 )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
8 UDP [fe80::4e5e:cff:fe9a:ec54]:5678 -> [ff02::1]:5678 [proto: 0/Unknown][1 pkts/185 bytes -> 0 pkts/0 bytes][Goodput ratio: 66/0][< 1 sec][PLAIN TEXT (6.35.1 )][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
9 UDP 192.168.119.1:56861 -> 255.255.255.255:5678 [proto: 0/Unknown][1 pkts/177 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][PLAIN TEXT (6.35.1 )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
10 UDP 59.120.208.218:50151 -> 255.255.255.255:1947 [proto: 0/Unknown][2 pkts/164 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][34.71 sec][PLAIN TEXT (AABHZW50cmljZV9)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
11 UDP 192.168.2.186:32768 -> 255.255.255.255:1947 [proto: 0/Unknown][2 pkts/164 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][34.72 sec][PLAIN TEXT (icRVSoU)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
12 UDP 192.168.119.2:43786 -> 255.255.255.255:5678 [proto: 0/Unknown][1 pkts/163 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][< 1 sec][PLAIN TEXT (6.35.4 )][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
13 UDP 192.168.0.100:50925 -> 255.255.255.255:5678 [proto: 0/Unknown][1 pkts/142 bytes -> 0 pkts/0 bytes][Goodput ratio: 70/0][< 1 sec][PLAIN TEXT (6.35.1 )][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
14 UDP 59.120.208.212:32768 -> 255.255.255.255:1947 [proto: 0/Unknown][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][PLAIN TEXT (dDYcTc4)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

2
tests/result/443-chrome.pcap.out
View file

@ -1,3 +1,3 @@
TLS 1 1506 1
1 TCP 178.62.197.130:443 -> 192.168.1.13:53059 [proto: 91/TLS][cat: Web/5][1 pkts/1506 bytes -> 0 pkts/0 bytes][Goodput ratio: 96/0][< 1 sec]
1 TCP 178.62.197.130:443 -> 192.168.1.13:53059 [proto: 91/TLS][cat: Web/5][1 pkts/1506 bytes -> 0 pkts/0 bytes][Goodput ratio: 96/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0]

2
tests/result/443-curl.pcap.out
View file

@ -5,4 +5,4 @@ JA3 Host Stats:
1 192.168.1.13 1
1 TCP 192.168.1.13:55523 <-> 178.62.197.130:443 [proto: 91.26/TLS.ntop][cat: Network/14][51 pkts/4260 bytes <-> 58 pkts/69722 bytes][Goodput ratio: 22/94][1.10 sec][ALPN: h2;http/1.1][bytes ratio: -0.885 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 25/19 784/784 122/114][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 84/1202 583/1506 74/562][TLSv1.2][Client: www.ntop.org][JA3C: 2a26b1a62e40d25d4de3babc9d532f30][ServerNames: www.ntop.org][JA3S: ae53107a2e47ea20c72ac44821a728bf][Issuer: C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3][Subject: CN=www.ntop.org][Certificate SHA-1: DB:A7:E4:3E:6D:BB:21:AB:68:47:35:E8:0B:8F:15:DF:DB:C7:C9:6F][Validity: 2019-12-17 01:17:28 - 2020-03-16 01:17:28][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
1 TCP 192.168.1.13:55523 <-> 178.62.197.130:443 [proto: 91.26/TLS.ntop][cat: Network/14][51 pkts/4260 bytes <-> 58 pkts/69722 bytes][Goodput ratio: 22/94][1.10 sec][ALPN: h2;http/1.1][bytes ratio: -0.885 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 25/19 784/784 122/114][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 84/1202 583/1506 74/562][TLSv1.2][Client: www.ntop.org][JA3C: 2a26b1a62e40d25d4de3babc9d532f30][ServerNames: www.ntop.org][JA3S: ae53107a2e47ea20c72ac44821a728bf][Issuer: C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3][Subject: CN=www.ntop.org][Certificate SHA-1: DB:A7:E4:3E:6D:BB:21:AB:68:47:35:E8:0B:8F:15:DF:DB:C7:C9:6F][Validity: 2019-12-17 01:17:28 - 2020-03-16 01:17:28][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 3,13,1,1,1,0,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,1,0,70,0]

2
tests/result/443-firefox.pcap.out
View file

@ -5,4 +5,4 @@ JA3 Host Stats:
1 192.168.1.13 1
1 TCP 192.168.1.13:53096 <-> 178.62.197.130:443 [proto: 91.26/TLS.ntop][cat: Network/14][316 pkts/28495 bytes <-> 351 pkts/429572 bytes][Goodput ratio: 27/95][8.44 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.876 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 32/20 4007/4045 285/250][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 90/1224 583/1506 58/472][TLSv1.2][Client: www.ntop.org][JA3C: f6ce47303dce394049af395fc6d0bc20][ServerNames: www.ntop.org][JA3S: 3653a20186a5b490426131a611e01992][Issuer: C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3][Subject: CN=www.ntop.org][Certificate SHA-1: DB:A7:E4:3E:6D:BB:21:AB:68:47:35:E8:0B:8F:15:DF:DB:C7:C9:6F][Validity: 2019-12-17 01:17:28 - 2020-03-16 01:17:28][Cipher: TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256]
1 TCP 192.168.1.13:53096 <-> 178.62.197.130:443 [proto: 91.26/TLS.ntop][cat: Network/14][316 pkts/28495 bytes <-> 351 pkts/429572 bytes][Goodput ratio: 27/95][8.44 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.876 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 32/20 4007/4045 285/250][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 90/1224 583/1506 58/472][TLSv1.2][Client: www.ntop.org][JA3C: f6ce47303dce394049af395fc6d0bc20][ServerNames: www.ntop.org][JA3S: 3653a20186a5b490426131a611e01992][Issuer: C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3][Subject: CN=www.ntop.org][Certificate SHA-1: DB:A7:E4:3E:6D:BB:21:AB:68:47:35:E8:0B:8F:15:DF:DB:C7:C9:6F][Validity: 2019-12-17 01:17:28 - 2020-03-16 01:17:28][Cipher: TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256][Plen Bins: 1,0,1,6,7,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,1,0,0,0,0,1,63,0]

2
tests/result/443-git.pcap.out
View file

@ -5,4 +5,4 @@ JA3 Host Stats:
1 192.168.1.13 1
1 TCP 192.168.1.13:55744 <-> 140.82.114.4:443 [proto: 91.203/TLS.Github][cat: Collaborative/15][35 pkts/3167 bytes <-> 35 pkts/34022 bytes][Goodput ratio: 28/93][0.82 sec][ALPN: http/1.1][bytes ratio: -0.830 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 25/15 143/143 48/43][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 90/972 583/1490 94/616][TLSv1.2][Client: github.com][JA3C: 2a26b1a62e40d25d4de3babc9d532f30][ServerNames: github.com,www.github.com][JA3S: ae53107a2e47ea20c72ac44821a728bf][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 Extended Validation Server CA][Subject: C=US, ST=California, L=San Francisco, O=GitHub, Inc., CN=github.com][Certificate SHA-1: CA:06:F5:6B:25:8B:7A:0D:4F:2B:05:47:09:39:47:86:51:15:19:84][Validity: 2018-05-08 00:00:00 - 2020-06-03 12:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
1 TCP 192.168.1.13:55744 <-> 140.82.114.4:443 [proto: 91.203/TLS.Github][cat: Collaborative/15][35 pkts/3167 bytes <-> 35 pkts/34022 bytes][Goodput ratio: 28/93][0.82 sec][ALPN: http/1.1][bytes ratio: -0.830 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 25/15 143/143 48/43][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 90/972 583/1490 94/616][TLSv1.2][Client: github.com][JA3C: 2a26b1a62e40d25d4de3babc9d532f30][ServerNames: github.com,www.github.com][JA3S: ae53107a2e47ea20c72ac44821a728bf][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 Extended Validation Server CA][Subject: C=US, ST=California, L=San Francisco, O=GitHub, Inc., CN=github.com][Certificate SHA-1: CA:06:F5:6B:25:8B:7A:0D:4F:2B:05:47:09:39:47:86:51:15:19:84][Validity: 2018-05-08 00:00:00 - 2020-06-03 12:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 5,8,2,5,0,0,2,0,0,2,0,2,0,2,0,0,2,2,0,2,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,50,0,0]

2
tests/result/443-opvn.pcap.out
View file

@ -1,3 +1,3 @@
OpenVPN 46 11573 1
1 TCP 192.168.1.84:52973 <-> 192.12.192.103:1194 [proto: 159/OpenVPN][cat: VPN/2][25 pkts/5636 bytes <-> 21 pkts/5937 bytes][Goodput ratio: 70/77][8.96 sec][bytes ratio: -0.026 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 443/427 3959/4015 926/1024][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 225/283 1506/1506 330/399][PLAIN TEXT (Registro.it)]
1 TCP 192.168.1.84:52973 <-> 192.12.192.103:1194 [proto: 159/OpenVPN][cat: VPN/2][25 pkts/5636 bytes <-> 21 pkts/5937 bytes][Goodput ratio: 70/77][8.96 sec][bytes ratio: -0.026 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 443/427 3959/4015 926/1024][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 225/283 1506/1506 330/399][PLAIN TEXT (Registro.it)][Plen Bins: 4,39,4,8,0,0,0,0,0,4,4,0,0,0,4,0,0,4,0,8,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,8,0]

2
tests/result/443-safari.pcap.out
View file

@ -5,4 +5,4 @@ JA3 Host Stats:
1 192.168.1.13 1
1 TCP 192.168.1.13:53031 <-> 178.62.197.130:443 [proto: 91.26/TLS.ntop][cat: Network/14][21 pkts/2195 bytes <-> 20 pkts/17734 bytes][Goodput ratio: 36/93][1.10 sec][ALPN: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: -0.780 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 51/47 695/695 167/168][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 105/887 394/1506 83/661][TLSv1.2][Client: www.ntop.org][JA3C: a69708a64f853c3bcc214c2c5faf84f3][ServerNames: www.ntop.org][JA3S: f9fcb52580329fb6a9b61d7542087b90][Issuer: C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3][Subject: CN=www.ntop.org][Certificate SHA-1: DB:A7:E4:3E:6D:BB:21:AB:68:47:35:E8:0B:8F:15:DF:DB:C7:C9:6F][Validity: 2019-12-17 01:17:28 - 2020-03-16 01:17:28][Cipher: TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256]
1 TCP 192.168.1.13:53031 <-> 178.62.197.130:443 [proto: 91.26/TLS.ntop][cat: Network/14][21 pkts/2195 bytes <-> 20 pkts/17734 bytes][Goodput ratio: 36/93][1.10 sec][ALPN: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: -0.780 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 51/47 695/695 167/168][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 105/887 394/1506 83/661][TLSv1.2][Client: www.ntop.org][JA3C: a69708a64f853c3bcc214c2c5faf84f3][ServerNames: www.ntop.org][JA3S: f9fcb52580329fb6a9b61d7542087b90][Issuer: C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3][Subject: CN=www.ntop.org][Certificate SHA-1: DB:A7:E4:3E:6D:BB:21:AB:68:47:35:E8:0B:8F:15:DF:DB:C7:C9:6F][Validity: 2019-12-17 01:17:28 - 2020-03-16 01:17:28][Cipher: TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256][Plen Bins: 8,21,4,4,0,0,0,4,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,4,0,0,0,0,39,0]

2
tests/result/4in4tunnel.pcap.out
View file

@ -3,4 +3,4 @@ Unknown 5 850 1
Undetected flows:
1 UDP 10.10.100.25:62367 -> 10.10.101.2:17000 [VLAN: 505][proto: 0/Unknown][5 pkts/850 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][121572.07 sec]
1 UDP 10.10.100.25:62367 -> 10.10.101.2:17000 [VLAN: 505][proto: 0/Unknown][5 pkts/850 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][121572.07 sec][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

2
tests/result/4in6tunnel.pcap.out
View file

@ -5,4 +5,4 @@ JA3 Host Stats:
1 192.168.0.1 1
1 TCP 192.168.0.1:64455 <-> 10.10.10.1:443 [proto: 91.212/TLS.Microsoft][cat: Web/5][2 pkts/520 bytes <-> 2 pkts/1668 bytes][Goodput ratio: 43/82][< 1 sec][ALPN: h2;http/1.1][TLSv1.2][Client: www.bing.com][JA3C: 9e10692f1b7f78228b2d4e424db3a98c]
1 TCP 192.168.0.1:64455 <-> 10.10.10.1:443 [proto: 91.212/TLS.Microsoft][cat: Web/5][2 pkts/520 bytes <-> 2 pkts/1668 bytes][Goodput ratio: 43/82][< 1 sec][ALPN: h2;http/1.1][TLSv1.2][Client: www.bing.com][JA3C: 9e10692f1b7f78228b2d4e424db3a98c][Plen Bins: 0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0]

20
tests/result/6in4tunnel.pcap.out
View file

@ -9,13 +9,13 @@ JA3 Host Stats:
1 2001:470:1f17:13f:3e97:eff:fe73:4dec 2
1 TCP [2001:470:1f17:13f:3e97:eff:fe73:4dec]:60205 <-> [2604:a880:1:20::224:b001]:443 [proto: 91/TLS][cat: Web/5][14 pkts/2312 bytes <-> 14 pkts/13085 bytes][Goodput ratio: 35/89][0.60 sec][bytes ratio: -0.700 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 53/36 142/142 57/55][Pkt Len c2s/s2c min/avg/max/stddev: 106/106 165/935 629/1847 139/680][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: mail.tomasu.net][JA3C: 812d8bce0f85487ba7834d36568ed586][ServerNames: mail.tomasu.net,www.mail.tomasu.net][JA3S: 389ed42c02ebecc32e73aa31def07e14][Issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA][Subject: OU=Domain Control Validated, OU=PositiveSSL, CN=mail.tomasu.net][Certificate SHA-1: 9C:00:A2:31:8F:66:C6:E2:D8:E8:1E:6F:52:49:AD:15:0A:8B:7C:68][Validity: 2014-01-29 00:00:00 - 2019-01-28 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
2 TCP [2001:470:1f17:13f:3e97:eff:fe73:4dec]:53234 <-> [2a03:2880:1010:6f03:face:b00c::2]:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][18 pkts/6894 bytes <-> 15 pkts/7032 bytes][Goodput ratio: 72/77][0.53 sec][ALPN: spdy/3.1;h2-14;h2;http/1.1][bytes ratio: -0.010 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 20/23 98/97 33/36][Pkt Len c2s/s2c min/avg/max/stddev: 106/106 383/469 1504/1911 467/576][TLSv1.2][Client: www.facebook.com][JA3C: eb7cdd4e7dea7a11b3016c3c9acbd2a3][ServerNames: *.facebook.com,facebook.com,*.xz.fbcdn.net,messenger.com,fb.com,*.m.facebook.com,*.fbsbx.com,*.xy.fbcdn.net,*.messenger.com,*.fb.com,*.fbcdn.net,*.xx.fbcdn.net,*.facebook.net][JA3S: 6806b8fe92d7d465715d771eb102ff04][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance CA-3][Subject: C=US, ST=CA, L=Menlo Park, O=Facebook, Inc., CN=*.facebook.com][Certificate SHA-1: 93:C6:FD:1A:84:90:BB:F1:B2:3B:49:A0:9B:1F:6F:0B:46:7A:31:41][Validity: 2014-08-28 00:00:00 - 2015-12-31 12:00:00][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256]
3 ICMPV6 [2001:470:1f17:13f:3e97:eff:fe73:4dec]:0 <-> [2604:a880:1:20::224:b001]:0 [proto: 102/ICMPV6][cat: Network/14][23 pkts/3174 bytes <-> 23 pkts/3174 bytes][Goodput ratio: 41/41][22.14 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1000/992 1001/1001 1001/1012 0/4][Pkt Len c2s/s2c min/avg/max/stddev: 138/138 138/138 138/138 0/0]
4 TCP [2001:470:1f17:13f:3e97:eff:fe73:4dec]:41538 <-> [2604:a880:1:20::224:b001]:80 [proto: 7/HTTP][cat: Web/5][6 pkts/786 bytes <-> 4 pkts/1006 bytes][Goodput ratio: 18/57][0.82 sec][Host: mail.tomasu.net][bytes ratio: -0.123 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/2 164/56 495/110 171/54][Pkt Len c2s/s2c min/avg/max/stddev: 106/106 131/252 248/680 52/247][URL: mail.tomasu.net/][StatusCode: 301][Content-Type: text/html][User-Agent: Wget/1.16.3 (linux-gnu)][PLAIN TEXT (GET / HTTP/1.1)]
5 ICMPV6 [2a03:2880:1010:6f03:face:b00c::2]:0 -> [2001:470:1f17:13f:3e97:eff:fe73:4dec]:0 [proto: 102/ICMPV6][cat: Network/14][1 pkts/1314 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (ds 0/u6)]
6 UDP [2001:470:1f16:13f::2]:53959 <-> [2a03:2880:fffe:b:face:b00c::99]:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/133 bytes <-> 1 pkts/273 bytes][Goodput ratio: 38/70][0.09 sec][Host: star.c10r.facebook.com][2a03:2880:1010:6f03:face:b00c::2][PLAIN TEXT (facebook)]
7 UDP [2001:470:1f16:13f::2]:6404 <-> [2a03:2880:fffe:b:face:b00c::99]:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/133 bytes <-> 1 pkts/261 bytes][Goodput ratio: 38/68][0.09 sec][Host: star.c10r.facebook.com][173.252.120.6][PLAIN TEXT (facebook)]
8 TCP [2604:a880:1:20::224:b001]:993 <-> [2001:470:1f17:13f:6d69:c72:7313:616f]:35610 [proto: 51/IMAPS][cat: Email/3][1 pkts/152 bytes <-> 1 pkts/106 bytes][Goodput ratio: 30/0][0.01 sec]
9 TCP [2604:a880:1:20::224:b001]:993 <-> [2001:470:1f17:13f:6d69:c72:7313:616f]:56381 [proto: 51/IMAPS][cat: Email/3][1 pkts/152 bytes <-> 1 pkts/106 bytes][Goodput ratio: 30/0][0.07 sec]
10 ICMPV6 [2001:470:1f16:13f::2]:0 -> [2604:a880:1:20::224:b001]:0 [proto: 102/ICMPV6][cat: Network/14][1 pkts/200 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec]
1 TCP [2001:470:1f17:13f:3e97:eff:fe73:4dec]:60205 <-> [2604:a880:1:20::224:b001]:443 [proto: 91/TLS][cat: Web/5][14 pkts/2312 bytes <-> 14 pkts/13085 bytes][Goodput ratio: 35/89][0.60 sec][bytes ratio: -0.700 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 53/36 142/142 57/55][Pkt Len c2s/s2c min/avg/max/stddev: 106/106 165/935 629/1847 139/680][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: mail.tomasu.net][JA3C: 812d8bce0f85487ba7834d36568ed586][ServerNames: mail.tomasu.net,www.mail.tomasu.net][JA3S: 389ed42c02ebecc32e73aa31def07e14][Issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA][Subject: OU=Domain Control Validated, OU=PositiveSSL, CN=mail.tomasu.net][Certificate SHA-1: 9C:00:A2:31:8F:66:C6:E2:D8:E8:1E:6F:52:49:AD:15:0A:8B:7C:68][Validity: 2014-01-29 00:00:00 - 2019-01-28 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 7,7,0,7,0,7,0,0,7,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,7,0,0,0,35,0,7]
2 TCP [2001:470:1f17:13f:3e97:eff:fe73:4dec]:53234 <-> [2a03:2880:1010:6f03:face:b00c::2]:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][18 pkts/6894 bytes <-> 15 pkts/7032 bytes][Goodput ratio: 72/77][0.53 sec][ALPN: spdy/3.1;h2-14;h2;http/1.1][bytes ratio: -0.010 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 20/23 98/97 33/36][Pkt Len c2s/s2c min/avg/max/stddev: 106/106 383/469 1504/1911 467/576][TLSv1.2][Client: www.facebook.com][JA3C: eb7cdd4e7dea7a11b3016c3c9acbd2a3][ServerNames: *.facebook.com,facebook.com,*.xz.fbcdn.net,messenger.com,fb.com,*.m.facebook.com,*.fbsbx.com,*.xy.fbcdn.net,*.messenger.com,*.fb.com,*.fbcdn.net,*.xx.fbcdn.net,*.facebook.net][JA3S: 6806b8fe92d7d465715d771eb102ff04][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance CA-3][Subject: C=US, ST=CA, L=Menlo Park, O=Facebook, Inc., CN=*.facebook.com][Certificate SHA-1: 93:C6:FD:1A:84:90:BB:F1:B2:3B:49:A0:9B:1F:6F:0B:46:7A:31:41][Validity: 2014-08-28 00:00:00 - 2015-12-31 12:00:00][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256][Plen Bins: 5,31,5,0,0,5,5,0,5,0,0,0,0,0,0,0,0,0,0,0,0,5,5,0,0,0,0,0,5,0,0,0,0,0,5,0,0,0,0,0,0,0,0,15,0,0,5]
3 ICMPV6 [2001:470:1f17:13f:3e97:eff:fe73:4dec]:0 <-> [2604:a880:1:20::224:b001]:0 [proto: 102/ICMPV6][cat: Network/14][23 pkts/3174 bytes <-> 23 pkts/3174 bytes][Goodput ratio: 41/41][22.14 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1000/992 1001/1001 1001/1012 0/4][Pkt Len c2s/s2c min/avg/max/stddev: 138/138 138/138 138/138 0/0][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 TCP [2001:470:1f17:13f:3e97:eff:fe73:4dec]:41538 <-> [2604:a880:1:20::224:b001]:80 [proto: 7/HTTP][cat: Web/5][6 pkts/786 bytes <-> 4 pkts/1006 bytes][Goodput ratio: 18/57][0.82 sec][Host: mail.tomasu.net][bytes ratio: -0.123 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/2 164/56 495/110 171/54][Pkt Len c2s/s2c min/avg/max/stddev: 106/106 131/252 248/680 52/247][URL: mail.tomasu.net/][StatusCode: 301][Content-Type: text/html][User-Agent: Wget/1.16.3 (linux-gnu)][PLAIN TEXT (GET / HTTP/1.1)][Plen Bins: 0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 ICMPV6 [2a03:2880:1010:6f03:face:b00c::2]:0 -> [2001:470:1f17:13f:3e97:eff:fe73:4dec]:0 [proto: 102/ICMPV6][cat: Network/14][1 pkts/1314 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (ds 0/u6)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0]
6 UDP [2001:470:1f16:13f::2]:53959 <-> [2a03:2880:fffe:b:face:b00c::99]:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/133 bytes <-> 1 pkts/273 bytes][Goodput ratio: 38/70][0.09 sec][Host: star.c10r.facebook.com][2a03:2880:1010:6f03:face:b00c::2][PLAIN TEXT (facebook)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
7 UDP [2001:470:1f16:13f::2]:6404 <-> [2a03:2880:fffe:b:face:b00c::99]:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/133 bytes <-> 1 pkts/261 bytes][Goodput ratio: 38/68][0.09 sec][Host: star.c10r.facebook.com][173.252.120.6][PLAIN TEXT (facebook)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
8 TCP [2604:a880:1:20::224:b001]:993 <-> [2001:470:1f17:13f:6d69:c72:7313:616f]:35610 [proto: 51/IMAPS][cat: Email/3][1 pkts/152 bytes <-> 1 pkts/106 bytes][Goodput ratio: 30/0][0.01 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
9 TCP [2604:a880:1:20::224:b001]:993 <-> [2001:470:1f17:13f:6d69:c72:7313:616f]:56381 [proto: 51/IMAPS][cat: Email/3][1 pkts/152 bytes <-> 1 pkts/106 bytes][Goodput ratio: 30/0][0.07 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
10 ICMPV6 [2001:470:1f16:13f::2]:0 -> [2604:a880:1:20::224:b001]:0 [proto: 102/ICMPV6][cat: Network/14][1 pkts/200 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

2
tests/result/6in6tunnel.pcap.out
View file

@ -3,4 +3,4 @@ Unknown 2 212 1
Undetected flows:
1 UDP [dead::beef]:30000 -> [cafe::babe]:13000 [proto: 0/Unknown][2 pkts/212 bytes -> 0 pkts/0 bytes][Goodput ratio: 4/0][0.00 sec]
1 UDP [dead::beef]:30000 -> [cafe::babe]:13000 [proto: 0/Unknown][2 pkts/212 bytes -> 0 pkts/0 bytes][Goodput ratio: 4/0][0.00 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

2
tests/result/BGP_Cisco_hdlc_slarp.pcap.out
View file

@ -1,3 +1,3 @@
BGP 14 969 1
1 TCP 100.16.1.2:18324 <-> 100.16.1.1:179 [proto: 13/BGP][cat: Network/14][7 pkts/388 bytes <-> 7 pkts/581 bytes][Goodput ratio: 20/46][50.10 sec][bytes ratio: -0.199 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 10014/9944 50028/49681 20007/19868][Pkt Len c2s/s2c min/avg/max/stddev: 44/44 55/83 101/195 20/49]
1 TCP 100.16.1.2:18324 <-> 100.16.1.1:179 [proto: 13/BGP][cat: Network/14][7 pkts/388 bytes <-> 7 pkts/581 bytes][Goodput ratio: 20/46][50.10 sec][bytes ratio: -0.199 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 10014/9944 50028/49681 20007/19868][Pkt Len c2s/s2c min/avg/max/stddev: 44/44 55/83 101/195 20/49][Plen Bins: 57,28,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

4
tests/result/BGP_redist.pcap.out
View file

@ -1,4 +1,4 @@
BGP 2 322 2
1 TCP 2.2.2.2:179 -> 4.4.4.4:63535 [proto: 13/BGP][cat: Network/14][1 pkts/163 bytes -> 0 pkts/0 bytes][Goodput ratio: 70/0][< 1 sec]
2 TCP 2.2.2.2:179 -> 5.5.5.5:49433 [proto: 13/BGP][cat: Network/14][1 pkts/159 bytes -> 0 pkts/0 bytes][Goodput ratio: 72/0][< 1 sec]
1 TCP 2.2.2.2:179 -> 4.4.4.4:63535 [proto: 13/BGP][cat: Network/14][1 pkts/163 bytes -> 0 pkts/0 bytes][Goodput ratio: 70/0][< 1 sec][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 TCP 2.2.2.2:179 -> 5.5.5.5:49433 [proto: 13/BGP][cat: Network/14][1 pkts/159 bytes -> 0 pkts/0 bytes][Goodput ratio: 72/0][< 1 sec][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

62
tests/result/EAQ.pcap.out
View file

@ -1,34 +1,34 @@
Google 23 11743 2
EAQ 174 10092 29
1 TCP 10.8.0.1:40467 <-> 173.194.119.24:80 [proto: 7.126/HTTP.Google][cat: Web/5][8 pkts/591 bytes <-> 6 pkts/9998 bytes][Goodput ratio: 23/97][0.51 sec][Host: www.google.com.br][bytes ratio: -0.888 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/8 76/114 400/349 146/137][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 74/1666 193/2818 45/1240][URL: www.google.com.br/?gfe_rd=cr&ei=1BxnVcP9OKKk8we50oDAAg][StatusCode: 200][Content-Type: text/html][User-Agent: test][Risk: ** HTTP Suspicious User-Agent **][PLAIN TEXT (we50oDAAg HTTP/1.1)]
2 TCP 10.8.0.1:53497 <-> 173.194.119.48:80 [proto: 7.126/HTTP.Google][cat: Web/5][5 pkts/390 bytes <-> 4 pkts/764 bytes][Goodput ratio: 26/72][0.20 sec][Host: www.google.com][bytes ratio: -0.324 (Download)][IAT c2s/s2c min/avg/max/stddev: 6/10 51/50 139/89 54/40][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 78/191 154/602 39/237][URL: www.google.com/][StatusCode: 302][Content-Type: text/html][User-Agent: test][Risk: ** HTTP Suspicious User-Agent **][PLAIN TEXT (GET / HTTP/1.1)]
3 UDP 10.8.0.1:39185 <-> 200.194.132.67:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][Goodput ratio: 27/27][86.62 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 21509/21499 21642/21642 21860/21869 132/138][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58/58 58/58 0/0]
4 UDP 10.8.0.1:42620 <-> 200.194.148.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][Goodput ratio: 27/27][85.30 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 20533/20540 21310/21310 21609/21619 450/446][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58/58 58/58 0/0]
5 UDP 10.8.0.1:43641 <-> 200.194.148.68:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][Goodput ratio: 27/27][85.29 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 20541/20540 21310/21304 21618/21649 445/445][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58/58 58/58 0/0]
6 UDP 10.8.0.1:43979 <-> 200.194.132.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][Goodput ratio: 27/27][86.62 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 21500/21510 21554/21642 21649/21860 57/132][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58/58 58/58 0/0]
7 UDP 10.8.0.1:48890 <-> 200.185.125.226:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][Goodput ratio: 27/27][86.30 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 21489/21529 21552/21562 21630/21609 54/31][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58/58 58/58 0/0]
8 UDP 10.8.0.1:51569 <-> 200.194.148.67:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][Goodput ratio: 27/27][86.31 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 21529/21528 21562/21559 21609/21609 31/33][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58/58 58/58 0/0]
9 UDP 10.8.0.1:52257 <-> 200.185.138.146:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][Goodput ratio: 27/27][86.31 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 21479/21489 21551/21552 21630/21629 56/53][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58/58 58/58 0/0]
10 UDP 10.8.0.1:52726 <-> 200.194.132.68:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][Goodput ratio: 27/27][86.63 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 21499/21480 21642/21642 21869/21869 138/142][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58/58 58/58 0/0]
11 UDP 10.8.0.1:34687 -> 200.194.141.68:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][86.22 sec]
12 UDP 10.8.0.1:37985 -> 200.194.129.67:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][86.22 sec]
13 UDP 10.8.0.1:39221 -> 200.194.137.67:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][86.22 sec]
14 UDP 10.8.0.1:41438 -> 200.194.141.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][86.35 sec]
15 UDP 10.8.0.1:47714 -> 200.194.129.68:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][86.22 sec]
16 UDP 10.8.0.1:48563 -> 200.194.141.67:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][86.57 sec]
17 UDP 10.8.0.1:48666 -> 200.194.129.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][86.22 sec]
18 UDP 10.8.0.1:53354 -> 200.194.137.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][86.22 sec]
19 UDP 10.8.0.1:56128 -> 200.194.133.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][86.57 sec]
20 UDP 10.8.0.1:59959 -> 200.194.137.68:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][86.22 sec]
21 UDP 10.8.0.1:33356 -> 200.194.149.66:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][64.69 sec]
22 UDP 10.8.0.1:36552 -> 200.194.136.66:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][63.69 sec]
23 UDP 10.8.0.1:36577 -> 200.194.149.68:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][64.69 sec]
24 UDP 10.8.0.1:40058 -> 200.194.134.67:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][64.68 sec]
25 UDP 10.8.0.1:43934 -> 200.194.136.68:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][64.69 sec]
26 UDP 10.8.0.1:47346 -> 200.194.134.66:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][64.69 sec]
27 UDP 10.8.0.1:50175 -> 200.194.149.67:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][64.69 sec]
28 UDP 10.8.0.1:53059 -> 200.194.133.68:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][65.69 sec]
29 UDP 10.8.0.1:57004 -> 200.194.133.67:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][64.69 sec]
30 UDP 10.8.0.1:59098 -> 200.194.134.68:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][64.69 sec]
31 UDP 10.8.0.1:60013 -> 200.194.136.67:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][64.69 sec]
1 TCP 10.8.0.1:40467 <-> 173.194.119.24:80 [proto: 7.126/HTTP.Google][cat: Web/5][8 pkts/591 bytes <-> 6 pkts/9998 bytes][Goodput ratio: 23/97][0.51 sec][Host: www.google.com.br][bytes ratio: -0.888 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/8 76/114 400/349 146/137][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 74/1666 193/2818 45/1240][URL: www.google.com.br/?gfe_rd=cr&ei=1BxnVcP9OKKk8we50oDAAg][StatusCode: 200][Content-Type: text/html][User-Agent: test][Risk: ** HTTP Suspicious User-Agent **][PLAIN TEXT (we50oDAAg HTTP/1.1)][Plen Bins: 0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,60]
2 TCP 10.8.0.1:53497 <-> 173.194.119.48:80 [proto: 7.126/HTTP.Google][cat: Web/5][5 pkts/390 bytes <-> 4 pkts/764 bytes][Goodput ratio: 26/72][0.20 sec][Host: www.google.com][bytes ratio: -0.324 (Download)][IAT c2s/s2c min/avg/max/stddev: 6/10 51/50 139/89 54/40][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 78/191 154/602 39/237][URL: www.google.com/][StatusCode: 302][Content-Type: text/html][User-Agent: test][Risk: ** HTTP Suspicious User-Agent **][PLAIN TEXT (GET / HTTP/1.1)][Plen Bins: 0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 UDP 10.8.0.1:39185 <-> 200.194.132.67:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][Goodput ratio: 27/27][86.62 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 21509/21499 21642/21642 21860/21869 132/138][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58/58 58/58 0/0][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 UDP 10.8.0.1:42620 <-> 200.194.148.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][Goodput ratio: 27/27][85.30 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 20533/20540 21310/21310 21609/21619 450/446][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58/58 58/58 0/0][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 UDP 10.8.0.1:43641 <-> 200.194.148.68:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][Goodput ratio: 27/27][85.29 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 20541/20540 21310/21304 21618/21649 445/445][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58/58 58/58 0/0][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
6 UDP 10.8.0.1:43979 <-> 200.194.132.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][Goodput ratio: 27/27][86.62 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 21500/21510 21554/21642 21649/21860 57/132][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58/58 58/58 0/0][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
7 UDP 10.8.0.1:48890 <-> 200.185.125.226:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][Goodput ratio: 27/27][86.30 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 21489/21529 21552/21562 21630/21609 54/31][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58/58 58/58 0/0][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
8 UDP 10.8.0.1:51569 <-> 200.194.148.67:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][Goodput ratio: 27/27][86.31 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 21529/21528 21562/21559 21609/21609 31/33][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58/58 58/58 0/0][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
9 UDP 10.8.0.1:52257 <-> 200.185.138.146:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][Goodput ratio: 27/27][86.31 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 21479/21489 21551/21552 21630/21629 56/53][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58/58 58/58 0/0][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
10 UDP 10.8.0.1:52726 <-> 200.194.132.68:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][Goodput ratio: 27/27][86.63 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 21499/21480 21642/21642 21869/21869 138/142][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58/58 58/58 0/0][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
11 UDP 10.8.0.1:34687 -> 200.194.141.68:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][86.22 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
12 UDP 10.8.0.1:37985 -> 200.194.129.67:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][86.22 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
13 UDP 10.8.0.1:39221 -> 200.194.137.67:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][86.22 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
14 UDP 10.8.0.1:41438 -> 200.194.141.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][86.35 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
15 UDP 10.8.0.1:47714 -> 200.194.129.68:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][86.22 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
16 UDP 10.8.0.1:48563 -> 200.194.141.67:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][86.57 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
17 UDP 10.8.0.1:48666 -> 200.194.129.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][86.22 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
18 UDP 10.8.0.1:53354 -> 200.194.137.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][86.22 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
19 UDP 10.8.0.1:56128 -> 200.194.133.66:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][86.57 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
20 UDP 10.8.0.1:59959 -> 200.194.137.68:6000 [proto: 190/EAQ][cat: Network/14][5 pkts/290 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][86.22 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
21 UDP 10.8.0.1:33356 -> 200.194.149.66:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][64.69 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
22 UDP 10.8.0.1:36552 -> 200.194.136.66:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][63.69 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
23 UDP 10.8.0.1:36577 -> 200.194.149.68:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][64.69 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
24 UDP 10.8.0.1:40058 -> 200.194.134.67:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][64.68 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
25 UDP 10.8.0.1:43934 -> 200.194.136.68:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][64.69 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
26 UDP 10.8.0.1:47346 -> 200.194.134.66:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][64.69 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
27 UDP 10.8.0.1:50175 -> 200.194.149.67:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][64.69 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
28 UDP 10.8.0.1:53059 -> 200.194.133.68:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][65.69 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
29 UDP 10.8.0.1:57004 -> 200.194.133.67:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][64.69 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
30 UDP 10.8.0.1:59098 -> 200.194.134.68:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][64.69 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
31 UDP 10.8.0.1:60013 -> 200.194.136.67:6000 [proto: 190/EAQ][cat: Network/14][4 pkts/232 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][64.69 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

76
tests/result/KakaoTalk_chat.pcap.out
View file

@ -13,41 +13,41 @@ JA3 Host Stats:
1 10.24.82.188 3
1 TCP 10.24.82.188:43581 <-> 31.13.68.70:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][17 pkts/3461 bytes <-> 17 pkts/6194 bytes][Goodput ratio: 72/84][0.98 sec][bytes ratio: -0.283 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 33/57 123/297 41/77][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 204/364 1053/1336 304/449][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: graph.facebook.com][JA3C: 051d20e8adbe8dac78945de300764d5e][ServerNames: *.facebook.com,facebook.com,*.fbsbx.com,*.fbcdn.net,*.xx.fbcdn.net,*.xy.fbcdn.net,fb.com,*.fb.com,*.facebookcorewwwi.onion,facebookcorewwwi.onion,*.fbcdn23dssr3jqnq.onion,fbcdn23dssr3jqnq.onion,*.fbsbx2q4mvcl63pw.onion,fbsbx2q4mvcl63pw.onion,*.m.facebook.com,*.messenger.com,messenger.com,*.m.facebookcorewwwi.onion,*.xx.fbcdn23dssr3jqnq.onion,xx.fbcdn23dssr3jqnq.onion,*.xy.fbcdn23dssr3jqnq.onion,xy.fbcdn23dssr3jqnq.onion,*.xz.fbcdn.net,xz.fbcdn.net,*.xz.fbcdn23dssr3jqnq.onion,xz.fbcdn23dssr3jqnq.onion,m.facebookcorewwwi.onion][JA3S: 6806b8fe92d7d465715d771eb102ff04][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance CA-3][Subject: C=US, ST=CA, L=Menlo Park, O=Facebook, Inc., CN=*.facebook.com][Certificate SHA-1: A4:FB:65:F8:A1:57:FE:0D:C0:17:C1:B5:51:62:63:3A:18:73:A0:B4][Validity: 2014-08-28 00:00:00 - 2015-10-28 12:00:00][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256]
2 TCP 10.24.82.188:45211 <-> 31.13.68.84:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][14 pkts/2575 bytes <-> 15 pkts/6502 bytes][Goodput ratio: 69/87][0.55 sec][bytes ratio: -0.433 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 31/35 106/208 37/56][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 184/433 1257/1336 332/513][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: developers.facebook.com][JA3C: 051d20e8adbe8dac78945de300764d5e][ServerNames: *.facebook.com,facebook.com,*.fbsbx.com,*.fbcdn.net,*.xx.fbcdn.net,*.xy.fbcdn.net,fb.com,*.fb.com,*.facebookcorewwwi.onion,facebookcorewwwi.onion,*.fbcdn23dssr3jqnq.onion,fbcdn23dssr3jqnq.onion,*.fbsbx2q4mvcl63pw.onion,fbsbx2q4mvcl63pw.onion,*.m.facebook.com,*.messenger.com,messenger.com,*.m.facebookcorewwwi.onion,*.xx.fbcdn23dssr3jqnq.onion,xx.fbcdn23dssr3jqnq.onion,*.xy.fbcdn23dssr3jqnq.onion,xy.fbcdn23dssr3jqnq.onion,*.xz.fbcdn.net,xz.fbcdn.net,*.xz.fbcdn23dssr3jqnq.onion,xz.fbcdn23dssr3jqnq.onion,m.facebookcorewwwi.onion][JA3S: 6806b8fe92d7d465715d771eb102ff04][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance CA-3][Subject: C=US, ST=CA, L=Menlo Park, O=Facebook, Inc., CN=*.facebook.com][Certificate SHA-1: A4:FB:65:F8:A1:57:FE:0D:C0:17:C1:B5:51:62:63:3A:18:73:A0:B4][Validity: 2014-08-28 00:00:00 - 2015-10-28 12:00:00][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256]
3 TCP 10.24.82.188:45209 <-> 31.13.68.84:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][10 pkts/2584 bytes <-> 9 pkts/5123 bytes][Goodput ratio: 73/88][0.77 sec][bytes ratio: -0.329 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 96/75 312/350 98/119][Pkt Len c2s/s2c min/avg/max/stddev: 68/68 258/569 1401/1456 416/540][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: api.facebook.com][JA3C: 051d20e8adbe8dac78945de300764d5e][ServerNames: *.facebook.com,facebook.com,*.fbsbx.com,*.fbcdn.net,*.xx.fbcdn.net,*.xy.fbcdn.net,fb.com,*.fb.com,*.facebookcorewwwi.onion,facebookcorewwwi.onion,*.fbcdn23dssr3jqnq.onion,fbcdn23dssr3jqnq.onion,*.fbsbx2q4mvcl63pw.onion,fbsbx2q4mvcl63pw.onion,*.m.facebook.com,*.messenger.com,messenger.com,*.m.facebookcorewwwi.onion,*.xx.fbcdn23dssr3jqnq.onion,xx.fbcdn23dssr3jqnq.onion,*.xy.fbcdn23dssr3jqnq.onion,xy.fbcdn23dssr3jqnq.onion,*.xz.fbcdn.net,xz.fbcdn.net,*.xz.fbcdn23dssr3jqnq.onion,xz.fbcdn23dssr3jqnq.onion,m.facebookcorewwwi.onion][JA3S: 6806b8fe92d7d465715d771eb102ff04][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance CA-3][Subject: C=US, ST=CA, L=Menlo Park, O=Facebook, Inc., CN=*.facebook.com][Certificate SHA-1: A4:FB:65:F8:A1:57:FE:0D:C0:17:C1:B5:51:62:63:3A:18:73:A0:B4][Validity: 2014-08-28 00:00:00 - 2015-10-28 12:00:00][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256]
4 TCP 10.24.82.188:35503 <-> 173.252.97.2:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][20 pkts/2849 bytes <-> 18 pkts/4742 bytes][Goodput ratio: 59/78][10.77 sec][bytes ratio: -0.249 (Download)][IAT c2s/s2c min/avg/max/stddev: 3/4 411/375 2329/2320 582/599][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 142/263 710/1336 155/440][Risk: ** Obsolete TLS version (< 1.1) **** TLS Certificate Mismatch **][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][ServerNames: *.facebook.com,facebook.com,*.fbsbx.com,*.fbcdn.net,*.xx.fbcdn.net,*.xy.fbcdn.net,fb.com,*.fb.com,*.facebookcorewwwi.onion,facebookcorewwwi.onion,*.fbcdn23dssr3jqnq.onion,fbcdn23dssr3jqnq.onion,*.fbsbx2q4mvcl63pw.onion,fbsbx2q4mvcl63pw.onion,*.m.facebook.com,*.messenger.com,messenger.com,*.m.facebookcorewwwi.onion,*.xx.fbcdn23dssr3jqnq.onion,xx.fbcdn23dssr3jqnq.onion,*.xy.fbcdn23dssr3jqnq.onion,xy.fbcdn23dssr3jqnq.onion,*.xz.fbcdn.net,xz.fbcdn.net,*.xz.fbcdn23dssr3jqnq.onion,xz.fbcdn23dssr3jqnq.onion,m.facebookcorewwwi.onion][JA3S: 6c13ac74a6f75099ef2480748e5d94d2][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance CA-3][Subject: C=US, ST=CA, L=Menlo Park, O=Facebook, Inc., CN=*.facebook.com][Certificate SHA-1: A4:FB:65:F8:A1:57:FE:0D:C0:17:C1:B5:51:62:63:3A:18:73:A0:B4][Validity: 2014-08-28 00:00:00 - 2015-10-28 12:00:00][Cipher: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA]
5 TCP 10.24.82.188:45213 <-> 31.13.68.84:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][15 pkts/2508 bytes <-> 13 pkts/5053 bytes][Goodput ratio: 66/85][0.86 sec][bytes ratio: -0.337 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 71/71 489/365 131/103][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 167/389 899/1336 222/491][Risk: ** Obsolete TLS version (< 1.1) **** TLS Certificate Mismatch **][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][ServerNames: *.facebook.com,facebook.com,*.fbsbx.com,*.fbcdn.net,*.xx.fbcdn.net,*.xy.fbcdn.net,fb.com,*.fb.com,*.facebookcorewwwi.onion,facebookcorewwwi.onion,*.fbcdn23dssr3jqnq.onion,fbcdn23dssr3jqnq.onion,*.fbsbx2q4mvcl63pw.onion,fbsbx2q4mvcl63pw.onion,*.m.facebook.com,*.messenger.com,messenger.com,*.m.facebookcorewwwi.onion,*.xx.fbcdn23dssr3jqnq.onion,xx.fbcdn23dssr3jqnq.onion,*.xy.fbcdn23dssr3jqnq.onion,xy.fbcdn23dssr3jqnq.onion,*.xz.fbcdn.net,xz.fbcdn.net,*.xz.fbcdn23dssr3jqnq.onion,xz.fbcdn23dssr3jqnq.onion,m.facebookcorewwwi.onion][JA3S: 6c13ac74a6f75099ef2480748e5d94d2][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance CA-3][Subject: C=US, ST=CA, L=Menlo Park, O=Facebook, Inc., CN=*.facebook.com][Certificate SHA-1: A4:FB:65:F8:A1:57:FE:0D:C0:17:C1:B5:51:62:63:3A:18:73:A0:B4][Validity: 2014-08-28 00:00:00 - 2015-10-28 12:00:00][Cipher: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA]
6 TCP 10.24.82.188:35511 <-> 173.252.97.2:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][18 pkts/2390 bytes <-> 18 pkts/4762 bytes][Goodput ratio: 57/79][28.98 sec][bytes ratio: -0.332 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2050/118 26937/448 6904/127][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 133/265 578/1336 134/439][Risk: ** Obsolete TLS version (< 1.1) **** TLS Certificate Mismatch **][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][ServerNames: *.facebook.com,facebook.com,*.fbsbx.com,*.fbcdn.net,*.xx.fbcdn.net,*.xy.fbcdn.net,fb.com,*.fb.com,*.facebookcorewwwi.onion,facebookcorewwwi.onion,*.fbcdn23dssr3jqnq.onion,fbcdn23dssr3jqnq.onion,*.fbsbx2q4mvcl63pw.onion,fbsbx2q4mvcl63pw.onion,*.m.facebook.com,*.messenger.com,messenger.com,*.m.facebookcorewwwi.onion,*.xx.fbcdn23dssr3jqnq.onion,xx.fbcdn23dssr3jqnq.onion,*.xy.fbcdn23dssr3jqnq.onion,xy.fbcdn23dssr3jqnq.onion,*.xz.fbcdn.net,xz.fbcdn.net,*.xz.fbcdn23dssr3jqnq.onion,xz.fbcdn23dssr3jqnq.onion,m.facebookcorewwwi.onion][JA3S: 6c13ac74a6f75099ef2480748e5d94d2][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance CA-3][Subject: C=US, ST=CA, L=Menlo Park, O=Facebook, Inc., CN=*.facebook.com][Certificate SHA-1: A4:FB:65:F8:A1:57:FE:0D:C0:17:C1:B5:51:62:63:3A:18:73:A0:B4][Validity: 2014-08-28 00:00:00 - 2015-10-28 12:00:00][Cipher: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA]
7 TCP 10.24.82.188:37821 <-> 210.103.240.15:443 [proto: 91.193/TLS.KakaoTalk][cat: Chat/9][13 pkts/2036 bytes <-> 14 pkts/5090 bytes][Goodput ratio: 63/84][11.34 sec][bytes ratio: -0.429 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1114/74 10357/172 3082/62][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 157/364 429/1336 152/451][Risk: ** Obsolete TLS version (< 1.1) **** Weak TLS cipher **** TLS Certificate Mismatch **][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][ServerNames: *.kakao.com][JA3S: 4192c0a946c5bd9b544b4656d9f624a4 (WEAK)][Issuer: C=US, O=Thawte, Inc., CN=Thawte SSL CA][Subject: C=KR, ST=Gyeonggi-do, L=Seongnam-si, O=Kakao Corp., CN=*.kakao.com][Certificate SHA-1: 0D:14:6D:8D:5E:EB:F5:F5:42:87:CD:AB:AE:A1:DC:AA:5A:76:6F:E4][Validity: 2014-04-18 00:00:00 - 2016-04-17 23:59:59][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA]
8 TCP 10.24.82.188:51021 <-> 103.246.57.251:8080 [proto: 131/HTTP_Proxy][cat: Web/5][17 pkts/2231 bytes <-> 9 pkts/1695 bytes][Goodput ratio: 48/63][46.77 sec][bytes ratio: 0.137 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 50/36 2833/4340 12590/13131 4126/4407][Pkt Len c2s/s2c min/avg/max/stddev: 68/68 131/188 657/274 136/75]
9 TCP 139.150.0.125:443 <-> 10.24.82.188:46947 [proto: 91/TLS][cat: Web/5][9 pkts/1737 bytes <-> 9 pkts/672 bytes][Goodput ratio: 71/25][24.52 sec][bytes ratio: 0.442 (Upload)][IAT c2s/s2c min/avg/max/stddev: 40/104 3456/3426 12765/12806 4427/4480][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 193/75 303/98 123/21]
10 TCP 10.24.82.188:58964 <-> 54.255.253.199:5223 [proto: 91.178/TLS.Amazon][cat: Web/5][3 pkts/290 bytes <-> 3 pkts/1600 bytes][Goodput ratio: 27/87][0.31 sec][bytes ratio: -0.693 (Download)][IAT c2s/s2c min/avg/max/stddev: 15/5 107/56 199/108 92/52][Pkt Len c2s/s2c min/avg/max/stddev: 68/68 97/533 146/1456 35/652][Risk: ** Known protocol on non standard port **** Obsolete TLS version (< 1.1) **][TLSv1][JA3C: d9ce50c62ab1fd5932da3c6b6d406c65]
11 TCP 10.24.82.188:37557 <-> 31.13.68.84:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][5 pkts/487 bytes <-> 6 pkts/627 bytes][Goodput ratio: 38/45][21.97 sec][Host: www.facebook.com][bytes ratio: -0.126 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 40/40 115/102 264/210 106/77][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 97/104 243/339 73/105][URL: www.facebook.com/mobile/status.php][StatusCode: 204][User-Agent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; MI 3W MIUI/V6.4.3.0.KXDMICB)][PLAIN TEXT (GET /mobile/status.php HTTP/1.1)]
12 TCP 10.24.82.188:37553 <-> 31.13.68.84:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][5 pkts/487 bytes <-> 5 pkts/571 bytes][Goodput ratio: 38/49][21.81 sec][Host: www.facebook.com][bytes ratio: -0.079 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 43/38 5452/101 21457/215 9241/81][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 97/114 243/339 73/112][URL: www.facebook.com/mobile/status.php][StatusCode: 204][User-Agent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; MI 3W MIUI/V6.4.3.0.KXDMICB)][PLAIN TEXT (GET /mobile/status.php HTTP/1.1)]
13 TCP 216.58.221.10:80 <-> 10.24.82.188:35922 [proto: 7.126/HTTP.Google][cat: Web/5][7 pkts/392 bytes <-> 7 pkts/392 bytes][Goodput ratio: 0/0][25.75 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 136/98 3845/3844 13075/13111 4719/4735][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 56/56 56/56 0/0]
14 TCP 10.24.82.188:42332 <-> 210.103.240.15:443 [proto: 91/TLS][cat: Web/5][2 pkts/112 bytes <-> 3 pkts/168 bytes][Goodput ratio: 0/0][13.28 sec]
15 TCP 31.13.68.73:443 <-> 10.24.82.188:47007 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][2 pkts/139 bytes <-> 2 pkts/112 bytes][Goodput ratio: 19/0][0.03 sec]
16 UDP 10.24.82.188:57816 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/78 bytes <-> 1 pkts/166 bytes][Goodput ratio: 43/73][0.04 sec][Host: katalk.kakao.com][110.76.142.34][PLAIN TEXT (katalk)]
17 UDP 10.24.82.188:4017 <-> 10.188.1.1:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/85 bytes <-> 1 pkts/144 bytes][Goodput ratio: 48/69][0.05 sec][Host: developers.facebook.com][31.13.68.84][PLAIN TEXT (developers)]
18 UDP 10.24.82.188:19582 <-> 10.188.1.1:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/80 bytes <-> 1 pkts/138 bytes][Goodput ratio: 44/68][0.04 sec][Host: graph.facebook.com][31.13.68.70][PLAIN TEXT (facebook)]
19 UDP 10.24.82.188:14650 <-> 10.188.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/87 bytes <-> 1 pkts/130 bytes][Goodput ratio: 49/66][0.05 sec][Host: 2.97.252.173.in-addr.arpa][::][PLAIN TEXT (facebook)]
20 UDP 10.24.82.188:35603 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/79 bytes <-> 1 pkts/136 bytes][Goodput ratio: 44/67][0.04 sec][Host: ac-talk.kakao.com][110.76.141.112]
21 UDP 10.24.82.188:41909 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/84 bytes <-> 1 pkts/130 bytes][Goodput ratio: 47/66][0.04 sec][Host: booking.loco.kakao.com][110.76.142.125][PLAIN TEXT (booking)]
22 UDP 10.24.82.188:25117 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/82 bytes <-> 1 pkts/126 bytes][Goodput ratio: 46/65][0.04 sec][Host: up-gp.talk.kakao.com][110.76.141.26]
23 UDP 10.24.82.188:5929 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/124 bytes][Goodput ratio: 45/64][0.13 sec][Host: up-p.talk.kakao.com][210.103.240.16]
24 UDP 10.24.82.188:9094 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/124 bytes][Goodput ratio: 45/64][0.13 sec][Host: up-v.talk.kakao.com][210.103.240.16]
25 UDP 10.24.82.188:12908 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/124 bytes][Goodput ratio: 45/64][0.04 sec][Host: up-m.talk.kakao.com][210.103.240.16]
26 UDP 10.24.82.188:29029 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/124 bytes][Goodput ratio: 45/64][0.03 sec][Host: up-a.talk.kakao.com][210.103.240.16]
27 UDP 10.24.82.188:56820 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/124 bytes][Goodput ratio: 45/64][0.13 sec][Host: up-c.talk.kakao.com][110.76.141.85]
28 UDP 10.24.82.188:61011 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/119 bytes][Goodput ratio: 45/62][0.03 sec][Host: plus-talk.kakao.com][210.103.240.15]
29 UDP 10.24.82.188:61011 <-> 10.188.191.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/119 bytes][Goodput ratio: 45/62][0.04 sec][Host: plus-talk.kakao.com][210.103.240.15]
30 UDP 10.24.82.188:24596 <-> 10.188.1.1:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/78 bytes <-> 1 pkts/118 bytes][Goodput ratio: 43/62][0.05 sec][Host: api.facebook.com][31.13.68.84][PLAIN TEXT (facebook)]
31 UDP 10.24.82.188:38448 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/76 bytes <-> 1 pkts/114 bytes][Goodput ratio: 42/61][0.08 sec][Host: auth.kakao.com][210.103.240.15]
32 UDP 10.24.82.188:58810 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/76 bytes <-> 1 pkts/114 bytes][Goodput ratio: 42/61][0.03 sec][Host: item.kakao.com][210.103.240.15]
33 TCP 10.24.82.188:58927 -> 54.255.253.199:5223 [proto: 178/Amazon][cat: Web/5][2 pkts/181 bytes -> 0 pkts/0 bytes][Goodput ratio: 25/0][41.33 sec]
34 UDP 10.24.82.188:43077 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/97 bytes][Goodput ratio: 45/54][0.04 sec][Host: dn-l.talk.kakao.com][110.76.141.86]
35 TCP 10.24.82.188:34686 -> 173.194.72.188:5228 [proto: 126/Google][cat: Web/5][1 pkts/164 bytes -> 0 pkts/0 bytes][Goodput ratio: 58/0][< 1 sec]
36 ICMP 10.24.82.188:0 -> 10.188.191.1:0 [proto: 81/ICMP][cat: Network/14][1 pkts/147 bytes -> 0 pkts/0 bytes][Goodput ratio: 70/0][< 1 sec]
37 TCP 10.24.82.188:49217 -> 216.58.220.174:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/83 bytes -> 0 pkts/0 bytes][Goodput ratio: 32/0][< 1 sec]
38 TCP 120.28.26.242:80 -> 10.24.82.188:34503 [proto: 7/HTTP][cat: Web/5][1 pkts/56 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
1 TCP 10.24.82.188:43581 <-> 31.13.68.70:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][17 pkts/3461 bytes <-> 17 pkts/6194 bytes][Goodput ratio: 72/84][0.98 sec][bytes ratio: -0.283 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 33/57 123/297 41/77][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 204/364 1053/1336 304/449][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: graph.facebook.com][JA3C: 051d20e8adbe8dac78945de300764d5e][ServerNames: *.facebook.com,facebook.com,*.fbsbx.com,*.fbcdn.net,*.xx.fbcdn.net,*.xy.fbcdn.net,fb.com,*.fb.com,*.facebookcorewwwi.onion,facebookcorewwwi.onion,*.fbcdn23dssr3jqnq.onion,fbcdn23dssr3jqnq.onion,*.fbsbx2q4mvcl63pw.onion,fbsbx2q4mvcl63pw.onion,*.m.facebook.com,*.messenger.com,messenger.com,*.m.facebookcorewwwi.onion,*.xx.fbcdn23dssr3jqnq.onion,xx.fbcdn23dssr3jqnq.onion,*.xy.fbcdn23dssr3jqnq.onion,xy.fbcdn23dssr3jqnq.onion,*.xz.fbcdn.net,xz.fbcdn.net,*.xz.fbcdn23dssr3jqnq.onion,xz.fbcdn23dssr3jqnq.onion,m.facebookcorewwwi.onion][JA3S: 6806b8fe92d7d465715d771eb102ff04][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance CA-3][Subject: C=US, ST=CA, L=Menlo Park, O=Facebook, Inc., CN=*.facebook.com][Certificate SHA-1: A4:FB:65:F8:A1:57:FE:0D:C0:17:C1:B5:51:62:63:3A:18:73:A0:B4][Validity: 2014-08-28 00:00:00 - 2015-10-28 12:00:00][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,37,0,6,0,0,0,0,6,0,0,0,0,6,0,0,0,6,0,0,0,0,0,0,6,0,6,6,0,0,0,6,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0]
2 TCP 10.24.82.188:45211 <-> 31.13.68.84:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][14 pkts/2575 bytes <-> 15 pkts/6502 bytes][Goodput ratio: 69/87][0.55 sec][bytes ratio: -0.433 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 31/35 106/208 37/56][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 184/433 1257/1336 332/513][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: developers.facebook.com][JA3C: 051d20e8adbe8dac78945de300764d5e][ServerNames: *.facebook.com,facebook.com,*.fbsbx.com,*.fbcdn.net,*.xx.fbcdn.net,*.xy.fbcdn.net,fb.com,*.fb.com,*.facebookcorewwwi.onion,facebookcorewwwi.onion,*.fbcdn23dssr3jqnq.onion,fbcdn23dssr3jqnq.onion,*.fbsbx2q4mvcl63pw.onion,fbsbx2q4mvcl63pw.onion,*.m.facebook.com,*.messenger.com,messenger.com,*.m.facebookcorewwwi.onion,*.xx.fbcdn23dssr3jqnq.onion,xx.fbcdn23dssr3jqnq.onion,*.xy.fbcdn23dssr3jqnq.onion,xy.fbcdn23dssr3jqnq.onion,*.xz.fbcdn.net,xz.fbcdn.net,*.xz.fbcdn23dssr3jqnq.onion,xz.fbcdn23dssr3jqnq.onion,m.facebookcorewwwi.onion][JA3S: 6806b8fe92d7d465715d771eb102ff04][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance CA-3][Subject: C=US, ST=CA, L=Menlo Park, O=Facebook, Inc., CN=*.facebook.com][Certificate SHA-1: A4:FB:65:F8:A1:57:FE:0D:C0:17:C1:B5:51:62:63:3A:18:73:A0:B4][Validity: 2014-08-28 00:00:00 - 2015-10-28 12:00:00][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256][Plen Bins: 7,23,0,0,7,0,0,7,7,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,7,0,0,23,0,0,0,0,0,0]
3 TCP 10.24.82.188:45209 <-> 31.13.68.84:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][10 pkts/2584 bytes <-> 9 pkts/5123 bytes][Goodput ratio: 73/88][0.77 sec][bytes ratio: -0.329 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 96/75 312/350 98/119][Pkt Len c2s/s2c min/avg/max/stddev: 68/68 258/569 1401/1456 416/540][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: api.facebook.com][JA3C: 051d20e8adbe8dac78945de300764d5e][ServerNames: *.facebook.com,facebook.com,*.fbsbx.com,*.fbcdn.net,*.xx.fbcdn.net,*.xy.fbcdn.net,fb.com,*.fb.com,*.facebookcorewwwi.onion,facebookcorewwwi.onion,*.fbcdn23dssr3jqnq.onion,fbcdn23dssr3jqnq.onion,*.fbsbx2q4mvcl63pw.onion,fbsbx2q4mvcl63pw.onion,*.m.facebook.com,*.messenger.com,messenger.com,*.m.facebookcorewwwi.onion,*.xx.fbcdn23dssr3jqnq.onion,xx.fbcdn23dssr3jqnq.onion,*.xy.fbcdn23dssr3jqnq.onion,xy.fbcdn23dssr3jqnq.onion,*.xz.fbcdn.net,xz.fbcdn.net,*.xz.fbcdn23dssr3jqnq.onion,xz.fbcdn23dssr3jqnq.onion,m.facebookcorewwwi.onion][JA3S: 6806b8fe92d7d465715d771eb102ff04][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance CA-3][Subject: C=US, ST=CA, L=Menlo Park, O=Facebook, Inc., CN=*.facebook.com][Certificate SHA-1: A4:FB:65:F8:A1:57:FE:0D:C0:17:C1:B5:51:62:63:3A:18:73:A0:B4][Validity: 2014-08-28 00:00:00 - 2015-10-28 12:00:00][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,22,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,22,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,22,0,0,0]
4 TCP 10.24.82.188:35503 <-> 173.252.97.2:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][20 pkts/2849 bytes <-> 18 pkts/4742 bytes][Goodput ratio: 59/78][10.77 sec][bytes ratio: -0.249 (Download)][IAT c2s/s2c min/avg/max/stddev: 3/4 411/375 2329/2320 582/599][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 142/263 710/1336 155/440][Risk: ** Obsolete TLS version (< 1.1) **** TLS Certificate Mismatch **][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][ServerNames: *.facebook.com,facebook.com,*.fbsbx.com,*.fbcdn.net,*.xx.fbcdn.net,*.xy.fbcdn.net,fb.com,*.fb.com,*.facebookcorewwwi.onion,facebookcorewwwi.onion,*.fbcdn23dssr3jqnq.onion,fbcdn23dssr3jqnq.onion,*.fbsbx2q4mvcl63pw.onion,fbsbx2q4mvcl63pw.onion,*.m.facebook.com,*.messenger.com,messenger.com,*.m.facebookcorewwwi.onion,*.xx.fbcdn23dssr3jqnq.onion,xx.fbcdn23dssr3jqnq.onion,*.xy.fbcdn23dssr3jqnq.onion,xy.fbcdn23dssr3jqnq.onion,*.xz.fbcdn.net,xz.fbcdn.net,*.xz.fbcdn23dssr3jqnq.onion,xz.fbcdn23dssr3jqnq.onion,m.facebookcorewwwi.onion][JA3S: 6c13ac74a6f75099ef2480748e5d94d2][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance CA-3][Subject: C=US, ST=CA, L=Menlo Park, O=Facebook, Inc., CN=*.facebook.com][Certificate SHA-1: A4:FB:65:F8:A1:57:FE:0D:C0:17:C1:B5:51:62:63:3A:18:73:A0:B4][Validity: 2014-08-28 00:00:00 - 2015-10-28 12:00:00][Cipher: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA][Plen Bins: 25,12,6,6,6,12,0,0,0,6,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0]
5 TCP 10.24.82.188:45213 <-> 31.13.68.84:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][15 pkts/2508 bytes <-> 13 pkts/5053 bytes][Goodput ratio: 66/85][0.86 sec][bytes ratio: -0.337 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 71/71 489/365 131/103][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 167/389 899/1336 222/491][Risk: ** Obsolete TLS version (< 1.1) **** TLS Certificate Mismatch **][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][ServerNames: *.facebook.com,facebook.com,*.fbsbx.com,*.fbcdn.net,*.xx.fbcdn.net,*.xy.fbcdn.net,fb.com,*.fb.com,*.facebookcorewwwi.onion,facebookcorewwwi.onion,*.fbcdn23dssr3jqnq.onion,fbcdn23dssr3jqnq.onion,*.fbsbx2q4mvcl63pw.onion,fbsbx2q4mvcl63pw.onion,*.m.facebook.com,*.messenger.com,messenger.com,*.m.facebookcorewwwi.onion,*.xx.fbcdn23dssr3jqnq.onion,xx.fbcdn23dssr3jqnq.onion,*.xy.fbcdn23dssr3jqnq.onion,xy.fbcdn23dssr3jqnq.onion,*.xz.fbcdn.net,xz.fbcdn.net,*.xz.fbcdn23dssr3jqnq.onion,xz.fbcdn23dssr3jqnq.onion,m.facebookcorewwwi.onion][JA3S: 6c13ac74a6f75099ef2480748e5d94d2][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance CA-3][Subject: C=US, ST=CA, L=Menlo Park, O=Facebook, Inc., CN=*.facebook.com][Certificate SHA-1: A4:FB:65:F8:A1:57:FE:0D:C0:17:C1:B5:51:62:63:3A:18:73:A0:B4][Validity: 2014-08-28 00:00:00 - 2015-10-28 12:00:00][Cipher: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA][Plen Bins: 15,15,0,15,0,7,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,7,0,0,0,7,7,0,0,0,0,0,0,0,0,0,0,0,0,15,0,0,0,0,0,0]
6 TCP 10.24.82.188:35511 <-> 173.252.97.2:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][18 pkts/2390 bytes <-> 18 pkts/4762 bytes][Goodput ratio: 57/79][28.98 sec][bytes ratio: -0.332 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2050/118 26937/448 6904/127][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 133/265 578/1336 134/439][Risk: ** Obsolete TLS version (< 1.1) **** TLS Certificate Mismatch **][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][ServerNames: *.facebook.com,facebook.com,*.fbsbx.com,*.fbcdn.net,*.xx.fbcdn.net,*.xy.fbcdn.net,fb.com,*.fb.com,*.facebookcorewwwi.onion,facebookcorewwwi.onion,*.fbcdn23dssr3jqnq.onion,fbcdn23dssr3jqnq.onion,*.fbsbx2q4mvcl63pw.onion,fbsbx2q4mvcl63pw.onion,*.m.facebook.com,*.messenger.com,messenger.com,*.m.facebookcorewwwi.onion,*.xx.fbcdn23dssr3jqnq.onion,xx.fbcdn23dssr3jqnq.onion,*.xy.fbcdn23dssr3jqnq.onion,xy.fbcdn23dssr3jqnq.onion,*.xz.fbcdn.net,xz.fbcdn.net,*.xz.fbcdn23dssr3jqnq.onion,xz.fbcdn23dssr3jqnq.onion,m.facebookcorewwwi.onion][JA3S: 6c13ac74a6f75099ef2480748e5d94d2][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance CA-3][Subject: C=US, ST=CA, L=Menlo Park, O=Facebook, Inc., CN=*.facebook.com][Certificate SHA-1: A4:FB:65:F8:A1:57:FE:0D:C0:17:C1:B5:51:62:63:3A:18:73:A0:B4][Validity: 2014-08-28 00:00:00 - 2015-10-28 12:00:00][Cipher: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA][Plen Bins: 31,12,6,6,6,6,0,0,6,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0]
7 TCP 10.24.82.188:37821 <-> 210.103.240.15:443 [proto: 91.193/TLS.KakaoTalk][cat: Chat/9][13 pkts/2036 bytes <-> 14 pkts/5090 bytes][Goodput ratio: 63/84][11.34 sec][bytes ratio: -0.429 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1114/74 10357/172 3082/62][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 157/364 429/1336 152/451][Risk: ** Obsolete TLS version (< 1.1) **** Weak TLS cipher **** TLS Certificate Mismatch **][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][ServerNames: *.kakao.com][JA3S: 4192c0a946c5bd9b544b4656d9f624a4 (WEAK)][Issuer: C=US, O=Thawte, Inc., CN=Thawte SSL CA][Subject: C=KR, ST=Gyeonggi-do, L=Seongnam-si, O=Kakao Corp., CN=*.kakao.com][Certificate SHA-1: 0D:14:6D:8D:5E:EB:F5:F5:42:87:CD:AB:AE:A1:DC:AA:5A:76:6F:E4][Validity: 2014-04-18 00:00:00 - 2016-04-17 23:59:59][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,16,0,0,0,8,8,0,0,0,16,25,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0]
8 TCP 10.24.82.188:51021 <-> 103.246.57.251:8080 [proto: 131/HTTP_Proxy][cat: Web/5][17 pkts/2231 bytes <-> 9 pkts/1695 bytes][Goodput ratio: 48/63][46.77 sec][bytes ratio: 0.137 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 50/36 2833/4340 12590/13131 4126/4407][Pkt Len c2s/s2c min/avg/max/stddev: 68/68 131/188 657/274 136/75][Plen Bins: 13,13,26,0,26,6,6,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
9 TCP 139.150.0.125:443 <-> 10.24.82.188:46947 [proto: 91/TLS][cat: Web/5][9 pkts/1737 bytes <-> 9 pkts/672 bytes][Goodput ratio: 71/25][24.52 sec][bytes ratio: 0.442 (Upload)][IAT c2s/s2c min/avg/max/stddev: 40/104 3456/3426 12765/12806 4427/4480][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 193/75 303/98 123/21][Plen Bins: 0,44,0,0,0,0,0,55,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
10 TCP 10.24.82.188:58964 <-> 54.255.253.199:5223 [proto: 91.178/TLS.Amazon][cat: Web/5][3 pkts/290 bytes <-> 3 pkts/1600 bytes][Goodput ratio: 27/87][0.31 sec][bytes ratio: -0.693 (Download)][IAT c2s/s2c min/avg/max/stddev: 15/5 107/56 199/108 92/52][Pkt Len c2s/s2c min/avg/max/stddev: 68/68 97/533 146/1456 35/652][Risk: ** Known protocol on non standard port **** Obsolete TLS version (< 1.1) **][TLSv1][JA3C: d9ce50c62ab1fd5932da3c6b6d406c65][Plen Bins: 0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0]
11 TCP 10.24.82.188:37557 <-> 31.13.68.84:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][5 pkts/487 bytes <-> 6 pkts/627 bytes][Goodput ratio: 38/45][21.97 sec][Host: www.facebook.com][bytes ratio: -0.126 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 40/40 115/102 264/210 106/77][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 97/104 243/339 73/105][URL: www.facebook.com/mobile/status.php][StatusCode: 204][User-Agent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; MI 3W MIUI/V6.4.3.0.KXDMICB)][PLAIN TEXT (GET /mobile/status.php HTTP/1.1)][Plen Bins: 0,0,0,0,0,50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
12 TCP 10.24.82.188:37553 <-> 31.13.68.84:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][5 pkts/487 bytes <-> 5 pkts/571 bytes][Goodput ratio: 38/49][21.81 sec][Host: www.facebook.com][bytes ratio: -0.079 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 43/38 5452/101 21457/215 9241/81][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 97/114 243/339 73/112][URL: www.facebook.com/mobile/status.php][StatusCode: 204][User-Agent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; MI 3W MIUI/V6.4.3.0.KXDMICB)][PLAIN TEXT (GET /mobile/status.php HTTP/1.1)][Plen Bins: 0,0,0,0,0,50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
13 TCP 216.58.221.10:80 <-> 10.24.82.188:35922 [proto: 7.126/HTTP.Google][cat: Web/5][7 pkts/392 bytes <-> 7 pkts/392 bytes][Goodput ratio: 0/0][25.75 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 136/98 3845/3844 13075/13111 4719/4735][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 56/56 56/56 0/0][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
14 TCP 10.24.82.188:42332 <-> 210.103.240.15:443 [proto: 91/TLS][cat: Web/5][2 pkts/112 bytes <-> 3 pkts/168 bytes][Goodput ratio: 0/0][13.28 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
15 TCP 31.13.68.73:443 <-> 10.24.82.188:47007 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][2 pkts/139 bytes <-> 2 pkts/112 bytes][Goodput ratio: 19/0][0.03 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
16 UDP 10.24.82.188:57816 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/78 bytes <-> 1 pkts/166 bytes][Goodput ratio: 43/73][0.04 sec][Host: katalk.kakao.com][110.76.142.34][PLAIN TEXT (katalk)][Plen Bins: 0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
17 UDP 10.24.82.188:4017 <-> 10.188.1.1:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/85 bytes <-> 1 pkts/144 bytes][Goodput ratio: 48/69][0.05 sec][Host: developers.facebook.com][31.13.68.84][PLAIN TEXT (developers)][Plen Bins: 0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
18 UDP 10.24.82.188:19582 <-> 10.188.1.1:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/80 bytes <-> 1 pkts/138 bytes][Goodput ratio: 44/68][0.04 sec][Host: graph.facebook.com][31.13.68.70][PLAIN TEXT (facebook)][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
19 UDP 10.24.82.188:14650 <-> 10.188.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/87 bytes <-> 1 pkts/130 bytes][Goodput ratio: 49/66][0.05 sec][Host: 2.97.252.173.in-addr.arpa][::][PLAIN TEXT (facebook)][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
20 UDP 10.24.82.188:35603 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/79 bytes <-> 1 pkts/136 bytes][Goodput ratio: 44/67][0.04 sec][Host: ac-talk.kakao.com][110.76.141.112][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
21 UDP 10.24.82.188:41909 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/84 bytes <-> 1 pkts/130 bytes][Goodput ratio: 47/66][0.04 sec][Host: booking.loco.kakao.com][110.76.142.125][PLAIN TEXT (booking)][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
22 UDP 10.24.82.188:25117 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/82 bytes <-> 1 pkts/126 bytes][Goodput ratio: 46/65][0.04 sec][Host: up-gp.talk.kakao.com][110.76.141.26][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
23 UDP 10.24.82.188:5929 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/124 bytes][Goodput ratio: 45/64][0.13 sec][Host: up-p.talk.kakao.com][210.103.240.16][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
24 UDP 10.24.82.188:9094 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/124 bytes][Goodput ratio: 45/64][0.13 sec][Host: up-v.talk.kakao.com][210.103.240.16][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
25 UDP 10.24.82.188:12908 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/124 bytes][Goodput ratio: 45/64][0.04 sec][Host: up-m.talk.kakao.com][210.103.240.16][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
26 UDP 10.24.82.188:29029 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/124 bytes][Goodput ratio: 45/64][0.03 sec][Host: up-a.talk.kakao.com][210.103.240.16][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
27 UDP 10.24.82.188:56820 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/124 bytes][Goodput ratio: 45/64][0.13 sec][Host: up-c.talk.kakao.com][110.76.141.85][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
28 UDP 10.24.82.188:61011 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/119 bytes][Goodput ratio: 45/62][0.03 sec][Host: plus-talk.kakao.com][210.103.240.15][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
29 UDP 10.24.82.188:61011 <-> 10.188.191.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/119 bytes][Goodput ratio: 45/62][0.04 sec][Host: plus-talk.kakao.com][210.103.240.15][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
30 UDP 10.24.82.188:24596 <-> 10.188.1.1:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/78 bytes <-> 1 pkts/118 bytes][Goodput ratio: 43/62][0.05 sec][Host: api.facebook.com][31.13.68.84][PLAIN TEXT (facebook)][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
31 UDP 10.24.82.188:38448 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/76 bytes <-> 1 pkts/114 bytes][Goodput ratio: 42/61][0.08 sec][Host: auth.kakao.com][210.103.240.15][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
32 UDP 10.24.82.188:58810 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/76 bytes <-> 1 pkts/114 bytes][Goodput ratio: 42/61][0.03 sec][Host: item.kakao.com][210.103.240.15][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
33 TCP 10.24.82.188:58927 -> 54.255.253.199:5223 [proto: 178/Amazon][cat: Web/5][2 pkts/181 bytes -> 0 pkts/0 bytes][Goodput ratio: 25/0][41.33 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
34 UDP 10.24.82.188:43077 <-> 10.188.1.1:53 [proto: 5.193/DNS.KakaoTalk][cat: Chat/9][1 pkts/81 bytes <-> 1 pkts/97 bytes][Goodput ratio: 45/54][0.04 sec][Host: dn-l.talk.kakao.com][110.76.141.86][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
35 TCP 10.24.82.188:34686 -> 173.194.72.188:5228 [proto: 126/Google][cat: Web/5][1 pkts/164 bytes -> 0 pkts/0 bytes][Goodput ratio: 58/0][< 1 sec][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
36 ICMP 10.24.82.188:0 -> 10.188.191.1:0 [proto: 81/ICMP][cat: Network/14][1 pkts/147 bytes -> 0 pkts/0 bytes][Goodput ratio: 70/0][< 1 sec][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
37 TCP 10.24.82.188:49217 -> 216.58.220.174:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/83 bytes -> 0 pkts/0 bytes][Goodput ratio: 32/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
38 TCP 120.28.26.242:80 -> 10.24.82.188:34503 [proto: 7/HTTP][cat: Web/5][1 pkts/56 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

40
tests/result/KakaoTalk_talk.pcap.out
View file

@ -13,23 +13,23 @@ JA3 Host Stats:
1 10.24.82.188 2
1 UDP 10.24.82.188:11320 <-> 1.201.1.174:23044 [proto: 87/RTP][cat: Media/1][757 pkts/106335 bytes <-> 746 pkts/93906 bytes][Goodput ratio: 69/65][45.42 sec][bytes ratio: 0.062 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 57/48 202/340 49/48][Pkt Len c2s/s2c min/avg/max/stddev: 99/99 140/126 234/236 43/33][PLAIN TEXT (46yOXQ)]
2 UDP 10.24.82.188:10268 <-> 1.201.1.174:23046 [proto: 87/RTP][cat: Media/1][746 pkts/93906 bytes <-> 742 pkts/104604 bytes][Goodput ratio: 65/69][45.02 sec][bytes ratio: -0.054 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 5/0 58/49 112/476 23/54][Pkt Len c2s/s2c min/avg/max/stddev: 99/99 126/141 236/234 33/43][PLAIN TEXT (46yOXQ)]
3 TCP 10.24.82.188:58857 <-> 110.76.143.50:9001 [proto: 91/TLS][cat: Web/5][22 pkts/5326 bytes <-> 18 pkts/5212 bytes][Goodput ratio: 72/76][51.59 sec][bytes ratio: 0.011 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 14/0 2358/3528 20472/21237 5098/5912][Pkt Len c2s/s2c min/avg/max/stddev: 68/68 242/290 878/920 254/276][Risk: ** Self-signed Certificate **** Obsolete TLS version (< 1.1) **** Weak TLS cipher **][TLSv1][JA3C: 4b79ae67eb3b2cf1c75e68ea0100ca1b][JA3S: 4ea82b75038dd27e8a1cb69d8b839b26 (WEAK)][Issuer: C=KR, L=Seoul, O=Kakao, CN=Kakao.com][Subject: C=KR, L=Seoul, O=Kakao, CN=Kakao.com][Certificate SHA-1: 65:88:37:51:01:AA:1F:12:E4:44:27:52:F9:32:FD:40:94:C1:08:D9][Validity: 2011-12-05 09:19:25 - 2021-12-02 09:19:25][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA]
4 TCP 10.24.82.188:32968 <-> 110.76.143.50:8080 [proto: 91/TLS][cat: Web/5][23 pkts/4380 bytes <-> 22 pkts/5728 bytes][Goodput ratio: 64/73][52.84 sec][bytes ratio: -0.133 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 2/0 691/1317 6069/10226 1399/2632][Pkt Len c2s/s2c min/avg/max/stddev: 68/68 190/260 814/920 164/241][Risk: ** Self-signed Certificate **** Obsolete TLS version (< 1.1) **** Weak TLS cipher **][TLSv1][JA3C: 4b79ae67eb3b2cf1c75e68ea0100ca1b][JA3S: 4ea82b75038dd27e8a1cb69d8b839b26 (WEAK)][Issuer: C=KR, L=Seoul, O=Kakao, CN=Kakao.com][Subject: C=KR, L=Seoul, O=Kakao, CN=Kakao.com][Certificate SHA-1: 65:88:37:51:01:AA:1F:12:E4:44:27:52:F9:32:FD:40:94:C1:08:D9][Validity: 2011-12-05 09:19:25 - 2021-12-02 09:19:25][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA]
5 TCP 10.24.82.188:59954 <-> 173.252.88.128:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][15 pkts/2932 bytes <-> 14 pkts/1092 bytes][Goodput ratio: 71/27][1.96 sec][bytes ratio: 0.457 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2/0 141/117 494/295 163/92][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 195/78 735/189 228/35][Risk: ** Obsolete TLS version (< 1.1) **][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][JA3S: 07dddc59e60135c7b479d39c3ae686af][Cipher: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA]
6 UDP 10.24.82.188:10269 <-> 1.201.1.174:23047 [proto: 194/KakaoTalk_Voice][cat: VoIP/10][12 pkts/1692 bytes <-> 10 pkts/1420 bytes][Goodput ratio: 69/69][45.10 sec][bytes ratio: 0.087 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1062/3176 4203/4247 4716/5160 1131/719][Pkt Len c2s/s2c min/avg/max/stddev: 122/142 141/142 150/142 6/0]
7 UDP 10.24.82.188:11321 <-> 1.201.1.174:23045 [proto: 194/KakaoTalk_Voice][cat: VoIP/10][11 pkts/1542 bytes <-> 11 pkts/1542 bytes][Goodput ratio: 69/69][43.84 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1105/1052 4266/3766 4903/4991 1245/1144][Pkt Len c2s/s2c min/avg/max/stddev: 122/122 140/140 142/142 6/6]
8 TCP 10.24.82.188:48489 <-> 203.205.147.215:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][8 pkts/1117 bytes <-> 7 pkts/610 bytes][Goodput ratio: 54/34][3.79 sec][Host: hkminorshort.weixin.qq.com][bytes ratio: 0.294 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/51 406/439 2019/1166 732/515][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 140/87 665/262 199/71][URL: hkminorshort.weixin.qq.comhttp://hkminorshort.weixin.qq.com/cgi-bin/micromsg-bin/rtkvreport][StatusCode: 200][Content-Type: application/octet-stream][User-Agent: MicroMessenger Client][PLAIN TEXT (POST http)]
9 TCP 10.24.82.188:51021 <-> 103.246.57.251:8080 [proto: 131/HTTP_Proxy][cat: Web/5][6 pkts/543 bytes <-> 5 pkts/945 bytes][Goodput ratio: 25/64][24.77 sec][bytes ratio: -0.270 (Download)][IAT c2s/s2c min/avg/max/stddev: 77/47 4920/8061 17431/17434 6679/7163][Pkt Len c2s/s2c min/avg/max/stddev: 68/68 90/189 130/504 24/164]
10 TCP 139.150.0.125:443 <-> 10.24.82.188:46947 [proto: 91/TLS][cat: Web/5][3 pkts/1044 bytes <-> 2 pkts/154 bytes][Goodput ratio: 84/27][51.90 sec]
11 TCP 10.24.82.188:58916 <-> 54.255.185.236:5222 [proto: 178/Amazon][cat: Web/5][2 pkts/225 bytes <-> 2 pkts/171 bytes][Goodput ratio: 39/20][0.46 sec][PLAIN TEXT (xiaomi.com)]
12 TCP 10.24.82.188:53974 -> 203.205.151.233:8080 [proto: 131/HTTP_Proxy][cat: Web/5][5 pkts/350 bytes -> 0 pkts/0 bytes][Goodput ratio: 3/0][11.12 sec]
13 TCP 120.28.26.242:80 <-> 10.24.82.188:34533 [proto: 7/HTTP][cat: Web/5][3 pkts/168 bytes <-> 2 pkts/112 bytes][Goodput ratio: 0/0][0.48 sec]
14 UDP 10.24.82.188:25223 <-> 10.188.1.1:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/79 bytes <-> 1 pkts/118 bytes][Goodput ratio: 44/62][0.20 sec][Host: mqtt.facebook.com][173.252.97.2][PLAIN TEXT (facebook)]
15 TCP 10.24.82.188:34686 -> 173.194.72.188:5228 [proto: 126/Google][cat: Web/5][1 pkts/164 bytes -> 0 pkts/0 bytes][Goodput ratio: 58/0][< 1 sec]
16 TCP 173.252.88.128:443 -> 10.24.82.188:59912 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][2 pkts/124 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
17 TCP 10.24.82.188:49217 -> 216.58.220.174:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/83 bytes -> 0 pkts/0 bytes][Goodput ratio: 32/0][< 1 sec]
18 TCP 173.194.117.229:443 -> 10.24.82.188:38380 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/56 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
19 TCP 173.252.122.1:443 -> 10.24.82.188:52123 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][1 pkts/56 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
20 TCP 216.58.220.161:443 -> 10.24.82.188:56697 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/56 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
1 UDP 10.24.82.188:11320 <-> 1.201.1.174:23044 [proto: 87/RTP][cat: Media/1][757 pkts/106335 bytes <-> 746 pkts/93906 bytes][Goodput ratio: 69/65][45.42 sec][bytes ratio: 0.062 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 57/48 202/340 49/48][Pkt Len c2s/s2c min/avg/max/stddev: 99/99 140/126 234/236 43/33][PLAIN TEXT (46yOXQ)][Plen Bins: 0,60,19,16,3,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 UDP 10.24.82.188:10268 <-> 1.201.1.174:23046 [proto: 87/RTP][cat: Media/1][746 pkts/93906 bytes <-> 742 pkts/104604 bytes][Goodput ratio: 65/69][45.02 sec][bytes ratio: -0.054 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 5/0 58/49 112/476 23/54][Pkt Len c2s/s2c min/avg/max/stddev: 99/99 126/141 236/234 33/43][PLAIN TEXT (46yOXQ)][Plen Bins: 0,60,18,16,3,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 TCP 10.24.82.188:58857 <-> 110.76.143.50:9001 [proto: 91/TLS][cat: Web/5][22 pkts/5326 bytes <-> 18 pkts/5212 bytes][Goodput ratio: 72/76][51.59 sec][bytes ratio: 0.011 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 14/0 2358/3528 20472/21237 5098/5912][Pkt Len c2s/s2c min/avg/max/stddev: 68/68 242/290 878/920 254/276][Risk: ** Self-signed Certificate **** Obsolete TLS version (< 1.1) **** Weak TLS cipher **][TLSv1][JA3C: 4b79ae67eb3b2cf1c75e68ea0100ca1b][JA3S: 4ea82b75038dd27e8a1cb69d8b839b26 (WEAK)][Issuer: C=KR, L=Seoul, O=Kakao, CN=Kakao.com][Subject: C=KR, L=Seoul, O=Kakao, CN=Kakao.com][Certificate SHA-1: 65:88:37:51:01:AA:1F:12:E4:44:27:52:F9:32:FD:40:94:C1:08:D9][Validity: 2011-12-05 09:19:25 - 2021-12-02 09:19:25][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,0,0,0,5,35,0,5,0,15,5,5,0,0,0,0,0,0,0,0,5,5,0,0,10,5,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 TCP 10.24.82.188:32968 <-> 110.76.143.50:8080 [proto: 91/TLS][cat: Web/5][23 pkts/4380 bytes <-> 22 pkts/5728 bytes][Goodput ratio: 64/73][52.84 sec][bytes ratio: -0.133 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 2/0 691/1317 6069/10226 1399/2632][Pkt Len c2s/s2c min/avg/max/stddev: 68/68 190/260 814/920 164/241][Risk: ** Self-signed Certificate **** Obsolete TLS version (< 1.1) **** Weak TLS cipher **][TLSv1][JA3C: 4b79ae67eb3b2cf1c75e68ea0100ca1b][JA3S: 4ea82b75038dd27e8a1cb69d8b839b26 (WEAK)][Issuer: C=KR, L=Seoul, O=Kakao, CN=Kakao.com][Subject: C=KR, L=Seoul, O=Kakao, CN=Kakao.com][Certificate SHA-1: 65:88:37:51:01:AA:1F:12:E4:44:27:52:F9:32:FD:40:94:C1:08:D9][Validity: 2011-12-05 09:19:25 - 2021-12-02 09:19:25][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,0,0,0,4,47,0,4,0,17,4,4,0,0,0,4,0,0,0,0,0,0,4,4,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 TCP 10.24.82.188:59954 <-> 173.252.88.128:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][15 pkts/2932 bytes <-> 14 pkts/1092 bytes][Goodput ratio: 71/27][1.96 sec][bytes ratio: 0.457 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2/0 141/117 494/295 163/92][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 195/78 735/189 228/35][Risk: ** Obsolete TLS version (< 1.1) **][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][JA3S: 07dddc59e60135c7b479d39c3ae686af][Cipher: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA][Plen Bins: 30,23,0,0,15,0,7,0,7,0,0,0,0,0,0,0,0,0,0,0,0,15,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
6 UDP 10.24.82.188:10269 <-> 1.201.1.174:23047 [proto: 194/KakaoTalk_Voice][cat: VoIP/10][12 pkts/1692 bytes <-> 10 pkts/1420 bytes][Goodput ratio: 69/69][45.10 sec][bytes ratio: 0.087 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1062/3176 4203/4247 4716/5160 1131/719][Pkt Len c2s/s2c min/avg/max/stddev: 122/142 141/142 150/142 6/0][Plen Bins: 0,0,4,95,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
7 UDP 10.24.82.188:11321 <-> 1.201.1.174:23045 [proto: 194/KakaoTalk_Voice][cat: VoIP/10][11 pkts/1542 bytes <-> 11 pkts/1542 bytes][Goodput ratio: 69/69][43.84 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1105/1052 4266/3766 4903/4991 1245/1144][Pkt Len c2s/s2c min/avg/max/stddev: 122/122 140/140 142/142 6/6][Plen Bins: 0,0,9,90,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
8 TCP 10.24.82.188:48489 <-> 203.205.147.215:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][8 pkts/1117 bytes <-> 7 pkts/610 bytes][Goodput ratio: 54/34][3.79 sec][Host: hkminorshort.weixin.qq.com][bytes ratio: 0.294 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/51 406/439 2019/1166 732/515][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 140/87 665/262 199/71][URL: hkminorshort.weixin.qq.comhttp://hkminorshort.weixin.qq.com/cgi-bin/micromsg-bin/rtkvreport][StatusCode: 200][Content-Type: application/octet-stream][User-Agent: MicroMessenger Client][PLAIN TEXT (POST http)][Plen Bins: 0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
9 TCP 10.24.82.188:51021 <-> 103.246.57.251:8080 [proto: 131/HTTP_Proxy][cat: Web/5][6 pkts/543 bytes <-> 5 pkts/945 bytes][Goodput ratio: 25/64][24.77 sec][bytes ratio: -0.270 (Download)][IAT c2s/s2c min/avg/max/stddev: 77/47 4920/8061 17431/17434 6679/7163][Pkt Len c2s/s2c min/avg/max/stddev: 68/68 90/189 130/504 24/164][Plen Bins: 16,50,0,16,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
10 TCP 139.150.0.125:443 <-> 10.24.82.188:46947 [proto: 91/TLS][cat: Web/5][3 pkts/1044 bytes <-> 2 pkts/154 bytes][Goodput ratio: 84/27][51.90 sec][Plen Bins: 0,33,0,0,0,0,0,0,0,0,0,0,0,66,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
11 TCP 10.24.82.188:58916 <-> 54.255.185.236:5222 [proto: 178/Amazon][cat: Web/5][2 pkts/225 bytes <-> 2 pkts/171 bytes][Goodput ratio: 39/20][0.46 sec][PLAIN TEXT (xiaomi.com)][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
12 TCP 10.24.82.188:53974 -> 203.205.151.233:8080 [proto: 131/HTTP_Proxy][cat: Web/5][5 pkts/350 bytes -> 0 pkts/0 bytes][Goodput ratio: 3/0][11.12 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
13 TCP 120.28.26.242:80 <-> 10.24.82.188:34533 [proto: 7/HTTP][cat: Web/5][3 pkts/168 bytes <-> 2 pkts/112 bytes][Goodput ratio: 0/0][0.48 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
14 UDP 10.24.82.188:25223 <-> 10.188.1.1:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/79 bytes <-> 1 pkts/118 bytes][Goodput ratio: 44/62][0.20 sec][Host: mqtt.facebook.com][173.252.97.2][PLAIN TEXT (facebook)][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
15 TCP 10.24.82.188:34686 -> 173.194.72.188:5228 [proto: 126/Google][cat: Web/5][1 pkts/164 bytes -> 0 pkts/0 bytes][Goodput ratio: 58/0][< 1 sec][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
16 TCP 173.252.88.128:443 -> 10.24.82.188:59912 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][2 pkts/124 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
17 TCP 10.24.82.188:49217 -> 216.58.220.174:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/83 bytes -> 0 pkts/0 bytes][Goodput ratio: 32/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
18 TCP 173.194.117.229:443 -> 10.24.82.188:38380 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/56 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
19 TCP 173.252.122.1:443 -> 10.24.82.188:52123 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][1 pkts/56 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
20 TCP 216.58.220.161:443 -> 10.24.82.188:56697 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/56 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

2
tests/result/NTPv2.pcap.out
View file

@ -1,3 +1,3 @@
NTP 1 410 1
1 UDP 208.104.95.10:123 -> 78.46.76.2:80 [proto: 9/NTP][cat: System/18][1 pkts/410 bytes -> 0 pkts/0 bytes][Goodput ratio: 90/0][< 1 sec]
1 UDP 208.104.95.10:123 -> 78.46.76.2:80 [proto: 9/NTP][cat: System/18][1 pkts/410 bytes -> 0 pkts/0 bytes][Goodput ratio: 90/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

2
tests/result/NTPv3.pcap.out
View file

@ -1,3 +1,3 @@
NTP 1 90 1
1 UDP 175.144.140.29:123 -> 78.46.76.2:80 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes -> 0 pkts/0 bytes][Goodput ratio: 53/0][< 1 sec]
1 UDP 175.144.140.29:123 -> 78.46.76.2:80 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes -> 0 pkts/0 bytes][Goodput ratio: 53/0][< 1 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

2
tests/result/NTPv4.pcap.out
View file

@ -1,3 +1,3 @@
NTP 1 90 1
1 UDP 85.22.62.120:123 -> 78.46.76.11:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes -> 0 pkts/0 bytes][Goodput ratio: 53/0][< 1 sec]
1 UDP 85.22.62.120:123 -> 78.46.76.11:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes -> 0 pkts/0 bytes][Goodput ratio: 53/0][< 1 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

2
tests/result/Oscar.pcap.out
View file

@ -1,3 +1,3 @@
TLS 71 9386 1
1 TCP 10.30.29.3:63357 <-> 178.237.24.249:443 [proto: 91/TLS][cat: Web/5][38 pkts/3580 bytes <-> 33 pkts/5806 bytes][Goodput ratio: 42/68][72.45 sec][bytes ratio: -0.237 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2392/2607 58175/58215 10382/11142][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 94/176 369/1414 75/257][PLAIN TEXT (Adium/1.5.10)]
1 TCP 10.30.29.3:63357 <-> 178.237.24.249:443 [proto: 91/TLS][cat: Web/5][38 pkts/3580 bytes <-> 33 pkts/5806 bytes][Goodput ratio: 42/68][72.45 sec][bytes ratio: -0.237 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2392/2607 58175/58215 10382/11142][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 94/176 369/1414 75/257][PLAIN TEXT (Adium/1.5.10)][Plen Bins: 7,55,5,5,0,0,5,2,2,7,0,0,0,0,2,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0]

1594
tests/result/WebattackRCE.pcap.out
View file

File diff suppressed because it is too large Load diff

18
tests/result/WebattackSQLinj.pcap.out
View file

@ -1,11 +1,11 @@
HTTP 94 30008 9
1 TCP 172.16.0.1:36212 <-> 192.168.10.50:80 [proto: 7/HTTP][cat: Web/5][7 pkts/1070 bytes <-> 5 pkts/4487 bytes][Goodput ratio: 56/92][5.01 sec][Host: 205.174.165.68][bytes ratio: -0.615 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1002/3 5000/10 1999/5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 153/897 666/2767 210/1090][URL: 205.174.165.68/dv/vulnerabilities/sqli/?id=1%27+and+1%3D1+union+select+null%2C+table_name+from+information_schema.tables%23&Submit=Submit][StatusCode: 200][Content-Type: text/html][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** SQL injection **** HTTP Numeric IP Address **][PLAIN TEXT (GET /dv/vulnerabilities/sqli/)]
2 TCP 172.16.0.1:36202 <-> 192.168.10.50:80 [proto: 7/HTTP][cat: Web/5][6 pkts/1004 bytes <-> 5 pkts/4487 bytes][Goodput ratio: 60/92][5.09 sec][Host: 205.174.165.68][bytes ratio: -0.634 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/80 1017/40 5004/80 1994/40][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 167/897 666/4215 223/1659][URL: 205.174.165.68/dv/vulnerabilities/sqli/?id=1%27+and+1%3D1+union+select+null%2C+table_name+from+information_schema.tables%23&Submit=Submit][StatusCode: 200][Content-Type: text/html][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** SQL injection **** HTTP Numeric IP Address **][PLAIN TEXT (GET /dv/vulnerabilities/sqli/)]
3 TCP 172.16.0.1:36204 <-> 192.168.10.50:80 [proto: 7/HTTP][cat: Web/5][5 pkts/937 bytes <-> 5 pkts/2359 bytes][Goodput ratio: 64/86][5.01 sec][Host: 205.174.165.68][bytes ratio: -0.431 (Download)][IAT c2s/s2c min/avg/max/stddev: 5/0 1251/1 5000/4 2164/2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 187/472 665/2087 239/808][URL: 205.174.165.68/dv/vulnerabilities/sqli/?id=1%27+and+1%3D1+union+select+user%2C+password+from+users%23&Submit=Submit][StatusCode: 200][Content-Type: text/html][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** SQL injection **** HTTP Numeric IP Address **][PLAIN TEXT (GET /dv/vulnerabilities/sqli/)]
4 TCP 172.16.0.1:36200 <-> 192.168.10.50:80 [proto: 7/HTTP][cat: Web/5][5 pkts/875 bytes <-> 5 pkts/2219 bytes][Goodput ratio: 61/85][5.04 sec][Host: 205.174.165.68][bytes ratio: -0.434 (Download)][IAT c2s/s2c min/avg/max/stddev: 33/0 1259/11 5004/32 2162/15][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 175/444 603/1947 214/752][URL: 205.174.165.68/dv/vulnerabilities/sqli/?id=1%27+and+1%3D1+union+select+database%28%29%2C+user%28%29%23&Submit=Submit][StatusCode: 200][Content-Type: text/html][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** SQL injection **** HTTP Numeric IP Address **][PLAIN TEXT (GET /dv/vulnerabilities/sqli/)]
5 TCP 172.16.0.1:36210 <-> 192.168.10.50:80 [proto: 7/HTTP][cat: Web/5][6 pkts/941 bytes <-> 4 pkts/2153 bytes][Goodput ratio: 57/87][5.01 sec][Host: 205.174.165.68][bytes ratio: -0.392 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/5 1001/2 5000/5 2000/2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 157/538 603/1947 200/813][URL: 205.174.165.68/dv/vulnerabilities/sqli/?id=1%27+and+1%3D1+union+select+database%28%29%2C+user%28%29%23&Submit=Submit][StatusCode: 200][Content-Type: text/html][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** SQL injection **** HTTP Numeric IP Address **][PLAIN TEXT (GET /dv/vulnerabilities/sqli/)]
6 TCP 172.16.0.1:36208 <-> 192.168.10.50:80 [proto: 7/HTTP][cat: Web/5][5 pkts/874 bytes <-> 5 pkts/2178 bytes][Goodput ratio: 61/84][5.01 sec][Host: 205.174.165.68][bytes ratio: -0.427 (Download)][IAT c2s/s2c min/avg/max/stddev: 4/0 1252/1 5005/3 2167/1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 175/436 602/1906 214/735][URL: 205.174.165.68/dv/vulnerabilities/sqli/?id=1%27+and+1%3D1%23&Submit=Submit][StatusCode: 200][Content-Type: text/html][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** SQL injection **** HTTP Numeric IP Address **][PLAIN TEXT (GET /dv/vulnerabilities/sqli/)]
7 TCP 172.16.0.1:36198 <-> 192.168.10.50:80 [proto: 7/HTTP][cat: Web/5][5 pkts/798 bytes <-> 5 pkts/2178 bytes][Goodput ratio: 58/84][5.07 sec][Host: 205.174.165.68][bytes ratio: -0.464 (Download)][IAT c2s/s2c min/avg/max/stddev: 68/0 1267/22 5001/67 2156/32][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 160/436 526/1906 183/735][URL: 205.174.165.68/dv/vulnerabilities/sqli/?id=1%27+and+1%3D1%23&Submit=Submit][StatusCode: 200][Content-Type: text/html][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** SQL injection **** HTTP Numeric IP Address **][PLAIN TEXT (GET /dv/vulnerabilities/sqli/)]
8 TCP 172.16.0.1:36206 <-> 192.168.10.50:80 [proto: 7/HTTP][cat: Web/5][5 pkts/861 bytes <-> 5 pkts/868 bytes][Goodput ratio: 61/61][5.01 sec][Host: 205.174.165.68][bytes ratio: -0.004 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 3/0 1252/1 5005/2 2167/1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 172/174 589/596 208/211][URL: 205.174.165.68/dv/vulnerabilities/sqli/?id=1%27&Submit=Submit][StatusCode: 200][Content-Type: text/html][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (GET /dv/vulnerabilities/sqli/)]
9 TCP 172.16.0.1:36196 <-> 192.168.10.50:80 [proto: 7/HTTP][cat: Web/5][6 pkts/851 bytes <-> 5 pkts/868 bytes][Goodput ratio: 52/61][5.01 sec][Host: 205.174.165.68][bytes ratio: -0.010 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1251/1 5000/3 2164/1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 142/174 513/596 166/211][URL: 205.174.165.68/dv/vulnerabilities/sqli/?id=1%27&Submit=Submit][StatusCode: 200][Content-Type: text/html][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (GET /dv/vulnerabilities/sqli/)]
1 TCP 172.16.0.1:36212 <-> 192.168.10.50:80 [proto: 7/HTTP][cat: Web/5][7 pkts/1070 bytes <-> 5 pkts/4487 bytes][Goodput ratio: 56/92][5.01 sec][Host: 205.174.165.68][bytes ratio: -0.615 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1002/3 5000/10 1999/5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 153/897 666/2767 210/1090][URL: 205.174.165.68/dv/vulnerabilities/sqli/?id=1%27+and+1%3D1+union+select+null%2C+table_name+from+information_schema.tables%23&Submit=Submit][StatusCode: 200][Content-Type: text/html][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** SQL injection **** HTTP Numeric IP Address **][PLAIN TEXT (GET /dv/vulnerabilities/sqli/)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,33]
2 TCP 172.16.0.1:36202 <-> 192.168.10.50:80 [proto: 7/HTTP][cat: Web/5][6 pkts/1004 bytes <-> 5 pkts/4487 bytes][Goodput ratio: 60/92][5.09 sec][Host: 205.174.165.68][bytes ratio: -0.634 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/80 1017/40 5004/80 1994/40][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 167/897 666/4215 223/1659][URL: 205.174.165.68/dv/vulnerabilities/sqli/?id=1%27+and+1%3D1+union+select+null%2C+table_name+from+information_schema.tables%23&Submit=Submit][StatusCode: 200][Content-Type: text/html][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** SQL injection **** HTTP Numeric IP Address **][PLAIN TEXT (GET /dv/vulnerabilities/sqli/)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
3 TCP 172.16.0.1:36204 <-> 192.168.10.50:80 [proto: 7/HTTP][cat: Web/5][5 pkts/937 bytes <-> 5 pkts/2359 bytes][Goodput ratio: 64/86][5.01 sec][Host: 205.174.165.68][bytes ratio: -0.431 (Download)][IAT c2s/s2c min/avg/max/stddev: 5/0 1251/1 5000/4 2164/2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 187/472 665/2087 239/808][URL: 205.174.165.68/dv/vulnerabilities/sqli/?id=1%27+and+1%3D1+union+select+user%2C+password+from+users%23&Submit=Submit][StatusCode: 200][Content-Type: text/html][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** SQL injection **** HTTP Numeric IP Address **][PLAIN TEXT (GET /dv/vulnerabilities/sqli/)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
4 TCP 172.16.0.1:36200 <-> 192.168.10.50:80 [proto: 7/HTTP][cat: Web/5][5 pkts/875 bytes <-> 5 pkts/2219 bytes][Goodput ratio: 61/85][5.04 sec][Host: 205.174.165.68][bytes ratio: -0.434 (Download)][IAT c2s/s2c min/avg/max/stddev: 33/0 1259/11 5004/32 2162/15][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 175/444 603/1947 214/752][URL: 205.174.165.68/dv/vulnerabilities/sqli/?id=1%27+and+1%3D1+union+select+database%28%29%2C+user%28%29%23&Submit=Submit][StatusCode: 200][Content-Type: text/html][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** SQL injection **** HTTP Numeric IP Address **][PLAIN TEXT (GET /dv/vulnerabilities/sqli/)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
5 TCP 172.16.0.1:36210 <-> 192.168.10.50:80 [proto: 7/HTTP][cat: Web/5][6 pkts/941 bytes <-> 4 pkts/2153 bytes][Goodput ratio: 57/87][5.01 sec][Host: 205.174.165.68][bytes ratio: -0.392 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/5 1001/2 5000/5 2000/2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 157/538 603/1947 200/813][URL: 205.174.165.68/dv/vulnerabilities/sqli/?id=1%27+and+1%3D1+union+select+database%28%29%2C+user%28%29%23&Submit=Submit][StatusCode: 200][Content-Type: text/html][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** SQL injection **** HTTP Numeric IP Address **][PLAIN TEXT (GET /dv/vulnerabilities/sqli/)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
6 TCP 172.16.0.1:36208 <-> 192.168.10.50:80 [proto: 7/HTTP][cat: Web/5][5 pkts/874 bytes <-> 5 pkts/2178 bytes][Goodput ratio: 61/84][5.01 sec][Host: 205.174.165.68][bytes ratio: -0.427 (Download)][IAT c2s/s2c min/avg/max/stddev: 4/0 1252/1 5005/3 2167/1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 175/436 602/1906 214/735][URL: 205.174.165.68/dv/vulnerabilities/sqli/?id=1%27+and+1%3D1%23&Submit=Submit][StatusCode: 200][Content-Type: text/html][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** SQL injection **** HTTP Numeric IP Address **][PLAIN TEXT (GET /dv/vulnerabilities/sqli/)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
7 TCP 172.16.0.1:36198 <-> 192.168.10.50:80 [proto: 7/HTTP][cat: Web/5][5 pkts/798 bytes <-> 5 pkts/2178 bytes][Goodput ratio: 58/84][5.07 sec][Host: 205.174.165.68][bytes ratio: -0.464 (Download)][IAT c2s/s2c min/avg/max/stddev: 68/0 1267/22 5001/67 2156/32][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 160/436 526/1906 183/735][URL: 205.174.165.68/dv/vulnerabilities/sqli/?id=1%27+and+1%3D1%23&Submit=Submit][StatusCode: 200][Content-Type: text/html][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** SQL injection **** HTTP Numeric IP Address **][PLAIN TEXT (GET /dv/vulnerabilities/sqli/)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
8 TCP 172.16.0.1:36206 <-> 192.168.10.50:80 [proto: 7/HTTP][cat: Web/5][5 pkts/861 bytes <-> 5 pkts/868 bytes][Goodput ratio: 61/61][5.01 sec][Host: 205.174.165.68][bytes ratio: -0.004 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 3/0 1252/1 5005/2 2167/1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 172/174 589/596 208/211][URL: 205.174.165.68/dv/vulnerabilities/sqli/?id=1%27&Submit=Submit][StatusCode: 200][Content-Type: text/html][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (GET /dv/vulnerabilities/sqli/)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
9 TCP 172.16.0.1:36196 <-> 192.168.10.50:80 [proto: 7/HTTP][cat: Web/5][6 pkts/851 bytes <-> 5 pkts/868 bytes][Goodput ratio: 52/61][5.01 sec][Host: 205.174.165.68][bytes ratio: -0.010 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1251/1 5000/3 2164/1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 142/174 513/596 166/211][URL: 205.174.165.68/dv/vulnerabilities/sqli/?id=1%27&Submit=Submit][StatusCode: 200][Content-Type: text/html][User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (GET /dv/vulnerabilities/sqli/)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

1322
tests/result/WebattackXSS.pcap.out
View file

File diff suppressed because it is too large Load diff

8
tests/result/ajp.pcap.out
View file

@ -1,10 +1,10 @@
Unknown 6 2200 2
AJP 26 4446 2
1 TCP 172.29.9.146:38856 <-> 172.29.9.147:8009 [VLAN: 7][proto: 139/AJP][cat: Web/5][7 pkts/1554 bytes <-> 6 pkts/669 bytes][Goodput ratio: 68/36][0.17 sec][bytes ratio: 0.398 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/0 0/0 0/0][Pkt Len c2s/s2c min/avg/max/stddev: 70/70 222/112 896/300 286/84][PLAIN TEXT (HTTP/1.1)]
2 TCP 172.29.9.146:38856 <-> 172.29.9.147:8010 [VLAN: 7][proto: 139/AJP][cat: Web/5][7 pkts/1554 bytes <-> 6 pkts/669 bytes][Goodput ratio: 68/36][< 1 sec][bytes ratio: 0.398 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/0 0/0 0/0][Pkt Len c2s/s2c min/avg/max/stddev: 70/70 222/112 896/300 286/84][PLAIN TEXT (HTTP/1.1)]
1 TCP 172.29.9.146:38856 <-> 172.29.9.147:8009 [VLAN: 7][proto: 139/AJP][cat: Web/5][7 pkts/1554 bytes <-> 6 pkts/669 bytes][Goodput ratio: 68/36][0.17 sec][bytes ratio: 0.398 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/0 0/0 0/0][Pkt Len c2s/s2c min/avg/max/stddev: 70/70 222/112 896/300 286/84][PLAIN TEXT (HTTP/1.1)][Plen Bins: 50,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 TCP 172.29.9.146:38856 <-> 172.29.9.147:8010 [VLAN: 7][proto: 139/AJP][cat: Web/5][7 pkts/1554 bytes <-> 6 pkts/669 bytes][Goodput ratio: 68/36][< 1 sec][bytes ratio: 0.398 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/0 0/0 0/0][Pkt Len c2s/s2c min/avg/max/stddev: 70/70 222/112 896/300 286/84][PLAIN TEXT (HTTP/1.1)][Plen Bins: 50,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Undetected flows:
1 80 93.88.129.0:0 -> 0.7.8.0:0 [proto: 0/Unknown][4 pkts/2012 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][0.17 sec][PLAIN TEXT (HTTP/1.1)]
2 80 142.243.129.0:0 -> 0.7.8.0:0 [proto: 0/Unknown][2 pkts/188 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][0.17 sec]
1 80 93.88.129.0:0 -> 0.7.8.0:0 [proto: 0/Unknown][4 pkts/2012 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][0.17 sec][PLAIN TEXT (HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 80 142.243.129.0:0 -> 0.7.8.0:0 [proto: 0/Unknown][2 pkts/188 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][0.17 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

6
tests/result/amqp.pcap.out
View file

@ -1,5 +1,5 @@
AMQP 160 23514 3
1 TCP 127.0.0.1:44205 <-> 127.0.1.1:5672 [proto: 192/AMQP][cat: RPC/16][54 pkts/10859 bytes <-> 54 pkts/3564 bytes][Goodput ratio: 67/0][4.12 sec][bytes ratio: 0.506 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 85/85 2001/2001 341/341][Pkt Len c2s/s2c min/avg/max/stddev: 103/66 201/66 395/66 103/0][PLAIN TEXT (celeryev)]
2 TCP 127.0.1.1:5672 <-> 127.0.0.1:44204 [proto: 192/AMQP][cat: RPC/16][13 pkts/4327 bytes <-> 9 pkts/699 bytes][Goodput ratio: 80/15][4.12 sec][bytes ratio: 0.722 (Upload)][IAT c2s/s2c min/avg/max/stddev: 3/3 407/588 2001/2001 623/729][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 333/78 514/87 211/10][PLAIN TEXT (celeryev)]
3 TCP 127.0.0.1:44206 <-> 127.0.1.1:5672 [proto: 192/AMQP][cat: RPC/16][15 pkts/3075 bytes <-> 15 pkts/990 bytes][Goodput ratio: 68/0][1.04 sec][bytes ratio: 0.513 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 87/87 540/540 182/182][Pkt Len c2s/s2c min/avg/max/stddev: 97/66 205/66 312/66 88/0][PLAIN TEXT (default)]
1 TCP 127.0.0.1:44205 <-> 127.0.1.1:5672 [proto: 192/AMQP][cat: RPC/16][54 pkts/10859 bytes <-> 54 pkts/3564 bytes][Goodput ratio: 67/0][4.12 sec][bytes ratio: 0.506 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 85/85 2001/2001 341/341][Pkt Len c2s/s2c min/avg/max/stddev: 103/66 201/66 395/66 103/0][PLAIN TEXT (celeryev)][Plen Bins: 0,33,0,33,0,0,9,0,9,5,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 TCP 127.0.1.1:5672 <-> 127.0.0.1:44204 [proto: 192/AMQP][cat: RPC/16][13 pkts/4327 bytes <-> 9 pkts/699 bytes][Goodput ratio: 80/15][4.12 sec][bytes ratio: 0.722 (Upload)][IAT c2s/s2c min/avg/max/stddev: 3/3 407/588 2001/2001 623/729][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 333/78 514/87 211/10][PLAIN TEXT (celeryev)][Plen Bins: 38,0,0,0,0,0,0,0,0,0,0,0,0,38,23,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 TCP 127.0.0.1:44206 <-> 127.0.1.1:5672 [proto: 192/AMQP][cat: RPC/16][15 pkts/3075 bytes <-> 15 pkts/990 bytes][Goodput ratio: 68/0][1.04 sec][bytes ratio: 0.513 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 87/87 540/540 182/182][Pkt Len c2s/s2c min/avg/max/stddev: 97/66 205/66 312/66 88/0][PLAIN TEXT (default)][Plen Bins: 33,0,0,0,33,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

126
tests/result/android.pcap.out
View file

@ -18,66 +18,66 @@ JA3 Host Stats:
1 192.168.2.16 8
1 TCP 192.168.2.16:32996 <-> 216.239.38.120:443 [proto: 91.126/TLS.Google][cat: Web/5][17 pkts/1949 bytes <-> 15 pkts/11826 bytes][Goodput ratio: 42/92][0.75 sec][ALPN: http/1.1][bytes ratio: -0.717 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 56/27 386/221 108/60][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 115/788 578/1484 125/627][TLSv1.2][Client: www.google.com][JA3C: 6ec2896feff5746955f700c0023f5804][ServerNames: www.google.com][JA3S: eca9b8f0f3eae50309eaf901cb822d9b][Issuer: C=US, O=Google Trust Services, CN=GTS CA 1O1][Subject: C=US, ST=California, L=Mountain View, O=Google LLC, CN=www.google.com][Certificate SHA-1: 32:07:6C:9F:96:7D:CE:82:15:C6:C5:7B:49:90:53:A1:CF:80:4F:B0][Validity: 2020-02-12 11:47:41 - 2020-05-06 11:47:41][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256]
2 TCP 192.168.2.16:33002 <-> 216.239.38.120:443 [proto: 91.126/TLS.Google][cat: Web/5][15 pkts/2371 bytes <-> 15 pkts/6005 bytes][Goodput ratio: 58/83][0.35 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLS (2A2A);TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.434 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 24/10 184/48 49/16][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 158/400 670/1484 186/477][TLSv1.3][Client: accounts.google.com][JA3C: 66918128f1b9b03303d77c6f2eefd128][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Cipher: TLS_AES_128_GCM_SHA256]
3 TCP 192.168.2.16:32990 <-> 216.239.38.120:443 [proto: 91.228/TLS.PlayStore][cat: SoftwareUpdate/19][11 pkts/2272 bytes <-> 10 pkts/5932 bytes][Goodput ratio: 68/89][0.35 sec][bytes ratio: -0.446 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 44/23 128/77 45/30][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 207/593 1023/1484 297/582][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.3][Client: android.clients.google.com][JA3C: 9c815150ea821166faecf80757d8826a][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Cipher: TLS_AES_128_GCM_SHA256]
4 TCP 192.168.2.16:32986 <-> 216.239.38.120:443 [proto: 91.228/TLS.PlayStore][cat: SoftwareUpdate/19][11 pkts/2233 bytes <-> 10 pkts/5793 bytes][Goodput ratio: 67/88][0.49 sec][bytes ratio: -0.444 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 60/39 185/181 63/59][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 203/579 984/1484 287/585][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.3][Client: android.clients.google.com][JA3C: 9c815150ea821166faecf80757d8826a][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Cipher: TLS_AES_128_GCM_SHA256]
5 TCP 192.168.2.16:51928 <-> 172.217.21.202:443 [proto: 91.46/TLS.DataSaver][cat: Web/5][14 pkts/2051 bytes <-> 13 pkts/5408 bytes][Goodput ratio: 55/84][0.35 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLS (7A7A);TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.450 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 24/14 132/77 37/24][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 146/416 583/1484 145/494][TLSv1.3][Client: datasaver.googleapis.com][JA3C: 66918128f1b9b03303d77c6f2eefd128][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Cipher: TLS_AES_128_GCM_SHA256]
6 TCP 192.168.2.16:32974 <-> 216.239.38.120:443 [proto: 91.126/TLS.Google][cat: Web/5][13 pkts/1439 bytes <-> 10 pkts/5592 bytes][Goodput ratio: 40/88][0.52 sec][bytes ratio: -0.591 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 48/34 202/137 60/48][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 111/559 380/1484 92/576][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: clients1.google.com][JA3C: c60d01d600aacc2c04844595ce224279][ServerNames: *.google.com,*.android.com,*.appengine.google.com,*.cloud.google.com,*.crowdsource.google.com,*.g.co,*.gcp.gvt2.com,*.gcpcdn.gvt1.com,*.ggpht.cn,*.gkecnapps.cn,*.google-analytics.com,*.google.ca,*.google.cl,*.google.co.in,*.google.co.jp,*.google.co.uk,*.google.com.ar,*.google.com.au,*.google.com.br,*.google.com.co,*.google.com.mx,*.google.com.tr,*.google.com.vn,*.google.de,*.google.es,*.google.fr,*.google.hu,*.google.it,*.google.nl,*.google.pl,*.google.pt,*.googleadapis.com,*.googleapis.cn,*.googlecnapps.cn,*.googlecommerce.com,*.googlevideo.com,*.gstatic.cn,*.gstatic.com,*.gstaticcnapps.cn,*.gvt1.com,*.gvt2.com,*.metric.gstatic.com,*.urchin.com,*.url.google.com,*.wear.gkecnapps.cn,*.youtube-nocookie.com,*.youtube.com,*.youtubeeducation.com,*.youtubekids.com,*.yt.be,*.ytimg.com,android.clients.google.com,android.com,developer.android.google.cn,developers.android.google.cn,g.co,ggpht.cn,gkecnapps.cn,goo.gl,google-analytics.com,google.com,googlecnapps.cn,googlecommerce.com,source.android.google.cn,urchin.com,www.goo.gl,youtu.be,youtube.com,youtubeeducation.com,youtubekids.com,yt.be][JA3S: b31c0b82752ea0e2c48b8ce46e9263e5][Issuer: C=US, O=Google Trust Services, CN=GTS CA 1O1][Subject: C=US, ST=California, L=Mountain View, O=Google LLC, CN=*.google.com][Certificate SHA-1: 80:50:28:F4:84:F5:C4:C6:41:DE:75:67:38:C4:A6:E2:59:FF:75:42][Validity: 2020-02-12 11:47:11 - 2020-05-06 11:47:11][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256]
7 TCP 192.168.2.16:50384 <-> 172.217.168.206:443 [proto: 91.126/TLS.Google][cat: Web/5][11 pkts/1365 bytes <-> 9 pkts/5365 bytes][Goodput ratio: 45/89][2.49 sec][ALPN: http/1.1][bytes ratio: -0.594 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 277/69 1716/301 516/102][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 124/596 407/1484 105/544][TLSv1.2][Client: app-measurement.com][JA3C: 6ec2896feff5746955f700c0023f5804][ServerNames: *.google-analytics.com,*.fps.goog,app-measurement.com,fps.goog,google-analytics.com,googleoptimize.com,googletagmanager.com,service.urchin.com,ssl.google-analytics.com,urchin.com,www.google-analytics.com,www.googleoptimize.com,www.googletagmanager.com][JA3S: 9d9ce860f1b1cbef07b019450cb368d8][Issuer: C=US, O=Google Trust Services, CN=GTS CA 1O1][Subject: C=US, ST=California, L=Mountain View, O=Google LLC, CN=*.google-analytics.com][Certificate SHA-1: B0:D9:D3:57:C2:34:87:2C:FB:F5:E6:BD:7F:9F:54:65:08:61:AF:01][Validity: 2020-02-12 11:37:03 - 2020-05-06 11:37:03][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
8 TCP 192.168.2.16:52486 <-> 172.217.20.74:443 [proto: 91.239/TLS.GoogleServices][cat: Web/5][12 pkts/1298 bytes <-> 10 pkts/5186 bytes][Goodput ratio: 38/87][1.75 sec][ALPN: http/1.1][bytes ratio: -0.600 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 194/37 1374/212 422/70][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 108/519 286/1484 76/570][TLSv1.2][Client: play.googleapis.com][JA3C: d8c87b9bfde38897979e41242626c2f3][ServerNames: *.storage.googleapis.com,*.appspot.com.storage.googleapis.com,*.commondatastorage.googleapis.com,*.content-storage-download.googleapis.com,*.content-storage-upload.googleapis.com,*.content-storage.googleapis.com,*.googleapis.com,*.storage-download.googleapis.com,*.storage-upload.googleapis.com,*.storage.select.googleapis.com,commondatastorage.googleapis.com,storage.googleapis.com,storage.select.googleapis.com,unfiltered.news][JA3S: eca9b8f0f3eae50309eaf901cb822d9b][Issuer: C=US, O=Google Trust Services, CN=GTS CA 1O1][Subject: C=US, ST=California, L=Mountain View, O=Google LLC, CN=*.storage.googleapis.com][Certificate SHA-1: BA:BA:BA:55:69:9F:E0:BD:48:80:23:A4:B3:AD:C1:FF:EA:4E:17:C9][Validity: 2020-02-12 11:45:22 - 2020-05-06 11:45:22][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256]
9 TCP 192.168.2.16:32988 <-> 216.239.38.120:443 [proto: 91.228/TLS.PlayStore][cat: SoftwareUpdate/19][8 pkts/2089 bytes <-> 7 pkts/4242 bytes][Goodput ratio: 74/89][0.97 sec][bytes ratio: -0.340 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 158/80 530/246 186/98][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 261/606 1038/1484 338/639][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.3][Client: android.clients.google.com][JA3C: 9c815150ea821166faecf80757d8826a][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Cipher: TLS_AES_128_GCM_SHA256]
10 TCP 192.168.2.16:36888 <-> 172.217.18.3:443 [proto: 91.126/TLS.Google][cat: Web/5][9 pkts/1175 bytes <-> 7 pkts/4762 bytes][Goodput ratio: 47/90][1.62 sec][ALPN: http/1.1][bytes ratio: -0.604 (Download)][IAT c2s/s2c min/avg/max/stddev: 27/28 203/104 522/277 176/93][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 131/680 327/1484 93/575][TLSv1.2][Client: connectivitycheck.gstatic.com][JA3C: d8c87b9bfde38897979e41242626c2f3]
11 TCP 192.168.2.16:36890 <-> 172.217.18.3:443 [proto: 91.126/TLS.Google][cat: Web/5][9 pkts/1151 bytes <-> 7 pkts/4762 bytes][Goodput ratio: 48/90][0.84 sec][ALPN: http/1.1][bytes ratio: -0.611 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 120/15 647/36 217/16][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 128/680 327/1484 95/575][TLSv1.2][Client: connectivitycheck.gstatic.com][JA3C: d8c87b9bfde38897979e41242626c2f3][ServerNames: *.google.com,*.android.com,*.appengine.google.com,*.cloud.google.com,*.crowdsource.google.com,*.g.co,*.gcp.gvt2.com,*.gcpcdn.gvt1.com,*.ggpht.cn,*.gkecnapps.cn,*.google-analytics.com,*.google.ca,*.google.cl,*.google.co.in,*.google.co.jp,*.google.co.uk,*.google.com.ar,*.google.com.au,*.google.com.br,*.google.com.co,*.google.com.mx,*.google.com.tr,*.google.com.vn,*.google.de,*.google.es,*.google.fr,*.google.hu,*.google.it,*.google.nl,*.google.pl,*.google.pt,*.googleadapis.com,*.googleapis.cn,*.googlecnapps.cn,*.googlecommerce.com,*.googlevideo.com,*.gstatic.cn,*.gstatic.com,*.gstaticcnapps.cn,*.gvt1.com,*.gvt2.com,*.metric.gstatic.com,*.urchin.com,*.url.google.com,*.wear.gkecnapps.cn,*.youtube-nocookie.com,*.youtube.com,*.youtubeeducation.com,*.youtubekids.com,*.yt.be,*.ytimg.com,android.clients.google.com,android.com,developer.android.google.cn,developers.android.google.cn,g.co,ggpht.cn,gkecnapps.cn,goo.gl,google-analytics.com,google.com,googlecnapps.cn,googlecommerce.com,source.android.google.cn,urchin.com,www.goo.gl,youtu.be,youtube.com,youtubeeducation.com,youtubekids.com,yt.be][JA3S: eca9b8f0f3eae50309eaf901cb822d9b][Issuer: C=US, O=Google Trust Services, CN=GTS CA 1O1][Subject: C=US, ST=California, L=Mountain View, O=Google LLC, CN=*.google.com][Certificate SHA-1: 80:50:28:F4:84:F5:C4:C6:41:DE:75:67:38:C4:A6:E2:59:FF:75:42][Validity: 2020-02-12 11:47:11 - 2020-05-06 11:47:11][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256]
12 TCP 192.168.2.16:33014 <-> 216.239.38.120:443 [proto: 91.126/TLS.Google][cat: Web/5][11 pkts/1877 bytes <-> 7 pkts/3708 bytes][Goodput ratio: 61/87][0.20 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLS (9A9A);TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.328 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 21/11 96/40 29/16][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 171/530 583/1484 180/574][TLSv1.3][Client: www.google.com][JA3C: 66918128f1b9b03303d77c6f2eefd128][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Cipher: TLS_AES_128_GCM_SHA256]
13 TCP 192.168.2.16:51944 <-> 172.217.21.202:443 [proto: 91.46/TLS.DataSaver][cat: Web/5][12 pkts/2171 bytes <-> 12 pkts/2705 bytes][Goodput ratio: 63/70][0.20 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLS (4A4A);TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.110 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 14/11 39/64 15/19][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 181/225 660/646 208/202][TLSv1.3][Client: datasaver.googleapis.com][JA3C: 554719594ba90b02ae410c297c6e50ad][JA3S: 2b0648ab686ee45e0e7c35fcfb0eea7e][Cipher: TLS_AES_128_GCM_SHA256]
14 TCP 192.168.2.16:43646 <-> 172.217.20.76:443 [proto: 91.46/TLS.DataSaver][cat: Web/5][8 pkts/1053 bytes <-> 6 pkts/3460 bytes][Goodput ratio: 49/88][0.20 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLS (AAAA);TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.533 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 32/16 51/61 18/26][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 132/577 583/1484 171/646][TLSv1.3][Client: proxy.googlezip.net][JA3C: 66918128f1b9b03303d77c6f2eefd128][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Cipher: TLS_AES_128_GCM_SHA256]
15 TCP 192.168.2.16:43634 <-> 172.217.20.76:443 [proto: 91.46/TLS.DataSaver][cat: Web/5][8 pkts/1005 bytes <-> 6 pkts/3460 bytes][Goodput ratio: 51/88][0.11 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLS (2A2A);TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.550 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 18/16 39/61 13/26][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 126/577 583/1484 173/646][TLSv1.3][Client: proxy.googlezip.net][JA3C: 66918128f1b9b03303d77c6f2eefd128][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Cipher: TLS_AES_128_GCM_SHA256]
16 TCP 192.168.2.16:32998 <-> 216.239.38.120:443 [proto: 91.126/TLS.Google][cat: Web/5][8 pkts/1005 bytes <-> 6 pkts/3449 bytes][Goodput ratio: 51/88][0.05 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLS (8A8A);TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.549 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 8/9 20/17 8/8][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 126/575 583/1484 173/647][TLSv1.3][Client: accounts.google.com][JA3C: 66918128f1b9b03303d77c6f2eefd128][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Cipher: TLS_AES_128_GCM_SHA256]
17 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][12 pkts/4088 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][82.22 sec][Host: lucas-imac][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 130/0 6001/0 8764/0 3124/0][Pkt Len c2s/s2c min/avg/max/stddev: 328/0 341/0 342/0 4/0][DHCP Fingerprint: 1,121,3,6,15,119,252,95,44,46][PLAIN TEXT (android)]
18 TCP 192.168.2.16:36834 <-> 173.194.79.114:80 [proto: 7.46/HTTP.DataSaver][cat: Web/5][8 pkts/1130 bytes <-> 5 pkts/1254 bytes][Goodput ratio: 53/73][0.30 sec][Host: check.googlezip.net][bytes ratio: -0.052 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/1 41/59 105/141 31/59][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 141/251 363/524 128/223][URL: check.googlezip.net/connect][StatusCode: 200][Content-Type: text/html][User-Agent: Mozilla/5.0 (Linux; Android 9; Nokia 2.2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.93 Mobile Safari/537.36][PLAIN TEXT (GET /connect HTTP/1.1)]
19 TCP 192.168.2.16:44374 <-> 172.217.22.10:443 [proto: 91.239/TLS.GoogleServices][cat: Web/5][3 pkts/723 bytes <-> 3 pkts/1624 bytes][Goodput ratio: 71/87][0.10 sec][bytes ratio: -0.384 (Download)][IAT c2s/s2c min/avg/max/stddev: 26/9 33/38 40/66 7/28][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 241/541 583/1484 242/667][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.3][Client: android.googleapis.com][JA3C: 629b587f706aee60430ec3879c6edb66][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Cipher: TLS_AES_128_GCM_SHA256]
20 TCP 192.168.2.16:58338 <-> 17.253.53.201:80 [proto: 7.140/HTTP.Apple][cat: Web/5][6 pkts/607 bytes <-> 5 pkts/1053 bytes][Goodput ratio: 33/68][0.16 sec][Host: captive.apple.com][bytes ratio: -0.269 (Download)][IAT c2s/s2c min/avg/max/stddev: 3/0 25/23 42/46 15/23][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 101/211 269/781 75/285][URL: captive.apple.com/][StatusCode: 200][Content-Type: text/html][User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.32 Safari/537.36][PLAIN TEXT (GET / HTTP/1.1)]
21 UDP 192.168.2.1:17500 -> 192.168.2.255:17500 [proto: 121/Dropbox][cat: Cloud/13][3 pkts/1656 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][60.10 sec][PLAIN TEXT (version)]
22 TCP 192.168.2.16:36848 <-> 173.194.79.114:80 [proto: 7.46/HTTP.DataSaver][cat: Web/5][4 pkts/569 bytes <-> 3 pkts/664 bytes][Goodput ratio: 52/69][0.11 sec][Host: check.googlezip.net][bytes ratio: -0.077 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 31/1 37/36 41/72 4/36][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 142/221 363/524 127/214][URL: check.googlezip.net/connect][StatusCode: 200][Content-Type: text/html][User-Agent: Mozilla/5.0 (Linux; Android 9; Nokia 2.2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.93 Mobile Safari/537.36][PLAIN TEXT (GET /connect HTTP/1.1)]
23 TCP 17.248.176.75:443 -> 192.168.2.17:50580 [proto: 91.140/TLS.Apple][cat: Web/5][8 pkts/1067 bytes -> 0 pkts/0 bytes][Goodput ratio: 50/0][18.90 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 294/0 2700/0 9727/0 3229/0][Pkt Len c2s/s2c min/avg/max/stddev: 97/0 133/0 143/0 17/0]
24 TCP 17.248.176.75:443 -> 192.168.2.17:50584 [proto: 91.140/TLS.Apple][cat: Web/5][8 pkts/1067 bytes -> 0 pkts/0 bytes][Goodput ratio: 50/0][19.37 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 300/0 2767/0 9727/0 3262/0][Pkt Len c2s/s2c min/avg/max/stddev: 97/0 133/0 143/0 17/0]
25 TCP 192.168.2.16:52514 <-> 172.217.20.74:443 [proto: 91.239/TLS.GoogleServices][cat: Web/5][3 pkts/723 bytes <-> 1 pkts/74 bytes][Goodput ratio: 71/0][0.27 sec][ALPN: h2][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][TLSv1.2][Client: semanticlocation-pa.googleapis.com][JA3C: 33490b1d5377580b19f7f9b5849d7991][PLAIN TEXT (semanticlocation)]
26 UDP 192.168.2.1:67 -> 192.168.2.16:68 [proto: 18/DHCP][cat: Network/14][2 pkts/684 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][0.13 sec][PLAIN TEXT (iMac.local)]
27 TCP 17.248.185.10:443 -> 192.168.2.17:50702 [proto: 91.140/TLS.Apple][cat: Web/5][7 pkts/648 bytes -> 0 pkts/0 bytes][Goodput ratio: 29/0][13.42 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 427/0 2236/0 6975/0 2385/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/0 93/0 97/0 11/0]
28 UDP 192.168.2.16:52953 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][cat: Web/5][1 pkts/77 bytes <-> 1 pkts/221 bytes][Goodput ratio: 45/81][0.04 sec][Host: captive.apple.com][17.253.53.201][PLAIN TEXT (captive)]
29 UDP 192.168.2.1:57621 -> 192.168.2.255:57621 [proto: 156/Spotify][cat: Music/25][3 pkts/258 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][60.02 sec][PLAIN TEXT (SpotUdp)]
30 UDP [fe80::4e6a:f6ff:fe9f:f627]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network/14][2 pkts/228 bytes -> 0 pkts/0 bytes][Goodput ratio: 45/0][2.16 sec]
31 UDP 192.168.2.16:35825 <-> 192.168.2.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/76 bytes <-> 1 pkts/140 bytes][Goodput ratio: 44/70][0.04 sec][Host: time.android.com][216.239.35.8][PLAIN TEXT (android)]
32 TCP 192.168.2.16:36850 <-> 173.194.79.114:80 [proto: 7.126/HTTP.Google][cat: Web/5][2 pkts/140 bytes <-> 1 pkts/74 bytes][Goodput ratio: 0/0][0.04 sec]
33 UDP 192.168.2.16:35689 <-> 192.168.2.1:53 [proto: 5.239/DNS.GoogleServices][cat: Web/5][1 pkts/94 bytes <-> 1 pkts/110 bytes][Goodput ratio: 55/61][0.04 sec][Host: semanticlocation-pa.googleapis.com][172.217.20.74][PLAIN TEXT (semanticlocation)]
34 UDP 192.168.2.16:47081 <-> 192.168.2.1:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/89 bytes <-> 1 pkts/105 bytes][Goodput ratio: 52/59][0.04 sec][Host: connectivitycheck.gstatic.com][172.217.18.3][PLAIN TEXT (connectivitycheck)]
35 UDP 192.168.2.16:36613 <-> 192.168.2.1:53 [proto: 5.228/DNS.PlayStore][cat: SoftwareUpdate/19][1 pkts/86 bytes <-> 1 pkts/102 bytes][Goodput ratio: 51/58][0.00 sec][Host: android.clients.google.com][216.239.38.120][PLAIN TEXT (android)]
36 UDP 192.168.2.16:7660 <-> 192.168.2.1:53 [proto: 5.46/DNS.DataSaver][cat: Web/5][1 pkts/84 bytes <-> 1 pkts/100 bytes][Goodput ratio: 49/57][0.04 sec][Host: datasaver.googleapis.com][172.217.21.202][PLAIN TEXT (datasaver)]
37 UDP 192.168.2.16:18379 <-> 192.168.2.1:53 [proto: 5.46/DNS.DataSaver][cat: Web/5][1 pkts/84 bytes <-> 1 pkts/100 bytes][Goodput ratio: 49/57][0.00 sec][Host: datasaver.googleapis.com][172.217.21.202][PLAIN TEXT (datasaver)]
38 UDP 192.168.2.16:39760 <-> 192.168.2.1:53 [proto: 5.239/DNS.GoogleServices][cat: Web/5][1 pkts/82 bytes <-> 1 pkts/98 bytes][Goodput ratio: 48/57][0.04 sec][Host: android.googleapis.com][172.217.22.10][PLAIN TEXT (android)]
39 UDP 192.168.2.16:45863 <-> 216.239.35.8:123 [proto: 9.126/NTP.Google][cat: System/18][1 pkts/90 bytes <-> 1 pkts/90 bytes][Goodput ratio: 53/53][0.04 sec]
40 ICMPV6 [::]:0 -> [ff02::16]:0 [proto: 102/ICMPV6][cat: Network/14][2 pkts/180 bytes -> 0 pkts/0 bytes][Goodput ratio: 31/0][0.22 sec]
41 ICMPV6 [fe80::4e6a:f6ff:fe9f:f627]:0 -> [ff02::16]:0 [proto: 102/ICMPV6][cat: Network/14][2 pkts/180 bytes -> 0 pkts/0 bytes][Goodput ratio: 31/0][0.09 sec]
42 UDP 192.168.2.16:10677 <-> 192.168.2.1:53 [proto: 5.46/DNS.DataSaver][cat: Web/5][1 pkts/79 bytes <-> 1 pkts/95 bytes][Goodput ratio: 46/55][0.00 sec][Host: proxy.googlezip.net][172.217.20.76][PLAIN TEXT (googlezip)]
43 UDP 192.168.2.16:22850 <-> 192.168.2.1:53 [proto: 5.46/DNS.DataSaver][cat: Web/5][1 pkts/79 bytes <-> 1 pkts/95 bytes][Goodput ratio: 46/55][0.04 sec][Host: proxy.googlezip.net][172.217.20.76][PLAIN TEXT (googlezip)]
44 UDP 192.168.2.16:32412 <-> 192.168.2.1:53 [proto: 5.46/DNS.DataSaver][cat: Web/5][1 pkts/79 bytes <-> 1 pkts/95 bytes][Goodput ratio: 46/55][0.04 sec][Host: check.googlezip.net][173.194.79.114][PLAIN TEXT (googlezip)]
45 UDP 192.168.2.16:33240 <-> 192.168.2.1:53 [proto: 5.46/DNS.DataSaver][cat: Web/5][1 pkts/79 bytes <-> 1 pkts/95 bytes][Goodput ratio: 46/55][0.00 sec][Host: check.googlezip.net][173.194.79.114][PLAIN TEXT (googlezip)]
46 UDP 192.168.2.16:34540 <-> 192.168.2.1:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/79 bytes <-> 1 pkts/95 bytes][Goodput ratio: 46/55][0.00 sec][Host: clients1.google.com][216.239.38.120][PLAIN TEXT (clients)]
47 UDP 192.168.2.16:46359 <-> 192.168.2.1:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/79 bytes <-> 1 pkts/95 bytes][Goodput ratio: 46/55][0.00 sec][Host: accounts.google.com][216.239.38.120][PLAIN TEXT (accounts)]
48 UDP 192.168.2.16:51430 <-> 192.168.2.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/79 bytes <-> 1 pkts/95 bytes][Goodput ratio: 46/55][< 1 sec][Host: app-measurement.com][172.217.168.206][PLAIN TEXT (measurement)]
49 UDP 192.168.2.16:54837 <-> 192.168.2.1:53 [proto: 5.239/DNS.GoogleServices][cat: Web/5][1 pkts/79 bytes <-> 1 pkts/95 bytes][Goodput ratio: 46/55][0.04 sec][Host: play.googleapis.com][172.217.20.74][PLAIN TEXT (googleapis)]
50 UDP 192.168.2.16:56312 <-> 192.168.2.1:53 [proto: 5.46/DNS.DataSaver][cat: Web/5][1 pkts/79 bytes <-> 1 pkts/95 bytes][Goodput ratio: 46/55][0.00 sec][Host: proxy.googlezip.net][172.217.20.76][PLAIN TEXT (googlezip)]
51 UDP 192.168.2.16:58892 <-> 192.168.2.1:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/79 bytes <-> 1 pkts/95 bytes][Goodput ratio: 46/55][0.00 sec][Host: accounts.google.com][216.239.38.120][PLAIN TEXT (accounts)]
52 UDP 169.254.225.216:60538 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/168 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][< 1 sec][PLAIN TEXT (SEARCH )]
53 UDP 192.168.2.1:51411 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/168 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][< 1 sec][PLAIN TEXT (SEARCH )]
54 UDP 192.168.2.16:39008 <-> 192.168.2.1:53 [proto: 5.239/DNS.GoogleServices][cat: Web/5][1 pkts/76 bytes <-> 1 pkts/92 bytes][Goodput ratio: 44/54][0.00 sec][Host: mtalk.google.com][216.239.38.120][PLAIN TEXT (google)]
55 UDP 192.168.2.16:32832 <-> 192.168.2.1:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/74 bytes <-> 1 pkts/90 bytes][Goodput ratio: 43/53][< 1 sec][Host: www.google.com][216.239.38.120][PLAIN TEXT (google)]
56 UDP 192.168.2.16:40580 <-> 192.168.2.1:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/74 bytes <-> 1 pkts/90 bytes][Goodput ratio: 43/53][0.00 sec][Host: www.google.com][216.239.38.120][PLAIN TEXT (google)]
57 TCP 192.168.2.16:49510 -> 216.239.38.120:5228 [proto: 126/Google][cat: Web/5][2 pkts/148 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][1.02 sec]
58 ICMPV6 [fe80::4e6a:f6ff:fe9f:f627]:0 -> [ff02::2]:0 [proto: 102/ICMPV6][cat: Network/14][2 pkts/140 bytes -> 0 pkts/0 bytes][Goodput ratio: 11/0][4.26 sec]
59 TCP 95.101.24.53:443 -> 192.168.2.17:50677 [proto: 91/TLS][cat: Web/5][1 pkts/90 bytes -> 0 pkts/0 bytes][Goodput ratio: 26/0][< 1 sec]
60 UDP 169.254.225.216:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][1 pkts/87 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][PLAIN TEXT (spotify)]
61 UDP 192.168.2.1:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][1 pkts/87 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][PLAIN TEXT (spotify)]
62 ICMPV6 [::]:0 -> [ff02::1:ff9f:f627]:0 [proto: 102/ICMPV6][cat: Network/14][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 20/0][< 1 sec]
63 TCP 192.168.2.16:43652 -> 172.217.20.76:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
1 TCP 192.168.2.16:32996 <-> 216.239.38.120:443 [proto: 91.126/TLS.Google][cat: Web/5][17 pkts/1949 bytes <-> 15 pkts/11826 bytes][Goodput ratio: 42/92][0.75 sec][ALPN: http/1.1][bytes ratio: -0.717 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 56/27 386/221 108/60][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 115/788 578/1484 125/627][TLSv1.2][Client: www.google.com][JA3C: 6ec2896feff5746955f700c0023f5804][ServerNames: www.google.com][JA3S: eca9b8f0f3eae50309eaf901cb822d9b][Issuer: C=US, O=Google Trust Services, CN=GTS CA 1O1][Subject: C=US, ST=California, L=Mountain View, O=Google LLC, CN=www.google.com][Certificate SHA-1: 32:07:6C:9F:96:7D:CE:82:15:C6:C5:7B:49:90:53:A1:CF:80:4F:B0][Validity: 2020-02-12 11:47:41 - 2020-05-06 11:47:41][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,13,6,0,0,6,0,0,0,6,6,0,0,0,0,0,6,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,6,0,33,0,0]
2 TCP 192.168.2.16:33002 <-> 216.239.38.120:443 [proto: 91.126/TLS.Google][cat: Web/5][15 pkts/2371 bytes <-> 15 pkts/6005 bytes][Goodput ratio: 58/83][0.35 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLS (2A2A);TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.434 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 24/10 184/48 49/16][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 158/400 670/1484 186/477][TLSv1.3][Client: accounts.google.com][JA3C: 66918128f1b9b03303d77c6f2eefd128][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 11,17,17,0,0,0,11,0,5,0,0,0,0,0,0,0,5,0,11,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0]
3 TCP 192.168.2.16:32990 <-> 216.239.38.120:443 [proto: 91.228/TLS.PlayStore][cat: SoftwareUpdate/19][11 pkts/2272 bytes <-> 10 pkts/5932 bytes][Goodput ratio: 68/89][0.35 sec][bytes ratio: -0.446 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 44/23 128/77 45/30][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 207/593 1023/1484 297/582][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.3][Client: android.clients.google.com][JA3C: 9c815150ea821166faecf80757d8826a][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 11,0,11,0,0,0,0,0,0,0,0,0,0,11,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,22,0,0,11,0,0,0,0,0,0,0,0,0,0,0,22,0,0]
4 TCP 192.168.2.16:32986 <-> 216.239.38.120:443 [proto: 91.228/TLS.PlayStore][cat: SoftwareUpdate/19][11 pkts/2233 bytes <-> 10 pkts/5793 bytes][Goodput ratio: 67/88][0.49 sec][bytes ratio: -0.444 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 60/39 185/181 63/59][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 203/579 984/1484 287/585][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.3][Client: android.clients.google.com][JA3C: 9c815150ea821166faecf80757d8826a][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 11,0,11,0,0,0,0,0,11,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,11,11,0,0,11,0,0,0,0,0,0,0,0,0,0,0,22,0,0]
5 TCP 192.168.2.16:51928 <-> 172.217.21.202:443 [proto: 91.46/TLS.DataSaver][cat: Web/5][14 pkts/2051 bytes <-> 13 pkts/5408 bytes][Goodput ratio: 55/84][0.35 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLS (7A7A);TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.450 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 24/14 132/77 37/24][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 146/416 583/1484 145/494][TLSv1.3][Client: datasaver.googleapis.com][JA3C: 66918128f1b9b03303d77c6f2eefd128][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 13,13,20,0,0,0,0,6,0,6,6,0,0,0,0,6,6,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,13,0,0]
6 TCP 192.168.2.16:32974 <-> 216.239.38.120:443 [proto: 91.126/TLS.Google][cat: Web/5][13 pkts/1439 bytes <-> 10 pkts/5592 bytes][Goodput ratio: 40/88][0.52 sec][bytes ratio: -0.591 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 48/34 202/137 60/48][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 111/559 380/1484 92/576][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: clients1.google.com][JA3C: c60d01d600aacc2c04844595ce224279][ServerNames: *.google.com,*.android.com,*.appengine.google.com,*.cloud.google.com,*.crowdsource.google.com,*.g.co,*.gcp.gvt2.com,*.gcpcdn.gvt1.com,*.ggpht.cn,*.gkecnapps.cn,*.google-analytics.com,*.google.ca,*.google.cl,*.google.co.in,*.google.co.jp,*.google.co.uk,*.google.com.ar,*.google.com.au,*.google.com.br,*.google.com.co,*.google.com.mx,*.google.com.tr,*.google.com.vn,*.google.de,*.google.es,*.google.fr,*.google.hu,*.google.it,*.google.nl,*.google.pl,*.google.pt,*.googleadapis.com,*.googleapis.cn,*.googlecnapps.cn,*.googlecommerce.com,*.googlevideo.com,*.gstatic.cn,*.gstatic.com,*.gstaticcnapps.cn,*.gvt1.com,*.gvt2.com,*.metric.gstatic.com,*.urchin.com,*.url.google.com,*.wear.gkecnapps.cn,*.youtube-nocookie.com,*.youtube.com,*.youtubeeducation.com,*.youtubekids.com,*.yt.be,*.ytimg.com,android.clients.google.com,android.com,developer.android.google.cn,developers.android.google.cn,g.co,ggpht.cn,gkecnapps.cn,goo.gl,google-analytics.com,google.com,googlecnapps.cn,googlecommerce.com,source.android.google.cn,urchin.com,www.goo.gl,youtu.be,youtube.com,youtubeeducation.com,youtubekids.com,yt.be][JA3S: b31c0b82752ea0e2c48b8ce46e9263e5][Issuer: C=US, O=Google Trust Services, CN=GTS CA 1O1][Subject: C=US, ST=California, L=Mountain View, O=Google LLC, CN=*.google.com][Certificate SHA-1: 80:50:28:F4:84:F5:C4:C6:41:DE:75:67:38:C4:A6:E2:59:FF:75:42][Validity: 2020-02-12 11:47:11 - 2020-05-06 11:47:11][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,11,11,0,0,11,11,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,22,0,0]
7 TCP 192.168.2.16:50384 <-> 172.217.168.206:443 [proto: 91.126/TLS.Google][cat: Web/5][11 pkts/1365 bytes <-> 9 pkts/5365 bytes][Goodput ratio: 45/89][2.49 sec][ALPN: http/1.1][bytes ratio: -0.594 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 277/69 1716/301 516/102][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 124/596 407/1484 105/544][TLSv1.2][Client: app-measurement.com][JA3C: 6ec2896feff5746955f700c0023f5804][ServerNames: *.google-analytics.com,*.fps.goog,app-measurement.com,fps.goog,google-analytics.com,googleoptimize.com,googletagmanager.com,service.urchin.com,ssl.google-analytics.com,urchin.com,www.google-analytics.com,www.googleoptimize.com,www.googletagmanager.com][JA3S: 9d9ce860f1b1cbef07b019450cb368d8][Issuer: C=US, O=Google Trust Services, CN=GTS CA 1O1][Subject: C=US, ST=California, L=Mountain View, O=Google LLC, CN=*.google-analytics.com][Certificate SHA-1: B0:D9:D3:57:C2:34:87:2C:FB:F5:E6:BD:7F:9F:54:65:08:61:AF:01][Validity: 2020-02-12 11:37:03 - 2020-05-06 11:37:03][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,11,0,0,11,0,0,0,11,11,22,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,22,0,0]
8 TCP 192.168.2.16:52486 <-> 172.217.20.74:443 [proto: 91.239/TLS.GoogleServices][cat: Web/5][12 pkts/1298 bytes <-> 10 pkts/5186 bytes][Goodput ratio: 38/87][1.75 sec][ALPN: http/1.1][bytes ratio: -0.600 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 194/37 1374/212 422/70][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 108/519 286/1484 76/570][TLSv1.2][Client: play.googleapis.com][JA3C: d8c87b9bfde38897979e41242626c2f3][ServerNames: *.storage.googleapis.com,*.appspot.com.storage.googleapis.com,*.commondatastorage.googleapis.com,*.content-storage-download.googleapis.com,*.content-storage-upload.googleapis.com,*.content-storage.googleapis.com,*.googleapis.com,*.storage-download.googleapis.com,*.storage-upload.googleapis.com,*.storage.select.googleapis.com,commondatastorage.googleapis.com,storage.googleapis.com,storage.select.googleapis.com,unfiltered.news][JA3S: eca9b8f0f3eae50309eaf901cb822d9b][Issuer: C=US, O=Google Trust Services, CN=GTS CA 1O1][Subject: C=US, ST=California, L=Mountain View, O=Google LLC, CN=*.storage.googleapis.com][Certificate SHA-1: BA:BA:BA:55:69:9F:E0:BD:48:80:23:A4:B3:AD:C1:FF:EA:4E:17:C9][Validity: 2020-02-12 11:45:22 - 2020-05-06 11:45:22][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,10,10,0,20,10,10,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,20,0,0]
9 TCP 192.168.2.16:32988 <-> 216.239.38.120:443 [proto: 91.228/TLS.PlayStore][cat: SoftwareUpdate/19][8 pkts/2089 bytes <-> 7 pkts/4242 bytes][Goodput ratio: 74/89][0.97 sec][bytes ratio: -0.340 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 158/80 530/246 186/98][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 261/606 1038/1484 338/639][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.3][Client: android.clients.google.com][JA3C: 9c815150ea821166faecf80757d8826a][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,16,16,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0]
10 TCP 192.168.2.16:36888 <-> 172.217.18.3:443 [proto: 91.126/TLS.Google][cat: Web/5][9 pkts/1175 bytes <-> 7 pkts/4762 bytes][Goodput ratio: 47/90][1.62 sec][ALPN: http/1.1][bytes ratio: -0.604 (Download)][IAT c2s/s2c min/avg/max/stddev: 27/28 203/104 522/277 176/93][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 131/680 327/1484 93/575][TLSv1.2][Client: connectivitycheck.gstatic.com][JA3C: d8c87b9bfde38897979e41242626c2f3][Plen Bins: 0,0,12,0,0,0,12,0,12,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0]
11 TCP 192.168.2.16:36890 <-> 172.217.18.3:443 [proto: 91.126/TLS.Google][cat: Web/5][9 pkts/1151 bytes <-> 7 pkts/4762 bytes][Goodput ratio: 48/90][0.84 sec][ALPN: http/1.1][bytes ratio: -0.611 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 120/15 647/36 217/16][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 128/680 327/1484 95/575][TLSv1.2][Client: connectivitycheck.gstatic.com][JA3C: d8c87b9bfde38897979e41242626c2f3][ServerNames: *.google.com,*.android.com,*.appengine.google.com,*.cloud.google.com,*.crowdsource.google.com,*.g.co,*.gcp.gvt2.com,*.gcpcdn.gvt1.com,*.ggpht.cn,*.gkecnapps.cn,*.google-analytics.com,*.google.ca,*.google.cl,*.google.co.in,*.google.co.jp,*.google.co.uk,*.google.com.ar,*.google.com.au,*.google.com.br,*.google.com.co,*.google.com.mx,*.google.com.tr,*.google.com.vn,*.google.de,*.google.es,*.google.fr,*.google.hu,*.google.it,*.google.nl,*.google.pl,*.google.pt,*.googleadapis.com,*.googleapis.cn,*.googlecnapps.cn,*.googlecommerce.com,*.googlevideo.com,*.gstatic.cn,*.gstatic.com,*.gstaticcnapps.cn,*.gvt1.com,*.gvt2.com,*.metric.gstatic.com,*.urchin.com,*.url.google.com,*.wear.gkecnapps.cn,*.youtube-nocookie.com,*.youtube.com,*.youtubeeducation.com,*.youtubekids.com,*.yt.be,*.ytimg.com,android.clients.google.com,android.com,developer.android.google.cn,developers.android.google.cn,g.co,ggpht.cn,gkecnapps.cn,goo.gl,google-analytics.com,google.com,googlecnapps.cn,googlecommerce.com,source.android.google.cn,urchin.com,www.goo.gl,youtu.be,youtube.com,youtubeeducation.com,youtubekids.com,yt.be][JA3S: eca9b8f0f3eae50309eaf901cb822d9b][Issuer: C=US, O=Google Trust Services, CN=GTS CA 1O1][Subject: C=US, ST=California, L=Mountain View, O=Google LLC, CN=*.google.com][Certificate SHA-1: 80:50:28:F4:84:F5:C4:C6:41:DE:75:67:38:C4:A6:E2:59:FF:75:42][Validity: 2020-02-12 11:47:11 - 2020-05-06 11:47:11][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,12,0,0,0,12,0,12,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0]
12 TCP 192.168.2.16:33014 <-> 216.239.38.120:443 [proto: 91.126/TLS.Google][cat: Web/5][11 pkts/1877 bytes <-> 7 pkts/3708 bytes][Goodput ratio: 61/87][0.20 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLS (9A9A);TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.328 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 21/11 96/40 29/16][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 171/530 583/1484 180/574][TLSv1.3][Client: www.google.com][JA3C: 66918128f1b9b03303d77c6f2eefd128][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 22,0,22,0,0,0,0,0,0,0,0,0,0,11,0,0,11,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,11,0,0]
13 TCP 192.168.2.16:51944 <-> 172.217.21.202:443 [proto: 91.46/TLS.DataSaver][cat: Web/5][12 pkts/2171 bytes <-> 12 pkts/2705 bytes][Goodput ratio: 63/70][0.20 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLS (4A4A);TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.110 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 14/11 39/64 15/19][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 181/225 660/646 208/202][TLSv1.3][Client: datasaver.googleapis.com][JA3C: 554719594ba90b02ae410c297c6e50ad][JA3S: 2b0648ab686ee45e0e7c35fcfb0eea7e][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 15,15,15,0,0,0,15,0,0,0,7,0,0,0,0,7,0,7,15,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
14 TCP 192.168.2.16:43646 <-> 172.217.20.76:443 [proto: 91.46/TLS.DataSaver][cat: Web/5][8 pkts/1053 bytes <-> 6 pkts/3460 bytes][Goodput ratio: 49/88][0.20 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLS (AAAA);TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.533 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 32/16 51/61 18/26][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 132/577 583/1484 171/646][TLSv1.3][Client: proxy.googlezip.net][JA3C: 66918128f1b9b03303d77c6f2eefd128][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0]
15 TCP 192.168.2.16:43634 <-> 172.217.20.76:443 [proto: 91.46/TLS.DataSaver][cat: Web/5][8 pkts/1005 bytes <-> 6 pkts/3460 bytes][Goodput ratio: 51/88][0.11 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLS (2A2A);TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.550 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 18/16 39/61 13/26][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 126/577 583/1484 173/646][TLSv1.3][Client: proxy.googlezip.net][JA3C: 66918128f1b9b03303d77c6f2eefd128][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0]
16 TCP 192.168.2.16:32998 <-> 216.239.38.120:443 [proto: 91.126/TLS.Google][cat: Web/5][8 pkts/1005 bytes <-> 6 pkts/3449 bytes][Goodput ratio: 51/88][0.05 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLS (8A8A);TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.549 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 8/9 20/17 8/8][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 126/575 583/1484 173/647][TLSv1.3][Client: accounts.google.com][JA3C: 66918128f1b9b03303d77c6f2eefd128][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0]
17 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][12 pkts/4088 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][82.22 sec][Host: lucas-imac][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 130/0 6001/0 8764/0 3124/0][Pkt Len c2s/s2c min/avg/max/stddev: 328/0 341/0 342/0 4/0][DHCP Fingerprint: 1,121,3,6,15,119,252,95,44,46][PLAIN TEXT (android)][Plen Bins: 0,0,0,0,0,0,0,0,8,91,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
18 TCP 192.168.2.16:36834 <-> 173.194.79.114:80 [proto: 7.46/HTTP.DataSaver][cat: Web/5][8 pkts/1130 bytes <-> 5 pkts/1254 bytes][Goodput ratio: 53/73][0.30 sec][Host: check.googlezip.net][bytes ratio: -0.052 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/1 41/59 105/141 31/59][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 141/251 363/524 128/223][URL: check.googlezip.net/connect][StatusCode: 200][Content-Type: text/html][User-Agent: Mozilla/5.0 (Linux; Android 9; Nokia 2.2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.93 Mobile Safari/537.36][PLAIN TEXT (GET /connect HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
19 TCP 192.168.2.16:44374 <-> 172.217.22.10:443 [proto: 91.239/TLS.GoogleServices][cat: Web/5][3 pkts/723 bytes <-> 3 pkts/1624 bytes][Goodput ratio: 71/87][0.10 sec][bytes ratio: -0.384 (Download)][IAT c2s/s2c min/avg/max/stddev: 26/9 33/38 40/66 7/28][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 241/541 583/1484 242/667][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.3][Client: android.googleapis.com][JA3C: 629b587f706aee60430ec3879c6edb66][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0]
20 TCP 192.168.2.16:58338 <-> 17.253.53.201:80 [proto: 7.140/HTTP.Apple][cat: Web/5][6 pkts/607 bytes <-> 5 pkts/1053 bytes][Goodput ratio: 33/68][0.16 sec][Host: captive.apple.com][bytes ratio: -0.269 (Download)][IAT c2s/s2c min/avg/max/stddev: 3/0 25/23 42/46 15/23][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 101/211 269/781 75/285][URL: captive.apple.com/][StatusCode: 200][Content-Type: text/html][User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.32 Safari/537.36][PLAIN TEXT (GET / HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
21 UDP 192.168.2.1:17500 -> 192.168.2.255:17500 [proto: 121/Dropbox][cat: Cloud/13][3 pkts/1656 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][60.10 sec][PLAIN TEXT (version)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
22 TCP 192.168.2.16:36848 <-> 173.194.79.114:80 [proto: 7.46/HTTP.DataSaver][cat: Web/5][4 pkts/569 bytes <-> 3 pkts/664 bytes][Goodput ratio: 52/69][0.11 sec][Host: check.googlezip.net][bytes ratio: -0.077 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 31/1 37/36 41/72 4/36][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 142/221 363/524 127/214][URL: check.googlezip.net/connect][StatusCode: 200][Content-Type: text/html][User-Agent: Mozilla/5.0 (Linux; Android 9; Nokia 2.2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.93 Mobile Safari/537.36][PLAIN TEXT (GET /connect HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
23 TCP 17.248.176.75:443 -> 192.168.2.17:50580 [proto: 91.140/TLS.Apple][cat: Web/5][8 pkts/1067 bytes -> 0 pkts/0 bytes][Goodput ratio: 50/0][18.90 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 294/0 2700/0 9727/0 3229/0][Pkt Len c2s/s2c min/avg/max/stddev: 97/0 133/0 143/0 17/0][Plen Bins: 12,12,75,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
24 TCP 17.248.176.75:443 -> 192.168.2.17:50584 [proto: 91.140/TLS.Apple][cat: Web/5][8 pkts/1067 bytes -> 0 pkts/0 bytes][Goodput ratio: 50/0][19.37 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 300/0 2767/0 9727/0 3262/0][Pkt Len c2s/s2c min/avg/max/stddev: 97/0 133/0 143/0 17/0][Plen Bins: 12,12,75,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
25 TCP 192.168.2.16:52514 <-> 172.217.20.74:443 [proto: 91.239/TLS.GoogleServices][cat: Web/5][3 pkts/723 bytes <-> 1 pkts/74 bytes][Goodput ratio: 71/0][0.27 sec][ALPN: h2][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][TLSv1.2][Client: semanticlocation-pa.googleapis.com][JA3C: 33490b1d5377580b19f7f9b5849d7991][PLAIN TEXT (semanticlocation)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
26 UDP 192.168.2.1:67 -> 192.168.2.16:68 [proto: 18/DHCP][cat: Network/14][2 pkts/684 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][0.13 sec][PLAIN TEXT (iMac.local)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
27 TCP 17.248.185.10:443 -> 192.168.2.17:50702 [proto: 91.140/TLS.Apple][cat: Web/5][7 pkts/648 bytes -> 0 pkts/0 bytes][Goodput ratio: 29/0][13.42 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 427/0 2236/0 6975/0 2385/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/0 93/0 97/0 11/0][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
28 UDP 192.168.2.16:52953 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][cat: Web/5][1 pkts/77 bytes <-> 1 pkts/221 bytes][Goodput ratio: 45/81][0.04 sec][Host: captive.apple.com][17.253.53.201][PLAIN TEXT (captive)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
29 UDP 192.168.2.1:57621 -> 192.168.2.255:57621 [proto: 156/Spotify][cat: Music/25][3 pkts/258 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][60.02 sec][PLAIN TEXT (SpotUdp)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
30 UDP [fe80::4e6a:f6ff:fe9f:f627]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network/14][2 pkts/228 bytes -> 0 pkts/0 bytes][Goodput ratio: 45/0][2.16 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
31 UDP 192.168.2.16:35825 <-> 192.168.2.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/76 bytes <-> 1 pkts/140 bytes][Goodput ratio: 44/70][0.04 sec][Host: time.android.com][216.239.35.8][PLAIN TEXT (android)][Plen Bins: 0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
32 TCP 192.168.2.16:36850 <-> 173.194.79.114:80 [proto: 7.126/HTTP.Google][cat: Web/5][2 pkts/140 bytes <-> 1 pkts/74 bytes][Goodput ratio: 0/0][0.04 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
33 UDP 192.168.2.16:35689 <-> 192.168.2.1:53 [proto: 5.239/DNS.GoogleServices][cat: Web/5][1 pkts/94 bytes <-> 1 pkts/110 bytes][Goodput ratio: 55/61][0.04 sec][Host: semanticlocation-pa.googleapis.com][172.217.20.74][PLAIN TEXT (semanticlocation)][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
34 UDP 192.168.2.16:47081 <-> 192.168.2.1:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/89 bytes <-> 1 pkts/105 bytes][Goodput ratio: 52/59][0.04 sec][Host: connectivitycheck.gstatic.com][172.217.18.3][PLAIN TEXT (connectivitycheck)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
35 UDP 192.168.2.16:36613 <-> 192.168.2.1:53 [proto: 5.228/DNS.PlayStore][cat: SoftwareUpdate/19][1 pkts/86 bytes <-> 1 pkts/102 bytes][Goodput ratio: 51/58][0.00 sec][Host: android.clients.google.com][216.239.38.120][PLAIN TEXT (android)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
36 UDP 192.168.2.16:7660 <-> 192.168.2.1:53 [proto: 5.46/DNS.DataSaver][cat: Web/5][1 pkts/84 bytes <-> 1 pkts/100 bytes][Goodput ratio: 49/57][0.04 sec][Host: datasaver.googleapis.com][172.217.21.202][PLAIN TEXT (datasaver)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
37 UDP 192.168.2.16:18379 <-> 192.168.2.1:53 [proto: 5.46/DNS.DataSaver][cat: Web/5][1 pkts/84 bytes <-> 1 pkts/100 bytes][Goodput ratio: 49/57][0.00 sec][Host: datasaver.googleapis.com][172.217.21.202][PLAIN TEXT (datasaver)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
38 UDP 192.168.2.16:39760 <-> 192.168.2.1:53 [proto: 5.239/DNS.GoogleServices][cat: Web/5][1 pkts/82 bytes <-> 1 pkts/98 bytes][Goodput ratio: 48/57][0.04 sec][Host: android.googleapis.com][172.217.22.10][PLAIN TEXT (android)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
39 UDP 192.168.2.16:45863 <-> 216.239.35.8:123 [proto: 9.126/NTP.Google][cat: System/18][1 pkts/90 bytes <-> 1 pkts/90 bytes][Goodput ratio: 53/53][0.04 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
40 ICMPV6 [::]:0 -> [ff02::16]:0 [proto: 102/ICMPV6][cat: Network/14][2 pkts/180 bytes -> 0 pkts/0 bytes][Goodput ratio: 31/0][0.22 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
41 ICMPV6 [fe80::4e6a:f6ff:fe9f:f627]:0 -> [ff02::16]:0 [proto: 102/ICMPV6][cat: Network/14][2 pkts/180 bytes -> 0 pkts/0 bytes][Goodput ratio: 31/0][0.09 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
42 UDP 192.168.2.16:10677 <-> 192.168.2.1:53 [proto: 5.46/DNS.DataSaver][cat: Web/5][1 pkts/79 bytes <-> 1 pkts/95 bytes][Goodput ratio: 46/55][0.00 sec][Host: proxy.googlezip.net][172.217.20.76][PLAIN TEXT (googlezip)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
43 UDP 192.168.2.16:22850 <-> 192.168.2.1:53 [proto: 5.46/DNS.DataSaver][cat: Web/5][1 pkts/79 bytes <-> 1 pkts/95 bytes][Goodput ratio: 46/55][0.04 sec][Host: proxy.googlezip.net][172.217.20.76][PLAIN TEXT (googlezip)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
44 UDP 192.168.2.16:32412 <-> 192.168.2.1:53 [proto: 5.46/DNS.DataSaver][cat: Web/5][1 pkts/79 bytes <-> 1 pkts/95 bytes][Goodput ratio: 46/55][0.04 sec][Host: check.googlezip.net][173.194.79.114][PLAIN TEXT (googlezip)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
45 UDP 192.168.2.16:33240 <-> 192.168.2.1:53 [proto: 5.46/DNS.DataSaver][cat: Web/5][1 pkts/79 bytes <-> 1 pkts/95 bytes][Goodput ratio: 46/55][0.00 sec][Host: check.googlezip.net][173.194.79.114][PLAIN TEXT (googlezip)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
46 UDP 192.168.2.16:34540 <-> 192.168.2.1:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/79 bytes <-> 1 pkts/95 bytes][Goodput ratio: 46/55][0.00 sec][Host: clients1.google.com][216.239.38.120][PLAIN TEXT (clients)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
47 UDP 192.168.2.16:46359 <-> 192.168.2.1:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/79 bytes <-> 1 pkts/95 bytes][Goodput ratio: 46/55][0.00 sec][Host: accounts.google.com][216.239.38.120][PLAIN TEXT (accounts)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
48 UDP 192.168.2.16:51430 <-> 192.168.2.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/79 bytes <-> 1 pkts/95 bytes][Goodput ratio: 46/55][< 1 sec][Host: app-measurement.com][172.217.168.206][PLAIN TEXT (measurement)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
49 UDP 192.168.2.16:54837 <-> 192.168.2.1:53 [proto: 5.239/DNS.GoogleServices][cat: Web/5][1 pkts/79 bytes <-> 1 pkts/95 bytes][Goodput ratio: 46/55][0.04 sec][Host: play.googleapis.com][172.217.20.74][PLAIN TEXT (googleapis)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
50 UDP 192.168.2.16:56312 <-> 192.168.2.1:53 [proto: 5.46/DNS.DataSaver][cat: Web/5][1 pkts/79 bytes <-> 1 pkts/95 bytes][Goodput ratio: 46/55][0.00 sec][Host: proxy.googlezip.net][172.217.20.76][PLAIN TEXT (googlezip)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
51 UDP 192.168.2.16:58892 <-> 192.168.2.1:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/79 bytes <-> 1 pkts/95 bytes][Goodput ratio: 46/55][0.00 sec][Host: accounts.google.com][216.239.38.120][PLAIN TEXT (accounts)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
52 UDP 169.254.225.216:60538 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/168 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][< 1 sec][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
53 UDP 192.168.2.1:51411 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/168 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][< 1 sec][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
54 UDP 192.168.2.16:39008 <-> 192.168.2.1:53 [proto: 5.239/DNS.GoogleServices][cat: Web/5][1 pkts/76 bytes <-> 1 pkts/92 bytes][Goodput ratio: 44/54][0.00 sec][Host: mtalk.google.com][216.239.38.120][PLAIN TEXT (google)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
55 UDP 192.168.2.16:32832 <-> 192.168.2.1:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/74 bytes <-> 1 pkts/90 bytes][Goodput ratio: 43/53][< 1 sec][Host: www.google.com][216.239.38.120][PLAIN TEXT (google)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
56 UDP 192.168.2.16:40580 <-> 192.168.2.1:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/74 bytes <-> 1 pkts/90 bytes][Goodput ratio: 43/53][0.00 sec][Host: www.google.com][216.239.38.120][PLAIN TEXT (google)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
57 TCP 192.168.2.16:49510 -> 216.239.38.120:5228 [proto: 126/Google][cat: Web/5][2 pkts/148 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][1.02 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
58 ICMPV6 [fe80::4e6a:f6ff:fe9f:f627]:0 -> [ff02::2]:0 [proto: 102/ICMPV6][cat: Network/14][2 pkts/140 bytes -> 0 pkts/0 bytes][Goodput ratio: 11/0][4.26 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
59 TCP 95.101.24.53:443 -> 192.168.2.17:50677 [proto: 91/TLS][cat: Web/5][1 pkts/90 bytes -> 0 pkts/0 bytes][Goodput ratio: 26/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
60 UDP 169.254.225.216:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][1 pkts/87 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][PLAIN TEXT (spotify)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
61 UDP 192.168.2.1:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][1 pkts/87 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][PLAIN TEXT (spotify)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
62 ICMPV6 [::]:0 -> [ff02::1:ff9f:f627]:0 [proto: 102/ICMPV6][cat: Network/14][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 20/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
63 TCP 192.168.2.16:43652 -> 172.217.20.76:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

138
tests/result/anyconnect-vpn.pcap.out
View file

@ -21,75 +21,75 @@ JA3 Host Stats:
1 10.0.0.227 4
1 UDP 10.0.0.227:54107 <-> 8.37.102.91:443 [proto: 161/CiscoVPN][cat: VPN/2][1413 pkts/395331 bytes <-> 1028 pkts/497166 bytes][Goodput ratio: 85/91][20.52 sec][bytes ratio: -0.114 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 11/13 669/953 35/48][Pkt Len c2s/s2c min/avg/max/stddev: 135/90 280/484 1511/1511 283/514][PLAIN TEXT (m@GOC.)]
2 TCP 10.0.0.227:56929 <-> 8.37.102.91:443 [proto: 91/TLS][cat: Web/5][48 pkts/9073 bytes <-> 44 pkts/18703 bytes][Goodput ratio: 65/84][21.89 sec][bytes ratio: -0.347 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 11/11 97/138 21/26][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 189/425 1514/1514 246/579][Risk: ** Weak TLS cipher **** TLS Certificate Mismatch **** TLS (probably) not carrying HTTPS **][TLSv1.2][JA3C: c9f0b47c9805f516e6d3900cb51f7841][ServerNames: *.pandion.viasat.com,pandion.viasat.com][JA3S: 82f0d8a75fa483d1cfe4b7085b784d7e (WEAK)][Issuer: C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2012 Entrust, Inc. - for authorized use only, CN=Entrust Certification Authority - L1K][Subject: C=US, ST=California, L=Carlsbad, O=Viasat Inc., CN=*.pandion.viasat.com][Certificate SHA-1: 92:70:CF:E3:69:4B:1D:F4:E2:DE:63:54:EC:DF:40:DB:F3:AC:D1:CA][Validity: 2019-02-05 21:43:58 - 2021-02-05 22:13:57][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
3 TCP 10.0.0.227:56919 <-> 8.37.102.91:443 [proto: 91/TLS][cat: Web/5][28 pkts/9088 bytes <-> 26 pkts/16944 bytes][Goodput ratio: 80/90][23.14 sec][ALPN: http/1.1][bytes ratio: -0.302 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1048/487 11570/9008 2987/2009][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 325/652 1514/1514 494/646][Risk: ** Weak TLS cipher **** TLS Certificate Mismatch **][TLSv1.2][JA3C: 9f1a41f932f274fe47a992310a26a23a][ServerNames: *.pandion.viasat.com,pandion.viasat.com][JA3S: 82f0d8a75fa483d1cfe4b7085b784d7e (WEAK)][Issuer: C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2012 Entrust, Inc. - for authorized use only, CN=Entrust Certification Authority - L1K][Subject: C=US, ST=California, L=Carlsbad, O=Viasat Inc., CN=*.pandion.viasat.com][Certificate SHA-1: 92:70:CF:E3:69:4B:1D:F4:E2:DE:63:54:EC:DF:40:DB:F3:AC:D1:CA][Validity: 2019-02-05 21:43:58 - 2021-02-05 22:13:57][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
4 TCP 10.0.0.227:56921 <-> 8.37.96.194:4287 [proto: 91/TLS][cat: Web/5][29 pkts/5373 bytes <-> 28 pkts/7580 bytes][Goodput ratio: 64/75][2.30 sec][bytes ratio: -0.170 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 91/63 593/619 145/135][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 185/271 1261/1434 259/387][Risk: ** Self-signed Certificate **** TLS (probably) not carrying HTTPS **][TLSv1.2][JA3C: e3adec914f3893f18136762f1c0d7d81][JA3S: e54965894d6b45ecb4323c7ea3d6c115][Issuer: CN=813845657003339838, O=Code42, OU=TEST, ST=MN, C=US][Subject: CN=813845657003339838, O=Code42, OU=TEST, ST=MN, C=US][Certificate SHA-1: 86:2A:47:EF:00:68:79:60:7F:94:E2:91:6F:E0:38:82:37:8A:8E:2E][Validity: 2019-08-29 00:12:40 - 2019-10-08 00:12:40][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384]
5 TCP 10.0.0.227:56918 <-> 8.37.102.91:443 [proto: 91/TLS][cat: Web/5][16 pkts/2739 bytes <-> 14 pkts/7315 bytes][Goodput ratio: 61/87][0.35 sec][ALPN: http/1.1][bytes ratio: -0.455 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 23/26 48/88 21/29][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 171/522 1175/1514 274/624][Risk: ** Weak TLS cipher **** TLS Certificate Mismatch **][TLSv1.2][JA3C: 9f1a41f932f274fe47a992310a26a23a][ServerNames: *.pandion.viasat.com,pandion.viasat.com][JA3S: 82f0d8a75fa483d1cfe4b7085b784d7e (WEAK)][Issuer: C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2012 Entrust, Inc. - for authorized use only, CN=Entrust Certification Authority - L1K][Subject: C=US, ST=California, L=Carlsbad, O=Viasat Inc., CN=*.pandion.viasat.com][Certificate SHA-1: 92:70:CF:E3:69:4B:1D:F4:E2:DE:63:54:EC:DF:40:DB:F3:AC:D1:CA][Validity: 2019-02-05 21:43:58 - 2021-02-05 22:13:57][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
6 TCP 10.0.0.227:56920 <-> 99.86.34.156:443 [proto: 91.118/TLS.Slack][cat: Collaborative/15][16 pkts/2949 bytes <-> 11 pkts/1876 bytes][Goodput ratio: 64/61][11.47 sec][ALPN: h2;http/1.1][bytes ratio: 0.222 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 866/28 11074/80 2947/34][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 184/171 853/487 228/155][TLSv1.2][Client: slack.com][JA3C: d8dc5f8940df366b3a58b935569143e8][JA3S: 7bee5c1d424b7e5f943b06983bb11422][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
7 TCP 10.0.0.227:56884 <-> 184.25.56.77:80 [proto: 7/HTTP][cat: Web/5][12 pkts/2303 bytes <-> 7 pkts/2382 bytes][Goodput ratio: 67/81][18.51 sec][Host: detectportal.firefox.com][bytes ratio: -0.017 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 7/31 1824/3642 10081/10083 3593/4385][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 192/340 373/450 153/173][URL: detectportal.firefox.com/success.txt?ipv4][StatusCode: 200][User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:69.0) Gecko/20100101 Firefox/69.0][PLAIN TEXT (GET /success.txt)]
8 TCP 10.0.0.227:56320 <-> 10.0.0.149:8009 [proto: 161/CiscoVPN][cat: VPN/2][20 pkts/2420 bytes <-> 10 pkts/1760 bytes][Goodput ratio: 45/62][45.04 sec][bytes ratio: 0.158 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 2/5003 2648/5004 5001/5006 2495/1][Pkt Len c2s/s2c min/avg/max/stddev: 66/176 121/176 176/176 55/0]
9 ICMPV6 [fe80::2e7e:81ff:feb0:4aa1]:0 -> [ff02::1]:0 [proto: 102/ICMPV6][cat: Network/14][16 pkts/2784 bytes -> 0 pkts/0 bytes][Goodput ratio: 64/0][45.47 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2867/0 3028/0 3072/0 84/0][Pkt Len c2s/s2c min/avg/max/stddev: 174/0 174/0 174/0 0/0]
10 TCP 10.0.0.227:56955 <-> 10.0.0.151:8060 [proto: 7/HTTP][cat: Web/5][6 pkts/650 bytes <-> 5 pkts/1668 bytes][Goodput ratio: 37/80][4.02 sec][Host: 10.0.0.151][bytes ratio: -0.439 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/2 4/4 9/6 3/2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 108/334 308/1206 89/442][URL: 10.0.0.151:8060/dial/dd.xml][StatusCode: 200][Content-Type: text/xml][User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36][Risk: ** Known protocol on non standard port **][PLAIN TEXT (GET /dial/dd.xml HTTP/1.1)]
11 TCP 10.0.0.227:56917 <-> 184.25.56.77:80 [proto: 7/HTTP][cat: Web/5][6 pkts/976 bytes <-> 4 pkts/1032 bytes][Goodput ratio: 62/74][18.47 sec][Host: detectportal.firefox.com][bytes ratio: -0.028 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 28/573 3694/6151 10081/10078 4344/4052][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 163/258 368/450 145/192][URL: detectportal.firefox.com/success.txt][StatusCode: 200][User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:69.0) Gecko/20100101 Firefox/69.0][PLAIN TEXT (GET /success.txt HTTP/1.1)]
12 TCP 10.0.0.227:56954 <-> 10.0.0.149:8008 [proto: 7/HTTP][cat: Web/5][4 pkts/527 bytes <-> 3 pkts/1401 bytes][Goodput ratio: 48/85][0.01 sec][Host: 10.0.0.149][bytes ratio: -0.453 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/3 2/3 6/3 3/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 132/467 317/1261 107/561][URL: 10.0.0.149:8008/ssdp/device-desc.xml][StatusCode: 200][Content-Type: application/xml][User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36][Risk: ** Known protocol on non standard port **][PLAIN TEXT (HGET /ssdp/device)]
13 UDP [fe80::408:3e45:3abc:1552]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][9 pkts/1628 bytes -> 0 pkts/0 bytes][Goodput ratio: 66/0][25.40 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 819/0 3174/0 11263/0 3646/0][Pkt Len c2s/s2c min/avg/max/stddev: 152/0 181/0 206/0 24/0][PLAIN TEXT (companion)]
14 UDP 10.0.0.227:137 -> 10.0.0.255:137 [proto: 10/NetBIOS][cat: System/18][15 pkts/1542 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][6.05 sec][Host: lp-rkerur-osx][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 465/0 1499/0 677/0][Pkt Len c2s/s2c min/avg/max/stddev: 92/0 103/0 110/0 9/0][PLAIN TEXT ( EMFACNFCELEFFC)]
15 TCP 10.0.0.227:56914 <-> 52.37.243.173:443 [proto: 161.178/CiscoVPN.Amazon][cat: VPN/2][8 pkts/847 bytes <-> 7 pkts/651 bytes][Goodput ratio: 38/29][21.75 sec][bytes ratio: 0.131 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 35/1 3340/2605 9634/9670 4130/3611][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 106/93 131/129 31/31][Risk: ** Known protocol on non standard port **]
16 TCP 10.0.0.227:56915 <-> 52.37.243.173:443 [proto: 161.178/CiscoVPN.Amazon][cat: VPN/2][8 pkts/847 bytes <-> 7 pkts/651 bytes][Goodput ratio: 38/29][22.76 sec][bytes ratio: 0.131 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 35/0 3340/3011 10636/10673 4210/3967][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 106/93 131/129 31/31][Risk: ** Known protocol on non standard port **]
17 UDP 10.0.0.213:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][9 pkts/1448 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][25.40 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 819/0 3174/0 11263/0 3646/0][Pkt Len c2s/s2c min/avg/max/stddev: 132/0 161/0 186/0 24/0][PLAIN TEXT (companion)]
18 UDP 10.0.0.151:1900 -> 10.0.0.227:57547 [proto: 12/SSDP][cat: System/18][4 pkts/1412 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][2.86 sec][PLAIN TEXT (HTTP/1.1 200 OK)]
19 TCP 10.0.0.227:56881 <-> 162.222.43.153:443 [proto: 91/TLS][cat: Web/5][6 pkts/762 bytes <-> 6 pkts/396 bytes][Goodput ratio: 48/0][0.05 sec][bytes ratio: 0.316 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 0/1 0/2 0/1][Pkt Len c2s/s2c min/avg/max/stddev: 82/66 127/66 292/66 75/0]
20 UDP 10.0.0.227:57547 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][4 pkts/864 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][3.00 sec][PLAIN TEXT (SEARCH )]
21 UDP 10.0.0.149:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][4 pkts/655 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][0.00 sec][PLAIN TEXT (googlezone)]
22 UDP 10.0.0.149:38616 -> 10.0.0.227:61328 [proto: 12/SSDP][cat: System/18][1 pkts/556 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][< 1 sec][PLAIN TEXT (HTTP/1.1 200 OK)]
23 UDP 10.0.0.149:48166 -> 10.0.0.227:57547 [proto: 12/SSDP][cat: System/18][1 pkts/556 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][< 1 sec][PLAIN TEXT (HTTP/1.1 200 OK)]
24 UDP 10.0.0.149:49816 -> 10.0.0.227:57547 [proto: 12/SSDP][cat: System/18][1 pkts/556 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][< 1 sec][PLAIN TEXT (HTTP/1.1 200 OK)]
25 UDP 10.0.0.149:50081 -> 10.0.0.227:57547 [proto: 12/SSDP][cat: System/18][1 pkts/556 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][< 1 sec][PLAIN TEXT (HTTP/1.1 200 OK)]
26 UDP 10.0.0.149:51382 -> 10.0.0.227:57547 [proto: 12/SSDP][cat: System/18][1 pkts/556 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][< 1 sec][PLAIN TEXT (HTTP/1.1 200 OK)]
27 UDP 10.0.0.227:5353 -> 10.0.0.213:5353 [proto: 8/MDNS][cat: Network/14][2 pkts/548 bytes -> 0 pkts/0 bytes][Goodput ratio: 85/0][12.10 sec][_companion-link._tcp.local][PLAIN TEXT (companion)]
28 TCP 10.0.0.227:56879 <-> 52.10.115.210:443 [proto: 91.178/TLS.Amazon][cat: Web/5][4 pkts/342 bytes <-> 2 pkts/202 bytes][Goodput ratio: 23/34][0.61 sec][bytes ratio: 0.257 (Upload)][IAT c2s/s2c min/avg/max/stddev: 33/574 203/574 541/574 239/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/101 86/101 105/101 20/0]
29 UDP 10.0.0.227:59582 <-> 75.75.75.75:53 [proto: 5.238/DNS.ApplePush][cat: Cloud/13][1 pkts/92 bytes <-> 1 pkts/323 bytes][Goodput ratio: 54/87][0.02 sec][Host: 1-courier.sandbox.push.apple.com][17.188.138.71][PLAIN TEXT (courier)]
30 TCP 10.0.0.227:56871 <-> 8.37.103.196:443 [proto: 91/TLS][cat: Web/5][1 pkts/66 bytes <-> 5 pkts/330 bytes][Goodput ratio: 0/0][20.32 sec][bytes ratio: -0.667 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/0 0/0 0/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 66/66 66/66 0/0]
31 TCP 10.0.0.227:56916 -> 10.0.0.151:8009 [proto: 139/AJP][cat: Web/5][5 pkts/390 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][5.03 sec]
32 TCP 10.0.0.227:56886 <-> 17.57.144.116:5223 [proto: 238.140/ApplePush.Apple][cat: Cloud/13][3 pkts/174 bytes <-> 2 pkts/185 bytes][Goodput ratio: 0/28][0.02 sec]
33 UDP 10.0.0.151:1900 -> 10.0.0.227:61328 [proto: 12/SSDP][cat: System/18][1 pkts/353 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][< 1 sec][PLAIN TEXT (HTTP/1.1 200 OK)]
34 TCP 10.0.0.227:56910 <-> 35.201.124.9:443 [proto: 91/TLS][cat: Web/5][2 pkts/170 bytes <-> 2 pkts/164 bytes][Goodput ratio: 22/19][0.05 sec]
35 UDP 10.0.0.227:62427 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/84 bytes <-> 1 pkts/242 bytes][Goodput ratio: 49/82][0.02 sec][Host: detectportal.firefox.com][184.25.56.82][PLAIN TEXT (detectportal)]
36 UDP 10.0.0.227:58074 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/75 bytes <-> 1 pkts/230 bytes][Goodput ratio: 43/81][0.01 sec][Host: www.outlook.com][40.97.222.34][PLAIN TEXT (outlook)]
37 UDP 10.0.0.227:60341 <-> 75.75.75.75:53 [proto: 5.140/DNS.Apple][cat: Web/5][1 pkts/73 bytes <-> 1 pkts/224 bytes][Goodput ratio: 42/81][0.01 sec][Host: www.apple.com][184.27.115.161][PLAIN TEXT (edgekey)]
38 UDP 10.0.0.227:64193 <-> 75.75.75.75:53 [proto: 5.238/DNS.ApplePush][cat: Cloud/13][1 pkts/85 bytes <-> 1 pkts/192 bytes][Goodput ratio: 50/78][0.02 sec][Host: 24-courier.push.apple.com][17.57.144.20][PLAIN TEXT (courier)]
39 UDP 10.0.0.227:51060 <-> 75.75.75.75:53 [proto: 5.238/DNS.ApplePush][cat: Cloud/13][1 pkts/84 bytes <-> 1 pkts/190 bytes][Goodput ratio: 49/77][0.02 sec][Host: 1-courier.push.apple.com][17.57.144.116][PLAIN TEXT (courier)]
40 UDP 10.0.0.227:52879 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/93 bytes <-> 1 pkts/174 bytes][Goodput ratio: 54/75][0.02 sec][Host: vcacrashplan01.hq.corp.viasat.com][::][PLAIN TEXT (cacrashplan)]
41 UDP 10.0.0.227:57261 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/93 bytes <-> 1 pkts/174 bytes][Goodput ratio: 54/75][0.02 sec][Host: vcacrashplan01.hq.corp.viasat.com][::][PLAIN TEXT (cacrashplan)]
42 UDP 10.0.0.227:61387 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/163 bytes][Goodput ratio: 48/74][0.03 sec][Host: vco.pandion.viasat.com][::][PLAIN TEXT (pandion)]
43 UDP 10.0.0.227:62322 <-> 75.75.76.76:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/163 bytes][Goodput ratio: 48/74][0.05 sec][Host: vco.pandion.viasat.com][::][PLAIN TEXT (pandion)]
44 UDP 10.0.0.227:57017 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/93 bytes <-> 1 pkts/145 bytes][Goodput ratio: 54/71][0.02 sec][Host: lp-rkerur-osx.hsd1.ca.comcast.net][::][PLAIN TEXT (RKERUR)]
45 UDP 10.0.0.227:59222 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/93 bytes <-> 1 pkts/145 bytes][Goodput ratio: 54/71][0.02 sec][Host: lp-rkerur-osx.hsd1.ca.comcast.net][::][PLAIN TEXT (RKERUR)]
46 UDP 10.0.0.227:54851 <-> 75.75.76.76:53 [proto: 5/DNS][cat: Network/14][1 pkts/76 bytes <-> 1 pkts/157 bytes][Goodput ratio: 44/73][0.05 sec][Host: print.viasat.com][::][PLAIN TEXT (viasat)]
47 UDP 10.0.0.227:61328 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/216 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][< 1 sec][PLAIN TEXT (SEARCH )]
48 UDP 10.0.0.227:63107 <-> 75.75.76.76:53 [proto: 5/DNS][cat: Network/14][1 pkts/65 bytes <-> 1 pkts/140 bytes][Goodput ratio: 35/70][0.03 sec][Host: local][::][PLAIN TEXT (servers)]
49 UDP 10.0.0.227:64972 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/101 bytes <-> 1 pkts/101 bytes][Goodput ratio: 58/58][0.02 sec][Host: lb._dns-sd._udp.0.128.28.172.in-addr.arpa][::]
50 TCP 10.0.0.227:56865 <-> 10.0.0.149:8008 [proto: 161/CiscoVPN][cat: VPN/2][2 pkts/132 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0/0][0.00 sec]
51 TCP 10.0.0.227:56885 <-> 184.25.56.53:80 [proto: 7/HTTP][cat: Web/5][2 pkts/132 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0/0][0.02 sec]
52 UDP 10.0.0.227:61613 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/97 bytes <-> 1 pkts/97 bytes][Goodput ratio: 56/56][0.02 sec][Host: lb._dns-sd._udp.0.0.0.10.in-addr.arpa][::]
53 UDP 10.0.0.227:49781 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/69 bytes <-> 1 pkts/117 bytes][Goodput ratio: 39/64][0.02 sec][Host: apple.com][17.178.96.59]
54 UDP 10.0.0.227:52879 <-> 75.75.76.76:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/98 bytes][Goodput ratio: 48/57][0.04 sec][Host: vco.pandion.viasat.com][8.37.102.91][PLAIN TEXT (pandion)]
55 ICMPV6 [fe80::408:3e45:3abc:1552]:0 -> [ff02::16]:0 [proto: 102/ICMPV6][cat: Network/14][2 pkts/180 bytes -> 0 pkts/0 bytes][Goodput ratio: 31/0][1.02 sec]
56 UDP 10.0.0.227:51990 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/75 bytes <-> 1 pkts/91 bytes][Goodput ratio: 43/53][0.04 sec][Host: mail.viasat.com][8.37.103.196][PLAIN TEXT (viasat)]
57 UDP 10.0.0.227:57253 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/71 bytes <-> 1 pkts/87 bytes][Goodput ratio: 40/51][0.02 sec][Host: mozilla.org][63.245.208.195][PLAIN TEXT (mozilla)]
58 UDP 10.0.0.227:58155 <-> 75.75.76.76:53 [proto: 5.118/DNS.Slack][cat: Collaborative/15][1 pkts/69 bytes <-> 1 pkts/85 bytes][Goodput ratio: 39/50][0.03 sec][Host: slack.com][99.86.34.156]
59 TCP 10.0.0.227:56874 <-> 74.125.197.188:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0/0][0.04 sec]
60 IGMP 10.0.0.213:0 -> 224.0.0.2:0 [proto: 82/IGMP][cat: Network/14][2 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][13.31 sec]
61 IGMP 10.0.0.213:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][2 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][13.31 sec]
62 ICMP 10.0.0.227:0 -> 75.75.76.76:0 [proto: 81/ICMP][cat: Network/14][1 pkts/70 bytes -> 0 pkts/0 bytes][Goodput ratio: 39/0][< 1 sec]
63 ICMP 10.0.0.1:0 -> 224.0.0.1:0 [proto: 81/ICMP][cat: Network/14][1 pkts/56 bytes -> 0 pkts/0 bytes][Goodput ratio: 14/0][< 1 sec]
64 IGMP 10.0.0.1:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][1 pkts/56 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
65 IGMP 10.0.0.149:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
66 IGMP 10.0.0.149:0 -> 239.255.3.22:0 [proto: 82/IGMP][cat: Network/14][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
67 IGMP 10.0.0.149:0 -> 239.255.255.250:0 [proto: 82/IGMP][cat: Network/14][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
1 UDP 10.0.0.227:54107 <-> 8.37.102.91:443 [proto: 161/CiscoVPN][cat: VPN/2][1413 pkts/395331 bytes <-> 1028 pkts/497166 bytes][Goodput ratio: 85/91][20.52 sec][bytes ratio: -0.114 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 11/13 669/953 35/48][Pkt Len c2s/s2c min/avg/max/stddev: 135/90 280/484 1511/1511 283/514][PLAIN TEXT (m@GOC.)][Plen Bins: 0,0,10,41,16,5,7,1,1,2,0,1,1,0,0,0,0,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0]
2 TCP 10.0.0.227:56929 <-> 8.37.102.91:443 [proto: 91/TLS][cat: Web/5][48 pkts/9073 bytes <-> 44 pkts/18703 bytes][Goodput ratio: 65/84][21.89 sec][bytes ratio: -0.347 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 11/11 97/138 21/26][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 189/425 1514/1514 246/579][Risk: ** Weak TLS cipher **** TLS Certificate Mismatch **** TLS (probably) not carrying HTTPS **][TLSv1.2][JA3C: c9f0b47c9805f516e6d3900cb51f7841][ServerNames: *.pandion.viasat.com,pandion.viasat.com][JA3S: 82f0d8a75fa483d1cfe4b7085b784d7e (WEAK)][Issuer: C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2012 Entrust, Inc. - for authorized use only, CN=Entrust Certification Authority - L1K][Subject: C=US, ST=California, L=Carlsbad, O=Viasat Inc., CN=*.pandion.viasat.com][Certificate SHA-1: 92:70:CF:E3:69:4B:1D:F4:E2:DE:63:54:EC:DF:40:DB:F3:AC:D1:CA][Validity: 2019-02-05 21:43:58 - 2021-02-05 22:13:57][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA][Plen Bins: 0,4,2,21,30,0,2,6,4,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,2,0,0,0,0,0,0,0,0,0,0,21,0]
3 TCP 10.0.0.227:56919 <-> 8.37.102.91:443 [proto: 91/TLS][cat: Web/5][28 pkts/9088 bytes <-> 26 pkts/16944 bytes][Goodput ratio: 80/90][23.14 sec][ALPN: http/1.1][bytes ratio: -0.302 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1048/487 11570/9008 2987/2009][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 325/652 1514/1514 494/646][Risk: ** Weak TLS cipher **** TLS Certificate Mismatch **][TLSv1.2][JA3C: 9f1a41f932f274fe47a992310a26a23a][ServerNames: *.pandion.viasat.com,pandion.viasat.com][JA3S: 82f0d8a75fa483d1cfe4b7085b784d7e (WEAK)][Issuer: C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2012 Entrust, Inc. - for authorized use only, CN=Entrust Certification Authority - L1K][Subject: C=US, ST=California, L=Carlsbad, O=Viasat Inc., CN=*.pandion.viasat.com][Certificate SHA-1: 92:70:CF:E3:69:4B:1D:F4:E2:DE:63:54:EC:DF:40:DB:F3:AC:D1:CA][Validity: 2019-02-05 21:43:58 - 2021-02-05 22:13:57][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA][Plen Bins: 0,12,4,0,0,4,0,0,0,8,0,0,0,0,0,0,0,0,0,4,4,0,0,0,0,0,0,0,0,0,0,0,0,0,8,4,0,0,0,4,0,4,0,16,0,25,0]
4 TCP 10.0.0.227:56921 <-> 8.37.96.194:4287 [proto: 91/TLS][cat: Web/5][29 pkts/5373 bytes <-> 28 pkts/7580 bytes][Goodput ratio: 64/75][2.30 sec][bytes ratio: -0.170 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 91/63 593/619 145/135][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 185/271 1261/1434 259/387][Risk: ** Self-signed Certificate **** TLS (probably) not carrying HTTPS **][TLSv1.2][JA3C: e3adec914f3893f18136762f1c0d7d81][JA3S: e54965894d6b45ecb4323c7ea3d6c115][Issuer: CN=813845657003339838, O=Code42, OU=TEST, ST=MN, C=US][Subject: CN=813845657003339838, O=Code42, OU=TEST, ST=MN, C=US][Certificate SHA-1: 86:2A:47:EF:00:68:79:60:7F:94:E2:91:6F:E0:38:82:37:8A:8E:2E][Validity: 2019-08-29 00:12:40 - 2019-10-08 00:12:40][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 0,40,3,3,3,3,3,0,3,3,3,0,3,7,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,3,0,0,3,0,0,3,0,3,0,0,0,0]
5 TCP 10.0.0.227:56918 <-> 8.37.102.91:443 [proto: 91/TLS][cat: Web/5][16 pkts/2739 bytes <-> 14 pkts/7315 bytes][Goodput ratio: 61/87][0.35 sec][ALPN: http/1.1][bytes ratio: -0.455 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 23/26 48/88 21/29][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 171/522 1175/1514 274/624][Risk: ** Weak TLS cipher **** TLS Certificate Mismatch **][TLSv1.2][JA3C: 9f1a41f932f274fe47a992310a26a23a][ServerNames: *.pandion.viasat.com,pandion.viasat.com][JA3S: 82f0d8a75fa483d1cfe4b7085b784d7e (WEAK)][Issuer: C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2012 Entrust, Inc. - for authorized use only, CN=Entrust Certification Authority - L1K][Subject: C=US, ST=California, L=Carlsbad, O=Viasat Inc., CN=*.pandion.viasat.com][Certificate SHA-1: 92:70:CF:E3:69:4B:1D:F4:E2:DE:63:54:EC:DF:40:DB:F3:AC:D1:CA][Validity: 2019-02-05 21:43:58 - 2021-02-05 22:13:57][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA][Plen Bins: 0,16,8,0,0,8,0,8,0,8,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,8,0,25,0]
6 TCP 10.0.0.227:56920 <-> 99.86.34.156:443 [proto: 91.118/TLS.Slack][cat: Collaborative/15][16 pkts/2949 bytes <-> 11 pkts/1876 bytes][Goodput ratio: 64/61][11.47 sec][ALPN: h2;http/1.1][bytes ratio: 0.222 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 866/28 11074/80 2947/34][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 184/171 853/487 228/155][TLSv1.2][Client: slack.com][JA3C: d8dc5f8940df366b3a58b935569143e8][JA3S: 7bee5c1d424b7e5f943b06983bb11422][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,33,16,0,8,0,0,0,0,0,0,0,8,16,0,0,8,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
7 TCP 10.0.0.227:56884 <-> 184.25.56.77:80 [proto: 7/HTTP][cat: Web/5][12 pkts/2303 bytes <-> 7 pkts/2382 bytes][Goodput ratio: 67/81][18.51 sec][Host: detectportal.firefox.com][bytes ratio: -0.017 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 7/31 1824/3642 10081/10083 3593/4385][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 192/340 373/450 153/173][URL: detectportal.firefox.com/success.txt?ipv4][StatusCode: 200][User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:69.0) Gecko/20100101 Firefox/69.0][PLAIN TEXT (GET /success.txt)][Plen Bins: 0,0,0,0,0,0,0,0,0,50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
8 TCP 10.0.0.227:56320 <-> 10.0.0.149:8009 [proto: 161/CiscoVPN][cat: VPN/2][20 pkts/2420 bytes <-> 10 pkts/1760 bytes][Goodput ratio: 45/62][45.04 sec][bytes ratio: 0.158 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 2/5003 2648/5004 5001/5006 2495/1][Pkt Len c2s/s2c min/avg/max/stddev: 66/176 121/176 176/176 55/0][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
9 ICMPV6 [fe80::2e7e:81ff:feb0:4aa1]:0 -> [ff02::1]:0 [proto: 102/ICMPV6][cat: Network/14][16 pkts/2784 bytes -> 0 pkts/0 bytes][Goodput ratio: 64/0][45.47 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2867/0 3028/0 3072/0 84/0][Pkt Len c2s/s2c min/avg/max/stddev: 174/0 174/0 174/0 0/0][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
10 TCP 10.0.0.227:56955 <-> 10.0.0.151:8060 [proto: 7/HTTP][cat: Web/5][6 pkts/650 bytes <-> 5 pkts/1668 bytes][Goodput ratio: 37/80][4.02 sec][Host: 10.0.0.151][bytes ratio: -0.439 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/2 4/4 9/6 3/2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 108/334 308/1206 89/442][URL: 10.0.0.151:8060/dial/dd.xml][StatusCode: 200][Content-Type: text/xml][User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36][Risk: ** Known protocol on non standard port **][PLAIN TEXT (GET /dial/dd.xml HTTP/1.1)][Plen Bins: 0,0,0,0,0,33,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0]
11 TCP 10.0.0.227:56917 <-> 184.25.56.77:80 [proto: 7/HTTP][cat: Web/5][6 pkts/976 bytes <-> 4 pkts/1032 bytes][Goodput ratio: 62/74][18.47 sec][Host: detectportal.firefox.com][bytes ratio: -0.028 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 28/573 3694/6151 10081/10078 4344/4052][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 163/258 368/450 145/192][URL: detectportal.firefox.com/success.txt][StatusCode: 200][User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:69.0) Gecko/20100101 Firefox/69.0][PLAIN TEXT (GET /success.txt HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
12 TCP 10.0.0.227:56954 <-> 10.0.0.149:8008 [proto: 7/HTTP][cat: Web/5][4 pkts/527 bytes <-> 3 pkts/1401 bytes][Goodput ratio: 48/85][0.01 sec][Host: 10.0.0.149][bytes ratio: -0.453 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/3 2/3 6/3 3/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 132/467 317/1261 107/561][URL: 10.0.0.149:8008/ssdp/device-desc.xml][StatusCode: 200][Content-Type: application/xml][User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36][Risk: ** Known protocol on non standard port **][PLAIN TEXT (HGET /ssdp/device)][Plen Bins: 0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0]
13 UDP [fe80::408:3e45:3abc:1552]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][9 pkts/1628 bytes -> 0 pkts/0 bytes][Goodput ratio: 66/0][25.40 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 819/0 3174/0 11263/0 3646/0][Pkt Len c2s/s2c min/avg/max/stddev: 152/0 181/0 206/0 24/0][PLAIN TEXT (companion)][Plen Bins: 0,0,33,22,44,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
14 UDP 10.0.0.227:137 -> 10.0.0.255:137 [proto: 10/NetBIOS][cat: System/18][15 pkts/1542 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][6.05 sec][Host: lp-rkerur-osx][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 465/0 1499/0 677/0][Pkt Len c2s/s2c min/avg/max/stddev: 92/0 103/0 110/0 9/0][PLAIN TEXT ( EMFACNFCELEFFC)][Plen Bins: 0,40,60,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
15 TCP 10.0.0.227:56914 <-> 52.37.243.173:443 [proto: 161.178/CiscoVPN.Amazon][cat: VPN/2][8 pkts/847 bytes <-> 7 pkts/651 bytes][Goodput ratio: 38/29][21.75 sec][bytes ratio: 0.131 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 35/1 3340/2605 9634/9670 4130/3611][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 106/93 131/129 31/31][Risk: ** Known protocol on non standard port **][Plen Bins: 0,75,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
16 TCP 10.0.0.227:56915 <-> 52.37.243.173:443 [proto: 161.178/CiscoVPN.Amazon][cat: VPN/2][8 pkts/847 bytes <-> 7 pkts/651 bytes][Goodput ratio: 38/29][22.76 sec][bytes ratio: 0.131 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 35/0 3340/3011 10636/10673 4210/3967][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 106/93 131/129 31/31][Risk: ** Known protocol on non standard port **][Plen Bins: 0,75,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
17 UDP 10.0.0.213:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][9 pkts/1448 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][25.40 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 819/0 3174/0 11263/0 3646/0][Pkt Len c2s/s2c min/avg/max/stddev: 132/0 161/0 186/0 24/0][PLAIN TEXT (companion)][Plen Bins: 0,0,33,22,44,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
18 UDP 10.0.0.151:1900 -> 10.0.0.227:57547 [proto: 12/SSDP][cat: System/18][4 pkts/1412 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][2.86 sec][PLAIN TEXT (HTTP/1.1 200 OK)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
19 TCP 10.0.0.227:56881 <-> 162.222.43.153:443 [proto: 91/TLS][cat: Web/5][6 pkts/762 bytes <-> 6 pkts/396 bytes][Goodput ratio: 48/0][0.05 sec][bytes ratio: 0.316 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 0/1 0/2 0/1][Pkt Len c2s/s2c min/avg/max/stddev: 82/66 127/66 292/66 75/0][Plen Bins: 50,33,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
20 UDP 10.0.0.227:57547 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][4 pkts/864 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][3.00 sec][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
21 UDP 10.0.0.149:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][4 pkts/655 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][0.00 sec][PLAIN TEXT (googlezone)][Plen Bins: 0,25,25,0,25,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
22 UDP 10.0.0.149:38616 -> 10.0.0.227:61328 [proto: 12/SSDP][cat: System/18][1 pkts/556 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][< 1 sec][PLAIN TEXT (HTTP/1.1 200 OK)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
23 UDP 10.0.0.149:48166 -> 10.0.0.227:57547 [proto: 12/SSDP][cat: System/18][1 pkts/556 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][< 1 sec][PLAIN TEXT (HTTP/1.1 200 OK)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
24 UDP 10.0.0.149:49816 -> 10.0.0.227:57547 [proto: 12/SSDP][cat: System/18][1 pkts/556 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][< 1 sec][PLAIN TEXT (HTTP/1.1 200 OK)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
25 UDP 10.0.0.149:50081 -> 10.0.0.227:57547 [proto: 12/SSDP][cat: System/18][1 pkts/556 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][< 1 sec][PLAIN TEXT (HTTP/1.1 200 OK)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
26 UDP 10.0.0.149:51382 -> 10.0.0.227:57547 [proto: 12/SSDP][cat: System/18][1 pkts/556 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][< 1 sec][PLAIN TEXT (HTTP/1.1 200 OK)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
27 UDP 10.0.0.227:5353 -> 10.0.0.213:5353 [proto: 8/MDNS][cat: Network/14][2 pkts/548 bytes -> 0 pkts/0 bytes][Goodput ratio: 85/0][12.10 sec][_companion-link._tcp.local][PLAIN TEXT (companion)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
28 TCP 10.0.0.227:56879 <-> 52.10.115.210:443 [proto: 91.178/TLS.Amazon][cat: Web/5][4 pkts/342 bytes <-> 2 pkts/202 bytes][Goodput ratio: 23/34][0.61 sec][bytes ratio: 0.257 (Upload)][IAT c2s/s2c min/avg/max/stddev: 33/574 203/574 541/574 239/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/101 86/101 105/101 20/0][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
29 UDP 10.0.0.227:59582 <-> 75.75.75.75:53 [proto: 5.238/DNS.ApplePush][cat: Cloud/13][1 pkts/92 bytes <-> 1 pkts/323 bytes][Goodput ratio: 54/87][0.02 sec][Host: 1-courier.sandbox.push.apple.com][17.188.138.71][PLAIN TEXT (courier)][Plen Bins: 0,50,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
30 TCP 10.0.0.227:56871 <-> 8.37.103.196:443 [proto: 91/TLS][cat: Web/5][1 pkts/66 bytes <-> 5 pkts/330 bytes][Goodput ratio: 0/0][20.32 sec][bytes ratio: -0.667 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/0 0/0 0/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 66/66 66/66 0/0][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
31 TCP 10.0.0.227:56916 -> 10.0.0.151:8009 [proto: 139/AJP][cat: Web/5][5 pkts/390 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][5.03 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
32 TCP 10.0.0.227:56886 <-> 17.57.144.116:5223 [proto: 238.140/ApplePush.Apple][cat: Cloud/13][3 pkts/174 bytes <-> 2 pkts/185 bytes][Goodput ratio: 0/28][0.02 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
33 UDP 10.0.0.151:1900 -> 10.0.0.227:61328 [proto: 12/SSDP][cat: System/18][1 pkts/353 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][< 1 sec][PLAIN TEXT (HTTP/1.1 200 OK)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
34 TCP 10.0.0.227:56910 <-> 35.201.124.9:443 [proto: 91/TLS][cat: Web/5][2 pkts/170 bytes <-> 2 pkts/164 bytes][Goodput ratio: 22/19][0.05 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
35 UDP 10.0.0.227:62427 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/84 bytes <-> 1 pkts/242 bytes][Goodput ratio: 49/82][0.02 sec][Host: detectportal.firefox.com][184.25.56.82][PLAIN TEXT (detectportal)][Plen Bins: 0,50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
36 UDP 10.0.0.227:58074 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/75 bytes <-> 1 pkts/230 bytes][Goodput ratio: 43/81][0.01 sec][Host: www.outlook.com][40.97.222.34][PLAIN TEXT (outlook)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
37 UDP 10.0.0.227:60341 <-> 75.75.75.75:53 [proto: 5.140/DNS.Apple][cat: Web/5][1 pkts/73 bytes <-> 1 pkts/224 bytes][Goodput ratio: 42/81][0.01 sec][Host: www.apple.com][184.27.115.161][PLAIN TEXT (edgekey)][Plen Bins: 50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
38 UDP 10.0.0.227:64193 <-> 75.75.75.75:53 [proto: 5.238/DNS.ApplePush][cat: Cloud/13][1 pkts/85 bytes <-> 1 pkts/192 bytes][Goodput ratio: 50/78][0.02 sec][Host: 24-courier.push.apple.com][17.57.144.20][PLAIN TEXT (courier)][Plen Bins: 0,50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
39 UDP 10.0.0.227:51060 <-> 75.75.75.75:53 [proto: 5.238/DNS.ApplePush][cat: Cloud/13][1 pkts/84 bytes <-> 1 pkts/190 bytes][Goodput ratio: 49/77][0.02 sec][Host: 1-courier.push.apple.com][17.57.144.116][PLAIN TEXT (courier)][Plen Bins: 0,50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
40 UDP 10.0.0.227:52879 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/93 bytes <-> 1 pkts/174 bytes][Goodput ratio: 54/75][0.02 sec][Host: vcacrashplan01.hq.corp.viasat.com][::][PLAIN TEXT (cacrashplan)][Plen Bins: 0,50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
41 UDP 10.0.0.227:57261 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/93 bytes <-> 1 pkts/174 bytes][Goodput ratio: 54/75][0.02 sec][Host: vcacrashplan01.hq.corp.viasat.com][::][PLAIN TEXT (cacrashplan)][Plen Bins: 0,50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
42 UDP 10.0.0.227:61387 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/163 bytes][Goodput ratio: 48/74][0.03 sec][Host: vco.pandion.viasat.com][::][PLAIN TEXT (pandion)][Plen Bins: 0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
43 UDP 10.0.0.227:62322 <-> 75.75.76.76:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/163 bytes][Goodput ratio: 48/74][0.05 sec][Host: vco.pandion.viasat.com][::][PLAIN TEXT (pandion)][Plen Bins: 0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
44 UDP 10.0.0.227:57017 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/93 bytes <-> 1 pkts/145 bytes][Goodput ratio: 54/71][0.02 sec][Host: lp-rkerur-osx.hsd1.ca.comcast.net][::][PLAIN TEXT (RKERUR)][Plen Bins: 0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
45 UDP 10.0.0.227:59222 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/93 bytes <-> 1 pkts/145 bytes][Goodput ratio: 54/71][0.02 sec][Host: lp-rkerur-osx.hsd1.ca.comcast.net][::][PLAIN TEXT (RKERUR)][Plen Bins: 0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
46 UDP 10.0.0.227:54851 <-> 75.75.76.76:53 [proto: 5/DNS][cat: Network/14][1 pkts/76 bytes <-> 1 pkts/157 bytes][Goodput ratio: 44/73][0.05 sec][Host: print.viasat.com][::][PLAIN TEXT (viasat)][Plen Bins: 0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
47 UDP 10.0.0.227:61328 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/216 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][< 1 sec][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
48 UDP 10.0.0.227:63107 <-> 75.75.76.76:53 [proto: 5/DNS][cat: Network/14][1 pkts/65 bytes <-> 1 pkts/140 bytes][Goodput ratio: 35/70][0.03 sec][Host: local][::][PLAIN TEXT (servers)][Plen Bins: 50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
49 UDP 10.0.0.227:64972 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/101 bytes <-> 1 pkts/101 bytes][Goodput ratio: 58/58][0.02 sec][Host: lb._dns-sd._udp.0.128.28.172.in-addr.arpa][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
50 TCP 10.0.0.227:56865 <-> 10.0.0.149:8008 [proto: 161/CiscoVPN][cat: VPN/2][2 pkts/132 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0/0][0.00 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
51 TCP 10.0.0.227:56885 <-> 184.25.56.53:80 [proto: 7/HTTP][cat: Web/5][2 pkts/132 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0/0][0.02 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
52 UDP 10.0.0.227:61613 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/97 bytes <-> 1 pkts/97 bytes][Goodput ratio: 56/56][0.02 sec][Host: lb._dns-sd._udp.0.0.0.10.in-addr.arpa][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
53 UDP 10.0.0.227:49781 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/69 bytes <-> 1 pkts/117 bytes][Goodput ratio: 39/64][0.02 sec][Host: apple.com][17.178.96.59][Plen Bins: 50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
54 UDP 10.0.0.227:52879 <-> 75.75.76.76:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/98 bytes][Goodput ratio: 48/57][0.04 sec][Host: vco.pandion.viasat.com][8.37.102.91][PLAIN TEXT (pandion)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
55 ICMPV6 [fe80::408:3e45:3abc:1552]:0 -> [ff02::16]:0 [proto: 102/ICMPV6][cat: Network/14][2 pkts/180 bytes -> 0 pkts/0 bytes][Goodput ratio: 31/0][1.02 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
56 UDP 10.0.0.227:51990 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/75 bytes <-> 1 pkts/91 bytes][Goodput ratio: 43/53][0.04 sec][Host: mail.viasat.com][8.37.103.196][PLAIN TEXT (viasat)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
57 UDP 10.0.0.227:57253 <-> 75.75.75.75:53 [proto: 5/DNS][cat: Network/14][1 pkts/71 bytes <-> 1 pkts/87 bytes][Goodput ratio: 40/51][0.02 sec][Host: mozilla.org][63.245.208.195][PLAIN TEXT (mozilla)][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
58 UDP 10.0.0.227:58155 <-> 75.75.76.76:53 [proto: 5.118/DNS.Slack][cat: Collaborative/15][1 pkts/69 bytes <-> 1 pkts/85 bytes][Goodput ratio: 39/50][0.03 sec][Host: slack.com][99.86.34.156][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
59 TCP 10.0.0.227:56874 <-> 74.125.197.188:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0/0][0.04 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
60 IGMP 10.0.0.213:0 -> 224.0.0.2:0 [proto: 82/IGMP][cat: Network/14][2 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][13.31 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
61 IGMP 10.0.0.213:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][2 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][13.31 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
62 ICMP 10.0.0.227:0 -> 75.75.76.76:0 [proto: 81/ICMP][cat: Network/14][1 pkts/70 bytes -> 0 pkts/0 bytes][Goodput ratio: 39/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
63 ICMP 10.0.0.1:0 -> 224.0.0.1:0 [proto: 81/ICMP][cat: Network/14][1 pkts/56 bytes -> 0 pkts/0 bytes][Goodput ratio: 14/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
64 IGMP 10.0.0.1:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][1 pkts/56 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
65 IGMP 10.0.0.149:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
66 IGMP 10.0.0.149:0 -> 239.255.3.22:0 [proto: 82/IGMP][cat: Network/14][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
67 IGMP 10.0.0.149:0 -> 239.255.255.250:0 [proto: 82/IGMP][cat: Network/14][1 pkts/46 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Undetected flows:
1 TCP 10.0.0.227:56866 -> 10.0.0.151:8060 [proto: 0/Unknown][9 pkts/594 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][21.24 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 311/0 2655/0 6845/0 2564/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/0 66/0 66/0 0/0]
2 UDP 10.0.0.227:52595 -> 10.0.0.1:192 [proto: 0/Unknown][10 pkts/460 bytes -> 0 pkts/0 bytes][Goodput ratio: 9/0][17.54 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 503/0 1948/0 5506/0 2007/0][Pkt Len c2s/s2c min/avg/max/stddev: 46/0 46/0 46/0 0/0]
1 TCP 10.0.0.227:56866 -> 10.0.0.151:8060 [proto: 0/Unknown][9 pkts/594 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][21.24 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 311/0 2655/0 6845/0 2564/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/0 66/0 66/0 0/0][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 UDP 10.0.0.227:52595 -> 10.0.0.1:192 [proto: 0/Unknown][10 pkts/460 bytes -> 0 pkts/0 bytes][Goodput ratio: 9/0][17.54 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 503/0 1948/0 5506/0 2007/0][Pkt Len c2s/s2c min/avg/max/stddev: 46/0 46/0 46/0 0/0][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

4
tests/result/anydesk.pcap.out
View file

@ -5,5 +5,5 @@ JA3 Host Stats:
1 192.168.149.129 1
1 TCP 192.168.149.129:43535 <-> 51.83.238.219:80 [proto: 91.252/TLS.AnyDesk][cat: RemoteAccess/12][2942 pkts/175103 bytes <-> 4001 pkts/2618640 bytes][Goodput ratio: 9/92][55.97 sec][bytes ratio: -0.875 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 19/14 7028/7028 153/126][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 60/654 1514/1514 50/618][Risk: ** Known protocol on non standard port **** TLS (probably) not carrying HTTPS **][TLSv1.2][JA3C: 201999283915cc31cee6b15472ef3332][JA3S: 107030a763c7224285717ff1569a17f3][Issuer: CN=AnyNet Root CA, O=philandro Software GmbH, C=DE][Subject: C=DE, O=philandro Software GmbH, CN=AnyNet Relay][Certificate SHA-1: 9E:08:D2:58:A9:02:CD:4F:E2:4A:26:B8:48:5C:43:0B:81:29:99:E3][Validity: 2018-11-18 02:14:23 - 2028-11-15 02:14:23][Cipher: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384]
2 TCP 192.168.149.129:36351 <-> 51.83.239.144:80 [proto: 7.252/HTTP.AnyDesk][cat: RemoteAccess/12][10 pkts/792 bytes <-> 10 pkts/925 bytes][Goodput ratio: 32/38][45.83 sec][bytes ratio: -0.077 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 32/31 5700/5700 15000/15001 7162/7162][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 79/92 105/213 25/45]
1 TCP 192.168.149.129:43535 <-> 51.83.238.219:80 [proto: 91.252/TLS.AnyDesk][cat: RemoteAccess/12][2942 pkts/175103 bytes <-> 4001 pkts/2618640 bytes][Goodput ratio: 9/92][55.97 sec][bytes ratio: -0.875 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 19/14 7028/7028 153/126][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 60/654 1514/1514 50/618][Risk: ** Known protocol on non standard port **** TLS (probably) not carrying HTTPS **][TLSv1.2][JA3C: 201999283915cc31cee6b15472ef3332][JA3S: 107030a763c7224285717ff1569a17f3][Issuer: CN=AnyNet Root CA, O=philandro Software GmbH, C=DE][Subject: C=DE, O=philandro Software GmbH, CN=AnyNet Relay][Certificate SHA-1: 9E:08:D2:58:A9:02:CD:4F:E2:4A:26:B8:48:5C:43:0B:81:29:99:E3][Validity: 2018-11-18 02:14:23 - 2028-11-15 02:14:23][Cipher: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384][Plen Bins: 0,7,16,2,1,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,3,0,0,30,0,0,0,0,26,0]
2 TCP 192.168.149.129:36351 <-> 51.83.239.144:80 [proto: 7.252/HTTP.AnyDesk][cat: RemoteAccess/12][10 pkts/792 bytes <-> 10 pkts/925 bytes][Goodput ratio: 32/38][45.83 sec][bytes ratio: -0.077 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 32/31 5700/5700 15000/15001 7162/7162][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 79/92 105/213 25/45][Plen Bins: 0,90,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

12
tests/result/bitcoin.pcap.out
View file

@ -1,8 +1,8 @@
Mining 637 581074 6
1 TCP 192.168.1.142:55328 <-> 69.118.54.122:8333 [proto: 42/Mining][cat: Mining/99][2 pkts/281 bytes <-> 137 pkts/191029 bytes][Goodput ratio: 53/95][330.56 sec][bytes ratio: -0.997 (Download)][IAT c2s/s2c min/avg/max/stddev: 141657/0 141657/2644 141657/76010 0/11325][Pkt Len c2s/s2c min/avg/max/stddev: 110/86 140/1394 171/1514 30/378][PLAIN TEXT (version)]
2 TCP 192.168.1.142:55348 <-> 74.89.181.229:8333 [proto: 42/Mining][cat: Mining/99][55 pkts/28663 bytes <-> 117 pkts/134830 bytes][Goodput ratio: 87/94][1491.26 sec][bytes ratio: -0.649 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 21789/4882 100110/64236 26995/11546][Pkt Len c2s/s2c min/avg/max/stddev: 110/86 521/1152 1514/1514 578/589][PLAIN TEXT (version)]
3 TCP 192.168.1.142:55383 <-> 66.68.83.22:8333 [proto: 42/Mining][cat: Mining/99][65 pkts/45271 bytes <-> 96 pkts/70339 bytes][Goodput ratio: 91/91][1337.01 sec][bytes ratio: -0.217 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 18993/12001 134322/105866 27575/21527][Pkt Len c2s/s2c min/avg/max/stddev: 110/86 696/733 1514/1514 637/653][PLAIN TEXT (version)]
4 TCP 192.168.1.142:55400 <-> 195.218.16.178:8333 [proto: 42/Mining][cat: Mining/99][47 pkts/26824 bytes <-> 72 pkts/55927 bytes][Goodput ratio: 88/92][1107.93 sec][bytes ratio: -0.352 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 22661/13162 91604/95856 25520/24264][Pkt Len c2s/s2c min/avg/max/stddev: 110/86 571/777 1514/1514 606/673][PLAIN TEXT (version)]
5 TCP 192.168.1.142:55317 <-> 188.165.213.169:8333 [proto: 42/Mining][cat: Mining/99][16 pkts/21673 bytes <-> 3 pkts/1771 bytes][Goodput ratio: 95/89][1.27 sec][bytes ratio: 0.849 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/136 90/212 655/289 169/76][Pkt Len c2s/s2c min/avg/max/stddev: 171/86 1355/590 1514/1514 369/654][PLAIN TEXT (version)]
6 TCP 192.168.1.142:55487 <-> 184.58.165.119:8333 [proto: 42/Mining][cat: Mining/99][24 pkts/3082 bytes <-> 3 pkts/1384 bytes][Goodput ratio: 49/86][506.07 sec][bytes ratio: 0.380 (Upload)][IAT c2s/s2c min/avg/max/stddev: 238/256 21944/256 75340/256 19965/0][Pkt Len c2s/s2c min/avg/max/stddev: 121/86 128/461 171/1127 12/472][PLAIN TEXT (version)]
1 TCP 192.168.1.142:55328 <-> 69.118.54.122:8333 [proto: 42/Mining][cat: Mining/99][2 pkts/281 bytes <-> 137 pkts/191029 bytes][Goodput ratio: 53/95][330.56 sec][bytes ratio: -0.997 (Download)][IAT c2s/s2c min/avg/max/stddev: 141657/0 141657/2644 141657/76010 0/11325][Pkt Len c2s/s2c min/avg/max/stddev: 110/86 140/1394 171/1514 30/378][PLAIN TEXT (version)][Plen Bins: 0,6,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,88,0]
2 TCP 192.168.1.142:55348 <-> 74.89.181.229:8333 [proto: 42/Mining][cat: Mining/99][55 pkts/28663 bytes <-> 117 pkts/134830 bytes][Goodput ratio: 87/94][1491.26 sec][bytes ratio: -0.649 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 21789/4882 100110/64236 26995/11546][Pkt Len c2s/s2c min/avg/max/stddev: 110/86 521/1152 1514/1514 578/589][PLAIN TEXT (version)][Plen Bins: 0,30,0,4,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,55,0]
3 TCP 192.168.1.142:55383 <-> 66.68.83.22:8333 [proto: 42/Mining][cat: Mining/99][65 pkts/45271 bytes <-> 96 pkts/70339 bytes][Goodput ratio: 91/91][1337.01 sec][bytes ratio: -0.217 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 18993/12001 134322/105866 27575/21527][Pkt Len c2s/s2c min/avg/max/stddev: 110/86 696/733 1514/1514 637/653][PLAIN TEXT (version)][Plen Bins: 0,42,0,4,0,0,0,0,5,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,36,0]
4 TCP 192.168.1.142:55400 <-> 195.218.16.178:8333 [proto: 42/Mining][cat: Mining/99][47 pkts/26824 bytes <-> 72 pkts/55927 bytes][Goodput ratio: 88/92][1107.93 sec][bytes ratio: -0.352 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 22661/13162 91604/95856 25520/24264][Pkt Len c2s/s2c min/avg/max/stddev: 110/86 571/777 1514/1514 606/673][PLAIN TEXT (version)][Plen Bins: 0,47,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,35,0]
5 TCP 192.168.1.142:55317 <-> 188.165.213.169:8333 [proto: 42/Mining][cat: Mining/99][16 pkts/21673 bytes <-> 3 pkts/1771 bytes][Goodput ratio: 95/89][1.27 sec][bytes ratio: 0.849 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/136 90/212 655/289 169/76][Pkt Len c2s/s2c min/avg/max/stddev: 171/86 1355/590 1514/1514 369/654][PLAIN TEXT (version)][Plen Bins: 5,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,73,0]
6 TCP 192.168.1.142:55487 <-> 184.58.165.119:8333 [proto: 42/Mining][cat: Mining/99][24 pkts/3082 bytes <-> 3 pkts/1384 bytes][Goodput ratio: 49/86][506.07 sec][bytes ratio: 0.380 (Upload)][IAT c2s/s2c min/avg/max/stddev: 238/256 21944/256 75340/256 19965/0][Pkt Len c2s/s2c min/avg/max/stddev: 121/86 128/461 171/1127 12/472][PLAIN TEXT (version)][Plen Bins: 3,81,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0]

48
tests/result/bittorrent.pcap.out
View file

@ -1,26 +1,26 @@
BitTorrent 299 305728 24
1 TCP 192.168.1.3:52915 <-> 198.100.146.9:60163 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][17 pkts/2745 bytes <-> 193 pkts/282394 bytes][Goodput ratio: 59/95][5.77 sec][bytes ratio: -0.981 (Download)][IAT c2s/s2c min/avg/max/stddev: 12/0 319/30 779/919 241/95][Pkt Len c2s/s2c min/avg/max/stddev: 83/80 161/1463 242/1506 58/218][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
2 TCP 192.168.1.3:52895 <-> 83.216.184.241:51413 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][4 pkts/583 bytes <-> 4 pkts/975 bytes][Goodput ratio: 55/73][4.11 sec][bytes ratio: -0.252 (Download)][IAT c2s/s2c min/avg/max/stddev: 132/72 959/2027 1966/3982 760/1955][Pkt Len c2s/s2c min/avg/max/stddev: 80/73 146/244 198/648 44/235][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
3 TCP 192.168.1.3:52914 <-> 190.103.195.56:46633 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][4 pkts/640 bytes <-> 3 pkts/910 bytes][Goodput ratio: 59/78][3.54 sec][bytes ratio: -0.174 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 489/661 1178/883 1943/1105 596/222][Pkt Len c2s/s2c min/avg/max/stddev: 75/113 160/303 241/650 62/246][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
4 TCP 192.168.1.3:52907 <-> 82.58.216.115:38305 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][2 pkts/583 bytes <-> 2 pkts/818 bytes][Goodput ratio: 77/84][1.89 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
5 TCP 192.168.1.3:52927 <-> 83.216.184.241:51413 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/582 bytes <-> 2 pkts/796 bytes][Goodput ratio: 66/83][0.92 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
6 TCP 192.168.1.3:52897 <-> 151.26.95.30:22673 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/510 bytes <-> 2 pkts/771 bytes][Goodput ratio: 61/83][0.92 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
7 TCP 192.168.1.3:52903 <-> 198.100.146.9:60163 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/410 bytes <-> 3 pkts/851 bytes][Goodput ratio: 52/77][0.81 sec][bytes ratio: -0.350 (Download)][IAT c2s/s2c min/avg/max/stddev: 320/159 407/298 494/436 87/138][Pkt Len c2s/s2c min/avg/max/stddev: 80/80 137/284 196/601 47/227][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
8 TCP 192.168.1.3:52917 <-> 151.15.48.189:47001 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/455 bytes <-> 2 pkts/771 bytes][Goodput ratio: 56/83][0.09 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
9 TCP 192.168.1.3:52911 <-> 151.26.95.30:22673 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/442 bytes <-> 2 pkts/771 bytes][Goodput ratio: 55/83][0.94 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
10 TCP 192.168.1.3:52921 <-> 95.234.159.16:41205 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/440 bytes <-> 2 pkts/772 bytes][Goodput ratio: 55/83][0.27 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
11 TCP 192.168.1.3:52906 <-> 82.57.97.83:53137 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/434 bytes <-> 2 pkts/771 bytes][Goodput ratio: 54/83][0.36 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
12 TCP 192.168.1.3:52922 <-> 95.237.193.34:11321 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/434 bytes <-> 2 pkts/771 bytes][Goodput ratio: 54/83][0.26 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
13 TCP 192.168.1.3:52887 <-> 82.57.97.83:53137 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/430 bytes <-> 2 pkts/771 bytes][Goodput ratio: 54/83][0.45 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
14 TCP 192.168.1.3:52896 <-> 79.53.228.2:14627 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/409 bytes <-> 2 pkts/771 bytes][Goodput ratio: 51/83][0.25 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
15 TCP 192.168.1.3:52926 <-> 93.65.249.100:31336 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes <-> 2 pkts/796 bytes][Goodput ratio: 50/83][0.23 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
16 TCP 192.168.1.3:52888 <-> 82.58.216.115:38305 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes <-> 1 pkts/624 bytes][Goodput ratio: 50/89][0.22 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
17 TCP 192.168.1.3:52902 <-> 190.103.195.56:46633 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][2 pkts/349 bytes <-> 2 pkts/265 bytes][Goodput ratio: 62/50][1.91 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
18 TCP 192.168.1.3:52912 <-> 151.72.255.163:59928 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/455 bytes <-> 1 pkts/157 bytes][Goodput ratio: 56/58][0.15 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
19 TCP 192.168.1.3:52893 -> 79.55.129.22:12097 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][Goodput ratio: 50/0][< 1 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
20 TCP 192.168.1.3:52894 -> 120.62.33.241:39332 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][Goodput ratio: 50/0][< 1 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
21 TCP 192.168.1.3:52908 -> 79.55.129.22:12097 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][Goodput ratio: 50/0][< 1 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
22 TCP 192.168.1.3:52909 -> 79.53.228.2:14627 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][Goodput ratio: 50/0][< 1 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
23 TCP 192.168.1.3:52910 -> 120.62.33.241:39332 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][Goodput ratio: 50/0][< 1 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
24 TCP 192.168.1.3:52925 -> 93.65.227.100:19116 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][Goodput ratio: 50/0][< 1 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)]
1 TCP 192.168.1.3:52915 <-> 198.100.146.9:60163 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][17 pkts/2745 bytes <-> 193 pkts/282394 bytes][Goodput ratio: 59/95][5.77 sec][bytes ratio: -0.981 (Download)][IAT c2s/s2c min/avg/max/stddev: 12/0 319/30 779/919 241/95][Pkt Len c2s/s2c min/avg/max/stddev: 83/80 161/1463 242/1506 58/218][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)][Plen Bins: 2,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,88,0]
2 TCP 192.168.1.3:52895 <-> 83.216.184.241:51413 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][4 pkts/583 bytes <-> 4 pkts/975 bytes][Goodput ratio: 55/73][4.11 sec][bytes ratio: -0.252 (Download)][IAT c2s/s2c min/avg/max/stddev: 132/72 959/2027 1966/3982 760/1955][Pkt Len c2s/s2c min/avg/max/stddev: 80/73 146/244 198/648 44/235][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)][Plen Bins: 25,12,25,12,12,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 TCP 192.168.1.3:52914 <-> 190.103.195.56:46633 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][4 pkts/640 bytes <-> 3 pkts/910 bytes][Goodput ratio: 59/78][3.54 sec][bytes ratio: -0.174 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 489/661 1178/883 1943/1105 596/222][Pkt Len c2s/s2c min/avg/max/stddev: 75/113 160/303 241/650 62/246][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)][Plen Bins: 14,14,28,14,0,14,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 TCP 192.168.1.3:52907 <-> 82.58.216.115:38305 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][2 pkts/583 bytes <-> 2 pkts/818 bytes][Goodput ratio: 77/84][1.89 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)][Plen Bins: 0,25,25,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 TCP 192.168.1.3:52927 <-> 83.216.184.241:51413 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/582 bytes <-> 2 pkts/796 bytes][Goodput ratio: 66/83][0.92 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)][Plen Bins: 20,0,40,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
6 TCP 192.168.1.3:52897 <-> 151.26.95.30:22673 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/510 bytes <-> 2 pkts/771 bytes][Goodput ratio: 61/83][0.92 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)][Plen Bins: 0,0,20,60,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
7 TCP 192.168.1.3:52903 <-> 198.100.146.9:60163 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/410 bytes <-> 3 pkts/851 bytes][Goodput ratio: 52/77][0.81 sec][bytes ratio: -0.350 (Download)][IAT c2s/s2c min/avg/max/stddev: 320/159 407/298 494/436 87/138][Pkt Len c2s/s2c min/avg/max/stddev: 80/80 137/284 196/601 47/227][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)][Plen Bins: 33,0,16,16,16,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
8 TCP 192.168.1.3:52917 <-> 151.15.48.189:47001 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/455 bytes <-> 2 pkts/771 bytes][Goodput ratio: 56/83][0.09 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)][Plen Bins: 20,0,40,0,0,20,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
9 TCP 192.168.1.3:52911 <-> 151.26.95.30:22673 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/442 bytes <-> 2 pkts/771 bytes][Goodput ratio: 55/83][0.94 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)][Plen Bins: 20,0,20,20,20,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
10 TCP 192.168.1.3:52921 <-> 95.234.159.16:41205 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/440 bytes <-> 2 pkts/772 bytes][Goodput ratio: 55/83][0.27 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)][Plen Bins: 20,0,20,20,20,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
11 TCP 192.168.1.3:52906 <-> 82.57.97.83:53137 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/434 bytes <-> 2 pkts/771 bytes][Goodput ratio: 54/83][0.36 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)][Plen Bins: 20,0,20,20,20,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
12 TCP 192.168.1.3:52922 <-> 95.237.193.34:11321 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/434 bytes <-> 2 pkts/771 bytes][Goodput ratio: 54/83][0.26 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)][Plen Bins: 20,0,20,20,20,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
13 TCP 192.168.1.3:52887 <-> 82.57.97.83:53137 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/430 bytes <-> 2 pkts/771 bytes][Goodput ratio: 54/83][0.45 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)][Plen Bins: 20,0,20,20,20,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
14 TCP 192.168.1.3:52896 <-> 79.53.228.2:14627 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/409 bytes <-> 2 pkts/771 bytes][Goodput ratio: 51/83][0.25 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)][Plen Bins: 20,0,40,0,20,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
15 TCP 192.168.1.3:52926 <-> 93.65.249.100:31336 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes <-> 2 pkts/796 bytes][Goodput ratio: 50/83][0.23 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)][Plen Bins: 0,0,33,33,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
16 TCP 192.168.1.3:52888 <-> 82.58.216.115:38305 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes <-> 1 pkts/624 bytes][Goodput ratio: 50/89][0.22 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)][Plen Bins: 0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
17 TCP 192.168.1.3:52902 <-> 190.103.195.56:46633 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][2 pkts/349 bytes <-> 2 pkts/265 bytes][Goodput ratio: 62/50][1.91 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)][Plen Bins: 25,0,25,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
18 TCP 192.168.1.3:52912 <-> 151.72.255.163:59928 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][3 pkts/455 bytes <-> 1 pkts/157 bytes][Goodput ratio: 56/58][0.15 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)][Plen Bins: 25,0,50,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
19 TCP 192.168.1.3:52893 -> 79.55.129.22:12097 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][Goodput ratio: 50/0][< 1 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
20 TCP 192.168.1.3:52894 -> 120.62.33.241:39332 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][Goodput ratio: 50/0][< 1 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
21 TCP 192.168.1.3:52908 -> 79.55.129.22:12097 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][Goodput ratio: 50/0][< 1 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
22 TCP 192.168.1.3:52909 -> 79.53.228.2:14627 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][Goodput ratio: 50/0][< 1 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
23 TCP 192.168.1.3:52910 -> 120.62.33.241:39332 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][Goodput ratio: 50/0][< 1 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
24 TCP 192.168.1.3:52925 -> 93.65.227.100:19116 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][1 pkts/134 bytes -> 0 pkts/0 bytes][Goodput ratio: 50/0][< 1 sec][BT Hash: dcfcdccfb9e670ccc3dd40c78c161f2bea243126][PLAIN TEXT (BitTorrent protocol)][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

4
tests/result/bittorrent_ip.pcap.out
View file

@ -1,4 +1,4 @@
BitTorrent 479 508018 2
1 TCP 77.222.174.20:2866 <-> 10.0.0.14:46610 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][305 pkts/461770 bytes <-> 126 pkts/8316 bytes][Goodput ratio: 96/0][2.45 sec][bytes ratio: 0.965 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 5/6 879/56 54/10][Pkt Len c2s/s2c min/avg/max/stddev: 1514/66 1514/66 1514/66 0/0][PLAIN TEXT (n.m Hh)]
2 TCP 185.56.20.36:53646 <-> 10.0.0.14:35030 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][25 pkts/36414 bytes <-> 23 pkts/1518 bytes][Goodput ratio: 95/0][0.21 sec][bytes ratio: 0.920 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 10/11 83/83 23/24][Pkt Len c2s/s2c min/avg/max/stddev: 78/66 1457/66 1514/66 281/0][PLAIN TEXT (@RgmZT)]
1 TCP 77.222.174.20:2866 <-> 10.0.0.14:46610 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][305 pkts/461770 bytes <-> 126 pkts/8316 bytes][Goodput ratio: 96/0][2.45 sec][bytes ratio: 0.965 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 5/6 879/56 54/10][Pkt Len c2s/s2c min/avg/max/stddev: 1514/66 1514/66 1514/66 0/0][PLAIN TEXT (n.m Hh)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0]
2 TCP 185.56.20.36:53646 <-> 10.0.0.14:35030 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][25 pkts/36414 bytes <-> 23 pkts/1518 bytes][Goodput ratio: 95/0][0.21 sec][bytes ratio: 0.920 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 10/11 83/83 23/24][Pkt Len c2s/s2c min/avg/max/stddev: 78/66 1457/66 1514/66 281/0][PLAIN TEXT (@RgmZT)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0]

2
tests/result/bittorrent_utp.pcap.out
View file

@ -1,3 +1,3 @@
BitTorrent 86 41489 1
1 UDP 82.243.113.43:64969 <-> 192.168.1.5:40959 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][47 pkts/36653 bytes <-> 39 pkts/4836 bytes][Goodput ratio: 95/66][19.22 sec][bytes ratio: 0.767 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/11 223/425 4392/4641 701/934][Pkt Len c2s/s2c min/avg/max/stddev: 62/62 780/124 1514/519 609/123][PLAIN TEXT (hash20)]
1 UDP 82.243.113.43:64969 <-> 192.168.1.5:40959 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][47 pkts/36653 bytes <-> 39 pkts/4836 bytes][Goodput ratio: 95/66][19.22 sec][bytes ratio: 0.767 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/11 223/425 4392/4641 701/934][Pkt Len c2s/s2c min/avg/max/stddev: 62/62 780/124 1514/519 609/123][PLAIN TEXT (hash20)][Plen Bins: 50,1,2,4,0,1,1,1,0,0,5,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,6,0,0,0,6,0,0,0,8]

2
tests/result/bt_search.pcap.out
View file

@ -1,3 +1,3 @@
BitTorrent 2 322 1
1 UDP 192.168.0.102:6771 -> 239.192.152.143:6771 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][2 pkts/322 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][300.03 sec][PLAIN TEXT (SEARCH )]
1 UDP 192.168.0.102:6771 -> 239.192.152.143:6771 [proto: 37/BitTorrent][cat: Download-FileTransfer-FileSharing/7][2 pkts/322 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][300.03 sec][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

10
tests/result/capwap.pcap.out
View file

@ -1,8 +1,8 @@
DNS 2 166 1
CAPWAP 393 98074 4
1 UDP 192.168.10.9:5246 <-> 192.168.10.10:12380 [proto: 247/CAPWAP][cat: Network/14][106 pkts/26144 bytes <-> 111 pkts/37530 bytes][Goodput ratio: 83/88][169.10 sec][bytes ratio: -0.179 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1421/1619 21349/21721 3881/4475][Pkt Len c2s/s2c min/avg/max/stddev: 106/115 247/338 1499/1499 292/381][PLAIN TEXT (Cisco Systems)]
2 UDP 192.168.10.10:12380 <-> 192.168.10.9:5247 [proto: 247/CAPWAP][cat: Network/14][170 pkts/33465 bytes <-> 1 pkts/168 bytes][Goodput ratio: 79/75][157.99 sec][bytes ratio: 0.990 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 961/0 3999/0 859/0][Pkt Len c2s/s2c min/avg/max/stddev: 93/168 197/168 470/168 78/0]
3 UDP 192.168.10.10:12380 -> 255.255.255.255:5246 [proto: 247/CAPWAP][cat: Network/14][4 pkts/660 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][130.41 sec][PLAIN TEXT (838.61f)]
4 UDP 192.168.10.10:49259 -> 255.255.255.255:53 [proto: 5/DNS][cat: Network/14][2 pkts/166 bytes -> 0 pkts/0 bytes][Goodput ratio: 49/0][3.00 sec][Host: cisco-capwap-controller][::][PLAIN TEXT (CAPWAP)]
5 UDP 192.168.10.9:5246 -> 192.168.10.10:12379 [proto: 247/CAPWAP][cat: Network/14][1 pkts/107 bytes -> 0 pkts/0 bytes][Goodput ratio: 60/0][< 1 sec]
1 UDP 192.168.10.9:5246 <-> 192.168.10.10:12380 [proto: 247/CAPWAP][cat: Network/14][106 pkts/26144 bytes <-> 111 pkts/37530 bytes][Goodput ratio: 83/88][169.10 sec][bytes ratio: -0.179 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1421/1619 21349/21721 3881/4475][Pkt Len c2s/s2c min/avg/max/stddev: 106/115 247/338 1499/1499 292/381][PLAIN TEXT (Cisco Systems)][Plen Bins: 0,0,26,41,2,6,0,0,2,0,0,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,1,0]
2 UDP 192.168.10.10:12380 <-> 192.168.10.9:5247 [proto: 247/CAPWAP][cat: Network/14][170 pkts/33465 bytes <-> 1 pkts/168 bytes][Goodput ratio: 79/75][157.99 sec][bytes ratio: 0.990 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 961/0 3999/0 859/0][Pkt Len c2s/s2c min/avg/max/stddev: 93/168 197/168 470/168 78/0][Plen Bins: 0,0,20,26,11,18,4,8,4,0,0,2,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 UDP 192.168.10.10:12380 -> 255.255.255.255:5246 [proto: 247/CAPWAP][cat: Network/14][4 pkts/660 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][130.41 sec][PLAIN TEXT (838.61f)][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 UDP 192.168.10.10:49259 -> 255.255.255.255:53 [proto: 5/DNS][cat: Network/14][2 pkts/166 bytes -> 0 pkts/0 bytes][Goodput ratio: 49/0][3.00 sec][Host: cisco-capwap-controller][::][PLAIN TEXT (CAPWAP)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 UDP 192.168.10.9:5246 -> 192.168.10.10:12379 [proto: 247/CAPWAP][cat: Network/14][1 pkts/107 bytes -> 0 pkts/0 bytes][Goodput ratio: 60/0][< 1 sec][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

2
tests/result/check_mk_new.pcap.out
View file

@ -1,3 +1,3 @@
CHECKMK 98 20242 1
1 TCP 192.168.100.22:58998 <-> 192.168.100.50:6556 [proto: 138/CHECKMK][cat: DataTransfer/4][49 pkts/3242 bytes <-> 49 pkts/17000 bytes][Goodput ratio: 0/81][0.04 sec][bytes ratio: -0.680 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1/0 4/4 1/1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 66/347 74/4162 1/758][PLAIN TEXT (k@Version)]
1 TCP 192.168.100.22:58998 <-> 192.168.100.50:6556 [proto: 138/CHECKMK][cat: DataTransfer/4][49 pkts/3242 bytes <-> 49 pkts/17000 bytes][Goodput ratio: 0/81][0.04 sec][bytes ratio: -0.680 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1/0 4/4 1/1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 66/347 74/4162 1/758][PLAIN TEXT (k@Version)][Plen Bins: 71,0,4,0,0,4,0,2,2,0,0,0,2,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,2,0,0,0,0,0,6]

32
tests/result/coap_mqtt.pcap.out
View file

@ -2,19 +2,19 @@ COAP 19 1614 8
Dropbox 800 80676 4
MQTT 7695 668291 4
1 TCP 192.168.56.1:53528 <-> 192.168.56.101:17501 [proto: 222/MQTT][cat: RPC/16][924 pkts/77180 bytes <-> 1004 pkts/90329 bytes][Goodput ratio: 33/40][19.84 sec][bytes ratio: -0.078 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 22/20 4242/4438 157/156][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 84/90 118/140 27/41][PLAIN TEXT (17Info)]
2 TCP 192.168.56.1:53523 <-> 192.168.56.101:17501 [proto: 222/MQTT][cat: RPC/16][918 pkts/76692 bytes <-> 1008 pkts/90434 bytes][Goodput ratio: 33/40][28.52 sec][bytes ratio: -0.082 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 34/31 12952/13150 480/460][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 84/90 118/140 27/41][PLAIN TEXT (messageType)]
3 TCP 192.168.56.1:53522 <-> 192.168.56.101:17501 [proto: 222/MQTT][cat: RPC/16][921 pkts/76872 bytes <-> 1001 pkts/90056 bytes][Goodput ratio: 33/40][42.88 sec][bytes ratio: -0.079 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 53/48 27310/27505 1011/967][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 83/90 118/140 27/41][PLAIN TEXT (messageType)]
4 TCP 192.168.56.101:17501 <-> 192.168.56.1:53524 [proto: 222/MQTT][cat: RPC/16][1005 pkts/90274 bytes <-> 914 pkts/76454 bytes][Goodput ratio: 40/33][15.37 sec][bytes ratio: 0.083 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 15/16 73/204 16/17][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 90/84 140/118 41/27][PLAIN TEXT (messageType)]
5 UDP 192.168.56.1:50318 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13960 bytes <-> 100 pkts/6260 bytes][Goodput ratio: 70/33][11.19 sec][bytes ratio: 0.381 (Upload)][IAT c2s/s2c min/avg/max/stddev: 103/103 113/112 150/151 11/11][Pkt Len c2s/s2c min/avg/max/stddev: 136/59 140/63 143/66 2/2][PLAIN TEXT (messageType)]
6 UDP 192.168.56.1:50312 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13947 bytes <-> 100 pkts/6247 bytes][Goodput ratio: 70/33][11.09 sec][bytes ratio: 0.381 (Upload)][IAT c2s/s2c min/avg/max/stddev: 103/103 111/111 154/150 10/9][Pkt Len c2s/s2c min/avg/max/stddev: 136/59 139/62 143/66 2/2][PLAIN TEXT (messageType)]
7 UDP 192.168.56.1:50319 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13921 bytes <-> 100 pkts/6221 bytes][Goodput ratio: 70/32][10.92 sec][bytes ratio: 0.382 (Upload)][IAT c2s/s2c min/avg/max/stddev: 103/103 110/110 172/164 11/11][Pkt Len c2s/s2c min/avg/max/stddev: 136/59 139/62 143/66 2/2][PLAIN TEXT (messageType)]
8 UDP 192.168.56.1:50311 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13910 bytes <-> 100 pkts/6210 bytes][Goodput ratio: 70/32][11.20 sec][bytes ratio: 0.383 (Upload)][IAT c2s/s2c min/avg/max/stddev: 103/103 112/113 151/147 10/9][Pkt Len c2s/s2c min/avg/max/stddev: 136/59 139/62 143/66 2/2][PLAIN TEXT (messageType)]
9 UDP [bbbb::1]:46819 <-> [bbbb::3]:5683 [proto: 27/COAP][cat: RPC/16][3 pkts/262 bytes <-> 3 pkts/205 bytes][Goodput ratio: 29/9][87.03 sec][bytes ratio: 0.122 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 16604/16599 43490/43489 70376/70379 26886/26890][Pkt Len c2s/s2c min/avg/max/stddev: 85/66 87/68 92/73 3/3][PLAIN TEXT (storage)]
10 UDP [bbbb::1]:33499 <-> [bbbb::3]:5683 [proto: 27/COAP][cat: RPC/16][2 pkts/147 bytes <-> 2 pkts/257 bytes][Goodput ratio: 16/52][1.15 sec][PLAIN TEXT (separate)]
11 UDP [bbbb::1]:50250 <-> [bbbb::3]:5683 [proto: 27/COAP][cat: RPC/16][2 pkts/158 bytes <-> 2 pkts/151 bytes][Goodput ratio: 21/18][8.41 sec][PLAIN TEXT (storage)]
12 UDP [2001:da8:215:1171:a10b:cb48:8f83:57f6]:61047 -> [2001:620:8:35d9::10]:5683 [proto: 27/COAP][cat: RPC/16][1 pkts/90 bytes -> 0 pkts/0 bytes][Goodput ratio: 31/0][< 1 sec]
13 UDP [2001:da8:215:1171:a10b:cb48:8f83:57f6]:61043 -> [2001:620:8:35d9::10]:5683 [proto: 27/COAP][cat: RPC/16][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 28/0][< 1 sec]
14 UDP [2001:da8:215:1171:a10b:cb48:8f83:57f6]:61044 -> [2001:620:8:35d9::10]:5683 [proto: 27/COAP][cat: RPC/16][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 28/0][< 1 sec]
15 UDP [2001:da8:215:1171:a10b:cb48:8f83:57f6]:61045 -> [2001:620:8:35d9::10]:5683 [proto: 27/COAP][cat: RPC/16][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 28/0][< 1 sec]
16 UDP [2001:da8:215:1171:a10b:cb48:8f83:57f6]:61046 -> [2001:620:8:35d9::10]:5683 [proto: 27/COAP][cat: RPC/16][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 28/0][< 1 sec]
1 TCP 192.168.56.1:53528 <-> 192.168.56.101:17501 [proto: 222/MQTT][cat: RPC/16][924 pkts/77180 bytes <-> 1004 pkts/90329 bytes][Goodput ratio: 33/40][19.84 sec][bytes ratio: -0.078 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 22/20 4242/4438 157/156][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 84/90 118/140 27/41][PLAIN TEXT (17Info)][Plen Bins: 50,24,24,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 TCP 192.168.56.1:53523 <-> 192.168.56.101:17501 [proto: 222/MQTT][cat: RPC/16][918 pkts/76692 bytes <-> 1008 pkts/90434 bytes][Goodput ratio: 33/40][28.52 sec][bytes ratio: -0.082 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 34/31 12952/13150 480/460][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 84/90 118/140 27/41][PLAIN TEXT (messageType)][Plen Bins: 50,24,24,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 TCP 192.168.56.1:53522 <-> 192.168.56.101:17501 [proto: 222/MQTT][cat: RPC/16][921 pkts/76872 bytes <-> 1001 pkts/90056 bytes][Goodput ratio: 33/40][42.88 sec][bytes ratio: -0.079 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 53/48 27310/27505 1011/967][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 83/90 118/140 27/41][PLAIN TEXT (messageType)][Plen Bins: 50,24,24,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 TCP 192.168.56.101:17501 <-> 192.168.56.1:53524 [proto: 222/MQTT][cat: RPC/16][1005 pkts/90274 bytes <-> 914 pkts/76454 bytes][Goodput ratio: 40/33][15.37 sec][bytes ratio: 0.083 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 15/16 73/204 16/17][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 90/84 140/118 41/27][PLAIN TEXT (messageType)][Plen Bins: 49,24,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 UDP 192.168.56.1:50318 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13960 bytes <-> 100 pkts/6260 bytes][Goodput ratio: 70/33][11.19 sec][bytes ratio: 0.381 (Upload)][IAT c2s/s2c min/avg/max/stddev: 103/103 113/112 150/151 11/11][Pkt Len c2s/s2c min/avg/max/stddev: 136/59 140/63 143/66 2/2][PLAIN TEXT (messageType)][Plen Bins: 50,0,13,36,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
6 UDP 192.168.56.1:50312 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13947 bytes <-> 100 pkts/6247 bytes][Goodput ratio: 70/33][11.09 sec][bytes ratio: 0.381 (Upload)][IAT c2s/s2c min/avg/max/stddev: 103/103 111/111 154/150 10/9][Pkt Len c2s/s2c min/avg/max/stddev: 136/59 139/62 143/66 2/2][PLAIN TEXT (messageType)][Plen Bins: 50,0,11,38,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
7 UDP 192.168.56.1:50319 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13921 bytes <-> 100 pkts/6221 bytes][Goodput ratio: 70/32][10.92 sec][bytes ratio: 0.382 (Upload)][IAT c2s/s2c min/avg/max/stddev: 103/103 110/110 172/164 11/11][Pkt Len c2s/s2c min/avg/max/stddev: 136/59 139/62 143/66 2/2][PLAIN TEXT (messageType)][Plen Bins: 50,0,15,35,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
8 UDP 192.168.56.1:50311 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13910 bytes <-> 100 pkts/6210 bytes][Goodput ratio: 70/32][11.20 sec][bytes ratio: 0.383 (Upload)][IAT c2s/s2c min/avg/max/stddev: 103/103 112/113 151/147 10/9][Pkt Len c2s/s2c min/avg/max/stddev: 136/59 139/62 143/66 2/2][PLAIN TEXT (messageType)][Plen Bins: 50,0,16,34,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
9 UDP [bbbb::1]:46819 <-> [bbbb::3]:5683 [proto: 27/COAP][cat: RPC/16][3 pkts/262 bytes <-> 3 pkts/205 bytes][Goodput ratio: 29/9][87.03 sec][bytes ratio: 0.122 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 16604/16599 43490/43489 70376/70379 26886/26890][Pkt Len c2s/s2c min/avg/max/stddev: 85/66 87/68 92/73 3/3][PLAIN TEXT (storage)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
10 UDP [bbbb::1]:33499 <-> [bbbb::3]:5683 [proto: 27/COAP][cat: RPC/16][2 pkts/147 bytes <-> 2 pkts/257 bytes][Goodput ratio: 16/52][1.15 sec][PLAIN TEXT (separate)][Plen Bins: 75,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
11 UDP [bbbb::1]:50250 <-> [bbbb::3]:5683 [proto: 27/COAP][cat: RPC/16][2 pkts/158 bytes <-> 2 pkts/151 bytes][Goodput ratio: 21/18][8.41 sec][PLAIN TEXT (storage)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
12 UDP [2001:da8:215:1171:a10b:cb48:8f83:57f6]:61047 -> [2001:620:8:35d9::10]:5683 [proto: 27/COAP][cat: RPC/16][1 pkts/90 bytes -> 0 pkts/0 bytes][Goodput ratio: 31/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
13 UDP [2001:da8:215:1171:a10b:cb48:8f83:57f6]:61043 -> [2001:620:8:35d9::10]:5683 [proto: 27/COAP][cat: RPC/16][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 28/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
14 UDP [2001:da8:215:1171:a10b:cb48:8f83:57f6]:61044 -> [2001:620:8:35d9::10]:5683 [proto: 27/COAP][cat: RPC/16][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 28/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
15 UDP [2001:da8:215:1171:a10b:cb48:8f83:57f6]:61045 -> [2001:620:8:35d9::10]:5683 [proto: 27/COAP][cat: RPC/16][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 28/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
16 UDP [2001:da8:215:1171:a10b:cb48:8f83:57f6]:61046 -> [2001:620:8:35d9::10]:5683 [proto: 27/COAP][cat: RPC/16][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 28/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

2
tests/result/diameter.pcap.out
View file

@ -1,3 +1,3 @@
Diameter 6 1980 1
1 TCP 10.201.9.245:50957 <-> 10.201.9.11:3868 [proto: 237/Diameter][cat: Network/14][3 pkts/1174 bytes <-> 3 pkts/806 bytes][Goodput ratio: 86/80][0.09 sec][bytes ratio: 0.186 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 13/12 39/32 65/51 26/20][Pkt Len c2s/s2c min/avg/max/stddev: 362/226 391/269 414/290 22/30][PLAIN TEXT (1263278878147)]
1 TCP 10.201.9.245:50957 <-> 10.201.9.11:3868 [proto: 237/Diameter][cat: Network/14][3 pkts/1174 bytes <-> 3 pkts/806 bytes][Goodput ratio: 86/80][0.09 sec][bytes ratio: 0.186 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 13/12 39/32 65/51 26/20][Pkt Len c2s/s2c min/avg/max/stddev: 362/226 391/269 414/290 22/30][PLAIN TEXT (1263278878147)][Plen Bins: 0,0,0,0,0,16,0,33,0,16,16,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

16
tests/result/dnp3.pcap.out
View file

@ -1,11 +1,11 @@
SOCKS 135 9351 1
DNP3 408 29403 7
1 TCP 10.0.0.8:2828 <-> 10.0.0.3:20000 [proto: 244/DNP3][cat: Network/14][60 pkts/4041 bytes <-> 78 pkts/7164 bytes][Goodput ratio: 17/38][121.83 sec][bytes ratio: -0.279 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 421/302 13044/8439 1926/1115][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 67/92 79/145 5/37]
2 TCP 10.0.0.9:1080 <-> 10.0.0.3:20000 [proto: 172/SOCKS][cat: Web/5][72 pkts/4659 bytes <-> 63 pkts/4692 bytes][Goodput ratio: 10/27][384.60 sec][bytes ratio: -0.004 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 4732/3049 75028/40127 13787/9968][Pkt Len c2s/s2c min/avg/max/stddev: 60/62 65/74 81/147 7/16]
3 TCP 10.0.0.8:1086 <-> 10.0.0.3:20000 [proto: 244/DNP3][cat: Network/14][57 pkts/3891 bytes <-> 36 pkts/2760 bytes][Goodput ratio: 17/28][70.37 sec][bytes ratio: 0.170 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1467/2686 45001/45233 7093/9611][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 68/77 81/147 8/22]
4 TCP 10.0.0.8:2789 <-> 10.0.0.3:20000 [proto: 244/DNP3][cat: Network/14][24 pkts/1584 bytes <-> 15 pkts/1005 bytes][Goodput ratio: 12/15][123.54 sec][bytes ratio: 0.224 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 162/2 2891/21 628/7][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 66/67 79/71 8/5]
5 TCP 10.0.0.8:2803 <-> 10.0.0.3:20000 [proto: 244/DNP3][cat: Network/14][21 pkts/1374 bytes <-> 18 pkts/1119 bytes][Goodput ratio: 10/5][25.63 sec][bytes ratio: 0.102 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1205/2488 17203/17487 4073/5519][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 65/62 78/71 8/4]
6 TCP 10.0.0.9:1084 <-> 10.0.0.3:20000 [proto: 244/DNP3][cat: Network/14][21 pkts/1374 bytes <-> 18 pkts/1119 bytes][Goodput ratio: 10/5][7.81 sec][bytes ratio: 0.102 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 343/630 3672/3963 975/1293][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 65/62 78/71 8/4]
7 TCP 10.0.0.8:1184 <-> 10.0.0.3:20000 [proto: 244/DNP3][cat: Network/14][21 pkts/1374 bytes <-> 12 pkts/825 bytes][Goodput ratio: 10/19][12.41 sec][bytes ratio: 0.250 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 698/1757 9226/9487 2220/3302][Pkt Len c2s/s2c min/avg/max/stddev: 60/62 65/69 78/71 8/4]
8 TCP 10.0.0.8:1159 <-> 10.0.0.3:20000 [proto: 244/DNP3][cat: Network/14][15 pkts/1014 bytes <-> 12 pkts/759 bytes][Goodput ratio: 14/7][12.40 sec][bytes ratio: 0.144 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 246/1770 2946/9113 814/3204][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 68/63 78/71 9/5]
1 TCP 10.0.0.8:2828 <-> 10.0.0.3:20000 [proto: 244/DNP3][cat: Network/14][60 pkts/4041 bytes <-> 78 pkts/7164 bytes][Goodput ratio: 17/38][121.83 sec][bytes ratio: -0.279 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 421/302 13044/8439 1926/1115][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 67/92 79/145 5/37][Plen Bins: 64,3,32,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 TCP 10.0.0.9:1080 <-> 10.0.0.3:20000 [proto: 172/SOCKS][cat: Web/5][72 pkts/4659 bytes <-> 63 pkts/4692 bytes][Goodput ratio: 10/27][384.60 sec][bytes ratio: -0.004 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 4732/3049 75028/40127 13787/9968][Pkt Len c2s/s2c min/avg/max/stddev: 60/62 65/74 81/147 7/16][Plen Bins: 96,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 TCP 10.0.0.8:1086 <-> 10.0.0.3:20000 [proto: 244/DNP3][cat: Network/14][57 pkts/3891 bytes <-> 36 pkts/2760 bytes][Goodput ratio: 17/28][70.37 sec][bytes ratio: 0.170 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1467/2686 45001/45233 7093/9611][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 68/77 81/147 8/22][Plen Bins: 95,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 TCP 10.0.0.8:2789 <-> 10.0.0.3:20000 [proto: 244/DNP3][cat: Network/14][24 pkts/1584 bytes <-> 15 pkts/1005 bytes][Goodput ratio: 12/15][123.54 sec][bytes ratio: 0.224 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 162/2 2891/21 628/7][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 66/67 79/71 8/5][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 TCP 10.0.0.8:2803 <-> 10.0.0.3:20000 [proto: 244/DNP3][cat: Network/14][21 pkts/1374 bytes <-> 18 pkts/1119 bytes][Goodput ratio: 10/5][25.63 sec][bytes ratio: 0.102 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1205/2488 17203/17487 4073/5519][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 65/62 78/71 8/4][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
6 TCP 10.0.0.9:1084 <-> 10.0.0.3:20000 [proto: 244/DNP3][cat: Network/14][21 pkts/1374 bytes <-> 18 pkts/1119 bytes][Goodput ratio: 10/5][7.81 sec][bytes ratio: 0.102 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 343/630 3672/3963 975/1293][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 65/62 78/71 8/4][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
7 TCP 10.0.0.8:1184 <-> 10.0.0.3:20000 [proto: 244/DNP3][cat: Network/14][21 pkts/1374 bytes <-> 12 pkts/825 bytes][Goodput ratio: 10/19][12.41 sec][bytes ratio: 0.250 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 698/1757 9226/9487 2220/3302][Pkt Len c2s/s2c min/avg/max/stddev: 60/62 65/69 78/71 8/4][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
8 TCP 10.0.0.8:1159 <-> 10.0.0.3:20000 [proto: 244/DNP3][cat: Network/14][15 pkts/1014 bytes <-> 12 pkts/759 bytes][Goodput ratio: 14/7][12.40 sec][bytes ratio: 0.144 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 246/1770 2946/9113 814/3204][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 68/63 78/71 9/5][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

2
tests/result/dns_doh.pcap.out
View file

@ -5,4 +5,4 @@ JA3 Host Stats:
1 172.20.10.4 1
1 TCP 172.20.10.4:49877 <-> 104.16.248.249:443 [proto: 91.196/TLS.DoH_DoT][cat: Network/14][86 pkts/8460 bytes <-> 56 pkts/11902 bytes][Goodput ratio: 45/74][3.24 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.169 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 26/31 535/580 86/115][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 98/213 571/1354 69/257][TLSv1.3][Client: mozilla.cloudflare-dns.com][JA3C: f6ce47303dce394049af395fc6d0bc20][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Cipher: TLS_AES_128_GCM_SHA256]
1 TCP 172.20.10.4:49877 <-> 104.16.248.249:443 [proto: 91.196/TLS.DoH_DoT][cat: Network/14][86 pkts/8460 bytes <-> 56 pkts/11902 bytes][Goodput ratio: 45/74][3.24 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.169 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 26/31 535/580 86/115][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 98/213 571/1354 69/257][TLSv1.3][Client: mozilla.cloudflare-dns.com][JA3C: f6ce47303dce394049af395fc6d0bc20][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 23,21,20,2,1,1,13,3,0,0,7,0,0,0,1,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0]

2
tests/result/dns_dot.pcap.out
View file

@ -5,4 +5,4 @@ JA3 Host Stats:
1 192.168.1.185 1
1 TCP 192.168.1.185:58290 <-> 8.8.8.8:853 [proto: 91.196/TLS.DoH_DoT][cat: Network/14][14 pkts/1480 bytes <-> 10 pkts/4389 bytes][Goodput ratio: 37/85][3.01 sec][bytes ratio: -0.496 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 270/182 1596/1192 531/413][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 106/439 264/3135 53/903][Risk: ** Known protocol on non standard port **** TLS Certificate Mismatch **** TLS (probably) not carrying HTTPS **][TLSv1.2][JA3C: 4fe4099926d0acdc9b2fe4b02013659f][ServerNames: dns.google,*.dns.google.com,8888.google,dns.google.com,dns64.dns.google][JA3S: 2b341b88c742e940cfb485ce7d93dde7][Issuer: C=US, O=Google Trust Services, CN=GTS CA 1O1][Subject: C=US, ST=California, L=Mountain View, O=Google LLC, CN=dns.google][Certificate SHA-1: BE:73:46:2A:2E:FB:A9:E9:42:D0:71:10:1B:8C:BF:44:6A:5D:AD:53][Validity: 2019-10-10 20:58:42 - 2020-01-02 20:58:42][Cipher: TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256]
1 TCP 192.168.1.185:58290 <-> 8.8.8.8:853 [proto: 91.196/TLS.DoH_DoT][cat: Network/14][14 pkts/1480 bytes <-> 10 pkts/4389 bytes][Goodput ratio: 37/85][3.01 sec][bytes ratio: -0.496 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 270/182 1596/1192 531/413][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 106/439 264/3135 53/903][Risk: ** Known protocol on non standard port **** TLS Certificate Mismatch **** TLS (probably) not carrying HTTPS **][TLSv1.2][JA3C: 4fe4099926d0acdc9b2fe4b02013659f][ServerNames: dns.google,*.dns.google.com,8888.google,dns.google.com,dns64.dns.google][JA3S: 2b341b88c742e940cfb485ce7d93dde7][Issuer: C=US, O=Google Trust Services, CN=GTS CA 1O1][Subject: C=US, ST=California, L=Mountain View, O=Google LLC, CN=dns.google][Certificate SHA-1: BE:73:46:2A:2E:FB:A9:E9:42:D0:71:10:1B:8C:BF:44:6A:5D:AD:53][Validity: 2019-10-10 20:58:42 - 2020-01-02 20:58:42][Cipher: TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256][Plen Bins: 23,7,23,15,0,7,7,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7]

2
tests/result/dns_exfiltration.pcap.out
View file

@ -1,3 +1,3 @@
DNS 300 73545 1
1 UDP 192.168.220.56:56373 <-> 192.168.203.167:53 [proto: 5/DNS][cat: Network/14][150 pkts/32419 bytes <-> 150 pkts/41126 bytes][Goodput ratio: 81/85][59.99 sec][Host: dnscat.546b03f50000000000a6023ed4df184d6ac5c2628b47714fdee584fed739.5a03b5b1e1aa8f8fdb1bbe8d5e04952141f7d4f82c7e3b06dcc8b87fad7a.19e4d098dc8c618f8d81cfeb02][::][bytes ratio: -0.118 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/1 398/397 1035/1015 491/489][Pkt Len c2s/s2c min/avg/max/stddev: 101/148 216/274 300/386 97/97][Risk: ** Suspicious DGA domain name **][PLAIN TEXT (dnscat)]
1 UDP 192.168.220.56:56373 <-> 192.168.203.167:53 [proto: 5/DNS][cat: Network/14][150 pkts/32419 bytes <-> 150 pkts/41126 bytes][Goodput ratio: 81/85][59.99 sec][Host: dnscat.546b03f50000000000a6023ed4df184d6ac5c2628b47714fdee584fed739.5a03b5b1e1aa8f8fdb1bbe8d5e04952141f7d4f82c7e3b06dcc8b87fad7a.19e4d098dc8c618f8d81cfeb02][::][bytes ratio: -0.118 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/1 398/397 1035/1015 491/489][Pkt Len c2s/s2c min/avg/max/stddev: 101/148 216/274 300/386 97/97][Risk: ** Suspicious DGA domain name **][PLAIN TEXT (dnscat)][Plen Bins: 0,23,0,22,0,0,0,0,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

8
tests/result/dnscrypt.pcap.out
View file

@ -5,7 +5,7 @@ JA3 Host Stats:
1 192.168.43.167 2
1 TCP 192.168.43.167:50233 <-> 134.119.26.24:443 [proto: 91/TLS][cat: Web/5][18 pkts/1788 bytes <-> 21 pkts/14580 bytes][Goodput ratio: 45/92][0.71 sec][ALPN: h2;http/1.1][bytes ratio: -0.782 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 36/20 114/119 43/34][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 99/694 272/1364 68/594][TLSv1.2][Client: simplednscrypt.org][JA3C: b8f81673c0e1d29908346f3bab892b9b][ServerNames: simplednscrypt.org,www.simplednscrypt.org][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA][Subject: OU=Domain Control Validated, OU=PositiveSSL, CN=simplednscrypt.org][Certificate SHA-1: 3E:20:0F:BF:AD:D8:5C:A1:A1:1B:E5:B2:A7:D4:68:E2:6A:DB:01:41][Validity: 2015-09-21 00:00:00 - 2017-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
2 TCP 192.168.43.167:50259 <-> 134.119.26.24:443 [proto: 91/TLS][cat: Web/5][18 pkts/1988 bytes <-> 18 pkts/9290 bytes][Goodput ratio: 50/89][0.52 sec][ALPN: h2;http/1.1][bytes ratio: -0.647 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 25/25 105/106 34/35][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 110/516 334/1364 76/542][TLSv1.2][Client: simplednscrypt.org][JA3C: 83e04bc58d402f9633983cbf22724b02][ServerNames: simplednscrypt.org,www.simplednscrypt.org][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA][Subject: OU=Domain Control Validated, OU=PositiveSSL, CN=simplednscrypt.org][Certificate SHA-1: 3E:20:0F:BF:AD:D8:5C:A1:A1:1B:E5:B2:A7:D4:68:E2:6A:DB:01:41][Validity: 2015-09-21 00:00:00 - 2017-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
3 TCP 192.168.43.167:50253 <-> 134.119.26.24:443 [proto: 91/TLS][cat: Web/5][8 pkts/780 bytes <-> 10 pkts/7735 bytes][Goodput ratio: 43/93][0.44 sec][ALPN: h2;http/1.1][bytes ratio: -0.817 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 72/32 188/124 74/51][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 98/774 264/1364 75/597][TLSv1.2][Client: simplednscrypt.org][JA3C: 83e04bc58d402f9633983cbf22724b02][ServerNames: simplednscrypt.org,www.simplednscrypt.org][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA][Subject: OU=Domain Control Validated, OU=PositiveSSL, CN=simplednscrypt.org][Certificate SHA-1: 3E:20:0F:BF:AD:D8:5C:A1:A1:1B:E5:B2:A7:D4:68:E2:6A:DB:01:41][Validity: 2015-09-21 00:00:00 - 2017-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
4 TCP 192.168.43.167:50258 <-> 134.119.26.24:443 [proto: 91/TLS][cat: Web/5][8 pkts/780 bytes <-> 10 pkts/7735 bytes][Goodput ratio: 43/93][0.36 sec][ALPN: h2;http/1.1][bytes ratio: -0.817 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 60/32 136/140 59/53][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 98/774 264/1364 75/597][TLSv1.2][Client: simplednscrypt.org][JA3C: 83e04bc58d402f9633983cbf22724b02][ServerNames: simplednscrypt.org,www.simplednscrypt.org][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA][Subject: OU=Domain Control Validated, OU=PositiveSSL, CN=simplednscrypt.org][Certificate SHA-1: 3E:20:0F:BF:AD:D8:5C:A1:A1:1B:E5:B2:A7:D4:68:E2:6A:DB:01:41][Validity: 2015-09-21 00:00:00 - 2017-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
1 TCP 192.168.43.167:50233 <-> 134.119.26.24:443 [proto: 91/TLS][cat: Web/5][18 pkts/1788 bytes <-> 21 pkts/14580 bytes][Goodput ratio: 45/92][0.71 sec][ALPN: h2;http/1.1][bytes ratio: -0.782 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 36/20 114/119 43/34][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 99/694 272/1364 68/594][TLSv1.2][Client: simplednscrypt.org][JA3C: b8f81673c0e1d29908346f3bab892b9b][ServerNames: simplednscrypt.org,www.simplednscrypt.org][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA][Subject: OU=Domain Control Validated, OU=PositiveSSL, CN=simplednscrypt.org][Certificate SHA-1: 3E:20:0F:BF:AD:D8:5C:A1:A1:1B:E5:B2:A7:D4:68:E2:6A:DB:01:41][Validity: 2015-09-21 00:00:00 - 2017-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,25,8,4,0,0,8,0,4,4,0,4,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,33,0,0,0,0,0,0]
2 TCP 192.168.43.167:50259 <-> 134.119.26.24:443 [proto: 91/TLS][cat: Web/5][18 pkts/1988 bytes <-> 18 pkts/9290 bytes][Goodput ratio: 50/89][0.52 sec][ALPN: h2;http/1.1][bytes ratio: -0.647 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 25/25 105/106 34/35][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 110/516 334/1364 76/542][TLSv1.2][Client: simplednscrypt.org][JA3C: 83e04bc58d402f9633983cbf22724b02][ServerNames: simplednscrypt.org,www.simplednscrypt.org][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA][Subject: OU=Domain Control Validated, OU=PositiveSSL, CN=simplednscrypt.org][Certificate SHA-1: 3E:20:0F:BF:AD:D8:5C:A1:A1:1B:E5:B2:A7:D4:68:E2:6A:DB:01:41][Validity: 2015-09-21 00:00:00 - 2017-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,27,13,4,0,0,4,0,9,4,0,13,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,22,0,0,0,0,0,0]
3 TCP 192.168.43.167:50253 <-> 134.119.26.24:443 [proto: 91/TLS][cat: Web/5][8 pkts/780 bytes <-> 10 pkts/7735 bytes][Goodput ratio: 43/93][0.44 sec][ALPN: h2;http/1.1][bytes ratio: -0.817 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 72/32 188/124 74/51][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 98/774 264/1364 75/597][TLSv1.2][Client: simplednscrypt.org][JA3C: 83e04bc58d402f9633983cbf22724b02][ServerNames: simplednscrypt.org,www.simplednscrypt.org][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA][Subject: OU=Domain Control Validated, OU=PositiveSSL, CN=simplednscrypt.org][Certificate SHA-1: 3E:20:0F:BF:AD:D8:5C:A1:A1:1B:E5:B2:A7:D4:68:E2:6A:DB:01:41][Validity: 2015-09-21 00:00:00 - 2017-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,10,10,0,0,10,0,10,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0]
4 TCP 192.168.43.167:50258 <-> 134.119.26.24:443 [proto: 91/TLS][cat: Web/5][8 pkts/780 bytes <-> 10 pkts/7735 bytes][Goodput ratio: 43/93][0.36 sec][ALPN: h2;http/1.1][bytes ratio: -0.817 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 60/32 136/140 59/53][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 98/774 264/1364 75/597][TLSv1.2][Client: simplednscrypt.org][JA3C: 83e04bc58d402f9633983cbf22724b02][ServerNames: simplednscrypt.org,www.simplednscrypt.org][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA][Subject: OU=Domain Control Validated, OU=PositiveSSL, CN=simplednscrypt.org][Certificate SHA-1: 3E:20:0F:BF:AD:D8:5C:A1:A1:1B:E5:B2:A7:D4:68:E2:6A:DB:01:41][Validity: 2015-09-21 00:00:00 - 2017-09-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,10,10,0,0,10,0,10,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0]

8
tests/result/dos_win98_smb_netbeui.pcap.out
View file

@ -2,7 +2,7 @@ NetBIOS 46 5060 2
SMBv1 15 3447 1
ICMP 1 60 1
1 UDP 192.168.239.129:137 -> 192.168.239.255:137 [proto: 10/NetBIOS][cat: System/18][32 pkts/3520 bytes -> 0 pkts/0 bytes][Goodput ratio: 62/0][131.29 sec][Host: mdjr98][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1218/0 22000/0 4015/0][Pkt Len c2s/s2c min/avg/max/stddev: 110/0 110/0 110/0 0/0][PLAIN TEXT ( ENEEEKFCDJ)]
2 UDP 192.168.239.129:138 -> 192.168.239.255:138 [proto: 10.16/NetBIOS.SMBv1][cat: System/18][15 pkts/3447 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][115.76 sec][Host: mdjr98][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 8826/0 43984/0 11228/0][Pkt Len c2s/s2c min/avg/max/stddev: 219/0 230/0 249/0 10/0][PLAIN TEXT ( ENEEEKFCDJ)]
3 UDP 192.168.239.129:137 -> 192.168.239.2:137 [proto: 10/NetBIOS][cat: System/18][14 pkts/1540 bytes -> 0 pkts/0 bytes][Goodput ratio: 62/0][130.51 sec][Host: mdjr98][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 10750/0 98690/0 27314/0][Pkt Len c2s/s2c min/avg/max/stddev: 110/0 110/0 110/0 0/0][PLAIN TEXT ( ENEEEKFCDJ)]
4 ICMP 192.168.239.129:0 -> 224.0.0.2:0 [proto: 81/ICMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
1 UDP 192.168.239.129:137 -> 192.168.239.255:137 [proto: 10/NetBIOS][cat: System/18][32 pkts/3520 bytes -> 0 pkts/0 bytes][Goodput ratio: 62/0][131.29 sec][Host: mdjr98][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1218/0 22000/0 4015/0][Pkt Len c2s/s2c min/avg/max/stddev: 110/0 110/0 110/0 0/0][PLAIN TEXT ( ENEEEKFCDJ)][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 UDP 192.168.239.129:138 -> 192.168.239.255:138 [proto: 10.16/NetBIOS.SMBv1][cat: System/18][15 pkts/3447 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][115.76 sec][Host: mdjr98][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 8826/0 43984/0 11228/0][Pkt Len c2s/s2c min/avg/max/stddev: 219/0 230/0 249/0 10/0][PLAIN TEXT ( ENEEEKFCDJ)][Plen Bins: 0,0,0,0,0,73,26,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 UDP 192.168.239.129:137 -> 192.168.239.2:137 [proto: 10/NetBIOS][cat: System/18][14 pkts/1540 bytes -> 0 pkts/0 bytes][Goodput ratio: 62/0][130.51 sec][Host: mdjr98][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 10750/0 98690/0 27314/0][Pkt Len c2s/s2c min/avg/max/stddev: 110/0 110/0 110/0 0/0][PLAIN TEXT ( ENEEEKFCDJ)][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 ICMP 192.168.239.129:0 -> 224.0.0.2:0 [proto: 81/ICMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

2
tests/result/drda_db2.pcap.out
View file

@ -1,3 +1,3 @@
DRDA 38 6691 1
1 TCP 192.168.106.1:4847 <-> 192.168.106.128:50000 [proto: 227/DRDA][cat: Database/11][20 pkts/3169 bytes <-> 18 pkts/3522 bytes][Goodput ratio: 66/72][38.46 sec][bytes ratio: -0.053 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/0 2371/2905 17828/17986 5833/6422][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 158/196 717/684 169/193][PLAIN TEXT (@@@@@@@@@@@)]
1 TCP 192.168.106.1:4847 <-> 192.168.106.128:50000 [proto: 227/DRDA][cat: Database/11][20 pkts/3169 bytes <-> 18 pkts/3522 bytes][Goodput ratio: 66/72][38.46 sec][bytes ratio: -0.053 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/0 2371/2905 17828/17986 5833/6422][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 158/196 717/684 169/193][PLAIN TEXT (@@@@@@@@@@@)][Plen Bins: 25,20,4,4,0,4,0,8,8,0,4,0,8,0,4,0,0,0,0,4,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

30
tests/result/dropbox.pcap.out
View file

@ -1,17 +1,17 @@
Dropbox 848 90532 15
1 UDP 192.168.56.1:50318 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13960 bytes <-> 100 pkts/6260 bytes][Goodput ratio: 70/33][11.19 sec][bytes ratio: 0.381 (Upload)][IAT c2s/s2c min/avg/max/stddev: 103/103 113/112 150/151 11/11][Pkt Len c2s/s2c min/avg/max/stddev: 136/59 140/63 143/66 2/2][PLAIN TEXT (messageType)]
2 UDP 192.168.56.1:50312 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13947 bytes <-> 100 pkts/6247 bytes][Goodput ratio: 70/33][11.09 sec][bytes ratio: 0.381 (Upload)][IAT c2s/s2c min/avg/max/stddev: 103/103 111/111 154/150 10/9][Pkt Len c2s/s2c min/avg/max/stddev: 136/59 139/62 143/66 2/2][PLAIN TEXT (messageType)]
3 UDP 192.168.56.1:50319 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13921 bytes <-> 100 pkts/6221 bytes][Goodput ratio: 70/32][10.92 sec][bytes ratio: 0.382 (Upload)][IAT c2s/s2c min/avg/max/stddev: 103/103 110/110 172/164 11/11][Pkt Len c2s/s2c min/avg/max/stddev: 136/59 139/62 143/66 2/2][PLAIN TEXT (messageType)]
4 UDP 192.168.56.1:50311 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13910 bytes <-> 100 pkts/6210 bytes][Goodput ratio: 70/32][11.20 sec][bytes ratio: 0.383 (Upload)][IAT c2s/s2c min/avg/max/stddev: 103/103 112/113 151/147 10/9][Pkt Len c2s/s2c min/avg/max/stddev: 136/59 139/62 143/66 2/2][PLAIN TEXT (messageType)]
5 UDP 192.168.1.105:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][6 pkts/1422 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][13.11 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2621/0 13107/0 5243/0][Pkt Len c2s/s2c min/avg/max/stddev: 237/0 237/0 237/0 0/0][PLAIN TEXT ( 274363570036934823360341409051)]
6 UDP 192.168.1.105:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][6 pkts/1422 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][13.11 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2621/0 13107/0 5243/0][Pkt Len c2s/s2c min/avg/max/stddev: 237/0 237/0 237/0 0/0][PLAIN TEXT ( 274363570036934823360341409051)]
7 UDP 192.168.1.105:36173 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][4 pkts/312 bytes <-> 4 pkts/1078 bytes][Goodput ratio: 46/84][0.04 sec][Host: log.getdropbox.com][::][bytes ratio: -0.551 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/0 0/0 0/0][Pkt Len c2s/s2c min/avg/max/stddev: 78/194 78/270 78/345 0/76][PLAIN TEXT (getdropbox)]
8 UDP 192.168.1.105:55407 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/156 bytes <-> 2 pkts/666 bytes][Goodput ratio: 46/87][0.12 sec][Host: client.dropbox.com][108.160.172.204][PLAIN TEXT (client)]
9 UDP 192.168.1.105:50789 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/146 bytes <-> 2 pkts/646 bytes][Goodput ratio: 42/87][0.17 sec][Host: d.dropbox.com][108.160.172.225][PLAIN TEXT (dropbox)]
10 UDP 192.168.1.105:49112 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/162 bytes <-> 2 pkts/612 bytes][Goodput ratio: 48/86][0.18 sec][Host: client-cf.dropbox.com][54.240.174.31][PLAIN TEXT (client)]
11 UDP 192.168.1.105:33189 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/156 bytes <-> 2 pkts/588 bytes][Goodput ratio: 46/86][0.03 sec][Host: notify.dropbox.com][162.125.17.131][PLAIN TEXT (notify)]
12 UDP 192.168.1.6:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][3 pkts/630 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][60.01 sec][PLAIN TEXT (version)]
13 UDP 192.168.1.6:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][3 pkts/630 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][60.01 sec][PLAIN TEXT (version)]
14 UDP 192.168.1.64:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][3 pkts/615 bytes -> 0 pkts/0 bytes][Goodput ratio: 79/0][31.34 sec][PLAIN TEXT (namespaces)]
15 UDP 192.168.1.64:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][3 pkts/615 bytes -> 0 pkts/0 bytes][Goodput ratio: 79/0][31.34 sec][PLAIN TEXT (namespaces)]
1 UDP 192.168.56.1:50318 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13960 bytes <-> 100 pkts/6260 bytes][Goodput ratio: 70/33][11.19 sec][bytes ratio: 0.381 (Upload)][IAT c2s/s2c min/avg/max/stddev: 103/103 113/112 150/151 11/11][Pkt Len c2s/s2c min/avg/max/stddev: 136/59 140/63 143/66 2/2][PLAIN TEXT (messageType)][Plen Bins: 50,0,13,36,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 UDP 192.168.56.1:50312 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13947 bytes <-> 100 pkts/6247 bytes][Goodput ratio: 70/33][11.09 sec][bytes ratio: 0.381 (Upload)][IAT c2s/s2c min/avg/max/stddev: 103/103 111/111 154/150 10/9][Pkt Len c2s/s2c min/avg/max/stddev: 136/59 139/62 143/66 2/2][PLAIN TEXT (messageType)][Plen Bins: 50,0,11,38,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 UDP 192.168.56.1:50319 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13921 bytes <-> 100 pkts/6221 bytes][Goodput ratio: 70/32][10.92 sec][bytes ratio: 0.382 (Upload)][IAT c2s/s2c min/avg/max/stddev: 103/103 110/110 172/164 11/11][Pkt Len c2s/s2c min/avg/max/stddev: 136/59 139/62 143/66 2/2][PLAIN TEXT (messageType)][Plen Bins: 50,0,15,35,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 UDP 192.168.56.1:50311 <-> 192.168.56.101:17500 [proto: 121/Dropbox][cat: Cloud/13][100 pkts/13910 bytes <-> 100 pkts/6210 bytes][Goodput ratio: 70/32][11.20 sec][bytes ratio: 0.383 (Upload)][IAT c2s/s2c min/avg/max/stddev: 103/103 112/113 151/147 10/9][Pkt Len c2s/s2c min/avg/max/stddev: 136/59 139/62 143/66 2/2][PLAIN TEXT (messageType)][Plen Bins: 50,0,16,34,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 UDP 192.168.1.105:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][6 pkts/1422 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][13.11 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2621/0 13107/0 5243/0][Pkt Len c2s/s2c min/avg/max/stddev: 237/0 237/0 237/0 0/0][PLAIN TEXT ( 274363570036934823360341409051)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
6 UDP 192.168.1.105:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][6 pkts/1422 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][13.11 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2621/0 13107/0 5243/0][Pkt Len c2s/s2c min/avg/max/stddev: 237/0 237/0 237/0 0/0][PLAIN TEXT ( 274363570036934823360341409051)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
7 UDP 192.168.1.105:36173 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][4 pkts/312 bytes <-> 4 pkts/1078 bytes][Goodput ratio: 46/84][0.04 sec][Host: log.getdropbox.com][::][bytes ratio: -0.551 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/0 0/0 0/0][Pkt Len c2s/s2c min/avg/max/stddev: 78/194 78/270 78/345 0/76][PLAIN TEXT (getdropbox)][Plen Bins: 0,50,0,0,25,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
8 UDP 192.168.1.105:55407 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/156 bytes <-> 2 pkts/666 bytes][Goodput ratio: 46/87][0.12 sec][Host: client.dropbox.com][108.160.172.204][PLAIN TEXT (client)][Plen Bins: 0,50,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
9 UDP 192.168.1.105:50789 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/146 bytes <-> 2 pkts/646 bytes][Goodput ratio: 42/87][0.17 sec][Host: d.dropbox.com][108.160.172.225][PLAIN TEXT (dropbox)][Plen Bins: 50,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
10 UDP 192.168.1.105:49112 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/162 bytes <-> 2 pkts/612 bytes][Goodput ratio: 48/86][0.18 sec][Host: client-cf.dropbox.com][54.240.174.31][PLAIN TEXT (client)][Plen Bins: 0,50,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
11 UDP 192.168.1.105:33189 <-> 192.168.1.254:53 [proto: 5.121/DNS.Dropbox][cat: Cloud/13][2 pkts/156 bytes <-> 2 pkts/588 bytes][Goodput ratio: 46/86][0.03 sec][Host: notify.dropbox.com][162.125.17.131][PLAIN TEXT (notify)][Plen Bins: 0,50,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
12 UDP 192.168.1.6:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][3 pkts/630 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][60.01 sec][PLAIN TEXT (version)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
13 UDP 192.168.1.6:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][3 pkts/630 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][60.01 sec][PLAIN TEXT (version)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
14 UDP 192.168.1.64:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][3 pkts/615 bytes -> 0 pkts/0 bytes][Goodput ratio: 79/0][31.34 sec][PLAIN TEXT (namespaces)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
15 UDP 192.168.1.64:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][3 pkts/615 bytes -> 0 pkts/0 bytes][Goodput ratio: 79/0][31.34 sec][PLAIN TEXT (namespaces)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

2
tests/result/dtls.pcap.out
View file

@ -5,4 +5,4 @@ JA3 Host Stats:
1 192.168.13.203 1
1 UDP 192.168.13.203:40739 -> 192.168.13.57:56515 [proto: 91/TLS][cat: Web/5][2 pkts/394 bytes -> 0 pkts/0 bytes][Goodput ratio: 78/0][< 1 sec][Risk: ** TLS (probably) not carrying HTTPS **][DTLSv1.2][JA3C: bd743610892cec1efed851b2b5efd4f5]
1 UDP 192.168.13.203:40739 -> 192.168.13.57:56515 [proto: 91/TLS][cat: Web/5][2 pkts/394 bytes -> 0 pkts/0 bytes][Goodput ratio: 78/0][< 1 sec][Risk: ** TLS (probably) not carrying HTTPS **][DTLSv1.2][JA3C: bd743610892cec1efed851b2b5efd4f5][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

6
tests/result/encrypted_sni.pcap.out
View file

@ -5,6 +5,6 @@ JA3 Host Stats:
1 192.168.1.12 1
1 TCP 192.168.1.12:49886 -> 104.27.129.77:443 [proto: 91.220/TLS.Cloudflare][cat: Web/5][1 pkts/770 bytes -> 0 pkts/0 bytes][Goodput ratio: 93/0][< 1 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][TLSv1.2][JA3C: e5ef852e686954ba9fe060fbfa881e15][ESNI: 9624CB3C4E230827F78CF5BF640D22DEA33FCC598EA6A32D939905586FBE997B9E68661F8956D4893072E19DE24CD1FB88A9F71FC4CC01BAB5C914FDF96A647D671B5E89859BAEEAB122218688496DF4DF0C328C3D5F940B109CEB2A2743D5CBE3594288A229B8C7E2F88303E3FE1A26A89E5001F2BD936890FEF78F06E05ECC063A68BDB8C18DFAC114CF1FECDB8BE1FC2FEECB2315D27998D682B129FD1E3EB5D7985DCBDC452A1082CCC038E0BF69570FEFAC6BC6FB951F89B6792CADA76403C02CEB5DCE1CE6EDDD16D5F7FB6B85D2B92485448DE0088E421E83F1E28B267FBE3B59AE0496FB845213C271D4C5AC5E9E7E5F6A3072445307FCCEB7306710459991C40CC4DC1FC325154C7974DD780371397805456A19AE23EE88475C1DF07697B666][ESNI Cipher: TLS_AES_128_GCM_SHA256][PLAIN TEXT (http/1.1)]
2 TCP 192.168.1.12:49887 -> 104.16.125.175:443 [proto: 91.220/TLS.Cloudflare][cat: Web/5][1 pkts/770 bytes -> 0 pkts/0 bytes][Goodput ratio: 93/0][< 1 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][TLSv1.2][JA3C: e5ef852e686954ba9fe060fbfa881e15][ESNI: B900004E39E84B98F5AE87B0A020EC49FED86F2B488B6AB28BDE9F957621F2774366DE90E65C4CA808668911624685EC4C6DC6C161A97CBE82281BC08427697AA3BE6A40E5F00ACF8B63E329317B0E4E85642D50AB8790E6197DA62D9F5B3239DCC59437797FE768A520C9D471FEABA1375DF61E4A39B09363CB109E7B24A793844896DDD16B6EE7DBE576D767161D782D7BF6FEC453A05A923D8D8E9BEFFC97E8E56C4F1AAB70FE99BC97819E1D908A5F3B3094F4BF25EB7A24A94FDBC3E107A423B8BB341F22900F7BBD87780E30B6ECF393FEB8FBFFEB54C79FA0673FE1AAD17B221D4BFF6450AA0CD4AF513066B66080B602147F3ACB7145A436C5689DA20BACB8BF9BABD851012556EC8F7BB9D74BFAAF25DCF4362A5775607C3CE5C2C29F183969][ESNI Cipher: TLS_AES_128_GCM_SHA256][PLAIN TEXT (http/1.1)]
3 TCP 192.168.1.12:49897 -> 104.22.71.197:443 [proto: 91.220/TLS.Cloudflare][cat: Web/5][1 pkts/770 bytes -> 0 pkts/0 bytes][Goodput ratio: 93/0][< 1 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][TLSv1.2][JA3C: e5ef852e686954ba9fe060fbfa881e15][ESNI: CD69AC727FFAA0EA70A12AA46E71537EB99234B996818C913C72A0AC1184BFA5DD3B617E013E4CA092B2E9CFB78BCD8D33CBAF12A974DFB78E49B8BF9A57997418EF14C87830961E3C8480D2A4BF27D61D911CEF4300924A9F36105748BAED845FF585E40406545BB35C6DAAD7896433EC4DFD6B6F49728DA85D707DB7AC784F55A6658DC6ADE3087B1E46BBBEDFA44F3E8754B31A6BCF8519D291D3629805FA826E43799EA6E33021CF0A83CA05717B00F37D69841934F5B5BF254C6467888A592C38A3007DB3B7D5CBB8DB742B657F8F973C050BAA817AA571393CD8A4BC0B2312460A77DD0510F4BBCE43D53BCF334E4E8C7570255BBD17714403F4B6925434CD67F96FA9E05D700776810EEB5786B1C8188A4D73F8208B614B93284A8093929594BE][ESNI Cipher: TLS_AES_128_GCM_SHA256][PLAIN TEXT (http/1.1)]
1 TCP 192.168.1.12:49886 -> 104.27.129.77:443 [proto: 91.220/TLS.Cloudflare][cat: Web/5][1 pkts/770 bytes -> 0 pkts/0 bytes][Goodput ratio: 93/0][< 1 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][TLSv1.2][JA3C: e5ef852e686954ba9fe060fbfa881e15][ESNI: 9624CB3C4E230827F78CF5BF640D22DEA33FCC598EA6A32D939905586FBE997B9E68661F8956D4893072E19DE24CD1FB88A9F71FC4CC01BAB5C914FDF96A647D671B5E89859BAEEAB122218688496DF4DF0C328C3D5F940B109CEB2A2743D5CBE3594288A229B8C7E2F88303E3FE1A26A89E5001F2BD936890FEF78F06E05ECC063A68BDB8C18DFAC114CF1FECDB8BE1FC2FEECB2315D27998D682B129FD1E3EB5D7985DCBDC452A1082CCC038E0BF69570FEFAC6BC6FB951F89B6792CADA76403C02CEB5DCE1CE6EDDD16D5F7FB6B85D2B92485448DE0088E421E83F1E28B267FBE3B59AE0496FB845213C271D4C5AC5E9E7E5F6A3072445307FCCEB7306710459991C40CC4DC1FC325154C7974DD780371397805456A19AE23EE88475C1DF07697B666][ESNI Cipher: TLS_AES_128_GCM_SHA256][PLAIN TEXT (http/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 TCP 192.168.1.12:49887 -> 104.16.125.175:443 [proto: 91.220/TLS.Cloudflare][cat: Web/5][1 pkts/770 bytes -> 0 pkts/0 bytes][Goodput ratio: 93/0][< 1 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][TLSv1.2][JA3C: e5ef852e686954ba9fe060fbfa881e15][ESNI: B900004E39E84B98F5AE87B0A020EC49FED86F2B488B6AB28BDE9F957621F2774366DE90E65C4CA808668911624685EC4C6DC6C161A97CBE82281BC08427697AA3BE6A40E5F00ACF8B63E329317B0E4E85642D50AB8790E6197DA62D9F5B3239DCC59437797FE768A520C9D471FEABA1375DF61E4A39B09363CB109E7B24A793844896DDD16B6EE7DBE576D767161D782D7BF6FEC453A05A923D8D8E9BEFFC97E8E56C4F1AAB70FE99BC97819E1D908A5F3B3094F4BF25EB7A24A94FDBC3E107A423B8BB341F22900F7BBD87780E30B6ECF393FEB8FBFFEB54C79FA0673FE1AAD17B221D4BFF6450AA0CD4AF513066B66080B602147F3ACB7145A436C5689DA20BACB8BF9BABD851012556EC8F7BB9D74BFAAF25DCF4362A5775607C3CE5C2C29F183969][ESNI Cipher: TLS_AES_128_GCM_SHA256][PLAIN TEXT (http/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 TCP 192.168.1.12:49897 -> 104.22.71.197:443 [proto: 91.220/TLS.Cloudflare][cat: Web/5][1 pkts/770 bytes -> 0 pkts/0 bytes][Goodput ratio: 93/0][< 1 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][TLSv1.2][JA3C: e5ef852e686954ba9fe060fbfa881e15][ESNI: CD69AC727FFAA0EA70A12AA46E71537EB99234B996818C913C72A0AC1184BFA5DD3B617E013E4CA092B2E9CFB78BCD8D33CBAF12A974DFB78E49B8BF9A57997418EF14C87830961E3C8480D2A4BF27D61D911CEF4300924A9F36105748BAED845FF585E40406545BB35C6DAAD7896433EC4DFD6B6F49728DA85D707DB7AC784F55A6658DC6ADE3087B1E46BBBEDFA44F3E8754B31A6BCF8519D291D3629805FA826E43799EA6E33021CF0A83CA05717B00F37D69841934F5B5BF254C6467888A592C38A3007DB3B7D5CBB8DB742B657F8F973C050BAA817AA571393CD8A4BC0B2312460A77DD0510F4BBCE43D53BCF334E4E8C7570255BBD17714403F4B6925434CD67F96FA9E05D700776810EEB5786B1C8188A4D73F8208B614B93284A8093929594BE][ESNI Cipher: TLS_AES_128_GCM_SHA256][PLAIN TEXT (http/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

148
tests/result/ethereum.pcap.out
View file

@ -1,77 +1,77 @@
Mining 1939 208480 70
Amazon 61 7631 4
1 TCP 192.168.1.184:56626 <-> 178.128.195.220:30303 [proto: 42/Mining][cat: Mining/99][32 pkts/3294 bytes <-> 37 pkts/3156 bytes][Goodput ratio: 36/21][0.16 sec][ETH][bytes ratio: 0.021 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2/4 42/62 8/14][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 103/85 612/470 105/69]
2 TCP 192.168.1.184:56638 <-> 209.250.240.205:30303 [proto: 42/Mining][cat: Mining/99][34 pkts/3347 bytes <-> 28 pkts/2774 bytes][Goodput ratio: 34/32][0.15 sec][bytes ratio: 0.094 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 5/3 43/41 12/10][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 98/99 481/560 79/95]
3 TCP 192.168.1.184:56660 <-> 51.161.23.12:30303 [proto: 42/Mining][cat: Mining/99][36 pkts/3241 bytes <-> 29 pkts/2723 bytes][Goodput ratio: 29/31][0.57 sec][ETH][bytes ratio: 0.087 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 10/9 147/141 36/34][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 90/94 639/487 96/81]
4 TCP 192.168.1.184:56658 <-> 157.230.152.87:30303 [proto: 42/Mining][cat: Mining/99][37 pkts/3341 bytes <-> 27 pkts/2583 bytes][Goodput ratio: 28/32][0.72 sec][ETH][bytes ratio: 0.128 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 17/22 182/184 53/59][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 90/96 649/457 96/79]
5 TCP 192.168.1.184:56645 <-> 185.219.133.62:30303 [proto: 42/Mining][cat: Mining/99][34 pkts/3018 bytes <-> 27 pkts/2540 bytes][Goodput ratio: 25/31][0.20 sec][bytes ratio: 0.086 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 4/8 51/49 13/17][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 89/94 476/448 71/77]
6 TCP 192.168.1.184:56650 <-> 35.228.250.140:30303 [proto: 42/Mining][cat: Mining/99][30 pkts/2806 bytes <-> 24 pkts/2380 bytes][Goodput ratio: 29/35][0.23 sec][ETH][bytes ratio: 0.082 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 7/6 57/56 18/17][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 94/99 528/508 84/92][PLAIN TEXT (J/hy@y)]
7 TCP 192.168.1.184:56646 <-> 172.105.94.62:30303 [proto: 42/Mining][cat: Mining/99][28 pkts/2738 bytes <-> 24 pkts/2370 bytes][Goodput ratio: 32/36][0.22 sec][ETH][bytes ratio: 0.072 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 7/15 116/91 24/28][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 98/99 540/398 89/89]
8 TCP 192.168.1.184:56661 <-> 52.9.128.68:30303 [proto: 42.178/Mining.Amazon][cat: Mining/99][30 pkts/2768 bytes <-> 23 pkts/2318 bytes][Goodput ratio: 30/36][0.76 sec][ETH][bytes ratio: 0.088 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 23/18 194/193 61/55][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 92/101 538/494 87/90]
9 TCP 192.168.1.184:56674 <-> 94.68.55.162:30303 [proto: 42/Mining][cat: Mining/99][29 pkts/2801 bytes <-> 21 pkts/2262 bytes][Goodput ratio: 32/40][0.29 sec][ETH][bytes ratio: 0.106 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 9/8 74/75 24/22][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 97/108 613/570 101/109]
10 TCP 192.168.1.184:56671 <-> 86.107.243.62:30303 [proto: 42/Mining][cat: Mining/99][28 pkts/2804 bytes <-> 20 pkts/2138 bytes][Goodput ratio: 34/41][0.18 sec][ETH][bytes ratio: 0.135 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 6/8 39/38 13/15][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 100/107 606/430 100/101]
11 TCP 192.168.1.184:56643 <-> 178.62.29.183:30303 [proto: 42/Mining][cat: Mining/99][31 pkts/2879 bytes <-> 23 pkts/2042 bytes][Goodput ratio: 29/27][0.18 sec][ETH][bytes ratio: 0.170 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 5/8 48/47 14/17][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 93/89 535/384 84/68]
12 TCP 192.168.1.184:56673 <-> 78.47.147.155:30303 [proto: 42/Mining][cat: Mining/99][28 pkts/2855 bytes <-> 9 pkts/1461 bytes][Goodput ratio: 34/59][0.41 sec][ETH][bytes ratio: 0.323 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 15/65 285/246 57/92][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 102/162 633/413 105/126]
13 TCP 192.168.1.184:56634 <-> 159.203.84.31:30303 [proto: 42/Mining][cat: Mining/99][21 pkts/2209 bytes <-> 23 pkts/2019 bytes][Goodput ratio: 37/29][0.33 sec][ETH][bytes ratio: 0.045 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 12/18 109/109 34/41][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 105/88 637/579 122/105]
14 TCP 192.168.1.184:56610 <-> 165.22.107.33:30303 [proto: 42/Mining][cat: Mining/99][21 pkts/2212 bytes <-> 24 pkts/1962 bytes][Goodput ratio: 37/23][0.92 sec][ETH][bytes ratio: 0.060 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 35/58 339/287 99/115][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 105/82 640/462 123/80]
15 TCP 192.168.1.184:56621 <-> 52.187.207.27:30303 [proto: 42/Mining][cat: Mining/99][21 pkts/2163 bytes <-> 21 pkts/1843 bytes][Goodput ratio: 35/28][0.99 sec][ETH][bytes ratio: 0.080 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 37/53 354/316 105/118][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 103/88 591/517 112/96]
16 TCP 192.168.1.184:56620 <-> 191.234.162.198:30303 [proto: 42/Mining][cat: Mining/99][21 pkts/2150 bytes <-> 21 pkts/1845 bytes][Goodput ratio: 35/28][0.70 sec][ETH][bytes ratio: 0.076 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 27/37 263/221 76/82][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 102/88 578/525 110/98]
17 TCP 192.168.1.184:56611 <-> 104.42.217.25:30303 [proto: 42/Mining][cat: Mining/99][21 pkts/2128 bytes <-> 21 pkts/1859 bytes][Goodput ratio: 34/29][0.57 sec][ETH][bytes ratio: 0.067 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 22/34 201/202 62/75][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 101/89 556/533 105/100]
18 TCP 192.168.1.184:56623 <-> 18.138.81.28:30303 [proto: 42/Mining][cat: Mining/99][21 pkts/2109 bytes <-> 22 pkts/1874 bytes][Goodput ratio: 34/26][0.83 sec][ETH][bytes ratio: 0.059 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 32/44 308/260 89/97][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 100/85 537/488 101/88]
19 TCP 192.168.1.184:56615 <-> 35.158.244.151:30303 [proto: 42/Mining][cat: Mining/99][21 pkts/2133 bytes <-> 21 pkts/1834 bytes][Goodput ratio: 34/28][0.14 sec][ETH][bytes ratio: 0.075 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 6/10 62/63 17/23][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 102/87 561/514 106/96]
20 TCP 192.168.1.184:56618 <-> 52.231.165.108:30303 [proto: 42/Mining][cat: Mining/99][21 pkts/2088 bytes <-> 21 pkts/1845 bytes][Goodput ratio: 33/28][0.70 sec][bytes ratio: 0.062 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 27/37 261/222 76/83][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 99/88 516/519 97/97][PLAIN TEXT (XMOZOS)]
21 TCP 192.168.1.184:56628 <-> 3.209.45.79:30303 [proto: 42/Mining][cat: Mining/99][21 pkts/2033 bytes <-> 21 pkts/1862 bytes][Goodput ratio: 31/29][0.41 sec][bytes ratio: 0.044 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 17/27 163/164 47/61][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 97/89 461/536 86/100]
22 TCP 192.168.1.184:56632 <-> 51.38.81.180:30303 [proto: 42/Mining][cat: Mining/99][21 pkts/2117 bytes <-> 20 pkts/1765 bytes][Goodput ratio: 34/28][0.22 sec][ETH][bytes ratio: 0.091 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 8/13 78/78 23/29][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 101/88 545/505 103/96]
23 TCP 192.168.1.184:56627 <-> 34.255.23.113:30303 [proto: 42/Mining][cat: Mining/99][21 pkts/2150 bytes <-> 20 pkts/1728 bytes][Goodput ratio: 35/27][0.20 sec][ETH][bytes ratio: 0.109 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 4/11 70/62 16/23][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 102/86 578/468 110/88]
24 TCP 192.168.1.184:56622 <-> 18.138.108.67:30303 [proto: 42/Mining][cat: Mining/99][21 pkts/2169 bytes <-> 21 pkts/1704 bytes][Goodput ratio: 36/22][0.81 sec][ETH][bytes ratio: 0.120 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 31/42 300/253 87/94][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 103/81 597/384 114/68]
25 TCP 192.168.1.184:56639 <-> 18.219.167.159:30303 [proto: 42/Mining][cat: Mining/99][20 pkts/2093 bytes <-> 19 pkts/1750 bytes][Goodput ratio: 36/32][0.38 sec][ETH][bytes ratio: 0.089 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 15/25 130/122 41/49][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 105/92 587/556 114/110]
26 UDP 192.168.1.184:30303 <-> 52.231.165.108:30303 [proto: 42/Mining][cat: Mining/99][2 pkts/426 bytes <-> 4 pkts/3132 bytes][Goodput ratio: 80/95][0.27 sec][ETH][bytes ratio: -0.761 (Download)][IAT c2s/s2c min/avg/max/stddev: 40/0 40/6 40/19 0/9][Pkt Len c2s/s2c min/avg/max/stddev: 213/467 213/783 213/1099 0/316]
27 TCP 192.168.1.184:56635 <-> 162.228.29.160:30303 [proto: 42/Mining][cat: Mining/99][21 pkts/2051 bytes <-> 16 pkts/1497 bytes][Goodput ratio: 32/31][0.47 sec][bytes ratio: 0.156 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 18/32 159/152 50/60][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 98/94 479/471 89/98]
28 TCP 192.168.1.184:56629 <-> 51.38.60.79:30303 [proto: 42/Mining][cat: Mining/99][19 pkts/1927 bytes <-> 19 pkts/1600 bytes][Goodput ratio: 34/25][0.16 sec][bytes ratio: 0.093 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2/9 36/43 9/17][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 101/84 487/406 95/77]
29 TCP 192.168.1.184:56652 <-> 176.9.136.209:30303 [proto: 42/Mining][cat: Mining/99][18 pkts/1971 bytes <-> 17 pkts/1556 bytes][Goodput ratio: 39/32][0.10 sec][ETH][bytes ratio: 0.118 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 4/9 34/33 11/14][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 110/92 597/494 122/101]
30 TCP 192.168.1.184:56654 <-> 85.214.108.52:30303 [proto: 42/Mining][cat: Mining/99][17 pkts/1930 bytes <-> 14 pkts/1529 bytes][Goodput ratio: 41/42][0.14 sec][ETH][bytes ratio: 0.116 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 7/12 35/36 14/17][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 114/109 574/401 119/103]
31 TCP 192.168.1.184:56657 <-> 138.75.171.190:30303 [proto: 42/Mining][cat: Mining/99][17 pkts/1913 bytes <-> 16 pkts/1521 bytes][Goodput ratio: 41/34][0.79 sec][ETH][bytes ratio: 0.114 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 37/88 263/261 91/122][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 113/95 605/525 126/112]
32 TCP 192.168.1.184:56630 <-> 40.67.144.128:30303 [proto: 42/Mining][cat: Mining/99][18 pkts/1871 bytes <-> 17 pkts/1551 bytes][Goodput ratio: 36/31][0.38 sec][bytes ratio: 0.094 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 18/28 158/112 46/48][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 104/91 497/489 99/100][PLAIN TEXT (t ZZUM)]
33 TCP 192.168.1.184:56624 <-> 89.38.99.34:30303 [proto: 42/Mining][cat: Mining/99][17 pkts/1895 bytes <-> 13 pkts/1495 bytes][Goodput ratio: 40/45][0.22 sec][ETH][bytes ratio: 0.118 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 11/22 65/66 22/31][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 111/115 539/433 111/113]
34 TCP 192.168.1.184:56651 <-> 138.201.12.87:30303 [proto: 42/Mining][cat: Mining/99][18 pkts/1857 bytes <-> 18 pkts/1521 bytes][Goodput ratio: 35/26][0.10 sec][bytes ratio: 0.099 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 5/9 36/33 12/14][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 103/84 483/393 96/76]
35 TCP 192.168.1.184:56672 <-> 139.162.255.210:30303 [proto: 42/Mining][cat: Mining/99][18 pkts/1826 bytes <-> 18 pkts/1550 bytes][Goodput ratio: 34/27][0.13 sec][bytes ratio: 0.082 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 6/11 42/42 14/18][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 101/86 452/422 90/82]
36 TCP 192.168.1.184:56675 <-> 35.235.37.216:30303 [proto: 42/Mining][cat: Mining/99][17 pkts/1892 bytes <-> 13 pkts/1450 bytes][Goodput ratio: 41/43][0.10 sec][ETH][bytes ratio: 0.132 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 5/13 25/25 10/12][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 111/112 596/420 125/106]
37 TCP 192.168.1.184:56641 <-> 144.91.120.135:30303 [proto: 42/Mining][cat: Mining/99][17 pkts/1914 bytes <-> 14 pkts/1422 bytes][Goodput ratio: 41/37][0.12 sec][ETH][bytes ratio: 0.147 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 6/10 30/29 11/13][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 113/102 606/390 127/97]
38 TCP 192.168.1.184:56681 <-> 207.180.206.216:30303 [proto: 42/Mining][cat: Mining/99][17 pkts/1864 bytes <-> 13 pkts/1420 bytes][Goodput ratio: 40/42][0.16 sec][ETH][bytes ratio: 0.135 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 8/10 40/40 16/17][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 110/109 568/384 118/98]
39 TCP 192.168.1.184:56617 <-> 34.97.172.22:30303 [proto: 42/Mining][cat: Mining/99][17 pkts/1834 bytes <-> 12 pkts/1437 bytes][Goodput ratio: 39/46][1.13 sec][ETH][bytes ratio: 0.121 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 62/68 318/271 118/117][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 108/120 538/461 111/119]
40 TCP 192.168.1.184:56613 <-> 162.243.160.83:30303 [proto: 42/Mining][cat: Mining/99][17 pkts/1832 bytes <-> 14 pkts/1433 bytes][Goodput ratio: 38/38][0.51 sec][ETH][bytes ratio: 0.122 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 28/52 154/153 55/71][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 108/102 524/401 108/99][PLAIN TEXT (fOZarJ)]
41 TCP 192.168.1.184:56633 <-> 82.145.220.249:30303 [proto: 42/Mining][cat: Mining/99][17 pkts/1816 bytes <-> 15 pkts/1418 bytes][Goodput ratio: 38/34][0.20 sec][bytes ratio: 0.123 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 11/38 76/77 26/38][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 107/95 508/488 104/106]
42 TCP 192.168.1.184:56679 <-> 35.228.158.52:30303 [proto: 42/Mining][cat: Mining/99][17 pkts/1748 bytes <-> 13 pkts/1472 bytes][Goodput ratio: 36/44][0.23 sec][bytes ratio: 0.086 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 12/20 59/60 23/28][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 103/113 452/436 92/109]
43 TCP 192.168.1.184:56670 <-> 167.86.122.50:30303 [proto: 42/Mining][cat: Mining/99][17 pkts/1751 bytes <-> 13 pkts/1439 bytes][Goodput ratio: 36/42][0.16 sec][bytes ratio: 0.098 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 9/13 43/38 16/18][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 103/111 455/403 93/102]
44 TCP 192.168.1.184:56642 <-> 178.62.10.218:30303 [proto: 42/Mining][cat: Mining/99][17 pkts/1777 bytes <-> 12 pkts/1369 bytes][Goodput ratio: 37/44][0.17 sec][bytes ratio: 0.130 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/2 9/22 43/42 17/20][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 105/114 481/399 99/104]
45 TCP 192.168.1.184:56684 <-> 51.83.237.44:30303 [proto: 42/Mining][cat: Mining/99][17 pkts/1923 bytes <-> 7 pkts/1108 bytes][Goodput ratio: 42/58][0.13 sec][ETH][bytes ratio: 0.269 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 9/14 43/42 17/20][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 113/158 627/432 132/132]
46 TCP 192.168.1.184:56655 <-> 202.112.28.106:30303 [proto: 42/Mining][cat: Mining/99][18 pkts/1982 bytes <-> 6 pkts/948 bytes][Goodput ratio: 39/57][0.88 sec][ETH][bytes ratio: 0.353 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 58/110 436/438 148/190][Pkt Len c2s/s2c min/avg/max/stddev: 66/67 110/158 560/434 113/130]
47 TCP 192.168.1.184:56662 <-> 35.229.232.19:30303 [proto: 42/Mining][cat: Mining/99][21 pkts/1833 bytes <-> 9 pkts/1016 bytes][Goodput ratio: 37/49][0.59 sec][bytes ratio: 0.287 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 33/48 298/288 92/107][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 87/113 489/487 94/133]
48 TCP 192.168.1.184:56663 <-> 124.217.235.180:30303 [proto: 42/Mining][cat: Mining/99][17 pkts/1919 bytes <-> 5 pkts/730 bytes][Goodput ratio: 41/54][0.77 sec][ETH][bytes ratio: 0.449 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 55/127 388/377 134/177][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 113/146 611/394 128/125]
49 UDP 192.168.1.184:30303 <-> 18.219.167.159:30303 [proto: 42/Mining][cat: Mining/99][3 pkts/575 bytes <-> 4 pkts/1928 bytes][Goodput ratio: 78/91][0.75 sec][ETH][bytes ratio: -0.541 (Download)][IAT c2s/s2c min/avg/max/stddev: 127/0 314/209 501/626 187/295][Pkt Len c2s/s2c min/avg/max/stddev: 170/170 192/482 213/1099 18/375]
50 TCP 192.168.1.184:56647 <-> 182.162.161.61:30303 [proto: 42/Mining][cat: Mining/99][11 pkts/1520 bytes <-> 5 pkts/842 bytes][Goodput ratio: 46/60][0.75 sec][ETH][bytes ratio: 0.287 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 83/124 372/371 154/175][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 138/168 588/554 147/193]
51 TCP 192.168.1.184:56685 <-> 88.99.93.219:30303 [proto: 42/Mining][cat: Mining/99][9 pkts/1362 bytes <-> 3 pkts/603 bytes][Goodput ratio: 55/66][0.08 sec][ETH][bytes ratio: 0.386 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/3 11/20 41/38 18/18][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 151/201 646/463 179/185]
52 UDP 192.168.1.184:30303 <-> 18.138.108.67:30303 [proto: 42/Mining][cat: Mining/99][1 pkts/213 bytes <-> 2 pkts/1566 bytes][Goodput ratio: 80/95][0.27 sec][ETH]
53 UDP 192.168.1.184:30303 <-> 35.180.246.169:30301 [proto: 42.178/Mining.Amazon][cat: Mining/99][1 pkts/213 bytes <-> 2 pkts/1566 bytes][Goodput ratio: 80/95][0.03 sec][ETH]
54 UDP 192.168.1.184:30303 <-> 3.209.45.79:30303 [proto: 42/Mining][cat: Mining/99][1 pkts/213 bytes <-> 2 pkts/1564 bytes][Goodput ratio: 80/95][0.14 sec][ETH]
55 UDP 192.168.1.184:30303 <-> 34.97.172.22:30303 [proto: 42/Mining][cat: Mining/99][1 pkts/213 bytes <-> 2 pkts/1564 bytes][Goodput ratio: 80/95][0.27 sec][ETH][PLAIN TEXT (PbEvGi)]
56 UDP 192.168.1.184:30303 <-> 54.36.160.211:30303 [proto: 42/Mining][cat: Mining/99][1 pkts/213 bytes <-> 2 pkts/1564 bytes][Goodput ratio: 80/95][0.08 sec][ETH][PLAIN TEXT (PbEvGi)]
57 UDP 192.168.1.184:30303 <-> 128.0.51.140:30303 [proto: 42/Mining][cat: Mining/99][1 pkts/213 bytes <-> 2 pkts/1564 bytes][Goodput ratio: 80/95][0.08 sec][ETH]
58 TCP 192.168.1.184:56612 <-> 66.42.82.246:30303 [proto: 42/Mining][cat: Mining/99][3 pkts/639 bytes <-> 2 pkts/140 bytes][Goodput ratio: 67/0][0.32 sec]
59 TCP 192.168.1.184:56680 <-> 138.59.17.58:30303 [proto: 42/Mining][cat: Mining/99][3 pkts/657 bytes <-> 1 pkts/74 bytes][Goodput ratio: 68/0][0.20 sec]
60 UDP 183.129.242.164:1024 <-> 192.168.1.184:30303 [proto: 42/Mining][cat: Mining/99][2 pkts/360 bytes <-> 2 pkts/362 bytes][Goodput ratio: 76/77][0.38 sec][ETH]
61 TCP 192.168.1.184:56686 <-> 206.189.107.35:30303 [proto: 42/Mining][cat: Mining/99][3 pkts/617 bytes <-> 1 pkts/74 bytes][Goodput ratio: 66/0][0.05 sec]
62 TCP 192.168.1.184:56678 <-> 13.251.14.199:30303 [proto: 42.178/Mining.Amazon][cat: Web/5][3 pkts/614 bytes <-> 1 pkts/74 bytes][Goodput ratio: 66/0][0.25 sec]
63 UDP 192.168.1.184:30303 <-> 66.42.82.246:30303 [proto: 42/Mining][cat: Mining/99][2 pkts/383 bytes <-> 1 pkts/191 bytes][Goodput ratio: 78/78][0.64 sec][ETH]
64 UDP 87.14.222.25:56693 -> 192.168.1.184:30303 [proto: 42/Mining][cat: Mining/99][2 pkts/383 bytes -> 0 pkts/0 bytes][Goodput ratio: 78/0][1.06 sec][ETH]
65 UDP 192.168.1.184:30303 -> 111.229.0.180:20182 [proto: 42/Mining][cat: Mining/99][2 pkts/383 bytes -> 0 pkts/0 bytes][Goodput ratio: 78/0][1.00 sec][ETH]
66 UDP 192.168.1.184:30303 -> 209.97.143.1:50000 [proto: 42/Mining][cat: Mining/99][2 pkts/383 bytes -> 0 pkts/0 bytes][Goodput ratio: 78/0][1.00 sec][ETH]
67 UDP 192.168.1.184:30303 <-> 202.112.28.106:30303 [proto: 42/Mining][cat: Mining/99][1 pkts/170 bytes <-> 1 pkts/191 bytes][Goodput ratio: 75/78][0.44 sec][ETH][PLAIN TEXT (0/XoR/Q)]
68 UDP 192.168.1.184:30303 <-> 167.86.122.50:30303 [proto: 42/Mining][cat: Mining/99][1 pkts/170 bytes <-> 1 pkts/189 bytes][Goodput ratio: 75/77][0.03 sec][ETH]
69 UDP 3.112.138.57:25516 -> 192.168.1.184:30303 [proto: 42/Mining][cat: Mining/99][1 pkts/181 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][ETH]
70 UDP 60.191.32.71:30303 -> 192.168.1.184:30303 [proto: 42/Mining][cat: Mining/99][1 pkts/171 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][< 1 sec][ETH]
71 UDP 192.168.1.184:30303 -> 106.12.39.168:30333 [proto: 42/Mining][cat: Mining/99][1 pkts/170 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][< 1 sec][ETH]
72 TCP 192.168.1.184:56625 -> 5.1.83.226:30303 [proto: 42/Mining][cat: Mining/99][2 pkts/156 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][1.10 sec]
73 TCP 192.168.1.184:56637 -> 35.233.197.131:30303 [proto: 42/Mining][cat: Mining/99][2 pkts/156 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][1.11 sec]
74 TCP 192.168.1.184:56644 -> 13.230.108.42:30303 [proto: 42.178/Mining.Amazon][cat: Web/5][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
1 TCP 192.168.1.184:56626 <-> 178.128.195.220:30303 [proto: 42/Mining][cat: Mining/99][32 pkts/3294 bytes <-> 37 pkts/3156 bytes][Goodput ratio: 36/21][0.16 sec][ETH][bytes ratio: 0.021 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2/4 42/62 8/14][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 103/85 612/470 105/69][Plen Bins: 60,21,0,3,3,0,0,0,3,0,0,0,3,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 TCP 192.168.1.184:56638 <-> 209.250.240.205:30303 [proto: 42/Mining][cat: Mining/99][34 pkts/3347 bytes <-> 28 pkts/2774 bytes][Goodput ratio: 34/32][0.15 sec][bytes ratio: 0.094 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 5/3 43/41 12/10][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 98/99 481/560 79/95][Plen Bins: 42,28,0,14,3,3,0,0,0,0,0,0,3,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 TCP 192.168.1.184:56660 <-> 51.161.23.12:30303 [proto: 42/Mining][cat: Mining/99][36 pkts/3241 bytes <-> 29 pkts/2723 bytes][Goodput ratio: 29/31][0.57 sec][ETH][bytes ratio: 0.087 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 10/9 147/141 36/34][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 90/94 639/487 96/81][Plen Bins: 62,21,3,3,3,0,0,0,0,0,0,0,0,3,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 TCP 192.168.1.184:56658 <-> 157.230.152.87:30303 [proto: 42/Mining][cat: Mining/99][37 pkts/3341 bytes <-> 27 pkts/2583 bytes][Goodput ratio: 28/32][0.72 sec][ETH][bytes ratio: 0.128 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 17/22 182/184 53/59][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 90/96 649/457 96/79][Plen Bins: 62,21,3,3,0,3,0,0,0,0,0,0,3,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 TCP 192.168.1.184:56645 <-> 185.219.133.62:30303 [proto: 42/Mining][cat: Mining/99][34 pkts/3018 bytes <-> 27 pkts/2540 bytes][Goodput ratio: 25/31][0.20 sec][bytes ratio: 0.086 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 4/8 51/49 13/17][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 89/94 476/448 71/77][Plen Bins: 60,23,3,3,3,0,0,0,0,0,0,3,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
6 TCP 192.168.1.184:56650 <-> 35.228.250.140:30303 [proto: 42/Mining][cat: Mining/99][30 pkts/2806 bytes <-> 24 pkts/2380 bytes][Goodput ratio: 29/35][0.23 sec][ETH][bytes ratio: 0.082 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 7/6 57/56 18/17][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 94/99 528/508 84/92][PLAIN TEXT (J/hy@y)][Plen Bins: 50,30,3,3,3,0,0,0,0,0,0,0,0,3,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
7 TCP 192.168.1.184:56646 <-> 172.105.94.62:30303 [proto: 42/Mining][cat: Mining/99][28 pkts/2738 bytes <-> 24 pkts/2370 bytes][Goodput ratio: 32/36][0.22 sec][ETH][bytes ratio: 0.072 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 7/15 116/91 24/28][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 98/99 540/398 89/89][Plen Bins: 56,20,4,4,0,0,4,4,0,0,4,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
8 TCP 192.168.1.184:56661 <-> 52.9.128.68:30303 [proto: 42.178/Mining.Amazon][cat: Mining/99][30 pkts/2768 bytes <-> 23 pkts/2318 bytes][Goodput ratio: 30/36][0.76 sec][ETH][bytes ratio: 0.088 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 23/18 194/193 61/55][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 92/101 538/494 87/90][Plen Bins: 53,26,3,3,3,0,0,0,0,0,0,0,0,3,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
9 TCP 192.168.1.184:56674 <-> 94.68.55.162:30303 [proto: 42/Mining][cat: Mining/99][29 pkts/2801 bytes <-> 21 pkts/2262 bytes][Goodput ratio: 32/40][0.29 sec][ETH][bytes ratio: 0.106 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 9/8 74/75 24/22][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 97/108 613/570 101/109][Plen Bins: 48,32,4,4,4,0,0,0,0,0,0,0,0,0,0,4,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
10 TCP 192.168.1.184:56671 <-> 86.107.243.62:30303 [proto: 42/Mining][cat: Mining/99][28 pkts/2804 bytes <-> 20 pkts/2138 bytes][Goodput ratio: 34/41][0.18 sec][ETH][bytes ratio: 0.135 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 6/8 39/38 13/15][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 100/107 606/430 100/101][Plen Bins: 56,20,4,4,0,0,4,4,0,0,0,4,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
11 TCP 192.168.1.184:56643 <-> 178.62.29.183:30303 [proto: 42/Mining][cat: Mining/99][31 pkts/2879 bytes <-> 23 pkts/2042 bytes][Goodput ratio: 29/27][0.18 sec][ETH][bytes ratio: 0.170 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 5/8 48/47 14/17][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 93/89 535/384 84/68][Plen Bins: 62,22,0,7,0,0,0,0,0,3,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
12 TCP 192.168.1.184:56673 <-> 78.47.147.155:30303 [proto: 42/Mining][cat: Mining/99][28 pkts/2855 bytes <-> 9 pkts/1461 bytes][Goodput ratio: 34/59][0.41 sec][ETH][bytes ratio: 0.323 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 15/65 285/246 57/92][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 102/162 633/413 105/126][Plen Bins: 56,20,4,4,0,0,4,4,0,0,4,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
13 TCP 192.168.1.184:56634 <-> 159.203.84.31:30303 [proto: 42/Mining][cat: Mining/99][21 pkts/2209 bytes <-> 23 pkts/2019 bytes][Goodput ratio: 37/29][0.33 sec][ETH][bytes ratio: 0.045 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 12/18 109/109 34/41][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 105/88 637/579 122/105][Plen Bins: 64,17,0,5,0,0,0,0,0,0,0,0,0,0,0,0,5,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
14 TCP 192.168.1.184:56610 <-> 165.22.107.33:30303 [proto: 42/Mining][cat: Mining/99][21 pkts/2212 bytes <-> 24 pkts/1962 bytes][Goodput ratio: 37/23][0.92 sec][ETH][bytes ratio: 0.060 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 35/58 339/287 99/115][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 105/82 640/462 123/80][Plen Bins: 64,17,0,5,0,0,0,0,0,0,0,0,5,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
15 TCP 192.168.1.184:56621 <-> 52.187.207.27:30303 [proto: 42/Mining][cat: Mining/99][21 pkts/2163 bytes <-> 21 pkts/1843 bytes][Goodput ratio: 35/28][0.99 sec][ETH][bytes ratio: 0.080 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 37/53 354/316 105/118][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 103/88 591/517 112/96][Plen Bins: 64,17,0,5,0,0,0,0,0,0,0,0,0,0,5,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
16 TCP 192.168.1.184:56620 <-> 191.234.162.198:30303 [proto: 42/Mining][cat: Mining/99][21 pkts/2150 bytes <-> 21 pkts/1845 bytes][Goodput ratio: 35/28][0.70 sec][ETH][bytes ratio: 0.076 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 27/37 263/221 76/82][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 102/88 578/525 110/98][Plen Bins: 64,17,0,5,0,0,0,0,0,0,0,0,0,0,5,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
17 TCP 192.168.1.184:56611 <-> 104.42.217.25:30303 [proto: 42/Mining][cat: Mining/99][21 pkts/2128 bytes <-> 21 pkts/1859 bytes][Goodput ratio: 34/29][0.57 sec][ETH][bytes ratio: 0.067 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 22/34 201/202 62/75][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 101/89 556/533 105/100][Plen Bins: 64,17,0,5,0,0,0,0,0,0,0,0,0,0,5,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
18 TCP 192.168.1.184:56623 <-> 18.138.81.28:30303 [proto: 42/Mining][cat: Mining/99][21 pkts/2109 bytes <-> 22 pkts/1874 bytes][Goodput ratio: 34/26][0.83 sec][ETH][bytes ratio: 0.059 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 32/44 308/260 89/97][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 100/85 537/488 101/88][Plen Bins: 64,17,0,5,0,0,0,0,0,0,0,0,0,5,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
19 TCP 192.168.1.184:56615 <-> 35.158.244.151:30303 [proto: 42/Mining][cat: Mining/99][21 pkts/2133 bytes <-> 21 pkts/1834 bytes][Goodput ratio: 34/28][0.14 sec][ETH][bytes ratio: 0.075 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 6/10 62/63 17/23][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 102/87 561/514 106/96][Plen Bins: 64,17,0,5,0,0,0,0,0,0,0,0,0,0,5,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
20 TCP 192.168.1.184:56618 <-> 52.231.165.108:30303 [proto: 42/Mining][cat: Mining/99][21 pkts/2088 bytes <-> 21 pkts/1845 bytes][Goodput ratio: 33/28][0.70 sec][bytes ratio: 0.062 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 27/37 261/222 76/83][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 99/88 516/519 97/97][PLAIN TEXT (XMOZOS)][Plen Bins: 64,17,0,5,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
21 TCP 192.168.1.184:56628 <-> 3.209.45.79:30303 [proto: 42/Mining][cat: Mining/99][21 pkts/2033 bytes <-> 21 pkts/1862 bytes][Goodput ratio: 31/29][0.41 sec][bytes ratio: 0.044 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 17/27 163/164 47/61][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 97/89 461/536 86/100][Plen Bins: 64,17,0,5,0,0,0,0,0,0,0,0,5,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
22 TCP 192.168.1.184:56632 <-> 51.38.81.180:30303 [proto: 42/Mining][cat: Mining/99][21 pkts/2117 bytes <-> 20 pkts/1765 bytes][Goodput ratio: 34/28][0.22 sec][ETH][bytes ratio: 0.091 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 8/13 78/78 23/29][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 101/88 545/505 103/96][Plen Bins: 64,17,0,5,0,0,0,0,0,0,0,0,0,5,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
23 TCP 192.168.1.184:56627 <-> 34.255.23.113:30303 [proto: 42/Mining][cat: Mining/99][21 pkts/2150 bytes <-> 20 pkts/1728 bytes][Goodput ratio: 35/27][0.20 sec][ETH][bytes ratio: 0.109 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 4/11 70/62 16/23][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 102/86 578/468 110/88][Plen Bins: 64,17,0,5,0,0,0,0,0,0,0,0,5,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
24 TCP 192.168.1.184:56622 <-> 18.138.108.67:30303 [proto: 42/Mining][cat: Mining/99][21 pkts/2169 bytes <-> 21 pkts/1704 bytes][Goodput ratio: 36/22][0.81 sec][ETH][bytes ratio: 0.120 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 31/42 300/253 87/94][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 103/81 597/384 114/68][Plen Bins: 64,17,0,5,0,0,0,0,0,5,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
25 TCP 192.168.1.184:56639 <-> 18.219.167.159:30303 [proto: 42/Mining][cat: Mining/99][20 pkts/2093 bytes <-> 19 pkts/1750 bytes][Goodput ratio: 36/32][0.38 sec][ETH][bytes ratio: 0.089 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 15/25 130/122 41/49][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 105/92 587/556 114/110][Plen Bins: 62,18,0,6,0,0,0,0,0,0,0,0,0,0,0,6,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
26 UDP 192.168.1.184:30303 <-> 52.231.165.108:30303 [proto: 42/Mining][cat: Mining/99][2 pkts/426 bytes <-> 4 pkts/3132 bytes][Goodput ratio: 80/95][0.27 sec][ETH][bytes ratio: -0.761 (Download)][IAT c2s/s2c min/avg/max/stddev: 40/0 40/6 40/19 0/9][Pkt Len c2s/s2c min/avg/max/stddev: 213/467 213/783 213/1099 0/316][Plen Bins: 0,0,0,0,0,33,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0]
27 TCP 192.168.1.184:56635 <-> 162.228.29.160:30303 [proto: 42/Mining][cat: Mining/99][21 pkts/2051 bytes <-> 16 pkts/1497 bytes][Goodput ratio: 32/31][0.47 sec][bytes ratio: 0.156 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 18/32 159/152 50/60][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 98/94 479/471 89/98][Plen Bins: 64,17,0,5,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
28 TCP 192.168.1.184:56629 <-> 51.38.60.79:30303 [proto: 42/Mining][cat: Mining/99][19 pkts/1927 bytes <-> 19 pkts/1600 bytes][Goodput ratio: 34/25][0.16 sec][bytes ratio: 0.093 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2/9 36/43 9/17][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 101/84 487/406 95/77][Plen Bins: 62,18,0,6,0,0,0,0,0,0,6,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
29 TCP 192.168.1.184:56652 <-> 176.9.136.209:30303 [proto: 42/Mining][cat: Mining/99][18 pkts/1971 bytes <-> 17 pkts/1556 bytes][Goodput ratio: 39/32][0.10 sec][ETH][bytes ratio: 0.118 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 4/9 34/33 11/14][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 110/92 597/494 122/101][Plen Bins: 60,20,0,6,0,0,0,0,0,0,0,0,0,6,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
30 TCP 192.168.1.184:56654 <-> 85.214.108.52:30303 [proto: 42/Mining][cat: Mining/99][17 pkts/1930 bytes <-> 14 pkts/1529 bytes][Goodput ratio: 41/42][0.14 sec][ETH][bytes ratio: 0.116 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 7/12 35/36 14/17][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 114/109 574/401 119/103][Plen Bins: 42,21,7,7,0,0,0,7,0,0,7,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
31 TCP 192.168.1.184:56657 <-> 138.75.171.190:30303 [proto: 42/Mining][cat: Mining/99][17 pkts/1913 bytes <-> 16 pkts/1521 bytes][Goodput ratio: 41/34][0.79 sec][ETH][bytes ratio: 0.114 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 37/88 263/261 91/122][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 113/95 605/525 126/112][Plen Bins: 50,28,0,7,0,0,0,0,0,0,0,0,0,0,7,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
32 TCP 192.168.1.184:56630 <-> 40.67.144.128:30303 [proto: 42/Mining][cat: Mining/99][18 pkts/1871 bytes <-> 17 pkts/1551 bytes][Goodput ratio: 36/31][0.38 sec][bytes ratio: 0.094 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 18/28 158/112 46/48][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 104/91 497/489 99/100][PLAIN TEXT (t ZZUM)][Plen Bins: 60,20,0,6,0,0,0,0,0,0,0,0,0,13,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
33 TCP 192.168.1.184:56624 <-> 89.38.99.34:30303 [proto: 42/Mining][cat: Mining/99][17 pkts/1895 bytes <-> 13 pkts/1495 bytes][Goodput ratio: 40/45][0.22 sec][ETH][bytes ratio: 0.118 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 11/22 65/66 22/31][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 111/115 539/433 111/113][Plen Bins: 42,21,7,7,0,0,0,7,0,0,0,7,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
34 TCP 192.168.1.184:56651 <-> 138.201.12.87:30303 [proto: 42/Mining][cat: Mining/99][18 pkts/1857 bytes <-> 18 pkts/1521 bytes][Goodput ratio: 35/26][0.10 sec][bytes ratio: 0.099 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 5/9 36/33 12/14][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 103/84 483/393 96/76][Plen Bins: 60,20,0,6,0,0,0,0,0,0,6,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
35 TCP 192.168.1.184:56672 <-> 139.162.255.210:30303 [proto: 42/Mining][cat: Mining/99][18 pkts/1826 bytes <-> 18 pkts/1550 bytes][Goodput ratio: 34/27][0.13 sec][bytes ratio: 0.082 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 6/11 42/42 14/18][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 101/86 452/422 90/82][Plen Bins: 60,20,0,6,0,0,0,0,0,0,0,6,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
36 TCP 192.168.1.184:56675 <-> 35.235.37.216:30303 [proto: 42/Mining][cat: Mining/99][17 pkts/1892 bytes <-> 13 pkts/1450 bytes][Goodput ratio: 41/43][0.10 sec][ETH][bytes ratio: 0.132 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 5/13 25/25 10/12][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 111/112 596/420 125/106][Plen Bins: 50,14,7,7,0,0,7,0,0,0,0,7,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
37 TCP 192.168.1.184:56641 <-> 144.91.120.135:30303 [proto: 42/Mining][cat: Mining/99][17 pkts/1914 bytes <-> 14 pkts/1422 bytes][Goodput ratio: 41/37][0.12 sec][ETH][bytes ratio: 0.147 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 6/10 30/29 11/13][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 113/102 606/390 127/97][Plen Bins: 53,15,0,7,0,0,7,0,0,0,7,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
38 TCP 192.168.1.184:56681 <-> 207.180.206.216:30303 [proto: 42/Mining][cat: Mining/99][17 pkts/1864 bytes <-> 13 pkts/1420 bytes][Goodput ratio: 40/42][0.16 sec][ETH][bytes ratio: 0.135 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 8/10 40/40 16/17][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 110/109 568/384 118/98][Plen Bins: 50,14,7,7,0,0,7,0,0,7,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
39 TCP 192.168.1.184:56617 <-> 34.97.172.22:30303 [proto: 42/Mining][cat: Mining/99][17 pkts/1834 bytes <-> 12 pkts/1437 bytes][Goodput ratio: 39/46][1.13 sec][ETH][bytes ratio: 0.121 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 62/68 318/271 118/117][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 108/120 538/461 111/119][Plen Bins: 50,14,7,7,0,0,7,0,0,0,0,0,7,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
40 TCP 192.168.1.184:56613 <-> 162.243.160.83:30303 [proto: 42/Mining][cat: Mining/99][17 pkts/1832 bytes <-> 14 pkts/1433 bytes][Goodput ratio: 38/38][0.51 sec][ETH][bytes ratio: 0.122 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 28/52 154/153 55/71][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 108/102 524/401 108/99][PLAIN TEXT (fOZarJ)][Plen Bins: 53,15,0,7,0,0,7,0,0,0,7,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
41 TCP 192.168.1.184:56633 <-> 82.145.220.249:30303 [proto: 42/Mining][cat: Mining/99][17 pkts/1816 bytes <-> 15 pkts/1418 bytes][Goodput ratio: 38/34][0.20 sec][bytes ratio: 0.123 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 11/38 76/77 26/38][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 107/95 508/488 104/106][Plen Bins: 50,28,0,7,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
42 TCP 192.168.1.184:56679 <-> 35.228.158.52:30303 [proto: 42/Mining][cat: Mining/99][17 pkts/1748 bytes <-> 13 pkts/1472 bytes][Goodput ratio: 36/44][0.23 sec][bytes ratio: 0.086 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 12/20 59/60 23/28][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 103/113 452/436 92/109][Plen Bins: 50,14,7,7,0,0,7,0,0,0,0,7,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
43 TCP 192.168.1.184:56670 <-> 167.86.122.50:30303 [proto: 42/Mining][cat: Mining/99][17 pkts/1751 bytes <-> 13 pkts/1439 bytes][Goodput ratio: 36/42][0.16 sec][bytes ratio: 0.098 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 9/13 43/38 16/18][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 103/111 455/403 93/102][Plen Bins: 50,14,7,7,0,0,7,0,0,0,7,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
44 TCP 192.168.1.184:56642 <-> 178.62.10.218:30303 [proto: 42/Mining][cat: Mining/99][17 pkts/1777 bytes <-> 12 pkts/1369 bytes][Goodput ratio: 37/44][0.17 sec][bytes ratio: 0.130 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/2 9/22 43/42 17/20][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 105/114 481/399 99/104][Plen Bins: 50,14,7,7,0,0,7,0,0,0,7,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
45 TCP 192.168.1.184:56684 <-> 51.83.237.44:30303 [proto: 42/Mining][cat: Mining/99][17 pkts/1923 bytes <-> 7 pkts/1108 bytes][Goodput ratio: 42/58][0.13 sec][ETH][bytes ratio: 0.269 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 9/14 43/42 17/20][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 113/158 627/432 132/132][Plen Bins: 50,14,7,7,0,0,7,0,0,0,0,7,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
46 TCP 192.168.1.184:56655 <-> 202.112.28.106:30303 [proto: 42/Mining][cat: Mining/99][18 pkts/1982 bytes <-> 6 pkts/948 bytes][Goodput ratio: 39/57][0.88 sec][ETH][bytes ratio: 0.353 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 58/110 436/438 148/190][Pkt Len c2s/s2c min/avg/max/stddev: 66/67 110/158 560/434 113/130][Plen Bins: 50,25,0,12,0,0,0,0,0,0,0,6,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
47 TCP 192.168.1.184:56662 <-> 35.229.232.19:30303 [proto: 42/Mining][cat: Mining/99][21 pkts/1833 bytes <-> 9 pkts/1016 bytes][Goodput ratio: 37/49][0.59 sec][bytes ratio: 0.287 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 33/48 298/288 92/107][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 87/113 489/487 94/133][Plen Bins: 64,17,0,5,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
48 TCP 192.168.1.184:56663 <-> 124.217.235.180:30303 [proto: 42/Mining][cat: Mining/99][17 pkts/1919 bytes <-> 5 pkts/730 bytes][Goodput ratio: 41/54][0.77 sec][ETH][bytes ratio: 0.449 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 55/127 388/377 134/177][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 113/146 611/394 128/125][Plen Bins: 50,28,0,7,0,0,0,0,0,0,7,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
49 UDP 192.168.1.184:30303 <-> 18.219.167.159:30303 [proto: 42/Mining][cat: Mining/99][3 pkts/575 bytes <-> 4 pkts/1928 bytes][Goodput ratio: 78/91][0.75 sec][ETH][bytes ratio: -0.541 (Download)][IAT c2s/s2c min/avg/max/stddev: 127/0 314/209 501/626 187/295][Pkt Len c2s/s2c min/avg/max/stddev: 170/170 192/482 213/1099 18/375][Plen Bins: 0,0,0,0,57,14,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0]
50 TCP 192.168.1.184:56647 <-> 182.162.161.61:30303 [proto: 42/Mining][cat: Mining/99][11 pkts/1520 bytes <-> 5 pkts/842 bytes][Goodput ratio: 46/60][0.75 sec][ETH][bytes ratio: 0.287 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 83/124 372/371 154/175][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 138/168 588/554 147/193][Plen Bins: 50,12,0,12,0,0,0,0,0,0,0,0,0,0,0,12,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
51 TCP 192.168.1.184:56685 <-> 88.99.93.219:30303 [proto: 42/Mining][cat: Mining/99][9 pkts/1362 bytes <-> 3 pkts/603 bytes][Goodput ratio: 55/66][0.08 sec][ETH][bytes ratio: 0.386 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/3 11/20 41/38 18/18][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 151/201 646/463 179/185][Plen Bins: 42,14,0,14,0,0,0,0,0,0,0,0,14,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
52 UDP 192.168.1.184:30303 <-> 18.138.108.67:30303 [proto: 42/Mining][cat: Mining/99][1 pkts/213 bytes <-> 2 pkts/1566 bytes][Goodput ratio: 80/95][0.27 sec][ETH][Plen Bins: 0,0,0,0,0,33,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0]
53 UDP 192.168.1.184:30303 <-> 35.180.246.169:30301 [proto: 42.178/Mining.Amazon][cat: Mining/99][1 pkts/213 bytes <-> 2 pkts/1566 bytes][Goodput ratio: 80/95][0.03 sec][ETH][Plen Bins: 0,0,0,0,0,33,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0]
54 UDP 192.168.1.184:30303 <-> 3.209.45.79:30303 [proto: 42/Mining][cat: Mining/99][1 pkts/213 bytes <-> 2 pkts/1564 bytes][Goodput ratio: 80/95][0.14 sec][ETH][Plen Bins: 0,0,0,0,0,33,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
55 UDP 192.168.1.184:30303 <-> 34.97.172.22:30303 [proto: 42/Mining][cat: Mining/99][1 pkts/213 bytes <-> 2 pkts/1564 bytes][Goodput ratio: 80/95][0.27 sec][ETH][PLAIN TEXT (PbEvGi)][Plen Bins: 0,0,0,0,0,33,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0]
56 UDP 192.168.1.184:30303 <-> 54.36.160.211:30303 [proto: 42/Mining][cat: Mining/99][1 pkts/213 bytes <-> 2 pkts/1564 bytes][Goodput ratio: 80/95][0.08 sec][ETH][PLAIN TEXT (PbEvGi)][Plen Bins: 0,0,0,0,0,33,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0]
57 UDP 192.168.1.184:30303 <-> 128.0.51.140:30303 [proto: 42/Mining][cat: Mining/99][1 pkts/213 bytes <-> 2 pkts/1564 bytes][Goodput ratio: 80/95][0.08 sec][ETH][Plen Bins: 0,0,0,0,0,33,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
58 TCP 192.168.1.184:56612 <-> 66.42.82.246:30303 [proto: 42/Mining][cat: Mining/99][3 pkts/639 bytes <-> 2 pkts/140 bytes][Goodput ratio: 67/0][0.32 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
59 TCP 192.168.1.184:56680 <-> 138.59.17.58:30303 [proto: 42/Mining][cat: Mining/99][3 pkts/657 bytes <-> 1 pkts/74 bytes][Goodput ratio: 68/0][0.20 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
60 UDP 183.129.242.164:1024 <-> 192.168.1.184:30303 [proto: 42/Mining][cat: Mining/99][2 pkts/360 bytes <-> 2 pkts/362 bytes][Goodput ratio: 76/77][0.38 sec][ETH][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
61 TCP 192.168.1.184:56686 <-> 206.189.107.35:30303 [proto: 42/Mining][cat: Mining/99][3 pkts/617 bytes <-> 1 pkts/74 bytes][Goodput ratio: 66/0][0.05 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
62 TCP 192.168.1.184:56678 <-> 13.251.14.199:30303 [proto: 42.178/Mining.Amazon][cat: Web/5][3 pkts/614 bytes <-> 1 pkts/74 bytes][Goodput ratio: 66/0][0.25 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
63 UDP 192.168.1.184:30303 <-> 66.42.82.246:30303 [proto: 42/Mining][cat: Mining/99][2 pkts/383 bytes <-> 1 pkts/191 bytes][Goodput ratio: 78/78][0.64 sec][ETH][Plen Bins: 0,0,0,0,66,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
64 UDP 87.14.222.25:56693 -> 192.168.1.184:30303 [proto: 42/Mining][cat: Mining/99][2 pkts/383 bytes -> 0 pkts/0 bytes][Goodput ratio: 78/0][1.06 sec][ETH][Plen Bins: 0,0,0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
65 UDP 192.168.1.184:30303 -> 111.229.0.180:20182 [proto: 42/Mining][cat: Mining/99][2 pkts/383 bytes -> 0 pkts/0 bytes][Goodput ratio: 78/0][1.00 sec][ETH][Plen Bins: 0,0,0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
66 UDP 192.168.1.184:30303 -> 209.97.143.1:50000 [proto: 42/Mining][cat: Mining/99][2 pkts/383 bytes -> 0 pkts/0 bytes][Goodput ratio: 78/0][1.00 sec][ETH][Plen Bins: 0,0,0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
67 UDP 192.168.1.184:30303 <-> 202.112.28.106:30303 [proto: 42/Mining][cat: Mining/99][1 pkts/170 bytes <-> 1 pkts/191 bytes][Goodput ratio: 75/78][0.44 sec][ETH][PLAIN TEXT (0/XoR/Q)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
68 UDP 192.168.1.184:30303 <-> 167.86.122.50:30303 [proto: 42/Mining][cat: Mining/99][1 pkts/170 bytes <-> 1 pkts/189 bytes][Goodput ratio: 75/77][0.03 sec][ETH][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
69 UDP 3.112.138.57:25516 -> 192.168.1.184:30303 [proto: 42/Mining][cat: Mining/99][1 pkts/181 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][ETH][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
70 UDP 60.191.32.71:30303 -> 192.168.1.184:30303 [proto: 42/Mining][cat: Mining/99][1 pkts/171 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][< 1 sec][ETH][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
71 UDP 192.168.1.184:30303 -> 106.12.39.168:30333 [proto: 42/Mining][cat: Mining/99][1 pkts/170 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][< 1 sec][ETH][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
72 TCP 192.168.1.184:56625 -> 5.1.83.226:30303 [proto: 42/Mining][cat: Mining/99][2 pkts/156 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][1.10 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
73 TCP 192.168.1.184:56637 -> 35.233.197.131:30303 [proto: 42/Mining][cat: Mining/99][2 pkts/156 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][1.11 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
74 TCP 192.168.1.184:56644 -> 13.230.108.42:30303 [proto: 42.178/Mining.Amazon][cat: Web/5][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

2
tests/result/exe_download.pcap.out
View file

@ -1,3 +1,3 @@
HTTP 703 717463 1
1 TCP 10.9.25.101:49165 <-> 144.91.69.195:80 [proto: 7/HTTP][cat: Download-FileTransfer-FileSharing/7][203 pkts/11127 bytes <-> 500 pkts/706336 bytes][Goodput ratio: 1/96][5.18 sec][Host: 144.91.69.195][bytes ratio: -0.969 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 23/9 319/365 49/37][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 55/1413 207/1514 11/134][URL: 144.91.69.195/solar.php][StatusCode: 200][Content-Type: application/octet-stream][User-Agent: pwtyyEKzNtGatwnJjmCcBLbOveCVpc][Risk: ** Binary application transfer **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][PLAIN TEXT (GET /solar.php HTTP/1.1)]
1 TCP 10.9.25.101:49165 <-> 144.91.69.195:80 [proto: 7/HTTP][cat: Download-FileTransfer-FileSharing/7][203 pkts/11127 bytes <-> 500 pkts/706336 bytes][Goodput ratio: 1/96][5.18 sec][Host: 144.91.69.195][bytes ratio: -0.969 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 23/9 319/365 49/37][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 55/1413 207/1514 11/134][URL: 144.91.69.195/solar.php][StatusCode: 200][Content-Type: application/octet-stream][User-Agent: pwtyyEKzNtGatwnJjmCcBLbOveCVpc][Risk: ** Binary application transfer **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][PLAIN TEXT (GET /solar.php HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0,2,0,0,7,0,0,62,0,0,24,0]

2
tests/result/exe_download_as_png.pcap.out
View file

@ -1,3 +1,3 @@
HTTP 534 529449 1
1 TCP 10.9.25.101:49197 <-> 185.98.87.185:80 [proto: 7/HTTP][cat: Web/5][163 pkts/9113 bytes <-> 371 pkts/520336 bytes][Goodput ratio: 3/96][69.52 sec][Host: 185.98.87.185][bytes ratio: -0.966 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 623/25 60010/4824 5733/276][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 56/1403 204/1514 16/164][URL: 185.98.87.185/tablone.png][StatusCode: 200][Content-Type: image/png][User-Agent: WinHTTP loader/1.0][Risk: ** Binary application transfer **** HTTP Numeric IP Address **][PLAIN TEXT (GET /tablone.png HTTP/1.1)]
1 TCP 10.9.25.101:49197 <-> 185.98.87.185:80 [proto: 7/HTTP][cat: Web/5][163 pkts/9113 bytes <-> 371 pkts/520336 bytes][Goodput ratio: 3/96][69.52 sec][Host: 185.98.87.185][bytes ratio: -0.966 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 623/25 60010/4824 5733/276][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 56/1403 204/1514 16/164][URL: 185.98.87.185/tablone.png][StatusCode: 200][Content-Type: image/png][User-Agent: WinHTTP loader/1.0][Risk: ** Binary application transfer **** HTTP Numeric IP Address **][PLAIN TEXT (GET /tablone.png HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,10,0,0,70,0,0,16,0]

4
tests/result/facebook.pcap.out
View file

@ -5,5 +5,5 @@ JA3 Host Stats:
1 192.168.43.18 2
1 TCP 192.168.43.18:44614 <-> 31.13.86.36:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][19 pkts/2664 bytes <-> 22 pkts/22102 bytes][Goodput ratio: 53/93][0.68 sec][ALPN: h2;spdy/3.1;http/1.1][bytes ratio: -0.785 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 35/31 154/154 52/52][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 140/1005 583/1454 137/604][TLSv1.2][Client: www.facebook.com][JA3C: 5c60e71f1b8cd40e4d40ed5b6d666e3f][JA3S: 96681175a9547081bf3d417f1a572091][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256]
2 TCP 192.168.43.18:52066 <-> 66.220.156.68:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][9 pkts/1345 bytes <-> 10 pkts/4400 bytes][Goodput ratio: 55/85][1.30 sec][ALPN: h2;spdy/3.1;http/1.1][bytes ratio: -0.532 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 148/73 414/313 172/127][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 149/440 449/1454 125/522][TLSv1.2][Client: facebook.com][JA3C: bfcc1a3891601edb4f137ab7ab25b840][ServerNames: *.facebook.com,*.facebook.net,*.fb.com,*.fbcdn.net,*.fbsbx.com,*.m.facebook.com,*.messenger.com,*.xx.fbcdn.net,*.xy.fbcdn.net,*.xz.fbcdn.net,facebook.com,fb.com,messenger.com][JA3S: 2d1eb5817ece335c24904f516ad5da12][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 High Assurance Server CA][Subject: C=US, ST=CA, L=Menlo Park, O=Facebook, Inc., CN=*.facebook.com][Certificate SHA-1: A0:4E:AF:B3:48:C2:6B:15:A8:C1:AA:87:A3:33:CA:A3:CD:EE:C9:C9][Validity: 2014-08-28 00:00:00 - 2016-12-30 12:00:00][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256]
1 TCP 192.168.43.18:44614 <-> 31.13.86.36:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][19 pkts/2664 bytes <-> 22 pkts/22102 bytes][Goodput ratio: 53/93][0.68 sec][ALPN: h2;spdy/3.1;http/1.1][bytes ratio: -0.785 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 35/31 154/154 52/52][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 140/1005 583/1454 137/604][TLSv1.2][Client: www.facebook.com][JA3C: 5c60e71f1b8cd40e4d40ed5b6d666e3f][JA3S: 96681175a9547081bf3d417f1a572091][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,14,10,3,7,0,0,0,0,0,0,3,3,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0]
2 TCP 192.168.43.18:52066 <-> 66.220.156.68:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][9 pkts/1345 bytes <-> 10 pkts/4400 bytes][Goodput ratio: 55/85][1.30 sec][ALPN: h2;spdy/3.1;http/1.1][bytes ratio: -0.532 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 148/73 414/313 172/127][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 149/440 449/1454 125/522][TLSv1.2][Client: facebook.com][JA3C: bfcc1a3891601edb4f137ab7ab25b840][ServerNames: *.facebook.com,*.facebook.net,*.fb.com,*.fbcdn.net,*.fbsbx.com,*.m.facebook.com,*.messenger.com,*.xx.fbcdn.net,*.xy.fbcdn.net,*.xz.fbcdn.net,facebook.com,fb.com,messenger.com][JA3S: 2d1eb5817ece335c24904f516ad5da12][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 High Assurance Server CA][Subject: C=US, ST=CA, L=Menlo Park, O=Facebook, Inc., CN=*.facebook.com][Certificate SHA-1: A0:4E:AF:B3:48:C2:6B:15:A8:C1:AA:87:A3:33:CA:A3:CD:EE:C9:C9][Validity: 2014-08-28 00:00:00 - 2016-12-30 12:00:00][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,18,9,9,0,9,9,0,9,0,0,9,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,18,0,0,0]

24
tests/result/fix.pcap.out
View file

@ -1,14 +1,14 @@
FIX 1261 115514 12
1 TCP 208.245.107.3:4000 <-> 192.168.0.20:45578 [proto: 230/FIX][cat: RPC/16][228 pkts/26333 bytes <-> 228 pkts/13920 bytes][Goodput ratio: 53/2][22.80 sec][bytes ratio: 0.308 (Upload)][IAT c2s/s2c min/avg/max/stddev: 3/0 100/100 850/850 127/126][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 115/61 511/140 54/9][PLAIN TEXT (FIX.4.1)]
2 TCP 8.17.22.31:4000 <-> 192.168.0.20:47968 [proto: 230/FIX][cat: RPC/16][201 pkts/21246 bytes <-> 200 pkts/13460 bytes][Goodput ratio: 38/2][22.86 sec][bytes ratio: 0.224 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 110/109 501/500 86/84][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 106/67 169/153 15/11][PLAIN TEXT (FIX.4.1)]
3 TCP 8.17.22.31:4000 <-> 192.168.0.20:43594 [proto: 230/FIX][cat: RPC/16][111 pkts/16881 bytes <-> 111 pkts/7680 bytes][Goodput ratio: 57/5][22.65 sec][bytes ratio: 0.375 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 202/199 265/291 96/98][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 152/69 288/164 42/17][PLAIN TEXT (FIX.4.1)]
4 TCP 208.245.107.3:4000 <-> 192.168.0.20:45584 [proto: 230/FIX][cat: RPC/16][35 pkts/3022 bytes <-> 35 pkts/2342 bytes][Goodput ratio: 37/11][22.43 sec][bytes ratio: 0.127 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 49/0 697/692 5507/5507 975/979][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 86/67 93/141 10/23][PLAIN TEXT (FIX.4.1)]
5 TCP 8.17.22.31:4000 <-> 192.168.0.20:40918 [proto: 230/FIX][cat: RPC/16][18 pkts/1938 bytes <-> 18 pkts/1358 bytes][Goodput ratio: 39/13][21.69 sec][bytes ratio: 0.176 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 22/0 1072/1067 3366/3366 841/848][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 108/75 147/151 19/27][PLAIN TEXT (FIX.4.1)]
6 TCP 208.245.107.3:4000 <-> 192.168.0.20:38652 [proto: 230/FIX][cat: RPC/16][9 pkts/961 bytes <-> 9 pkts/700 bytes][Goodput ratio: 49/25][20.03 sec][bytes ratio: 0.157 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 54/0 2141/2147 4977/4935 1579/1591][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 107/78 135/140 33/33][PLAIN TEXT (FIX.4.1)]
7 TCP 8.17.22.31:4000 <-> 192.168.0.20:47952 [proto: 230/FIX][cat: RPC/16][5 pkts/577 bytes <-> 5 pkts/484 bytes][Goodput ratio: 43/32][19.47 sec][bytes ratio: 0.088 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 4240/4262 4867/4867 5760/5738 653/633][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 115/97 179/143 44/38][PLAIN TEXT (FIX.4.1)]
8 TCP 8.17.22.31:4000 <-> 192.168.0.20:47962 [proto: 230/FIX][cat: RPC/16][6 pkts/513 bytes <-> 4 pkts/522 bytes][Goodput ratio: 23/49][20.06 sec][bytes ratio: -0.009 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 18/10021 4012/6681 10004/10022 4890/4724][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 86/130 105/152 20/37][PLAIN TEXT (FIX.4.1)]
9 TCP 208.245.107.3:4000 <-> 192.168.0.20:39094 [proto: 230/FIX][cat: RPC/16][6 pkts/456 bytes <-> 5 pkts/551 bytes][Goodput ratio: 29/49][10.10 sec][bytes ratio: -0.094 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2500/2500 6254/6212 2635/2608][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 76/110 108/153 23/41][PLAIN TEXT (FIX.4.1)]
10 TCP 217.192.86.32:4000 <-> 192.168.0.20:53330 [proto: 230/FIX][cat: RPC/16][6 pkts/456 bytes <-> 5 pkts/551 bytes][Goodput ratio: 29/49][10.17 sec][bytes ratio: -0.094 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2500/2500 8435/8394 3473/3448][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 76/110 108/152 23/41][PLAIN TEXT (FIX.4.1)]
11 TCP 208.245.107.3:4000 <-> 192.168.0.20:38646 [proto: 230/FIX][cat: RPC/16][6 pkts/441 bytes <-> 4 pkts/477 bytes][Goodput ratio: 26/53][20.05 sec][bytes ratio: -0.039 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 49/10000 4010/6667 9950/10000 4832/4714][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 74/119 93/139 20/34][PLAIN TEXT (FIX.4.1)]
12 TCP 8.17.22.31:4000 <-> 192.168.0.20:40928 [proto: 230/FIX][cat: RPC/16][4 pkts/342 bytes <-> 2 pkts/303 bytes][Goodput ratio: 23/56][10.02 sec][bytes ratio: 0.060 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 19/10000 3339/10000 9980/10000 4696/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/151 86/152 105/152 20/0][PLAIN TEXT (FIX.4.1)]
1 TCP 208.245.107.3:4000 <-> 192.168.0.20:45578 [proto: 230/FIX][cat: RPC/16][228 pkts/26333 bytes <-> 228 pkts/13920 bytes][Goodput ratio: 53/2][22.80 sec][bytes ratio: 0.308 (Upload)][IAT c2s/s2c min/avg/max/stddev: 3/0 100/100 850/850 127/126][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 115/61 511/140 54/9][PLAIN TEXT (FIX.4.1)][Plen Bins: 34,39,10,8,2,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 TCP 8.17.22.31:4000 <-> 192.168.0.20:47968 [proto: 230/FIX][cat: RPC/16][201 pkts/21246 bytes <-> 200 pkts/13460 bytes][Goodput ratio: 38/2][22.86 sec][bytes ratio: 0.224 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 110/109 501/500 86/84][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 106/67 169/153 15/11][PLAIN TEXT (FIX.4.1)][Plen Bins: 23,66,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 TCP 8.17.22.31:4000 <-> 192.168.0.20:43594 [proto: 230/FIX][cat: RPC/16][111 pkts/16881 bytes <-> 111 pkts/7680 bytes][Goodput ratio: 57/5][22.65 sec][bytes ratio: 0.375 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 202/199 265/291 96/98][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 152/69 288/164 42/17][PLAIN TEXT (FIX.4.1)][Plen Bins: 3,24,30,27,10,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 TCP 208.245.107.3:4000 <-> 192.168.0.20:45584 [proto: 230/FIX][cat: RPC/16][35 pkts/3022 bytes <-> 35 pkts/2342 bytes][Goodput ratio: 37/11][22.43 sec][bytes ratio: 0.127 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 49/0 697/692 5507/5507 975/979][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 86/67 93/141 10/23][PLAIN TEXT (FIX.4.1)][Plen Bins: 0,91,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 TCP 8.17.22.31:4000 <-> 192.168.0.20:40918 [proto: 230/FIX][cat: RPC/16][18 pkts/1938 bytes <-> 18 pkts/1358 bytes][Goodput ratio: 39/13][21.69 sec][bytes ratio: 0.176 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 22/0 1072/1067 3366/3366 841/848][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 108/75 147/151 19/27][PLAIN TEXT (FIX.4.1)][Plen Bins: 0,83,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
6 TCP 208.245.107.3:4000 <-> 192.168.0.20:38652 [proto: 230/FIX][cat: RPC/16][9 pkts/961 bytes <-> 9 pkts/700 bytes][Goodput ratio: 49/25][20.03 sec][bytes ratio: 0.157 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 54/0 2141/2147 4977/4935 1579/1591][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 107/78 135/140 33/33][PLAIN TEXT (FIX.4.1)][Plen Bins: 0,22,77,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
7 TCP 8.17.22.31:4000 <-> 192.168.0.20:47952 [proto: 230/FIX][cat: RPC/16][5 pkts/577 bytes <-> 5 pkts/484 bytes][Goodput ratio: 43/32][19.47 sec][bytes ratio: 0.088 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 4240/4262 4867/4867 5760/5738 653/633][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 115/97 179/143 44/38][PLAIN TEXT (FIX.4.1)][Plen Bins: 0,0,80,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
8 TCP 8.17.22.31:4000 <-> 192.168.0.20:47962 [proto: 230/FIX][cat: RPC/16][6 pkts/513 bytes <-> 4 pkts/522 bytes][Goodput ratio: 23/49][20.06 sec][bytes ratio: -0.009 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 18/10021 4012/6681 10004/10022 4890/4724][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 86/130 105/152 20/37][PLAIN TEXT (FIX.4.1)][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
9 TCP 208.245.107.3:4000 <-> 192.168.0.20:39094 [proto: 230/FIX][cat: RPC/16][6 pkts/456 bytes <-> 5 pkts/551 bytes][Goodput ratio: 29/49][10.10 sec][bytes ratio: -0.094 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2500/2500 6254/6212 2635/2608][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 76/110 108/153 23/41][PLAIN TEXT (FIX.4.1)][Plen Bins: 0,50,33,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
10 TCP 217.192.86.32:4000 <-> 192.168.0.20:53330 [proto: 230/FIX][cat: RPC/16][6 pkts/456 bytes <-> 5 pkts/551 bytes][Goodput ratio: 29/49][10.17 sec][bytes ratio: -0.094 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2500/2500 8435/8394 3473/3448][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 76/110 108/152 23/41][PLAIN TEXT (FIX.4.1)][Plen Bins: 0,50,33,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
11 TCP 208.245.107.3:4000 <-> 192.168.0.20:38646 [proto: 230/FIX][cat: RPC/16][6 pkts/441 bytes <-> 4 pkts/477 bytes][Goodput ratio: 26/53][20.05 sec][bytes ratio: -0.039 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 49/10000 4010/6667 9950/10000 4832/4714][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 74/119 93/139 20/34][PLAIN TEXT (FIX.4.1)][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
12 TCP 8.17.22.31:4000 <-> 192.168.0.20:40928 [proto: 230/FIX][cat: RPC/16][4 pkts/342 bytes <-> 2 pkts/303 bytes][Goodput ratio: 23/56][10.02 sec][bytes ratio: 0.060 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 19/10000 3339/10000 9980/10000 4696/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/151 86/152 105/152 20/0][PLAIN TEXT (FIX.4.1)][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

6
tests/result/ftp.pcap.out
View file

@ -2,9 +2,9 @@ Unknown 1115 1122198 1
FTP_CONTROL 68 5571 1
FTP_DATA 9 1819 1
1 TCP 192.168.1.212:50694 <-> 90.130.70.73:21 [proto: 1/FTP_CONTROL][cat: Download-FileTransfer-FileSharing/7][41 pkts/2892 bytes <-> 27 pkts/2679 bytes][Goodput ratio: 6/33][8.48 sec][User: anonymous][Pwd: NcFTP@][bytes ratio: 0.038 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 236/108 4743/1377 849/305][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 71/99 96/307 7/45][PLAIN TEXT (vsFTPd 3.0.3)]
2 TCP 192.168.1.212:50695 <-> 90.130.70.73:25685 [proto: 175/FTP_DATA][cat: Download-FileTransfer-FileSharing/7][5 pkts/342 bytes <-> 4 pkts/1477 bytes][Goodput ratio: 0/82][0.09 sec][bytes ratio: -0.624 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/28 14/28 29/29 14/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 68/369 78/1271 5/521][PLAIN TEXT ( 1 0 0 1073741)]
1 TCP 192.168.1.212:50694 <-> 90.130.70.73:21 [proto: 1/FTP_CONTROL][cat: Download-FileTransfer-FileSharing/7][41 pkts/2892 bytes <-> 27 pkts/2679 bytes][Goodput ratio: 6/33][8.48 sec][User: anonymous][Pwd: NcFTP@][bytes ratio: 0.038 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 236/108 4743/1377 849/305][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 71/99 96/307 7/45][PLAIN TEXT (vsFTPd 3.0.3)][Plen Bins: 72,18,5,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 TCP 192.168.1.212:50695 <-> 90.130.70.73:25685 [proto: 175/FTP_DATA][cat: Download-FileTransfer-FileSharing/7][5 pkts/342 bytes <-> 4 pkts/1477 bytes][Goodput ratio: 0/82][0.09 sec][bytes ratio: -0.624 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/28 14/28 29/29 14/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 68/369 78/1271 5/521][PLAIN TEXT ( 1 0 0 1073741)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0]
Undetected flows:
1 TCP 192.168.1.212:50696 <-> 90.130.70.73:24523 [proto: 0/Unknown][380 pkts/25104 bytes <-> 735 pkts/1097094 bytes][Goodput ratio: 0/96][0.33 sec][bytes ratio: -0.955 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/0 29/29 2/2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 66/1493 78/1506 1/135]
1 TCP 192.168.1.212:50696 <-> 90.130.70.73:24523 [proto: 0/Unknown][380 pkts/25104 bytes <-> 735 pkts/1097094 bytes][Goodput ratio: 0/96][0.33 sec][bytes ratio: -0.955 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/0 29/29 2/2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 66/1493 78/1506 1/135][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0]

2
tests/result/ftp_failed.pcap.out
View file

@ -1,3 +1,3 @@
FTP_CONTROL 18 1700 1
1 TCP [2a00:d40:1:3:192:12:193:11]:44724 <-> [2a00:800:1010::1]:21 [proto: 1/FTP_CONTROL][cat: Download-FileTransfer-FileSharing/7][10 pkts/892 bytes <-> 8 pkts/808 bytes][Goodput ratio: 3/14][7.24 sec][User: hello][Pwd: ][Auth Failed][bytes ratio: 0.049 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 896/1442 5304/5318 1757/2052][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 89/101 98/126 4/15][PLAIN TEXT (vsFTPd 3.0.3)]
1 TCP [2a00:d40:1:3:192:12:193:11]:44724 <-> [2a00:800:1010::1]:21 [proto: 1/FTP_CONTROL][cat: Download-FileTransfer-FileSharing/7][10 pkts/892 bytes <-> 8 pkts/808 bytes][Goodput ratio: 3/14][7.24 sec][User: hello][Pwd: ][Auth Failed][bytes ratio: 0.049 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 896/1442 5304/5318 1757/2052][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 89/101 98/126 4/15][PLAIN TEXT (vsFTPd 3.0.3)][Plen Bins: 71,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

502
tests/result/fuzz-2006-06-26-2594.pcap.out
View file

@ -8,257 +8,257 @@ SMBv23 3 186 1
RTP 9 1926 5
SIP 85 39540 15
1 UDP 212.242.33.35:5060 <-> 192.168.1.2:5060 [proto: 100/SIP][cat: VoIP/10][23 pkts/11772 bytes <-> 37 pkts/14743 bytes][Goodput ratio: 91/89][1521.43 sec][bytes ratio: -0.112 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 19/227 32597/38366 167478/304738 41340/57147][Pkt Len c2s/s2c min/avg/max/stddev: 344/47 512/398 711/1118 86/358][PLAIN TEXT (SIP/2.0 401 Unauthorized)]
2 UDP 192.168.1.2:5060 <-> 200.68.120.81:5060 [proto: 100/SIP][cat: VoIP/10][9 pkts/4647 bytes <-> 3 pkts/1944 bytes][Goodput ratio: 92/93][66.58 sec][bytes ratio: 0.410 (Upload)][IAT c2s/s2c min/avg/max/stddev: 507/34556 8170/34556 32608/34556 10578/0][Pkt Len c2s/s2c min/avg/max/stddev: 417/637 516/648 864/656 186/8][PLAIN TEXT (INVITEKsip)]
3 UDP 192.168.1.2:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][71 pkts/6532 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][1527.12 sec][Host: eci_domain][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 741/0 20522/0 93225/0 24163/0][Pkt Len c2s/s2c min/avg/max/stddev: 92/0 92/0 92/0 0/0][PLAIN TEXT ( EFEDEJ)]
4 TCP 192.168.1.2:2720 <-> 147.234.1.253:21 [proto: 1/FTP_CONTROL][cat: Download-FileTransfer-FileSharing/7][11 pkts/624 bytes <-> 14 pkts/1080 bytes][Goodput ratio: 4/27][0.32 sec][bytes ratio: -0.268 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 24/7 115/18 38/8][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 57/77 70/113 5/19][PLAIN TEXT (220 ProFTPD Server In ECI Telec)]
5 UDP 192.168.1.2:5060 -> 212.242.33.35:17860 [proto: 100/SIP][cat: VoIP/10][1 pkts/1118 bytes -> 0 pkts/0 bytes][Goodput ratio: 96/0][< 1 sec][PLAIN TEXT (INVITE six)]
6 UDP 192.168.1.2:30000 -> 212.242.33.36:40392 [proto: 87/RTP][cat: Media/1][5 pkts/1070 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][0.05 sec][PLAIN TEXT (goxcffj)]
7 UDP 192.168.1.2:68 <-> 192.168.1.1:67 [proto: 18/DHCP][cat: Network/14][1 pkts/342 bytes <-> 1 pkts/590 bytes][Goodput ratio: 87/93][0.00 sec][Host: d002465][DHCP Fingerprint: 1,15,3,6,44,46,47,31,33,43][PLAIN TEXT (002465Q)]
8 UDP 192.168.1.41:138 -> 192.168.1.255:138 [proto: 10.16/NetBIOS.SMBv1][cat: System/18][4 pkts/891 bytes -> 0 pkts/0 bytes][Goodput ratio: 81/0][665.91 sec][Host: lab111][PLAIN TEXT ( EMEBECDBDBDBCACACACACACACACACA)]
9 UDP 192.168.1.2:5060 -> 200.68.120.81:4932 [proto: 100/SIP][cat: VoIP/10][1 pkts/864 bytes -> 0 pkts/0 bytes][Goodput ratio: 95/0][< 1 sec][PLAIN TEXT (INVITE sip)]
10 UDP 192.168.1.41:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][7 pkts/644 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][13.52 sec][Host: workgroup][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 751/0 2253/0 4255/0 1348/0][Pkt Len c2s/s2c min/avg/max/stddev: 92/0 92/0 92/0 0/0][PLAIN TEXT ( FHEPFCELEHFCEPFFFACACACACACA)]
11 UDP 212.242.33.35:5060 -> 192.37.115.0:5060 [proto: 100/SIP][cat: VoIP/10][1 pkts/527 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][< 1 sec][PLAIN TEXT (SIP/2.0 401 Unauthorized)]
12 UDP 192.168.1.2:20932 -> 212.242.33.35:5060 [proto: 100/SIP][cat: VoIP/10][1 pkts/509 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][< 1 sec][PLAIN TEXT (REGISTER sip)]
13 UDP 192.168.1.52:5060 -> 212.242.33.35:5060 [proto: 100/SIP][cat: VoIP/10][1 pkts/509 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][< 1 sec][PLAIN TEXT (REGISTER sip)]
14 UDP 192.168.1.2:5060 -> 212.234.33.35:5060 [proto: 100/SIP][cat: VoIP/10][1 pkts/506 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][< 1 sec][PLAIN TEXT (REGISTER sip)]
15 UDP 192.168.1.2:138 -> 192.168.1.255:138 [proto: 10.16/NetBIOS.SMBv1][cat: System/18][2 pkts/486 bytes -> 0 pkts/0 bytes][Goodput ratio: 83/0][718.24 sec][Host: d002465][PLAIN TEXT ( EEDADADCDEDGDFC)]
16 UDP 192.168.1.2:2740 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][5 pkts/430 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cyberci)]
17 UDP 192.168.1.2:2744 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][5 pkts/430 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
18 UDP 192.168.1.2:2748 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][5 pkts/430 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][::][PLAIN TEXT (cybercity)]
19 UDP 192.168.1.2:2756 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][5 pkts/430 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
20 UDP 192.168.1.2:2789 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][5 pkts/430 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
21 UDP 192.168.1.2:2806 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][5 pkts/430 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][Host: _sip._udp.sip.cybercity.qk][::][PLAIN TEXT (bercity)]
22 UDP 192.168.1.2:2825 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][5 pkts/430 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
23 UDP 192.86.1.2:5060 -> 200.68.120.99:5060 [proto: 100/SIP][cat: VoIP/10][1 pkts/417 bytes -> 0 pkts/0 bytes][Goodput ratio: 90/0][< 1 sec][PLAIN TEXT (CANCEL qip)]
24 UDP 192.168.1.2:4292 -> 200.68.37.115:5060 [proto: 100/SIP][cat: VoIP/10][1 pkts/417 bytes -> 0 pkts/0 bytes][Goodput ratio: 90/0][< 1 sec][PLAIN TEXT (CANCEL sip)]
25 UDP 192.169.1.2:5060 -> 200.68.120.81:5060 [proto: 100/SIP][cat: VoIP/10][1 pkts/417 bytes -> 0 pkts/0 bytes][Goodput ratio: 90/0][< 1 sec][PLAIN TEXT (CANCEL sip)]
26 UDP 192.168.1.2:4901 -> 200.68.120.81:29440 [proto: 100/SIP][cat: VoIP/10][1 pkts/389 bytes -> 0 pkts/0 bytes][Goodput ratio: 68/0][< 1 sec][PLAIN TEXT (ACK sip)]
27 UDP 192.168.1.2:5060 -> 212.242.33.201:5060 [proto: 100/SIP][cat: VoIP/10][1 pkts/366 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][< 1 sec][PLAIN TEXT (ACK sip)]
28 UDP 192.168.1.2:2795 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][3 pkts/228 bytes <-> 1 pkts/128 bytes][Goodput ratio: 45/67][4.36 sec][Host: sip.cybercity.dk][212.242.33.35][PLAIN TEXT (cybercity)]
29 UDP 192.168.1.2:2830 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][3 pkts/228 bytes <-> 1 pkts/128 bytes][Goodput ratio: 45/67][4.37 sec][Host: sip.cybercity.dk][212.242.33.35][PLAIN TEXT (cybercity)]
30 UDP 208.242.33.35:5060 -> 192.168.1.2:5060 [proto: 100/SIP][cat: VoIP/10][1 pkts/348 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][< 1 sec][PLAIN TEXT (SIP/2.0 100 Trying)]
31 UDP 192.168.1.2:2734 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][4 pkts/344 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
32 UDP 192.168.1.2:2742 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][4 pkts/344 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
33 UDP 192.168.1.2:2750 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][4 pkts/344 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][Host: _sip._udp.vo_s][::][PLAIN TEXT (brujula)]
34 UDP 192.168.1.2:2764 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][4 pkts/344 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][Host: _sip._udp.s_p.cibercity.dk][::][PLAIN TEXT (cybercity)]
35 UDP 192.168.1.2:2772 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][4 pkts/344 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][::][PLAIN TEXT (cybercity)]
36 UDP 192.168.1.2:2774 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][4 pkts/344 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (sipicybercity)]
37 UDP 192.168.1.2:2776 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][4 pkts/344 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
38 UDP 192.168.1.2:2787 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][4 pkts/344 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][8.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
39 UDP 192.168.1.2:2798 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][4 pkts/344 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][8.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
40 UDP 192.168.1.2:2804 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][4 pkts/344 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][5.00 sec][Host: _sip.oudp.sip.cybercity._k][::][PLAIN TEXT (cybercity)]
41 UDP 192.168.1.2:2812 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][4 pkts/344 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cyaercity)]
42 UDP 192.168.1.2:2816 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][4 pkts/344 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.24 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
43 UDP 192.168.1.2:2823 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][4 pkts/344 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.00 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
44 UDP 192.168.1.2:2722 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][4 pkts/340 bytes -> 0 pkts/0 bytes][Goodput ratio: 50/0][16.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
45 UDP 192.168.1.2:2793 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][2 pkts/152 bytes <-> 1 pkts/169 bytes][Goodput ratio: 44/75][3.35 sec][Host: reg.sippstar.com][82.98.209.39][PLAIN TEXT (sippstar)]
46 UDP 192.168.1.2:2794 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][2 pkts/152 bytes <-> 1 pkts/128 bytes][Goodput ratio: 44/67][4.28 sec][Host: sip.cybercity.dk][212.242.33.35][PLAIN TEXT (cybercity)]
47 UDP 192.168.1.2:2715 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][3 pkts/258 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][5.00 sec][Host: _sip._udp.sip.cyber_ity.dk][::][PLAIN TEXT (cybercity)]
48 UDP 192.168.1.2:2724 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][3 pkts/258 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][8.01 sec][::][PLAIN TEXT (cybercity)]
49 UDP 192.168.1.2:2736 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][3 pkts/258 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
50 UDP 192.168.1.2:2738 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][3 pkts/258 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][8.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
51 UDP 192.168.1.2:2746 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][3 pkts/258 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][Host: _sip._udp.voip.brujula.net][::][PLAIN TEXT (brujula)]
52 UDP 192.168.1.2:2752 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][3 pkts/258 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][5.00 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
53 UDP 192.168.1.2:2754 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][3 pkts/258 bytes -> 0 pkts/0 bytes][Goodput ratio: 37/0][8.26 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
54 UDP 192.168.1.2:2760 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][3 pkts/258 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][6.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
55 UDP 192.168.1.2:2762 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][3 pkts/258 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][3.00 sec][Host: _sip._udp.sip.cybercity.sk][::][PLAIN TEXT (cybercity)]
56 UDP 192.168.1.2:2783 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][3 pkts/258 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
57 UDP 192.168.1.2:2796 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][3 pkts/258 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][3.20 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
58 UDP 192.168.1.2:2800 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][3 pkts/258 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][3.06 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
59 UDP 192.168.1.2:2802 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][3 pkts/258 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][8.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
60 UDP 192.168.1.2:2810 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][3 pkts/258 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][4.01 sec][Host: _sip._udp.sip.nybercity.dk][::][PLAIN TEXT (Mybercity)]
61 UDP 192.168.1.2:2814 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][3 pkts/258 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][Host: _sib._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
62 UDP 192.168.1.2:138 -> 192.168.1.251:138 [proto: 10.16/NetBIOS.SMBv1][cat: System/18][1 pkts/243 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec]
63 UDP 192.168.1.2:2719 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/75 bytes <-> 1 pkts/168 bytes][Goodput ratio: 43/75][1.01 sec][147.234.1.253][PLAIN TEXT (ecitele)]
64 UDP 192.168.1.41:138 -> 192.168.1.255:394 [proto: 10/NetBIOS][cat: System/18][1 pkts/243 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][PLAIN TEXT (MEBECDBDBDBCACACACACACACACACACA)]
65 UDP 81.168.1.2:30000 -> 212.242.33.36:40392 [proto: 87/RTP][cat: Media/1][1 pkts/214 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][< 1 sec]
66 UDP 192.168.1.2:30000 -> 37.115.0.36:40392 [proto: 87/RTP][cat: Media/1][1 pkts/214 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][< 1 sec][PLAIN TEXT (njlndlj)]
67 UDP 192.168.1.2:30000 -> 214.242.33.36:40392 [proto: 87/RTP][cat: Media/1][1 pkts/214 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][< 1 sec]
68 UDP 192.168.1.3:30000 -> 212.242.33.36:40392 [proto: 87/RTP][cat: Media/1][1 pkts/214 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][< 1 sec][PLAIN TEXT (VRUDKBu)]
69 UDP 192.168.1.1:53 -> 192.168.1.2:2733 [proto: 5/DNS][cat: Network/14][2 pkts/210 bytes -> 0 pkts/0 bytes][Goodput ratio: 60/0][218.53 sec][Host: 1.0.0.127.in-addr.arpa][::]
70 UDP 192.168.1.2:2714 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/105 bytes][Goodput ratio: 48/59][0.00 sec][Host: 1.0.0.127.in-addr.arpa][::]
71 UDP 192.168.1.2:2725 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/105 bytes][Goodput ratio: 48/59][0.00 sec][Host: 1.0.0.127.in-addr.arpa][::]
72 UDP 192.168.1.2:2737 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/105 bytes][Goodput ratio: 48/59][0.00 sec][Host: 1.0.0.127.in-addr.arpa][::]
73 UDP 192.168.1.2:2739 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/105 bytes][Goodput ratio: 48/59][0.00 sec][Host: 1.0.0.127.in-addr.arpa][::]
74 UDP 192.168.1.2:2743 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/105 bytes][Goodput ratio: 48/59][0.00 sec][Host: 1.0.0.127.in-addr.arpa][::]
75 UDP 192.168.1.2:2753 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/105 bytes][Goodput ratio: 48/59][0.00 sec][Host: 1.0.0.527.in-addr.arpa][::]
76 UDP 192.168.1.2:2755 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/105 bytes][Goodput ratio: 48/59][0.00 sec][::]
77 UDP 192.168.1.2:2757 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/105 bytes][Goodput ratio: 48/59][0.00 sec][::]
78 UDP 192.168.1.2:2761 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/105 bytes][Goodput ratio: 11/59][0.00 sec][Host: 1.0.0.127.in-addr.arpa][::]
79 UDP 192.168.1.2:2763 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/105 bytes][Goodput ratio: 48/59][0.00 sec][Host: 1.0.0.127.in-addr.arpa][::]
80 UDP 192.168.1.2:2767 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/105 bytes][Goodput ratio: 48/59][0.00 sec][Host: 1.0.0.127.in-addr.arpa][::]
81 UDP 192.168.1.2:2775 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/105 bytes][Goodput ratio: 48/59][0.00 sec][Host: 1.0.0.127.in-addr.arpa][::]
82 UDP 192.168.1.2:2797 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/105 bytes][Goodput ratio: 48/59][0.00 sec][::]
83 UDP 192.168.1.2:2801 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/105 bytes][Goodput ratio: 48/59][0.00 sec][::]
84 UDP 192.168.1.2:2803 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/105 bytes][Goodput ratio: 48/59][0.00 sec][Host: 1.0.0.127.in-addr.arpa][::]
85 UDP 192.168.1.2:2809 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/105 bytes][Goodput ratio: 48/59][0.00 sec][Host: 1.0.0.127.in-addr.arpa][::]
86 UDP 192.168.1.2:2824 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/105 bytes][Goodput ratio: 48/59][0.00 sec][Host: 1.0.0.127.in-addr.arpa][::]
87 UDP 192.168.1.2:2826 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/105 bytes][Goodput ratio: 48/59][0.00 sec][Host: 1.0.0.127.in-addr.arpa][::]
88 UDP 192.168.1.2:2831 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/105 bytes][Goodput ratio: 48/59][0.00 sec][Host: 1.0.0.127.in-addr.arpa][::]
89 TCP 192.168.1.2:2717 -> 147.137.21.94:445 [proto: 41/SMBv23][cat: System/18][3 pkts/186 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][8.93 sec]
90 UDP 192.168.1.2:2713 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
91 UDP 192.168.1.2:2732 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][4.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
92 UDP 192.168.1.2:2758 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][4.01 sec][Host: _sip._udp.sip.gybercity.dk][::][PLAIN TEXT (cybercity)]
93 UDP 192.168.1.2:2766 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][2.00 sec][::][PLAIN TEXT (cybercity)]
94 UDP 192.168.1.2:2768 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
95 UDP 192.168.1.2:2770 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][4.01 sec][::][PLAIN TEXT (cybercity)]
96 UDP 192.168.1.2:2785 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][276.51 sec][Host: _sip._udp.sip.cybevcity.dk][::][PLAIN TEXT (cybercity)]
97 UDP 192.168.1.2:2808 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][2.00 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
98 UDP 192.168.1.2:2827 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][2.00 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cyberciMy)]
99 UDP 192.168.1.2:2829 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][1.00 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
100 UDP 192.168.1.2:2716 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][2 pkts/168 bytes -> 0 pkts/0 bytes][Goodput ratio: 50/0][353.97 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
101 UDP 192.168.1.3:53 -> 192.168.1.2:2712 [proto: 5/DNS][cat: Network/14][1 pkts/144 bytes -> 0 pkts/0 bytes][Goodput ratio: 70/0][< 1 sec][Host: sip.cybercity.dk][212.242.33.35][PLAIN TEXT (cybercity)]
102 TCP 147.234.1.253:21 -> 192.169.1.2:2720 [proto: 1/FTP_CONTROL][cat: Download-FileTransfer-FileSharing/7][1 pkts/130 bytes -> 0 pkts/0 bytes][Goodput ratio: 58/0][< 1 sec][PLAIN TEXT (331 Anonymous login ok)]
103 TCP 192.168.1.2:2718 -> 147.137.21.94:139 [proto: 10/NetBIOS][cat: System/18][2 pkts/124 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][2.92 sec]
104 TCP 147.234.1.253:21 -> 192.168.1.2:2732 [proto: 1/FTP_CONTROL][cat: Download-FileTransfer-FileSharing/7][1 pkts/113 bytes -> 0 pkts/0 bytes][Goodput ratio: 52/0][< 1 sec][PLAIN TEXT ( Files larger then 250MB will b)]
105 UDP 192.168.1.1:53 -> 192.168.1.2:2572 [proto: 5/DNS][cat: Network/14][1 pkts/105 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][::]
106 UDP 192.168.1.1:53 -> 192.168.1.2:2723 [proto: 5/DNS][cat: Network/14][1 pkts/105 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][Host: 1.0.0.127.in-adds.arpa][::]
107 UDP 192.168.1.1:53 -> 192.168.1.2:2745 [proto: 5/DNS][cat: Network/14][1 pkts/105 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][Host: 1.0.0.127.in-addr.arpa][::]
108 UDP 192.168.1.1:53 -> 192.168.1.2:2747 [proto: 5/DNS][cat: Network/14][1 pkts/105 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][Host: 1.0.0.127.in-addr.arpa][::]
109 UDP 192.168.1.1:53 -> 192.168.1.2:2751 [proto: 5/DNS][cat: Network/14][1 pkts/105 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][::]
110 UDP 192.168.1.1:53 -> 192.168.1.2:2765 [proto: 5/DNS][cat: Network/14][1 pkts/105 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][::]
111 UDP 192.168.1.1:53 -> 192.168.1.2:2771 [proto: 5/DNS][cat: Network/14][1 pkts/105 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][Host: 1.0.0.127.in-addr.arpa][::]
112 UDP 192.168.1.1:53 -> 192.168.1.2:2782 [proto: 5/DNS][cat: Network/14][1 pkts/105 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][Host: 1.0.0.127.in-addr.arpa][::]
113 UDP 192.168.1.1:53 -> 192.168.1.2:2805 [proto: 5/DNS][cat: Network/14][1 pkts/105 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][Host: 1.0.0.127.in-addr.arpa][::]
114 UDP 192.168.1.1:53 -> 192.168.1.2:2807 [proto: 5/DNS][cat: Network/14][1 pkts/105 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][::]
115 UDP 192.168.1.1:53 -> 192.168.5.2:2784 [proto: 5/DNS][cat: Network/14][1 pkts/105 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][Host: 1.0.0.127.in-addr.aspa][::]
116 UDP 192.168.1.1:53 -> 192.168.119.2:2799 [proto: 5/DNS][cat: Network/14][1 pkts/105 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][Host: 1.0.0.127.in-addr.arpa][::]
117 UDP 192.168.1.1:53 -> 240.168.1.2:2792 [proto: 5/DNS][cat: Network/14][1 pkts/105 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][::]
118 UDP 192.168.130.1:53 -> 192.168.1.2:2741 [proto: 5/DNS][cat: Network/14][1 pkts/105 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][Host: 1.0.0.127.in-addr.arpa][::]
119 UDP 192.168.233.1:53 -> 192.168.1.2:2811 [proto: 5/DNS][cat: Network/14][1 pkts/105 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][Host: 1.0.0.127.in-addr.arpa][::]
120 UDP 253.168.1.1:53 -> 192.168.1.2:2735 [proto: 5/DNS][cat: Network/14][1 pkts/105 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][Host: 1.0.0.127.in-addr.arpa][::]
121 TCP 147.234.1.253:21 -> 192.168.65.2:2720 [proto: 1/FTP_CONTROL][cat: Download-FileTransfer-FileSharing/7][1 pkts/95 bytes -> 0 pkts/0 bytes][Goodput ratio: 43/0][< 1 sec][PLAIN TEXT (230 Guest access granted for an)]
122 UDP 62.168.1.2:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Host: eci_domain][PLAIN TEXT ( EFEDEJ)]
123 UDP 115.0.1.41:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Host: workgroup][PLAIN TEXT ( FHEPFCELEHFCEPFFFACACACACACACA)]
124 UDP 192.136.1.2:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Host: 5ci_dombin][PLAIN TEXT ( DFEDEJ)]
125 UDP 192.168.1.2:11 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Host: eci_domain][PLAIN TEXT ( EFEDEJ)]
126 UDP 192.168.1.2:88 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Host: eci_domain][PLAIN TEXT ( EFEDEJ)]
127 UDP 192.168.1.2:137 -> 120.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Host: eci_doma][PLAIN TEXT ( EFEDEJ)]
128 UDP 192.168.1.2:137 -> 192.168.1.112:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Host: eci_domain][PLAIN TEXT ( EFEDEJ)]
129 UDP 192.168.1.2:137 -> 192.168.1.255:169 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][PLAIN TEXT ( EFEDEJ)]
130 UDP 192.168.1.2:137 -> 192.168.1.255:905 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][PLAIN TEXT ( EFEDEJ)]
131 UDP 192.168.1.2:137 -> 192.168.1.255:8329 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec]
132 UDP 192.168.1.2:137 -> 192.168.1.255:25481 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][PLAIN TEXT ( EFEDEJ)]
133 UDP 192.168.1.2:137 -> 192.168.1.255:35721 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][PLAIN TEXT ( EFEDEJ)]
134 UDP 192.168.1.2:137 -> 192.194.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Host: eci_domain][PLAIN TEXT ( EFEDEJ)]
135 UDP 192.168.1.2:137 -> 200.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Host: eci_domain][PLAIN TEXT ( EFEDEJ)]
136 UDP 192.168.1.2:29440 -> 192.168.1.37:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][PLAIN TEXT (EFEDEJFPEEEPENEBEJEOCACACACACAB)]
137 UDP 192.168.1.41:137 -> 107.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Host: workgroup][PLAIN TEXT ( FHEPFCELEHFCEPFFFACACACACACACA)]
138 UDP 192.168.1.41:137 -> 192.168.37.115:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Host: workgroup][PLAIN TEXT ( FHEPFCELEHFCEPFFFACACACACACACA)]
139 UDP 192.168.1.46:53 -> 192.168.1.2:2726 [proto: 5/DNS][cat: Network/14][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Host: sip.cybercity.dk][212.242.33.35][PLAIN TEXT (cybercity)]
140 UDP 192.168.1.202:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Host: eci_dom][PLAIN TEXT ( EFEDEJ)]
141 UDP 192.184.189.41:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Host: workg][PLAIN TEXT ( FHEPFCELEH)]
142 UDP 217.168.1.2:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][PLAIN TEXT ( EFEDEJ)]
143 UDP 0.168.1.2:2783 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
144 UDP 14.168.1.2:2754 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
145 UDP 116.168.1.2:2829 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
146 UDP 128.168.1.2:2810 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][::][PLAIN TEXT (cybescity)]
147 UDP 172.168.1.2:2734 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][::][PLAIN TEXT (cybercity)]
148 UDP 192.22.1.2:2760 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][::][PLAIN TEXT (cybercity)]
149 UDP 192.98.1.2:2752 -> 25.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
150 UDP 192.168.1.2:202 -> 192.168.37.115:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
151 UDP 192.168.1.2:2568 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
152 UDP 192.168.1.2:2640 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][::]
153 UDP 192.168.1.2:2684 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.dybercity.dk][::][PLAIN TEXT (Dybercity)]
154 UDP 192.168.1.2:2722 -> 192.136.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
155 UDP 192.168.1.2:2724 -> 192.168.17.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _zip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
156 UDP 192.168.1.2:2736 -> 192.168.1.17:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
157 UDP 192.168.1.2:2738 -> 192.168.84.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cybercitu.dk][::][PLAIN TEXT (cybercitu)]
158 UDP 192.168.1.2:2752 -> 102.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][::]
159 UDP 192.168.1.2:2772 -> 192.184.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
160 UDP 192.168.1.2:2787 -> 192.168.3.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
161 UDP 192.168.1.2:2791 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
162 UDP 192.168.1.2:2791 -> 192.168.67.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][::][PLAIN TEXT (yberci)]
163 UDP 192.168.1.2:2796 -> 192.168.1.129:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][::]
164 UDP 192.168.1.2:2827 -> 192.168.1.114:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
165 UDP 192.168.1.2:2827 -> 192.170.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cyberc_ty.dk][::][PLAIN TEXT (cyberc)]
166 UDP 192.168.1.2:2832 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
167 UDP 192.168.1.2:10942 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.voip.brujula.net][::][PLAIN TEXT (brujula)]
168 UDP 192.168.1.2:14798 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
169 UDP 192.168.1.2:18162 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][::][PLAIN TEXT (cyhercity)]
170 UDP 192.168.1.2:19192 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
171 UDP 192.168.1.2:29688 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cyberciby.dk][::][PLAIN TEXT (cyberciby)]
172 UDP 192.168.1.2:35536 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][::][PLAIN TEXT (cybercity)]
173 UDP 192.168.1.34:2746 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][::]
174 UDP 192.168.1.53:2791 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
175 UDP 192.168.1.110:2713 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][::][PLAIN TEXT (cybercity)]
176 UDP 192.168.1.172:2766 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
177 UDP 192.168.9.2:2774 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][::][PLAIN TEXT (cybercity)]
178 UDP 192.168.37.115:2758 -> 128.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][::][PLAIN TEXT (cybercity)]
179 UDP 192.168.54.2:2829 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][::][PLAIN TEXT (cibercity)]
180 UDP 192.168.79.2:2791 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
181 UDP 192.170.1.2:2810 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][::][PLAIN TEXT (cybercity)]
182 UDP 200.168.1.2:2785 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
183 UDP 208.168.1.2:2713 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][::][PLAIN TEXT (cybercity)]
184 UDP 192.168.1.2:2733 -> 192.168.115.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][Host: 1.0.0.127.in-addr.arqa][::]
185 UDP 192.168.1.2:2741 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][Host: 1.0.0.127.in-addr.arpa][::]
186 UDP 192.168.1.2:2747 -> 67.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][Host: 1.0.0.127.in-addr.arpa][::]
187 UDP 192.168.1.2:2749 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][::]
188 UDP 192.168.1.2:2759 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][Host: 1.0.0.127.sn-addr.arpa][::]
189 UDP 192.168.1.2:2769 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][Host: 1.0.0.127.in-addr.arpa][::]
190 UDP 192.168.1.2:2773 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][Host: 1.0.0.127.il-addr.arpa][::]
191 UDP 192.168.1.2:2784 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][::]
192 UDP 192.168.1.2:2786 -> 192.168.1.3:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][Host: 1.0.0.127.in-ad_r.arpa][::]
193 UDP 192.168.1.2:2788 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][Host: 1.0.0.127.in-addr.arpa][::]
194 UDP 192.168.1.2:2790 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][::]
195 UDP 192.168.1.2:2792 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][Host: 1.0.0.127.in-addr.arpa][::]
196 UDP 192.168.1.2:2799 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][Host: 1.0.0.127.in-addr.arpa][::]
197 UDP 192.168.1.2:2811 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][::]
198 UDP 192.168.1.2:2813 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][Host: 1.0.0.127_in-ad_r_arpa___][::]
199 UDP 192.168.1.2:2815 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][::]
200 UDP 192.168.1.2:2822 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][::]
201 UDP 192.168.1.2:2828 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][Host: 1.0.0.127.in-addr.arpa][::]
202 UDP 192.168.1.18:2751 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][::]
203 UDP 192.168.1.57:2771 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][::]
204 UDP 192.168.1.110:2765 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][Host: 1.0.0.127.in-addr.arpa][::]
205 UDP 192.168.33.2:2782 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][::]
206 UDP 194.168.1.2:2807 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][::]
207 UDP 200.168.1.2:2735 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][Host: 1.0.0.127.in-adds.arpa][::]
208 TCP 147.234.1.253:21 -> 192.168.1.66:2720 [proto: 1/FTP_CONTROL][cat: Download-FileTransfer-FileSharing/7][1 pkts/81 bytes -> 0 pkts/0 bytes][Goodput ratio: 33/0][< 1 sec]
209 UDP 192.168.1.2:2712 -> 192.37.115.0:53 [proto: 5/DNS][cat: Network/14][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44/0][< 1 sec][Host: sip.cybercrty.dk][::][PLAIN TEXT (cybercrty)]
210 UDP 192.168.1.2:2712 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44/0][< 1 sec][Host: sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
211 UDP 192.168.1.2:2794 -> 192.168.108.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44/0][< 1 sec][Host: sip.cybercity.dk][::][PLAIN TEXT (cybercity)]
212 UDP 192.114.1.2:2719 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/75 bytes -> 0 pkts/0 bytes][Goodput ratio: 43/0][< 1 sec][::]
213 TCP 147.234.1.253:21 -> 84.168.1.2:2720 [proto: 1/FTP_CONTROL][cat: Download-FileTransfer-FileSharing/7][1 pkts/73 bytes -> 0 pkts/0 bytes][Goodput ratio: 26/0][< 1 sec][PLAIN TEXT (200 Type set to I)]
214 TCP 192.168.1.2:2720 -> 147.117.1.253:21 [proto: 1/FTP_CONTROL][cat: Download-FileTransfer-FileSharing/7][1 pkts/73 bytes -> 0 pkts/0 bytes][Goodput ratio: 26/0][< 1 sec][PLAIN TEXT (RETR Site)]
215 TCP 192.168.1.2:2679 -> 147.234.1.253:21 [proto: 1/FTP_CONTROL][cat: Download-FileTransfer-FileSharing/7][1 pkts/66 bytes -> 0 pkts/0 bytes][Goodput ratio: 18/0][< 1 sec][PLAIN TEXT (PASS d0)]
216 TCP 192.168.1.71:2718 -> 147.137.21.122:139 [proto: 10/NetBIOS][cat: System/18][1 pkts/62 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
217 TCP 147.234.1.253:21 -> 192.2.1.2:2720 [proto: 1/FTP_CONTROL][cat: Download-FileTransfer-FileSharing/7][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 5/0][< 1 sec]
218 TCP 147.234.1.253:21 -> 192.168.1.2:2208 [proto: 1/FTP_CONTROL][cat: Download-FileTransfer-FileSharing/7][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 5/0][< 1 sec]
219 TCP 192.112.1.2:2720 -> 147.234.1.253:21 [proto: 1/FTP_CONTROL][cat: Download-FileTransfer-FileSharing/7][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 10/0][< 1 sec]
220 TCP 37.115.0.2:2639 -> 147.234.1.253:21 [proto: 1/FTP_CONTROL][cat: Download-FileTransfer-FileSharing/7][1 pkts/54 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
221 UDP 192.168.1.6:5060 -> 212.242.33.35:5060 [proto: 100/SIP][cat: VoIP/10][1 pkts/47 bytes -> 0 pkts/0 bytes][Goodput ratio: 10/0][< 1 sec]
1 UDP 212.242.33.35:5060 <-> 192.168.1.2:5060 [proto: 100/SIP][cat: VoIP/10][23 pkts/11772 bytes <-> 37 pkts/14743 bytes][Goodput ratio: 91/89][1521.43 sec][bytes ratio: -0.112 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 19/227 32597/38366 167478/304738 41340/57147][Pkt Len c2s/s2c min/avg/max/stddev: 344/47 512/398 711/1118 86/358][PLAIN TEXT (SIP/2.0 401 Unauthorized)][Plen Bins: 28,0,0,0,0,0,0,0,0,3,6,0,3,6,8,13,1,0,3,0,1,15,0,0,0,5,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 UDP 192.168.1.2:5060 <-> 200.68.120.81:5060 [proto: 100/SIP][cat: VoIP/10][9 pkts/4647 bytes <-> 3 pkts/1944 bytes][Goodput ratio: 92/93][66.58 sec][bytes ratio: 0.410 (Upload)][IAT c2s/s2c min/avg/max/stddev: 507/34556 8170/34556 32608/34556 10578/0][Pkt Len c2s/s2c min/avg/max/stddev: 417/637 516/648 864/656 186/8][PLAIN TEXT (INVITEKsip)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,58,0,0,0,0,0,0,8,16,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 UDP 192.168.1.2:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][71 pkts/6532 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][1527.12 sec][Host: eci_domain][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 741/0 20522/0 93225/0 24163/0][Pkt Len c2s/s2c min/avg/max/stddev: 92/0 92/0 92/0 0/0][PLAIN TEXT ( EFEDEJ)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 TCP 192.168.1.2:2720 <-> 147.234.1.253:21 [proto: 1/FTP_CONTROL][cat: Download-FileTransfer-FileSharing/7][11 pkts/624 bytes <-> 14 pkts/1080 bytes][Goodput ratio: 4/27][0.32 sec][bytes ratio: -0.268 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 24/7 115/18 38/8][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 57/77 70/113 5/19][PLAIN TEXT (220 ProFTPD Server In ECI Telec)][Plen Bins: 66,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 UDP 192.168.1.2:5060 -> 212.242.33.35:17860 [proto: 100/SIP][cat: VoIP/10][1 pkts/1118 bytes -> 0 pkts/0 bytes][Goodput ratio: 96/0][< 1 sec][PLAIN TEXT (INVITE six)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0]
6 UDP 192.168.1.2:30000 -> 212.242.33.36:40392 [proto: 87/RTP][cat: Media/1][5 pkts/1070 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][0.05 sec][PLAIN TEXT (goxcffj)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
7 UDP 192.168.1.2:68 <-> 192.168.1.1:67 [proto: 18/DHCP][cat: Network/14][1 pkts/342 bytes <-> 1 pkts/590 bytes][Goodput ratio: 87/93][0.00 sec][Host: d002465][DHCP Fingerprint: 1,15,3,6,44,46,47,31,33,43][PLAIN TEXT (002465Q)][Plen Bins: 0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
8 UDP 192.168.1.41:138 -> 192.168.1.255:138 [proto: 10.16/NetBIOS.SMBv1][cat: System/18][4 pkts/891 bytes -> 0 pkts/0 bytes][Goodput ratio: 81/0][665.91 sec][Host: lab111][PLAIN TEXT ( EMEBECDBDBDBCACACACACACACACACA)][Plen Bins: 0,0,0,0,0,75,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
9 UDP 192.168.1.2:5060 -> 200.68.120.81:4932 [proto: 100/SIP][cat: VoIP/10][1 pkts/864 bytes -> 0 pkts/0 bytes][Goodput ratio: 95/0][< 1 sec][PLAIN TEXT (INVITE sip)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
10 UDP 192.168.1.41:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][7 pkts/644 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][13.52 sec][Host: workgroup][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 751/0 2253/0 4255/0 1348/0][Pkt Len c2s/s2c min/avg/max/stddev: 92/0 92/0 92/0 0/0][PLAIN TEXT ( FHEPFCELEHFCEPFFFACACACACACA)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
11 UDP 212.242.33.35:5060 -> 192.37.115.0:5060 [proto: 100/SIP][cat: VoIP/10][1 pkts/527 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][< 1 sec][PLAIN TEXT (SIP/2.0 401 Unauthorized)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
12 UDP 192.168.1.2:20932 -> 212.242.33.35:5060 [proto: 100/SIP][cat: VoIP/10][1 pkts/509 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][< 1 sec][PLAIN TEXT (REGISTER sip)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
13 UDP 192.168.1.52:5060 -> 212.242.33.35:5060 [proto: 100/SIP][cat: VoIP/10][1 pkts/509 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][< 1 sec][PLAIN TEXT (REGISTER sip)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
14 UDP 192.168.1.2:5060 -> 212.234.33.35:5060 [proto: 100/SIP][cat: VoIP/10][1 pkts/506 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][< 1 sec][PLAIN TEXT (REGISTER sip)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
15 UDP 192.168.1.2:138 -> 192.168.1.255:138 [proto: 10.16/NetBIOS.SMBv1][cat: System/18][2 pkts/486 bytes -> 0 pkts/0 bytes][Goodput ratio: 83/0][718.24 sec][Host: d002465][PLAIN TEXT ( EEDADADCDEDGDFC)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
16 UDP 192.168.1.2:2740 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][5 pkts/430 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cyberci)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
17 UDP 192.168.1.2:2744 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][5 pkts/430 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
18 UDP 192.168.1.2:2748 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][5 pkts/430 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
19 UDP 192.168.1.2:2756 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][5 pkts/430 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
20 UDP 192.168.1.2:2789 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][5 pkts/430 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
21 UDP 192.168.1.2:2806 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][5 pkts/430 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][Host: _sip._udp.sip.cybercity.qk][::][PLAIN TEXT (bercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
22 UDP 192.168.1.2:2825 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][5 pkts/430 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
23 UDP 192.86.1.2:5060 -> 200.68.120.99:5060 [proto: 100/SIP][cat: VoIP/10][1 pkts/417 bytes -> 0 pkts/0 bytes][Goodput ratio: 90/0][< 1 sec][PLAIN TEXT (CANCEL qip)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
24 UDP 192.168.1.2:4292 -> 200.68.37.115:5060 [proto: 100/SIP][cat: VoIP/10][1 pkts/417 bytes -> 0 pkts/0 bytes][Goodput ratio: 90/0][< 1 sec][PLAIN TEXT (CANCEL sip)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
25 UDP 192.169.1.2:5060 -> 200.68.120.81:5060 [proto: 100/SIP][cat: VoIP/10][1 pkts/417 bytes -> 0 pkts/0 bytes][Goodput ratio: 90/0][< 1 sec][PLAIN TEXT (CANCEL sip)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
26 UDP 192.168.1.2:4901 -> 200.68.120.81:29440 [proto: 100/SIP][cat: VoIP/10][1 pkts/389 bytes -> 0 pkts/0 bytes][Goodput ratio: 68/0][< 1 sec][PLAIN TEXT (ACK sip)][Plen Bins: 0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
27 UDP 192.168.1.2:5060 -> 212.242.33.201:5060 [proto: 100/SIP][cat: VoIP/10][1 pkts/366 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][< 1 sec][PLAIN TEXT (ACK sip)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
28 UDP 192.168.1.2:2795 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][3 pkts/228 bytes <-> 1 pkts/128 bytes][Goodput ratio: 45/67][4.36 sec][Host: sip.cybercity.dk][212.242.33.35][PLAIN TEXT (cybercity)][Plen Bins: 0,75,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
29 UDP 192.168.1.2:2830 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][3 pkts/228 bytes <-> 1 pkts/128 bytes][Goodput ratio: 45/67][4.37 sec][Host: sip.cybercity.dk][212.242.33.35][PLAIN TEXT (cybercity)][Plen Bins: 0,75,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
30 UDP 208.242.33.35:5060 -> 192.168.1.2:5060 [proto: 100/SIP][cat: VoIP/10][1 pkts/348 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][< 1 sec][PLAIN TEXT (SIP/2.0 100 Trying)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
31 UDP 192.168.1.2:2734 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][4 pkts/344 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
32 UDP 192.168.1.2:2742 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][4 pkts/344 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
33 UDP 192.168.1.2:2750 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][4 pkts/344 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][Host: _sip._udp.vo_s][::][PLAIN TEXT (brujula)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
34 UDP 192.168.1.2:2764 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][4 pkts/344 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][Host: _sip._udp.s_p.cibercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
35 UDP 192.168.1.2:2772 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][4 pkts/344 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
36 UDP 192.168.1.2:2774 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][4 pkts/344 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (sipicybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
37 UDP 192.168.1.2:2776 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][4 pkts/344 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
38 UDP 192.168.1.2:2787 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][4 pkts/344 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][8.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
39 UDP 192.168.1.2:2798 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][4 pkts/344 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][8.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
40 UDP 192.168.1.2:2804 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][4 pkts/344 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][5.00 sec][Host: _sip.oudp.sip.cybercity._k][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
41 UDP 192.168.1.2:2812 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][4 pkts/344 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cyaercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
42 UDP 192.168.1.2:2816 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][4 pkts/344 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.24 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
43 UDP 192.168.1.2:2823 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][4 pkts/344 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.00 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
44 UDP 192.168.1.2:2722 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][4 pkts/340 bytes -> 0 pkts/0 bytes][Goodput ratio: 50/0][16.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
45 UDP 192.168.1.2:2793 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][2 pkts/152 bytes <-> 1 pkts/169 bytes][Goodput ratio: 44/75][3.35 sec][Host: reg.sippstar.com][82.98.209.39][PLAIN TEXT (sippstar)][Plen Bins: 0,66,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
46 UDP 192.168.1.2:2794 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][2 pkts/152 bytes <-> 1 pkts/128 bytes][Goodput ratio: 44/67][4.28 sec][Host: sip.cybercity.dk][212.242.33.35][PLAIN TEXT (cybercity)][Plen Bins: 0,66,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
47 UDP 192.168.1.2:2715 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][3 pkts/258 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][5.00 sec][Host: _sip._udp.sip.cyber_ity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
48 UDP 192.168.1.2:2724 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][3 pkts/258 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][8.01 sec][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
49 UDP 192.168.1.2:2736 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][3 pkts/258 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
50 UDP 192.168.1.2:2738 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][3 pkts/258 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][8.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
51 UDP 192.168.1.2:2746 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][3 pkts/258 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][Host: _sip._udp.voip.brujula.net][::][PLAIN TEXT (brujula)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
52 UDP 192.168.1.2:2752 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][3 pkts/258 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][5.00 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
53 UDP 192.168.1.2:2754 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][3 pkts/258 bytes -> 0 pkts/0 bytes][Goodput ratio: 37/0][8.26 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 33,66,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
54 UDP 192.168.1.2:2760 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][3 pkts/258 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][6.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
55 UDP 192.168.1.2:2762 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][3 pkts/258 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][3.00 sec][Host: _sip._udp.sip.cybercity.sk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
56 UDP 192.168.1.2:2783 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][3 pkts/258 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
57 UDP 192.168.1.2:2796 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][3 pkts/258 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][3.20 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
58 UDP 192.168.1.2:2800 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][3 pkts/258 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][3.06 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
59 UDP 192.168.1.2:2802 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][3 pkts/258 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][8.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
60 UDP 192.168.1.2:2810 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][3 pkts/258 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][4.01 sec][Host: _sip._udp.sip.nybercity.dk][::][PLAIN TEXT (Mybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
61 UDP 192.168.1.2:2814 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][3 pkts/258 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][Host: _sib._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
62 UDP 192.168.1.2:138 -> 192.168.1.251:138 [proto: 10.16/NetBIOS.SMBv1][cat: System/18][1 pkts/243 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
63 UDP 192.168.1.2:2719 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/75 bytes <-> 1 pkts/168 bytes][Goodput ratio: 43/75][1.01 sec][147.234.1.253][PLAIN TEXT (ecitele)][Plen Bins: 0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
64 UDP 192.168.1.41:138 -> 192.168.1.255:394 [proto: 10/NetBIOS][cat: System/18][1 pkts/243 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][PLAIN TEXT (MEBECDBDBDBCACACACACACACACACACA)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
65 UDP 81.168.1.2:30000 -> 212.242.33.36:40392 [proto: 87/RTP][cat: Media/1][1 pkts/214 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][< 1 sec][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
66 UDP 192.168.1.2:30000 -> 37.115.0.36:40392 [proto: 87/RTP][cat: Media/1][1 pkts/214 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][< 1 sec][PLAIN TEXT (njlndlj)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
67 UDP 192.168.1.2:30000 -> 214.242.33.36:40392 [proto: 87/RTP][cat: Media/1][1 pkts/214 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][< 1 sec][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
68 UDP 192.168.1.3:30000 -> 212.242.33.36:40392 [proto: 87/RTP][cat: Media/1][1 pkts/214 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][< 1 sec][PLAIN TEXT (VRUDKBu)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
69 UDP 192.168.1.1:53 -> 192.168.1.2:2733 [proto: 5/DNS][cat: Network/14][2 pkts/210 bytes -> 0 pkts/0 bytes][Goodput ratio: 60/0][218.53 sec][Host: 1.0.0.127.in-addr.arpa][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
70 UDP 192.168.1.2:2714 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/105 bytes][Goodput ratio: 48/59][0.00 sec][Host: 1.0.0.127.in-addr.arpa][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
71 UDP 192.168.1.2:2725 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/105 bytes][Goodput ratio: 48/59][0.00 sec][Host: 1.0.0.127.in-addr.arpa][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
72 UDP 192.168.1.2:2737 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/105 bytes][Goodput ratio: 48/59][0.00 sec][Host: 1.0.0.127.in-addr.arpa][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
73 UDP 192.168.1.2:2739 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/105 bytes][Goodput ratio: 48/59][0.00 sec][Host: 1.0.0.127.in-addr.arpa][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
74 UDP 192.168.1.2:2743 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/105 bytes][Goodput ratio: 48/59][0.00 sec][Host: 1.0.0.127.in-addr.arpa][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
75 UDP 192.168.1.2:2753 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/105 bytes][Goodput ratio: 48/59][0.00 sec][Host: 1.0.0.527.in-addr.arpa][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
76 UDP 192.168.1.2:2755 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/105 bytes][Goodput ratio: 48/59][0.00 sec][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
77 UDP 192.168.1.2:2757 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/105 bytes][Goodput ratio: 48/59][0.00 sec][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
78 UDP 192.168.1.2:2761 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/105 bytes][Goodput ratio: 11/59][0.00 sec][Host: 1.0.0.127.in-addr.arpa][::][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
79 UDP 192.168.1.2:2763 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/105 bytes][Goodput ratio: 48/59][0.00 sec][Host: 1.0.0.127.in-addr.arpa][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
80 UDP 192.168.1.2:2767 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/105 bytes][Goodput ratio: 48/59][0.00 sec][Host: 1.0.0.127.in-addr.arpa][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
81 UDP 192.168.1.2:2775 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/105 bytes][Goodput ratio: 48/59][0.00 sec][Host: 1.0.0.127.in-addr.arpa][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
82 UDP 192.168.1.2:2797 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/105 bytes][Goodput ratio: 48/59][0.00 sec][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
83 UDP 192.168.1.2:2801 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/105 bytes][Goodput ratio: 48/59][0.00 sec][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
84 UDP 192.168.1.2:2803 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/105 bytes][Goodput ratio: 48/59][0.00 sec][Host: 1.0.0.127.in-addr.arpa][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
85 UDP 192.168.1.2:2809 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/105 bytes][Goodput ratio: 48/59][0.00 sec][Host: 1.0.0.127.in-addr.arpa][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
86 UDP 192.168.1.2:2824 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/105 bytes][Goodput ratio: 48/59][0.00 sec][Host: 1.0.0.127.in-addr.arpa][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
87 UDP 192.168.1.2:2826 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/105 bytes][Goodput ratio: 48/59][0.00 sec][Host: 1.0.0.127.in-addr.arpa][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
88 UDP 192.168.1.2:2831 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/105 bytes][Goodput ratio: 48/59][0.00 sec][Host: 1.0.0.127.in-addr.arpa][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
89 TCP 192.168.1.2:2717 -> 147.137.21.94:445 [proto: 41/SMBv23][cat: System/18][3 pkts/186 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][8.93 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
90 UDP 192.168.1.2:2713 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
91 UDP 192.168.1.2:2732 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][4.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
92 UDP 192.168.1.2:2758 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][4.01 sec][Host: _sip._udp.sip.gybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
93 UDP 192.168.1.2:2766 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][2.00 sec][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
94 UDP 192.168.1.2:2768 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][9.01 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
95 UDP 192.168.1.2:2770 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][4.01 sec][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
96 UDP 192.168.1.2:2785 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][276.51 sec][Host: _sip._udp.sip.cybevcity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
97 UDP 192.168.1.2:2808 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][2.00 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
98 UDP 192.168.1.2:2827 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][2.00 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cyberciMy)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
99 UDP 192.168.1.2:2829 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][1.00 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
100 UDP 192.168.1.2:2716 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][2 pkts/168 bytes -> 0 pkts/0 bytes][Goodput ratio: 50/0][353.97 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
101 UDP 192.168.1.3:53 -> 192.168.1.2:2712 [proto: 5/DNS][cat: Network/14][1 pkts/144 bytes -> 0 pkts/0 bytes][Goodput ratio: 70/0][< 1 sec][Host: sip.cybercity.dk][212.242.33.35][PLAIN TEXT (cybercity)][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
102 TCP 147.234.1.253:21 -> 192.169.1.2:2720 [proto: 1/FTP_CONTROL][cat: Download-FileTransfer-FileSharing/7][1 pkts/130 bytes -> 0 pkts/0 bytes][Goodput ratio: 58/0][< 1 sec][PLAIN TEXT (331 Anonymous login ok)][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
103 TCP 192.168.1.2:2718 -> 147.137.21.94:139 [proto: 10/NetBIOS][cat: System/18][2 pkts/124 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][2.92 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
104 TCP 147.234.1.253:21 -> 192.168.1.2:2732 [proto: 1/FTP_CONTROL][cat: Download-FileTransfer-FileSharing/7][1 pkts/113 bytes -> 0 pkts/0 bytes][Goodput ratio: 52/0][< 1 sec][PLAIN TEXT ( Files larger then 250MB will b)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
105 UDP 192.168.1.1:53 -> 192.168.1.2:2572 [proto: 5/DNS][cat: Network/14][1 pkts/105 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
106 UDP 192.168.1.1:53 -> 192.168.1.2:2723 [proto: 5/DNS][cat: Network/14][1 pkts/105 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][Host: 1.0.0.127.in-adds.arpa][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
107 UDP 192.168.1.1:53 -> 192.168.1.2:2745 [proto: 5/DNS][cat: Network/14][1 pkts/105 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][Host: 1.0.0.127.in-addr.arpa][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
108 UDP 192.168.1.1:53 -> 192.168.1.2:2747 [proto: 5/DNS][cat: Network/14][1 pkts/105 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][Host: 1.0.0.127.in-addr.arpa][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
109 UDP 192.168.1.1:53 -> 192.168.1.2:2751 [proto: 5/DNS][cat: Network/14][1 pkts/105 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
110 UDP 192.168.1.1:53 -> 192.168.1.2:2765 [proto: 5/DNS][cat: Network/14][1 pkts/105 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
111 UDP 192.168.1.1:53 -> 192.168.1.2:2771 [proto: 5/DNS][cat: Network/14][1 pkts/105 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][Host: 1.0.0.127.in-addr.arpa][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
112 UDP 192.168.1.1:53 -> 192.168.1.2:2782 [proto: 5/DNS][cat: Network/14][1 pkts/105 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][Host: 1.0.0.127.in-addr.arpa][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
113 UDP 192.168.1.1:53 -> 192.168.1.2:2805 [proto: 5/DNS][cat: Network/14][1 pkts/105 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][Host: 1.0.0.127.in-addr.arpa][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
114 UDP 192.168.1.1:53 -> 192.168.1.2:2807 [proto: 5/DNS][cat: Network/14][1 pkts/105 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
115 UDP 192.168.1.1:53 -> 192.168.5.2:2784 [proto: 5/DNS][cat: Network/14][1 pkts/105 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][Host: 1.0.0.127.in-addr.aspa][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
116 UDP 192.168.1.1:53 -> 192.168.119.2:2799 [proto: 5/DNS][cat: Network/14][1 pkts/105 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][Host: 1.0.0.127.in-addr.arpa][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
117 UDP 192.168.1.1:53 -> 240.168.1.2:2792 [proto: 5/DNS][cat: Network/14][1 pkts/105 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
118 UDP 192.168.130.1:53 -> 192.168.1.2:2741 [proto: 5/DNS][cat: Network/14][1 pkts/105 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][Host: 1.0.0.127.in-addr.arpa][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
119 UDP 192.168.233.1:53 -> 192.168.1.2:2811 [proto: 5/DNS][cat: Network/14][1 pkts/105 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][Host: 1.0.0.127.in-addr.arpa][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
120 UDP 253.168.1.1:53 -> 192.168.1.2:2735 [proto: 5/DNS][cat: Network/14][1 pkts/105 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][Host: 1.0.0.127.in-addr.arpa][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
121 TCP 147.234.1.253:21 -> 192.168.65.2:2720 [proto: 1/FTP_CONTROL][cat: Download-FileTransfer-FileSharing/7][1 pkts/95 bytes -> 0 pkts/0 bytes][Goodput ratio: 43/0][< 1 sec][PLAIN TEXT (230 Guest access granted for an)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
122 UDP 62.168.1.2:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Host: eci_domain][PLAIN TEXT ( EFEDEJ)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
123 UDP 115.0.1.41:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Host: workgroup][PLAIN TEXT ( FHEPFCELEHFCEPFFFACACACACACACA)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
124 UDP 192.136.1.2:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Host: 5ci_dombin][PLAIN TEXT ( DFEDEJ)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
125 UDP 192.168.1.2:11 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Host: eci_domain][PLAIN TEXT ( EFEDEJ)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
126 UDP 192.168.1.2:88 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Host: eci_domain][PLAIN TEXT ( EFEDEJ)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
127 UDP 192.168.1.2:137 -> 120.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Host: eci_doma][PLAIN TEXT ( EFEDEJ)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
128 UDP 192.168.1.2:137 -> 192.168.1.112:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Host: eci_domain][PLAIN TEXT ( EFEDEJ)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
129 UDP 192.168.1.2:137 -> 192.168.1.255:169 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][PLAIN TEXT ( EFEDEJ)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
130 UDP 192.168.1.2:137 -> 192.168.1.255:905 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][PLAIN TEXT ( EFEDEJ)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
131 UDP 192.168.1.2:137 -> 192.168.1.255:8329 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
132 UDP 192.168.1.2:137 -> 192.168.1.255:25481 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][PLAIN TEXT ( EFEDEJ)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
133 UDP 192.168.1.2:137 -> 192.168.1.255:35721 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][PLAIN TEXT ( EFEDEJ)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
134 UDP 192.168.1.2:137 -> 192.194.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Host: eci_domain][PLAIN TEXT ( EFEDEJ)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
135 UDP 192.168.1.2:137 -> 200.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Host: eci_domain][PLAIN TEXT ( EFEDEJ)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
136 UDP 192.168.1.2:29440 -> 192.168.1.37:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][PLAIN TEXT (EFEDEJFPEEEPENEBEJEOCACACACACAB)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
137 UDP 192.168.1.41:137 -> 107.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Host: workgroup][PLAIN TEXT ( FHEPFCELEHFCEPFFFACACACACACACA)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
138 UDP 192.168.1.41:137 -> 192.168.37.115:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Host: workgroup][PLAIN TEXT ( FHEPFCELEHFCEPFFFACACACACACACA)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
139 UDP 192.168.1.46:53 -> 192.168.1.2:2726 [proto: 5/DNS][cat: Network/14][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Host: sip.cybercity.dk][212.242.33.35][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
140 UDP 192.168.1.202:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Host: eci_dom][PLAIN TEXT ( EFEDEJ)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
141 UDP 192.184.189.41:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Host: workg][PLAIN TEXT ( FHEPFCELEH)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
142 UDP 217.168.1.2:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][PLAIN TEXT ( EFEDEJ)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
143 UDP 0.168.1.2:2783 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
144 UDP 14.168.1.2:2754 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
145 UDP 116.168.1.2:2829 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
146 UDP 128.168.1.2:2810 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][::][PLAIN TEXT (cybescity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
147 UDP 172.168.1.2:2734 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
148 UDP 192.22.1.2:2760 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
149 UDP 192.98.1.2:2752 -> 25.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
150 UDP 192.168.1.2:202 -> 192.168.37.115:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
151 UDP 192.168.1.2:2568 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
152 UDP 192.168.1.2:2640 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
153 UDP 192.168.1.2:2684 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.dybercity.dk][::][PLAIN TEXT (Dybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
154 UDP 192.168.1.2:2722 -> 192.136.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
155 UDP 192.168.1.2:2724 -> 192.168.17.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _zip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
156 UDP 192.168.1.2:2736 -> 192.168.1.17:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
157 UDP 192.168.1.2:2738 -> 192.168.84.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cybercitu.dk][::][PLAIN TEXT (cybercitu)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
158 UDP 192.168.1.2:2752 -> 102.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
159 UDP 192.168.1.2:2772 -> 192.184.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
160 UDP 192.168.1.2:2787 -> 192.168.3.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
161 UDP 192.168.1.2:2791 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
162 UDP 192.168.1.2:2791 -> 192.168.67.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][::][PLAIN TEXT (yberci)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
163 UDP 192.168.1.2:2796 -> 192.168.1.129:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
164 UDP 192.168.1.2:2827 -> 192.168.1.114:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
165 UDP 192.168.1.2:2827 -> 192.170.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cyberc_ty.dk][::][PLAIN TEXT (cyberc)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
166 UDP 192.168.1.2:2832 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
167 UDP 192.168.1.2:10942 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.voip.brujula.net][::][PLAIN TEXT (brujula)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
168 UDP 192.168.1.2:14798 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
169 UDP 192.168.1.2:18162 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][::][PLAIN TEXT (cyhercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
170 UDP 192.168.1.2:19192 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
171 UDP 192.168.1.2:29688 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cyberciby.dk][::][PLAIN TEXT (cyberciby)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
172 UDP 192.168.1.2:35536 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
173 UDP 192.168.1.34:2746 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
174 UDP 192.168.1.53:2791 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
175 UDP 192.168.1.110:2713 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
176 UDP 192.168.1.172:2766 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
177 UDP 192.168.9.2:2774 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
178 UDP 192.168.37.115:2758 -> 128.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
179 UDP 192.168.54.2:2829 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][::][PLAIN TEXT (cibercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
180 UDP 192.168.79.2:2791 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
181 UDP 192.170.1.2:2810 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
182 UDP 200.168.1.2:2785 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Host: _sip._udp.sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
183 UDP 208.168.1.2:2713 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
184 UDP 192.168.1.2:2733 -> 192.168.115.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][Host: 1.0.0.127.in-addr.arqa][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
185 UDP 192.168.1.2:2741 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][Host: 1.0.0.127.in-addr.arpa][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
186 UDP 192.168.1.2:2747 -> 67.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][Host: 1.0.0.127.in-addr.arpa][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
187 UDP 192.168.1.2:2749 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
188 UDP 192.168.1.2:2759 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][Host: 1.0.0.127.sn-addr.arpa][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
189 UDP 192.168.1.2:2769 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][Host: 1.0.0.127.in-addr.arpa][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
190 UDP 192.168.1.2:2773 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][Host: 1.0.0.127.il-addr.arpa][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
191 UDP 192.168.1.2:2784 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
192 UDP 192.168.1.2:2786 -> 192.168.1.3:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][Host: 1.0.0.127.in-ad_r.arpa][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
193 UDP 192.168.1.2:2788 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][Host: 1.0.0.127.in-addr.arpa][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
194 UDP 192.168.1.2:2790 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
195 UDP 192.168.1.2:2792 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][Host: 1.0.0.127.in-addr.arpa][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
196 UDP 192.168.1.2:2799 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][Host: 1.0.0.127.in-addr.arpa][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
197 UDP 192.168.1.2:2811 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
198 UDP 192.168.1.2:2813 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][Host: 1.0.0.127_in-ad_r_arpa___][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
199 UDP 192.168.1.2:2815 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
200 UDP 192.168.1.2:2822 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
201 UDP 192.168.1.2:2828 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][Host: 1.0.0.127.in-addr.arpa][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
202 UDP 192.168.1.18:2751 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
203 UDP 192.168.1.57:2771 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
204 UDP 192.168.1.110:2765 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][Host: 1.0.0.127.in-addr.arpa][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
205 UDP 192.168.33.2:2782 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
206 UDP 194.168.1.2:2807 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
207 UDP 200.168.1.2:2735 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][Host: 1.0.0.127.in-adds.arpa][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
208 TCP 147.234.1.253:21 -> 192.168.1.66:2720 [proto: 1/FTP_CONTROL][cat: Download-FileTransfer-FileSharing/7][1 pkts/81 bytes -> 0 pkts/0 bytes][Goodput ratio: 33/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
209 UDP 192.168.1.2:2712 -> 192.37.115.0:53 [proto: 5/DNS][cat: Network/14][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44/0][< 1 sec][Host: sip.cybercrty.dk][::][PLAIN TEXT (cybercrty)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
210 UDP 192.168.1.2:2712 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44/0][< 1 sec][Host: sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
211 UDP 192.168.1.2:2794 -> 192.168.108.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44/0][< 1 sec][Host: sip.cybercity.dk][::][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
212 UDP 192.114.1.2:2719 -> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/75 bytes -> 0 pkts/0 bytes][Goodput ratio: 43/0][< 1 sec][::][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
213 TCP 147.234.1.253:21 -> 84.168.1.2:2720 [proto: 1/FTP_CONTROL][cat: Download-FileTransfer-FileSharing/7][1 pkts/73 bytes -> 0 pkts/0 bytes][Goodput ratio: 26/0][< 1 sec][PLAIN TEXT (200 Type set to I)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
214 TCP 192.168.1.2:2720 -> 147.117.1.253:21 [proto: 1/FTP_CONTROL][cat: Download-FileTransfer-FileSharing/7][1 pkts/73 bytes -> 0 pkts/0 bytes][Goodput ratio: 26/0][< 1 sec][PLAIN TEXT (RETR Site)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
215 TCP 192.168.1.2:2679 -> 147.234.1.253:21 [proto: 1/FTP_CONTROL][cat: Download-FileTransfer-FileSharing/7][1 pkts/66 bytes -> 0 pkts/0 bytes][Goodput ratio: 18/0][< 1 sec][PLAIN TEXT (PASS d0)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
216 TCP 192.168.1.71:2718 -> 147.137.21.122:139 [proto: 10/NetBIOS][cat: System/18][1 pkts/62 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
217 TCP 147.234.1.253:21 -> 192.2.1.2:2720 [proto: 1/FTP_CONTROL][cat: Download-FileTransfer-FileSharing/7][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 5/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
218 TCP 147.234.1.253:21 -> 192.168.1.2:2208 [proto: 1/FTP_CONTROL][cat: Download-FileTransfer-FileSharing/7][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 5/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
219 TCP 192.112.1.2:2720 -> 147.234.1.253:21 [proto: 1/FTP_CONTROL][cat: Download-FileTransfer-FileSharing/7][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 10/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
220 TCP 37.115.0.2:2639 -> 147.234.1.253:21 [proto: 1/FTP_CONTROL][cat: Download-FileTransfer-FileSharing/7][1 pkts/54 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
221 UDP 192.168.1.6:5060 -> 212.242.33.35:5060 [proto: 100/SIP][cat: VoIP/10][1 pkts/47 bytes -> 0 pkts/0 bytes][Goodput ratio: 10/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Undetected flows:
1 UDP 212.242.33.35:9587 -> 192.168.1.2:196 [proto: 0/Unknown][1 pkts/527 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][< 1 sec][PLAIN TEXT (0 401 Unauthorized)]
2 118 192.168.1.2:0 -> 200.68.120.81:0 [proto: 0/Unknown][1 pkts/417 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][PLAIN TEXT (CANCEL sip)]
3 UDP 192.168.1.2:30001 -> 244.242.33.36:40393 [proto: 0/Unknown][1 pkts/146 bytes -> 0 pkts/0 bytes][Goodput ratio: 71/0][< 1 sec][PLAIN TEXT (11894297)]
4 TCP 147.234.1.170:43690 -> 170.170.170.170:43690 [proto: 0/Unknown][1 pkts/113 bytes -> 0 pkts/0 bytes][Goodput ratio: 34/0][< 1 sec]
5 UDP 192.168.1.1:117 -> 192.168.1.2:2769 [proto: 0/Unknown][1 pkts/105 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec]
6 UDP 192.168.1.1:9587 -> 192.168.1.2:156 [proto: 0/Unknown][1 pkts/105 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec]
7 37 192.168.1.1:0 -> 192.168.1.2:0 [proto: 0/Unknown][1 pkts/105 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
8 UDP 170.170.170.170:43690 -> 170.170.170.170:43690 [proto: 0/Unknown][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec]
9 UDP 192.168.1.2:43690 -> 192.168.170.170:43690 [proto: 0/Unknown][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec]
10 UDP 192.168.170.170:43690 -> 170.170.170.170:43690 [proto: 0/Unknown][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec]
11 UDP 94.168.1.2:2768 -> 192.168.1.1:4 [proto: 0/Unknown][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][PLAIN TEXT (cybercity)]
12 UDP 192.168.1.2:2597 -> 192.168.1.1:29440 [proto: 0/Unknown][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][PLAIN TEXT (cybercity)]
13 UDP 192.168.1.2:2724 -> 192.168.1.1:9587 [proto: 0/Unknown][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][PLAIN TEXT (cybercity)]
14 UDP 192.168.1.2:2730 -> 192.168.1.1:43690 [proto: 0/Unknown][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec]
15 UDP 192.168.1.2:2800 -> 192.168.1.1:21 [proto: 0/Unknown][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 10/0][< 1 sec][PLAIN TEXT (cybmrcity)]
16 UDP 192.168.1.2:2808 -> 192.168.1.1:38709 [proto: 0/Unknown][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][PLAIN TEXT (cybercity)]
17 UDP 192.168.1.2:43690 -> 170.170.170.170:43690 [proto: 0/Unknown][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec]
18 UDP 192.168.1.2:43690 -> 192.170.170.170:43690 [proto: 0/Unknown][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec]
19 UDP 241.168.1.2:27315 -> 192.168.1.1:0 [proto: 0/Unknown][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 69/0][< 1 sec][PLAIN TEXT (cybercity)]
20 19 192.168.1.2:0 -> 192.168.1.1:0 [proto: 0/Unknown][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][PLAIN TEXT (sipwcybercity)]
21 127 192.168.1.2:0 -> 192.168.1.1:0 [proto: 0/Unknown][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][PLAIN TEXT (bybercity)]
22 240 192.168.1.2:0 -> 192.168.1.1:0 [proto: 0/Unknown][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
23 UDP 192.168.1.2:2805 -> 192.168.1.1:51 [proto: 0/Unknown][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec]
24 UDP 192.168.1.170:43690 -> 170.170.170.170:43690 [proto: 0/Unknown][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec]
25 UDP 192.168.1.2:2712 -> 192.168.1.1:49973 [proto: 0/Unknown][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44/0][< 1 sec][PLAIN TEXT (cybercity)]
26 TCP 37.115.0.253:58999 -> 192.168.1.2:2721 [proto: 0/Unknown][1 pkts/62 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
27 TCP 147.234.1.253:1045 -> 192.168.1.2:2720 [proto: 0/Unknown][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 5/0][< 1 sec]
28 TCP 147.234.1.253:58999 -> 192.232.1.2:2721 [proto: 0/Unknown][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
29 TCP 192.168.1.2:0 -> 147.234.1.253:0 [proto: 0/Unknown][1 pkts/54 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
30 TCP 192.168.1.2:2721 -> 147.234.1.253:58999 [proto: 0/Unknown][1 pkts/54 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
1 UDP 212.242.33.35:9587 -> 192.168.1.2:196 [proto: 0/Unknown][1 pkts/527 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][< 1 sec][PLAIN TEXT (0 401 Unauthorized)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 118 192.168.1.2:0 -> 200.68.120.81:0 [proto: 0/Unknown][1 pkts/417 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][PLAIN TEXT (CANCEL sip)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 UDP 192.168.1.2:30001 -> 244.242.33.36:40393 [proto: 0/Unknown][1 pkts/146 bytes -> 0 pkts/0 bytes][Goodput ratio: 71/0][< 1 sec][PLAIN TEXT (11894297)][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 TCP 147.234.1.170:43690 -> 170.170.170.170:43690 [proto: 0/Unknown][1 pkts/113 bytes -> 0 pkts/0 bytes][Goodput ratio: 34/0][< 1 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 UDP 192.168.1.1:117 -> 192.168.1.2:2769 [proto: 0/Unknown][1 pkts/105 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
6 UDP 192.168.1.1:9587 -> 192.168.1.2:156 [proto: 0/Unknown][1 pkts/105 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
7 37 192.168.1.1:0 -> 192.168.1.2:0 [proto: 0/Unknown][1 pkts/105 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
8 UDP 170.170.170.170:43690 -> 170.170.170.170:43690 [proto: 0/Unknown][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
9 UDP 192.168.1.2:43690 -> 192.168.170.170:43690 [proto: 0/Unknown][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
10 UDP 192.168.170.170:43690 -> 170.170.170.170:43690 [proto: 0/Unknown][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
11 UDP 94.168.1.2:2768 -> 192.168.1.1:4 [proto: 0/Unknown][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
12 UDP 192.168.1.2:2597 -> 192.168.1.1:29440 [proto: 0/Unknown][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
13 UDP 192.168.1.2:2724 -> 192.168.1.1:9587 [proto: 0/Unknown][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
14 UDP 192.168.1.2:2730 -> 192.168.1.1:43690 [proto: 0/Unknown][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
15 UDP 192.168.1.2:2800 -> 192.168.1.1:21 [proto: 0/Unknown][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 10/0][< 1 sec][PLAIN TEXT (cybmrcity)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
16 UDP 192.168.1.2:2808 -> 192.168.1.1:38709 [proto: 0/Unknown][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
17 UDP 192.168.1.2:43690 -> 170.170.170.170:43690 [proto: 0/Unknown][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
18 UDP 192.168.1.2:43690 -> 192.170.170.170:43690 [proto: 0/Unknown][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
19 UDP 241.168.1.2:27315 -> 192.168.1.1:0 [proto: 0/Unknown][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 69/0][< 1 sec][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
20 19 192.168.1.2:0 -> 192.168.1.1:0 [proto: 0/Unknown][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][PLAIN TEXT (sipwcybercity)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
21 127 192.168.1.2:0 -> 192.168.1.1:0 [proto: 0/Unknown][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][PLAIN TEXT (bybercity)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
22 240 192.168.1.2:0 -> 192.168.1.1:0 [proto: 0/Unknown][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
23 UDP 192.168.1.2:2805 -> 192.168.1.1:51 [proto: 0/Unknown][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
24 UDP 192.168.1.170:43690 -> 170.170.170.170:43690 [proto: 0/Unknown][1 pkts/82 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
25 UDP 192.168.1.2:2712 -> 192.168.1.1:49973 [proto: 0/Unknown][1 pkts/76 bytes -> 0 pkts/0 bytes][Goodput ratio: 44/0][< 1 sec][PLAIN TEXT (cybercity)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
26 TCP 37.115.0.253:58999 -> 192.168.1.2:2721 [proto: 0/Unknown][1 pkts/62 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
27 TCP 147.234.1.253:1045 -> 192.168.1.2:2720 [proto: 0/Unknown][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 5/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
28 TCP 147.234.1.253:58999 -> 192.232.1.2:2721 [proto: 0/Unknown][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
29 TCP 192.168.1.2:0 -> 147.234.1.253:0 [proto: 0/Unknown][1 pkts/54 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
30 TCP 192.168.1.2:2721 -> 147.234.1.253:58999 [proto: 0/Unknown][1 pkts/54 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

80
tests/result/fuzz-2006-09-29-28586.pcap.out
View file

@ -2,46 +2,46 @@ Unknown 3 655 3
HTTP 117 27855 36
Cloudflare 1 854 1
1 TCP 172.20.3.5:2601 <-> 172.20.3.13:80 [proto: 7/HTTP][cat: Web/5][9 pkts/6343 bytes <-> 4 pkts/409 bytes][Goodput ratio: 92/46][11.25 sec][bytes ratio: 0.879 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/104 67/128 469/152 164/24][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 705/102 1514/243 721/81][PLAIN TEXT (POST /servlets/mms HTTP/1.1)]
2 TCP 172.20.3.5:2606 <-> 172.20.3.13:80 [proto: 7/HTTP][cat: Web/5][8 pkts/2287 bytes <-> 5 pkts/2963 bytes][Goodput ratio: 80/91][11.18 sec][Host: 172.20.3.13][bytes ratio: -0.129 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 58/58 177/172 83/81][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 286/593 1514/1514 478/662][URL: 172.20.3.13/servlets/mms?message-id=189301][StatusCode: 0][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (GET /servlets/mms)]
3 TCP 172.20.3.5:2604 <-> 172.20.3.13:80 [proto: 7/HTTP][cat: Web/5][5 pkts/1754 bytes <-> 4 pkts/583 bytes][Goodput ratio: 83/62][11.17 sec][Host: 172.20.3.13][bytes ratio: 0.501 (Upload)][IAT c2s/s2c min/avg/max/stddev: 307/81 2793/3724 10864/10997 4662/5143][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 351/146 1514/417 582/157][URL: 172.20.3.13/servlets/mms?message-id=189001][StatusCode: 200][User-Agent: SonyEricssonT68/R201A][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (GET /servlets/mms)]
4 TCP 172.20.3.13:53132 <-> 172.20.3.5:80 [proto: 7/HTTP][cat: Web/5][9 pkts/1650 bytes <-> 4 pkts/240 bytes][Goodput ratio: 70/0][5.14 sec][Host: %s][bytes ratio: 0.746 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 734/1 4911/1 1706/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 183/60 894/60 270/0][URL: %s][StatusCode: 0][Content-Type: multipart/related][User-Agent: MMS-Relay-DeliveryInitiator][PLAIN TEXT (POST /ppgctrl/ppgcontrollogic.d)]
5 TCP 172.20.3.5:2602 <-> 172.20.3.13:80 [proto: 7/HTTP][cat: Web/5][4 pkts/942 bytes <-> 4 pkts/703 bytes][Goodput ratio: 75/69][11.10 sec][Host: 172.20.3.13][bytes ratio: 0.145 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/106 3699/5548 10844/10989 5054/5442][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 236/176 762/541 304/211][URL: 172.20.3.13.servlets/mms][StatusCode: 200][Content-Type: application/xml][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (POST .servlets/mms HTTP/1.1)]
6 TCP 172.20.3.13:53136 <-> 172.20.3.5:80 [proto: 7/HTTP][cat: Web/5][5 pkts/586 bytes <-> 6 pkts/999 bytes][Goodput ratio: 54/66][5.21 sec][bytes ratio: -0.261 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/96 1737/1302 4910/5010 2247/2141][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 117/166 370/481 126/150][PLAIN TEXT (POST /ppgctrl/ppgcon)]
7 TCP 172.20.3.5:9587 -> 172.20.3.13:80 [proto: 7/HTTP][cat: Web/5][1 pkts/1514 bytes -> 0 pkts/0 bytes][Goodput ratio: 96/0][< 1 sec][PLAIN TEXT (POST /servlets/mms HTTP/)]
8 TCP 172.20.3.13:80 -> 172.20.72.5:2606 [proto: 7/HTTP][cat: Web/5][1 pkts/1514 bytes -> 0 pkts/0 bytes][Goodput ratio: 96/0][< 1 sec][PLAIN TEXT (HTTP/1.1 200 OK)]
9 TCP 172.20.3.13:80 <-> 172.20.3.5:2608 [proto: 7/HTTP][cat: Web/5][1 pkts/58 bytes <-> 3 pkts/882 bytes][Goodput ratio: 0/80][0.25 sec][PLAIN TEXT (POST /servlets/mms HTTP/1.1)]
10 TCP 172.20.3.13:53136 -> 172.70.3.5:80 [proto: 7.220/HTTP.Cloudflare][cat: Web/5][1 pkts/854 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (msgpart)]
11 TCP 172.20.3.5:2607 <-> 172.20.3.13:80 [proto: 7/HTTP][cat: Web/5][4 pkts/657 bytes <-> 2 pkts/112 bytes][Goodput ratio: 64/0][0.21 sec][bytes ratio: 0.709 (Upload)][IAT c2s/s2c min/avg/max/stddev: 207/1 69/1 207/1 98/0][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 164/56 477/58 181/2][PLAIN TEXT (201.xml)]
12 TCP 172.20.3.5:2603 <-> 172.20.3.13:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 4 pkts/363 bytes][Goodput ratio: 0/39][11.06 sec][bytes ratio: -0.503 (Download)][IAT c2s/s2c min/avg/max/stddev: 216/2 216/35 216/68 0/33][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 60/91 60/197 0/61][PLAIN TEXT (HTTP/1.1 200 OK)]
13 TCP 172.6.3.5:80 -> 172.20.3.13:53132 [proto: 7/HTTP][cat: Web/5][1 pkts/481 bytes -> 0 pkts/0 bytes][Goodput ratio: 89/0][< 1 sec][PLAIN TEXT (xml version)]
14 TCP 51.20.3.5:2605 -> 172.20.3.13:80 [proto: 7/HTTP][cat: Web/5][1 pkts/477 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][< 1 sec][PLAIN TEXT (201.xml)]
15 TCP 172.20.3.5:2605 <-> 172.20.3.13:80 [proto: 7/HTTP][cat: Web/5][4 pkts/240 bytes <-> 1 pkts/58 bytes][Goodput ratio: 0/0][11.06 sec]
16 TCP 172.20.3.5:2600 <-> 172.20.3.13:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes][Goodput ratio: 0/0][0.00 sec]
17 TCP 172.20.2.13:80 -> 172.20.3.5:2607 [proto: 7/HTTP][cat: Web/5][1 pkts/197 bytes -> 0 pkts/0 bytes][Goodput ratio: 10/0][< 1 sec][PLAIN TEXT (HTTP/1.1 200 OK)]
18 TCP 172.20.3.13:80 -> 44.20.3.5:2605 [proto: 7/HTTP][cat: Web/5][1 pkts/197 bytes -> 0 pkts/0 bytes][Goodput ratio: 72/0][< 1 sec][PLAIN TEXT (HTTP/1.1 220 OK)]
19 TCP 172.20.3.5:80 -> 172.57.3.13:53132 [proto: 7/HTTP][cat: Web/5][1 pkts/195 bytes -> 0 pkts/0 bytes][Goodput ratio: 72/0][< 1 sec][PLAIN TEXT (HTTo/1.1 202 Accepted)]
20 TCP 172.20.3.1:80 -> 172.20.3.13:53132 [proto: 7/HTTP][cat: Web/5][1 pkts/143 bytes -> 0 pkts/0 bytes][Goodput ratio: 62/0][< 1 sec][PLAIN TEXT (HTTP/1.1 100 Continue)]
21 TCP 172.20.3.13:53193 -> 172.20.3.5:80 [proto: 7/HTTP][cat: Web/5][1 pkts/62 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
22 TCP 172.20.3.5:80 -> 172.20.35.13:53136 [proto: 7/HTTP][cat: Web/5][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
23 TCP 172.20.3.5:2602 -> 172.21.3.13:80 [proto: 7/HTTP][cat: Web/5][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
24 TCP 172.20.3.5:2603 -> 68.37.115.0:80 [proto: 7/HTTP][cat: Web/5][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
25 TCP 172.20.3.5:2603 -> 72.20.3.13:80 [proto: 7/HTTP][cat: Web/5][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
26 TCP 172.20.3.5:2603 -> 172.20.3.77:80 [proto: 7/HTTP][cat: Web/5][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
27 TCP 172.20.3.13:80 -> 76.20.3.5:2602 [proto: 7/HTTP][cat: Web/5][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
28 TCP 0.20.3.13:80 -> 172.20.3.5:2601 [proto: 7/HTTP][cat: Web/5][1 pkts/54 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
29 TCP 172.20.3.13:80 -> 172.20.3.5:2639 [proto: 7/HTTP][cat: Web/5][1 pkts/54 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
30 TCP 172.20.3.13:80 -> 172.20.68.5:2604 [proto: 7/HTTP][cat: Web/5][1 pkts/54 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
31 TCP 172.20.3.13:80 -> 172.20.76.5:65069 [proto: 7/HTTP][cat: Web/5][1 pkts/54 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
32 TCP 172.20.3.13:80 -> 172.20.82.5:2603 [proto: 7/HTTP][cat: Web/5][1 pkts/54 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
33 TCP 172.20.3.13:80 -> 172.20.148.5:2608 [proto: 7/HTTP][cat: Web/5][1 pkts/54 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
34 TCP 172.20.3.13:81 -> 172.20.3.5:2601 [proto: 7/HTTP][cat: Web/5][1 pkts/54 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
35 TCP 172.20.3.88:80 -> 172.20.3.82:2601 [proto: 7/HTTP][cat: Web/5][1 pkts/54 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
36 TCP 172.20.67.13:53136 -> 172.20.3.5:80 [proto: 7/HTTP][cat: Web/5][1 pkts/54 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
37 TCP 172.52.3.13:80 -> 172.20.3.5:2093 [proto: 7/HTTP][cat: Web/5][1 pkts/54 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
1 TCP 172.20.3.5:2601 <-> 172.20.3.13:80 [proto: 7/HTTP][cat: Web/5][9 pkts/6343 bytes <-> 4 pkts/409 bytes][Goodput ratio: 92/46][11.25 sec][bytes ratio: 0.879 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/104 67/128 469/152 164/24][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 705/102 1514/243 721/81][PLAIN TEXT (POST /servlets/mms HTTP/1.1)][Plen Bins: 16,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,66,0]
2 TCP 172.20.3.5:2606 <-> 172.20.3.13:80 [proto: 7/HTTP][cat: Web/5][8 pkts/2287 bytes <-> 5 pkts/2963 bytes][Goodput ratio: 80/91][11.18 sec][Host: 172.20.3.13][bytes ratio: -0.129 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 58/58 177/172 83/81][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 286/593 1514/1514 478/662][URL: 172.20.3.13/servlets/mms?message-id=189301][StatusCode: 0][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (GET /servlets/mms)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,50,0]
3 TCP 172.20.3.5:2604 <-> 172.20.3.13:80 [proto: 7/HTTP][cat: Web/5][5 pkts/1754 bytes <-> 4 pkts/583 bytes][Goodput ratio: 83/62][11.17 sec][Host: 172.20.3.13][bytes ratio: 0.501 (Upload)][IAT c2s/s2c min/avg/max/stddev: 307/81 2793/3724 10864/10997 4662/5143][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 351/146 1514/417 582/157][URL: 172.20.3.13/servlets/mms?message-id=189001][StatusCode: 200][User-Agent: SonyEricssonT68/R201A][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (GET /servlets/mms)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0]
4 TCP 172.20.3.13:53132 <-> 172.20.3.5:80 [proto: 7/HTTP][cat: Web/5][9 pkts/1650 bytes <-> 4 pkts/240 bytes][Goodput ratio: 70/0][5.14 sec][Host: %s][bytes ratio: 0.746 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 734/1 4911/1 1706/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 183/60 894/60 270/0][URL: %s][StatusCode: 0][Content-Type: multipart/related][User-Agent: MMS-Relay-DeliveryInitiator][PLAIN TEXT (POST /ppgctrl/ppgcontrollogic.d)][Plen Bins: 0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 TCP 172.20.3.5:2602 <-> 172.20.3.13:80 [proto: 7/HTTP][cat: Web/5][4 pkts/942 bytes <-> 4 pkts/703 bytes][Goodput ratio: 75/69][11.10 sec][Host: 172.20.3.13][bytes ratio: 0.145 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/106 3699/5548 10844/10989 5054/5442][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 236/176 762/541 304/211][URL: 172.20.3.13.servlets/mms][StatusCode: 200][Content-Type: application/xml][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (POST .servlets/mms HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
6 TCP 172.20.3.13:53136 <-> 172.20.3.5:80 [proto: 7/HTTP][cat: Web/5][5 pkts/586 bytes <-> 6 pkts/999 bytes][Goodput ratio: 54/66][5.21 sec][bytes ratio: -0.261 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/96 1737/1302 4910/5010 2247/2141][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 117/166 370/481 126/150][PLAIN TEXT (POST /ppgctrl/ppgcon)][Plen Bins: 0,0,25,0,25,0,0,0,0,25,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
7 TCP 172.20.3.5:9587 -> 172.20.3.13:80 [proto: 7/HTTP][cat: Web/5][1 pkts/1514 bytes -> 0 pkts/0 bytes][Goodput ratio: 96/0][< 1 sec][PLAIN TEXT (POST /servlets/mms HTTP/)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0]
8 TCP 172.20.3.13:80 -> 172.20.72.5:2606 [proto: 7/HTTP][cat: Web/5][1 pkts/1514 bytes -> 0 pkts/0 bytes][Goodput ratio: 96/0][< 1 sec][PLAIN TEXT (HTTP/1.1 200 OK)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0]
9 TCP 172.20.3.13:80 <-> 172.20.3.5:2608 [proto: 7/HTTP][cat: Web/5][1 pkts/58 bytes <-> 3 pkts/882 bytes][Goodput ratio: 0/80][0.25 sec][PLAIN TEXT (POST /servlets/mms HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
10 TCP 172.20.3.13:53136 -> 172.70.3.5:80 [proto: 7.220/HTTP.Cloudflare][cat: Web/5][1 pkts/854 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (msgpart)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
11 TCP 172.20.3.5:2607 <-> 172.20.3.13:80 [proto: 7/HTTP][cat: Web/5][4 pkts/657 bytes <-> 2 pkts/112 bytes][Goodput ratio: 64/0][0.21 sec][bytes ratio: 0.709 (Upload)][IAT c2s/s2c min/avg/max/stddev: 207/1 69/1 207/1 98/0][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 164/56 477/58 181/2][PLAIN TEXT (201.xml)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
12 TCP 172.20.3.5:2603 <-> 172.20.3.13:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 4 pkts/363 bytes][Goodput ratio: 0/39][11.06 sec][bytes ratio: -0.503 (Download)][IAT c2s/s2c min/avg/max/stddev: 216/2 216/35 216/68 0/33][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 60/91 60/197 0/61][PLAIN TEXT (HTTP/1.1 200 OK)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
13 TCP 172.6.3.5:80 -> 172.20.3.13:53132 [proto: 7/HTTP][cat: Web/5][1 pkts/481 bytes -> 0 pkts/0 bytes][Goodput ratio: 89/0][< 1 sec][PLAIN TEXT (xml version)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
14 TCP 51.20.3.5:2605 -> 172.20.3.13:80 [proto: 7/HTTP][cat: Web/5][1 pkts/477 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][< 1 sec][PLAIN TEXT (201.xml)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
15 TCP 172.20.3.5:2605 <-> 172.20.3.13:80 [proto: 7/HTTP][cat: Web/5][4 pkts/240 bytes <-> 1 pkts/58 bytes][Goodput ratio: 0/0][11.06 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
16 TCP 172.20.3.5:2600 <-> 172.20.3.13:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes][Goodput ratio: 0/0][0.00 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
17 TCP 172.20.2.13:80 -> 172.20.3.5:2607 [proto: 7/HTTP][cat: Web/5][1 pkts/197 bytes -> 0 pkts/0 bytes][Goodput ratio: 10/0][< 1 sec][PLAIN TEXT (HTTP/1.1 200 OK)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
18 TCP 172.20.3.13:80 -> 44.20.3.5:2605 [proto: 7/HTTP][cat: Web/5][1 pkts/197 bytes -> 0 pkts/0 bytes][Goodput ratio: 72/0][< 1 sec][PLAIN TEXT (HTTP/1.1 220 OK)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
19 TCP 172.20.3.5:80 -> 172.57.3.13:53132 [proto: 7/HTTP][cat: Web/5][1 pkts/195 bytes -> 0 pkts/0 bytes][Goodput ratio: 72/0][< 1 sec][PLAIN TEXT (HTTo/1.1 202 Accepted)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
20 TCP 172.20.3.1:80 -> 172.20.3.13:53132 [proto: 7/HTTP][cat: Web/5][1 pkts/143 bytes -> 0 pkts/0 bytes][Goodput ratio: 62/0][< 1 sec][PLAIN TEXT (HTTP/1.1 100 Continue)][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
21 TCP 172.20.3.13:53193 -> 172.20.3.5:80 [proto: 7/HTTP][cat: Web/5][1 pkts/62 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
22 TCP 172.20.3.5:80 -> 172.20.35.13:53136 [proto: 7/HTTP][cat: Web/5][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
23 TCP 172.20.3.5:2602 -> 172.21.3.13:80 [proto: 7/HTTP][cat: Web/5][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
24 TCP 172.20.3.5:2603 -> 68.37.115.0:80 [proto: 7/HTTP][cat: Web/5][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
25 TCP 172.20.3.5:2603 -> 72.20.3.13:80 [proto: 7/HTTP][cat: Web/5][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
26 TCP 172.20.3.5:2603 -> 172.20.3.77:80 [proto: 7/HTTP][cat: Web/5][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
27 TCP 172.20.3.13:80 -> 76.20.3.5:2602 [proto: 7/HTTP][cat: Web/5][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
28 TCP 0.20.3.13:80 -> 172.20.3.5:2601 [proto: 7/HTTP][cat: Web/5][1 pkts/54 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
29 TCP 172.20.3.13:80 -> 172.20.3.5:2639 [proto: 7/HTTP][cat: Web/5][1 pkts/54 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
30 TCP 172.20.3.13:80 -> 172.20.68.5:2604 [proto: 7/HTTP][cat: Web/5][1 pkts/54 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
31 TCP 172.20.3.13:80 -> 172.20.76.5:65069 [proto: 7/HTTP][cat: Web/5][1 pkts/54 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
32 TCP 172.20.3.13:80 -> 172.20.82.5:2603 [proto: 7/HTTP][cat: Web/5][1 pkts/54 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
33 TCP 172.20.3.13:80 -> 172.20.148.5:2608 [proto: 7/HTTP][cat: Web/5][1 pkts/54 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
34 TCP 172.20.3.13:81 -> 172.20.3.5:2601 [proto: 7/HTTP][cat: Web/5][1 pkts/54 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
35 TCP 172.20.3.88:80 -> 172.20.3.82:2601 [proto: 7/HTTP][cat: Web/5][1 pkts/54 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
36 TCP 172.20.67.13:53136 -> 172.20.3.5:80 [proto: 7/HTTP][cat: Web/5][1 pkts/54 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
37 TCP 172.52.3.13:80 -> 172.20.3.5:2093 [proto: 7/HTTP][cat: Web/5][1 pkts/54 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Undetected flows:
1 115 172.20.3.13:0 -> 172.20.3.5:0 [proto: 0/Unknown][1 pkts/541 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][PLAIN TEXT (HTTP/1.1 200 OK)]
2 TCP 170.170.170.170:43690 -> 170.170.170.170:43690 [proto: 0/Unknown][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
3 TCP 172.20.3.13:0 -> 172.20.3.5:0 [proto: 0/Unknown][1 pkts/54 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
1 115 172.20.3.13:0 -> 172.20.3.5:0 [proto: 0/Unknown][1 pkts/541 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][PLAIN TEXT (HTTP/1.1 200 OK)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 TCP 170.170.170.170:43690 -> 170.170.170.170:43690 [proto: 0/Unknown][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 TCP 172.20.3.13:0 -> 172.20.3.5:0 [proto: 0/Unknown][1 pkts/54 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

154
tests/result/fuzz-2020-02-16-11740.pcap.out
View file

@ -3,83 +3,83 @@ SkypeCall 1 725 1
VRRP 1 725 1
Radius 301 145048 63
1 UDP 10.12.64.30:29200 <-> 198.226.25.53:1812 [proto: 146/Radius][cat: Network/14][110 pkts/79894 bytes <-> 102 pkts/24138 bytes][Goodput ratio: 93/82][2575.21 sec][bytes ratio: 0.536 (Upload)][IAT c2s/s2c min/avg/max/stddev: 21/154 25882/28068 567977/452627 75856/68610][Pkt Len c2s/s2c min/avg/max/stddev: 697/179 726/237 745/318 20/53][PLAIN TEXT (50311480271516480@wlan.mnc480.m)]
2 UDP 10.12.64.30:29200 <-> 198.226.25.62:1812 [proto: 146/Radius][cat: Network/14][12 pkts/8682 bytes <-> 6 pkts/1365 bytes][Goodput ratio: 94/81][1507.26 sec][bytes ratio: 0.728 (Upload)][IAT c2s/s2c min/avg/max/stddev: 195/217 150274/201744 597367/597234 204869/243404][Pkt Len c2s/s2c min/avg/max/stddev: 660/165 724/228 745/318 27/65][PLAIN TEXT (50311480281501589@wlan.mnc480.m)]
3 UDP 10.12.64.30:29200 <-> 198.226.25.53:1813 [proto: 146/Radius][cat: Network/14][6 pkts/3539 bytes <-> 4 pkts/620 bytes][Goodput ratio: 93/73][2002.35 sec][bytes ratio: 0.702 (Upload)][IAT c2s/s2c min/avg/max/stddev: 6131/15399 400469/467937 1165850/1229729 441254/541835][Pkt Len c2s/s2c min/avg/max/stddev: 251/147 590/155 876/179 230/14][PLAIN TEXT (50311480073638072@wlan.mnc400.m)]
4 UDP 10.4.64.30:29200 -> 198.226.25.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/745 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (50311480278501009@wlan.mnc4)]
5 UDP 10.6.64.30:29200 -> 198.226.25.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/745 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (50311480281501589@wlan.mnc480.m)]
6 UDP 10.12.64.30:29200 -> 108.226.25.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/745 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (5031148027)]
7 UDP 10.12.64.30:29200 -> 198.48.25.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/745 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (503114802)]
8 UDP 10.12.64.30:29200 -> 198.114.25.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/745 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)]
9 UDP 10.12.64.30:29200 -> 198.224.25.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/745 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (WISPRc0)]
10 UDP 10.12.64.30:29200 -> 198.226.25.21:1812 [proto: 146/Radius][cat: Network/14][1 pkts/745 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (50311480232568631)]
11 UDP 10.12.64.30:29200 -> 206.226.25.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/745 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)]
12 UDP 10.12.64.30:29304 -> 198.226.25.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/745 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan)]
13 UDP 10.12.64.30:30224 -> 198.226.25.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/745 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)]
14 UDP 10.12.64.37:29200 -> 0.226.25.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/745 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (311480281501589@wlan.mnc480.mcc)]
15 UDP 10.12.64.110:29200 -> 198.226.25.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/745 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (503114800736c)]
16 UDP 10.12.82.30:29200 -> 198.226.25.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/745 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)]
17 UDP 10.76.64.30:29200 -> 198.226.25.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/745 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (0311480071394304@wlan.mncD)]
18 UDP 57.12.64.30:29200 -> 198.226.25.53:28948 [proto: 146/Radius][cat: Network/14][1 pkts/745 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (50311480250864628)]
19 UDP 182.12.64.30:29200 -> 198.226.25.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/745 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (5031148)]
20 UDP 10.12.64.30:29200 -> 198.119.25.53:1812 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/725 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][Risk: ** Known protocol on non standard port **]
21 UDP 10.12.64.30:29200 -> 198.226.25.53:1796 [proto: 146/Radius][cat: Network/14][1 pkts/725 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (11480073638072@wlan.mnc)]
22 UDP 10.12.64.30:29200 -> 198.226.37.0:1812 [proto: 146/Radius][cat: Network/14][1 pkts/725 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (50311480250864628@wlan.Vn)]
23 UDP 10.12.64.30:29232 -> 198.226.25.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/725 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)]
24 UDP 10.12.64.30:29289 -> 198.226.25.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/725 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)]
25 UDP 10.84.37.0:29200 -> 198.226.25.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/725 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)]
26 VRRP 10.12.64.30:0 -> 198.226.25.53:0 [proto: 73/VRRP][cat: Network/14][1 pkts/725 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][PLAIN TEXT (50311480250864628@wlan.mnc480.m)]
27 UDP 10.8.64.30:29200 -> 198.226.25.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/697 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (50311480232568631@wlan.mnc490.m)]
28 UDP 10.12.64.30:29200 -> 198.226.77.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/697 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (50311480281501589@wlan.mnc480.m)]
29 UDP 10.12.64.30:29200 -> 198.226.80.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/697 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (50311480432608586@slan.mnc480.m)]
30 UDP 88.12.80.30:29200 -> 198.226.25.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/697 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (50311480281501589@wlan.mnc480.m)]
31 UDP 10.12.69.30:29200 -> 198.226.25.53:1813 [proto: 146/Radius][cat: Network/14][1 pkts/671 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec]
32 UDP 198.226.25.53:1812 -> 10.12.37.0:29200 [proto: 146/Radius][cat: Network/14][2 pkts/557 bytes -> 0 pkts/0 bytes][Goodput ratio: 85/0][908.94 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)]
33 UDP 198.226.25.53:1895 -> 10.12.64.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/318 bytes -> 0 pkts/0 bytes][Goodput ratio: 87/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)]
34 UDP 198.226.25.62:1812 -> 10.12.37.0:29200 [proto: 146/Radius][cat: Network/14][1 pkts/318 bytes -> 0 pkts/0 bytes][Goodput ratio: 87/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)]
35 UDP 37.0.25.62:1812 -> 10.12.64.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)]
36 UDP 72.226.25.53:1812 -> 10.12.64.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][PLAIN TEXT (0311480073638072@wMan.ync)]
37 UDP 198.7.9.53:1812 -> 10.12.64.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][PLAIN TEXT (50313480073638072@wlan.mnc480.m)]
38 UDP 198.157.25.53:1812 -> 10.12.64.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)]
39 UDP 198.226.25.53:1812 -> 10.12.64.30:22544 [proto: 146/Radius][cat: Network/14][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][PLAIN TEXT (50311480250864628@wlan.mnc480.m)]
40 UDP 198.226.25.53:1812 -> 10.12.64.30:29208 [proto: 146/Radius][cat: Network/14][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)]
41 UDP 198.226.25.53:1812 -> 10.12.64.66:29200 [proto: 146/Radius][cat: Network/14][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][PLAIN TEXT (503114800736S)]
42 UDP 198.226.25.53:1812 -> 10.12.64.73:29200 [proto: 146/Radius][cat: Network/14][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)]
43 UDP 198.226.25.53:1812 -> 10.12.120.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec]
44 UDP 198.226.25.53:1812 -> 10.12.172.158:29200 [proto: 146/Radius][cat: Network/14][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)]
45 UDP 198.226.25.53:1812 -> 10.28.64.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][PLAIN TEXT (50311480250864628@wlan.mnc480.m)]
46 UDP 198.226.25.53:1812 -> 10.56.64.30:9472 [proto: 146/Radius][cat: Network/14][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)]
47 UDP 198.226.25.53:1812 -> 65.12.64.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][PLAIN TEXT (50311480250864628@wlan.mnc480.m)]
48 UDP 198.226.25.53:1965 -> 10.12.64.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)]
49 UDP 198.226.25.62:1812 -> 10.12.64.30:29295 [proto: 146/Radius][cat: Network/14][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)]
50 UDP 198.226.82.53:1812 -> 10.12.64.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)]
51 UDP 198.230.25.62:1812 -> 10.12.64.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)]
52 UDP 198.52.25.53:1812 -> 10.12.64.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/206 bytes -> 0 pkts/0 bytes][Goodput ratio: 79/0][< 1 sec][PLAIN TEXT (50311480281501589@Klan.mnc480.m)]
53 UDP 198.162.25.53:1810 -> 10.12.64.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/206 bytes -> 0 pkts/0 bytes][Goodput ratio: 79/0][< 1 sec][PLAIN TEXT (50311480281501589@wlan.Gnc480.m)]
54 UDP 198.226.25.53:1812 -> 10.12.112.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/206 bytes -> 0 pkts/0 bytes][Goodput ratio: 79/0][< 1 sec][PLAIN TEXT (50311480071394304@wlan.mnc480.m)]
55 UDP 198.226.25.53:43028 -> 10.12.64.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/206 bytes -> 0 pkts/0 bytes][Goodput ratio: 79/0][< 1 sec][PLAIN TEXT (50311480432608586@wlan.mnc480.m)]
56 UDP 198.226.25.53:1812 -> 10.12.64.30:29204 [proto: 146/Radius][cat: Network/14][1 pkts/179 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][PLAIN TEXT (50311480071394304@wlan.mnc480.m)]
57 UDP 198.226.25.53:1812 -> 10.12.64.30:29270 [proto: 146/Radius][cat: Network/14][1 pkts/179 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][PLAIN TEXT (503114w)]
58 UDP 198.226.25.53:1812 -> 10.81.64.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/179 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][PLAIN TEXT (50311480432608586@wlan.mnc480.m)]
59 UDP 198.226.25.53:1812 -> 10.82.64.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/179 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][PLAIN TEXT (50311480281501589@wlan.mnc480.m)]
60 UDP 198.226.25.53:1812 -> 10.102.64.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/179 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][PLAIN TEXT (480271516480@wlan.mnc)]
61 UDP 198.226.25.53:1812 -> 74.12.64.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/179 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][PLAIN TEXT (50311480281501589@wlan.mnc480.m)]
62 UDP 198.226.25.53:3860 -> 14.12.64.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/179 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][PLAIN TEXT (50311480432608586@wlan.mnc480.m)]
63 UDP 198.234.25.53:1812 -> 10.12.64.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/179 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][PLAIN TEXT (11480281501589@wlan.mnc)]
64 UDP 198.226.25.53:1813 -> 10.12.64.30:21008 [proto: 146/Radius][cat: Network/14][1 pkts/147 bytes -> 0 pkts/0 bytes][Goodput ratio: 71/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)]
65 UDP 198.226.25.53:1813 -> 10.12.64.30:29264 [proto: 146/Radius][cat: Network/14][1 pkts/147 bytes -> 0 pkts/0 bytes][Goodput ratio: 71/0][< 1 sec][PLAIN TEXT (50311480073638072@wla)]
1 UDP 10.12.64.30:29200 <-> 198.226.25.53:1812 [proto: 146/Radius][cat: Network/14][110 pkts/79894 bytes <-> 102 pkts/24138 bytes][Goodput ratio: 93/82][2575.21 sec][bytes ratio: 0.536 (Upload)][IAT c2s/s2c min/avg/max/stddev: 21/154 25882/28068 567977/452627 75856/68610][Pkt Len c2s/s2c min/avg/max/stddev: 697/179 726/237 745/318 20/53][PLAIN TEXT (50311480271516480@wlan.mnc480.m)][Plen Bins: 0,0,0,0,12,12,10,0,12,0,0,0,0,0,0,0,0,0,0,0,14,36,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 UDP 10.12.64.30:29200 <-> 198.226.25.62:1812 [proto: 146/Radius][cat: Network/14][12 pkts/8682 bytes <-> 6 pkts/1365 bytes][Goodput ratio: 94/81][1507.26 sec][bytes ratio: 0.728 (Upload)][IAT c2s/s2c min/avg/max/stddev: 195/217 150274/201744 597367/597234 204869/243404][Pkt Len c2s/s2c min/avg/max/stddev: 660/165 724/228 745/318 27/65][PLAIN TEXT (50311480281501589@wlan.mnc480.m)][Plen Bins: 0,0,0,5,11,5,0,0,11,0,0,0,0,0,0,0,0,0,0,5,16,44,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 UDP 10.12.64.30:29200 <-> 198.226.25.53:1813 [proto: 146/Radius][cat: Network/14][6 pkts/3539 bytes <-> 4 pkts/620 bytes][Goodput ratio: 93/73][2002.35 sec][bytes ratio: 0.702 (Upload)][IAT c2s/s2c min/avg/max/stddev: 6131/15399 400469/467937 1165850/1229729 441254/541835][Pkt Len c2s/s2c min/avg/max/stddev: 251/147 590/155 876/179 230/14][PLAIN TEXT (50311480073638072@wlan.mnc400.m)][Plen Bins: 0,0,0,30,10,0,10,0,10,0,0,0,0,0,0,0,0,0,0,10,10,10,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 UDP 10.4.64.30:29200 -> 198.226.25.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/745 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (50311480278501009@wlan.mnc4)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 UDP 10.6.64.30:29200 -> 198.226.25.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/745 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (50311480281501589@wlan.mnc480.m)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
6 UDP 10.12.64.30:29200 -> 108.226.25.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/745 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (5031148027)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
7 UDP 10.12.64.30:29200 -> 198.48.25.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/745 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (503114802)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
8 UDP 10.12.64.30:29200 -> 198.114.25.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/745 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
9 UDP 10.12.64.30:29200 -> 198.224.25.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/745 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (WISPRc0)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
10 UDP 10.12.64.30:29200 -> 198.226.25.21:1812 [proto: 146/Radius][cat: Network/14][1 pkts/745 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (50311480232568631)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
11 UDP 10.12.64.30:29200 -> 206.226.25.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/745 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
12 UDP 10.12.64.30:29304 -> 198.226.25.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/745 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
13 UDP 10.12.64.30:30224 -> 198.226.25.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/745 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
14 UDP 10.12.64.37:29200 -> 0.226.25.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/745 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (311480281501589@wlan.mnc480.mcc)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
15 UDP 10.12.64.110:29200 -> 198.226.25.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/745 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (503114800736c)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
16 UDP 10.12.82.30:29200 -> 198.226.25.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/745 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
17 UDP 10.76.64.30:29200 -> 198.226.25.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/745 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (0311480071394304@wlan.mncD)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
18 UDP 57.12.64.30:29200 -> 198.226.25.53:28948 [proto: 146/Radius][cat: Network/14][1 pkts/745 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (50311480250864628)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
19 UDP 182.12.64.30:29200 -> 198.226.25.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/745 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (5031148)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
20 UDP 10.12.64.30:29200 -> 198.119.25.53:1812 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/725 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][Risk: ** Known protocol on non standard port **][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
21 UDP 10.12.64.30:29200 -> 198.226.25.53:1796 [proto: 146/Radius][cat: Network/14][1 pkts/725 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (11480073638072@wlan.mnc)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
22 UDP 10.12.64.30:29200 -> 198.226.37.0:1812 [proto: 146/Radius][cat: Network/14][1 pkts/725 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (50311480250864628@wlan.Vn)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
23 UDP 10.12.64.30:29232 -> 198.226.25.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/725 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
24 UDP 10.12.64.30:29289 -> 198.226.25.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/725 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
25 UDP 10.84.37.0:29200 -> 198.226.25.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/725 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
26 VRRP 10.12.64.30:0 -> 198.226.25.53:0 [proto: 73/VRRP][cat: Network/14][1 pkts/725 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][PLAIN TEXT (50311480250864628@wlan.mnc480.m)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
27 UDP 10.8.64.30:29200 -> 198.226.25.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/697 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (50311480232568631@wlan.mnc490.m)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
28 UDP 10.12.64.30:29200 -> 198.226.77.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/697 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (50311480281501589@wlan.mnc480.m)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
29 UDP 10.12.64.30:29200 -> 198.226.80.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/697 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (50311480432608586@slan.mnc480.m)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
30 UDP 88.12.80.30:29200 -> 198.226.25.53:1812 [proto: 146/Radius][cat: Network/14][1 pkts/697 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][PLAIN TEXT (50311480281501589@wlan.mnc480.m)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
31 UDP 10.12.69.30:29200 -> 198.226.25.53:1813 [proto: 146/Radius][cat: Network/14][1 pkts/671 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
32 UDP 198.226.25.53:1812 -> 10.12.37.0:29200 [proto: 146/Radius][cat: Network/14][2 pkts/557 bytes -> 0 pkts/0 bytes][Goodput ratio: 85/0][908.94 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)][Plen Bins: 0,0,0,0,0,0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
33 UDP 198.226.25.53:1895 -> 10.12.64.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/318 bytes -> 0 pkts/0 bytes][Goodput ratio: 87/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)][Plen Bins: 0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
34 UDP 198.226.25.62:1812 -> 10.12.37.0:29200 [proto: 146/Radius][cat: Network/14][1 pkts/318 bytes -> 0 pkts/0 bytes][Goodput ratio: 87/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)][Plen Bins: 0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
35 UDP 37.0.25.62:1812 -> 10.12.64.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
36 UDP 72.226.25.53:1812 -> 10.12.64.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][PLAIN TEXT (0311480073638072@wMan.ync)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
37 UDP 198.7.9.53:1812 -> 10.12.64.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][PLAIN TEXT (50313480073638072@wlan.mnc480.m)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
38 UDP 198.157.25.53:1812 -> 10.12.64.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
39 UDP 198.226.25.53:1812 -> 10.12.64.30:22544 [proto: 146/Radius][cat: Network/14][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][PLAIN TEXT (50311480250864628@wlan.mnc480.m)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
40 UDP 198.226.25.53:1812 -> 10.12.64.30:29208 [proto: 146/Radius][cat: Network/14][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
41 UDP 198.226.25.53:1812 -> 10.12.64.66:29200 [proto: 146/Radius][cat: Network/14][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][PLAIN TEXT (503114800736S)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
42 UDP 198.226.25.53:1812 -> 10.12.64.73:29200 [proto: 146/Radius][cat: Network/14][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
43 UDP 198.226.25.53:1812 -> 10.12.120.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
44 UDP 198.226.25.53:1812 -> 10.12.172.158:29200 [proto: 146/Radius][cat: Network/14][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
45 UDP 198.226.25.53:1812 -> 10.28.64.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][PLAIN TEXT (50311480250864628@wlan.mnc480.m)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
46 UDP 198.226.25.53:1812 -> 10.56.64.30:9472 [proto: 146/Radius][cat: Network/14][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
47 UDP 198.226.25.53:1812 -> 65.12.64.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][PLAIN TEXT (50311480250864628@wlan.mnc480.m)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
48 UDP 198.226.25.53:1965 -> 10.12.64.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
49 UDP 198.226.25.62:1812 -> 10.12.64.30:29295 [proto: 146/Radius][cat: Network/14][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
50 UDP 198.226.82.53:1812 -> 10.12.64.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
51 UDP 198.230.25.62:1812 -> 10.12.64.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
52 UDP 198.52.25.53:1812 -> 10.12.64.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/206 bytes -> 0 pkts/0 bytes][Goodput ratio: 79/0][< 1 sec][PLAIN TEXT (50311480281501589@Klan.mnc480.m)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
53 UDP 198.162.25.53:1810 -> 10.12.64.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/206 bytes -> 0 pkts/0 bytes][Goodput ratio: 79/0][< 1 sec][PLAIN TEXT (50311480281501589@wlan.Gnc480.m)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
54 UDP 198.226.25.53:1812 -> 10.12.112.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/206 bytes -> 0 pkts/0 bytes][Goodput ratio: 79/0][< 1 sec][PLAIN TEXT (50311480071394304@wlan.mnc480.m)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
55 UDP 198.226.25.53:43028 -> 10.12.64.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/206 bytes -> 0 pkts/0 bytes][Goodput ratio: 79/0][< 1 sec][PLAIN TEXT (50311480432608586@wlan.mnc480.m)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
56 UDP 198.226.25.53:1812 -> 10.12.64.30:29204 [proto: 146/Radius][cat: Network/14][1 pkts/179 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][PLAIN TEXT (50311480071394304@wlan.mnc480.m)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
57 UDP 198.226.25.53:1812 -> 10.12.64.30:29270 [proto: 146/Radius][cat: Network/14][1 pkts/179 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][PLAIN TEXT (503114w)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
58 UDP 198.226.25.53:1812 -> 10.81.64.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/179 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][PLAIN TEXT (50311480432608586@wlan.mnc480.m)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
59 UDP 198.226.25.53:1812 -> 10.82.64.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/179 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][PLAIN TEXT (50311480281501589@wlan.mnc480.m)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
60 UDP 198.226.25.53:1812 -> 10.102.64.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/179 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][PLAIN TEXT (480271516480@wlan.mnc)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
61 UDP 198.226.25.53:1812 -> 74.12.64.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/179 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][PLAIN TEXT (50311480281501589@wlan.mnc480.m)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
62 UDP 198.226.25.53:3860 -> 14.12.64.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/179 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][PLAIN TEXT (50311480432608586@wlan.mnc480.m)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
63 UDP 198.234.25.53:1812 -> 10.12.64.30:29200 [proto: 146/Radius][cat: Network/14][1 pkts/179 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][PLAIN TEXT (11480281501589@wlan.mnc)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
64 UDP 198.226.25.53:1813 -> 10.12.64.30:21008 [proto: 146/Radius][cat: Network/14][1 pkts/147 bytes -> 0 pkts/0 bytes][Goodput ratio: 71/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
65 UDP 198.226.25.53:1813 -> 10.12.64.30:29264 [proto: 146/Radius][cat: Network/14][1 pkts/147 bytes -> 0 pkts/0 bytes][Goodput ratio: 71/0][< 1 sec][PLAIN TEXT (50311480073638072@wla)][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Undetected flows:
1 UDP 170.170.170.170:43690 -> 170.170.170.170:43690 [proto: 0/Unknown][1 pkts/745 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec]
2 254 10.12.64.30:0 -> 198.226.25.53:0 [proto: 0/Unknown][1 pkts/725 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)]
3 0 10.12.64.30:0 -> 198.226.25.53:0 [proto: 0/Unknown][1 pkts/697 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][PLAIN TEXT (50311480071394304@wlan.mnc480.m)]
4 88 198.226.25.53:0 -> 10.12.64.30:0 [proto: 0/Unknown][1 pkts/318 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][PLAIN TEXT (0311480073R)]
5 170 170.170.170.170:0 -> 170.170.170.170:0 [proto: 0/Unknown][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
6 UDP 198.226.170.170:43690 -> 170.170.170.170:43690 [proto: 0/Unknown][1 pkts/206 bytes -> 0 pkts/0 bytes][Goodput ratio: 79/0][< 1 sec]
7 85 198.226.25.62:0 -> 10.12.64.30:0 [proto: 0/Unknown][1 pkts/192 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][PLAIN TEXT (503114s)]
8 UDP 198.226.25.53:309 -> 10.12.64.30:12339 [proto: 0/Unknown][1 pkts/179 bytes -> 0 pkts/0 bytes][Goodput ratio: 61/0][< 1 sec][PLAIN TEXT (50311480071394304@wlan.mnc480.m)]
9 UDP 198.226.25.53:1814 -> 10.12.64.30:29200 [proto: 0/Unknown][1 pkts/179 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][PLAIN TEXT (50311480071394304@wlan.mnc480.m)]
10 UDP 198.226.25.53:43690 -> 10.12.170.170:43690 [proto: 0/Unknown][1 pkts/179 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec]
11 37 198.226.25.53:0 -> 10.12.64.30:0 [proto: 0/Unknown][1 pkts/179 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][PLAIN TEXT (5031148023)]
12 UDP 198.226.25.53:30764 -> 10.12.64.30:12344 [proto: 0/Unknown][1 pkts/147 bytes -> 0 pkts/0 bytes][Goodput ratio: 60/0][< 1 sec][PLAIN TEXT (50311480063638072@wlan.mnc480.m)]
1 UDP 170.170.170.170:43690 -> 170.170.170.170:43690 [proto: 0/Unknown][1 pkts/745 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 254 10.12.64.30:0 -> 198.226.25.53:0 [proto: 0/Unknown][1 pkts/725 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][PLAIN TEXT (50311480073638072@wlan.mnc480.m)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 0 10.12.64.30:0 -> 198.226.25.53:0 [proto: 0/Unknown][1 pkts/697 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][PLAIN TEXT (50311480071394304@wlan.mnc480.m)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 88 198.226.25.53:0 -> 10.12.64.30:0 [proto: 0/Unknown][1 pkts/318 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][PLAIN TEXT (0311480073R)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 170 170.170.170.170:0 -> 170.170.170.170:0 [proto: 0/Unknown][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
6 UDP 198.226.170.170:43690 -> 170.170.170.170:43690 [proto: 0/Unknown][1 pkts/206 bytes -> 0 pkts/0 bytes][Goodput ratio: 79/0][< 1 sec][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
7 85 198.226.25.62:0 -> 10.12.64.30:0 [proto: 0/Unknown][1 pkts/192 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][PLAIN TEXT (503114s)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
8 UDP 198.226.25.53:309 -> 10.12.64.30:12339 [proto: 0/Unknown][1 pkts/179 bytes -> 0 pkts/0 bytes][Goodput ratio: 61/0][< 1 sec][PLAIN TEXT (50311480071394304@wlan.mnc480.m)][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
9 UDP 198.226.25.53:1814 -> 10.12.64.30:29200 [proto: 0/Unknown][1 pkts/179 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][PLAIN TEXT (50311480071394304@wlan.mnc480.m)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
10 UDP 198.226.25.53:43690 -> 10.12.170.170:43690 [proto: 0/Unknown][1 pkts/179 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
11 37 198.226.25.53:0 -> 10.12.64.30:0 [proto: 0/Unknown][1 pkts/179 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][PLAIN TEXT (5031148023)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
12 UDP 198.226.25.53:30764 -> 10.12.64.30:12344 [proto: 0/Unknown][1 pkts/147 bytes -> 0 pkts/0 bytes][Goodput ratio: 60/0][< 1 sec][PLAIN TEXT (50311480063638072@wlan.mnc480.m)][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

2
tests/result/git.pcap.out
View file

@ -1,3 +1,3 @@
Git 90 74005 1
1 TCP 192.168.0.77:47991 <-> 5.153.231.21:9418 [proto: 226/Git][cat: Collaborative/15][41 pkts/3319 bytes <-> 49 pkts/70686 bytes][Goodput ratio: 18/95][1.11 sec][bytes ratio: -0.910 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 31/25 558/607 98/96][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 81/1443 593/2946 82/706][PLAIN TEXT (0045git)]
1 TCP 192.168.0.77:47991 <-> 5.153.231.21:9418 [proto: 226/Git][cat: Collaborative/15][41 pkts/3319 bytes <-> 49 pkts/70686 bytes][Goodput ratio: 18/95][1.11 sec][bytes ratio: -0.910 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 31/25 558/607 98/96][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 81/1443 593/2946 82/706][PLAIN TEXT (0045git)][Plen Bins: 4,0,2,0,0,0,2,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,74,12]

2
tests/result/google_ssl.pcap.out
View file

@ -1,3 +1,3 @@
Google 28 9108 1
1 TCP 172.31.3.224:42835 <-> 216.58.212.100:443 [proto: 91.126/TLS.Google][cat: Web/5][16 pkts/1512 bytes <-> 12 pkts/7596 bytes][Goodput ratio: 43/91][6.67 sec][bytes ratio: -0.668 (Download)][IAT c2s/s2c min/avg/max/stddev: 76/66 422/544 1185/1213 376/402][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 94/633 368/1484 87/622][PLAIN TEXT (@zgsiP)]
1 TCP 172.31.3.224:42835 <-> 216.58.212.100:443 [proto: 91.126/TLS.Google][cat: Web/5][16 pkts/1512 bytes <-> 12 pkts/7596 bytes][Goodput ratio: 43/91][6.67 sec][bytes ratio: -0.668 (Download)][IAT c2s/s2c min/avg/max/stddev: 76/66 422/544 1185/1213 376/402][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 94/633 368/1484 87/622][PLAIN TEXT (@zgsiP)][Plen Bins: 8,8,0,8,0,8,0,0,0,25,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0]

16
tests/result/googledns_android10.pcap.out
View file

@ -6,11 +6,11 @@ JA3 Host Stats:
1 192.168.1.159 2
1 TCP 192.168.1.159:48210 <-> 8.8.4.4:853 [proto: 91.196/TLS.DoH_DoT][cat: Network/14][121 pkts/19065 bytes <-> 120 pkts/45726 bytes][Goodput ratio: 58/83][72.27 sec][bytes ratio: -0.411 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 711/474 15173/5940 1940/1160][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 158/381 384/1484 93/280][Risk: ** Known protocol on non standard port **** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: dns.google][JA3C: 2c776785ee603cc85d37df996bb90cc8][ServerNames: dns.google,*.dns.google.com,8888.google,dns.google.com,dns64.dns.google][JA3S: b44baa8a20901c5663b3a9664ba8a767][Issuer: C=US, O=Google Trust Services, CN=GTS CA 1O1][Subject: C=US, ST=California, L=Mountain View, O=Google LLC, CN=dns.google][Certificate SHA-1: 5B:59:09:FC:7D:50:E6:F7:D1:08:8E:57:42:A2:D8:AE:1F:03:FF:EC][Validity: 2020-05-26 15:20:02 - 2020-08-18 15:20:02][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
2 TCP 192.168.1.159:48098 <-> 8.8.4.4:853 [proto: 91.196/TLS.DoH_DoT][cat: Network/14][68 pkts/9706 bytes <-> 65 pkts/18916 bytes][Goodput ratio: 54/77][117.95 sec][bytes ratio: -0.322 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2097/1988 15177/15193 3804/3968][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 143/291 583/565 94/247][Risk: ** Known protocol on non standard port **** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: dns.google][JA3C: b734f75d22aaff9866fbd5d27eef9106][JA3S: 1249fb68f48c0444718e4d3b48b27188][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
3 TCP 192.168.1.159:48048 <-> 8.8.4.4:853 [proto: 91.196/TLS.DoH_DoT][cat: Network/14][52 pkts/7375 bytes <-> 52 pkts/20720 bytes][Goodput ratio: 53/83][41.01 sec][bytes ratio: -0.475 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 882/623 15271/15287 2537/2442][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 142/398 384/1484 84/406][Risk: ** Known protocol on non standard port **** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: dns.google][JA3C: 2c776785ee603cc85d37df996bb90cc8][ServerNames: dns.google,*.dns.google.com,8888.google,dns.google.com,dns64.dns.google][JA3S: b44baa8a20901c5663b3a9664ba8a767][Issuer: C=US, O=Google Trust Services, CN=GTS CA 1O1][Subject: C=US, ST=California, L=Mountain View, O=Google LLC, CN=dns.google][Certificate SHA-1: 5B:59:09:FC:7D:50:E6:F7:D1:08:8E:57:42:A2:D8:AE:1F:03:FF:EC][Validity: 2020-05-26 15:20:02 - 2020-08-18 15:20:02][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
4 TCP 192.168.1.159:48044 <-> 8.8.4.4:853 [proto: 91.196/TLS.DoH_DoT][cat: Network/14][11 pkts/1097 bytes <-> 10 pkts/4148 bytes][Goodput ratio: 33/84][0.12 sec][bytes ratio: -0.582 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 12/9 34/19 13/8][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 100/415 220/1484 51/544][Risk: ** Known protocol on non standard port **** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: dns.google][JA3C: 2c776785ee603cc85d37df996bb90cc8][ServerNames: dns.google,*.dns.google.com,8888.google,dns.google.com,dns64.dns.google][JA3S: b44baa8a20901c5663b3a9664ba8a767][Issuer: C=US, O=Google Trust Services, CN=GTS CA 1O1][Subject: C=US, ST=California, L=Mountain View, O=Google LLC, CN=dns.google][Certificate SHA-1: 5B:59:09:FC:7D:50:E6:F7:D1:08:8E:57:42:A2:D8:AE:1F:03:FF:EC][Validity: 2020-05-26 15:20:02 - 2020-08-18 15:20:02][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
5 TCP 192.168.1.159:56024 <-> 8.8.8.8:853 [proto: 91.196/TLS.DoH_DoT][cat: Network/14][11 pkts/1097 bytes <-> 10 pkts/4148 bytes][Goodput ratio: 33/84][0.14 sec][bytes ratio: -0.582 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 15/12 46/31 17/11][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 100/415 220/1484 51/544][Risk: ** Known protocol on non standard port **** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: dns.google][JA3C: 2c776785ee603cc85d37df996bb90cc8][ServerNames: dns.google,*.dns.google.com,8888.google,dns.google.com,dns64.dns.google][JA3S: b44baa8a20901c5663b3a9664ba8a767][Issuer: C=US, O=Google Trust Services, CN=GTS CA 1O1][Subject: C=US, ST=California, L=Mountain View, O=Google LLC, CN=dns.google][Certificate SHA-1: 5B:59:09:FC:7D:50:E6:F7:D1:08:8E:57:42:A2:D8:AE:1F:03:FF:EC][Validity: 2020-05-26 15:20:02 - 2020-08-18 15:20:02][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
6 ICMP 192.168.1.159:0 <-> 8.8.8.8:0 [proto: 81.126/ICMP.Google][cat: Network/14][2 pkts/196 bytes <-> 2 pkts/196 bytes][Goodput ratio: 57/57][0.99 sec]
7 TCP 8.8.8.8:853 <-> 192.168.1.159:55856 [proto: 196.126/DoH_DoT.Google][cat: Web/5][5 pkts/330 bytes <-> 1 pkts/54 bytes][Goodput ratio: 0/0][1.80 sec][bytes ratio: 0.719 (Upload)][IAT c2s/s2c min/avg/max/stddev: 223/0 449/0 911/0 281/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 66/54 66/54 0/0]
8 TCP 8.8.4.4:853 <-> 192.168.1.159:47968 [proto: 196.126/DoH_DoT.Google][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/54 bytes][Goodput ratio: 0/0][0.09 sec]
1 TCP 192.168.1.159:48210 <-> 8.8.4.4:853 [proto: 91.196/TLS.DoH_DoT][cat: Network/14][121 pkts/19065 bytes <-> 120 pkts/45726 bytes][Goodput ratio: 58/83][72.27 sec][bytes ratio: -0.411 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 711/474 15173/5940 1940/1160][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 158/381 384/1484 93/280][Risk: ** Known protocol on non standard port **** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: dns.google][JA3C: 2c776785ee603cc85d37df996bb90cc8][ServerNames: dns.google,*.dns.google.com,8888.google,dns.google.com,dns64.dns.google][JA3S: b44baa8a20901c5663b3a9664ba8a767][Issuer: C=US, O=Google Trust Services, CN=GTS CA 1O1][Subject: C=US, ST=California, L=Mountain View, O=Google LLC, CN=dns.google][Certificate SHA-1: 5B:59:09:FC:7D:50:E6:F7:D1:08:8E:57:42:A2:D8:AE:1F:03:FF:EC][Validity: 2020-05-26 15:20:02 - 2020-08-18 15:20:02][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,41,0,0,0,0,5,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0]
2 TCP 192.168.1.159:48098 <-> 8.8.4.4:853 [proto: 91.196/TLS.DoH_DoT][cat: Network/14][68 pkts/9706 bytes <-> 65 pkts/18916 bytes][Goodput ratio: 54/77][117.95 sec][bytes ratio: -0.322 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2097/1988 15177/15193 3804/3968][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 143/291 583/565 94/247][Risk: ** Known protocol on non standard port **** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: dns.google][JA3C: b734f75d22aaff9866fbd5d27eef9106][JA3S: 1249fb68f48c0444718e4d3b48b27188][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 1,1,0,0,48,0,0,0,0,0,0,0,0,0,0,46,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 TCP 192.168.1.159:48048 <-> 8.8.4.4:853 [proto: 91.196/TLS.DoH_DoT][cat: Network/14][52 pkts/7375 bytes <-> 52 pkts/20720 bytes][Goodput ratio: 53/83][41.01 sec][bytes ratio: -0.475 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 882/623 15271/15287 2537/2442][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 142/398 384/1484 84/406][Risk: ** Known protocol on non standard port **** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: dns.google][JA3C: 2c776785ee603cc85d37df996bb90cc8][ServerNames: dns.google,*.dns.google.com,8888.google,dns.google.com,dns64.dns.google][JA3S: b44baa8a20901c5663b3a9664ba8a767][Issuer: C=US, O=Google Trust Services, CN=GTS CA 1O1][Subject: C=US, ST=California, L=Mountain View, O=Google LLC, CN=dns.google][Certificate SHA-1: 5B:59:09:FC:7D:50:E6:F7:D1:08:8E:57:42:A2:D8:AE:1F:03:FF:EC][Validity: 2020-05-26 15:20:02 - 2020-08-18 15:20:02][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 1,0,1,0,42,0,0,1,0,3,0,0,0,0,0,38,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,3,0,0]
4 TCP 192.168.1.159:48044 <-> 8.8.4.4:853 [proto: 91.196/TLS.DoH_DoT][cat: Network/14][11 pkts/1097 bytes <-> 10 pkts/4148 bytes][Goodput ratio: 33/84][0.12 sec][bytes ratio: -0.582 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 12/9 34/19 13/8][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 100/415 220/1484 51/544][Risk: ** Known protocol on non standard port **** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: dns.google][JA3C: 2c776785ee603cc85d37df996bb90cc8][ServerNames: dns.google,*.dns.google.com,8888.google,dns.google.com,dns64.dns.google][JA3S: b44baa8a20901c5663b3a9664ba8a767][Issuer: C=US, O=Google Trust Services, CN=GTS CA 1O1][Subject: C=US, ST=California, L=Mountain View, O=Google LLC, CN=dns.google][Certificate SHA-1: 5B:59:09:FC:7D:50:E6:F7:D1:08:8E:57:42:A2:D8:AE:1F:03:FF:EC][Validity: 2020-05-26 15:20:02 - 2020-08-18 15:20:02][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 11,0,22,11,11,0,0,11,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,22,0,0]
5 TCP 192.168.1.159:56024 <-> 8.8.8.8:853 [proto: 91.196/TLS.DoH_DoT][cat: Network/14][11 pkts/1097 bytes <-> 10 pkts/4148 bytes][Goodput ratio: 33/84][0.14 sec][bytes ratio: -0.582 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 15/12 46/31 17/11][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 100/415 220/1484 51/544][Risk: ** Known protocol on non standard port **** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: dns.google][JA3C: 2c776785ee603cc85d37df996bb90cc8][ServerNames: dns.google,*.dns.google.com,8888.google,dns.google.com,dns64.dns.google][JA3S: b44baa8a20901c5663b3a9664ba8a767][Issuer: C=US, O=Google Trust Services, CN=GTS CA 1O1][Subject: C=US, ST=California, L=Mountain View, O=Google LLC, CN=dns.google][Certificate SHA-1: 5B:59:09:FC:7D:50:E6:F7:D1:08:8E:57:42:A2:D8:AE:1F:03:FF:EC][Validity: 2020-05-26 15:20:02 - 2020-08-18 15:20:02][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 11,0,22,11,11,0,0,11,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,22,0,0]
6 ICMP 192.168.1.159:0 <-> 8.8.8.8:0 [proto: 81.126/ICMP.Google][cat: Network/14][2 pkts/196 bytes <-> 2 pkts/196 bytes][Goodput ratio: 57/57][0.99 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
7 TCP 8.8.8.8:853 <-> 192.168.1.159:55856 [proto: 196.126/DoH_DoT.Google][cat: Web/5][5 pkts/330 bytes <-> 1 pkts/54 bytes][Goodput ratio: 0/0][1.80 sec][bytes ratio: 0.719 (Upload)][IAT c2s/s2c min/avg/max/stddev: 223/0 449/0 911/0 281/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 66/54 66/54 0/0][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
8 TCP 8.8.4.4:853 <-> 192.168.1.159:47968 [proto: 196.126/DoH_DoT.Google][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/54 bytes][Goodput ratio: 0/0][0.09 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

2
tests/result/hangout.pcap.out
View file

@ -1,3 +1,3 @@
GoogleHangoutDuo 19 2774 1
1 UDP 74.125.134.127:19305 -> 10.89.61.13:56406 [proto: 78.201/STUN.GoogleHangoutDuo][cat: VoIP/10][19 pkts/2774 bytes -> 0 pkts/0 bytes][Goodput ratio: 71/0][18.02 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 993/0 1000/0 1010/0 5/0][Pkt Len c2s/s2c min/avg/max/stddev: 146/0 146/0 146/0 0/0][Risk: ** Known protocol on non standard port **][PLAIN TEXT (sdiKGkw)]
1 UDP 74.125.134.127:19305 -> 10.89.61.13:56406 [proto: 78.201/STUN.GoogleHangoutDuo][cat: VoIP/10][19 pkts/2774 bytes -> 0 pkts/0 bytes][Goodput ratio: 71/0][18.02 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 993/0 1000/0 1010/0 5/0][Pkt Len c2s/s2c min/avg/max/stddev: 146/0 146/0 146/0 0/0][Risk: ** Known protocol on non standard port **][PLAIN TEXT (sdiKGkw)][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

2
tests/result/http-crash-content-disposition.pcap.out
View file

@ -1,3 +1,3 @@
Amazon 9 3328 1
1 TCP 192.168.0.103:51171 <-> 174.129.0.10:80 [proto: 7.178/HTTP.Amazon][cat: Web/5][4 pkts/691 bytes <-> 5 pkts/2637 bytes][Goodput ratio: 69/90][0.31 sec][Host: khu.sh][bytes ratio: -0.585 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 48/50 125/145 55/59][Pkt Len c2s/s2c min/avg/max/stddev: 52/52 173/527 480/1492 178/601][URL: khu.sh/imessages.php?songify_a=3h248fIbwJ&new][StatusCode: 200][Content-Type: text/html][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (POST /imessages.php)]
1 TCP 192.168.0.103:51171 <-> 174.129.0.10:80 [proto: 7.178/HTTP.Amazon][cat: Web/5][4 pkts/691 bytes <-> 5 pkts/2637 bytes][Goodput ratio: 69/90][0.31 sec][Host: khu.sh][bytes ratio: -0.585 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 48/50 125/145 55/59][Pkt Len c2s/s2c min/avg/max/stddev: 52/52 173/527 480/1492 178/601][URL: khu.sh/imessages.php?songify_a=3h248fIbwJ&new][StatusCode: 200][Content-Type: text/html][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (POST /imessages.php)][Plen Bins: 0,25,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0]

30
tests/result/http_ipv6.pcap.out
View file

@ -9,18 +9,18 @@ JA3 Host Stats:
1 2a00:d40:1:3:7aac:c0ff:fea7:d4c 1
1 UDP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:45931 <-> [2a00:1450:4001:803::1017]:443 [proto: 188.126/QUIC.Google][cat: Web/5][33 pkts/7741 bytes <-> 29 pkts/8236 bytes][Goodput ratio: 74/78][11.12 sec][Host: www.google.it][bytes ratio: -0.031 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 11/2 412/168 6008/1778 1177/366][Pkt Len c2s/s2c min/avg/max/stddev: 99/91 235/284 1412/1412 286/301][PLAIN TEXT (www.google.it)]
2 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:37506 <-> [2a03:b0c0:3:d0::70:1001]:443 [proto: 91.26/TLS.ntop][cat: Network/14][14 pkts/3969 bytes <-> 12 pkts/11648 bytes][Goodput ratio: 69/91][0.43 sec][ALPN: http/1.1;spdy/3.1;h2-14;h2][bytes ratio: -0.492 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 37/44 229/290 62/88][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 284/971 919/1514 324/539][Risk: ** TLS Certificate Mismatch **][TLSv1.2][Client: www.ntop.org][JA3C: d3e627f423a33ea41841c19b8af79293][ServerNames: shop.ntop.org,www.shop.ntop.org][JA3S: 389ed42c02ebecc32e73aa31def07e14][Issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA][Subject: OU=Domain Control Validated, OU=PositiveSSL, CN=shop.ntop.org][Certificate SHA-1: FB:A6:FF:A7:58:F3:9D:54:24:45:E5:A0:C4:04:18:D5:58:91:E0:34][Validity: 2015-11-15 00:00:00 - 2018-11-14 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
3 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:37486 <-> [2a03:b0c0:3:d0::70:1001]:443 [proto: 91.26/TLS.ntop][cat: Network/14][11 pkts/1292 bytes <-> 8 pkts/5722 bytes][Goodput ratio: 26/88][0.17 sec][ALPN: http/1.1;spdy/3.1;h2-14;h2][bytes ratio: -0.632 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 18/11 64/27 19/12][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 117/715 298/1514 67/608][Risk: ** TLS Certificate Mismatch **][TLSv1.2][Client: www.ntop.org][JA3C: d3e627f423a33ea41841c19b8af79293][ServerNames: shop.ntop.org,www.shop.ntop.org][JA3S: 389ed42c02ebecc32e73aa31def07e14][Issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA][Subject: OU=Domain Control Validated, OU=PositiveSSL, CN=shop.ntop.org][Certificate SHA-1: FB:A6:FF:A7:58:F3:9D:54:24:45:E5:A0:C4:04:18:D5:58:91:E0:34][Validity: 2015-11-15 00:00:00 - 2018-11-14 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
4 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:37494 <-> [2a03:b0c0:3:d0::70:1001]:443 [proto: 91.26/TLS.ntop][cat: Network/14][10 pkts/1206 bytes <-> 8 pkts/5722 bytes][Goodput ratio: 28/88][0.12 sec][ALPN: http/1.1;spdy/3.1;h2-14;h2][bytes ratio: -0.652 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 15/9 50/23 16/10][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 121/715 298/1514 70/608][Risk: ** TLS Certificate Mismatch **][TLSv1.2][Client: www.ntop.org][JA3C: d3e627f423a33ea41841c19b8af79293][ServerNames: shop.ntop.org,www.shop.ntop.org][JA3S: 389ed42c02ebecc32e73aa31def07e14][Issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA][Subject: OU=Domain Control Validated, OU=PositiveSSL, CN=shop.ntop.org][Certificate SHA-1: FB:A6:FF:A7:58:F3:9D:54:24:45:E5:A0:C4:04:18:D5:58:91:E0:34][Validity: 2015-11-15 00:00:00 - 2018-11-14 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
5 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:37488 <-> [2a03:b0c0:3:d0::70:1001]:443 [proto: 91.26/TLS.ntop][cat: Network/14][10 pkts/1206 bytes <-> 7 pkts/5636 bytes][Goodput ratio: 28/89][0.17 sec][ALPN: http/1.1;spdy/3.1;h2-14;h2][bytes ratio: -0.647 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 20/9 63/25 20/10][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 121/805 298/2754 70/929][Risk: ** TLS Certificate Mismatch **][TLSv1.2][Client: www.ntop.org][JA3C: d3e627f423a33ea41841c19b8af79293][ServerNames: shop.ntop.org,www.shop.ntop.org][JA3S: 389ed42c02ebecc32e73aa31def07e14][Issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA][Subject: OU=Domain Control Validated, OU=PositiveSSL, CN=shop.ntop.org][Certificate SHA-1: FB:A6:FF:A7:58:F3:9D:54:24:45:E5:A0:C4:04:18:D5:58:91:E0:34][Validity: 2015-11-15 00:00:00 - 2018-11-14 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
6 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:53132 <-> [2a02:26f0:ad:197::236]:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][7 pkts/960 bytes <-> 5 pkts/4227 bytes][Goodput ratio: 36/90][0.06 sec][ALPN: http/1.1;spdy/3.1;h2-14;h2][bytes ratio: -0.630 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3/3 8/7 3/3][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 137/845 310/2942 83/1078][TLSv1.2][Client: s-static.ak.facebook.com][JA3C: d3e627f423a33ea41841c19b8af79293][ServerNames: *.ak.fbcdn.net,s-static.ak.fbcdn.net,igsonar.com,*.igsonar.com,ak.facebook.com,*.ak.facebook.com,*.s-static.ak.facebook.com,connect.facebook.net,s-static.ak.facebook.com][JA3S: b898351eb5e266aefd3723d466935494][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance CA-3][Subject: C=US, ST=CA, L=Menlo Park, O=Facebook, Inc., CN=*.ak.fbcdn.net][Certificate SHA-1: E7:62:76:74:8D:09:F7:E9:69:05:B8:1A:37:A1:30:2D:FF:3B:BC:0A][Validity: 2015-08-12 00:00:00 - 2015-12-31 12:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
7 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:53134 <-> [2a02:26f0:ad:197::236]:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][6 pkts/874 bytes <-> 4 pkts/4141 bytes][Goodput ratio: 40/91][0.06 sec][ALPN: http/1.1;spdy/3.1;h2-14;h2][bytes ratio: -0.651 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 12/5 43/8 16/3][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 146/1035 310/3633 86/1503][TLSv1.2][Client: s-static.ak.facebook.com][JA3C: d3e627f423a33ea41841c19b8af79293][ServerNames: *.ak.fbcdn.net,s-static.ak.fbcdn.net,igsonar.com,*.igsonar.com,ak.facebook.com,*.ak.facebook.com,*.s-static.ak.facebook.com,connect.facebook.net,s-static.ak.facebook.com][JA3S: b898351eb5e266aefd3723d466935494][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance CA-3][Subject: C=US, ST=CA, L=Menlo Park, O=Facebook, Inc., CN=*.ak.fbcdn.net][Certificate SHA-1: E7:62:76:74:8D:09:F7:E9:69:05:B8:1A:37:A1:30:2D:FF:3B:BC:0A][Validity: 2015-08-12 00:00:00 - 2015-12-31 12:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
8 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:41776 <-> [2a00:1450:4001:803::1017]:443 [proto: 91/TLS][cat: Web/5][7 pkts/860 bytes <-> 7 pkts/1353 bytes][Goodput ratio: 30/55][0.12 sec][bytes ratio: -0.223 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 11/6 30/30 13/12][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 123/193 268/592 62/172]
9 UDP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:55145 <-> [2a00:1450:400b:c02::5f]:443 [proto: 188/QUIC][cat: Web/5][2 pkts/359 bytes <-> 1 pkts/143 bytes][Goodput ratio: 65/56][0.07 sec]
10 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:33062 <-> [2a00:1450:400b:c02::9a]:443 [proto: 91/TLS][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0/0][0.04 sec]
11 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:40308 <-> [2a03:2880:1010:3f20:face:b00c::25de]:443 [proto: 91/TLS][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0/0][0.13 sec]
12 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:40526 <-> [2a00:1450:4006:804::200e]:443 [proto: 91/TLS][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0/0][0.02 sec]
13 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:58660 <-> [2a00:1450:4006:803::2008]:443 [proto: 91/TLS][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0/0][0.02 sec]
14 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:59690 <-> [2a00:1450:4001:803::1012]:443 [proto: 91/TLS][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0/0][0.02 sec]
15 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:60124 <-> [2a02:26f0:ad:1a1::eed]:443 [proto: 91/TLS][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0/0][0.01 sec]
1 UDP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:45931 <-> [2a00:1450:4001:803::1017]:443 [proto: 188.126/QUIC.Google][cat: Web/5][33 pkts/7741 bytes <-> 29 pkts/8236 bytes][Goodput ratio: 74/78][11.12 sec][Host: www.google.it][bytes ratio: -0.031 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 11/2 412/168 6008/1778 1177/366][Pkt Len c2s/s2c min/avg/max/stddev: 99/91 235/284 1412/1412 286/301][PLAIN TEXT (www.google.it)][Plen Bins: 8,51,0,0,0,1,17,4,0,0,0,0,0,0,0,1,6,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,3,0,0,0,0]
2 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:37506 <-> [2a03:b0c0:3:d0::70:1001]:443 [proto: 91.26/TLS.ntop][cat: Network/14][14 pkts/3969 bytes <-> 12 pkts/11648 bytes][Goodput ratio: 69/91][0.43 sec][ALPN: http/1.1;spdy/3.1;h2-14;h2][bytes ratio: -0.492 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 37/44 229/290 62/88][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 284/971 919/1514 324/539][Risk: ** TLS Certificate Mismatch **][TLSv1.2][Client: www.ntop.org][JA3C: d3e627f423a33ea41841c19b8af79293][ServerNames: shop.ntop.org,www.shop.ntop.org][JA3S: 389ed42c02ebecc32e73aa31def07e14][Issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA][Subject: OU=Domain Control Validated, OU=PositiveSSL, CN=shop.ntop.org][Certificate SHA-1: FB:A6:FF:A7:58:F3:9D:54:24:45:E5:A0:C4:04:18:D5:58:91:E0:34][Validity: 2015-11-15 00:00:00 - 2018-11-14 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,0,6,0,0,6,0,6,0,0,0,0,0,0,0,0,6,0,0,6,0,0,0,6,6,6,0,0,0,0,6,0,0,0,0,6,0,6,0,0,0,0,0,26,0,0]
3 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:37486 <-> [2a03:b0c0:3:d0::70:1001]:443 [proto: 91.26/TLS.ntop][cat: Network/14][11 pkts/1292 bytes <-> 8 pkts/5722 bytes][Goodput ratio: 26/88][0.17 sec][ALPN: http/1.1;spdy/3.1;h2-14;h2][bytes ratio: -0.632 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 18/11 64/27 19/12][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 117/715 298/1514 67/608][Risk: ** TLS Certificate Mismatch **][TLSv1.2][Client: www.ntop.org][JA3C: d3e627f423a33ea41841c19b8af79293][ServerNames: shop.ntop.org,www.shop.ntop.org][JA3S: 389ed42c02ebecc32e73aa31def07e14][Issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA][Subject: OU=Domain Control Validated, OU=PositiveSSL, CN=shop.ntop.org][Certificate SHA-1: FB:A6:FF:A7:58:F3:9D:54:24:45:E5:A0:C4:04:18:D5:58:91:E0:34][Validity: 2015-11-15 00:00:00 - 2018-11-14 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,0,14,0,0,14,0,14,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,28,0,0]
4 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:37494 <-> [2a03:b0c0:3:d0::70:1001]:443 [proto: 91.26/TLS.ntop][cat: Network/14][10 pkts/1206 bytes <-> 8 pkts/5722 bytes][Goodput ratio: 28/88][0.12 sec][ALPN: http/1.1;spdy/3.1;h2-14;h2][bytes ratio: -0.652 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 15/9 50/23 16/10][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 121/715 298/1514 70/608][Risk: ** TLS Certificate Mismatch **][TLSv1.2][Client: www.ntop.org][JA3C: d3e627f423a33ea41841c19b8af79293][ServerNames: shop.ntop.org,www.shop.ntop.org][JA3S: 389ed42c02ebecc32e73aa31def07e14][Issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA][Subject: OU=Domain Control Validated, OU=PositiveSSL, CN=shop.ntop.org][Certificate SHA-1: FB:A6:FF:A7:58:F3:9D:54:24:45:E5:A0:C4:04:18:D5:58:91:E0:34][Validity: 2015-11-15 00:00:00 - 2018-11-14 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,0,14,0,0,14,0,14,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,28,0,0]
5 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:37488 <-> [2a03:b0c0:3:d0::70:1001]:443 [proto: 91.26/TLS.ntop][cat: Network/14][10 pkts/1206 bytes <-> 7 pkts/5636 bytes][Goodput ratio: 28/89][0.17 sec][ALPN: http/1.1;spdy/3.1;h2-14;h2][bytes ratio: -0.647 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 20/9 63/25 20/10][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 121/805 298/2754 70/929][Risk: ** TLS Certificate Mismatch **][TLSv1.2][Client: www.ntop.org][JA3C: d3e627f423a33ea41841c19b8af79293][ServerNames: shop.ntop.org,www.shop.ntop.org][JA3S: 389ed42c02ebecc32e73aa31def07e14][Issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA][Subject: OU=Domain Control Validated, OU=PositiveSSL, CN=shop.ntop.org][Certificate SHA-1: FB:A6:FF:A7:58:F3:9D:54:24:45:E5:A0:C4:04:18:D5:58:91:E0:34][Validity: 2015-11-15 00:00:00 - 2018-11-14 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,0,16,0,0,16,0,16,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,16]
6 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:53132 <-> [2a02:26f0:ad:197::236]:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][7 pkts/960 bytes <-> 5 pkts/4227 bytes][Goodput ratio: 36/90][0.06 sec][ALPN: http/1.1;spdy/3.1;h2-14;h2][bytes ratio: -0.630 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3/3 8/7 3/3][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 137/845 310/2942 83/1078][TLSv1.2][Client: s-static.ak.facebook.com][JA3C: d3e627f423a33ea41841c19b8af79293][ServerNames: *.ak.fbcdn.net,s-static.ak.fbcdn.net,igsonar.com,*.igsonar.com,ak.facebook.com,*.ak.facebook.com,*.s-static.ak.facebook.com,connect.facebook.net,s-static.ak.facebook.com][JA3S: b898351eb5e266aefd3723d466935494][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance CA-3][Subject: C=US, ST=CA, L=Menlo Park, O=Facebook, Inc., CN=*.ak.fbcdn.net][Certificate SHA-1: E7:62:76:74:8D:09:F7:E9:69:05:B8:1A:37:A1:30:2D:FF:3B:BC:0A][Validity: 2015-08-12 00:00:00 - 2015-12-31 12:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,0,20,0,0,0,40,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20]
7 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:53134 <-> [2a02:26f0:ad:197::236]:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][6 pkts/874 bytes <-> 4 pkts/4141 bytes][Goodput ratio: 40/91][0.06 sec][ALPN: http/1.1;spdy/3.1;h2-14;h2][bytes ratio: -0.651 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 12/5 43/8 16/3][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 146/1035 310/3633 86/1503][TLSv1.2][Client: s-static.ak.facebook.com][JA3C: d3e627f423a33ea41841c19b8af79293][ServerNames: *.ak.fbcdn.net,s-static.ak.fbcdn.net,igsonar.com,*.igsonar.com,ak.facebook.com,*.ak.facebook.com,*.s-static.ak.facebook.com,connect.facebook.net,s-static.ak.facebook.com][JA3S: b898351eb5e266aefd3723d466935494][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance CA-3][Subject: C=US, ST=CA, L=Menlo Park, O=Facebook, Inc., CN=*.ak.fbcdn.net][Certificate SHA-1: E7:62:76:74:8D:09:F7:E9:69:05:B8:1A:37:A1:30:2D:FF:3B:BC:0A][Validity: 2015-08-12 00:00:00 - 2015-12-31 12:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,0,25,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25]
8 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:41776 <-> [2a00:1450:4001:803::1017]:443 [proto: 91/TLS][cat: Web/5][7 pkts/860 bytes <-> 7 pkts/1353 bytes][Goodput ratio: 30/55][0.12 sec][bytes ratio: -0.223 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 11/6 30/30 13/12][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 123/193 268/592 62/172][Plen Bins: 0,57,0,0,0,28,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
9 UDP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:55145 <-> [2a00:1450:400b:c02::5f]:443 [proto: 188/QUIC][cat: Web/5][2 pkts/359 bytes <-> 1 pkts/143 bytes][Goodput ratio: 65/56][0.07 sec][Plen Bins: 0,33,33,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
10 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:33062 <-> [2a00:1450:400b:c02::9a]:443 [proto: 91/TLS][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0/0][0.04 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
11 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:40308 <-> [2a03:2880:1010:3f20:face:b00c::25de]:443 [proto: 91/TLS][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0/0][0.13 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
12 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:40526 <-> [2a00:1450:4006:804::200e]:443 [proto: 91/TLS][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0/0][0.02 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
13 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:58660 <-> [2a00:1450:4006:803::2008]:443 [proto: 91/TLS][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0/0][0.02 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
14 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:59690 <-> [2a00:1450:4001:803::1012]:443 [proto: 91/TLS][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0/0][0.02 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
15 TCP [2a00:d40:1:3:7aac:c0ff:fea7:d4c]:60124 <-> [2a02:26f0:ad:1a1::eed]:443 [proto: 91/TLS][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0/0][0.01 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

12
tests/result/iec60780-5-104.pcap.out
View file

@ -1,8 +1,8 @@
IEC60870 147 9033 6
1 TCP 172.27.248.109:1578 <-> 172.27.248.79:2404 [proto: 245/IEC60870][cat: Network/14][28 pkts/1758 bytes <-> 19 pkts/1297 bytes][Goodput ratio: 9/20][235.18 sec][bytes ratio: 0.151 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/4 9106/11905 32485/32516 10297/10287][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 63/68 76/118 5/15]
2 TCP 172.27.248.109:1568 <-> 172.27.248.79:2404 [proto: 245/IEC60870][cat: Network/14][17 pkts/1040 bytes <-> 12 pkts/674 bytes][Goodput ratio: 7/3][160.96 sec][bytes ratio: 0.214 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 9874/10029 38294/26906 11815/8997][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 61/56 68/62 2/3]
3 TCP 172.27.248.109:1572 <-> 172.27.248.79:2404 [proto: 245/IEC60870][cat: Network/14][15 pkts/940 bytes <-> 10 pkts/572 bytes][Goodput ratio: 9/4][191.16 sec][bytes ratio: 0.243 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 12850/21996 59783/60001 22023/25276][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 63/57 76/62 5/3]
4 TCP 172.27.248.109:1571 <-> 172.27.248.79:2404 [proto: 245/IEC60870][cat: Network/14][10 pkts/609 bytes <-> 7 pkts/398 bytes][Goodput ratio: 5/3][102.90 sec][bytes ratio: 0.210 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 8708/15094 59736/60003 19503/25928][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 61/57 67/62 2/3]
5 TCP 172.27.248.109:1570 <-> 172.27.248.79:2404 [proto: 245/IEC60870][cat: Network/14][10 pkts/624 bytes <-> 6 pkts/344 bytes][Goodput ratio: 7/3][92.07 sec][bytes ratio: 0.289 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 11477/15000 42399/42717 16042/17488][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 62/57 72/62 4/3]
6 TCP 172.27.248.109:1577 <-> 172.27.248.79:2404 [proto: 245/IEC60870][cat: Network/14][8 pkts/493 bytes <-> 5 pkts/284 bytes][Goodput ratio: 6/2][36.61 sec][bytes ratio: 0.269 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/4 6100/11100 21872/22196 8836/11096][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 62/57 71/62 4/3]
1 TCP 172.27.248.109:1578 <-> 172.27.248.79:2404 [proto: 245/IEC60870][cat: Network/14][28 pkts/1758 bytes <-> 19 pkts/1297 bytes][Goodput ratio: 9/20][235.18 sec][bytes ratio: 0.151 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/4 9106/11905 32485/32516 10297/10287][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 63/68 76/118 5/15][Plen Bins: 96,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 TCP 172.27.248.109:1568 <-> 172.27.248.79:2404 [proto: 245/IEC60870][cat: Network/14][17 pkts/1040 bytes <-> 12 pkts/674 bytes][Goodput ratio: 7/3][160.96 sec][bytes ratio: 0.214 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 9874/10029 38294/26906 11815/8997][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 61/56 68/62 2/3][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 TCP 172.27.248.109:1572 <-> 172.27.248.79:2404 [proto: 245/IEC60870][cat: Network/14][15 pkts/940 bytes <-> 10 pkts/572 bytes][Goodput ratio: 9/4][191.16 sec][bytes ratio: 0.243 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 12850/21996 59783/60001 22023/25276][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 63/57 76/62 5/3][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 TCP 172.27.248.109:1571 <-> 172.27.248.79:2404 [proto: 245/IEC60870][cat: Network/14][10 pkts/609 bytes <-> 7 pkts/398 bytes][Goodput ratio: 5/3][102.90 sec][bytes ratio: 0.210 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 8708/15094 59736/60003 19503/25928][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 61/57 67/62 2/3][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 TCP 172.27.248.109:1570 <-> 172.27.248.79:2404 [proto: 245/IEC60870][cat: Network/14][10 pkts/624 bytes <-> 6 pkts/344 bytes][Goodput ratio: 7/3][92.07 sec][bytes ratio: 0.289 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 11477/15000 42399/42717 16042/17488][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 62/57 72/62 4/3][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
6 TCP 172.27.248.109:1577 <-> 172.27.248.79:2404 [proto: 245/IEC60870][cat: Network/14][8 pkts/493 bytes <-> 5 pkts/284 bytes][Goodput ratio: 6/2][36.61 sec][bytes ratio: 0.269 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/4 6100/11100 21872/22196 8836/11096][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 62/57 71/62 4/3][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

2
tests/result/imaps.pcap.out
View file

@ -5,4 +5,4 @@ JA3 Host Stats:
1 192.168.1.8 1
1 TCP 192.168.1.8:50506 <-> 167.99.215.164:993 [proto: 91.26/TLS.ntop][cat: Network/14][10 pkts/1220 bytes <-> 10 pkts/3976 bytes][Goodput ratio: 45/83][0.33 sec][bytes ratio: -0.530 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 33/22 77/43 26/19][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 122/398 293/1506 78/557][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: mail.ntop.org][JA3C: 4923a265be4d81c68ecda45bb89cdf6a][ServerNames: mail.ntop.org][JA3S: b653c251b0ee54c3088fe7bb997cf59d][Issuer: C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3][Subject: CN=mail.ntop.org][Certificate SHA-1: F1:9A:35:30:96:57:5E:56:81:28:2C:D9:45:A5:83:21:9E:E8:C5:DF][Validity: 2020-04-18 00:15:22 - 2020-07-17 00:15:22][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384]
1 TCP 192.168.1.8:50506 <-> 167.99.215.164:993 [proto: 91.26/TLS.ntop][cat: Network/14][10 pkts/1220 bytes <-> 10 pkts/3976 bytes][Goodput ratio: 45/83][0.33 sec][bytes ratio: -0.530 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 33/22 77/43 26/19][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 122/398 293/1506 78/557][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: mail.ntop.org][JA3C: 4923a265be4d81c68ecda45bb89cdf6a][ServerNames: mail.ntop.org][JA3S: b653c251b0ee54c3088fe7bb997cf59d][Issuer: C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3][Subject: CN=mail.ntop.org][Certificate SHA-1: F1:9A:35:30:96:57:5E:56:81:28:2C:D9:45:A5:83:21:9E:E8:C5:DF][Validity: 2020-04-18 00:15:22 - 2020-07-17 00:15:22][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 0,20,10,10,20,10,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0]

76
tests/result/instagram.pcap.out
View file

@ -12,44 +12,44 @@ JA3 Host Stats:
2 192.168.0.103 1
1 TCP 192.168.2.17:49355 <-> 31.13.86.52:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][456 pkts/33086 bytes <-> 910 pkts/1277296 bytes][Goodput ratio: 9/95][14.29 sec][ALPN: http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.3 (Fizz)][bytes ratio: -0.950 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 38/1 10107/274 547/12][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 73/1404 657/1454 57/231][TLSv1.3 (Fizz)][Client: scontent-mxp1-1.cdninstagram.com][JA3C: 7a29c223fb122ec64d10f0a159e07996][JA3S: f4febc55ea12b31ae17cfb7e614afda8][Cipher: TLS_AES_128_GCM_SHA256]
2 TCP 192.168.2.17:49358 <-> 31.13.86.52:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][165 pkts/14193 bytes <-> 223 pkts/295045 bytes][Goodput ratio: 23/95][13.54 sec][ALPN: http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.3 (Fizz)][bytes ratio: -0.908 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 97/3 10201/155 909/18][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 86/1323 654/1454 101/381][TLSv1.2][Client: scontent-mxp1-1.cdninstagram.com][JA3C: 44dab16d680ef93487bc16ad23b3ffb1]
3 TCP 192.168.2.17:49360 <-> 31.13.86.52:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][153 pkts/11644 bytes <-> 206 pkts/284089 bytes][Goodput ratio: 13/95][2.91 sec][ALPN: http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.3 (Fizz)][bytes ratio: -0.921 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 23/0 2756/16 247/1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 76/1379 592/1454 68/296][TLSv1.2][Client: scontent-mxp1-1.cdninstagram.com][JA3C: 44dab16d680ef93487bc16ad23b3ffb1]
4 TCP 192.168.2.17:49359 <-> 31.13.86.52:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][102 pkts/9950 bytes <-> 128 pkts/160484 bytes][Goodput ratio: 32/95][13.53 sec][ALPN: http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.3 (Fizz)][bytes ratio: -0.883 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 168/2 10403/51 1193/6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 98/1254 637/1454 123/450][TLSv1.2][Client: scontent-mxp1-1.cdninstagram.com][JA3C: 44dab16d680ef93487bc16ad23b3ffb1]
5 TCP 192.168.2.17:49361 <-> 31.13.86.52:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][92 pkts/7098 bytes <-> 120 pkts/162114 bytes][Goodput ratio: 14/95][2.91 sec][ALPN: http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.3 (Fizz)][bytes ratio: -0.916 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 36/1 2657/131 305/13][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 77/1351 592/1454 69/348][TLSv1.2][Client: scontent-mxp1-1.cdninstagram.com][JA3C: 44dab16d680ef93487bc16ad23b3ffb1]
6 TCP 31.13.86.52:80 <-> 192.168.0.103:58216 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][103 pkts/150456 bytes <-> 47 pkts/3102 bytes][Goodput ratio: 95/0][1.71 sec][bytes ratio: 0.960 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 19/41 1246/1247 137/217][Pkt Len c2s/s2c min/avg/max/stddev: 1128/66 1461/66 1464/66 33/0][PLAIN TEXT (dnlN/L)]
7 TCP 192.168.2.17:49357 <-> 31.13.86.52:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][63 pkts/6340 bytes <-> 81 pkts/100966 bytes][Goodput ratio: 34/95][13.54 sec][ALPN: http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.3 (Fizz)][bytes ratio: -0.882 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 263/164 10413/10469 1493/1278][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 101/1246 663/1454 128/466][TLSv1.2][Client: scontent-mxp1-1.cdninstagram.com][JA3C: 44dab16d680ef93487bc16ad23b3ffb1]
8 TCP 192.168.0.103:38816 <-> 46.33.70.160:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][13 pkts/1118 bytes <-> 39 pkts/57876 bytes][Goodput ratio: 23/96][0.07 sec][Host: photos-h.ak.instagram.com][bytes ratio: -0.962 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 6/0 33/2 11/1][Pkt Len c2s/s2c min/avg/max/stddev: 66/1484 86/1484 326/1484 69/0][URL: photos-h.ak.instagram.com/hphotos-ak-xap1/t51.2885-15/e35/10859994_1009433792434447_1627646062_n.jpg?se=7][StatusCode: 200][User-Agent: Instagram 7.1.1 Android (19/4.4.2; 480dpi; 1080x1920; samsung; GT-I9505; jflte; qcom; it_IT)][PLAIN TEXT (GET /hphotos)]
9 TCP 192.168.0.103:58052 <-> 82.85.26.162:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][37 pkts/2702 bytes <-> 38 pkts/54537 bytes][Goodput ratio: 10/95][0.09 sec][Host: photos-g.ak.instagram.com][bytes ratio: -0.906 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2/0 62/2 11/1][Pkt Len c2s/s2c min/avg/max/stddev: 66/396 73/1435 326/1484 42/210][URL: photos-g.ak.instagram.com/hphotos-ak-xaf1/t51.2885-15/e35/11417349_1610424452559638_1559096152_n.jpg?se=7][StatusCode: 200][User-Agent: Instagram 7.1.1 Android (19/4.4.2; 480dpi; 1080x1920; samsung; GT-I9505; jflte; qcom; it_IT)][PLAIN TEXT (GET /hphotos)]
10 TCP 192.168.0.103:44379 <-> 82.85.26.186:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][41 pkts/3392 bytes <-> 40 pkts/50024 bytes][Goodput ratio: 15/95][7.88 sec][Host: photos-e.ak.instagram.com][bytes ratio: -0.873 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 244/12 7254/372 1261/66][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 83/1251 325/1484 56/507][URL: photos-e.ak.instagram.com/hphotos-ak-xaf1/t51.2885-15/e35/11379148_1449120228745316_607477962_n.jpg?se=7][StatusCode: 0][User-Agent: Instagram 7.1.1 Android (19/4.4.2; 480dpi; 1080x1920; samsung; GT-I9505; jflte; qcom; it_IT)][PLAIN TEXT (GET /hphotos)]
11 TCP 192.168.0.103:57936 <-> 82.85.26.162:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][24 pkts/1837 bytes <-> 34 pkts/48383 bytes][Goodput ratio: 14/95][0.51 sec][Host: photos-g.ak.instagram.com][bytes ratio: -0.927 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 28/0 321/2 76/1][Pkt Len c2s/s2c min/avg/max/stddev: 66/186 77/1423 319/1484 51/249][URL: photos-g.ak.instagram.com/hphotos-ak-xaf1/t51.2885-15/e15/11386524_110257619317430_379513654_n.jpg][StatusCode: 200][User-Agent: Instagram 7.1.1 Android (19/4.4.2; 480dpi; 1080x1920; samsung; GT-I9505; jflte; qcom; it_IT)][PLAIN TEXT (GET /hphotos)]
12 TCP 192.168.0.103:33936 <-> 31.13.93.52:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][34 pkts/5555 bytes <-> 34 pkts/40133 bytes][Goodput ratio: 60/94][10.06 sec][bytes ratio: -0.757 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 364/362 7669/7709 1462/1472][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 163/1180 1431/1464 318/495][PLAIN TEXT (ny.iaXs)]
13 TCP 2.22.236.51:80 <-> 192.168.0.103:44151 [proto: 7/HTTP][cat: Web/5][25 pkts/37100 bytes <-> 24 pkts/1584 bytes][Goodput ratio: 96/0][0.04 sec][bytes ratio: 0.918 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1/1 7/7 2/2][Pkt Len c2s/s2c min/avg/max/stddev: 1484/66 1484/66 1484/66 0/0][PLAIN TEXT (inOCIM)]
14 TCP 192.168.0.103:33976 <-> 77.67.29.17:80 [proto: 7/HTTP][cat: Web/5][14 pkts/924 bytes <-> 20 pkts/28115 bytes][Goodput ratio: 0/95][7.36 sec][bytes ratio: -0.936 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 735/0 7321/3 2195/1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 66/1406 66/1484 0/309][PLAIN TEXT (dGQaNFV)]
15 TCP 92.122.48.138:80 <-> 192.168.0.103:41562 [proto: 7/HTTP][cat: Web/5][16 pkts/22931 bytes <-> 9 pkts/594 bytes][Goodput ratio: 95/0][0.02 sec][bytes ratio: 0.950 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1/1 5/4 1/1][Pkt Len c2s/s2c min/avg/max/stddev: 671/66 1433/66 1484/66 197/0][PLAIN TEXT (DD.DOo)]
16 TCP 192.168.0.103:60908 <-> 46.33.70.136:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][10 pkts/1369 bytes <-> 9 pkts/7971 bytes][Goodput ratio: 51/92][0.19 sec][bytes ratio: -0.707 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 19/23 56/88 18/31][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 137/886 375/1484 114/640][Risk: ** Obsolete TLS version (< 1.1) **][TLSv1][Client: igcdn-photos-g-a.akamaihd.net][JA3C: 54ae5fcb0159e2ddf6a50e149221c7c7][ServerNames: a248.e.akamai.net,*.akamaihd.net,*.akamaihd-staging.net,*.akamaized.net,*.akamaized-staging.net][JA3S: 34d6f0ad0a79e4cfdf145e640cc93f78][Issuer: C=NL, L=Amsterdam, O=Verizon Enterprise Solutions, OU=Cybertrust, CN=Verizon Akamai SureServer CA G14-SHA1][Subject: C=US, ST=MA, L=Cambridge, O=Akamai Technologies Inc., CN=a248.e.akamai.net][Certificate SHA-1: EA:5A:20:95:78:D7:09:60:5C:A1:E4:CA:A5:2B:BD:C1:78:FB:23:23][Validity: 2015-06-19 16:52:07 - 2016-06-19 16:52:05][Cipher: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA]
17 TCP 192.168.0.103:44558 <-> 46.33.70.174:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][10 pkts/1545 bytes <-> 7 pkts/4824 bytes][Goodput ratio: 57/90][0.17 sec][bytes ratio: -0.515 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 21/29 79/103 25/38][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 154/689 516/1484 151/647][Risk: ** Obsolete TLS version (< 1.1) **][TLSv1][Client: igcdn-photos-h-a.akamaihd.net][JA3C: 54ae5fcb0159e2ddf6a50e149221c7c7][ServerNames: a248.e.akamai.net,*.akamaihd.net,*.akamaihd-staging.net,*.akamaized.net,*.akamaized-staging.net][JA3S: 7df57c06f869fc3ce509521cae2f75ce][Issuer: C=NL, L=Amsterdam, O=Verizon Enterprise Solutions, OU=Cybertrust, CN=Verizon Akamai SureServer CA G14-SHA1][Subject: C=US, ST=MA, L=Cambridge, O=Akamai Technologies Inc., CN=a248.e.akamai.net][Certificate SHA-1: EA:5A:20:95:78:D7:09:60:5C:A1:E4:CA:A5:2B:BD:C1:78:FB:23:23][Validity: 2015-06-19 16:52:07 - 2016-06-19 16:52:05][Cipher: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA]
18 TCP 31.13.93.52:443 <-> 192.168.0.103:33934 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][6 pkts/4699 bytes <-> 6 pkts/1345 bytes][Goodput ratio: 92/71][2.36 sec][bytes ratio: 0.555 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 590/590 2180/2130 921/894][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 783/224 1464/1015 545/354]
19 TCP 192.168.0.103:41181 <-> 82.85.26.154:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][8 pkts/896 bytes <-> 6 pkts/4671 bytes][Goodput ratio: 40/91][0.16 sec][bytes ratio: -0.678 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 25/11 70/40 27/17][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 112/778 292/1484 81/657][Risk: ** Obsolete TLS version (< 1.1) **][TLSv1][Client: igcdn-photos-a-a.akamaihd.net][JA3C: 54ae5fcb0159e2ddf6a50e149221c7c7][ServerNames: a248.e.akamai.net,*.akamaihd.net,*.akamaihd-staging.net,*.akamaized.net,*.akamaized-staging.net][JA3S: 34d6f0ad0a79e4cfdf145e640cc93f78][Issuer: C=NL, L=Amsterdam, O=Verizon Enterprise Solutions, OU=Cybertrust, CN=Verizon Akamai SureServer CA G14-SHA1][Subject: C=US, ST=MA, L=Cambridge, O=Akamai Technologies Inc., CN=a248.e.akamai.net][Certificate SHA-1: EA:5A:20:95:78:D7:09:60:5C:A1:E4:CA:A5:2B:BD:C1:78:FB:23:23][Validity: 2015-06-19 16:52:07 - 2016-06-19 16:52:05][Cipher: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA]
20 TCP 192.168.0.103:41182 <-> 82.85.26.154:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][8 pkts/896 bytes <-> 6 pkts/4671 bytes][Goodput ratio: 40/91][0.16 sec][bytes ratio: -0.678 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 26/12 71/47 27/20][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 112/778 292/1484 81/657][Risk: ** Obsolete TLS version (< 1.1) **][TLSv1][Client: igcdn-photos-a-a.akamaihd.net][JA3C: 54ae5fcb0159e2ddf6a50e149221c7c7][ServerNames: a248.e.akamai.net,*.akamaihd.net,*.akamaihd-staging.net,*.akamaized.net,*.akamaized-staging.net][JA3S: 34d6f0ad0a79e4cfdf145e640cc93f78][Issuer: C=NL, L=Amsterdam, O=Verizon Enterprise Solutions, OU=Cybertrust, CN=Verizon Akamai SureServer CA G14-SHA1][Subject: C=US, ST=MA, L=Cambridge, O=Akamai Technologies Inc., CN=a248.e.akamai.net][Certificate SHA-1: EA:5A:20:95:78:D7:09:60:5C:A1:E4:CA:A5:2B:BD:C1:78:FB:23:23][Validity: 2015-06-19 16:52:07 - 2016-06-19 16:52:05][Cipher: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA]
21 TCP 192.168.0.103:33763 <-> 31.13.93.52:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][5 pkts/1279 bytes <-> 6 pkts/4118 bytes][Goodput ratio: 74/90][2.48 sec][bytes ratio: -0.526 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 64/51 254/202 110/87][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 256/686 1015/1464 380/610][PLAIN TEXT (kpaeC.)]
22 TCP 192.168.0.103:33935 <-> 31.13.93.52:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][5 pkts/1279 bytes <-> 5 pkts/4020 bytes][Goodput ratio: 74/92][0.22 sec][bytes ratio: -0.517 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 54/43 215/172 93/74][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 256/804 1015/1464 380/595]
23 TCP 192.168.0.103:57965 <-> 82.85.26.185:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][4 pkts/559 bytes <-> 3 pkts/3456 bytes][Goodput ratio: 46/94][0.18 sec][Host: photos-f.ak.instagram.com][bytes ratio: -0.722 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 61/0 184/1 87/0][Pkt Len c2s/s2c min/avg/max/stddev: 78/488 140/1152 325/1484 107/470][URL: photos-f.ak.instagram.com/hphotos-ak-xfa1/t51.2885-15/e35/11424623_1608163109450421_663315883_n.jpg?se=7][StatusCode: 0][User-Agent: Instagram 7.1.1 Android (19/4.4.2; 480dpi; 1080x1920; samsung; GT-I9505; jflte; qcom; it_IT)][PLAIN TEXT (GET /hphotos)]
24 TCP 192.168.0.103:56382 <-> 173.252.107.4:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][9 pkts/1583 bytes <-> 8 pkts/1064 bytes][Goodput ratio: 62/50][0.80 sec][bytes ratio: 0.196 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 94/80 183/182 82/81][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 176/133 530/231 155/70][Risk: ** Obsolete TLS version (< 1.1) **][TLSv1][Client: telegraph-ash.instagram.com][JA3C: 54ae5fcb0159e2ddf6a50e149221c7c7][JA3S: acb741bcdffb787c5a52654c78645bdf][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
25 UDP 192.168.0.106:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][4 pkts/580 bytes -> 0 pkts/0 bytes][Goodput ratio: 71/0][0.01 sec][PLAIN TEXT ( 413767116)]
26 ICMP 192.168.0.103:0 -> 192.168.0.103:0 [proto: 81/ICMP][cat: Network/14][5 pkts/510 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][2.67 sec]
27 UDP 192.168.0.103:51219 <-> 8.8.8.8:53 [proto: 5.211/DNS.Instagram][cat: SocialNetwork/6][1 pkts/89 bytes <-> 1 pkts/305 bytes][Goodput ratio: 52/86][0.05 sec][Host: igcdn-photos-h-a.akamaihd.net][46.33.70.174][PLAIN TEXT (photos)]
28 TCP 192.168.0.103:37350 -> 82.85.26.153:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][1 pkts/324 bytes -> 0 pkts/0 bytes][Goodput ratio: 79/0][< 1 sec][Host: photos-a.ak.instagram.com][URL: photos-a.ak.instagram.com/hphotos-ak-xfa1/t51.2885-15/e35/11248829_853782121373976_909936934_n.jpg?se=7][StatusCode: 0][User-Agent: Instagram 7.1.1 Android (19/4.4.2; 480dpi; 1080x1920; samsung; GT-I9505; jflte; qcom; it_IT)][PLAIN TEXT (GET /hphotos)]
29 TCP 192.168.0.103:58053 -> 82.85.26.162:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][1 pkts/321 bytes -> 0 pkts/0 bytes][Goodput ratio: 79/0][< 1 sec][Host: photos-g.ak.instagram.com][URL: photos-g.ak.instagram.com/hphotos-ak-xfa1/t51.2885-15/e35/11379284_1651416798408214_1525641466_n.jpg][StatusCode: 0][User-Agent: Instagram 7.1.1 Android (19/4.4.2; 480dpi; 1080x1920; samsung; GT-I9505; jflte; qcom; it_IT)][PLAIN TEXT (GET /hphotos)]
30 UDP 192.168.0.103:26540 <-> 8.8.8.8:53 [proto: 5.211/DNS.Instagram][cat: SocialNetwork/6][1 pkts/89 bytes <-> 1 pkts/209 bytes][Goodput ratio: 52/80][0.05 sec][Host: igcdn-photos-g-a.akamaihd.net][46.33.70.136][PLAIN TEXT (photos)]
31 UDP 192.168.0.103:33603 <-> 8.8.8.8:53 [proto: 5.211/DNS.Instagram][cat: SocialNetwork/6][1 pkts/89 bytes <-> 1 pkts/209 bytes][Goodput ratio: 52/80][0.05 sec][Host: igcdn-photos-a-a.akamaihd.net][82.85.26.154][PLAIN TEXT (photos)]
32 TCP 192.168.0.103:38817 <-> 46.33.70.160:80 [proto: 7/HTTP][cat: Web/5][2 pkts/132 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0/0][0.02 sec]
33 TCP 192.168.0.103:57966 <-> 82.85.26.185:80 [proto: 7/HTTP][cat: Web/5][2 pkts/132 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0/0][0.04 sec]
34 TCP 192.168.0.103:58690 -> 46.33.70.159:443 [proto: 91/TLS][cat: Web/5][2 pkts/169 bytes -> 0 pkts/0 bytes][Goodput ratio: 22/0][< 1 sec]
35 UDP 192.168.0.106:17500 -> 192.168.0.255:17500 [proto: 121/Dropbox][cat: Cloud/13][1 pkts/145 bytes -> 0 pkts/0 bytes][Goodput ratio: 71/0][< 1 sec][PLAIN TEXT ( 413767116)]
36 TCP 46.33.70.150:80 <-> 192.168.0.103:40855 [proto: 7/HTTP][cat: Web/5][1 pkts/74 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0/0][< 1 sec]
37 UDP 192.168.0.103:27124 -> 8.8.8.8:53 [proto: 5.211/DNS.Instagram][cat: SocialNetwork/6][1 pkts/85 bytes -> 0 pkts/0 bytes][Goodput ratio: 50/0][< 1 sec][Host: photos-b.ak.instagram.com][::][PLAIN TEXT (photos)]
1 TCP 192.168.2.17:49355 <-> 31.13.86.52:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][456 pkts/33086 bytes <-> 910 pkts/1277296 bytes][Goodput ratio: 9/95][14.29 sec][ALPN: http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.3 (Fizz)][bytes ratio: -0.950 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 38/1 10107/274 547/12][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 73/1404 657/1454 57/231][TLSv1.3 (Fizz)][Client: scontent-mxp1-1.cdninstagram.com][JA3C: 7a29c223fb122ec64d10f0a159e07996][JA3S: f4febc55ea12b31ae17cfb7e614afda8][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,95,0,0,0]
2 TCP 192.168.2.17:49358 <-> 31.13.86.52:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][165 pkts/14193 bytes <-> 223 pkts/295045 bytes][Goodput ratio: 23/95][13.54 sec][ALPN: http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.3 (Fizz)][bytes ratio: -0.908 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 97/3 10201/155 909/18][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 86/1323 654/1454 101/381][TLSv1.2][Client: scontent-mxp1-1.cdninstagram.com][JA3C: 44dab16d680ef93487bc16ad23b3ffb1][Plen Bins: 0,2,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,87,0,0,0]
3 TCP 192.168.2.17:49360 <-> 31.13.86.52:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][153 pkts/11644 bytes <-> 206 pkts/284089 bytes][Goodput ratio: 13/95][2.91 sec][ALPN: http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.3 (Fizz)][bytes ratio: -0.921 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 23/0 2756/16 247/1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 76/1379 592/1454 68/296][TLSv1.2][Client: scontent-mxp1-1.cdninstagram.com][JA3C: 44dab16d680ef93487bc16ad23b3ffb1][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,94,0,0,0]
4 TCP 192.168.2.17:49359 <-> 31.13.86.52:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][102 pkts/9950 bytes <-> 128 pkts/160484 bytes][Goodput ratio: 32/95][13.53 sec][ALPN: http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.3 (Fizz)][bytes ratio: -0.883 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 168/2 10403/51 1193/6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 98/1254 637/1454 123/450][TLSv1.2][Client: scontent-mxp1-1.cdninstagram.com][JA3C: 44dab16d680ef93487bc16ad23b3ffb1][Plen Bins: 2,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,82,0,0,0]
5 TCP 192.168.2.17:49361 <-> 31.13.86.52:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][92 pkts/7098 bytes <-> 120 pkts/162114 bytes][Goodput ratio: 14/95][2.91 sec][ALPN: http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.3 (Fizz)][bytes ratio: -0.916 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 36/1 2657/131 305/13][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 77/1351 592/1454 69/348][TLSv1.2][Client: scontent-mxp1-1.cdninstagram.com][JA3C: 44dab16d680ef93487bc16ad23b3ffb1][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,92,0,0,0]
6 TCP 31.13.86.52:80 <-> 192.168.0.103:58216 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][103 pkts/150456 bytes <-> 47 pkts/3102 bytes][Goodput ratio: 95/0][1.71 sec][bytes ratio: 0.960 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 19/41 1246/1247 137/217][Pkt Len c2s/s2c min/avg/max/stddev: 1128/66 1461/66 1464/66 33/0][PLAIN TEXT (dnlN/L)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,99,0,0,0]
7 TCP 192.168.2.17:49357 <-> 31.13.86.52:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][63 pkts/6340 bytes <-> 81 pkts/100966 bytes][Goodput ratio: 34/95][13.54 sec][ALPN: http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.3 (Fizz)][bytes ratio: -0.882 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 263/164 10413/10469 1493/1278][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 101/1246 663/1454 128/466][TLSv1.2][Client: scontent-mxp1-1.cdninstagram.com][JA3C: 44dab16d680ef93487bc16ad23b3ffb1][Plen Bins: 1,1,1,1,0,1,1,0,0,0,0,0,0,1,0,0,2,0,2,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,82,0,0,0]
8 TCP 192.168.0.103:38816 <-> 46.33.70.160:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][13 pkts/1118 bytes <-> 39 pkts/57876 bytes][Goodput ratio: 23/96][0.07 sec][Host: photos-h.ak.instagram.com][bytes ratio: -0.962 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 6/0 33/2 11/1][Pkt Len c2s/s2c min/avg/max/stddev: 66/1484 86/1484 326/1484 69/0][URL: photos-h.ak.instagram.com/hphotos-ak-xap1/t51.2885-15/e35/10859994_1009433792434447_1627646062_n.jpg?se=7][StatusCode: 200][User-Agent: Instagram 7.1.1 Android (19/4.4.2; 480dpi; 1080x1920; samsung; GT-I9505; jflte; qcom; it_IT)][PLAIN TEXT (GET /hphotos)][Plen Bins: 0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,97,0,0]
9 TCP 192.168.0.103:58052 <-> 82.85.26.162:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][37 pkts/2702 bytes <-> 38 pkts/54537 bytes][Goodput ratio: 10/95][0.09 sec][Host: photos-g.ak.instagram.com][bytes ratio: -0.906 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2/0 62/2 11/1][Pkt Len c2s/s2c min/avg/max/stddev: 66/396 73/1435 326/1484 42/210][URL: photos-g.ak.instagram.com/hphotos-ak-xaf1/t51.2885-15/e35/11417349_1610424452559638_1559096152_n.jpg?se=7][StatusCode: 200][User-Agent: Instagram 7.1.1 Android (19/4.4.2; 480dpi; 1080x1920; samsung; GT-I9505; jflte; qcom; it_IT)][PLAIN TEXT (GET /hphotos)][Plen Bins: 0,0,0,0,0,0,0,0,2,0,2,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,92,0,0]
10 TCP 192.168.0.103:44379 <-> 82.85.26.186:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][41 pkts/3392 bytes <-> 40 pkts/50024 bytes][Goodput ratio: 15/95][7.88 sec][Host: photos-e.ak.instagram.com][bytes ratio: -0.873 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 244/12 7254/372 1261/66][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 83/1251 325/1484 56/507][URL: photos-e.ak.instagram.com/hphotos-ak-xaf1/t51.2885-15/e35/11379148_1449120228745316_607477962_n.jpg?se=7][StatusCode: 0][User-Agent: Instagram 7.1.1 Android (19/4.4.2; 480dpi; 1080x1920; samsung; GT-I9505; jflte; qcom; it_IT)][PLAIN TEXT (GET /hphotos)][Plen Bins: 2,0,9,0,0,0,2,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,80,0,0]
11 TCP 192.168.0.103:57936 <-> 82.85.26.162:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][24 pkts/1837 bytes <-> 34 pkts/48383 bytes][Goodput ratio: 14/95][0.51 sec][Host: photos-g.ak.instagram.com][bytes ratio: -0.927 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 28/0 321/2 76/1][Pkt Len c2s/s2c min/avg/max/stddev: 66/186 77/1423 319/1484 51/249][URL: photos-g.ak.instagram.com/hphotos-ak-xaf1/t51.2885-15/e15/11386524_110257619317430_379513654_n.jpg][StatusCode: 200][User-Agent: Instagram 7.1.1 Android (19/4.4.2; 480dpi; 1080x1920; samsung; GT-I9505; jflte; qcom; it_IT)][PLAIN TEXT (GET /hphotos)][Plen Bins: 0,0,0,2,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,88,0,0]
12 TCP 192.168.0.103:33936 <-> 31.13.93.52:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][34 pkts/5555 bytes <-> 34 pkts/40133 bytes][Goodput ratio: 60/94][10.06 sec][bytes ratio: -0.757 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 364/362 7669/7709 1462/1472][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 163/1180 1431/1464 318/495][PLAIN TEXT (ny.iaXs)][Plen Bins: 0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,2,0,0,2,0,0,0,2,0,0,0,0,0,5,0,2,0,0,0,0,0,0,2,0,0,0,2,70,0,0,0]
13 TCP 2.22.236.51:80 <-> 192.168.0.103:44151 [proto: 7/HTTP][cat: Web/5][25 pkts/37100 bytes <-> 24 pkts/1584 bytes][Goodput ratio: 96/0][0.04 sec][bytes ratio: 0.918 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1/1 7/7 2/2][Pkt Len c2s/s2c min/avg/max/stddev: 1484/66 1484/66 1484/66 0/0][PLAIN TEXT (inOCIM)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0]
14 TCP 192.168.0.103:33976 <-> 77.67.29.17:80 [proto: 7/HTTP][cat: Web/5][14 pkts/924 bytes <-> 20 pkts/28115 bytes][Goodput ratio: 0/95][7.36 sec][bytes ratio: -0.936 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 735/0 7321/3 2195/1][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 66/1406 66/1484 0/309][PLAIN TEXT (dGQaNFV)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,94,0,0]
15 TCP 92.122.48.138:80 <-> 192.168.0.103:41562 [proto: 7/HTTP][cat: Web/5][16 pkts/22931 bytes <-> 9 pkts/594 bytes][Goodput ratio: 95/0][0.02 sec][bytes ratio: 0.950 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1/1 5/4 1/1][Pkt Len c2s/s2c min/avg/max/stddev: 671/66 1433/66 1484/66 197/0][PLAIN TEXT (DD.DOo)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,93,0,0]
16 TCP 192.168.0.103:60908 <-> 46.33.70.136:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][10 pkts/1369 bytes <-> 9 pkts/7971 bytes][Goodput ratio: 51/92][0.19 sec][bytes ratio: -0.707 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 19/23 56/88 18/31][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 137/886 375/1484 114/640][Risk: ** Obsolete TLS version (< 1.1) **][TLSv1][Client: igcdn-photos-g-a.akamaihd.net][JA3C: 54ae5fcb0159e2ddf6a50e149221c7c7][ServerNames: a248.e.akamai.net,*.akamaihd.net,*.akamaihd-staging.net,*.akamaized.net,*.akamaized-staging.net][JA3S: 34d6f0ad0a79e4cfdf145e640cc93f78][Issuer: C=NL, L=Amsterdam, O=Verizon Enterprise Solutions, OU=Cybertrust, CN=Verizon Akamai SureServer CA G14-SHA1][Subject: C=US, ST=MA, L=Cambridge, O=Akamai Technologies Inc., CN=a248.e.akamai.net][Certificate SHA-1: EA:5A:20:95:78:D7:09:60:5C:A1:E4:CA:A5:2B:BD:C1:78:FB:23:23][Validity: 2015-06-19 16:52:07 - 2016-06-19 16:52:05][Cipher: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA][Plen Bins: 0,0,0,0,10,10,0,0,20,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,40,0,0]
17 TCP 192.168.0.103:44558 <-> 46.33.70.174:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][10 pkts/1545 bytes <-> 7 pkts/4824 bytes][Goodput ratio: 57/90][0.17 sec][bytes ratio: -0.515 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 21/29 79/103 25/38][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 154/689 516/1484 151/647][Risk: ** Obsolete TLS version (< 1.1) **][TLSv1][Client: igcdn-photos-h-a.akamaihd.net][JA3C: 54ae5fcb0159e2ddf6a50e149221c7c7][ServerNames: a248.e.akamai.net,*.akamaihd.net,*.akamaihd-staging.net,*.akamaized.net,*.akamaized-staging.net][JA3S: 7df57c06f869fc3ce509521cae2f75ce][Issuer: C=NL, L=Amsterdam, O=Verizon Enterprise Solutions, OU=Cybertrust, CN=Verizon Akamai SureServer CA G14-SHA1][Subject: C=US, ST=MA, L=Cambridge, O=Akamai Technologies Inc., CN=a248.e.akamai.net][Certificate SHA-1: EA:5A:20:95:78:D7:09:60:5C:A1:E4:CA:A5:2B:BD:C1:78:FB:23:23][Validity: 2015-06-19 16:52:07 - 2016-06-19 16:52:05][Cipher: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA][Plen Bins: 0,12,0,0,12,0,12,0,0,12,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,25,0,0]
18 TCP 31.13.93.52:443 <-> 192.168.0.103:33934 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][6 pkts/4699 bytes <-> 6 pkts/1345 bytes][Goodput ratio: 92/71][2.36 sec][bytes ratio: 0.555 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 590/590 2180/2130 921/894][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 783/224 1464/1015 545/354][Plen Bins: 0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,16,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0]
19 TCP 192.168.0.103:41181 <-> 82.85.26.154:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][8 pkts/896 bytes <-> 6 pkts/4671 bytes][Goodput ratio: 40/91][0.16 sec][bytes ratio: -0.678 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 25/11 70/40 27/17][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 112/778 292/1484 81/657][Risk: ** Obsolete TLS version (< 1.1) **][TLSv1][Client: igcdn-photos-a-a.akamaihd.net][JA3C: 54ae5fcb0159e2ddf6a50e149221c7c7][ServerNames: a248.e.akamai.net,*.akamaihd.net,*.akamaihd-staging.net,*.akamaized.net,*.akamaized-staging.net][JA3S: 34d6f0ad0a79e4cfdf145e640cc93f78][Issuer: C=NL, L=Amsterdam, O=Verizon Enterprise Solutions, OU=Cybertrust, CN=Verizon Akamai SureServer CA G14-SHA1][Subject: C=US, ST=MA, L=Cambridge, O=Akamai Technologies Inc., CN=a248.e.akamai.net][Certificate SHA-1: EA:5A:20:95:78:D7:09:60:5C:A1:E4:CA:A5:2B:BD:C1:78:FB:23:23][Validity: 2015-06-19 16:52:07 - 2016-06-19 16:52:05][Cipher: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA][Plen Bins: 0,0,0,0,16,16,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,33,0,0]
20 TCP 192.168.0.103:41182 <-> 82.85.26.154:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][8 pkts/896 bytes <-> 6 pkts/4671 bytes][Goodput ratio: 40/91][0.16 sec][bytes ratio: -0.678 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 26/12 71/47 27/20][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 112/778 292/1484 81/657][Risk: ** Obsolete TLS version (< 1.1) **][TLSv1][Client: igcdn-photos-a-a.akamaihd.net][JA3C: 54ae5fcb0159e2ddf6a50e149221c7c7][ServerNames: a248.e.akamai.net,*.akamaihd.net,*.akamaihd-staging.net,*.akamaized.net,*.akamaized-staging.net][JA3S: 34d6f0ad0a79e4cfdf145e640cc93f78][Issuer: C=NL, L=Amsterdam, O=Verizon Enterprise Solutions, OU=Cybertrust, CN=Verizon Akamai SureServer CA G14-SHA1][Subject: C=US, ST=MA, L=Cambridge, O=Akamai Technologies Inc., CN=a248.e.akamai.net][Certificate SHA-1: EA:5A:20:95:78:D7:09:60:5C:A1:E4:CA:A5:2B:BD:C1:78:FB:23:23][Validity: 2015-06-19 16:52:07 - 2016-06-19 16:52:05][Cipher: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA][Plen Bins: 0,0,0,0,16,16,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,33,0,0]
21 TCP 192.168.0.103:33763 <-> 31.13.93.52:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][5 pkts/1279 bytes <-> 6 pkts/4118 bytes][Goodput ratio: 74/90][2.48 sec][bytes ratio: -0.526 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 64/51 254/202 110/87][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 256/686 1015/1464 380/610][PLAIN TEXT (kpaeC.)][Plen Bins: 0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,40,0,0,0]
22 TCP 192.168.0.103:33935 <-> 31.13.93.52:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][5 pkts/1279 bytes <-> 5 pkts/4020 bytes][Goodput ratio: 74/92][0.22 sec][bytes ratio: -0.517 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 54/43 215/172 93/74][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 256/804 1015/1464 380/595][Plen Bins: 0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,40,0,0,0]
23 TCP 192.168.0.103:57965 <-> 82.85.26.185:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][4 pkts/559 bytes <-> 3 pkts/3456 bytes][Goodput ratio: 46/94][0.18 sec][Host: photos-f.ak.instagram.com][bytes ratio: -0.722 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 61/0 184/1 87/0][Pkt Len c2s/s2c min/avg/max/stddev: 78/488 140/1152 325/1484 107/470][URL: photos-f.ak.instagram.com/hphotos-ak-xfa1/t51.2885-15/e35/11424623_1608163109450421_663315883_n.jpg?se=7][StatusCode: 0][User-Agent: Instagram 7.1.1 Android (19/4.4.2; 480dpi; 1080x1920; samsung; GT-I9505; jflte; qcom; it_IT)][PLAIN TEXT (GET /hphotos)][Plen Bins: 0,0,0,0,0,0,0,0,25,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0]
24 TCP 192.168.0.103:56382 <-> 173.252.107.4:443 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][9 pkts/1583 bytes <-> 8 pkts/1064 bytes][Goodput ratio: 62/50][0.80 sec][bytes ratio: 0.196 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 94/80 183/182 82/81][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 176/133 530/231 155/70][Risk: ** Obsolete TLS version (< 1.1) **][TLSv1][Client: telegraph-ash.instagram.com][JA3C: 54ae5fcb0159e2ddf6a50e149221c7c7][JA3S: acb741bcdffb787c5a52654c78645bdf][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,12,12,0,25,12,12,12,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
25 UDP 192.168.0.106:17500 -> 255.255.255.255:17500 [proto: 121/Dropbox][cat: Cloud/13][4 pkts/580 bytes -> 0 pkts/0 bytes][Goodput ratio: 71/0][0.01 sec][PLAIN TEXT ( 413767116)][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
26 ICMP 192.168.0.103:0 -> 192.168.0.103:0 [proto: 81/ICMP][cat: Network/14][5 pkts/510 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][2.67 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
27 UDP 192.168.0.103:51219 <-> 8.8.8.8:53 [proto: 5.211/DNS.Instagram][cat: SocialNetwork/6][1 pkts/89 bytes <-> 1 pkts/305 bytes][Goodput ratio: 52/86][0.05 sec][Host: igcdn-photos-h-a.akamaihd.net][46.33.70.174][PLAIN TEXT (photos)][Plen Bins: 0,50,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
28 TCP 192.168.0.103:37350 -> 82.85.26.153:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][1 pkts/324 bytes -> 0 pkts/0 bytes][Goodput ratio: 79/0][< 1 sec][Host: photos-a.ak.instagram.com][URL: photos-a.ak.instagram.com/hphotos-ak-xfa1/t51.2885-15/e35/11248829_853782121373976_909936934_n.jpg?se=7][StatusCode: 0][User-Agent: Instagram 7.1.1 Android (19/4.4.2; 480dpi; 1080x1920; samsung; GT-I9505; jflte; qcom; it_IT)][PLAIN TEXT (GET /hphotos)][Plen Bins: 0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
29 TCP 192.168.0.103:58053 -> 82.85.26.162:80 [proto: 7.211/HTTP.Instagram][cat: SocialNetwork/6][1 pkts/321 bytes -> 0 pkts/0 bytes][Goodput ratio: 79/0][< 1 sec][Host: photos-g.ak.instagram.com][URL: photos-g.ak.instagram.com/hphotos-ak-xfa1/t51.2885-15/e35/11379284_1651416798408214_1525641466_n.jpg][StatusCode: 0][User-Agent: Instagram 7.1.1 Android (19/4.4.2; 480dpi; 1080x1920; samsung; GT-I9505; jflte; qcom; it_IT)][PLAIN TEXT (GET /hphotos)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
30 UDP 192.168.0.103:26540 <-> 8.8.8.8:53 [proto: 5.211/DNS.Instagram][cat: SocialNetwork/6][1 pkts/89 bytes <-> 1 pkts/209 bytes][Goodput ratio: 52/80][0.05 sec][Host: igcdn-photos-g-a.akamaihd.net][46.33.70.136][PLAIN TEXT (photos)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
31 UDP 192.168.0.103:33603 <-> 8.8.8.8:53 [proto: 5.211/DNS.Instagram][cat: SocialNetwork/6][1 pkts/89 bytes <-> 1 pkts/209 bytes][Goodput ratio: 52/80][0.05 sec][Host: igcdn-photos-a-a.akamaihd.net][82.85.26.154][PLAIN TEXT (photos)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
32 TCP 192.168.0.103:38817 <-> 46.33.70.160:80 [proto: 7/HTTP][cat: Web/5][2 pkts/132 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0/0][0.02 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
33 TCP 192.168.0.103:57966 <-> 82.85.26.185:80 [proto: 7/HTTP][cat: Web/5][2 pkts/132 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0/0][0.04 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
34 TCP 192.168.0.103:58690 -> 46.33.70.159:443 [proto: 91/TLS][cat: Web/5][2 pkts/169 bytes -> 0 pkts/0 bytes][Goodput ratio: 22/0][< 1 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
35 UDP 192.168.0.106:17500 -> 192.168.0.255:17500 [proto: 121/Dropbox][cat: Cloud/13][1 pkts/145 bytes -> 0 pkts/0 bytes][Goodput ratio: 71/0][< 1 sec][PLAIN TEXT ( 413767116)][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
36 TCP 46.33.70.150:80 <-> 192.168.0.103:40855 [proto: 7/HTTP][cat: Web/5][1 pkts/74 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
37 UDP 192.168.0.103:27124 -> 8.8.8.8:53 [proto: 5.211/DNS.Instagram][cat: SocialNetwork/6][1 pkts/85 bytes -> 0 pkts/0 bytes][Goodput ratio: 50/0][< 1 sec][Host: photos-b.ak.instagram.com][::][PLAIN TEXT (photos)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Undetected flows:
1 UDP 192.168.0.1:520 -> 192.168.0.255:520 [proto: 0/Unknown][1 pkts/66 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][< 1 sec]
1 UDP 192.168.0.1:520 -> 192.168.0.255:520 [proto: 0/Unknown][1 pkts/66 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

102
tests/result/iphone.pcap.out
View file

@ -16,57 +16,57 @@ JA3 Host Stats:
1 192.168.2.17 2
1 TCP 192.168.2.17:50581 <-> 17.248.185.87:443 [proto: 91.143/TLS.AppleiCloud][cat: Web/5][56 pkts/68759 bytes <-> 21 pkts/9571 bytes][Goodput ratio: 95/85][2.03 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: 0.756 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 34/111 655/803 103/219][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 1228/456 1506/1506 541/618][TLSv1.2][Client: p26-keyvalueservice.icloud.com][JA3C: 6fa3244afc6bb6f9fad207b6b52af26b][ServerNames: p62-keyvalueservice.icloud.com,p41-keyvalueservice.icloud.com,p97-keyvalueservice.icloud.com,p28-keyvalueservice.icloud.com,p32-keyvalueservice.icloud.com,p56-keyvalueservice.icloud.com,p33-keyvalueservice.icloud.com,p37-keyvalueservice.icloud.com,p67-keyvalueservice.icloud.com,p70-keyvalueservice.icloud.com,p63-keyvalueservice.icloud.com,p07-keyvalueservice.icloud.com,p52-keyvalueservice.icloud.com,p18-keyvalueservice.icloud.com,p21-keyvalueservice.icloud.com,p17-keyvalueservice.icloud.com,p36-keyvalueservice.icloud.com,p19-keyvalueservice.icloud.com,p26-keyvalueservice.icloud.com,p55-keyvalueservice.icloud.com,p06-keyvalueservice.icloud.com,p23-keyvalueservice.icloud.com,p65-keyvalueservice.icloud.com,p58-keyvalueservice.icloud.com,p35-keyvalueservice.icloud.com,p42-keyvalueservice.icloud.com,p12-keyvalueservice.icloud.com,p15-keyvalueservice.icloud.com,p16-keyvalueservice.icloud.com,p29-keyvalueservice.icloud.com,p39-keyvalueservice.icloud.com,p71-keyvalueservice.icloud.com,p22-keyvalueservice.icloud.com,p40-keyvalueservice.icloud.com,p11-keyvalueservice.icloud.com,p66-keyvalueservice.icloud.com,p68-keyvalueservice.icloud.com,p201-keyvalueservice.icloud.com,p10-keyvalueservice.icloud.com,p61-keyvalueservice.icloud.com,p30-keyvalueservice.icloud.com,p01-keyvalueservice.icloud.com,p14-keyvalueservice.icloud.com,p50-keyvalueservice.icloud.com,p31-keyvalueservice.icloud.com,p47-keyvalueservice.icloud.com,p48-keyvalueservice.icloud.com,p20-keyvalueservice.icloud.com,p51-keyvalueservice.icloud.com,p27-keyvalueservice.icloud.com,p49-keyvalueservice.icloud.com,p03-keyvalueservice.icloud.com,p24-keyvalueservice.icloud.com,p25-keyvalueservice.icloud.com,p08-keyvalueservice.icloud.com,p13-keyvalueservice.icloud.com,p04-keyvalueservice.icloud.com,p05-keyvalueservice.icloud.com,p02-keyvalueservice.icloud.com,p09-keyvalueservice.icloud.com,p57-keyvalueservice.icloud.com,p59-keyvalueservice.icloud.com,p64-keyvalueservice.icloud.com,p38-keyvalueservice.icloud.com,p54-keyvalueservice.icloud.com,p72-keyvalueservice.icloud.com,keyvalueservice.icloud.com,p69-keyvalueservice.icloud.com,p43-keyvalueservice.icloud.com,p45-keyvalueservice.icloud.com,p202-keyvalueservice.icloud.com,p98-keyvalueservice.icloud.com,p34-keyvalueservice.icloud.com,p44-keyvalueservice.icloud.com,p46-keyvalueservice.icloud.com,p53-keyvalueservice.icloud.com,p60-keyvalueservice.icloud.com][JA3S: 1e60202b4001a190621caa963fb76697][Issuer: CN=Apple IST CA 2 - G1, OU=Certification Authority, O=Apple Inc., C=US][Subject: CN=keyvalueservice.icloud.com, O=Apple Inc., ST=California, C=US][Certificate SHA-1: D8:84:3B:15:06:49:1C:72:C4:05:C0:F0:82:3B:43:4A:D1:8F:D5:9F][Validity: 2019-12-09 19:35:05 - 2021-01-07 19:45:00][Cipher: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384]
2 TCP 192.168.2.17:50575 <-> 17.248.185.140:443 [proto: 91.143/TLS.AppleiCloud][cat: Web/5][13 pkts/3193 bytes <-> 12 pkts/11035 bytes][Goodput ratio: 73/93][0.81 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.551 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 49/63 154/164 68/71][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 246/920 1224/1506 340/643][TLSv1.2][Client: p26-fmfmobile.icloud.com][JA3C: 6fa3244afc6bb6f9fad207b6b52af26b][ServerNames: p67-fmfmobile.icloud.com,p48-fmfmobile.icloud.com,p53-fmfmobile.icloud.com,p34-fmfmobile.icloud.com,p72-fmfmobile.icloud.com,fmfmobile.icloud.com,p08-fmfmobile.icloud.com,p12-fmfmobile.icloud.com,p02-fmfmobile.icloud.com,p29-fmfmobile.icloud.com,p52-fmfmobile.icloud.com,p26-fmfmobile.icloud.com,p06-fmfmobile.icloud.com,p97-fmfmobile.icloud.com,p41-fmfmobile.icloud.com,p40-fmfmobile.icloud.com,p18-fmfmobile.icloud.com,p55-fmfmobile.icloud.com,p70-fmfmobile.icloud.com,p32-fmfmobile.icloud.com,p69-fmfmobile.icloud.com,p17-fmfmobile.icloud.com,p13-fmfmobile.icloud.com,p38-fmfmobile.icloud.com,p11-fmfmobile.icloud.com,p21-fmfmobile.icloud.com,p27-fmfmobile.icloud.com,p42-fmfmobile.icloud.com,p37-fmfmobile.icloud.com,p56-fmfmobile.icloud.com,p50-fmfmobile.icloud.com,p58-fmfmobile.icloud.com,p39-fmfmobile.icloud.com,p45-fmfmobile.icloud.com,p49-fmfmobile.icloud.com,p68-fmfmobile.icloud.com,p10-fmfmobile.icloud.com,p22-fmfmobile.icloud.com,p07-fmfmobile.icloud.com,p25-fmfmobile.icloud.com,p20-fmfmobile.icloud.com,p71-fmfmobile.icloud.com,p05-fmfmobile.icloud.com,p98-fmfmobile.icloud.com,p66-fmfmobile.icloud.com,p15-fmfmobile.icloud.com,p16-fmfmobile.icloud.com,p44-fmfmobile.icloud.com,p04-fmfmobile.icloud.com,p09-fmfmobile.icloud.com,p23-fmfmobile.icloud.com,p61-fmfmobile.icloud.com,p30-fmfmobile.icloud.com,p46-fmfmobile.icloud.com,p60-fmfmobile.icloud.com,p43-fmfmobile.icloud.com,p57-fmfmobile.icloud.com,p14-fmfmobile.icloud.com,p03-fmfmobile.icloud.com,p36-fmfmobile.icloud.com,p64-fmfmobile.icloud.com,p28-fmfmobile.icloud.com,p24-fmfmobile.icloud.com,p202-fmfmobile.icloud.com,p01-fmfmobile.icloud.com,p62-fmfmobile.icloud.com,p47-fmfmobile.icloud.com,p35-fmfmobile.icloud.com,p65-fmfmobile.icloud.com,p31-fmfmobile.icloud.com,p63-fmfmobile.icloud.com,p19-fmfmobile.icloud.com,p33-fmfmobile.icloud.com,p51-fmfmobile.icloud.com,p54-fmfmobile.icloud.com,p59-fmfmobile.icloud.com,p201-fmfmobile.icloud.com][JA3S: 1e60202b4001a190621caa963fb76697][Issuer: CN=Apple IST CA 2 - G1, OU=Certification Authority, O=Apple Inc., C=US][Subject: CN=fmfmobile.icloud.com, O=Apple Inc., ST=California, C=US][Certificate SHA-1: FF:C3:9F:1A:A1:3C:D2:3C:06:96:EC:49:B4:97:A9:D3:DA:05:A3:E2][Validity: 2019-12-09 19:44:02 - 2021-01-07 19:54:00][Cipher: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384]
3 TCP 192.168.2.17:50580 <-> 17.248.176.75:443 [proto: 91.143/TLS.AppleiCloud][cat: Web/5][25 pkts/5755 bytes <-> 20 pkts/8110 bytes][Goodput ratio: 71/84][2.03 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.170 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 86/55 651/521 172/132][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 230/406 1128/1506 292/508][TLSv1.2][Client: gateway.icloud.com][JA3C: 6fa3244afc6bb6f9fad207b6b52af26b][ServerNames: gateway-india.icloud.com,gateway-carry.icloud.com,gateway.icloud.com,gateway-australia.icloud.com,gateway-sandbox.icloud.com][JA3S: 1e60202b4001a190621caa963fb76697][Issuer: CN=Apple IST CA 2 - G1, OU=Certification Authority, O=Apple Inc., C=US][Subject: CN=gateway.icloud.com, O=Apple Inc., ST=California, C=US][Certificate SHA-1: D2:DA:1C:68:0C:91:A7:DB:BA:B2:2D:29:06:DB:57:42:10:3D:3A:FE][Validity: 2019-10-08 18:46:14 - 2020-11-06 18:56:00][Cipher: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384]
4 TCP 192.168.2.17:50587 <-> 92.123.77.26:443 [proto: 91.145/TLS.AppleiTunes][cat: Streaming/17][19 pkts/4724 bytes <-> 15 pkts/7108 bytes][Goodput ratio: 73/86][0.49 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.201 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 32/17 146/147 52/42][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 249/474 1506/1506 367/538][TLSv1.3][Client: play.itunes.apple.com][JA3C: 6fa3244afc6bb6f9fad207b6b52af26b][JA3S: 15af977ce25de452b96affa2addb1036][Cipher: TLS_AES_256_GCM_SHA384]
5 TCP 192.168.2.17:50588 <-> 95.101.24.53:443 [proto: 91.145/TLS.AppleiTunes][cat: Streaming/17][16 pkts/3753 bytes <-> 12 pkts/7714 bytes][Goodput ratio: 72/90][0.17 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.345 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 10/10 37/56 15/20][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 235/643 1506/1506 366/607][TLSv1.3][Client: sync.itunes.apple.com][JA3C: 6fa3244afc6bb6f9fad207b6b52af26b][JA3S: 15af977ce25de452b96affa2addb1036][Cipher: TLS_AES_256_GCM_SHA384]
6 TCP 192.168.2.17:50576 <-> 95.101.25.53:443 [proto: 91.140/TLS.Apple][cat: Web/5][15 pkts/2056 bytes <-> 12 pkts/8828 bytes][Goodput ratio: 49/91][0.38 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.622 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 7/22 36/80 13/32][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 137/736 583/1506 158/574][TLSv1.3][Client: gspe35-ssl.ls.apple.com][JA3C: 55271a105172d5f225e4704755b9b250][JA3S: 15af977ce25de452b96affa2addb1036][Cipher: TLS_AES_256_GCM_SHA384]
7 TCP 192.168.2.17:50584 <-> 17.248.176.75:443 [proto: 91.143/TLS.AppleiCloud][cat: Web/5][18 pkts/3421 bytes <-> 14 pkts/6608 bytes][Goodput ratio: 65/86][1.06 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.318 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 37/19 167/155 58/46][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 190/472 1084/1506 257/577][TLSv1.2][Client: gateway.icloud.com][JA3C: 6fa3244afc6bb6f9fad207b6b52af26b][ServerNames: gateway-india.icloud.com,gateway-carry.icloud.com,gateway.icloud.com,gateway-australia.icloud.com,gateway-sandbox.icloud.com][JA3S: 1e60202b4001a190621caa963fb76697][Issuer: CN=Apple IST CA 2 - G1, OU=Certification Authority, O=Apple Inc., C=US][Subject: CN=gateway.icloud.com, O=Apple Inc., ST=California, C=US][Certificate SHA-1: D2:DA:1C:68:0C:91:A7:DB:BA:B2:2D:29:06:DB:57:42:10:3D:3A:FE][Validity: 2019-10-08 18:46:14 - 2020-11-06 18:56:00][Cipher: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384]
8 TCP 192.168.2.17:50586 <-> 17.248.176.75:443 [proto: 91.143/TLS.AppleiCloud][cat: Web/5][17 pkts/3443 bytes <-> 13 pkts/6470 bytes][Goodput ratio: 67/87][0.54 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.305 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 38/20 162/160 58/48][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 203/498 1084/1506 268/585][TLSv1.2][Client: gateway.icloud.com][JA3C: 6fa3244afc6bb6f9fad207b6b52af26b][ServerNames: gateway-india.icloud.com,gateway-carry.icloud.com,gateway.icloud.com,gateway-australia.icloud.com,gateway-sandbox.icloud.com][JA3S: 1e60202b4001a190621caa963fb76697][Issuer: CN=Apple IST CA 2 - G1, OU=Certification Authority, O=Apple Inc., C=US][Subject: CN=gateway.icloud.com, O=Apple Inc., ST=California, C=US][Certificate SHA-1: D2:DA:1C:68:0C:91:A7:DB:BA:B2:2D:29:06:DB:57:42:10:3D:3A:FE][Validity: 2019-10-08 18:46:14 - 2020-11-06 18:56:00][Cipher: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384]
9 TCP 192.168.2.17:50583 <-> 104.73.61.30:443 [proto: 91.140/TLS.Apple][cat: Web/5][7 pkts/1003 bytes <-> 7 pkts/6968 bytes][Goodput ratio: 51/93][0.19 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.748 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 38/9 123/46 46/18][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 143/995 583/1506 180/593][TLSv1.3][Client: cl4.apple.com][JA3C: 6fa3244afc6bb6f9fad207b6b52af26b][JA3S: 15af977ce25de452b96affa2addb1036][Cipher: TLS_AES_256_GCM_SHA384]
10 TCP 192.168.2.17:50579 <-> 17.253.105.202:443 [proto: 91.140/TLS.Apple][cat: Web/5][12 pkts/1803 bytes <-> 8 pkts/5395 bytes][Goodput ratio: 55/90][2.30 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.499 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 217/22 1961/130 583/48][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 150/674 583/1506 169/571][TLSv1.3][Client: mesu.apple.com][JA3C: 6fa3244afc6bb6f9fad207b6b52af26b][JA3S: f4febc55ea12b31ae17cfb7e614afda8][Cipher: TLS_AES_128_GCM_SHA256]
11 TCP 192.168.2.17:50578 <-> 17.253.105.202:443 [proto: 91.140/TLS.Apple][cat: Web/5][12 pkts/1781 bytes <-> 8 pkts/5395 bytes][Goodput ratio: 55/90][2.30 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.504 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 227/22 1825/131 537/49][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 148/674 583/1506 166/571][TLSv1.3][Client: mesu.apple.com][JA3C: 6fa3244afc6bb6f9fad207b6b52af26b][JA3S: f4febc55ea12b31ae17cfb7e614afda8][Cipher: TLS_AES_128_GCM_SHA256]
12 TCP 192.168.2.17:50582 <-> 92.122.252.82:443 [proto: 91.140/TLS.Apple][cat: Web/5][6 pkts/925 bytes <-> 6 pkts/5702 bytes][Goodput ratio: 56/93][0.17 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.721 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 42/25 122/123 49/49][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 154/950 583/1506 192/630][TLSv1.3][Client: iphone-ld.apple.com][JA3C: 6fa3244afc6bb6f9fad207b6b52af26b][JA3S: 15af977ce25de452b96affa2addb1036][Cipher: TLS_AES_256_GCM_SHA384]
13 TCP 192.168.2.17:50577 <-> 17.130.2.46:443 [proto: 91.140/TLS.Apple][cat: Web/5][10 pkts/1721 bytes <-> 8 pkts/4801 bytes][Goodput ratio: 61/89][0.67 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.472 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 81/52 171/161 80/73][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 172/600 583/1506 165/572][TLSv1.2][Client: gsp85-ssl.ls.apple.com][JA3C: 55271a105172d5f225e4704755b9b250][ServerNames: *.ls.apple.com][JA3S: 4ef1b297bb817d8212165a86308bac5f][Issuer: CN=Apple IST CA 2 - G1, OU=Certification Authority, O=Apple Inc., C=US][Subject: CN=*.ls.apple.com, OU=management:idms.group.576486, O=Apple Inc., ST=California, C=US][Certificate SHA-1: E4:85:25:4C:99:F8:FB:66:49:4B:80:64:5E:63:2A:75:9B:8F:C3:51][Validity: 2019-03-15 23:17:29 - 2021-04-13 23:17:29][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
14 TCP 192.168.2.17:50585 <-> 17.137.166.35:443 [proto: 91.140/TLS.Apple][cat: Web/5][6 pkts/1051 bytes <-> 6 pkts/4246 bytes][Goodput ratio: 61/90][1.05 sec][ALPN: http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.603 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 132/52 322/206 138/89][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 175/708 583/1506 188/647][TLSv1.2][Client: gsa.apple.com][JA3C: 6fa3244afc6bb6f9fad207b6b52af26b][ServerNames: gsas.apple.com,gsa.apple.com][JA3S: c4b2785a87896e19d37eee932070cb22][Issuer: CN=Apple Server Authentication CA, OU=Certification Authority, O=Apple Inc., C=US][Subject: CN=gsa.apple.com, O=Apple Inc., ST=California, C=US][Certificate SHA-1: D4:EF:5E:AD:7F:D5:13:5B:9F:B2:B9:84:19:75:BB:ED:53:FB:18:D6][Validity: 2019-03-07 00:55:40 - 2020-04-05 00:55:40][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
15 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][7 pkts/2394 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][43.15 sec][Host: lucas-imac][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1022/0 7191/0 8962/0 2834/0][Pkt Len c2s/s2c min/avg/max/stddev: 342/0 342/0 342/0 0/0][DHCP Fingerprint: 1,121,3,6,15,119,252,95,44,46][PLAIN TEXT (iPhone)]
16 UDP 169.254.225.216:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][4 pkts/2123 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][33.08 sec][Lucas iMac._odisk._tcp.local][PLAIN TEXT (s iMac)]
17 UDP 192.168.2.1:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][4 pkts/2094 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][33.08 sec][Lucas iMac._odisk._tcp.local][PLAIN TEXT (s iMac)]
18 UDP [fe80::c42c:3ff:fe60:6a64]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][3 pkts/2067 bytes -> 0 pkts/0 bytes][Goodput ratio: 91/0][33.08 sec][Lucas iMac._odisk._tcp.local][PLAIN TEXT (s iMac)]
19 TCP 192.168.2.17:49152 <-> 17.253.105.202:80 [proto: 7.140/HTTP.Apple][cat: Web/5][5 pkts/473 bytes <-> 4 pkts/968 bytes][Goodput ratio: 28/72][0.33 sec][Host: captive.apple.com][bytes ratio: -0.344 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/2 82/80 171/158 82/78][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 95/242 197/762 51/300][URL: captive.apple.com/hotspot-detect.html][StatusCode: 200][Content-Type: text/html][User-Agent: CaptiveNetworkSupport-390.60.1 wispr][PLAIN TEXT (GET /hotspot)]
20 UDP 192.168.2.1:17500 -> 192.168.2.255:17500 [proto: 121/Dropbox][cat: Cloud/13][2 pkts/1104 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][30.05 sec][PLAIN TEXT (version)]
21 UDP 192.168.2.1:67 -> 192.168.2.17:68 [proto: 18/DHCP][cat: Network/14][2 pkts/684 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][1.02 sec][PLAIN TEXT (iMac.local)]
22 UDP [fe80::823:3f17:8298:a29c]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][4 pkts/512 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][3.56 sec][PLAIN TEXT (homekit)]
23 UDP 192.168.2.17:63381 <-> 192.168.2.1:53 [proto: 5.143/DNS.AppleiCloud][cat: Web/5][1 pkts/90 bytes <-> 1 pkts/264 bytes][Goodput ratio: 53/84][0.04 sec][Host: p26-keyvalueservice.icloud.com][17.248.185.87][PLAIN TEXT (valueservice)]
24 ICMP 192.168.2.17:0 -> 192.168.2.1:0 [proto: 81/ICMP][cat: Network/14][5 pkts/350 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][0.34 sec]
25 UDP 192.168.2.17:63143 <-> 192.168.2.1:53 [proto: 5.143/DNS.AppleiCloud][cat: Web/5][1 pkts/84 bytes <-> 1 pkts/252 bytes][Goodput ratio: 49/83][0.04 sec][Host: p26-fmfmobile.icloud.com][17.248.185.140][PLAIN TEXT (fmfmobile)]
26 UDP 192.168.2.17:52852 <-> 192.168.2.1:53 [proto: 5.143/DNS.AppleiCloud][cat: Web/5][1 pkts/78 bytes <-> 1 pkts/244 bytes][Goodput ratio: 46/82][0.04 sec][Host: gateway.icloud.com][17.248.176.75][PLAIN TEXT (gateway)]
27 UDP 192.168.2.17:53272 <-> 192.168.2.1:53 [proto: 5.145/DNS.AppleiTunes][cat: Streaming/17][1 pkts/81 bytes <-> 1 pkts/241 bytes][Goodput ratio: 48/82][0.05 sec][Host: play.itunes.apple.com][92.123.77.26][PLAIN TEXT (itunes)]
28 UDP 192.168.2.17:65079 <-> 192.168.2.1:53 [proto: 5.145/DNS.AppleiTunes][cat: Streaming/17][1 pkts/81 bytes <-> 1 pkts/241 bytes][Goodput ratio: 48/82][0.00 sec][Host: play.itunes.apple.com][92.123.77.26][PLAIN TEXT (itunes)]
29 UDP 192.168.2.17:61862 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][cat: Web/5][1 pkts/83 bytes <-> 1 pkts/227 bytes][Goodput ratio: 49/81][0.04 sec][Host: gspe35-ssl.ls.apple.com][95.101.25.53][PLAIN TEXT (gspe35)]
30 UDP 192.168.2.17:49880 <-> 192.168.2.1:53 [proto: 5.145/DNS.AppleiTunes][cat: Streaming/17][1 pkts/81 bytes <-> 1 pkts/222 bytes][Goodput ratio: 48/81][0.05 sec][Host: init.itunes.apple.com][95.101.24.53][PLAIN TEXT (itunes)]
31 UDP 192.168.2.17:53317 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][cat: Web/5][1 pkts/79 bytes <-> 1 pkts/224 bytes][Goodput ratio: 46/81][0.04 sec][Host: iphone-ld.apple.com][92.122.252.82][PLAIN TEXT (iphone)]
32 UDP 192.168.2.17:63677 <-> 192.168.2.1:53 [proto: 5.145/DNS.AppleiTunes][cat: Streaming/17][1 pkts/81 bytes <-> 1 pkts/222 bytes][Goodput ratio: 48/81][0.04 sec][Host: sync.itunes.apple.com][95.101.24.53][PLAIN TEXT (itunes)]
33 UDP 192.168.2.17:53983 <-> 192.168.2.1:53 [proto: 5.145/DNS.AppleiTunes][cat: Streaming/17][1 pkts/80 bytes <-> 1 pkts/221 bytes][Goodput ratio: 47/81][0.05 sec][Host: bag.itunes.apple.com][95.101.24.53][PLAIN TEXT (itunes)]
34 UDP 192.168.2.17:63377 <-> 192.168.2.1:53 [proto: 5.145/DNS.AppleiTunes][cat: Streaming/17][1 pkts/80 bytes <-> 1 pkts/221 bytes][Goodput ratio: 47/81][0.05 sec][Host: bag.itunes.apple.com][95.101.24.53][PLAIN TEXT (itunes)]
35 UDP 192.168.2.17:51007 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][cat: Web/5][1 pkts/77 bytes <-> 1 pkts/221 bytes][Goodput ratio: 45/81][0.04 sec][Host: captive.apple.com][17.253.105.202][PLAIN TEXT (captive)]
36 UDP 192.168.2.17:55457 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][cat: Web/5][1 pkts/74 bytes <-> 1 pkts/214 bytes][Goodput ratio: 43/80][0.04 sec][Host: mesu.apple.com][17.253.105.202][PLAIN TEXT (akadns)]
37 UDP 192.168.2.17:62526 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][cat: Web/5][1 pkts/73 bytes <-> 1 pkts/212 bytes][Goodput ratio: 42/80][0.05 sec][Host: cl4.apple.com][104.73.61.30][PLAIN TEXT (origin)]
38 UDP 192.168.2.17:52682 <-> 192.168.2.1:53 [proto: 5.143/DNS.AppleiCloud][cat: Web/5][1 pkts/74 bytes <-> 1 pkts/203 bytes][Goodput ratio: 43/79][0.04 sec][Host: www.icloud.com][23.45.74.46][PLAIN TEXT (icloud)]
39 ICMPV6 [fe80::823:3f17:8298:a29c]:0 -> [ff02::16]:0 [proto: 102/ICMPV6][cat: Network/14][2 pkts/260 bytes -> 0 pkts/0 bytes][Goodput ratio: 52/0][1.00 sec]
40 UDP 192.168.2.17:55914 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][cat: Web/5][1 pkts/82 bytes <-> 1 pkts/146 bytes][Goodput ratio: 48/71][0.04 sec][Host: gsp85-ssl.ls.apple.com][17.130.2.46][PLAIN TEXT (akadns)]
41 UDP 192.168.2.17:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][2 pkts/216 bytes -> 0 pkts/0 bytes][Goodput ratio: 61/0][1.02 sec][PLAIN TEXT (homekit)]
42 UDP 192.168.2.17:64203 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][cat: Web/5][1 pkts/80 bytes <-> 1 pkts/135 bytes][Goodput ratio: 47/68][0.04 sec][Host: basejumper.apple.com][::][PLAIN TEXT (basejumper)]
43 UDP 192.168.2.17:52031 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][cat: Web/5][1 pkts/73 bytes <-> 1 pkts/127 bytes][Goodput ratio: 42/66][0.03 sec][Host: gsa.apple.com][17.137.166.35][PLAIN TEXT (akadns)]
44 UDP 192.168.2.17:62160 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][cat: Web/5][1 pkts/73 bytes <-> 1 pkts/127 bytes][Goodput ratio: 42/66][0.04 sec][Host: gsa.apple.com][17.137.166.35][PLAIN TEXT (akadns)]
45 UDP 192.168.2.1:57621 -> 192.168.2.255:57621 [proto: 156/Spotify][cat: Music/25][2 pkts/172 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][30.01 sec][PLAIN TEXT (SpotUdp)]
46 UDP 169.254.225.216:60538 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/168 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][< 1 sec][PLAIN TEXT (SEARCH )]
47 UDP 192.168.2.1:51411 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/168 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][< 1 sec][PLAIN TEXT (SEARCH )]
48 ICMPV6 [fe80::823:3f17:8298:a29c]:0 -> [ff02::2]:0 [proto: 102/ICMPV6][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 6/0][4.21 sec]
49 ICMPV6 [::]:0 -> [ff02::1:ff98:a29c]:0 [proto: 102/ICMPV6][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 28/0][< 1 sec]
50 IGMP 192.168.2.17:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network/14][1 pkts/54 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
1 TCP 192.168.2.17:50581 <-> 17.248.185.87:443 [proto: 91.143/TLS.AppleiCloud][cat: Web/5][56 pkts/68759 bytes <-> 21 pkts/9571 bytes][Goodput ratio: 95/85][2.03 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: 0.756 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 34/111 655/803 103/219][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 1228/456 1506/1506 541/618][TLSv1.2][Client: p26-keyvalueservice.icloud.com][JA3C: 6fa3244afc6bb6f9fad207b6b52af26b][ServerNames: p62-keyvalueservice.icloud.com,p41-keyvalueservice.icloud.com,p97-keyvalueservice.icloud.com,p28-keyvalueservice.icloud.com,p32-keyvalueservice.icloud.com,p56-keyvalueservice.icloud.com,p33-keyvalueservice.icloud.com,p37-keyvalueservice.icloud.com,p67-keyvalueservice.icloud.com,p70-keyvalueservice.icloud.com,p63-keyvalueservice.icloud.com,p07-keyvalueservice.icloud.com,p52-keyvalueservice.icloud.com,p18-keyvalueservice.icloud.com,p21-keyvalueservice.icloud.com,p17-keyvalueservice.icloud.com,p36-keyvalueservice.icloud.com,p19-keyvalueservice.icloud.com,p26-keyvalueservice.icloud.com,p55-keyvalueservice.icloud.com,p06-keyvalueservice.icloud.com,p23-keyvalueservice.icloud.com,p65-keyvalueservice.icloud.com,p58-keyvalueservice.icloud.com,p35-keyvalueservice.icloud.com,p42-keyvalueservice.icloud.com,p12-keyvalueservice.icloud.com,p15-keyvalueservice.icloud.com,p16-keyvalueservice.icloud.com,p29-keyvalueservice.icloud.com,p39-keyvalueservice.icloud.com,p71-keyvalueservice.icloud.com,p22-keyvalueservice.icloud.com,p40-keyvalueservice.icloud.com,p11-keyvalueservice.icloud.com,p66-keyvalueservice.icloud.com,p68-keyvalueservice.icloud.com,p201-keyvalueservice.icloud.com,p10-keyvalueservice.icloud.com,p61-keyvalueservice.icloud.com,p30-keyvalueservice.icloud.com,p01-keyvalueservice.icloud.com,p14-keyvalueservice.icloud.com,p50-keyvalueservice.icloud.com,p31-keyvalueservice.icloud.com,p47-keyvalueservice.icloud.com,p48-keyvalueservice.icloud.com,p20-keyvalueservice.icloud.com,p51-keyvalueservice.icloud.com,p27-keyvalueservice.icloud.com,p49-keyvalueservice.icloud.com,p03-keyvalueservice.icloud.com,p24-keyvalueservice.icloud.com,p25-keyvalueservice.icloud.com,p08-keyvalueservice.icloud.com,p13-keyvalueservice.icloud.com,p04-keyvalueservice.icloud.com,p05-keyvalueservice.icloud.com,p02-keyvalueservice.icloud.com,p09-keyvalueservice.icloud.com,p57-keyvalueservice.icloud.com,p59-keyvalueservice.icloud.com,p64-keyvalueservice.icloud.com,p38-keyvalueservice.icloud.com,p54-keyvalueservice.icloud.com,p72-keyvalueservice.icloud.com,keyvalueservice.icloud.com,p69-keyvalueservice.icloud.com,p43-keyvalueservice.icloud.com,p45-keyvalueservice.icloud.com,p202-keyvalueservice.icloud.com,p98-keyvalueservice.icloud.com,p34-keyvalueservice.icloud.com,p44-keyvalueservice.icloud.com,p46-keyvalueservice.icloud.com,p53-keyvalueservice.icloud.com,p60-keyvalueservice.icloud.com][JA3S: 1e60202b4001a190621caa963fb76697][Issuer: CN=Apple IST CA 2 - G1, OU=Certification Authority, O=Apple Inc., C=US][Subject: CN=keyvalueservice.icloud.com, O=Apple Inc., ST=California, C=US][Certificate SHA-1: D8:84:3B:15:06:49:1C:72:C4:05:C0:F0:82:3B:43:4A:D1:8F:D5:9F][Validity: 2019-12-09 19:35:05 - 2021-01-07 19:45:00][Cipher: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384][Plen Bins: 0,1,1,0,0,0,0,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,3,0,0,0,0,0,0,0,0,0,1,85,0]
2 TCP 192.168.2.17:50575 <-> 17.248.185.140:443 [proto: 91.143/TLS.AppleiCloud][cat: Web/5][13 pkts/3193 bytes <-> 12 pkts/11035 bytes][Goodput ratio: 73/93][0.81 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.551 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 49/63 154/164 68/71][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 246/920 1224/1506 340/643][TLSv1.2][Client: p26-fmfmobile.icloud.com][JA3C: 6fa3244afc6bb6f9fad207b6b52af26b][ServerNames: p67-fmfmobile.icloud.com,p48-fmfmobile.icloud.com,p53-fmfmobile.icloud.com,p34-fmfmobile.icloud.com,p72-fmfmobile.icloud.com,fmfmobile.icloud.com,p08-fmfmobile.icloud.com,p12-fmfmobile.icloud.com,p02-fmfmobile.icloud.com,p29-fmfmobile.icloud.com,p52-fmfmobile.icloud.com,p26-fmfmobile.icloud.com,p06-fmfmobile.icloud.com,p97-fmfmobile.icloud.com,p41-fmfmobile.icloud.com,p40-fmfmobile.icloud.com,p18-fmfmobile.icloud.com,p55-fmfmobile.icloud.com,p70-fmfmobile.icloud.com,p32-fmfmobile.icloud.com,p69-fmfmobile.icloud.com,p17-fmfmobile.icloud.com,p13-fmfmobile.icloud.com,p38-fmfmobile.icloud.com,p11-fmfmobile.icloud.com,p21-fmfmobile.icloud.com,p27-fmfmobile.icloud.com,p42-fmfmobile.icloud.com,p37-fmfmobile.icloud.com,p56-fmfmobile.icloud.com,p50-fmfmobile.icloud.com,p58-fmfmobile.icloud.com,p39-fmfmobile.icloud.com,p45-fmfmobile.icloud.com,p49-fmfmobile.icloud.com,p68-fmfmobile.icloud.com,p10-fmfmobile.icloud.com,p22-fmfmobile.icloud.com,p07-fmfmobile.icloud.com,p25-fmfmobile.icloud.com,p20-fmfmobile.icloud.com,p71-fmfmobile.icloud.com,p05-fmfmobile.icloud.com,p98-fmfmobile.icloud.com,p66-fmfmobile.icloud.com,p15-fmfmobile.icloud.com,p16-fmfmobile.icloud.com,p44-fmfmobile.icloud.com,p04-fmfmobile.icloud.com,p09-fmfmobile.icloud.com,p23-fmfmobile.icloud.com,p61-fmfmobile.icloud.com,p30-fmfmobile.icloud.com,p46-fmfmobile.icloud.com,p60-fmfmobile.icloud.com,p43-fmfmobile.icloud.com,p57-fmfmobile.icloud.com,p14-fmfmobile.icloud.com,p03-fmfmobile.icloud.com,p36-fmfmobile.icloud.com,p64-fmfmobile.icloud.com,p28-fmfmobile.icloud.com,p24-fmfmobile.icloud.com,p202-fmfmobile.icloud.com,p01-fmfmobile.icloud.com,p62-fmfmobile.icloud.com,p47-fmfmobile.icloud.com,p35-fmfmobile.icloud.com,p65-fmfmobile.icloud.com,p31-fmfmobile.icloud.com,p63-fmfmobile.icloud.com,p19-fmfmobile.icloud.com,p33-fmfmobile.icloud.com,p51-fmfmobile.icloud.com,p54-fmfmobile.icloud.com,p59-fmfmobile.icloud.com,p201-fmfmobile.icloud.com][JA3S: 1e60202b4001a190621caa963fb76697][Issuer: CN=Apple IST CA 2 - G1, OU=Certification Authority, O=Apple Inc., C=US][Subject: CN=fmfmobile.icloud.com, O=Apple Inc., ST=California, C=US][Certificate SHA-1: FF:C3:9F:1A:A1:3C:D2:3C:06:96:EC:49:B4:97:A9:D3:DA:05:A3:E2][Validity: 2019-12-09 19:44:02 - 2021-01-07 19:54:00][Cipher: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384][Plen Bins: 0,7,7,0,0,0,0,0,0,0,0,0,0,0,0,0,7,7,7,0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,7,0,0,0,0,0,0,0,0,46,0]
3 TCP 192.168.2.17:50580 <-> 17.248.176.75:443 [proto: 91.143/TLS.AppleiCloud][cat: Web/5][25 pkts/5755 bytes <-> 20 pkts/8110 bytes][Goodput ratio: 71/84][2.03 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.170 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 86/55 651/521 172/132][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 230/406 1128/1506 292/508][TLSv1.2][Client: gateway.icloud.com][JA3C: 6fa3244afc6bb6f9fad207b6b52af26b][ServerNames: gateway-india.icloud.com,gateway-carry.icloud.com,gateway.icloud.com,gateway-australia.icloud.com,gateway-sandbox.icloud.com][JA3S: 1e60202b4001a190621caa963fb76697][Issuer: CN=Apple IST CA 2 - G1, OU=Certification Authority, O=Apple Inc., C=US][Subject: CN=gateway.icloud.com, O=Apple Inc., ST=California, C=US][Certificate SHA-1: D2:DA:1C:68:0C:91:A7:DB:BA:B2:2D:29:06:DB:57:42:10:3D:3A:FE][Validity: 2019-10-08 18:46:14 - 2020-11-06 18:56:00][Cipher: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384][Plen Bins: 0,32,8,0,8,4,0,0,0,0,0,8,0,0,0,0,8,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,4,0,0,0,0,0,0,0,0,0,0,0,12,0]
4 TCP 192.168.2.17:50587 <-> 92.123.77.26:443 [proto: 91.145/TLS.AppleiTunes][cat: Streaming/17][19 pkts/4724 bytes <-> 15 pkts/7108 bytes][Goodput ratio: 73/86][0.49 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.201 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 32/17 146/147 52/42][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 249/474 1506/1506 367/538][TLSv1.3][Client: play.itunes.apple.com][JA3C: 6fa3244afc6bb6f9fad207b6b52af26b][JA3S: 15af977ce25de452b96affa2addb1036][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 5,22,11,0,0,0,0,0,11,0,0,0,5,0,0,5,5,0,0,0,0,0,0,5,0,0,0,0,0,5,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,16,0]
5 TCP 192.168.2.17:50588 <-> 95.101.24.53:443 [proto: 91.145/TLS.AppleiTunes][cat: Streaming/17][16 pkts/3753 bytes <-> 12 pkts/7714 bytes][Goodput ratio: 72/90][0.17 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.345 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 10/10 37/56 15/20][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 235/643 1506/1506 366/607][TLSv1.3][Client: sync.itunes.apple.com][JA3C: 6fa3244afc6bb6f9fad207b6b52af26b][JA3S: 15af977ce25de452b96affa2addb1036][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 6,18,12,0,0,0,0,0,12,0,0,0,0,0,0,6,6,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,25,0]
6 TCP 192.168.2.17:50576 <-> 95.101.25.53:443 [proto: 91.140/TLS.Apple][cat: Web/5][15 pkts/2056 bytes <-> 12 pkts/8828 bytes][Goodput ratio: 49/91][0.38 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.622 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 7/22 36/80 13/32][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 137/736 583/1506 158/574][TLSv1.3][Client: gspe35-ssl.ls.apple.com][JA3C: 55271a105172d5f225e4704755b9b250][JA3S: 15af977ce25de452b96affa2addb1036][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 0,0,7,0,0,0,7,0,30,0,0,0,0,7,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,15,0,0,0,0,15,0]
7 TCP 192.168.2.17:50584 <-> 17.248.176.75:443 [proto: 91.143/TLS.AppleiCloud][cat: Web/5][18 pkts/3421 bytes <-> 14 pkts/6608 bytes][Goodput ratio: 65/86][1.06 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.318 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 37/19 167/155 58/46][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 190/472 1084/1506 257/577][TLSv1.2][Client: gateway.icloud.com][JA3C: 6fa3244afc6bb6f9fad207b6b52af26b][ServerNames: gateway-india.icloud.com,gateway-carry.icloud.com,gateway.icloud.com,gateway-australia.icloud.com,gateway-sandbox.icloud.com][JA3S: 1e60202b4001a190621caa963fb76697][Issuer: CN=Apple IST CA 2 - G1, OU=Certification Authority, O=Apple Inc., C=US][Subject: CN=gateway.icloud.com, O=Apple Inc., ST=California, C=US][Certificate SHA-1: D2:DA:1C:68:0C:91:A7:DB:BA:B2:2D:29:06:DB:57:42:10:3D:3A:FE][Validity: 2019-10-08 18:46:14 - 2020-11-06 18:56:00][Cipher: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384][Plen Bins: 0,41,11,0,0,0,0,0,0,0,0,0,5,0,0,0,11,0,0,0,0,5,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,17,0]
8 TCP 192.168.2.17:50586 <-> 17.248.176.75:443 [proto: 91.143/TLS.AppleiCloud][cat: Web/5][17 pkts/3443 bytes <-> 13 pkts/6470 bytes][Goodput ratio: 67/87][0.54 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.305 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 38/20 162/160 58/48][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 203/498 1084/1506 268/585][TLSv1.2][Client: gateway.icloud.com][JA3C: 6fa3244afc6bb6f9fad207b6b52af26b][ServerNames: gateway-india.icloud.com,gateway-carry.icloud.com,gateway.icloud.com,gateway-australia.icloud.com,gateway-sandbox.icloud.com][JA3S: 1e60202b4001a190621caa963fb76697][Issuer: CN=Apple IST CA 2 - G1, OU=Certification Authority, O=Apple Inc., C=US][Subject: CN=gateway.icloud.com, O=Apple Inc., ST=California, C=US][Certificate SHA-1: D2:DA:1C:68:0C:91:A7:DB:BA:B2:2D:29:06:DB:57:42:10:3D:3A:FE][Validity: 2019-10-08 18:46:14 - 2020-11-06 18:56:00][Cipher: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384][Plen Bins: 0,41,11,0,0,0,0,0,0,0,0,0,0,0,5,0,11,0,0,5,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,17,0]
9 TCP 192.168.2.17:50583 <-> 104.73.61.30:443 [proto: 91.140/TLS.Apple][cat: Web/5][7 pkts/1003 bytes <-> 7 pkts/6968 bytes][Goodput ratio: 51/93][0.19 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.748 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 38/9 123/46 46/18][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 143/995 583/1506 180/593][TLSv1.3][Client: cl4.apple.com][JA3C: 6fa3244afc6bb6f9fad207b6b52af26b][JA3S: 15af977ce25de452b96affa2addb1036][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,16,0,0,0,0,0,0,33,0]
10 TCP 192.168.2.17:50579 <-> 17.253.105.202:443 [proto: 91.140/TLS.Apple][cat: Web/5][12 pkts/1803 bytes <-> 8 pkts/5395 bytes][Goodput ratio: 55/90][2.30 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.499 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 217/22 1961/130 583/48][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 150/674 583/1506 169/571][TLSv1.3][Client: mesu.apple.com][JA3C: 6fa3244afc6bb6f9fad207b6b52af26b][JA3S: f4febc55ea12b31ae17cfb7e614afda8][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 10,0,10,0,0,0,0,0,20,0,10,0,10,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,20,0]
11 TCP 192.168.2.17:50578 <-> 17.253.105.202:443 [proto: 91.140/TLS.Apple][cat: Web/5][12 pkts/1781 bytes <-> 8 pkts/5395 bytes][Goodput ratio: 55/90][2.30 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.504 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 227/22 1825/131 537/49][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 148/674 583/1506 166/571][TLSv1.3][Client: mesu.apple.com][JA3C: 6fa3244afc6bb6f9fad207b6b52af26b][JA3S: f4febc55ea12b31ae17cfb7e614afda8][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 10,0,10,0,0,0,0,0,20,0,10,10,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,20,0]
12 TCP 192.168.2.17:50582 <-> 92.122.252.82:443 [proto: 91.140/TLS.Apple][cat: Web/5][6 pkts/925 bytes <-> 6 pkts/5702 bytes][Goodput ratio: 56/93][0.17 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.721 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 42/25 122/123 49/49][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 154/950 583/1506 192/630][TLSv1.3][Client: iphone-ld.apple.com][JA3C: 6fa3244afc6bb6f9fad207b6b52af26b][JA3S: 15af977ce25de452b96affa2addb1036][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,20,0,0,0,0,0,0,40,0]
13 TCP 192.168.2.17:50577 <-> 17.130.2.46:443 [proto: 91.140/TLS.Apple][cat: Web/5][10 pkts/1721 bytes <-> 8 pkts/4801 bytes][Goodput ratio: 61/89][0.67 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.472 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 81/52 171/161 80/73][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 172/600 583/1506 165/572][TLSv1.2][Client: gsp85-ssl.ls.apple.com][JA3C: 55271a105172d5f225e4704755b9b250][ServerNames: *.ls.apple.com][JA3S: 4ef1b297bb817d8212165a86308bac5f][Issuer: CN=Apple IST CA 2 - G1, OU=Certification Authority, O=Apple Inc., C=US][Subject: CN=*.ls.apple.com, OU=management:idms.group.576486, O=Apple Inc., ST=California, C=US][Certificate SHA-1: E4:85:25:4C:99:F8:FB:66:49:4B:80:64:5E:63:2A:75:9B:8F:C3:51][Validity: 2019-03-15 23:17:29 - 2021-04-13 23:17:29][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,11,0,11,0,0,0,11,11,0,0,11,0,0,0,11,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,22,0]
14 TCP 192.168.2.17:50585 <-> 17.137.166.35:443 [proto: 91.140/TLS.Apple][cat: Web/5][6 pkts/1051 bytes <-> 6 pkts/4246 bytes][Goodput ratio: 61/90][1.05 sec][ALPN: http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.603 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 132/52 322/206 138/89][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 175/708 583/1506 188/647][TLSv1.2][Client: gsa.apple.com][JA3C: 6fa3244afc6bb6f9fad207b6b52af26b][ServerNames: gsas.apple.com,gsa.apple.com][JA3S: c4b2785a87896e19d37eee932070cb22][Issuer: CN=Apple Server Authentication CA, OU=Certification Authority, O=Apple Inc., C=US][Subject: CN=gsa.apple.com, O=Apple Inc., ST=California, C=US][Certificate SHA-1: D4:EF:5E:AD:7F:D5:13:5B:9F:B2:B9:84:19:75:BB:ED:53:FB:18:D6][Validity: 2019-03-07 00:55:40 - 2020-04-05 00:55:40][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,16,0,16,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0]
15 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][7 pkts/2394 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][43.15 sec][Host: lucas-imac][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1022/0 7191/0 8962/0 2834/0][Pkt Len c2s/s2c min/avg/max/stddev: 342/0 342/0 342/0 0/0][DHCP Fingerprint: 1,121,3,6,15,119,252,95,44,46][PLAIN TEXT (iPhone)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
16 UDP 169.254.225.216:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][4 pkts/2123 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][33.08 sec][Lucas iMac._odisk._tcp.local][PLAIN TEXT (s iMac)][Plen Bins: 0,25,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0]
17 UDP 192.168.2.1:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][4 pkts/2094 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][33.08 sec][Lucas iMac._odisk._tcp.local][PLAIN TEXT (s iMac)][Plen Bins: 0,25,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0]
18 UDP [fe80::c42c:3ff:fe60:6a64]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][3 pkts/2067 bytes -> 0 pkts/0 bytes][Goodput ratio: 91/0][33.08 sec][Lucas iMac._odisk._tcp.local][PLAIN TEXT (s iMac)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,66,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0]
19 TCP 192.168.2.17:49152 <-> 17.253.105.202:80 [proto: 7.140/HTTP.Apple][cat: Web/5][5 pkts/473 bytes <-> 4 pkts/968 bytes][Goodput ratio: 28/72][0.33 sec][Host: captive.apple.com][bytes ratio: -0.344 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/2 82/80 171/158 82/78][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 95/242 197/762 51/300][URL: captive.apple.com/hotspot-detect.html][StatusCode: 200][Content-Type: text/html][User-Agent: CaptiveNetworkSupport-390.60.1 wispr][PLAIN TEXT (GET /hotspot)][Plen Bins: 0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
20 UDP 192.168.2.1:17500 -> 192.168.2.255:17500 [proto: 121/Dropbox][cat: Cloud/13][2 pkts/1104 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][30.05 sec][PLAIN TEXT (version)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
21 UDP 192.168.2.1:67 -> 192.168.2.17:68 [proto: 18/DHCP][cat: Network/14][2 pkts/684 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][1.02 sec][PLAIN TEXT (iMac.local)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
22 UDP [fe80::823:3f17:8298:a29c]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][4 pkts/512 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][3.56 sec][PLAIN TEXT (homekit)][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
23 UDP 192.168.2.17:63381 <-> 192.168.2.1:53 [proto: 5.143/DNS.AppleiCloud][cat: Web/5][1 pkts/90 bytes <-> 1 pkts/264 bytes][Goodput ratio: 53/84][0.04 sec][Host: p26-keyvalueservice.icloud.com][17.248.185.87][PLAIN TEXT (valueservice)][Plen Bins: 0,50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
24 ICMP 192.168.2.17:0 -> 192.168.2.1:0 [proto: 81/ICMP][cat: Network/14][5 pkts/350 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][0.34 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
25 UDP 192.168.2.17:63143 <-> 192.168.2.1:53 [proto: 5.143/DNS.AppleiCloud][cat: Web/5][1 pkts/84 bytes <-> 1 pkts/252 bytes][Goodput ratio: 49/83][0.04 sec][Host: p26-fmfmobile.icloud.com][17.248.185.140][PLAIN TEXT (fmfmobile)][Plen Bins: 0,50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
26 UDP 192.168.2.17:52852 <-> 192.168.2.1:53 [proto: 5.143/DNS.AppleiCloud][cat: Web/5][1 pkts/78 bytes <-> 1 pkts/244 bytes][Goodput ratio: 46/82][0.04 sec][Host: gateway.icloud.com][17.248.176.75][PLAIN TEXT (gateway)][Plen Bins: 0,50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
27 UDP 192.168.2.17:53272 <-> 192.168.2.1:53 [proto: 5.145/DNS.AppleiTunes][cat: Streaming/17][1 pkts/81 bytes <-> 1 pkts/241 bytes][Goodput ratio: 48/82][0.05 sec][Host: play.itunes.apple.com][92.123.77.26][PLAIN TEXT (itunes)][Plen Bins: 0,50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
28 UDP 192.168.2.17:65079 <-> 192.168.2.1:53 [proto: 5.145/DNS.AppleiTunes][cat: Streaming/17][1 pkts/81 bytes <-> 1 pkts/241 bytes][Goodput ratio: 48/82][0.00 sec][Host: play.itunes.apple.com][92.123.77.26][PLAIN TEXT (itunes)][Plen Bins: 0,50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
29 UDP 192.168.2.17:61862 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][cat: Web/5][1 pkts/83 bytes <-> 1 pkts/227 bytes][Goodput ratio: 49/81][0.04 sec][Host: gspe35-ssl.ls.apple.com][95.101.25.53][PLAIN TEXT (gspe35)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
30 UDP 192.168.2.17:49880 <-> 192.168.2.1:53 [proto: 5.145/DNS.AppleiTunes][cat: Streaming/17][1 pkts/81 bytes <-> 1 pkts/222 bytes][Goodput ratio: 48/81][0.05 sec][Host: init.itunes.apple.com][95.101.24.53][PLAIN TEXT (itunes)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
31 UDP 192.168.2.17:53317 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][cat: Web/5][1 pkts/79 bytes <-> 1 pkts/224 bytes][Goodput ratio: 46/81][0.04 sec][Host: iphone-ld.apple.com][92.122.252.82][PLAIN TEXT (iphone)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
32 UDP 192.168.2.17:63677 <-> 192.168.2.1:53 [proto: 5.145/DNS.AppleiTunes][cat: Streaming/17][1 pkts/81 bytes <-> 1 pkts/222 bytes][Goodput ratio: 48/81][0.04 sec][Host: sync.itunes.apple.com][95.101.24.53][PLAIN TEXT (itunes)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
33 UDP 192.168.2.17:53983 <-> 192.168.2.1:53 [proto: 5.145/DNS.AppleiTunes][cat: Streaming/17][1 pkts/80 bytes <-> 1 pkts/221 bytes][Goodput ratio: 47/81][0.05 sec][Host: bag.itunes.apple.com][95.101.24.53][PLAIN TEXT (itunes)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
34 UDP 192.168.2.17:63377 <-> 192.168.2.1:53 [proto: 5.145/DNS.AppleiTunes][cat: Streaming/17][1 pkts/80 bytes <-> 1 pkts/221 bytes][Goodput ratio: 47/81][0.05 sec][Host: bag.itunes.apple.com][95.101.24.53][PLAIN TEXT (itunes)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
35 UDP 192.168.2.17:51007 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][cat: Web/5][1 pkts/77 bytes <-> 1 pkts/221 bytes][Goodput ratio: 45/81][0.04 sec][Host: captive.apple.com][17.253.105.202][PLAIN TEXT (captive)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
36 UDP 192.168.2.17:55457 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][cat: Web/5][1 pkts/74 bytes <-> 1 pkts/214 bytes][Goodput ratio: 43/80][0.04 sec][Host: mesu.apple.com][17.253.105.202][PLAIN TEXT (akadns)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
37 UDP 192.168.2.17:62526 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][cat: Web/5][1 pkts/73 bytes <-> 1 pkts/212 bytes][Goodput ratio: 42/80][0.05 sec][Host: cl4.apple.com][104.73.61.30][PLAIN TEXT (origin)][Plen Bins: 50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
38 UDP 192.168.2.17:52682 <-> 192.168.2.1:53 [proto: 5.143/DNS.AppleiCloud][cat: Web/5][1 pkts/74 bytes <-> 1 pkts/203 bytes][Goodput ratio: 43/79][0.04 sec][Host: www.icloud.com][23.45.74.46][PLAIN TEXT (icloud)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
39 ICMPV6 [fe80::823:3f17:8298:a29c]:0 -> [ff02::16]:0 [proto: 102/ICMPV6][cat: Network/14][2 pkts/260 bytes -> 0 pkts/0 bytes][Goodput ratio: 52/0][1.00 sec][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
40 UDP 192.168.2.17:55914 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][cat: Web/5][1 pkts/82 bytes <-> 1 pkts/146 bytes][Goodput ratio: 48/71][0.04 sec][Host: gsp85-ssl.ls.apple.com][17.130.2.46][PLAIN TEXT (akadns)][Plen Bins: 0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
41 UDP 192.168.2.17:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][2 pkts/216 bytes -> 0 pkts/0 bytes][Goodput ratio: 61/0][1.02 sec][PLAIN TEXT (homekit)][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
42 UDP 192.168.2.17:64203 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][cat: Web/5][1 pkts/80 bytes <-> 1 pkts/135 bytes][Goodput ratio: 47/68][0.04 sec][Host: basejumper.apple.com][::][PLAIN TEXT (basejumper)][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
43 UDP 192.168.2.17:52031 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][cat: Web/5][1 pkts/73 bytes <-> 1 pkts/127 bytes][Goodput ratio: 42/66][0.03 sec][Host: gsa.apple.com][17.137.166.35][PLAIN TEXT (akadns)][Plen Bins: 50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
44 UDP 192.168.2.17:62160 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][cat: Web/5][1 pkts/73 bytes <-> 1 pkts/127 bytes][Goodput ratio: 42/66][0.04 sec][Host: gsa.apple.com][17.137.166.35][PLAIN TEXT (akadns)][Plen Bins: 50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
45 UDP 192.168.2.1:57621 -> 192.168.2.255:57621 [proto: 156/Spotify][cat: Music/25][2 pkts/172 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][30.01 sec][PLAIN TEXT (SpotUdp)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
46 UDP 169.254.225.216:60538 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/168 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][< 1 sec][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
47 UDP 192.168.2.1:51411 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/168 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][< 1 sec][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
48 ICMPV6 [fe80::823:3f17:8298:a29c]:0 -> [ff02::2]:0 [proto: 102/ICMPV6][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 6/0][4.21 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
49 ICMPV6 [::]:0 -> [ff02::1:ff98:a29c]:0 [proto: 102/ICMPV6][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 28/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
50 IGMP 192.168.2.17:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network/14][1 pkts/54 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Undetected flows:
1 UDP 192.168.2.1:5351 -> 224.0.0.1:5350 [proto: 0/Unknown][2 pkts/120 bytes -> 0 pkts/0 bytes][Goodput ratio: 30/0][< 1 sec]
1 UDP 192.168.2.1:5351 -> 224.0.0.1:5350 [proto: 0/Unknown][2 pkts/120 bytes -> 0 pkts/0 bytes][Goodput ratio: 30/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

4
tests/result/ipv6_in_gtp.pcap.out
View file

@ -1,8 +1,8 @@
Unknown 1 150 1
IPsec 1 166 1
1 50 [2a01:4c8:c014:144e:1:2:945b:6761]:0 -> [2a01:4c8:f000:f49::4]:0 [VLAN: 2][proto: GTP:79/IPsec][cat: VPN/2][1 pkts/166 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
1 50 [2a01:4c8:c014:144e:1:2:945b:6761]:0 -> [2a01:4c8:f000:f49::4]:0 [VLAN: 2][proto: GTP:79/IPsec][cat: VPN/2][1 pkts/166 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Undetected flows:
1 UDP [2607:fc20:4052:39e:490a:ea4d:17fe:e09c]:49120 -> [fd00:976a:bc67:193e::7]:25658 [VLAN: 5][proto: GTP:0/Unknown][1 pkts/150 bytes -> 0 pkts/0 bytes][Goodput ratio: 29/0][< 1 sec]
1 UDP [2607:fc20:4052:39e:490a:ea4d:17fe:e09c]:49120 -> [fd00:976a:bc67:193e::7]:25658 [VLAN: 5][proto: GTP:0/Unknown][1 pkts/150 bytes -> 0 pkts/0 bytes][Goodput ratio: 29/0][< 1 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

72
tests/result/kerberos.pcap.out
View file

@ -3,42 +3,42 @@ SMBv23 6 1914 3
Kerberos 48 19194 24
LDAP 14 4152 7
1 TCP 172.16.8.201:49171 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/1486 bytes <-> 1 pkts/1506 bytes][Goodput ratio: 96/96][0.00 sec][happycraft.org\johnson-pc][PLAIN TEXT (HAPPYCRAFT.ORG)]
2 TCP 172.16.8.201:49160 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/1485 bytes <-> 1 pkts/1498 bytes][Goodput ratio: 96/96][< 1 sec][happycraft.org\johnson-pc][PLAIN TEXT (HAPPYCRAFT.ORG)]
3 TCP 172.16.8.201:49176 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/1485 bytes <-> 1 pkts/1498 bytes][Goodput ratio: 96/96][0.00 sec][happycraft.org\johnson-pc][PLAIN TEXT (HAPPYCRAFT.ORG)]
4 TCP 172.16.8.201:49173 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/1118 bytes <-> 1 pkts/190 bytes][Goodput ratio: 95/71][0.00 sec][PLAIN TEXT (HAPPYCRAFT.ORG)]
5 TCP 172.16.8.201:49194 <-> 172.16.8.8:445 [proto: 41/SMBv23][cat: System/18][1 pkts/410 bytes <-> 1 pkts/314 bytes][Goodput ratio: 87/83][0.00 sec]
6 TCP 172.16.8.201:49193 <-> 172.16.8.8:389 [proto: 112/LDAP][cat: System/18][1 pkts/384 bytes <-> 1 pkts/264 bytes][Goodput ratio: 86/79][0.00 sec]
7 TCP 172.16.8.201:49191 <-> 172.16.8.8:389 [proto: 112/LDAP][cat: System/18][1 pkts/368 bytes <-> 1 pkts/264 bytes][Goodput ratio: 85/79][< 1 sec]
8 TCP 172.16.8.201:49157 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/293 bytes <-> 1 pkts/332 bytes][Goodput ratio: 81/83][< 1 sec][happycraft.org\johnson-pc][PLAIN TEXT (johnson)]
9 TCP 172.16.8.201:49166 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/293 bytes <-> 1 pkts/332 bytes][Goodput ratio: 81/83][0.00 sec][happycraft.org\johnson-pc][PLAIN TEXT (johnson)]
10 TCP 172.16.8.201:49181 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/293 bytes <-> 1 pkts/332 bytes][Goodput ratio: 81/83][< 1 sec][happycraft.org\johnson-pc][PLAIN TEXT (JOHNSON)]
11 TCP 172.16.8.201:49156 <-> 172.16.8.8:445 [proto: 41/SMBv23][cat: System/18][1 pkts/281 bytes <-> 1 pkts/314 bytes][Goodput ratio: 80/83][0.00 sec]
12 TCP 172.16.8.201:49174 <-> 172.16.8.8:445 [proto: 41/SMBv23][cat: System/18][1 pkts/281 bytes <-> 1 pkts/314 bytes][Goodput ratio: 80/83][0.00 sec]
13 TCP 172.16.8.201:49188 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/369 bytes <-> 1 pkts/216 bytes][Goodput ratio: 85/75][< 1 sec][happycraft\theresa.johnson][PLAIN TEXT (theresa.johnson)]
14 TCP 172.16.8.201:49161 <-> 172.16.8.8:389 [proto: 112/LDAP][cat: System/18][1 pkts/320 bytes <-> 1 pkts/264 bytes][Goodput ratio: 83/79][< 1 sec]
15 TCP 172.16.8.201:49179 <-> 172.16.8.8:389 [proto: 112/LDAP][cat: System/18][1 pkts/320 bytes <-> 1 pkts/264 bytes][Goodput ratio: 83/79][0.00 sec]
16 TCP 172.16.8.201:49180 <-> 172.16.8.8:389 [proto: 112/LDAP][cat: System/18][1 pkts/320 bytes <-> 1 pkts/264 bytes][Goodput ratio: 83/79][0.00 sec]
17 TCP 172.16.8.201:49187 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/289 bytes <-> 1 pkts/294 bytes][Goodput ratio: 81/81][0.00 sec][happycraft\theresa.johnson][PLAIN TEXT (theresa.johnson)]
18 TCP 172.16.8.201:49169 <-> 172.16.8.8:389 [proto: 112/LDAP][cat: System/18][1 pkts/296 bytes <-> 1 pkts/264 bytes][Goodput ratio: 81/79][0.00 sec][PLAIN TEXT (PSTUsM)]
19 TCP 172.16.8.201:49172 <-> 172.16.8.8:389 [proto: 112/LDAP][cat: System/18][1 pkts/296 bytes <-> 1 pkts/264 bytes][Goodput ratio: 81/79][0.00 sec]
20 TCP 172.16.8.201:49158 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/373 bytes <-> 1 pkts/166 bytes][Goodput ratio: 85/67][0.00 sec][happycraft.org\johnson-pc][PLAIN TEXT (johnson)]
21 TCP 172.16.8.201:49167 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/373 bytes <-> 1 pkts/166 bytes][Goodput ratio: 85/67][< 1 sec][happycraft.org\johnson-pc][PLAIN TEXT (johnson)]
22 TCP 172.16.8.201:49182 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/373 bytes <-> 1 pkts/166 bytes][Goodput ratio: 85/67][< 1 sec][happycraft.org\johnson-pc][PLAIN TEXT (JOHNSON)]
23 TCP 172.16.8.201:49190 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/271 bytes <-> 1 pkts/244 bytes][Goodput ratio: 80/78][0.00 sec][PLAIN TEXT (happycraft.org)]
24 TCP 172.16.8.201:49192 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/255 bytes <-> 1 pkts/233 bytes][Goodput ratio: 79/76][0.00 sec][PLAIN TEXT (20370913024805Z)]
25 TCP 172.16.8.201:49195 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/255 bytes <-> 1 pkts/233 bytes][Goodput ratio: 79/76][0.00 sec][PLAIN TEXT (20370913024805Z)]
26 TCP 172.16.8.201:49162 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/207 bytes <-> 1 pkts/180 bytes][Goodput ratio: 74/70][0.00 sec]
27 TCP 172.16.8.201:49168 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/207 bytes <-> 1 pkts/180 bytes][Goodput ratio: 74/70][< 1 sec]
28 TCP 172.16.8.201:49159 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/191 bytes <-> 1 pkts/169 bytes][Goodput ratio: 71/68][< 1 sec]
29 TCP 172.16.8.201:49175 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/191 bytes <-> 1 pkts/169 bytes][Goodput ratio: 71/68][0.00 sec]
30 TCP 172.16.8.201:49186 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/191 bytes <-> 1 pkts/169 bytes][Goodput ratio: 71/68][0.00 sec]
31 TCP 172.16.8.201:49170 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/167 bytes <-> 1 pkts/122 bytes][Goodput ratio: 67/55][0.00 sec]
32 TCP 172.16.8.201:49183 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/134 bytes <-> 1 pkts/94 bytes][Goodput ratio: 59/42][0.00 sec]
33 TCP 172.16.8.201:49189 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/95 bytes <-> 1 pkts/120 bytes][Goodput ratio: 43/55][< 1 sec][PLAIN TEXT (370913024805Z)]
34 TCP 172.16.8.201:49196 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/89 bytes <-> 1 pkts/102 bytes][Goodput ratio: 39/47][< 1 sec][PLAIN TEXT (20370913024805Z)]
1 TCP 172.16.8.201:49171 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/1486 bytes <-> 1 pkts/1506 bytes][Goodput ratio: 96/96][0.00 sec][happycraft.org\johnson-pc][PLAIN TEXT (HAPPYCRAFT.ORG)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,50,0]
2 TCP 172.16.8.201:49160 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/1485 bytes <-> 1 pkts/1498 bytes][Goodput ratio: 96/96][< 1 sec][happycraft.org\johnson-pc][PLAIN TEXT (HAPPYCRAFT.ORG)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,50,0]
3 TCP 172.16.8.201:49176 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/1485 bytes <-> 1 pkts/1498 bytes][Goodput ratio: 96/96][0.00 sec][happycraft.org\johnson-pc][PLAIN TEXT (HAPPYCRAFT.ORG)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,50,0]
4 TCP 172.16.8.201:49173 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/1118 bytes <-> 1 pkts/190 bytes][Goodput ratio: 95/71][0.00 sec][PLAIN TEXT (HAPPYCRAFT.ORG)][Plen Bins: 0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 TCP 172.16.8.201:49194 <-> 172.16.8.8:445 [proto: 41/SMBv23][cat: System/18][1 pkts/410 bytes <-> 1 pkts/314 bytes][Goodput ratio: 87/83][0.00 sec][Plen Bins: 0,0,0,0,0,0,0,0,50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
6 TCP 172.16.8.201:49193 <-> 172.16.8.8:389 [proto: 112/LDAP][cat: System/18][1 pkts/384 bytes <-> 1 pkts/264 bytes][Goodput ratio: 86/79][0.00 sec][Plen Bins: 0,0,0,0,0,0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
7 TCP 172.16.8.201:49191 <-> 172.16.8.8:389 [proto: 112/LDAP][cat: System/18][1 pkts/368 bytes <-> 1 pkts/264 bytes][Goodput ratio: 85/79][< 1 sec][Plen Bins: 0,0,0,0,0,0,50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
8 TCP 172.16.8.201:49157 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/293 bytes <-> 1 pkts/332 bytes][Goodput ratio: 81/83][< 1 sec][happycraft.org\johnson-pc][PLAIN TEXT (johnson)][Plen Bins: 0,0,0,0,0,0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
9 TCP 172.16.8.201:49166 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/293 bytes <-> 1 pkts/332 bytes][Goodput ratio: 81/83][0.00 sec][happycraft.org\johnson-pc][PLAIN TEXT (johnson)][Plen Bins: 0,0,0,0,0,0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
10 TCP 172.16.8.201:49181 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/293 bytes <-> 1 pkts/332 bytes][Goodput ratio: 81/83][< 1 sec][happycraft.org\johnson-pc][PLAIN TEXT (JOHNSON)][Plen Bins: 0,0,0,0,0,0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
11 TCP 172.16.8.201:49156 <-> 172.16.8.8:445 [proto: 41/SMBv23][cat: System/18][1 pkts/281 bytes <-> 1 pkts/314 bytes][Goodput ratio: 80/83][0.00 sec][Plen Bins: 0,0,0,0,0,0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
12 TCP 172.16.8.201:49174 <-> 172.16.8.8:445 [proto: 41/SMBv23][cat: System/18][1 pkts/281 bytes <-> 1 pkts/314 bytes][Goodput ratio: 80/83][0.00 sec][Plen Bins: 0,0,0,0,0,0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
13 TCP 172.16.8.201:49188 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/369 bytes <-> 1 pkts/216 bytes][Goodput ratio: 85/75][< 1 sec][happycraft\theresa.johnson][PLAIN TEXT (theresa.johnson)][Plen Bins: 0,0,0,0,0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
14 TCP 172.16.8.201:49161 <-> 172.16.8.8:389 [proto: 112/LDAP][cat: System/18][1 pkts/320 bytes <-> 1 pkts/264 bytes][Goodput ratio: 83/79][< 1 sec][Plen Bins: 0,0,0,0,0,0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
15 TCP 172.16.8.201:49179 <-> 172.16.8.8:389 [proto: 112/LDAP][cat: System/18][1 pkts/320 bytes <-> 1 pkts/264 bytes][Goodput ratio: 83/79][0.00 sec][Plen Bins: 0,0,0,0,0,0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
16 TCP 172.16.8.201:49180 <-> 172.16.8.8:389 [proto: 112/LDAP][cat: System/18][1 pkts/320 bytes <-> 1 pkts/264 bytes][Goodput ratio: 83/79][0.00 sec][Plen Bins: 0,0,0,0,0,0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
17 TCP 172.16.8.201:49187 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/289 bytes <-> 1 pkts/294 bytes][Goodput ratio: 81/81][0.00 sec][happycraft\theresa.johnson][PLAIN TEXT (theresa.johnson)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
18 TCP 172.16.8.201:49169 <-> 172.16.8.8:389 [proto: 112/LDAP][cat: System/18][1 pkts/296 bytes <-> 1 pkts/264 bytes][Goodput ratio: 81/79][0.00 sec][PLAIN TEXT (PSTUsM)][Plen Bins: 0,0,0,0,0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
19 TCP 172.16.8.201:49172 <-> 172.16.8.8:389 [proto: 112/LDAP][cat: System/18][1 pkts/296 bytes <-> 1 pkts/264 bytes][Goodput ratio: 81/79][0.00 sec][Plen Bins: 0,0,0,0,0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
20 TCP 172.16.8.201:49158 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/373 bytes <-> 1 pkts/166 bytes][Goodput ratio: 85/67][0.00 sec][happycraft.org\johnson-pc][PLAIN TEXT (johnson)][Plen Bins: 0,0,0,50,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
21 TCP 172.16.8.201:49167 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/373 bytes <-> 1 pkts/166 bytes][Goodput ratio: 85/67][< 1 sec][happycraft.org\johnson-pc][PLAIN TEXT (johnson)][Plen Bins: 0,0,0,50,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
22 TCP 172.16.8.201:49182 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/373 bytes <-> 1 pkts/166 bytes][Goodput ratio: 85/67][< 1 sec][happycraft.org\johnson-pc][PLAIN TEXT (JOHNSON)][Plen Bins: 0,0,0,50,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
23 TCP 172.16.8.201:49190 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/271 bytes <-> 1 pkts/244 bytes][Goodput ratio: 80/78][0.00 sec][PLAIN TEXT (happycraft.org)][Plen Bins: 0,0,0,0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
24 TCP 172.16.8.201:49192 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/255 bytes <-> 1 pkts/233 bytes][Goodput ratio: 79/76][0.00 sec][PLAIN TEXT (20370913024805Z)][Plen Bins: 0,0,0,0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
25 TCP 172.16.8.201:49195 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/255 bytes <-> 1 pkts/233 bytes][Goodput ratio: 79/76][0.00 sec][PLAIN TEXT (20370913024805Z)][Plen Bins: 0,0,0,0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
26 TCP 172.16.8.201:49162 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/207 bytes <-> 1 pkts/180 bytes][Goodput ratio: 74/70][0.00 sec][Plen Bins: 0,0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
27 TCP 172.16.8.201:49168 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/207 bytes <-> 1 pkts/180 bytes][Goodput ratio: 74/70][< 1 sec][Plen Bins: 0,0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
28 TCP 172.16.8.201:49159 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/191 bytes <-> 1 pkts/169 bytes][Goodput ratio: 71/68][< 1 sec][Plen Bins: 0,0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
29 TCP 172.16.8.201:49175 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/191 bytes <-> 1 pkts/169 bytes][Goodput ratio: 71/68][0.00 sec][Plen Bins: 0,0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
30 TCP 172.16.8.201:49186 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/191 bytes <-> 1 pkts/169 bytes][Goodput ratio: 71/68][0.00 sec][Plen Bins: 0,0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
31 TCP 172.16.8.201:49170 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/167 bytes <-> 1 pkts/122 bytes][Goodput ratio: 67/55][0.00 sec][Plen Bins: 0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
32 TCP 172.16.8.201:49183 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/134 bytes <-> 1 pkts/94 bytes][Goodput ratio: 59/42][0.00 sec][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
33 TCP 172.16.8.201:49189 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/95 bytes <-> 1 pkts/120 bytes][Goodput ratio: 43/55][< 1 sec][PLAIN TEXT (370913024805Z)][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
34 TCP 172.16.8.201:49196 <-> 172.16.8.8:88 [proto: 111/Kerberos][cat: Network/14][1 pkts/89 bytes <-> 1 pkts/102 bytes][Goodput ratio: 39/47][< 1 sec][PLAIN TEXT (20370913024805Z)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Undetected flows:
1 TCP 172.16.8.201:49165 <-> 172.16.8.8:49155 [proto: 0/Unknown][4 pkts/1382 bytes <-> 2 pkts/624 bytes][Goodput ratio: 84/83][21.49 sec][bytes ratio: 0.378 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/21492 7164/21492 21491/21492 10131/0][Pkt Len c2s/s2c min/avg/max/stddev: 274/286 346/312 429/338 72/26]
2 TCP 172.16.8.201:49185 <-> 172.16.8.8:49155 [proto: 0/Unknown][2 pkts/687 bytes <-> 1 pkts/338 bytes][Goodput ratio: 84/84][0.00 sec]
1 TCP 172.16.8.201:49165 <-> 172.16.8.8:49155 [proto: 0/Unknown][4 pkts/1382 bytes <-> 2 pkts/624 bytes][Goodput ratio: 84/83][21.49 sec][bytes ratio: 0.378 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/21492 7164/21492 21491/21492 10131/0][Pkt Len c2s/s2c min/avg/max/stddev: 274/286 346/312 429/338 72/26][Plen Bins: 0,0,0,0,0,0,33,16,16,0,16,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 TCP 172.16.8.201:49185 <-> 172.16.8.8:49155 [proto: 0/Unknown][2 pkts/687 bytes <-> 1 pkts/338 bytes][Goodput ratio: 84/84][0.00 sec][Plen Bins: 0,0,0,0,0,0,33,0,33,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

10
tests/result/malware.pcap.out
View file

@ -8,8 +8,8 @@ JA3 Host Stats:
1 192.168.7.7 1
1 TCP 192.168.7.7:35236 <-> 67.215.92.210:443 [proto: 91.225/TLS.OpenDNS][cat: Malware/100][11 pkts/1280 bytes <-> 9 pkts/5860 bytes][Goodput ratio: 53/91][0.64 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.641 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 71/75 240/249 99/103][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 116/651 571/1514 148/644][Risk: ** TLS Certificate Mismatch **][TLSv1.2][Client: www.internetbadguys.com][JA3C: f6ce47303dce394049af395fc6d0bc20][ServerNames: api.opendns.com,branded-login.opendns.com,cachecheck.opendns.com,community.opendns.com,dashboard2.opendns.com,dashboard.opendns.com,dashboard-ipv4.opendns.com,msp-login.opendns.com,api-ipv4.opendns.com,api-ipv6.opendns.com,authz.api.opendns.com,domain.opendns.com,help.vpn.opendns.com,ideabank.opendns.com,login.opendns.com,netgear.opendns.com,reseller-login.opendns.com,images.opendns.com,images-using.opendns.com,store.opendns.com,signup.opendns.com,twilio.opendns.com,updates.opendns.com,shared.opendns.com,tools.opendns.com,cache.opendns.com,api.umbrella.com,branded-login.umbrella.com,cachecheck.umbrella.com,community.umbrella.com,dashboard2.umbrella.com,dashboard.umbrella.com,dashboard-ipv4.umbrella.com,msp-login.umbrella.com,api-ipv4.umbrella.com,api-ipv6.umbrella.com,authz.api.umbrella.com,domain.umbrella.com,help.vpn.umbrella.com,ideabank.umbrella.com,login.umbrella.com,netgear.umbrella.com,reseller-login.umbrella.com,images.umbrella.com,images-using.umbrella.com,store.umbrella.com,signup.umbrella.com,twilio.umbrella.com,updates.umbrella.com,shared.umbrella.com,tools.umbrella.com,cache.umbrella.com][JA3S: 0c0aff9ccea5e7e1de5c3a0069d103f3][Issuer: C=US, O=DigiCert Inc, CN=DigiCert SHA2 Secure Server CA][Subject: C=US, ST=California, L=San Francisco, O=OpenDNS, Inc., CN=api.opendns.com][Certificate SHA-1: 21:B4:CF:84:13:3A:21:A4:B0:02:63:76:39:84:EA:ED:27:EE:51:7C][Validity: 2018-04-26 00:00:00 - 2020-07-29 00:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
2 TCP 192.168.7.7:48394 <-> 67.215.92.210:80 [proto: 7.225/HTTP.OpenDNS][cat: Malware/100][1 pkts/383 bytes <-> 1 pkts/98 bytes][Goodput ratio: 86/44][0.21 sec][Host: www.internetbadguys.com][URL: www.internetbadguys.com/][StatusCode: 0][User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0][PLAIN TEXT (GET / HTTP/1.1)]
3 UDP 192.168.7.7:42370 <-> 1.1.1.1:53 [proto: 5/DNS][cat: Malware/100][1 pkts/106 bytes <-> 1 pkts/110 bytes][Goodput ratio: 60/61][0.02 sec][Host: www.internetbadguys.com][67.215.92.210][PLAIN TEXT (internetbadguys)]
4 ICMP 192.168.7.7:0 -> 144.139.247.220:0 [proto: 81/ICMP][cat: Malware/100][1 pkts/98 bytes -> 0 pkts/0 bytes][Goodput ratio: 57/0][< 1 sec]
5 TCP 192.168.7.7:33706 -> 144.139.247.220:80 [proto: 7/HTTP][cat: Malware/100][1 pkts/66 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
1 TCP 192.168.7.7:35236 <-> 67.215.92.210:443 [proto: 91.225/TLS.OpenDNS][cat: Malware/100][11 pkts/1280 bytes <-> 9 pkts/5860 bytes][Goodput ratio: 53/91][0.64 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.641 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 71/75 240/249 99/103][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 116/651 571/1514 148/644][Risk: ** TLS Certificate Mismatch **][TLSv1.2][Client: www.internetbadguys.com][JA3C: f6ce47303dce394049af395fc6d0bc20][ServerNames: api.opendns.com,branded-login.opendns.com,cachecheck.opendns.com,community.opendns.com,dashboard2.opendns.com,dashboard.opendns.com,dashboard-ipv4.opendns.com,msp-login.opendns.com,api-ipv4.opendns.com,api-ipv6.opendns.com,authz.api.opendns.com,domain.opendns.com,help.vpn.opendns.com,ideabank.opendns.com,login.opendns.com,netgear.opendns.com,reseller-login.opendns.com,images.opendns.com,images-using.opendns.com,store.opendns.com,signup.opendns.com,twilio.opendns.com,updates.opendns.com,shared.opendns.com,tools.opendns.com,cache.opendns.com,api.umbrella.com,branded-login.umbrella.com,cachecheck.umbrella.com,community.umbrella.com,dashboard2.umbrella.com,dashboard.umbrella.com,dashboard-ipv4.umbrella.com,msp-login.umbrella.com,api-ipv4.umbrella.com,api-ipv6.umbrella.com,authz.api.umbrella.com,domain.umbrella.com,help.vpn.umbrella.com,ideabank.umbrella.com,login.umbrella.com,netgear.umbrella.com,reseller-login.umbrella.com,images.umbrella.com,images-using.umbrella.com,store.umbrella.com,signup.umbrella.com,twilio.umbrella.com,updates.umbrella.com,shared.umbrella.com,tools.umbrella.com,cache.umbrella.com][JA3S: 0c0aff9ccea5e7e1de5c3a0069d103f3][Issuer: C=US, O=DigiCert Inc, CN=DigiCert SHA2 Secure Server CA][Subject: C=US, ST=California, L=San Francisco, O=OpenDNS, Inc., CN=api.opendns.com][Certificate SHA-1: 21:B4:CF:84:13:3A:21:A4:B0:02:63:76:39:84:EA:ED:27:EE:51:7C][Validity: 2018-04-26 00:00:00 - 2020-07-29 00:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 12,0,0,12,0,0,0,0,12,0,0,0,0,0,0,0,12,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,37,0]
2 TCP 192.168.7.7:48394 <-> 67.215.92.210:80 [proto: 7.225/HTTP.OpenDNS][cat: Malware/100][1 pkts/383 bytes <-> 1 pkts/98 bytes][Goodput ratio: 86/44][0.21 sec][Host: www.internetbadguys.com][URL: www.internetbadguys.com/][StatusCode: 0][User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0][PLAIN TEXT (GET / HTTP/1.1)][Plen Bins: 0,50,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 UDP 192.168.7.7:42370 <-> 1.1.1.1:53 [proto: 5/DNS][cat: Malware/100][1 pkts/106 bytes <-> 1 pkts/110 bytes][Goodput ratio: 60/61][0.02 sec][Host: www.internetbadguys.com][67.215.92.210][PLAIN TEXT (internetbadguys)][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 ICMP 192.168.7.7:0 -> 144.139.247.220:0 [proto: 81/ICMP][cat: Malware/100][1 pkts/98 bytes -> 0 pkts/0 bytes][Goodput ratio: 57/0][< 1 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 TCP 192.168.7.7:33706 -> 144.139.247.220:80 [proto: 7/HTTP][cat: Malware/100][1 pkts/66 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

2
tests/result/modbus.pcap.out
View file

@ -1,3 +1,3 @@
Modbus 102 6681 1
1 TCP 192.168.110.131:2074 <-> 192.168.110.138:502 [proto: 44/Modbus][cat: Network/14][51 pkts/3366 bytes <-> 51 pkts/3315 bytes][Goodput ratio: 18/17][23.11 sec][bytes ratio: 0.008 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 477/477 1073/1074 501/501][Pkt Len c2s/s2c min/avg/max/stddev: 66/65 66/65 66/65 0/0]
1 TCP 192.168.110.131:2074 <-> 192.168.110.138:502 [proto: 44/Modbus][cat: Network/14][51 pkts/3366 bytes <-> 51 pkts/3315 bytes][Goodput ratio: 18/17][23.11 sec][bytes ratio: 0.008 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 477/477 1073/1074 501/501][Pkt Len c2s/s2c min/avg/max/stddev: 66/65 66/65 66/65 0/0][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

4
tests/result/monero.pcap.out
View file

@ -1,4 +1,4 @@
Mining 319 166676 2
1 TCP 192.168.2.148:46838 <-> 94.23.199.191:3333 [proto: 42/Mining][cat: Mining/99][159 pkts/143155 bytes <-> 113 pkts/13204 bytes][Goodput ratio: 93/43][1091.42 sec][ZCash/Monero][bytes ratio: 0.831 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 7234/8131 71734/71815 15224/15291][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 900/117 1514/376 709/99][PLAIN TEXT (method)]
2 TCP 192.168.2.148:53846 <-> 116.211.167.195:3333 [proto: 42/Mining][cat: Mining/99][24 pkts/4455 bytes <-> 23 pkts/5862 bytes][Goodput ratio: 70/78][1065.16 sec][ZCash/Monero][bytes ratio: -0.136 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 46166/51528 195463/195463 61020/65306][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 186/255 1498/364 395/138][PLAIN TEXT (method)]
1 TCP 192.168.2.148:46838 <-> 94.23.199.191:3333 [proto: 42/Mining][cat: Mining/99][159 pkts/143155 bytes <-> 113 pkts/13204 bytes][Goodput ratio: 93/43][1091.42 sec][ZCash/Monero][bytes ratio: 0.831 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 7234/8131 71734/71815 15224/15291][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 900/117 1514/376 709/99][PLAIN TEXT (method)][Plen Bins: 28,2,0,1,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,29,29,0]
2 TCP 192.168.2.148:53846 <-> 116.211.167.195:3333 [proto: 42/Mining][cat: Mining/99][24 pkts/4455 bytes <-> 23 pkts/5862 bytes][Goodput ratio: 70/78][1065.16 sec][ZCash/Monero][bytes ratio: -0.136 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 46166/51528 195463/195463 61020/65306][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 186/255 1498/364 395/138][PLAIN TEXT (method)][Plen Bins: 4,13,4,8,0,0,0,0,0,60,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,4,0]

2
tests/result/mpeg.pcap.out
View file

@ -1,3 +1,3 @@
ntop 19 10643 1
1 TCP 192.168.80.160:55804 <-> 46.101.157.119:80 [proto: 7.26/HTTP.ntop][cat: Media/1][9 pkts/754 bytes <-> 10 pkts/9889 bytes][Goodput ratio: 20/93][0.18 sec][Host: luca.ntop.org][bytes ratio: -0.858 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 25/6 77/41 28/14][Pkt Len c2s/s2c min/avg/max/stddev: 66/68 84/989 214/1502 46/649][URL: luca.ntop.org/0.mp3][StatusCode: 200][Content-Type: audio/mpeg][User-Agent: Wget/1.16.3 (darwin14.1.0)][PLAIN TEXT (GET /0.mp)]
1 TCP 192.168.80.160:55804 <-> 46.101.157.119:80 [proto: 7.26/HTTP.ntop][cat: Media/1][9 pkts/754 bytes <-> 10 pkts/9889 bytes][Goodput ratio: 20/93][0.18 sec][Host: luca.ntop.org][bytes ratio: -0.858 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 25/6 77/41 28/14][Pkt Len c2s/s2c min/avg/max/stddev: 66/68 84/989 214/1502 46/649][URL: luca.ntop.org/0.mp3][StatusCode: 200][Content-Type: audio/mpeg][User-Agent: Wget/1.16.3 (darwin14.1.0)][PLAIN TEXT (GET /0.mp)][Plen Bins: 0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,75,0,0]

2
tests/result/mpegts.pcap.out
View file

@ -1,3 +1,3 @@
MPEG_TS 1 1362 1
1 UDP 10.1.16.48:40737 -> 230.200.201.23:1234 [VLAN: 3359][proto: 198/MPEG_TS][cat: Media/1][1 pkts/1362 bytes -> 0 pkts/0 bytes][Goodput ratio: 97/0][< 1 sec]
1 UDP 10.1.16.48:40737 -> 230.200.201.23:1234 [VLAN: 3359][proto: 198/MPEG_TS][cat: Media/1][1 pkts/1362 bytes -> 0 pkts/0 bytes][Goodput ratio: 97/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0]

24
tests/result/mssql_tds.pcap.out
View file

@ -1,14 +1,14 @@
MsSQL-TDS 38 16260 12
1 TCP 10.111.111.111:6666 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][7 pkts/8717 bytes -> 0 pkts/0 bytes][Goodput ratio: 96/0][< 1 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/0 0/0 0/0][Pkt Len c2s/s2c min/avg/max/stddev: 393/0 1245/0 1514/0 436/0]
2 TCP 10.111.111.111:5555 <-> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][10 pkts/1552 bytes <-> 7 pkts/1521 bytes][Goodput ratio: 64/75][7.22 sec][bytes ratio: 0.010 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 31/28 867/1024 1890/2071 763/864][Pkt Len c2s/s2c min/avg/max/stddev: 60/88 155/217 307/492 90/169][PLAIN TEXT (first )]
3 TCP 10.111.111.111:1111 <-> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][2 pkts/614 bytes <-> 2 pkts/524 bytes][Goodput ratio: 78/75][0.14 sec]
4 TCP 10.111.111.111:4444 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/1136 bytes -> 0 pkts/0 bytes][Goodput ratio: 95/0][< 1 sec]
5 TCP 10.111.111.111:7777 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/425 bytes -> 0 pkts/0 bytes][Goodput ratio: 87/0][< 1 sec]
6 TCP 10.111.111.111:33333 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/374 bytes -> 0 pkts/0 bytes][Goodput ratio: 85/0][< 1 sec]
7 TCP 10.111.111.111:22222 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/322 bytes -> 0 pkts/0 bytes][Goodput ratio: 83/0][< 1 sec]
8 TCP 10.111.111.111:9999 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/272 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][< 1 sec][PLAIN TEXT (ABCDEFGHIJKLMNOPQ)]
9 TCP 10.111.111.111:11111 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/253 bytes -> 0 pkts/0 bytes][Goodput ratio: 78/0][< 1 sec]
10 TCP 10.111.111.111:3333 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 77/0][< 1 sec]
11 TCP 10.111.111.111:2222 <-> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/98 bytes <-> 1 pkts/71 bytes][Goodput ratio: 44/24][< 1 sec]
12 TCP 10.111.111.111:8888 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/142 bytes -> 0 pkts/0 bytes][Goodput ratio: 62/0][< 1 sec]
1 TCP 10.111.111.111:6666 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][7 pkts/8717 bytes -> 0 pkts/0 bytes][Goodput ratio: 96/0][< 1 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/0 0/0 0/0][Pkt Len c2s/s2c min/avg/max/stddev: 393/0 1245/0 1514/0 436/0][Plen Bins: 0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,71,0]
2 TCP 10.111.111.111:5555 <-> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][10 pkts/1552 bytes <-> 7 pkts/1521 bytes][Goodput ratio: 64/75][7.22 sec][bytes ratio: 0.010 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 31/28 867/1024 1890/2071 763/864][Pkt Len c2s/s2c min/avg/max/stddev: 60/88 155/217 307/492 90/169][PLAIN TEXT (first )][Plen Bins: 0,42,7,14,0,7,0,14,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 TCP 10.111.111.111:1111 <-> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][2 pkts/614 bytes <-> 2 pkts/524 bytes][Goodput ratio: 78/75][0.14 sec][Plen Bins: 0,25,0,0,0,25,0,0,0,25,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 TCP 10.111.111.111:4444 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/1136 bytes -> 0 pkts/0 bytes][Goodput ratio: 95/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 TCP 10.111.111.111:7777 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/425 bytes -> 0 pkts/0 bytes][Goodput ratio: 87/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
6 TCP 10.111.111.111:33333 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/374 bytes -> 0 pkts/0 bytes][Goodput ratio: 85/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
7 TCP 10.111.111.111:22222 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/322 bytes -> 0 pkts/0 bytes][Goodput ratio: 83/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
8 TCP 10.111.111.111:9999 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/272 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][< 1 sec][PLAIN TEXT (ABCDEFGHIJKLMNOPQ)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
9 TCP 10.111.111.111:11111 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/253 bytes -> 0 pkts/0 bytes][Goodput ratio: 78/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
10 TCP 10.111.111.111:3333 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 77/0][< 1 sec][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
11 TCP 10.111.111.111:2222 <-> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/98 bytes <-> 1 pkts/71 bytes][Goodput ratio: 44/24][< 1 sec][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
12 TCP 10.111.111.111:8888 -> 10.0.0.1:1433 [proto: 114/MsSQL-TDS][cat: Database/11][1 pkts/142 bytes -> 0 pkts/0 bytes][Goodput ratio: 62/0][< 1 sec][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

4
tests/result/nats.pcap.out
View file

@ -1,4 +1,4 @@
Nats 27 2460 2
1 TCP 127.0.0.1:54821 <-> 127.0.0.1:4222 [proto: 68/Nats][cat: RPC/16][7 pkts/545 bytes <-> 7 pkts/725 bytes][Goodput ratio: 26/44][2.20 sec][bytes ratio: -0.142 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1/1 3/3 1/1][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 78/104 191/365 46/107][PLAIN TEXT (rINFO )]
2 TCP 127.0.0.1:54820 <-> 127.0.0.1:4222 [proto: 68/Nats][cat: RPC/16][7 pkts/527 bytes <-> 6 pkts/663 bytes][Goodput ratio: 26/47][0.01 sec][bytes ratio: -0.114 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2/2 7/7 3/3][Pkt Len c2s/s2c min/avg/max/stddev: 44/56 75/110 191/365 48/114][PLAIN TEXT (bINFO )]
1 TCP 127.0.0.1:54821 <-> 127.0.0.1:4222 [proto: 68/Nats][cat: RPC/16][7 pkts/545 bytes <-> 7 pkts/725 bytes][Goodput ratio: 26/44][2.20 sec][bytes ratio: -0.142 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1/1 3/3 1/1][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 78/104 191/365 46/107][PLAIN TEXT (rINFO )][Plen Bins: 60,0,0,0,20,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 TCP 127.0.0.1:54820 <-> 127.0.0.1:4222 [proto: 68/Nats][cat: RPC/16][7 pkts/527 bytes <-> 6 pkts/663 bytes][Goodput ratio: 26/47][0.01 sec][bytes ratio: -0.114 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2/2 7/7 3/3][Pkt Len c2s/s2c min/avg/max/stddev: 44/56 75/110 191/365 48/114][PLAIN TEXT (bINFO )][Plen Bins: 33,0,0,0,33,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

28
tests/result/nest_log_sink.pcap.out
View file

@ -2,17 +2,17 @@ DNS 15 1612 1
NestLogSink 457 44483 6
Google 302 72365 7
1 TCP 192.168.242.15:63342 <-> 35.188.154.186:11095 [proto: 43.126/NestLogSink.Google][cat: Cloud/13][37 pkts/14650 bytes <-> 35 pkts/4115 bytes][Goodput ratio: 86/54][4.71 sec][bytes ratio: 0.561 (Upload)][IAT c2s/s2c min/avg/max/stddev: 4/0 142/150 1347/1490 251/290][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 396/118 585/733 192/108][PLAIN TEXT (05CA02AC4414028)]
2 TCP 192.168.242.15:63345 <-> 35.188.154.186:11095 [proto: 43.126/NestLogSink.Google][cat: Cloud/13][36 pkts/14613 bytes <-> 35 pkts/4114 bytes][Goodput ratio: 86/54][4.14 sec][bytes ratio: 0.561 (Upload)][IAT c2s/s2c min/avg/max/stddev: 11/0 132/134 1166/1477 229/290][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 406/118 584/732 185/107][PLAIN TEXT (05CA02AC4414028)]
3 TCP 192.168.242.15:63351 <-> 35.188.154.186:11095 [proto: 43.126/NestLogSink.Google][cat: Cloud/13][25 pkts/9229 bytes <-> 24 pkts/2916 bytes][Goodput ratio: 85/55][3.56 sec][bytes ratio: 0.520 (Upload)][IAT c2s/s2c min/avg/max/stddev: 5/0 164/174 1319/1484 293/350][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 369/122 584/733 204/130][PLAIN TEXT (05CA02AC4414028)]
4 TCP 192.168.242.15:63348 <-> 35.188.154.186:11095 [proto: 43.126/NestLogSink.Google][cat: Cloud/13][25 pkts/9114 bytes <-> 24 pkts/2915 bytes][Goodput ratio: 85/55][3.42 sec][bytes ratio: 0.515 (Upload)][IAT c2s/s2c min/avg/max/stddev: 10/0 158/169 1167/1475 266/349][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 365/121 584/732 205/129][PLAIN TEXT (05CA02AC4414028)]
5 TCP 192.168.242.15:63343 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][cat: Cloud/13][60 pkts/5549 bytes <-> 56 pkts/5094 bytes][Goodput ratio: 36/41][1799.54 sec][bytes ratio: 0.043 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/16 33935/28187 60073/60075 29484/29645][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 92/91 585/731 97/126][PLAIN TEXT (05CA02AC4414028)]
6 TCP 192.168.242.15:63352 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][cat: Cloud/13][50 pkts/4894 bytes <-> 46 pkts/4392 bytes][Goodput ratio: 40/43][1508.66 sec][bytes ratio: 0.054 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 4/17 33170/30242 60184/60262 29630/29816][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 98/95 586/730 105/136][PLAIN TEXT (05CA02AC4414028)]
7 TCP 192.168.242.15:63346 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][cat: Cloud/13][41 pkts/4409 bytes <-> 37 pkts/3907 bytes][Goodput ratio: 45/49][1042.88 sec][bytes ratio: 0.060 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/15 27924/26022 60088/60136 29301/29455][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 108/106 585/731 114/151][PLAIN TEXT (05CA02AC4414028)]
8 TCP 192.168.242.15:63349 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][cat: Cloud/13][28 pkts/3254 bytes <-> 24 pkts/3040 bytes][Goodput ratio: 50/57][602.97 sec][bytes ratio: 0.034 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 4/14 24649/24894 60122/60151 29303/29368][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 116/127 584/732 117/181][PLAIN TEXT (05CA02AC4414028)]
9 TCP 192.168.242.15:63350 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][cat: Cloud/13][18 pkts/2655 bytes <-> 14 pkts/2499 bytes][Goodput ratio: 61/70][153.64 sec][bytes ratio: 0.030 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 7/15 10960/13629 60124/60155 21488/24847][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 148/178 585/731 137/222][PLAIN TEXT (05CA02AC4414028)]
10 TCP 192.168.242.15:63340 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][cat: Cloud/13][42 pkts/2576 bytes <-> 41 pkts/2214 bytes][Goodput ratio: 2/0][1615.16 sec][bytes ratio: 0.076 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/143 39827/40755 60071/60122 27934/27880][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 61/54 116/54 9/0]
11 TCP 192.168.242.15:63344 <-> 35.188.154.186:11095 [proto: 43.126/NestLogSink.Google][cat: Cloud/13][11 pkts/2565 bytes <-> 10 pkts/1389 bytes][Goodput ratio: 76/61][5.29 sec][bytes ratio: 0.297 (Upload)][IAT c2s/s2c min/avg/max/stddev: 61/0 640/729 2711/3410 865/1202][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 233/139 584/732 217/199][PLAIN TEXT (05CA02AC4414028)]
12 TCP 192.168.242.15:63347 <-> 35.188.154.186:11095 [proto: 43.126/NestLogSink.Google][cat: Cloud/13][10 pkts/1983 bytes <-> 10 pkts/1390 bytes][Goodput ratio: 71/61][2.81 sec][bytes ratio: 0.176 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 63/0 342/349 1182/1489 363/517][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 198/139 586/733 195/200][PLAIN TEXT (05CA02AC4414028)]
13 TCP 192.168.242.15:63353 <-> 35.188.154.186:11095 [proto: 43.126/NestLogSink.Google][cat: Cloud/13][10 pkts/1983 bytes <-> 10 pkts/1389 bytes][Goodput ratio: 71/61][2.65 sec][bytes ratio: 0.176 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 70/0 321/348 1162/1502 366/527][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 198/139 586/732 195/199][PLAIN TEXT (05CA02AC4414028)]
14 UDP 192.168.242.15:52849 <-> 192.168.242.1:53 [proto: 5/DNS][cat: Network/14][8 pkts/713 bytes <-> 7 pkts/899 bytes][Goodput ratio: 53/67][3600.37 sec][Host: weave-logsink.nest.com][35.188.154.186][bytes ratio: -0.115 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 22/4311 596403/515880 1795476/1795277 670696/701384][Pkt Len c2s/s2c min/avg/max/stddev: 82/98 89/128 101/169 9/35][PLAIN TEXT (logsink)]
1 TCP 192.168.242.15:63342 <-> 35.188.154.186:11095 [proto: 43.126/NestLogSink.Google][cat: Cloud/13][37 pkts/14650 bytes <-> 35 pkts/4115 bytes][Goodput ratio: 86/54][4.71 sec][bytes ratio: 0.561 (Upload)][IAT c2s/s2c min/avg/max/stddev: 4/0 142/150 1347/1490 251/290][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 396/118 585/733 192/108][PLAIN TEXT (05CA02AC4414028)][Plen Bins: 0,49,1,1,0,0,0,0,0,0,0,0,0,0,44,0,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 TCP 192.168.242.15:63345 <-> 35.188.154.186:11095 [proto: 43.126/NestLogSink.Google][cat: Cloud/13][36 pkts/14613 bytes <-> 35 pkts/4114 bytes][Goodput ratio: 86/54][4.14 sec][bytes ratio: 0.561 (Upload)][IAT c2s/s2c min/avg/max/stddev: 11/0 132/134 1166/1477 229/290][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 406/118 584/732 185/107][PLAIN TEXT (05CA02AC4414028)][Plen Bins: 0,49,1,0,1,0,0,0,0,0,0,0,0,0,44,0,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 TCP 192.168.242.15:63351 <-> 35.188.154.186:11095 [proto: 43.126/NestLogSink.Google][cat: Cloud/13][25 pkts/9229 bytes <-> 24 pkts/2916 bytes][Goodput ratio: 85/55][3.56 sec][bytes ratio: 0.520 (Upload)][IAT c2s/s2c min/avg/max/stddev: 5/0 164/174 1319/1484 293/350][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 369/122 584/733 204/130][PLAIN TEXT (05CA02AC4414028)][Plen Bins: 0,48,2,0,0,0,0,0,0,0,0,2,0,0,40,0,2,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 TCP 192.168.242.15:63348 <-> 35.188.154.186:11095 [proto: 43.126/NestLogSink.Google][cat: Cloud/13][25 pkts/9114 bytes <-> 24 pkts/2915 bytes][Goodput ratio: 85/55][3.42 sec][bytes ratio: 0.515 (Upload)][IAT c2s/s2c min/avg/max/stddev: 10/0 158/169 1167/1475 266/349][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 365/121 584/732 205/129][PLAIN TEXT (05CA02AC4414028)][Plen Bins: 0,48,2,0,0,0,0,2,0,0,0,0,0,0,40,0,2,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 TCP 192.168.242.15:63343 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][cat: Cloud/13][60 pkts/5549 bytes <-> 56 pkts/5094 bytes][Goodput ratio: 36/41][1799.54 sec][bytes ratio: 0.043 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/16 33935/28187 60073/60075 29484/29645][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 92/91 585/731 97/126][PLAIN TEXT (05CA02AC4414028)][Plen Bins: 0,23,0,5,5,35,0,0,0,5,0,0,5,0,0,0,5,0,0,5,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
6 TCP 192.168.242.15:63352 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][cat: Cloud/13][50 pkts/4894 bytes <-> 46 pkts/4392 bytes][Goodput ratio: 40/43][1508.66 sec][bytes ratio: 0.054 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 4/17 33170/30242 60184/60262 29630/29816][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 98/95 586/730 105/136][PLAIN TEXT (05CA02AC4414028)][Plen Bins: 0,20,0,6,6,33,0,0,0,6,0,0,6,0,0,0,6,0,0,6,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
7 TCP 192.168.242.15:63346 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][cat: Cloud/13][41 pkts/4409 bytes <-> 37 pkts/3907 bytes][Goodput ratio: 45/49][1042.88 sec][bytes ratio: 0.060 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/15 27924/26022 60088/60136 29301/29455][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 108/106 585/731 114/151][PLAIN TEXT (05CA02AC4414028)][Plen Bins: 0,25,0,6,6,31,0,0,0,6,0,0,6,0,0,0,6,0,0,6,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
8 TCP 192.168.242.15:63349 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][cat: Cloud/13][28 pkts/3254 bytes <-> 24 pkts/3040 bytes][Goodput ratio: 50/57][602.97 sec][bytes ratio: 0.034 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 4/14 24649/24894 60122/60151 29303/29368][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 116/127 584/732 117/181][PLAIN TEXT (05CA02AC4414028)][Plen Bins: 0,28,0,7,7,21,7,0,0,7,0,0,0,0,0,0,7,0,0,7,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
9 TCP 192.168.242.15:63350 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][cat: Cloud/13][18 pkts/2655 bytes <-> 14 pkts/2499 bytes][Goodput ratio: 61/70][153.64 sec][bytes ratio: 0.030 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 7/15 10960/13629 60124/60155 21488/24847][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 148/178 585/731 137/222][PLAIN TEXT (05CA02AC4414028)][Plen Bins: 0,28,0,7,7,21,7,0,0,7,0,0,0,0,0,0,7,0,0,7,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
10 TCP 192.168.242.15:63340 <-> 35.174.82.237:11095 [proto: 43/NestLogSink][cat: Cloud/13][42 pkts/2576 bytes <-> 41 pkts/2214 bytes][Goodput ratio: 2/0][1615.16 sec][bytes ratio: 0.076 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/143 39827/40755 60071/60122 27934/27880][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 61/54 116/54 9/0][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
11 TCP 192.168.242.15:63344 <-> 35.188.154.186:11095 [proto: 43.126/NestLogSink.Google][cat: Cloud/13][11 pkts/2565 bytes <-> 10 pkts/1389 bytes][Goodput ratio: 76/61][5.29 sec][bytes ratio: 0.297 (Upload)][IAT c2s/s2c min/avg/max/stddev: 61/0 640/729 2711/3410 865/1202][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 233/139 584/732 217/199][PLAIN TEXT (05CA02AC4414028)][Plen Bins: 0,40,10,0,0,0,0,0,0,10,0,0,0,0,10,0,20,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
12 TCP 192.168.242.15:63347 <-> 35.188.154.186:11095 [proto: 43.126/NestLogSink.Google][cat: Cloud/13][10 pkts/1983 bytes <-> 10 pkts/1390 bytes][Goodput ratio: 71/61][2.81 sec][bytes ratio: 0.176 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 63/0 342/349 1182/1489 363/517][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 198/139 586/733 195/200][PLAIN TEXT (05CA02AC4414028)][Plen Bins: 0,44,11,0,0,0,0,0,0,11,0,0,0,0,11,0,11,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
13 TCP 192.168.242.15:63353 <-> 35.188.154.186:11095 [proto: 43.126/NestLogSink.Google][cat: Cloud/13][10 pkts/1983 bytes <-> 10 pkts/1389 bytes][Goodput ratio: 71/61][2.65 sec][bytes ratio: 0.176 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 70/0 321/348 1162/1502 366/527][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 198/139 586/732 195/199][PLAIN TEXT (05CA02AC4414028)][Plen Bins: 0,44,11,0,0,0,0,0,0,11,0,0,0,0,11,0,11,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
14 UDP 192.168.242.15:52849 <-> 192.168.242.1:53 [proto: 5/DNS][cat: Network/14][8 pkts/713 bytes <-> 7 pkts/899 bytes][Goodput ratio: 53/67][3600.37 sec][Host: weave-logsink.nest.com][35.188.154.186][bytes ratio: -0.115 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 22/4311 596403/515880 1795476/1795277 670696/701384][Pkt Len c2s/s2c min/avg/max/stddev: 82/98 89/128 101/169 9/35][PLAIN TEXT (logsink)][Plen Bins: 0,80,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

30
tests/result/netbios.pcap.out
View file

@ -1,18 +1,18 @@
NetBIOS 258 24196 13
SMBv1 2 486 2
1 UDP 10.0.4.131:137 -> 10.0.5.255:137 [proto: 10/NetBIOS][cat: System/18][181 pkts/16652 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][59.62 sec][Host: xstream_hy][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 10/0 328/0 929/0 225/0][Pkt Len c2s/s2c min/avg/max/stddev: 92/0 92/0 92/0 0/0][PLAIN TEXT ( FIFDFEFCEFEBENFPEIFJ)]
2 UDP 10.0.5.233:137 -> 10.0.5.255:137 [proto: 10/NetBIOS][cat: System/18][59 pkts/5428 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][57.96 sec][Host: ozi][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 749/0 1008/0 1515/0 361/0][Pkt Len c2s/s2c min/avg/max/stddev: 92/0 92/0 92/0 0/0][PLAIN TEXT ( EPFKEJ)]
3 UDP 10.0.5.233:137 <-> 10.0.4.24:137 [proto: 10/NetBIOS][cat: System/18][2 pkts/184 bytes <-> 2 pkts/434 bytes][Goodput ratio: 54/80][10.00 sec][Host: *][PLAIN TEXT ( CKAAAAAAAAAAAAAAAAAAAAAAAAAAAA)]
4 UDP 10.0.1.87:57836 <-> 10.0.4.24:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes <-> 1 pkts/217 bytes][Goodput ratio: 54/80][< 1 sec][Host: *][PLAIN TEXT ( CKAAAAAAAAAAAAAAAAAAAAAAAAAAAA)]
5 UDP 10.0.1.87:57921 <-> 10.0.4.24:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes <-> 1 pkts/217 bytes][Goodput ratio: 54/80][< 1 sec][Host: *][PLAIN TEXT ( CKAAAAAAAAAAAAAAAAAAAAAAAAAAAA)]
6 UDP 10.0.5.9:138 -> 10.0.5.255:138 [proto: 10.16/NetBIOS.SMBv1][cat: System/18][1 pkts/243 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Host: nvr9][PLAIN TEXT ( EOFGFCDJ)]
7 UDP 10.0.5.93:138 -> 10.0.5.255:138 [proto: 10.16/NetBIOS.SMBv1][cat: System/18][1 pkts/243 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Host: bowie][PLAIN TEXT ( ECEPFHEJEFCACACACACACACACACACA)]
8 UDP 10.0.4.101:137 -> 10.0.5.255:137 [proto: 10/NetBIOS][cat: System/18][2 pkts/184 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][18.05 sec][Host: muli][PLAIN TEXT ( ENFFEMEJ)]
9 TCP 10.0.4.24:139 <-> 10.0.4.131:1398 [proto: 10/NetBIOS][cat: System/18][1 pkts/60 bytes <-> 1 pkts/60 bytes][Goodput ratio: 2/0][< 1 sec]
10 UDP 10.0.4.24:137 -> 10.0.4.165:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/104 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][Host: gunnar][PLAIN TEXT ( EHFFEOEOEBFCCACACACACACACACACA)]
11 UDP 10.0.5.1:137 -> 10.0.4.24:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/104 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][Host: guru][PLAIN TEXT ( EHFFFC)]
12 UDP 10.0.4.14:137 -> 10.0.5.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Host: guru][PLAIN TEXT ( EHFFFC)]
13 UDP 10.0.4.24:137 -> 10.0.5.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Host: guru][PLAIN TEXT ( EHFFFC)]
14 UDP 10.0.4.66:137 -> 10.0.5.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Host: guru][PLAIN TEXT ( EHFFFC)]
15 UDP 10.0.4.165:137 -> 10.0.5.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Host: gunnar][PLAIN TEXT ( EHFFEOEOEBFCCACACACACACACACACA)]
1 UDP 10.0.4.131:137 -> 10.0.5.255:137 [proto: 10/NetBIOS][cat: System/18][181 pkts/16652 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][59.62 sec][Host: xstream_hy][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 10/0 328/0 929/0 225/0][Pkt Len c2s/s2c min/avg/max/stddev: 92/0 92/0 92/0 0/0][PLAIN TEXT ( FIFDFEFCEFEBENFPEIFJ)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 UDP 10.0.5.233:137 -> 10.0.5.255:137 [proto: 10/NetBIOS][cat: System/18][59 pkts/5428 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][57.96 sec][Host: ozi][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 749/0 1008/0 1515/0 361/0][Pkt Len c2s/s2c min/avg/max/stddev: 92/0 92/0 92/0 0/0][PLAIN TEXT ( EPFKEJ)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 UDP 10.0.5.233:137 <-> 10.0.4.24:137 [proto: 10/NetBIOS][cat: System/18][2 pkts/184 bytes <-> 2 pkts/434 bytes][Goodput ratio: 54/80][10.00 sec][Host: *][PLAIN TEXT ( CKAAAAAAAAAAAAAAAAAAAAAAAAAAAA)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 UDP 10.0.1.87:57836 <-> 10.0.4.24:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes <-> 1 pkts/217 bytes][Goodput ratio: 54/80][< 1 sec][Host: *][PLAIN TEXT ( CKAAAAAAAAAAAAAAAAAAAAAAAAAAAA)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 UDP 10.0.1.87:57921 <-> 10.0.4.24:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes <-> 1 pkts/217 bytes][Goodput ratio: 54/80][< 1 sec][Host: *][PLAIN TEXT ( CKAAAAAAAAAAAAAAAAAAAAAAAAAAAA)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
6 UDP 10.0.5.9:138 -> 10.0.5.255:138 [proto: 10.16/NetBIOS.SMBv1][cat: System/18][1 pkts/243 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Host: nvr9][PLAIN TEXT ( EOFGFCDJ)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
7 UDP 10.0.5.93:138 -> 10.0.5.255:138 [proto: 10.16/NetBIOS.SMBv1][cat: System/18][1 pkts/243 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Host: bowie][PLAIN TEXT ( ECEPFHEJEFCACACACACACACACACACA)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
8 UDP 10.0.4.101:137 -> 10.0.5.255:137 [proto: 10/NetBIOS][cat: System/18][2 pkts/184 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][18.05 sec][Host: muli][PLAIN TEXT ( ENFFEMEJ)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
9 TCP 10.0.4.24:139 <-> 10.0.4.131:1398 [proto: 10/NetBIOS][cat: System/18][1 pkts/60 bytes <-> 1 pkts/60 bytes][Goodput ratio: 2/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
10 UDP 10.0.4.24:137 -> 10.0.4.165:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/104 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][Host: gunnar][PLAIN TEXT ( EHFFEOEOEBFCCACACACACACACACACA)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
11 UDP 10.0.5.1:137 -> 10.0.4.24:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/104 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][Host: guru][PLAIN TEXT ( EHFFFC)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
12 UDP 10.0.4.14:137 -> 10.0.5.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Host: guru][PLAIN TEXT ( EHFFFC)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
13 UDP 10.0.4.24:137 -> 10.0.5.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Host: guru][PLAIN TEXT ( EHFFFC)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
14 UDP 10.0.4.66:137 -> 10.0.5.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Host: guru][PLAIN TEXT ( EHFFFC)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
15 UDP 10.0.4.165:137 -> 10.0.5.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Host: gunnar][PLAIN TEXT ( EHFFEOEOEBFCCACACACACACACACACA)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

122
tests/result/netflix.pcap.out
View file

@ -9,64 +9,64 @@ JA3 Host Stats:
1 192.168.1.7 4
1 TCP 192.168.1.7:53217 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][667 pkts/50462 bytes <-> 1205 pkts/1807875 bytes][Goodput ratio: 12/96][26.40 sec][Host: 23.246.11.141][bytes ratio: -0.946 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 33/21 522/505 51/40][Pkt Len c2s/s2c min/avg/max/stddev: 60/74 76/1500 584/1514 69/116][URL: 23.246.11.141/?o=AQEfKq2oMrLRiWL2puNQJJ2TLhuiGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThpP7lHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=Dh278u2UpApOCGUj5RxV8azNWX8][StatusCode: 206][User-Agent: AppleCoreMedia/1.0.0.14C92 (iPhone; U; CPU OS 10_2 like Mac OS X; en_us)][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (oMrLRiWL2)]
2 TCP 192.168.1.7:53183 <-> 23.246.3.140:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][502 pkts/40335 bytes <-> 805 pkts/1202445 bytes][Goodput ratio: 17/96][53.10 sec][Host: 23.246.3.140][bytes ratio: -0.935 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 117/55 5026/5044 455/248][Pkt Len c2s/s2c min/avg/max/stddev: 60/74 80/1494 581/1514 81/140][URL: 23.246.3.140/?o=AQEfKq2oMrLRiWL-p-VeIZ6WKRq-X6LMvaLqgxWBCuFbh09MpreORUUOO5Tx1683HPnLY6BPjN_9mlDuYihGZoXu9u0ozH8RFioBN_JDNiRscidjvoSdWmlyZgPNansW0lkBr4X81HvloOi8BS_exVSPhMyJQTB5bg&v=3&e=1484347850&t=-8u4vlcPuFqcOLnLyb9DDtK-bB4][StatusCode: 206][User-Agent: AppleCoreMedia/1.0.0.14C92 (iPhone; U; CPU OS 10_2 like Mac OS X; en_us)][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (oMrLRiWL)]
3 TCP 192.168.1.7:53210 <-> 23.246.11.133:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][293 pkts/23170 bytes <-> 495 pkts/736113 bytes][Goodput ratio: 16/96][46.97 sec][Host: 23.246.11.133][bytes ratio: -0.939 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 194/107 26359/26393 1829/1321][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 79/1487 582/1514 79/167][URL: 23.246.11.133/?o=AQEfKq2oMrLRiWL1ouVaJpeQLBWjGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_7lHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=JfEef80K02ynIjLLoi-HZB1uQ10][StatusCode: 206][User-Agent: AppleCoreMedia/1.0.0.14C92 (iPhone; U; CPU OS 10_2 like Mac OS X; en_us)][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (oMrLRiWL1)]
4 TCP 192.168.1.7:53153 <-> 184.25.204.24:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][147 pkts/11558 bytes <-> 490 pkts/734346 bytes][Goodput ratio: 2/96][59.61 sec][Host: tp.akam.nflximg.com][bytes ratio: -0.969 (Download)][IAT c2s/s2c min/avg/max/stddev: 2/0 418/45 30607/2159 2956/164][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 79/1499 282/1514 21/140][URL: tp.akam.nflximg.com/tpa3/616/2041779616.bif][StatusCode: 200][Content-Type: text/plain][User-Agent: Argo/900 CFNetwork/808.2.16 Darwin/16.3.0][PLAIN TEXT (GET /tpa3/616/2041779616.bif HT)]
5 TCP 192.168.1.7:53141 <-> 104.86.97.179:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][83 pkts/7225 bytes <-> 147 pkts/202723 bytes][Goodput ratio: 20/95][73.78 sec][ALPN: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: -0.931 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1184/604 69170/69192 8780/6263][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 87/1379 293/1514 39/401][TLSv1.2][Client: art-s.nflximg.net][JA3C: c07cb55f88702033a8f52c046d23e0b2][ServerNames: secure.cdn.nflximg.net,*.nflxext.com,*.nflxvideo.net,*.nflxsearch.net,*.nrd.nflximg.net,*.nflximg.net][JA3S: ef6b224ce027c8e21e5a25d8a58255a3][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=Los Gatos, O=Netflix, Inc., OU=Content Delivery Operations, CN=secure.cdn.nflximg.net][Certificate SHA-1: 0D:EF:D1:E6:29:11:1A:A5:88:B3:2F:04:65:D6:D7:AD:84:A2:52:26][Validity: 2016-04-06 00:00:00 - 2017-04-05 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384]
6 TCP 192.168.1.7:53184 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][75 pkts/6610 bytes <-> 103 pkts/150772 bytes][Goodput ratio: 23/95][6.10 sec][Host: 23.246.11.141][bytes ratio: -0.916 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/5 90/58 504/714 130/109][Pkt Len c2s/s2c min/avg/max/stddev: 60/74 88/1464 582/1514 100/228][URL: 23.246.11.141/?o=AQEfKq2oMrLRiWL2puNQJJqTIRqhGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_vlHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=TnP59JB1wb5UTOCr0m-KQU2kGPo][StatusCode: 206][User-Agent: AppleCoreMedia/1.0.0.14C92 (iPhone; U; CPU OS 10_2 like Mac OS X; en_us)][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (oMrLRiWL2)]
7 TCP 192.168.1.7:53149 <-> 184.25.204.25:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][40 pkts/3413 bytes <-> 86 pkts/125190 bytes][Goodput ratio: 7/95][34.92 sec][Host: art-2.nflximg.net][bytes ratio: -0.947 (Download)][IAT c2s/s2c min/avg/max/stddev: 6/12 1101/41 30978/402 5647/66][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 85/1456 311/1514 38/274][URL: art-2.nflximg.net/5758c/bb636e44b87ef854c331ed7b7b6e157e4945758c.jpg][StatusCode: 200][Content-Type: image/jpeg][User-Agent: Argo/9.1.0 (iPhone; iOS 10.2; Scale/2.00)][PLAIN TEXT (GET /5758)]
8 TCP 192.168.1.7:53116 <-> 52.32.196.36:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][75 pkts/31024 bytes <-> 73 pkts/42930 bytes][Goodput ratio: 84/89][47.10 sec][ALPN: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: -0.161 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 744/738 30450/30505 3962/4075][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 414/588 1514/1514 553/594][TLSv1.2][Client: api-global.netflix.com][JA3C: c07cb55f88702033a8f52c046d23e0b2][ServerNames: api-latam.netflix.com,htmltvui.netflix.com,api-eu.netflix.com,uiboot.netflix.com,api-global.netflix.com,api-user.netflix.com,api-us.netflix.com,api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=api.netflix.com][Certificate SHA-1: FC:5B:F6:86:AE:E5:22:0D:60:0C:C3:DF:8F:02:80:3F:A3:60:0E:3C][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
9 TCP 192.168.1.7:53193 <-> 54.191.17.51:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][46 pkts/50218 bytes <-> 25 pkts/7943 bytes][Goodput ratio: 94/78][53.21 sec][bytes ratio: 0.727 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1378/2893 51181/51242 8188/11726][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 1092/318 1514/1514 615/491][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: ios.nccp.netflix.com][JA3C: dc67ac8aaf8d7f69ecd6598135448f24][ServerNames: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: CN=Primary Certificate Authority (2009), ST=California, C=US, O=Netflix Inc, OU=Electronic Delivery, L=Los Gatos][Subject: CN=*.nccp.netflix.com, O=Netflix, Inc., OU=Operations, C=US, ST=California, L=Los Gatos][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Validity: 2001-01-17 20:32:09 - 2018-03-24 20:32:09][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
10 TCP 192.168.1.7:53164 <-> 23.246.10.139:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][24 pkts/2040 bytes <-> 34 pkts/45136 bytes][Goodput ratio: 17/95][1.88 sec][bytes ratio: -0.914 (Download)][IAT c2s/s2c min/avg/max/stddev: 2/0 77/62 638/579 155/122][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 85/1328 422/1514 71/457][URL: 23.246.10.139/range/0-65535?o=AQEfKq2oMrLRiWL-p-VeIZ6WKRq-X6LMvaLqgxWBCuFbh09MpreORUUOO5Tx1683HPnLY6BPjN_9mlDuYihGZoXu9u0ozH8RFioBN_JDNiRscidjvoSdWmlyZgPNansW0lkBr4X81HvloOi8BS_exVSPhMyJQTB5bg&v=3&e=1484347850&t=-djGXIcbFBNzyfugqEWcrgtCpyY&random=34073607][StatusCode: 200][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (GET /range/0)]
11 TCP 192.168.1.7:53171 <-> 23.246.3.140:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][21 pkts/1868 bytes <-> 34 pkts/45139 bytes][Goodput ratio: 19/95][2.09 sec][bytes ratio: -0.921 (Download)][IAT c2s/s2c min/avg/max/stddev: 5/2 70/47 708/633 171/121][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 89/1328 420/1514 75/457][URL: 23.246.3.140/range/0-65535?o=AQEfKq2oMrLRiWL-p-VeIZ6WKRq-X6LMvaLqgxWBCuFbh09MpreORUUOO5Tx1683HPnLY6BPjN_9mlDuYihGZoXu9u0ozH8RFioBN_JDNiRscidjvoSdWmlyZgPNansW0lkBr4X81HvloOi8BS_exVSPhMyJQTB5bg&v=3&e=1484347850&t=-8u4vlcPuFqcOLnLyb9DDtK-bB4&random=357509657][StatusCode: 200][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (GET /range/0)]
12 TCP 192.168.1.7:53148 <-> 184.25.204.25:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][31 pkts/2893 bytes <-> 32 pkts/44112 bytes][Goodput ratio: 17/95][42.46 sec][Host: art-2.nflximg.net][bytes ratio: -0.877 (Download)][IAT c2s/s2c min/avg/max/stddev: 11/0 425/43 3643/161 850/35][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 93/1378 312/1514 59/421][URL: art-2.nflximg.net/af7a5/362643424e775d0393ddb46e145c2375367af7a5.webp][StatusCode: 200][Content-Type: image/webp][User-Agent: Argo/9.1.0 (iPhone; iOS 10.2; Scale/2.00)][PLAIN TEXT (GET /af)]
13 TCP 192.168.1.7:53163 <-> 23.246.11.145:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][21 pkts/1826 bytes <-> 32 pkts/43179 bytes][Goodput ratio: 19/95][1.58 sec][bytes ratio: -0.919 (Download)][IAT c2s/s2c min/avg/max/stddev: 3/4 53/52 354/582 87/111][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 87/1349 422/1514 75/443][URL: 23.246.11.145/range/0-65535?o=AQEfKq2oMrLRiWL-p-VeIZ6WKRq-X6LMvaLqgxWBCuFbh09MpreORUUOO5Tx1683HPnLY6BPjN_9mlDuYihGZoXu9u0ozH8RFioBN_JDNiRscidjvoSdWmlyZgPNansW0lkBr4X81HvloOi8BS_exVSPhMyJQTB5bg&v=3&e=1484347850&t=5xfYVtna3GdYXL71uNs6DZ-X84Y&random=39307082][StatusCode: 200][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (GET /range/0)]
14 TCP 192.168.1.7:53133 <-> 52.89.39.139:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][30 pkts/6328 bytes <-> 39 pkts/37610 bytes][Goodput ratio: 69/93][38.50 sec][bytes ratio: -0.712 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1640/1232 30390/30443 6288/5475][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 211/964 1514/1514 376/637][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: api-global.netflix.com][JA3C: 7e72698146290dd68239f788a452e7d8][ServerNames: api-latam.netflix.com,htmltvui.netflix.com,api-eu.netflix.com,uiboot.netflix.com,api-global.netflix.com,api-user.netflix.com,api-us.netflix.com,api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=api.netflix.com][Certificate SHA-1: FC:5B:F6:86:AE:E5:22:0D:60:0C:C3:DF:8F:02:80:3F:A3:60:0E:3C][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
15 TCP 192.168.1.7:53252 <-> 184.25.204.10:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][12 pkts/1221 bytes <-> 29 pkts/41018 bytes][Goodput ratio: 20/95][1.39 sec][Host: art-1.nflximg.net][bytes ratio: -0.942 (Download)][IAT c2s/s2c min/avg/max/stddev: 11/0 28/35 45/81 10/18][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 102/1414 311/1514 64/366][URL: art-1.nflximg.net/8b1fa/eaa1b78cd72ca4dbdcab527691d2fcab37c8b1fa.jpg][StatusCode: 200][Content-Type: image/jpeg][User-Agent: Argo/9.1.0 (iPhone; iOS 10.2; Scale/2.00)][PLAIN TEXT (GET /8b)]
16 TCP 192.168.1.7:53179 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][31 pkts/2596 bytes <-> 29 pkts/37544 bytes][Goodput ratio: 14/95][7.33 sec][bytes ratio: -0.871 (Download)][IAT c2s/s2c min/avg/max/stddev: 2/0 267/77 1392/465 372/115][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 84/1295 424/1514 63/489][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJJiXLBugGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThpPflHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=JqTg0NiANIn4-aRwn3uKtWdoQ7M&random=114897][StatusCode: 200][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (czGET /range/0)]
17 TCP 192.168.1.7:53251 <-> 184.25.204.10:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][16 pkts/1558 bytes <-> 25 pkts/33413 bytes][Goodput ratio: 31/95][2.07 sec][Host: art-1.nflximg.net][bytes ratio: -0.911 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 166/94 1389/1416 394/300][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 97/1337 311/1514 81/428][URL: art-1.nflximg.net/4e36d/6289889020d6cc6dfb3038c35564a41e1ca4e36d.jpg][StatusCode: 200][Content-Type: image/jpeg][User-Agent: Argo/9.1.0 (iPhone; iOS 10.2; Scale/2.00)][PLAIN TEXT (GET /4e)]
18 TCP 192.168.1.7:53151 <-> 54.201.191.132:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][15 pkts/3626 bytes <-> 26 pkts/29544 bytes][Goodput ratio: 72/94][31.31 sec][Host: appboot.netflix.com][bytes ratio: -0.781 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3092/21 30728/135 9212/28][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 242/1136 1514/1514 405/584][URL: appboot.netflix.com/appboot/NFAPPL-02-][StatusCode: 0][User-Agent: Argo/900 CFNetwork/808.2.16 Darwin/16.3.0][PLAIN TEXT (POST /appboot/NFAPPL)]
19 TCP 192.168.1.7:53182 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][33 pkts/2732 bytes <-> 25 pkts/30064 bytes][Goodput ratio: 13/94][7.16 sec][bytes ratio: -0.833 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 254/199 1162/1131 295/282][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 83/1203 424/1514 61/564][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJZ2VKhqgGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzTho_flHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=LQ7LyXSnZaXKEHAHaRRHk-S7dKE&random=420981][StatusCode: 200][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (GET /range/0)]
20 TCP 192.168.1.7:53173 <-> 23.246.11.133:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][24 pkts/2041 bytes <-> 25 pkts/30064 bytes][Goodput ratio: 17/94][5.93 sec][bytes ratio: -0.873 (Download)][IAT c2s/s2c min/avg/max/stddev: 4/4 245/165 985/775 248/180][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 85/1203 423/1514 71/564][URL: 23.246.11.133/range/0-65535?o=AQEfKq2oMrLRiWL1ouVaJZ2bLBChGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_ngHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=SixKQmLLJNvShj-pfML-2h4QaqQ&random=727666][StatusCode: 200][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (GET /range/0)]
21 TCP 192.168.1.7:53175 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][31 pkts/2571 bytes <-> 22 pkts/28042 bytes][Goodput ratio: 14/95][7.15 sec][bytes ratio: -0.832 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/4 265/326 1355/1382 337/387][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 83/1275 423/1514 62/517][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJJ2TLhuiGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThpP7lHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=Dh278u2UpApOCGUj5RxV8azNWX8&random=323765][StatusCode: 200][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (GET /range/0)]
22 TCP 192.168.1.7:53239 <-> 52.41.30.5:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][22 pkts/6384 bytes <-> 26 pkts/23277 bytes][Goodput ratio: 77/93][1.73 sec][ALPN: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: -0.570 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 48/42 437/291 101/61][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 290/895 1514/1514 442/626][TLSv1.2][Client: api-global.netflix.com][JA3C: d8bfad189bd26664e04570c104ee8418][ServerNames: api-latam.netflix.com,htmltvui.netflix.com,api-eu.netflix.com,uiboot.netflix.com,api-global.netflix.com,api-user.netflix.com,api-us.netflix.com,api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=api.netflix.com][Certificate SHA-1: FC:5B:F6:86:AE:E5:22:0D:60:0C:C3:DF:8F:02:80:3F:A3:60:0E:3C][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
23 TCP 192.168.1.7:53177 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][32 pkts/2572 bytes <-> 23 pkts/26661 bytes][Goodput ratio: 14/94][7.05 sec][bytes ratio: -0.824 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 248/271 635/1046 213/317][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 80/1159 426/1514 62/603][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQIpyTIBGjGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_biCFrUjHWqh5ipQCtzf4OVWQ&v=3&e=1484347850&t=8Z78vL2i9OzihCA3M1LinMYcMY4&random=2386][StatusCode: 200][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (fGET /range/0)]
24 TCP 192.168.1.7:53176 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][36 pkts/3030 bytes <-> 21 pkts/25455 bytes][Goodput ratio: 12/95][8.05 sec][bytes ratio: -0.787 (Download)][IAT c2s/s2c min/avg/max/stddev: 5/4 258/237 1250/1203 331/381][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 84/1212 424/1514 58/551][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJJqTIRqhGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_vlHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=TnP59JB1wb5UTOCr0m-KQU2kGPo&random=413473][StatusCode: 200][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (GET /range/0)]
25 TCP 192.168.1.7:53180 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][34 pkts/2864 bytes <-> 21 pkts/25456 bytes][Goodput ratio: 13/95][5.76 sec][bytes ratio: -0.798 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 168/223 1162/1317 246/337][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 84/1212 426/1514 60/551][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJ5yTLBCkGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_3mCFrUjHWqh5ipQCtzf4OVWQ&v=3&e=1484347850&t=r5jtnnEcR8hDCkPImfEiWqWAjKk&random=1846][StatusCode: 200][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (GET /range/0)]
26 TCP 192.168.1.7:53178 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][30 pkts/2553 bytes <-> 22 pkts/25510 bytes][Goodput ratio: 14/94][7.56 sec][bytes ratio: -0.818 (Download)][IAT c2s/s2c min/avg/max/stddev: 3/4 298/146 1317/530 354/131][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 85/1160 423/1514 63/590][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJJmULRajGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThpfblHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=zezrDJDQvgO2TiYC1dT3imH4QC8&random=169467][StatusCode: 200][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (GET /range/0)]
27 TCP 192.168.1.7:53203 <-> 52.37.36.252:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][28 pkts/22704 bytes <-> 17 pkts/5248 bytes][Goodput ratio: 92/78][32.21 sec][ALPN: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: 0.624 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 48/84 332/331 94/95][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 811/309 1514/1514 700/493][TLSv1.2][Client: ichnaea.netflix.com][JA3C: c07cb55f88702033a8f52c046d23e0b2][ServerNames: ichnaea.netflix.com,beacon.netflix.com,presentationtracking.netflix.com,nmtracking.netflix.com,customerevents.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=customerevents.netflix.com][Certificate SHA-1: 50:D6:DB:AF:1D:A3:83:52:E6:0E:15:8F:98:78:EE:2F:23:FD:E2:3F][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
28 TCP 192.168.1.7:53249 <-> 52.41.30.5:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][25 pkts/5934 bytes <-> 27 pkts/19952 bytes][Goodput ratio: 72/91][0.86 sec][bytes ratio: -0.542 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 31/33 266/316 64/70][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 237/739 1514/1514 407/542][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: api-global.netflix.com][JA3C: 7e72698146290dd68239f788a452e7d8][JA3S: 303951d4c50efb2e991652225a6f02b1][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
29 TCP 192.168.1.7:53174 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][35 pkts/2920 bytes <-> 19 pkts/22428 bytes][Goodput ratio: 12/94][7.38 sec][bytes ratio: -0.770 (Download)][IAT c2s/s2c min/avg/max/stddev: 5/0 222/250 636/1132 227/337][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 83/1180 424/1514 59/570][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJpmQIRekGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThrvnlHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=mQfOf90-RY2Gd2ii20KJpCcYQVk&random=134564][StatusCode: 200][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (GET /range/0)]
30 TCP 192.168.1.7:53181 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][34 pkts/2879 bytes <-> 20 pkts/22373 bytes][Goodput ratio: 12/94][8.26 sec][bytes ratio: -0.772 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 238/289 1152/1208 301/406][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 85/1119 425/1514 60/614][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQLJ2TIBepGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThpPbiCFrUjHWqh5ipQCtzf4OVWQ&v=3&e=1484347850&t=tTXu3c6FnJtfi6z0IJp3hw8eDv8&random=1294][StatusCode: 200][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (GET /range/0)]
31 TCP 192.168.1.7:53172 <-> 23.246.11.133:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][30 pkts/2610 bytes <-> 20 pkts/22422 bytes][Goodput ratio: 14/94][7.09 sec][bytes ratio: -0.791 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 255/290 811/1178 267/325][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 87/1121 424/1514 63/611][URL: 23.246.11.133/range/0-65535?o=AQEfKq2oMrLRiWL1ouVaJpeQLBWjGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_7lHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=JfEef80K02ynIjLLoi-HZB1uQ10&random=247333][StatusCode: 200][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (GET /range/0)]
32 TCP 192.168.1.7:53202 <-> 54.191.17.51:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][22 pkts/10686 bytes <-> 16 pkts/7850 bytes][Goodput ratio: 86/86][0.92 sec][bytes ratio: 0.153 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 46/54 282/127 72/35][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 486/491 1514/1514 603/610][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: ios.nccp.netflix.com][JA3C: dc67ac8aaf8d7f69ecd6598135448f24][ServerNames: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: CN=Primary Certificate Authority (2009), ST=California, C=US, O=Netflix Inc, OU=Electronic Delivery, L=Los Gatos][Subject: CN=*.nccp.netflix.com, O=Netflix, Inc., OU=Operations, C=US, ST=California, L=Los Gatos][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Validity: 2001-01-17 20:32:09 - 2018-03-24 20:32:09][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
33 TCP 192.168.1.7:53152 <-> 52.89.39.139:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][14 pkts/10001 bytes <-> 13 pkts/6504 bytes][Goodput ratio: 91/87][31.72 sec][Host: api-global.netflix.com][bytes ratio: 0.212 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/5 2877/42 31088/123 8921/33][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 714/500 1514/1514 676/651][URL: api-global.netflix.com/msl/nrdjs/2.1.2][StatusCode: 0][User-Agent: Argo/900 CFNetwork/808.2.16 Darwin/16.3.0][PLAIN TEXT (POST /msl/nrdjs/2.1.2 HTTP/1.1)]
34 TCP 192.168.1.7:53162 <-> 54.191.17.51:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][18 pkts/5661 bytes <-> 13 pkts/9059 bytes][Goodput ratio: 79/90][1.01 sec][bytes ratio: -0.231 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 65/96 322/423 89/121][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 314/697 1514/1514 477/667][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: ios.nccp.netflix.com][JA3C: dc67ac8aaf8d7f69ecd6598135448f24][ServerNames: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: CN=Primary Certificate Authority (2009), ST=California, C=US, O=Netflix Inc, OU=Electronic Delivery, L=Los Gatos][Subject: CN=*.nccp.netflix.com, O=Netflix, Inc., OU=Operations, C=US, ST=California, L=Los Gatos][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Validity: 2001-01-17 20:32:09 - 2018-03-24 20:32:09][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
35 TCP 192.168.1.7:53132 <-> 52.89.39.139:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][22 pkts/6028 bytes <-> 18 pkts/7459 bytes][Goodput ratio: 76/84][38.49 sec][bytes ratio: -0.106 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2129/2946 30585/30636 7105/8237][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 274/414 1514/1514 437/546][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: api-global.netflix.com][JA3C: 7e72698146290dd68239f788a452e7d8][ServerNames: api-latam.netflix.com,htmltvui.netflix.com,api-eu.netflix.com,uiboot.netflix.com,api-global.netflix.com,api-user.netflix.com,api-us.netflix.com,api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=api.netflix.com][Certificate SHA-1: FC:5B:F6:86:AE:E5:22:0D:60:0C:C3:DF:8F:02:80:3F:A3:60:0E:3C][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
36 TCP 192.168.1.7:53150 <-> 184.25.204.25:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][10 pkts/941 bytes <-> 11 pkts/12318 bytes][Goodput ratio: 26/94][32.06 sec][Host: art-2.nflximg.net][bytes ratio: -0.858 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 4565/34 30963/63 10780/17][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 94/1120 311/1514 72/644][URL: art-2.nflximg.net/87b33/bed1223a0040fdc97bac4e906332e462c6e87b33.jpg][StatusCode: 200][Content-Type: image/jpeg][User-Agent: Argo/9.1.0 (iPhone; iOS 10.2; Scale/2.00)][PLAIN TEXT (GET /87)]
37 TCP 192.168.1.7:53119 <-> 54.69.204.241:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][20 pkts/7639 bytes <-> 16 pkts/5235 bytes][Goodput ratio: 83/80][30.85 sec][ALPN: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: 0.187 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1923/16 30431/72 7361/24][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 382/327 1514/1514 559/501][TLSv1.2][Client: ichnaea.netflix.com][JA3C: c07cb55f88702033a8f52c046d23e0b2][ServerNames: ichnaea.netflix.com,beacon.netflix.com,presentationtracking.netflix.com,nmtracking.netflix.com,customerevents.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=customerevents.netflix.com][Certificate SHA-1: 50:D6:DB:AF:1D:A3:83:52:E6:0E:15:8F:98:78:EE:2F:23:FD:E2:3F][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
38 TCP 192.168.1.7:53118 <-> 54.69.204.241:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][19 pkts/7588 bytes <-> 15 pkts/5140 bytes][Goodput ratio: 83/81][30.38 sec][ALPN: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: 0.192 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2017/14 30033/55 7488/20][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 399/343 1514/1514 569/514][TLSv1.2][Client: ichnaea.netflix.com][JA3C: c07cb55f88702033a8f52c046d23e0b2][ServerNames: ichnaea.netflix.com,beacon.netflix.com,presentationtracking.netflix.com,nmtracking.netflix.com,customerevents.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=customerevents.netflix.com][Certificate SHA-1: 50:D6:DB:AF:1D:A3:83:52:E6:0E:15:8F:98:78:EE:2F:23:FD:E2:3F][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
39 TCP 192.168.1.7:53238 <-> 52.32.22.214:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][17 pkts/5528 bytes <-> 14 pkts/5406 bytes][Goodput ratio: 80/83][3.15 sec][bytes ratio: 0.011 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 218/303 2449/2522 645/743][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 325/386 1514/1514 478/534][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: ios.nccp.netflix.com][JA3C: dc67ac8aaf8d7f69ecd6598135448f24][ServerNames: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: CN=Primary Certificate Authority (2009), ST=California, C=US, O=Netflix Inc, OU=Electronic Delivery, L=Los Gatos][Subject: CN=*.nccp.netflix.com, O=Netflix, Inc., OU=Operations, C=US, ST=California, L=Los Gatos][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Validity: 2001-01-17 20:32:09 - 2018-03-24 20:32:09][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
40 TCP 192.168.1.7:53248 <-> 52.32.22.214:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][12 pkts/5165 bytes <-> 10 pkts/5074 bytes][Goodput ratio: 84/87][0.34 sec][bytes ratio: 0.009 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 31/31 85/65 31/27][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 430/507 1514/1514 533/591][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: ios.nccp.netflix.com][JA3C: dc67ac8aaf8d7f69ecd6598135448f24][ServerNames: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: CN=Primary Certificate Authority (2009), ST=California, C=US, O=Netflix Inc, OU=Electronic Delivery, L=Los Gatos][Subject: CN=*.nccp.netflix.com, O=Netflix, Inc., OU=Operations, C=US, ST=California, L=Los Gatos][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Validity: 2001-01-17 20:32:09 - 2018-03-24 20:32:09][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
41 TCP 192.168.1.7:53105 <-> 54.69.204.241:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][21 pkts/3051 bytes <-> 16 pkts/6234 bytes][Goodput ratio: 55/83][31.02 sec][ALPN: spdy/3.1;spdy/3;http/1.1][bytes ratio: -0.343 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1820/45 30348/363 7132/103][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 145/390 422/1514 132/520][TLSv1.2][Client: ichnaea.netflix.com][JA3C: c07cb55f88702033a8f52c046d23e0b2][ServerNames: ichnaea.netflix.com,beacon.netflix.com,presentationtracking.netflix.com,nmtracking.netflix.com,customerevents.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=customerevents.netflix.com][Certificate SHA-1: 50:D6:DB:AF:1D:A3:83:52:E6:0E:15:8F:98:78:EE:2F:23:FD:E2:3F][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
42 TCP 192.168.1.7:53114 <-> 54.191.17.51:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][14 pkts/3109 bytes <-> 11 pkts/5119 bytes][Goodput ratio: 70/86][0.32 sec][bytes ratio: -0.244 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 24/22 72/63 26/25][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 222/465 1514/1514 382/579][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: ios.nccp.netflix.com][JA3C: dc67ac8aaf8d7f69ecd6598135448f24][ServerNames: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: CN=Primary Certificate Authority (2009), ST=California, C=US, O=Netflix Inc, OU=Electronic Delivery, L=Los Gatos][Subject: CN=*.nccp.netflix.com, O=Netflix, Inc., OU=Operations, C=US, ST=California, L=Los Gatos][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Validity: 2001-01-17 20:32:09 - 2018-03-24 20:32:09][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
43 TCP 192.168.1.7:53134 <-> 52.89.39.139:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][14 pkts/3548 bytes <-> 11 pkts/4653 bytes][Goodput ratio: 74/84][30.77 sec][bytes ratio: -0.135 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 29/22 143/79 43/29][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 253/423 1514/1514 422/512][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: api-global.netflix.com][JA3C: 7e72698146290dd68239f788a452e7d8][JA3S: 303951d4c50efb2e991652225a6f02b1][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
44 TCP 192.168.1.7:53115 <-> 52.32.196.36:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][16 pkts/1657 bytes <-> 12 pkts/5005 bytes][Goodput ratio: 36/84][30.93 sec][ALPN: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: -0.503 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2373/20 30602/58 8149/26][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 104/417 309/1514 78/548][TLSv1.2][Client: api-global.netflix.com][JA3C: c07cb55f88702033a8f52c046d23e0b2][ServerNames: api-latam.netflix.com,htmltvui.netflix.com,api-eu.netflix.com,uiboot.netflix.com,api-global.netflix.com,api-user.netflix.com,api-us.netflix.com,api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=api.netflix.com][Certificate SHA-1: FC:5B:F6:86:AE:E5:22:0D:60:0C:C3:DF:8F:02:80:3F:A3:60:0E:3C][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
45 TCP 192.168.1.7:53250 <-> 52.41.30.5:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][10 pkts/2830 bytes <-> 7 pkts/2484 bytes][Goodput ratio: 76/81][0.21 sec][bytes ratio: 0.065 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 26/20 92/54 34/22][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 283/355 1450/1066 419/413][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: api-global.netflix.com][JA3C: 7e72698146290dd68239f788a452e7d8][JA3S: 303951d4c50efb2e991652225a6f02b1][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
46 TCP 192.168.1.7:53117 <-> 52.32.196.36:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][12 pkts/1294 bytes <-> 8 pkts/1723 bytes][Goodput ratio: 39/69][30.71 sec][bytes ratio: -0.142 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 3064/6120 30486/30536 9141/12208][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 108/215 309/989 83/296][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: api-global.netflix.com][JA3C: 7e72698146290dd68239f788a452e7d8][JA3S: 303951d4c50efb2e991652225a6f02b1][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
47 UDP 192.168.1.7:53776 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][16 pkts/2648 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][79.13 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 105/0 4588/0 14907/0 6547/0][Pkt Len c2s/s2c min/avg/max/stddev: 164/0 166/0 167/0 2/0][PLAIN TEXT (SEARCH )]
48 UDP 192.168.1.7:51543 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][2 pkts/160 bytes <-> 2 pkts/646 bytes][Goodput ratio: 47/87][0.02 sec][Host: ios.nccp.netflix.com][54.191.17.51][PLAIN TEXT (netflix)]
49 UDP 192.168.1.7:51622 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][2 pkts/160 bytes <-> 2 pkts/646 bytes][Goodput ratio: 47/87][0.04 sec][Host: ios.nccp.netflix.com][52.32.22.214][PLAIN TEXT (netflix)]
50 UDP 192.168.1.7:52347 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/80 bytes <-> 1 pkts/371 bytes][Goodput ratio: 47/88][0.04 sec][Host: ios.nccp.netflix.com][2620:108:700f::3428:72a3][PLAIN TEXT (netflix)]
51 UDP 192.168.1.7:60962 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/83 bytes <-> 1 pkts/248 bytes][Goodput ratio: 49/83][0.02 sec][Host: ichnaea.geo.netflix.com][52.37.36.252][PLAIN TEXT (ichnaea)]
52 UDP 192.168.1.7:51949 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/97 bytes <-> 1 pkts/225 bytes][Goodput ratio: 56/81][0.02 sec][Host: api-global.latency.prodaa.netflix.com][52.89.39.139][PLAIN TEXT (global)]
53 UDP 192.168.1.7:52095 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/97 bytes <-> 1 pkts/225 bytes][Goodput ratio: 56/81][0.03 sec][Host: api-global.latency.prodaa.netflix.com][52.41.30.5][PLAIN TEXT (global)]
54 UDP 192.168.1.7:52116 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/96 bytes <-> 1 pkts/224 bytes][Goodput ratio: 56/81][0.00 sec][Host: ichnaea.us-west-2.prodaa.netflix.com][54.69.204.241][PLAIN TEXT (ichnaea)]
55 UDP 192.168.1.7:58102 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/79 bytes <-> 1 pkts/192 bytes][Goodput ratio: 46/78][0.02 sec][Host: appboot.netflix.com][54.201.191.132][PLAIN TEXT (appboot)]
56 UDP 192.168.1.7:59180 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/84 bytes <-> 1 pkts/148 bytes][Goodput ratio: 49/71][0.01 sec][Host: artwork.akam.nflximg.net][184.25.204.25][PLAIN TEXT (artwork)]
57 UDP 192.168.1.7:57719 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/85 bytes <-> 1 pkts/137 bytes][Goodput ratio: 50/69][0.02 sec][Host: sha2.san.akam.nflximg.net][104.86.97.179][PLAIN TEXT (akamaiedge)]
58 UDP 192.168.1.7:57093 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/81 bytes <-> 1 pkts/113 bytes][Goodput ratio: 48/62][0.02 sec][Host: a1907.dscg.akamai.net][184.25.204.10][PLAIN TEXT (akamai)]
59 UDP 192.168.1.7:51728 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/80 bytes <-> 1 pkts/112 bytes][Goodput ratio: 47/62][0.02 sec][Host: a803.dscg.akamai.net][184.25.204.24][PLAIN TEXT (akamai)]
60 TCP 192.168.1.7:52929 -> 52.24.87.6:443 [proto: 91.178/TLS.Amazon][cat: Web/5][2 pkts/126 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][14.20 sec]
61 IGMP 192.168.1.7:0 -> 239.255.255.250:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
1 TCP 192.168.1.7:53217 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][667 pkts/50462 bytes <-> 1205 pkts/1807875 bytes][Goodput ratio: 12/96][26.40 sec][Host: 23.246.11.141][bytes ratio: -0.946 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 33/21 522/505 51/40][Pkt Len c2s/s2c min/avg/max/stddev: 60/74 76/1500 584/1514 69/116][URL: 23.246.11.141/?o=AQEfKq2oMrLRiWL2puNQJJ2TLhuiGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThpP7lHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=Dh278u2UpApOCGUj5RxV8azNWX8][StatusCode: 206][User-Agent: AppleCoreMedia/1.0.0.14C92 (iPhone; U; CPU OS 10_2 like Mac OS X; en_us)][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (oMrLRiWL2)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,96,0]
2 TCP 192.168.1.7:53183 <-> 23.246.3.140:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][502 pkts/40335 bytes <-> 805 pkts/1202445 bytes][Goodput ratio: 17/96][53.10 sec][Host: 23.246.3.140][bytes ratio: -0.935 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 117/55 5026/5044 455/248][Pkt Len c2s/s2c min/avg/max/stddev: 60/74 80/1494 581/1514 81/140][URL: 23.246.3.140/?o=AQEfKq2oMrLRiWL-p-VeIZ6WKRq-X6LMvaLqgxWBCuFbh09MpreORUUOO5Tx1683HPnLY6BPjN_9mlDuYihGZoXu9u0ozH8RFioBN_JDNiRscidjvoSdWmlyZgPNansW0lkBr4X81HvloOi8BS_exVSPhMyJQTB5bg&v=3&e=1484347850&t=-8u4vlcPuFqcOLnLyb9DDtK-bB4][StatusCode: 206][User-Agent: AppleCoreMedia/1.0.0.14C92 (iPhone; U; CPU OS 10_2 like Mac OS X; en_us)][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (oMrLRiWL)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,92,0]
3 TCP 192.168.1.7:53210 <-> 23.246.11.133:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][293 pkts/23170 bytes <-> 495 pkts/736113 bytes][Goodput ratio: 16/96][46.97 sec][Host: 23.246.11.133][bytes ratio: -0.939 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 194/107 26359/26393 1829/1321][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 79/1487 582/1514 79/167][URL: 23.246.11.133/?o=AQEfKq2oMrLRiWL1ouVaJpeQLBWjGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_7lHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=JfEef80K02ynIjLLoi-HZB1uQ10][StatusCode: 206][User-Agent: AppleCoreMedia/1.0.0.14C92 (iPhone; U; CPU OS 10_2 like Mac OS X; en_us)][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (oMrLRiWL1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,95,0]
4 TCP 192.168.1.7:53153 <-> 184.25.204.24:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][147 pkts/11558 bytes <-> 490 pkts/734346 bytes][Goodput ratio: 2/96][59.61 sec][Host: tp.akam.nflximg.com][bytes ratio: -0.969 (Download)][IAT c2s/s2c min/avg/max/stddev: 2/0 418/45 30607/2159 2956/164][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 79/1499 282/1514 21/140][URL: tp.akam.nflximg.com/tpa3/616/2041779616.bif][StatusCode: 200][Content-Type: text/plain][User-Agent: Argo/900 CFNetwork/808.2.16 Darwin/16.3.0][PLAIN TEXT (GET /tpa3/616/2041779616.bif HT)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,98,0]
5 TCP 192.168.1.7:53141 <-> 104.86.97.179:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][83 pkts/7225 bytes <-> 147 pkts/202723 bytes][Goodput ratio: 20/95][73.78 sec][ALPN: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: -0.931 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1184/604 69170/69192 8780/6263][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 87/1379 293/1514 39/401][TLSv1.2][Client: art-s.nflximg.net][JA3C: c07cb55f88702033a8f52c046d23e0b2][ServerNames: secure.cdn.nflximg.net,*.nflxext.com,*.nflxvideo.net,*.nflxsearch.net,*.nrd.nflximg.net,*.nflximg.net][JA3S: ef6b224ce027c8e21e5a25d8a58255a3][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=Los Gatos, O=Netflix, Inc., OU=Content Delivery Operations, CN=secure.cdn.nflximg.net][Certificate SHA-1: 0D:EF:D1:E6:29:11:1A:A5:88:B3:2F:04:65:D6:D7:AD:84:A2:52:26][Validity: 2016-04-06 00:00:00 - 2017-04-05 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 1,4,6,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,82,0]
6 TCP 192.168.1.7:53184 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][75 pkts/6610 bytes <-> 103 pkts/150772 bytes][Goodput ratio: 23/95][6.10 sec][Host: 23.246.11.141][bytes ratio: -0.916 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/5 90/58 504/714 130/109][Pkt Len c2s/s2c min/avg/max/stddev: 60/74 88/1464 582/1514 100/228][URL: 23.246.11.141/?o=AQEfKq2oMrLRiWL2puNQJJqTIRqhGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_vlHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=TnP59JB1wb5UTOCr0m-KQU2kGPo][StatusCode: 206][User-Agent: AppleCoreMedia/1.0.0.14C92 (iPhone; U; CPU OS 10_2 like Mac OS X; en_us)][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (oMrLRiWL2)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,93,0]
7 TCP 192.168.1.7:53149 <-> 184.25.204.25:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][40 pkts/3413 bytes <-> 86 pkts/125190 bytes][Goodput ratio: 7/95][34.92 sec][Host: art-2.nflximg.net][bytes ratio: -0.947 (Download)][IAT c2s/s2c min/avg/max/stddev: 6/12 1101/41 30978/402 5647/66][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 85/1456 311/1514 38/274][URL: art-2.nflximg.net/5758c/bb636e44b87ef854c331ed7b7b6e157e4945758c.jpg][StatusCode: 200][Content-Type: image/jpeg][User-Agent: Argo/9.1.0 (iPhone; iOS 10.2; Scale/2.00)][PLAIN TEXT (GET /5758)][Plen Bins: 0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,97,0]
8 TCP 192.168.1.7:53116 <-> 52.32.196.36:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][75 pkts/31024 bytes <-> 73 pkts/42930 bytes][Goodput ratio: 84/89][47.10 sec][ALPN: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: -0.161 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 744/738 30450/30505 3962/4075][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 414/588 1514/1514 553/594][TLSv1.2][Client: api-global.netflix.com][JA3C: c07cb55f88702033a8f52c046d23e0b2][ServerNames: api-latam.netflix.com,htmltvui.netflix.com,api-eu.netflix.com,uiboot.netflix.com,api-global.netflix.com,api-user.netflix.com,api-us.netflix.com,api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=api.netflix.com][Certificate SHA-1: FC:5B:F6:86:AE:E5:22:0D:60:0C:C3:DF:8F:02:80:3F:A3:60:0E:3C][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 2,17,2,1,1,2,3,1,1,1,0,1,0,0,1,1,3,0,1,1,1,3,0,1,0,2,1,1,0,0,2,2,1,1,0,0,1,0,0,0,0,0,0,3,0,32,0]
9 TCP 192.168.1.7:53193 <-> 54.191.17.51:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][46 pkts/50218 bytes <-> 25 pkts/7943 bytes][Goodput ratio: 94/78][53.21 sec][bytes ratio: 0.727 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1378/2893 51181/51242 8188/11726][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 1092/318 1514/1514 615/491][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: ios.nccp.netflix.com][JA3C: dc67ac8aaf8d7f69ecd6598135448f24][ServerNames: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: CN=Primary Certificate Authority (2009), ST=California, C=US, O=Netflix Inc, OU=Electronic Delivery, L=Los Gatos][Subject: CN=*.nccp.netflix.com, O=Netflix, Inc., OU=Operations, C=US, ST=California, L=Los Gatos][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Validity: 2001-01-17 20:32:09 - 2018-03-24 20:32:09][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,10,0,2,0,0,0,0,4,0,0,0,0,0,0,2,2,0,2,0,0,0,0,0,0,0,0,0,0,0,2,2,0,2,0,0,0,0,0,0,0,0,0,0,0,70,0]
10 TCP 192.168.1.7:53164 <-> 23.246.10.139:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][24 pkts/2040 bytes <-> 34 pkts/45136 bytes][Goodput ratio: 17/95][1.88 sec][bytes ratio: -0.914 (Download)][IAT c2s/s2c min/avg/max/stddev: 2/0 77/62 638/579 155/122][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 85/1328 422/1514 71/457][URL: 23.246.10.139/range/0-65535?o=AQEfKq2oMrLRiWL-p-VeIZ6WKRq-X6LMvaLqgxWBCuFbh09MpreORUUOO5Tx1683HPnLY6BPjN_9mlDuYihGZoXu9u0ozH8RFioBN_JDNiRscidjvoSdWmlyZgPNansW0lkBr4X81HvloOi8BS_exVSPhMyJQTB5bg&v=3&e=1484347850&t=-djGXIcbFBNzyfugqEWcrgtCpyY&random=34073607][StatusCode: 200][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (GET /range/0)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,90,0]
11 TCP 192.168.1.7:53171 <-> 23.246.3.140:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][21 pkts/1868 bytes <-> 34 pkts/45139 bytes][Goodput ratio: 19/95][2.09 sec][bytes ratio: -0.921 (Download)][IAT c2s/s2c min/avg/max/stddev: 5/2 70/47 708/633 171/121][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 89/1328 420/1514 75/457][URL: 23.246.3.140/range/0-65535?o=AQEfKq2oMrLRiWL-p-VeIZ6WKRq-X6LMvaLqgxWBCuFbh09MpreORUUOO5Tx1683HPnLY6BPjN_9mlDuYihGZoXu9u0ozH8RFioBN_JDNiRscidjvoSdWmlyZgPNansW0lkBr4X81HvloOi8BS_exVSPhMyJQTB5bg&v=3&e=1484347850&t=-8u4vlcPuFqcOLnLyb9DDtK-bB4&random=357509657][StatusCode: 200][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (GET /range/0)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,90,0]
12 TCP 192.168.1.7:53148 <-> 184.25.204.25:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][31 pkts/2893 bytes <-> 32 pkts/44112 bytes][Goodput ratio: 17/95][42.46 sec][Host: art-2.nflximg.net][bytes ratio: -0.877 (Download)][IAT c2s/s2c min/avg/max/stddev: 11/0 425/43 3643/161 850/35][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 93/1378 312/1514 59/421][URL: art-2.nflximg.net/af7a5/362643424e775d0393ddb46e145c2375367af7a5.webp][StatusCode: 200][Content-Type: image/webp][User-Agent: Argo/9.1.0 (iPhone; iOS 10.2; Scale/2.00)][PLAIN TEXT (GET /af)][Plen Bins: 0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,93,0]
13 TCP 192.168.1.7:53163 <-> 23.246.11.145:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][21 pkts/1826 bytes <-> 32 pkts/43179 bytes][Goodput ratio: 19/95][1.58 sec][bytes ratio: -0.919 (Download)][IAT c2s/s2c min/avg/max/stddev: 3/4 53/52 354/582 87/111][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 87/1349 422/1514 75/443][URL: 23.246.11.145/range/0-65535?o=AQEfKq2oMrLRiWL-p-VeIZ6WKRq-X6LMvaLqgxWBCuFbh09MpreORUUOO5Tx1683HPnLY6BPjN_9mlDuYihGZoXu9u0ozH8RFioBN_JDNiRscidjvoSdWmlyZgPNansW0lkBr4X81HvloOi8BS_exVSPhMyJQTB5bg&v=3&e=1484347850&t=5xfYVtna3GdYXL71uNs6DZ-X84Y&random=39307082][StatusCode: 200][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (GET /range/0)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,93,0]
14 TCP 192.168.1.7:53133 <-> 52.89.39.139:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][30 pkts/6328 bytes <-> 39 pkts/37610 bytes][Goodput ratio: 69/93][38.50 sec][bytes ratio: -0.712 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1640/1232 30390/30443 6288/5475][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 211/964 1514/1514 376/637][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: api-global.netflix.com][JA3C: 7e72698146290dd68239f788a452e7d8][ServerNames: api-latam.netflix.com,htmltvui.netflix.com,api-eu.netflix.com,uiboot.netflix.com,api-global.netflix.com,api-user.netflix.com,api-us.netflix.com,api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=api.netflix.com][Certificate SHA-1: FC:5B:F6:86:AE:E5:22:0D:60:0C:C3:DF:8F:02:80:3F:A3:60:0E:3C][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 5,5,5,0,2,2,5,0,0,0,0,0,0,0,2,2,0,0,0,2,0,2,0,0,0,0,0,0,0,2,5,0,0,0,0,0,0,0,0,0,0,0,2,0,0,55,0]
15 TCP 192.168.1.7:53252 <-> 184.25.204.10:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][12 pkts/1221 bytes <-> 29 pkts/41018 bytes][Goodput ratio: 20/95][1.39 sec][Host: art-1.nflximg.net][bytes ratio: -0.942 (Download)][IAT c2s/s2c min/avg/max/stddev: 11/0 28/35 45/81 10/18][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 102/1414 311/1514 64/366][URL: art-1.nflximg.net/8b1fa/eaa1b78cd72ca4dbdcab527691d2fcab37c8b1fa.jpg][StatusCode: 200][Content-Type: image/jpeg][User-Agent: Argo/9.1.0 (iPhone; iOS 10.2; Scale/2.00)][PLAIN TEXT (GET /8b)][Plen Bins: 0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,96,0]
16 TCP 192.168.1.7:53179 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][31 pkts/2596 bytes <-> 29 pkts/37544 bytes][Goodput ratio: 14/95][7.33 sec][bytes ratio: -0.871 (Download)][IAT c2s/s2c min/avg/max/stddev: 2/0 267/77 1392/465 372/115][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 84/1295 424/1514 63/489][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJJiXLBugGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThpPflHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=JqTg0NiANIn4-aRwn3uKtWdoQ7M&random=114897][StatusCode: 200][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (czGET /range/0)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,88,0]
17 TCP 192.168.1.7:53251 <-> 184.25.204.10:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][16 pkts/1558 bytes <-> 25 pkts/33413 bytes][Goodput ratio: 31/95][2.07 sec][Host: art-1.nflximg.net][bytes ratio: -0.911 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 166/94 1389/1416 394/300][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 97/1337 311/1514 81/428][URL: art-1.nflximg.net/4e36d/6289889020d6cc6dfb3038c35564a41e1ca4e36d.jpg][StatusCode: 200][Content-Type: image/jpeg][User-Agent: Argo/9.1.0 (iPhone; iOS 10.2; Scale/2.00)][PLAIN TEXT (GET /4e)][Plen Bins: 0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,4,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,84,0]
18 TCP 192.168.1.7:53151 <-> 54.201.191.132:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][15 pkts/3626 bytes <-> 26 pkts/29544 bytes][Goodput ratio: 72/94][31.31 sec][Host: appboot.netflix.com][bytes ratio: -0.781 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3092/21 30728/135 9212/28][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 242/1136 1514/1514 405/584][URL: appboot.netflix.com/appboot/NFAPPL-02-][StatusCode: 0][User-Agent: Argo/900 CFNetwork/808.2.16 Darwin/16.3.0][PLAIN TEXT (POST /appboot/NFAPPL)][Plen Bins: 0,0,0,0,0,0,0,0,0,4,4,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,4,0,0,0,4,0,0,0,0,0,0,0,4,0,0,0,0,0,0,75,0]
19 TCP 192.168.1.7:53182 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][33 pkts/2732 bytes <-> 25 pkts/30064 bytes][Goodput ratio: 13/94][7.16 sec][bytes ratio: -0.833 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 254/199 1162/1131 295/282][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 83/1203 424/1514 61/564][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJZ2VKhqgGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzTho_flHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=LQ7LyXSnZaXKEHAHaRRHk-S7dKE&random=420981][StatusCode: 200][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (GET /range/0)][Plen Bins: 4,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,82,0]
20 TCP 192.168.1.7:53173 <-> 23.246.11.133:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][24 pkts/2041 bytes <-> 25 pkts/30064 bytes][Goodput ratio: 17/94][5.93 sec][bytes ratio: -0.873 (Download)][IAT c2s/s2c min/avg/max/stddev: 4/4 245/165 985/775 248/180][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 85/1203 423/1514 71/564][URL: 23.246.11.133/range/0-65535?o=AQEfKq2oMrLRiWL1ouVaJZ2bLBChGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_ngHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=SixKQmLLJNvShj-pfML-2h4QaqQ&random=727666][StatusCode: 200][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (GET /range/0)][Plen Bins: 4,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,82,0]
21 TCP 192.168.1.7:53175 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][31 pkts/2571 bytes <-> 22 pkts/28042 bytes][Goodput ratio: 14/95][7.15 sec][bytes ratio: -0.832 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/4 265/326 1355/1382 337/387][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 83/1275 423/1514 62/517][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJJ2TLhuiGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThpP7lHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=Dh278u2UpApOCGUj5RxV8azNWX8&random=323765][StatusCode: 200][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (GET /range/0)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,90,0]
22 TCP 192.168.1.7:53239 <-> 52.41.30.5:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][22 pkts/6384 bytes <-> 26 pkts/23277 bytes][Goodput ratio: 77/93][1.73 sec][ALPN: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: -0.570 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 48/42 437/291 101/61][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 290/895 1514/1514 442/626][TLSv1.2][Client: api-global.netflix.com][JA3C: d8bfad189bd26664e04570c104ee8418][ServerNames: api-latam.netflix.com,htmltvui.netflix.com,api-eu.netflix.com,uiboot.netflix.com,api-global.netflix.com,api-user.netflix.com,api-us.netflix.com,api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=api.netflix.com][Certificate SHA-1: FC:5B:F6:86:AE:E5:22:0D:60:0C:C3:DF:8F:02:80:3F:A3:60:0E:3C][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 3,10,3,0,0,0,3,0,0,0,0,0,3,6,0,0,3,0,0,3,0,3,0,3,0,0,0,0,0,0,3,0,3,0,0,0,0,0,0,0,0,0,0,3,0,44,0]
23 TCP 192.168.1.7:53177 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][32 pkts/2572 bytes <-> 23 pkts/26661 bytes][Goodput ratio: 14/94][7.05 sec][bytes ratio: -0.824 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 248/271 635/1046 213/317][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 80/1159 426/1514 62/603][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQIpyTIBGjGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_biCFrUjHWqh5ipQCtzf4OVWQ&v=3&e=1484347850&t=8Z78vL2i9OzihCA3M1LinMYcMY4&random=2386][StatusCode: 200][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (fGET /range/0)][Plen Bins: 0,5,0,0,0,0,0,0,0,0,0,5,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,80,0]
24 TCP 192.168.1.7:53176 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][36 pkts/3030 bytes <-> 21 pkts/25455 bytes][Goodput ratio: 12/95][8.05 sec][bytes ratio: -0.787 (Download)][IAT c2s/s2c min/avg/max/stddev: 5/4 258/237 1250/1203 331/381][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 84/1212 424/1514 58/551][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJJqTIRqhGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_vlHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=TnP59JB1wb5UTOCr0m-KQU2kGPo&random=413473][StatusCode: 200][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (GET /range/0)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,84,0]
25 TCP 192.168.1.7:53180 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][34 pkts/2864 bytes <-> 21 pkts/25456 bytes][Goodput ratio: 13/95][5.76 sec][bytes ratio: -0.798 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 168/223 1162/1317 246/337][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 84/1212 426/1514 60/551][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJ5yTLBCkGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_3mCFrUjHWqh5ipQCtzf4OVWQ&v=3&e=1484347850&t=r5jtnnEcR8hDCkPImfEiWqWAjKk&random=1846][StatusCode: 200][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (GET /range/0)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,84,0]
26 TCP 192.168.1.7:53178 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][30 pkts/2553 bytes <-> 22 pkts/25510 bytes][Goodput ratio: 14/94][7.56 sec][bytes ratio: -0.818 (Download)][IAT c2s/s2c min/avg/max/stddev: 3/4 298/146 1317/530 354/131][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 85/1160 423/1514 63/590][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJJmULRajGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThpfblHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=zezrDJDQvgO2TiYC1dT3imH4QC8&random=169467][StatusCode: 200][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (GET /range/0)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,84,0]
27 TCP 192.168.1.7:53203 <-> 52.37.36.252:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][28 pkts/22704 bytes <-> 17 pkts/5248 bytes][Goodput ratio: 92/78][32.21 sec][ALPN: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: 0.624 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 48/84 332/331 94/95][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 811/309 1514/1514 700/493][TLSv1.2][Client: ichnaea.netflix.com][JA3C: c07cb55f88702033a8f52c046d23e0b2][ServerNames: ichnaea.netflix.com,beacon.netflix.com,presentationtracking.netflix.com,nmtracking.netflix.com,customerevents.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=customerevents.netflix.com][Certificate SHA-1: 50:D6:DB:AF:1D:A3:83:52:E6:0E:15:8F:98:78:EE:2F:23:FD:E2:3F][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 8,8,4,0,0,4,0,4,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,60,0]
28 TCP 192.168.1.7:53249 <-> 52.41.30.5:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][25 pkts/5934 bytes <-> 27 pkts/19952 bytes][Goodput ratio: 72/91][0.86 sec][bytes ratio: -0.542 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 31/33 266/316 64/70][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 237/739 1514/1514 407/542][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: api-global.netflix.com][JA3C: 7e72698146290dd68239f788a452e7d8][JA3S: 303951d4c50efb2e991652225a6f02b1][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 3,3,0,0,3,3,3,0,0,0,0,3,0,3,3,7,0,0,7,7,3,3,0,3,0,0,0,0,0,3,0,0,0,0,0,0,0,0,3,0,0,3,0,0,0,28,0]
29 TCP 192.168.1.7:53174 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][35 pkts/2920 bytes <-> 19 pkts/22428 bytes][Goodput ratio: 12/94][7.38 sec][bytes ratio: -0.770 (Download)][IAT c2s/s2c min/avg/max/stddev: 5/0 222/250 636/1132 227/337][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 83/1180 424/1514 59/570][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQJpmQIRekGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThrvnlHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=mQfOf90-RY2Gd2ii20KJpCcYQVk&random=134564][StatusCode: 200][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (GET /range/0)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,82,0]
30 TCP 192.168.1.7:53181 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][34 pkts/2879 bytes <-> 20 pkts/22373 bytes][Goodput ratio: 12/94][8.26 sec][bytes ratio: -0.772 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 238/289 1152/1208 301/406][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 85/1119 425/1514 60/614][URL: 23.246.11.141/range/0-65535?o=AQEfKq2oMrLRiWL2puNQLJ2TIBepGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThpPbiCFrUjHWqh5ipQCtzf4OVWQ&v=3&e=1484347850&t=tTXu3c6FnJtfi6z0IJp3hw8eDv8&random=1294][StatusCode: 200][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (GET /range/0)][Plen Bins: 0,0,0,0,0,0,0,0,5,0,0,5,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,82,0]
31 TCP 192.168.1.7:53172 <-> 23.246.11.133:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][30 pkts/2610 bytes <-> 20 pkts/22422 bytes][Goodput ratio: 14/94][7.09 sec][bytes ratio: -0.791 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 255/290 811/1178 267/325][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 87/1121 424/1514 63/611][URL: 23.246.11.133/range/0-65535?o=AQEfKq2oMrLRiWL1ouVaJpeQLBWjGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_7lHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=JfEef80K02ynIjLLoi-HZB1uQ10&random=247333][StatusCode: 200][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (GET /range/0)][Plen Bins: 0,0,0,0,0,0,0,0,0,5,0,5,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,82,0]
32 TCP 192.168.1.7:53202 <-> 54.191.17.51:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][22 pkts/10686 bytes <-> 16 pkts/7850 bytes][Goodput ratio: 86/86][0.92 sec][bytes ratio: 0.153 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 46/54 282/127 72/35][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 486/491 1514/1514 603/610][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: ios.nccp.netflix.com][JA3C: dc67ac8aaf8d7f69ecd6598135448f24][ServerNames: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: CN=Primary Certificate Authority (2009), ST=California, C=US, O=Netflix Inc, OU=Electronic Delivery, L=Los Gatos][Subject: CN=*.nccp.netflix.com, O=Netflix, Inc., OU=Operations, C=US, ST=California, L=Los Gatos][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Validity: 2001-01-17 20:32:09 - 2018-03-24 20:32:09][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 10,15,0,5,0,0,0,0,0,0,5,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,5,0,0,0,5,0,0,0,0,0,0,5,36,0]
33 TCP 192.168.1.7:53152 <-> 52.89.39.139:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][14 pkts/10001 bytes <-> 13 pkts/6504 bytes][Goodput ratio: 91/87][31.72 sec][Host: api-global.netflix.com][bytes ratio: 0.212 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/5 2877/42 31088/123 8921/33][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 714/500 1514/1514 676/651][URL: api-global.netflix.com/msl/nrdjs/2.1.2][StatusCode: 0][User-Agent: Argo/900 CFNetwork/808.2.16 Darwin/16.3.0][PLAIN TEXT (POST /msl/nrdjs/2.1.2 HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9,0,0,0,9,0,0,0,0,72,0]
34 TCP 192.168.1.7:53162 <-> 54.191.17.51:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][18 pkts/5661 bytes <-> 13 pkts/9059 bytes][Goodput ratio: 79/90][1.01 sec][bytes ratio: -0.231 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 65/96 322/423 89/121][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 314/697 1514/1514 477/667][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: ios.nccp.netflix.com][JA3C: dc67ac8aaf8d7f69ecd6598135448f24][ServerNames: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: CN=Primary Certificate Authority (2009), ST=California, C=US, O=Netflix Inc, OU=Electronic Delivery, L=Los Gatos][Subject: CN=*.nccp.netflix.com, O=Netflix, Inc., OU=Operations, C=US, ST=California, L=Los Gatos][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Validity: 2001-01-17 20:32:09 - 2018-03-24 20:32:09][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 13,13,0,6,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,6,0,0,0,6,0,0,0,0,6,0,0,33,0]
35 TCP 192.168.1.7:53132 <-> 52.89.39.139:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][22 pkts/6028 bytes <-> 18 pkts/7459 bytes][Goodput ratio: 76/84][38.49 sec][bytes ratio: -0.106 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2129/2946 30585/30636 7105/8237][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 274/414 1514/1514 437/546][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: api-global.netflix.com][JA3C: 7e72698146290dd68239f788a452e7d8][ServerNames: api-latam.netflix.com,htmltvui.netflix.com,api-eu.netflix.com,uiboot.netflix.com,api-global.netflix.com,api-user.netflix.com,api-us.netflix.com,api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=api.netflix.com][Certificate SHA-1: FC:5B:F6:86:AE:E5:22:0D:60:0C:C3:DF:8F:02:80:3F:A3:60:0E:3C][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 10,21,5,0,5,0,10,0,0,0,0,0,0,5,0,0,0,0,0,5,0,0,0,5,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,26,0]
36 TCP 192.168.1.7:53150 <-> 184.25.204.25:80 [proto: 7.133/HTTP.NetFlix][cat: Video/26][10 pkts/941 bytes <-> 11 pkts/12318 bytes][Goodput ratio: 26/94][32.06 sec][Host: art-2.nflximg.net][bytes ratio: -0.858 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 4565/34 30963/63 10780/17][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 94/1120 311/1514 72/644][URL: art-2.nflximg.net/87b33/bed1223a0040fdc97bac4e906332e462c6e87b33.jpg][StatusCode: 200][Content-Type: image/jpeg][User-Agent: Argo/9.1.0 (iPhone; iOS 10.2; Scale/2.00)][PLAIN TEXT (GET /87)][Plen Bins: 0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,88,0]
37 TCP 192.168.1.7:53119 <-> 54.69.204.241:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][20 pkts/7639 bytes <-> 16 pkts/5235 bytes][Goodput ratio: 83/80][30.85 sec][ALPN: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: 0.187 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1923/16 30431/72 7361/24][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 382/327 1514/1514 559/501][TLSv1.2][Client: ichnaea.netflix.com][JA3C: c07cb55f88702033a8f52c046d23e0b2][ServerNames: ichnaea.netflix.com,beacon.netflix.com,presentationtracking.netflix.com,nmtracking.netflix.com,customerevents.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=customerevents.netflix.com][Certificate SHA-1: 50:D6:DB:AF:1D:A3:83:52:E6:0E:15:8F:98:78:EE:2F:23:FD:E2:3F][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 11,23,5,0,0,5,0,5,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,29,0]
38 TCP 192.168.1.7:53118 <-> 54.69.204.241:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][19 pkts/7588 bytes <-> 15 pkts/5140 bytes][Goodput ratio: 83/81][30.38 sec][ALPN: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: 0.192 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2017/14 30033/55 7488/20][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 399/343 1514/1514 569/514][TLSv1.2][Client: ichnaea.netflix.com][JA3C: c07cb55f88702033a8f52c046d23e0b2][ServerNames: ichnaea.netflix.com,beacon.netflix.com,presentationtracking.netflix.com,nmtracking.netflix.com,customerevents.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=customerevents.netflix.com][Certificate SHA-1: 50:D6:DB:AF:1D:A3:83:52:E6:0E:15:8F:98:78:EE:2F:23:FD:E2:3F][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 12,18,6,0,0,6,0,6,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,31,0]
39 TCP 192.168.1.7:53238 <-> 52.32.22.214:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][17 pkts/5528 bytes <-> 14 pkts/5406 bytes][Goodput ratio: 80/83][3.15 sec][bytes ratio: 0.011 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 218/303 2449/2522 645/743][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 325/386 1514/1514 478/534][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: ios.nccp.netflix.com][JA3C: dc67ac8aaf8d7f69ecd6598135448f24][ServerNames: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: CN=Primary Certificate Authority (2009), ST=California, C=US, O=Netflix Inc, OU=Electronic Delivery, L=Los Gatos][Subject: CN=*.nccp.netflix.com, O=Netflix, Inc., OU=Operations, C=US, ST=California, L=Los Gatos][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Validity: 2001-01-17 20:32:09 - 2018-03-24 20:32:09][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 13,20,6,6,0,0,0,6,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,6,0,0,0,0,0,0,6,0,0,0,0,20,0]
40 TCP 192.168.1.7:53248 <-> 52.32.22.214:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][12 pkts/5165 bytes <-> 10 pkts/5074 bytes][Goodput ratio: 84/87][0.34 sec][bytes ratio: 0.009 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 31/31 85/65 31/27][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 430/507 1514/1514 533/591][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: ios.nccp.netflix.com][JA3C: dc67ac8aaf8d7f69ecd6598135448f24][ServerNames: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: CN=Primary Certificate Authority (2009), ST=California, C=US, O=Netflix Inc, OU=Electronic Delivery, L=Los Gatos][Subject: CN=*.nccp.netflix.com, O=Netflix, Inc., OU=Operations, C=US, ST=California, L=Los Gatos][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Validity: 2001-01-17 20:32:09 - 2018-03-24 20:32:09][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,25,0,8,0,0,0,0,8,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,8,0,0,0,0,0,8,0,0,0,0,0,25,0]
41 TCP 192.168.1.7:53105 <-> 54.69.204.241:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][21 pkts/3051 bytes <-> 16 pkts/6234 bytes][Goodput ratio: 55/83][31.02 sec][ALPN: spdy/3.1;spdy/3;http/1.1][bytes ratio: -0.343 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1820/45 30348/363 7132/103][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 145/390 422/1514 132/520][TLSv1.2][Client: ichnaea.netflix.com][JA3C: c07cb55f88702033a8f52c046d23e0b2][ServerNames: ichnaea.netflix.com,beacon.netflix.com,presentationtracking.netflix.com,nmtracking.netflix.com,customerevents.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=customerevents.netflix.com][Certificate SHA-1: 50:D6:DB:AF:1D:A3:83:52:E6:0E:15:8F:98:78:EE:2F:23:FD:E2:3F][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 11,27,5,0,0,5,5,0,0,11,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0]
42 TCP 192.168.1.7:53114 <-> 54.191.17.51:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][14 pkts/3109 bytes <-> 11 pkts/5119 bytes][Goodput ratio: 70/86][0.32 sec][bytes ratio: -0.244 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 24/22 72/63 26/25][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 222/465 1514/1514 382/579][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: ios.nccp.netflix.com][JA3C: dc67ac8aaf8d7f69ecd6598135448f24][ServerNames: *.nccp.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: CN=Primary Certificate Authority (2009), ST=California, C=US, O=Netflix Inc, OU=Electronic Delivery, L=Los Gatos][Subject: CN=*.nccp.netflix.com, O=Netflix, Inc., OU=Operations, C=US, ST=California, L=Los Gatos][Certificate SHA-1: 97:F6:63:95:8F:F2:5E:E0:80:12:5A:FD:BF:B2:EB:FE:A2:FE:72:33][Validity: 2001-01-17 20:32:09 - 2018-03-24 20:32:09][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 16,25,0,8,0,0,0,0,8,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,25,0]
43 TCP 192.168.1.7:53134 <-> 52.89.39.139:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][14 pkts/3548 bytes <-> 11 pkts/4653 bytes][Goodput ratio: 74/84][30.77 sec][bytes ratio: -0.135 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 29/22 143/79 43/29][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 253/423 1514/1514 422/512][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: api-global.netflix.com][JA3C: 7e72698146290dd68239f788a452e7d8][JA3S: 303951d4c50efb2e991652225a6f02b1][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 18,9,0,0,9,0,9,0,0,0,0,0,9,0,0,0,0,0,9,0,0,0,0,0,0,0,0,0,9,0,0,0,0,0,0,0,0,0,0,9,0,0,0,0,0,18,0]
44 TCP 192.168.1.7:53115 <-> 52.32.196.36:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][16 pkts/1657 bytes <-> 12 pkts/5005 bytes][Goodput ratio: 36/84][30.93 sec][ALPN: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: -0.503 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2373/20 30602/58 8149/26][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 104/417 309/1514 78/548][TLSv1.2][Client: api-global.netflix.com][JA3C: c07cb55f88702033a8f52c046d23e0b2][ServerNames: api-latam.netflix.com,htmltvui.netflix.com,api-eu.netflix.com,uiboot.netflix.com,api-global.netflix.com,api-user.netflix.com,api-us.netflix.com,api.netflix.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=los gatos, O=Netflix, Inc., OU=Ops, CN=api.netflix.com][Certificate SHA-1: FC:5B:F6:86:AE:E5:22:0D:60:0C:C3:DF:8F:02:80:3F:A3:60:0E:3C][Validity: 2016-04-12 00:00:00 - 2018-04-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 15,23,15,0,0,0,7,15,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,15,0]
45 TCP 192.168.1.7:53250 <-> 52.41.30.5:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][10 pkts/2830 bytes <-> 7 pkts/2484 bytes][Goodput ratio: 76/81][0.21 sec][bytes ratio: 0.065 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 26/20 92/54 34/22][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 283/355 1450/1066 419/413][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: api-global.netflix.com][JA3C: 7e72698146290dd68239f788a452e7d8][JA3S: 303951d4c50efb2e991652225a6f02b1][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 12,12,0,0,12,0,12,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,12,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0]
46 TCP 192.168.1.7:53117 <-> 52.32.196.36:443 [proto: 91.133/TLS.NetFlix][cat: Video/26][12 pkts/1294 bytes <-> 8 pkts/1723 bytes][Goodput ratio: 39/69][30.71 sec][bytes ratio: -0.142 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 3064/6120 30486/30536 9141/12208][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 108/215 309/989 83/296][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: api-global.netflix.com][JA3C: 7e72698146290dd68239f788a452e7d8][JA3S: 303951d4c50efb2e991652225a6f02b1][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 25,12,12,0,12,0,12,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
47 UDP 192.168.1.7:53776 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][16 pkts/2648 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][79.13 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 105/0 4588/0 14907/0 6547/0][Pkt Len c2s/s2c min/avg/max/stddev: 164/0 166/0 167/0 2/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
48 UDP 192.168.1.7:51543 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][2 pkts/160 bytes <-> 2 pkts/646 bytes][Goodput ratio: 47/87][0.02 sec][Host: ios.nccp.netflix.com][54.191.17.51][PLAIN TEXT (netflix)][Plen Bins: 0,50,0,0,0,0,0,25,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
49 UDP 192.168.1.7:51622 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][2 pkts/160 bytes <-> 2 pkts/646 bytes][Goodput ratio: 47/87][0.04 sec][Host: ios.nccp.netflix.com][52.32.22.214][PLAIN TEXT (netflix)][Plen Bins: 0,50,0,0,0,0,0,25,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
50 UDP 192.168.1.7:52347 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/80 bytes <-> 1 pkts/371 bytes][Goodput ratio: 47/88][0.04 sec][Host: ios.nccp.netflix.com][2620:108:700f::3428:72a3][PLAIN TEXT (netflix)][Plen Bins: 0,50,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
51 UDP 192.168.1.7:60962 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/83 bytes <-> 1 pkts/248 bytes][Goodput ratio: 49/83][0.02 sec][Host: ichnaea.geo.netflix.com][52.37.36.252][PLAIN TEXT (ichnaea)][Plen Bins: 0,50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
52 UDP 192.168.1.7:51949 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/97 bytes <-> 1 pkts/225 bytes][Goodput ratio: 56/81][0.02 sec][Host: api-global.latency.prodaa.netflix.com][52.89.39.139][PLAIN TEXT (global)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
53 UDP 192.168.1.7:52095 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/97 bytes <-> 1 pkts/225 bytes][Goodput ratio: 56/81][0.03 sec][Host: api-global.latency.prodaa.netflix.com][52.41.30.5][PLAIN TEXT (global)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
54 UDP 192.168.1.7:52116 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/96 bytes <-> 1 pkts/224 bytes][Goodput ratio: 56/81][0.00 sec][Host: ichnaea.us-west-2.prodaa.netflix.com][54.69.204.241][PLAIN TEXT (ichnaea)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
55 UDP 192.168.1.7:58102 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/79 bytes <-> 1 pkts/192 bytes][Goodput ratio: 46/78][0.02 sec][Host: appboot.netflix.com][54.201.191.132][PLAIN TEXT (appboot)][Plen Bins: 0,50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
56 UDP 192.168.1.7:59180 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/84 bytes <-> 1 pkts/148 bytes][Goodput ratio: 49/71][0.01 sec][Host: artwork.akam.nflximg.net][184.25.204.25][PLAIN TEXT (artwork)][Plen Bins: 0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
57 UDP 192.168.1.7:57719 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][cat: Video/26][1 pkts/85 bytes <-> 1 pkts/137 bytes][Goodput ratio: 50/69][0.02 sec][Host: sha2.san.akam.nflximg.net][104.86.97.179][PLAIN TEXT (akamaiedge)][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
58 UDP 192.168.1.7:57093 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/81 bytes <-> 1 pkts/113 bytes][Goodput ratio: 48/62][0.02 sec][Host: a1907.dscg.akamai.net][184.25.204.10][PLAIN TEXT (akamai)][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
59 UDP 192.168.1.7:51728 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/80 bytes <-> 1 pkts/112 bytes][Goodput ratio: 47/62][0.02 sec][Host: a803.dscg.akamai.net][184.25.204.24][PLAIN TEXT (akamai)][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
60 TCP 192.168.1.7:52929 -> 52.24.87.6:443 [proto: 91.178/TLS.Amazon][cat: Web/5][2 pkts/126 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][14.20 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
61 IGMP 192.168.1.7:0 -> 239.255.255.250:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

2
tests/result/netflow-fritz.pcap.out
View file

@ -1,3 +1,3 @@
NetFlow 1 222 1
1 UDP 192.168.0.1:23384 -> 192.168.1.1:2055 [proto: 128/NetFlow][cat: Network/14][1 pkts/222 bytes -> 0 pkts/0 bytes][Goodput ratio: 81/0][< 1 sec]
1 UDP 192.168.0.1:23384 -> 192.168.1.1:2055 [proto: 128/NetFlow][cat: Network/14][1 pkts/222 bytes -> 0 pkts/0 bytes][Goodput ratio: 81/0][< 1 sec][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

2
tests/result/netflowv9.pcap.out
View file

@ -1,3 +1,3 @@
NetFlow 10 13888 1
1 UDP 192.168.2.134:48629 -> 192.168.2.222:2057 [proto: 128/NetFlow][cat: Network/14][10 pkts/13888 bytes -> 0 pkts/0 bytes][Goodput ratio: 97/0][0.00 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/0 0/0 0/0][Pkt Len c2s/s2c min/avg/max/stddev: 1362/0 1389/0 1418/0 23/0]
1 UDP 192.168.2.134:48629 -> 192.168.2.222:2057 [proto: 128/NetFlow][cat: Network/14][10 pkts/13888 bytes -> 0 pkts/0 bytes][Goodput ratio: 97/0][0.00 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/0 0/0 0/0][Pkt Len c2s/s2c min/avg/max/stddev: 1362/0 1389/0 1418/0 23/0][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,30,20,0,0,0]

42
tests/result/nintendo.pcap.out
View file

@ -7,24 +7,24 @@ JA3 Host Stats:
1 192.168.12.114 1
1 UDP 192.168.12.114:55915 <-> 185.118.169.65:27520 [proto: 173/Nintendo][cat: Game/8][169 pkts/61414 bytes <-> 278 pkts/126260 bytes][Goodput ratio: 88/91][5.90 sec][bytes ratio: -0.346 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 34/17 311/242 44/19][Pkt Len c2s/s2c min/avg/max/stddev: 102/102 363/454 886/886 191/118][PLAIN TEXT (pluHnq)]
2 UDP 192.168.12.114:55915 <-> 93.237.131.235:56066 [proto: 173/Nintendo][cat: Game/8][122 pkts/48332 bytes <-> 35 pkts/5026 bytes][Goodput ratio: 89/71][5.68 sec][bytes ratio: 0.812 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 45/77 607/506 66/117][Pkt Len c2s/s2c min/avg/max/stddev: 102/102 396/144 1254/886 210/128]
3 UDP 192.168.12.114:55915 <-> 81.61.158.138:51769 [proto: 173/Nintendo][cat: Game/8][122 pkts/46476 bytes <-> 38 pkts/5268 bytes][Goodput ratio: 89/70][5.49 sec][bytes ratio: 0.796 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 40/76 313/318 40/84][Pkt Len c2s/s2c min/avg/max/stddev: 102/102 381/139 886/886 193/124][PLAIN TEXT (FutwCa)]
4 TCP 54.187.10.185:443 <-> 192.168.12.114:48328 [proto: 91.178/TLS.Amazon][cat: Web/5][34 pkts/4466 bytes <-> 20 pkts/4021 bytes][Goodput ratio: 50/67][21.54 sec][bytes ratio: 0.052 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/4 728/1409 14019/13944 2636/3582][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 131/201 400/983 86/219]
5 TCP 192.168.12.114:41517 <-> 54.192.27.217:443 [proto: 91.173/TLS.Nintendo][cat: Game/8][11 pkts/2898 bytes <-> 10 pkts/4865 bytes][Goodput ratio: 75/86][0.56 sec][bytes ratio: -0.253 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 65/54 287/250 89/82][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 263/486 1414/1414 387/570][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com][JA3C: 200a99534ce50d35cf40cc3cce4c69b5][ServerNames: *.baas.nintendo.com,baas.nintendo.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 High Assurance Server CA][Subject: C=JP, ST=Kyoto, L=Minami-ku, O=Nintendo Co., Ltd., CN=*.baas.nintendo.com][Certificate SHA-1: 8A:0A:1D:D3:A8:96:7A:55:C5:75:B2:2B:3E:45:15:54:0A:B0:FC:94][Validity: 2015-08-12 00:00:00 - 2018-08-15 12:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
6 TCP 192.168.12.114:31329 <-> 54.192.27.8:443 [proto: 91.173/TLS.Nintendo][cat: Game/8][10 pkts/2833 bytes <-> 10 pkts/4866 bytes][Goodput ratio: 76/86][0.51 sec][bytes ratio: -0.264 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 57/47 243/198 76/65][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 283/487 1414/1414 401/570][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com][JA3C: 200a99534ce50d35cf40cc3cce4c69b5][ServerNames: *.baas.nintendo.com,baas.nintendo.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 High Assurance Server CA][Subject: C=JP, ST=Kyoto, L=Minami-ku, O=Nintendo Co., Ltd., CN=*.baas.nintendo.com][Certificate SHA-1: 8A:0A:1D:D3:A8:96:7A:55:C5:75:B2:2B:3E:45:15:54:0A:B0:FC:94][Validity: 2015-08-12 00:00:00 - 2018-08-15 12:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
7 UDP 192.168.12.114:52119 <-> 91.8.243.35:49432 [proto: 173/Nintendo][cat: Game/8][23 pkts/2682 bytes <-> 16 pkts/3408 bytes][Goodput ratio: 64/80][4.86 sec][bytes ratio: -0.119 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 232/89 514/507 225/142][Pkt Len c2s/s2c min/avg/max/stddev: 102/102 117/213 230/854 27/243]
8 UDP 192.168.12.114:52119 <-> 109.21.255.11:50251 [proto: 173/Nintendo][cat: Game/8][8 pkts/1024 bytes <-> 8 pkts/1024 bytes][Goodput ratio: 67/67][1.28 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 39/58 119/111 274/242 89/65][Pkt Len c2s/s2c min/avg/max/stddev: 102/102 128/128 198/198 41/41]
9 UDP 192.168.12.114:52119 <-> 134.3.248.25:56955 [proto: 173/Nintendo][cat: Game/8][8 pkts/1040 bytes <-> 7 pkts/922 bytes][Goodput ratio: 68/68][1.15 sec][bytes ratio: 0.060 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 9/17 108/127 288/286 109/90][Pkt Len c2s/s2c min/avg/max/stddev: 102/102 130/132 198/198 40/42]
10 ICMP 151.6.184.100:0 -> 192.168.12.114:0 [proto: 81/ICMP][cat: Network/14][21 pkts/1470 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][0.73 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 40/0 315/0 92/0][Pkt Len c2s/s2c min/avg/max/stddev: 70/0 70/0 70/0 0/0]
11 UDP 192.168.12.114:10184 <-> 192.168.12.1:53 [proto: 5.173/DNS.Nintendo][cat: Game/8][4 pkts/368 bytes <-> 4 pkts/400 bytes][Goodput ratio: 54/58][0.01 sec][Host: g2df33d01-lp1.p.srv.nintendo.net][52.10.205.177][bytes ratio: -0.042 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 4/4 4/4 5/5 0/0][Pkt Len c2s/s2c min/avg/max/stddev: 92/92 92/100 92/108 0/8][PLAIN TEXT (nintendo)]
12 UDP 192.168.12.114:52119 -> 52.10.205.177:34343 [proto: 178/Amazon][cat: Web/5][1 pkts/730 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec]
13 ICMP 151.6.184.98:0 -> 192.168.12.114:0 [proto: 81/ICMP][cat: Network/14][9 pkts/630 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][0.60 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 75/0 316/0 130/0][Pkt Len c2s/s2c min/avg/max/stddev: 70/0 70/0 70/0 0/0]
14 UDP 192.168.12.114:55915 <-> 35.158.74.61:10025 [proto: 178/Amazon][cat: Web/5][5 pkts/290 bytes <-> 5 pkts/290 bytes][Goodput ratio: 27/27][0.06 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1/1 4/3 2/1][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58/58 58/58 0/0]
15 UDP 192.168.12.114:18874 <-> 192.168.12.1:53 [proto: 5.173/DNS.Nintendo][cat: Game/8][1 pkts/110 bytes <-> 1 pkts/281 bytes][Goodput ratio: 61/85][0.03 sec][Host: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com][54.192.27.217][PLAIN TEXT (fb203858ebc)]
16 UDP 192.168.12.114:51035 <-> 192.168.12.1:53 [proto: 5.173/DNS.Nintendo][cat: Game/8][1 pkts/110 bytes <-> 1 pkts/281 bytes][Goodput ratio: 61/85][< 1 sec][Host: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com][54.192.27.8][PLAIN TEXT (fb203858ebc)]
17 UDP 192.168.12.114:52119 -> 35.158.74.61:33335 [proto: 173.178/Nintendo.Amazon][cat: Game/8][3 pkts/354 bytes -> 0 pkts/0 bytes][Goodput ratio: 64/0][0.00 sec]
18 UDP 192.168.12.114:55915 -> 35.158.74.61:33335 [proto: 178/Amazon][cat: Web/5][3 pkts/318 bytes -> 0 pkts/0 bytes][Goodput ratio: 60/0][0.00 sec][PLAIN TEXT (NATTestId)]
19 UDP 192.168.12.114:55915 -> 52.10.205.177:34343 [proto: 178/Amazon][cat: Web/5][1 pkts/298 bytes -> 0 pkts/0 bytes][Goodput ratio: 86/0][< 1 sec]
20 UDP 192.168.12.114:55915 -> 35.158.74.61:33334 [proto: 178/Amazon][cat: Web/5][5 pkts/290 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][0.00 sec]
21 TCP 192.168.12.114:11534 <-> 54.146.242.74:443 [proto: 91.178/TLS.Amazon][cat: Web/5][1 pkts/54 bytes <-> 1 pkts/54 bytes][Goodput ratio: 0/0][0.18 sec]
1 UDP 192.168.12.114:55915 <-> 185.118.169.65:27520 [proto: 173/Nintendo][cat: Game/8][169 pkts/61414 bytes <-> 278 pkts/126260 bytes][Goodput ratio: 88/91][5.90 sec][bytes ratio: -0.346 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 34/17 311/242 44/19][Pkt Len c2s/s2c min/avg/max/stddev: 102/102 363/454 886/886 191/118][PLAIN TEXT (pluHnq)][Plen Bins: 0,2,23,2,0,0,0,0,0,0,0,0,0,60,6,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 UDP 192.168.12.114:55915 <-> 93.237.131.235:56066 [proto: 173/Nintendo][cat: Game/8][122 pkts/48332 bytes <-> 35 pkts/5026 bytes][Goodput ratio: 89/71][5.68 sec][bytes ratio: 0.812 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 45/77 607/506 66/117][Pkt Len c2s/s2c min/avg/max/stddev: 102/102 396/144 1254/886 210/128][Plen Bins: 0,5,34,3,1,0,0,0,0,0,0,0,0,49,1,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0]
3 UDP 192.168.12.114:55915 <-> 81.61.158.138:51769 [proto: 173/Nintendo][cat: Game/8][122 pkts/46476 bytes <-> 38 pkts/5268 bytes][Goodput ratio: 89/70][5.49 sec][bytes ratio: 0.796 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 40/76 313/318 40/84][Pkt Len c2s/s2c min/avg/max/stddev: 102/102 381/139 886/886 193/124][PLAIN TEXT (FutwCa)][Plen Bins: 0,7,37,1,1,0,0,0,0,0,0,0,0,46,2,0,0,0,0,0,0,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 TCP 54.187.10.185:443 <-> 192.168.12.114:48328 [proto: 91.178/TLS.Amazon][cat: Web/5][34 pkts/4466 bytes <-> 20 pkts/4021 bytes][Goodput ratio: 50/67][21.54 sec][bytes ratio: 0.052 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/4 728/1409 14019/13944 2636/3582][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 131/201 400/983 86/219][Plen Bins: 0,54,5,14,0,2,0,8,0,2,2,0,2,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 TCP 192.168.12.114:41517 <-> 54.192.27.217:443 [proto: 91.173/TLS.Nintendo][cat: Game/8][11 pkts/2898 bytes <-> 10 pkts/4865 bytes][Goodput ratio: 75/86][0.56 sec][bytes ratio: -0.253 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 65/54 287/250 89/82][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 263/486 1414/1414 387/570][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com][JA3C: 200a99534ce50d35cf40cc3cce4c69b5][ServerNames: *.baas.nintendo.com,baas.nintendo.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 High Assurance Server CA][Subject: C=JP, ST=Kyoto, L=Minami-ku, O=Nintendo Co., Ltd., CN=*.baas.nintendo.com][Certificate SHA-1: 8A:0A:1D:D3:A8:96:7A:55:C5:75:B2:2B:3E:45:15:54:0A:B0:FC:94][Validity: 2015-08-12 00:00:00 - 2018-08-15 12:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 10,10,0,10,0,0,10,0,0,10,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,30,0,0,0,0]
6 TCP 192.168.12.114:31329 <-> 54.192.27.8:443 [proto: 91.173/TLS.Nintendo][cat: Game/8][10 pkts/2833 bytes <-> 10 pkts/4866 bytes][Goodput ratio: 76/86][0.51 sec][bytes ratio: -0.264 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 57/47 243/198 76/65][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 283/487 1414/1414 401/570][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com][JA3C: 200a99534ce50d35cf40cc3cce4c69b5][ServerNames: *.baas.nintendo.com,baas.nintendo.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 High Assurance Server CA][Subject: C=JP, ST=Kyoto, L=Minami-ku, O=Nintendo Co., Ltd., CN=*.baas.nintendo.com][Certificate SHA-1: 8A:0A:1D:D3:A8:96:7A:55:C5:75:B2:2B:3E:45:15:54:0A:B0:FC:94][Validity: 2015-08-12 00:00:00 - 2018-08-15 12:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 10,10,0,10,0,0,10,0,0,10,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,30,0,0,0,0]
7 UDP 192.168.12.114:52119 <-> 91.8.243.35:49432 [proto: 173/Nintendo][cat: Game/8][23 pkts/2682 bytes <-> 16 pkts/3408 bytes][Goodput ratio: 64/80][4.86 sec][bytes ratio: -0.119 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 232/89 514/507 225/142][Pkt Len c2s/s2c min/avg/max/stddev: 102/102 117/213 230/854 27/243][Plen Bins: 0,41,43,5,2,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
8 UDP 192.168.12.114:52119 <-> 109.21.255.11:50251 [proto: 173/Nintendo][cat: Game/8][8 pkts/1024 bytes <-> 8 pkts/1024 bytes][Goodput ratio: 67/67][1.28 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 39/58 119/111 274/242 89/65][Pkt Len c2s/s2c min/avg/max/stddev: 102/102 128/128 198/198 41/41][Plen Bins: 0,62,12,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
9 UDP 192.168.12.114:52119 <-> 134.3.248.25:56955 [proto: 173/Nintendo][cat: Game/8][8 pkts/1040 bytes <-> 7 pkts/922 bytes][Goodput ratio: 68/68][1.15 sec][bytes ratio: 0.060 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 9/17 108/127 288/286 109/90][Pkt Len c2s/s2c min/avg/max/stddev: 102/102 130/132 198/198 40/42][Plen Bins: 0,53,20,0,26,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
10 ICMP 151.6.184.100:0 -> 192.168.12.114:0 [proto: 81/ICMP][cat: Network/14][21 pkts/1470 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][0.73 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 40/0 315/0 92/0][Pkt Len c2s/s2c min/avg/max/stddev: 70/0 70/0 70/0 0/0][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
11 UDP 192.168.12.114:10184 <-> 192.168.12.1:53 [proto: 5.173/DNS.Nintendo][cat: Game/8][4 pkts/368 bytes <-> 4 pkts/400 bytes][Goodput ratio: 54/58][0.01 sec][Host: g2df33d01-lp1.p.srv.nintendo.net][52.10.205.177][bytes ratio: -0.042 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 4/4 4/4 5/5 0/0][Pkt Len c2s/s2c min/avg/max/stddev: 92/92 92/100 92/108 0/8][PLAIN TEXT (nintendo)][Plen Bins: 0,75,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
12 UDP 192.168.12.114:52119 -> 52.10.205.177:34343 [proto: 178/Amazon][cat: Web/5][1 pkts/730 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
13 ICMP 151.6.184.98:0 -> 192.168.12.114:0 [proto: 81/ICMP][cat: Network/14][9 pkts/630 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][0.60 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 75/0 316/0 130/0][Pkt Len c2s/s2c min/avg/max/stddev: 70/0 70/0 70/0 0/0][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
14 UDP 192.168.12.114:55915 <-> 35.158.74.61:10025 [proto: 178/Amazon][cat: Web/5][5 pkts/290 bytes <-> 5 pkts/290 bytes][Goodput ratio: 27/27][0.06 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1/1 4/3 2/1][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58/58 58/58 0/0][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
15 UDP 192.168.12.114:18874 <-> 192.168.12.1:53 [proto: 5.173/DNS.Nintendo][cat: Game/8][1 pkts/110 bytes <-> 1 pkts/281 bytes][Goodput ratio: 61/85][0.03 sec][Host: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com][54.192.27.217][PLAIN TEXT (fb203858ebc)][Plen Bins: 0,0,50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
16 UDP 192.168.12.114:51035 <-> 192.168.12.1:53 [proto: 5.173/DNS.Nintendo][cat: Game/8][1 pkts/110 bytes <-> 1 pkts/281 bytes][Goodput ratio: 61/85][< 1 sec][Host: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com][54.192.27.8][PLAIN TEXT (fb203858ebc)][Plen Bins: 0,0,50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
17 UDP 192.168.12.114:52119 -> 35.158.74.61:33335 [proto: 173.178/Nintendo.Amazon][cat: Game/8][3 pkts/354 bytes -> 0 pkts/0 bytes][Goodput ratio: 64/0][0.00 sec][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
18 UDP 192.168.12.114:55915 -> 35.158.74.61:33335 [proto: 178/Amazon][cat: Web/5][3 pkts/318 bytes -> 0 pkts/0 bytes][Goodput ratio: 60/0][0.00 sec][PLAIN TEXT (NATTestId)][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
19 UDP 192.168.12.114:55915 -> 52.10.205.177:34343 [proto: 178/Amazon][cat: Web/5][1 pkts/298 bytes -> 0 pkts/0 bytes][Goodput ratio: 86/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
20 UDP 192.168.12.114:55915 -> 35.158.74.61:33334 [proto: 178/Amazon][cat: Web/5][5 pkts/290 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][0.00 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
21 TCP 192.168.12.114:11534 <-> 54.146.242.74:443 [proto: 91.178/TLS.Amazon][cat: Web/5][1 pkts/54 bytes <-> 1 pkts/54 bytes][Goodput ratio: 0/0][0.18 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

40
tests/result/ocs.pcap.out
View file

@ -11,26 +11,26 @@ JA3 Host Stats:
1 192.168.180.2 4
1 TCP 192.168.180.2:49881 -> 178.248.208.54:80 [proto: 7.218/HTTP.OCS][cat: Media/1][751 pkts/44783 bytes -> 0 pkts/0 bytes][Goodput ratio: 1/0][51.39 sec][Host: ocu03.labgency.ws][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 64/0 3996/0 235/0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 60/0 715/0 25/0][URL: ocu03.labgency.ws/catalog/vod?v=3][StatusCode: 0][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (POST /catalog/vod)]
2 TCP 192.168.180.2:36680 -> 178.248.208.54:443 [proto: 91.218/TLS.OCS][cat: Media/1][20 pkts/6089 bytes -> 0 pkts/0 bytes][Goodput ratio: 83/0][3.85 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 210/0 998/0 326/0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 304/0 1440/0 368/0][Risk: ** Obsolete TLS version (< 1.1) **][TLSv1][Client: ocs.labgency.ws][JA3C: 0534a22b266a64a5cc9a90f7b5c483cc]
3 TCP 192.168.180.2:42590 -> 178.248.208.210:80 [proto: 7.218/HTTP.OCS][cat: Media/1][83 pkts/5408 bytes -> 0 pkts/0 bytes][Goodput ratio: 6/0][3.75 sec][Host: www.ocs.fr][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 31/0 91/0 30/0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 65/0 208/0 24/0][URL: www.ocs.fr/data_plateforme/program/18496/tv_detail_mortdunpourw0012236_72f6c.jpg][StatusCode: 0][PLAIN TEXT (GET /data)]
4 TCP 192.168.180.2:39263 -> 23.21.230.199:443 [proto: 91.178/TLS.Amazon][cat: Web/5][20 pkts/2715 bytes -> 0 pkts/0 bytes][Goodput ratio: 62/0][2.62 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 145/0 1003/0 239/0][Pkt Len c2s/s2c min/avg/max/stddev: 40/0 136/0 1209/0 253/0][Risk: ** Obsolete TLS version (< 1.1) **][TLSv1][Client: settings.crashlytics.com][JA3C: b030dba3ca09e2e484b9fa75adc4039c]
5 TCP 192.168.180.2:32946 -> 64.233.184.188:443 [proto: 91.239/TLS.GoogleServices][cat: Web/5][12 pkts/2212 bytes -> 0 pkts/0 bytes][Goodput ratio: 71/0][0.42 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 39/0 75/0 26/0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 184/0 1287/0 339/0][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: mtalk.google.com][JA3C: 75edb912bc6f0a222ae3e3e47f5c89b1]
6 TCP 192.168.180.2:47803 -> 64.233.166.95:443 [proto: 91.126/TLS.Google][cat: Web/5][12 pkts/1608 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][0.58 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 57/0 112/0 36/0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 134/0 649/0 166/0][Risk: ** Obsolete TLS version (< 1.1) **][TLSv1][JA3C: 5a236bfc3d18ddef1b1f2f4c9e765d66]
7 TCP 192.168.180.2:41223 -> 216.58.208.46:443 [proto: 91.126/TLS.Google][cat: Web/5][13 pkts/1448 bytes -> 0 pkts/0 bytes][Goodput ratio: 50/0][0.81 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 49/0 103/0 38/0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 111/0 425/0 106/0][Risk: ** Obsolete TLS version (< 1.1) **][TLSv1][JA3C: 5a236bfc3d18ddef1b1f2f4c9e765d66]
8 TCP 192.168.180.2:48250 -> 178.248.208.54:80 [proto: 7.218/HTTP.OCS][cat: Media/1][6 pkts/1092 bytes -> 0 pkts/0 bytes][Goodput ratio: 71/0][1.36 sec][Host: ocu03.labgency.ws][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 272/0 1043/0 395/0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 182/0 824/0 287/0][URL: ocu03.labgency.ws/catalog/vod?v=3][StatusCode: 0][User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; fr-fr; GT-P7510 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Safari/5][PLAIN TEXT (POST /catalog/vod)]
9 TCP 192.168.180.2:44959 -> 137.135.129.206:80 [proto: 7/HTTP][cat: Web/5][7 pkts/540 bytes -> 0 pkts/0 bytes][Goodput ratio: 31/0][1.18 sec][Host: api.eu01.capptain.com][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1/0 197/0 503/0 209/0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 77/0 136/0 37/0][URL: api.eu01.capptain.com/ip-to-country][StatusCode: 0][PLAIN TEXT (GET /ip)]
10 TCP 192.168.180.2:53356 -> 137.135.129.206:80 [proto: 7/HTTP][cat: Web/5][6 pkts/479 bytes -> 0 pkts/0 bytes][Goodput ratio: 33/0][0.23 sec][Host: api.eu01.capptain.com][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2/0 46/0 101/0 39/0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 80/0 211/0 59/0][URL: api.eu01.capptain.com/xmpp-disco?deviceid=f2c993d6218f5e22fe284b2e90c82f3b&push_on_device=true&appid=ocs000003][StatusCode: 0][PLAIN TEXT (GET /xmpp)]
11 TCP 192.168.180.2:47699 -> 64.233.184.188:5228 [proto: 126/Google][cat: Web/5][2 pkts/120 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][8.01 sec]
12 UDP 192.168.180.2:3621 -> 8.8.8.8:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/77 bytes -> 0 pkts/0 bytes][Goodput ratio: 63/0][< 1 sec][Host: xmpp.device06.eu01.capptain.com][::][PLAIN TEXT (device06)]
13 UDP 192.168.180.2:48770 -> 8.8.8.8:53 [proto: 5.228/DNS.PlayStore][cat: SoftwareUpdate/19][1 pkts/72 bytes -> 0 pkts/0 bytes][Goodput ratio: 60/0][< 1 sec][Host: android.clients.google.com][::][PLAIN TEXT (android)]
14 UDP 192.168.180.2:40097 -> 8.8.8.8:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/70 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][Host: settings.crashlytics.com][::][PLAIN TEXT (settings)]
15 UDP 192.168.180.2:1291 -> 8.8.8.8:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/67 bytes -> 0 pkts/0 bytes][Goodput ratio: 57/0][< 1 sec][Host: api.eu01.capptain.com][::][PLAIN TEXT (capptain)]
16 UDP 192.168.180.2:11793 -> 8.8.8.8:53 [proto: 5.239/DNS.GoogleServices][cat: Web/5][1 pkts/65 bytes -> 0 pkts/0 bytes][Goodput ratio: 56/0][< 1 sec][Host: play.googleapis.com][::][PLAIN TEXT (googleapis)]
17 UDP 192.168.180.2:38472 -> 8.8.8.8:53 [proto: 5.218/DNS.OCS][cat: Media/1][1 pkts/63 bytes -> 0 pkts/0 bytes][Goodput ratio: 55/0][< 1 sec][Host: ocu03.labgency.ws][::][PLAIN TEXT (labgency)]
18 UDP 192.168.180.2:2589 -> 8.8.8.8:53 [proto: 5.218/DNS.OCS][cat: Media/1][1 pkts/61 bytes -> 0 pkts/0 bytes][Goodput ratio: 53/0][< 1 sec][Host: ocs.labgency.ws][::][PLAIN TEXT (labgency)]
19 UDP 192.168.180.2:24245 -> 8.8.8.8:53 [proto: 5.218/DNS.OCS][cat: Media/1][1 pkts/56 bytes -> 0 pkts/0 bytes][Goodput ratio: 49/0][< 1 sec][Host: www.ocs.fr][::]
1 TCP 192.168.180.2:49881 -> 178.248.208.54:80 [proto: 7.218/HTTP.OCS][cat: Media/1][751 pkts/44783 bytes -> 0 pkts/0 bytes][Goodput ratio: 1/0][51.39 sec][Host: ocu03.labgency.ws][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 64/0 3996/0 235/0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 60/0 715/0 25/0][URL: ocu03.labgency.ws/catalog/vod?v=3][StatusCode: 0][User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)][PLAIN TEXT (POST /catalog/vod)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 TCP 192.168.180.2:36680 -> 178.248.208.54:443 [proto: 91.218/TLS.OCS][cat: Media/1][20 pkts/6089 bytes -> 0 pkts/0 bytes][Goodput ratio: 83/0][3.85 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 210/0 998/0 326/0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 304/0 1440/0 368/0][Risk: ** Obsolete TLS version (< 1.1) **][TLSv1][Client: ocs.labgency.ws][JA3C: 0534a22b266a64a5cc9a90f7b5c483cc][Plen Bins: 0,0,0,0,0,0,22,11,0,11,0,0,0,0,0,0,0,0,0,11,11,11,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,0]
3 TCP 192.168.180.2:42590 -> 178.248.208.210:80 [proto: 7.218/HTTP.OCS][cat: Media/1][83 pkts/5408 bytes -> 0 pkts/0 bytes][Goodput ratio: 6/0][3.75 sec][Host: www.ocs.fr][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 31/0 91/0 30/0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 65/0 208/0 24/0][URL: www.ocs.fr/data_plateforme/program/18496/tv_detail_mortdunpourw0012236_72f6c.jpg][StatusCode: 0][PLAIN TEXT (GET /data)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 TCP 192.168.180.2:39263 -> 23.21.230.199:443 [proto: 91.178/TLS.Amazon][cat: Web/5][20 pkts/2715 bytes -> 0 pkts/0 bytes][Goodput ratio: 62/0][2.62 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 145/0 1003/0 239/0][Pkt Len c2s/s2c min/avg/max/stddev: 40/0 136/0 1209/0 253/0][Risk: ** Obsolete TLS version (< 1.1) **][TLSv1][Client: settings.crashlytics.com][JA3C: b030dba3ca09e2e484b9fa75adc4039c][Plen Bins: 0,20,0,0,40,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0]
5 TCP 192.168.180.2:32946 -> 64.233.184.188:443 [proto: 91.239/TLS.GoogleServices][cat: Web/5][12 pkts/2212 bytes -> 0 pkts/0 bytes][Goodput ratio: 71/0][0.42 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 39/0 75/0 26/0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 184/0 1287/0 339/0][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: mtalk.google.com][JA3C: 75edb912bc6f0a222ae3e3e47f5c89b1][Plen Bins: 0,0,0,33,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0]
6 TCP 192.168.180.2:47803 -> 64.233.166.95:443 [proto: 91.126/TLS.Google][cat: Web/5][12 pkts/1608 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][0.58 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 57/0 112/0 36/0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 134/0 649/0 166/0][Risk: ** Obsolete TLS version (< 1.1) **][TLSv1][JA3C: 5a236bfc3d18ddef1b1f2f4c9e765d66][Plen Bins: 0,25,0,0,25,25,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
7 TCP 192.168.180.2:41223 -> 216.58.208.46:443 [proto: 91.126/TLS.Google][cat: Web/5][13 pkts/1448 bytes -> 0 pkts/0 bytes][Goodput ratio: 50/0][0.81 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 49/0 103/0 38/0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 111/0 425/0 106/0][Risk: ** Obsolete TLS version (< 1.1) **][TLSv1][JA3C: 5a236bfc3d18ddef1b1f2f4c9e765d66][Plen Bins: 0,25,0,0,25,25,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
8 TCP 192.168.180.2:48250 -> 178.248.208.54:80 [proto: 7.218/HTTP.OCS][cat: Media/1][6 pkts/1092 bytes -> 0 pkts/0 bytes][Goodput ratio: 71/0][1.36 sec][Host: ocu03.labgency.ws][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 272/0 1043/0 395/0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 182/0 824/0 287/0][URL: ocu03.labgency.ws/catalog/vod?v=3][StatusCode: 0][User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; fr-fr; GT-P7510 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Safari/5][PLAIN TEXT (POST /catalog/vod)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
9 TCP 192.168.180.2:44959 -> 137.135.129.206:80 [proto: 7/HTTP][cat: Web/5][7 pkts/540 bytes -> 0 pkts/0 bytes][Goodput ratio: 31/0][1.18 sec][Host: api.eu01.capptain.com][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1/0 197/0 503/0 209/0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 77/0 136/0 37/0][URL: api.eu01.capptain.com/ip-to-country][StatusCode: 0][PLAIN TEXT (GET /ip)][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
10 TCP 192.168.180.2:53356 -> 137.135.129.206:80 [proto: 7/HTTP][cat: Web/5][6 pkts/479 bytes -> 0 pkts/0 bytes][Goodput ratio: 33/0][0.23 sec][Host: api.eu01.capptain.com][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2/0 46/0 101/0 39/0][Pkt Len c2s/s2c min/avg/max/stddev: 52/0 80/0 211/0 59/0][URL: api.eu01.capptain.com/xmpp-disco?deviceid=f2c993d6218f5e22fe284b2e90c82f3b&push_on_device=true&appid=ocs000003][StatusCode: 0][PLAIN TEXT (GET /xmpp)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
11 TCP 192.168.180.2:47699 -> 64.233.184.188:5228 [proto: 126/Google][cat: Web/5][2 pkts/120 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][8.01 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
12 UDP 192.168.180.2:3621 -> 8.8.8.8:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/77 bytes -> 0 pkts/0 bytes][Goodput ratio: 63/0][< 1 sec][Host: xmpp.device06.eu01.capptain.com][::][PLAIN TEXT (device06)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
13 UDP 192.168.180.2:48770 -> 8.8.8.8:53 [proto: 5.228/DNS.PlayStore][cat: SoftwareUpdate/19][1 pkts/72 bytes -> 0 pkts/0 bytes][Goodput ratio: 60/0][< 1 sec][Host: android.clients.google.com][::][PLAIN TEXT (android)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
14 UDP 192.168.180.2:40097 -> 8.8.8.8:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/70 bytes -> 0 pkts/0 bytes][Goodput ratio: 59/0][< 1 sec][Host: settings.crashlytics.com][::][PLAIN TEXT (settings)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
15 UDP 192.168.180.2:1291 -> 8.8.8.8:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/67 bytes -> 0 pkts/0 bytes][Goodput ratio: 57/0][< 1 sec][Host: api.eu01.capptain.com][::][PLAIN TEXT (capptain)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
16 UDP 192.168.180.2:11793 -> 8.8.8.8:53 [proto: 5.239/DNS.GoogleServices][cat: Web/5][1 pkts/65 bytes -> 0 pkts/0 bytes][Goodput ratio: 56/0][< 1 sec][Host: play.googleapis.com][::][PLAIN TEXT (googleapis)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
17 UDP 192.168.180.2:38472 -> 8.8.8.8:53 [proto: 5.218/DNS.OCS][cat: Media/1][1 pkts/63 bytes -> 0 pkts/0 bytes][Goodput ratio: 55/0][< 1 sec][Host: ocu03.labgency.ws][::][PLAIN TEXT (labgency)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
18 UDP 192.168.180.2:2589 -> 8.8.8.8:53 [proto: 5.218/DNS.OCS][cat: Media/1][1 pkts/61 bytes -> 0 pkts/0 bytes][Goodput ratio: 53/0][< 1 sec][Host: ocs.labgency.ws][::][PLAIN TEXT (labgency)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
19 UDP 192.168.180.2:24245 -> 8.8.8.8:53 [proto: 5.218/DNS.OCS][cat: Media/1][1 pkts/56 bytes -> 0 pkts/0 bytes][Goodput ratio: 49/0][< 1 sec][Host: www.ocs.fr][::][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Undetected flows:
1 TCP 192.168.180.2:46166 -> 137.135.131.52:5122 [proto: 0/Unknown][6 pkts/360 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][31.08 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 998/0 6216/0 16046/0 5473/0][Pkt Len c2s/s2c min/avg/max/stddev: 60/0 60/0 60/0 0/0]
1 TCP 192.168.180.2:46166 -> 137.135.131.52:5122 [proto: 0/Unknown][6 pkts/360 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][31.08 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 998/0 6216/0 16046/0 5473/0][Pkt Len c2s/s2c min/avg/max/stddev: 60/0 60/0 60/0 0/0][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

4
tests/result/ookla.pcap.out
View file

@ -1,4 +1,4 @@
Ookla 5086 4689745 2
1 TCP 192.168.1.7:51215 <-> 46.44.253.187:8080 [proto: 191/Ookla][cat: Network/14][2202 pkts/1032520 bytes <-> 2864 pkts/3652905 bytes][Goodput ratio: 86/95][40.14 sec][bytes ratio: -0.559 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 15/11 2086/2226 59/54][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 469/1275 1506/1506 642/527][PLAIN TEXT ( 6HELLO 2.4 2016)]
2 TCP 192.168.1.7:51207 <-> 46.44.253.187:80 [proto: 7.191/HTTP.Ookla][cat: Network/14][12 pkts/2238 bytes <-> 8 pkts/2082 bytes][Goodput ratio: 64/74][5.33 sec][bytes ratio: 0.036 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/4 528/47 5005/84 1493/28][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 186/260 430/523 168/194][PLAIN TEXT (GET /crossdomain.xml HTTP/1.1)]
1 TCP 192.168.1.7:51215 <-> 46.44.253.187:8080 [proto: 191/Ookla][cat: Network/14][2202 pkts/1032520 bytes <-> 2864 pkts/3652905 bytes][Goodput ratio: 86/95][40.14 sec][bytes ratio: -0.559 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 15/11 2086/2226 59/54][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 469/1275 1506/1506 642/527][PLAIN TEXT ( 6HELLO 2.4 2016)][Plen Bins: 28,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,70,0]
2 TCP 192.168.1.7:51207 <-> 46.44.253.187:80 [proto: 7.191/HTTP.Ookla][cat: Network/14][12 pkts/2238 bytes <-> 8 pkts/2082 bytes][Goodput ratio: 64/74][5.33 sec][bytes ratio: 0.036 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/4 528/47 5005/84 1493/28][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 186/260 430/523 168/194][PLAIN TEXT (GET /crossdomain.xml HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,12,75,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

6
tests/result/openvpn.pcap.out
View file

@ -1,5 +1,5 @@
OpenVPN 298 57111 3
1 UDP 192.168.43.18:13680 <-> 139.59.151.137:13680 [proto: 159/OpenVPN][cat: VPN/2][62 pkts/11508 bytes <-> 58 pkts/16664 bytes][Goodput ratio: 77/85][19.24 sec][bytes ratio: -0.183 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 289/106 3994/2456 764/365][Pkt Len c2s/s2c min/avg/max/stddev: 84/92 186/287 1214/1287 193/325][PLAIN TEXT (160727093158Z)]
2 TCP 192.168.1.77:60140 <-> 46.101.231.218:443 [proto: 159/OpenVPN][cat: VPN/2][44 pkts/7514 bytes <-> 51 pkts/7866 bytes][Goodput ratio: 61/57][64.13 sec][bytes ratio: -0.023 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1298/1400 11356/11265 2924/3289][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 171/154 1514/222 236/63][PLAIN TEXT (160630002150Z)]
3 UDP 192.168.43.12:41507 <-> 139.59.151.137:13680 [proto: 159/OpenVPN][cat: VPN/2][49 pkts/7860 bytes <-> 34 pkts/5699 bytes][Goodput ratio: 74/75][9.11 sec][bytes ratio: 0.159 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 224/137 3857/2389 691/464][Pkt Len c2s/s2c min/avg/max/stddev: 84/92 160/168 1214/196 192/31][PLAIN TEXT (160727093158Z)]
1 UDP 192.168.43.18:13680 <-> 139.59.151.137:13680 [proto: 159/OpenVPN][cat: VPN/2][62 pkts/11508 bytes <-> 58 pkts/16664 bytes][Goodput ratio: 77/85][19.24 sec][bytes ratio: -0.183 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 289/106 3994/2456 764/365][Pkt Len c2s/s2c min/avg/max/stddev: 84/92 186/287 1214/1287 193/325][PLAIN TEXT (160727093158Z)][Plen Bins: 0,29,17,8,26,0,0,2,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,1,1,0,0,0,0,0,0,0,0]
2 TCP 192.168.1.77:60140 <-> 46.101.231.218:443 [proto: 159/OpenVPN][cat: VPN/2][44 pkts/7514 bytes <-> 51 pkts/7866 bytes][Goodput ratio: 61/57][64.13 sec][bytes ratio: -0.023 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1298/1400 11356/11265 2924/3289][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 171/154 1514/222 236/63][PLAIN TEXT (160630002150Z)][Plen Bins: 0,38,0,4,50,0,0,0,0,1,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0]
3 UDP 192.168.43.12:41507 <-> 139.59.151.137:13680 [proto: 159/OpenVPN][cat: VPN/2][49 pkts/7860 bytes <-> 34 pkts/5699 bytes][Goodput ratio: 74/75][9.11 sec][bytes ratio: 0.159 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 224/137 3857/2389 691/464][Pkt Len c2s/s2c min/avg/max/stddev: 84/92 160/168 1214/196 192/31][PLAIN TEXT (160727093158Z)][Plen Bins: 0,39,14,8,30,2,0,0,0,1,0,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0]

214
tests/result/pps.pcap.out
View file

@ -3,113 +3,113 @@ HTTP 1502 1849543 62
SSDP 63 17143 10
Google 2 1093 1
1 TCP 192.168.115.8:50780 <-> 223.26.106.20:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/303 bytes <-> 541 pkts/710082 bytes][Goodput ratio: 82/96][0.98 sec][Host: preimage1.qiyipic.com][bytes ratio: -0.999 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/2 0/77 0/8][Pkt Len c2s/s2c min/avg/max/stddev: 303/522 303/1313 303/1314 0/34][URL: preimage1.qiyipic.com/preimage/20160506/f0/1f/v_110359998_m_611_160_90_2.jpg?no=2][StatusCode: 200][User-Agent: Qiyi List Client PC 5.2.15.2240][PLAIN TEXT (GET /preimage/20160506/f0/1)]
2 TCP 192.168.115.8:50778 <-> 223.26.106.20:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/303 bytes <-> 528 pkts/692658 bytes][Goodput ratio: 82/96][0.82 sec][Host: preimage1.qiyipic.com][bytes ratio: -0.999 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/1 0/51 0/7][Pkt Len c2s/s2c min/avg/max/stddev: 303/180 303/1312 303/1314 0/49][URL: preimage1.qiyipic.com/preimage/20160506/f0/1f/v_110359998_m_611_160_90_1.jpg?no=1][StatusCode: 200][User-Agent: Qiyi List Client PC 5.2.15.2240][PLAIN TEXT (GET /preimage/20160506/f0/1)]
3 TCP 192.168.115.8:50505 <-> 223.26.106.19:80 [proto: 7/HTTP][cat: Streaming/17][2 pkts/400 bytes <-> 244 pkts/319633 bytes][Goodput ratio: 73/96][0.11 sec][Host: static.qiyi.com][bytes ratio: -0.998 (Download)][IAT c2s/s2c min/avg/max/stddev: 35/0 35/0 35/35 0/2][Pkt Len c2s/s2c min/avg/max/stddev: 198/566 200/1310 202/1314 2/50][URL: static.qiyi.com/ext/common/qisu2/downloader.ini][StatusCode: 200][User-Agent: Downloader][PLAIN TEXT (GET /ext/common/qisu2/downloade)]
4 TCP 192.168.115.8:50491 <-> 223.26.106.66:80 [proto: 7/HTTP][cat: Web/5][1 pkts/426 bytes <-> 26 pkts/33872 bytes][Goodput ratio: 87/96][0.02 sec][Host: 223.26.106.66][bytes ratio: -0.975 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/0 0/3 0/1][Pkt Len c2s/s2c min/avg/max/stddev: 426/1022 426/1303 426/1314 0/56][URL: 223.26.106.66/videos/v0/20160625/a5/bf/8de9bb946972a88589d1667862292130.f4v?key=07eef1821e2379d3136ffe16082185ba2&src=iqiyi.com&&tn=137719&uuid=76a3085a-57760844-de][StatusCode: 0][User-Agent: QY-Player-Windows/2.0.102][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (GET /videos/v)]
5 TCP 192.168.115.8:50486 <-> 77.234.40.96:80 [proto: 7/HTTP][cat: Web/5][11 pkts/11023 bytes <-> 12 pkts/14869 bytes][Goodput ratio: 95/96][13.04 sec][Host: bcu.ff.avast.com][bytes ratio: -0.149 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 68/0 307/0 127/0][Pkt Len c2s/s2c min/avg/max/stddev: 231/536 1002/1239 1314/1314 434/215][URL: bcu.ff.avast.com/bc2][StatusCode: 0][Content-Type: application/x-enc][User-Agent: {D699054D-1699-47D2-9B2B-E96F438C1160}][PLAIN TEXT (POST /bc2 HTTP/1.1)]
6 UDP 192.168.5.38:1900 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][18 pkts/9327 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][6.36 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 46/0 393/0 2654/0 855/0][Pkt Len c2s/s2c min/avg/max/stddev: 473/0 518/0 553/0 30/0][PLAIN TEXT (NOTIFY )]
7 TCP 192.168.115.8:50476 <-> 101.227.32.39:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/656 bytes <-> 4 pkts/3897 bytes][Goodput ratio: 92/94][0.04 sec][Host: cache.video.iqiyi.com][URL: cache.video.iqiyi.com/vi/500494600/562e26caed5695900212eb3259070f8a/?src=1_11_114][StatusCode: 200][PLAIN TEXT (GET /vi/500494600/562)]
8 TCP 192.168.115.8:50495 <-> 202.108.14.236:80 [proto: 7/HTTP][cat: Streaming/17][3 pkts/2844 bytes <-> 3 pkts/597 bytes][Goodput ratio: 94/73][0.55 sec][Host: msg.71.am][bytes ratio: 0.653 (Upload)][IAT c2s/s2c min/avg/max/stddev: 117/118 216/217 315/316 99/99][Pkt Len c2s/s2c min/avg/max/stddev: 946/199 948/199 952/199 3/0][URL: msg.71.am/cp2.gif?a=4e3ae415a584748ac9aa31628f39d1e8&ai=&as=1:23:23|45&av=4.10.004&b=180932301&c=31&ct=5000000927558&d=2175&di=&dp=71000001&e=c4889e64ad9d9eeb9ff438910850c442&ec=&em=&fi=&g=0&l=MTE4LjE2My44Ljkw&mk=&nw=&od=5000000858874&oi=&p=a&pp=&rc=&rd=&][StatusCode: 200][User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /cp)]
9 TCP 77.234.41.35:80 <-> 192.168.115.8:49174 [proto: 7/HTTP][cat: Web/5][4 pkts/2953 bytes <-> 1 pkts/356 bytes][Goodput ratio: 93/85][0.24 sec][PLAIN TEXT (HTTP/1.1 200 OK)]
10 TCP 192.168.115.8:50767 <-> 223.26.106.20:80 [proto: 7/HTTP][cat: Streaming/17][4 pkts/800 bytes <-> 4 pkts/2112 bytes][Goodput ratio: 73/90][0.09 sec][Host: static.qiyi.com][bytes ratio: -0.451 (Download)][IAT c2s/s2c min/avg/max/stddev: 19/19 27/27 34/35 6/7][Pkt Len c2s/s2c min/avg/max/stddev: 198/526 200/528 202/530 2/2][URL: static.qiyi.com/ext/common/qisu2/masauto.ini][StatusCode: 200][User-Agent: masauto_runxx][Risk: ** HTTP Suspicious User-Agent **][PLAIN TEXT (GET /ext/common/qisu2/masauto.i)]
11 TCP 192.168.115.8:50488 <-> 223.26.106.20:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/311 bytes <-> 2 pkts/2035 bytes][Goodput ratio: 82/95][0.06 sec][Host: meta.video.qiyi.com][URL: meta.video.qiyi.com/20160625/a5/bf/413f91ad101e780a6b63f826e28b9920.xml][StatusCode: 200][User-Agent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /20160625/a)]
12 TCP 192.168.115.8:50471 <-> 202.108.14.236:80 [proto: 7/HTTP][cat: Streaming/17][2 pkts/1898 bytes <-> 2 pkts/398 bytes][Goodput ratio: 94/73][2.78 sec][Host: msg.71.am][URL: msg.71.am/cp2.gif?a=4e3ae415a584748ac9aa31628f39d1e8&ai=1||71000001||5000000858874||5000000927558||roll&as=&av=4.10.004&b=180932301&c=31&ct=&d=2175&di=&dp=&e=c4889e64ad9d9eeb9ff438910850c442&ec=&em=&fi=&g=0&l=MTE4LjE2My44Ljkw&mk=&nw=&od=&oi=&p=t&pp=&rc=-1][StatusCode: 200][User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /cp)]
13 TCP 192.168.115.8:50501 <-> 202.108.14.236:80 [proto: 7/HTTP][cat: Streaming/17][2 pkts/1893 bytes <-> 1 pkts/199 bytes][Goodput ratio: 94/73][7.29 sec][Host: msg.71.am][URL: msg.71.am/cp2.gif?a=4e3ae415a584748ac9aa31628f39d1e8&ai=&as=1:45:23|45&av=4.10.004&b=180932301&c=31&ct=5000000923447&d=2175&di=&dp=71000001&e=c4889e64ad9d9eeb9ff438910850c442&ec=&em=&fi=&g=0&l=MTE4LjE2My44Ljkw&mk=&nw=&od=5000000854934&oi=&p=a&pp=&rc=&rd=&][StatusCode: 200][User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /cp)]
14 TCP 192.168.115.8:50463 <-> 101.227.200.11:80 [proto: 7/HTTP][cat: Streaming/17][2 pkts/1555 bytes <-> 1 pkts/306 bytes][Goodput ratio: 93/82][0.04 sec][Host: api.cupid.iqiyi.com][URL: api.cupid.iqiyi.com/track2?a=1&as=1;2,3;4,5&b=1467353138&c=ae87cb3cfdf494aa48dc608909f69250&cv=5.2.15.2240&d=5000000858874&dr=2175&f=4e3ae415a584748ac9aa31628f39d1e8&g=0_aaoefdtqgfdepxc2tnv3piucgcb4eofn&h=&i=qc_100001_100140&iv=0&j=31&k=180932301&kp=4e3ae][StatusCode: 200][User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /track2)]
15 TCP 192.168.115.8:50496 <-> 101.227.200.11:80 [proto: 7/HTTP][cat: Streaming/17][2 pkts/1555 bytes <-> 1 pkts/306 bytes][Goodput ratio: 93/82][0.04 sec][Host: api.cupid.iqiyi.com][URL: api.cupid.iqiyi.com/track2?a=0&as=1;2,3;4,5&b=1467353165&c=966542c82a5694d0e943d50d5fcf5a55&cv=5.2.15.2240&d=5000000854934&dr=2175&f=4e3ae415a584748ac9aa31628f39d1e8&g=0_aaoefdtqgfdepxc2tnv3piucgcb4eofn&h=&i=qc_100001_100140&iv=0&j=31&k=180932301&kp=4e3ae][StatusCode: 200][User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /track2)]
16 TCP 192.168.115.8:50779 <-> 111.206.22.77:80 [proto: 7/HTTP][cat: Streaming/17][2 pkts/1438 bytes <-> 1 pkts/194 bytes][Goodput ratio: 92/72][0.10 sec][Host: msg.iqiyi.com][URL: msg.iqiyi.com/b?pf=201&p=11&p1=114&ap=0&source1=list&source2=online_l&t=201&ct=clt__pl_play&album_id=180932301&c1=479531000&clt=homedl&cn=160505-%E6%AD%A3%E7%89%87%EF%BC%9A%E9%83%91%E6%81%BA%E6%AC%A7%E5%B7%B4%E4%BA%8C%E6%AC%A1%E5%BD%92%E6%9D%A5%E5%8F%8D%E][StatusCode: 200][User-Agent: Qiyi List Client PC 5.2.15.2240][PLAIN TEXT (GET /b)]
17 UDP 192.168.5.38:58897 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1575 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][24.02 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2999/0 3002/0 3008/0 3/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )]
18 UDP 192.168.115.1:50945 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1539 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][6.03 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 30/0 753/0 2839/0 1189/0][Pkt Len c2s/s2c min/avg/max/stddev: 165/0 171/0 175/0 5/0][PLAIN TEXT (SEARCH )]
19 TCP 192.168.115.8:50464 <-> 123.125.112.49:80 [proto: 7/HTTP][cat: Web/5][1 pkts/707 bytes <-> 1 pkts/744 bytes][Goodput ratio: 92/93][0.12 sec][Host: click.hm.baidu.com][URL: click.hm.baidu.com/clk?53e25e33e064c657c06b558e5c3c33fd][StatusCode: 302][User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /clk)]
20 TCP 192.168.115.8:50492 <-> 111.206.13.3:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/389 bytes <-> 2 pkts/1034 bytes][Goodput ratio: 86/89][0.28 sec][Host: pdata.video.qiyi.com][URL: pdata.video.qiyi.com/2efc8cd5fbe0f4ee498fb1c2fc1de8b6/videos/v0/20160625/a5/bf/8de9bb946972a88589d1667862292130.f4v?qyid=aaoefdtqgfdepxc2tnv3piucgcb4eofn&qypid=2012][StatusCode: 200][User-Agent: HCDNClient_WINPC;libcurl/7.26.0 OpenSSL/1.0.1g zlib/1.2.5;QK/10.0.0.293][PLAIN TEXT (GET /2efc)]
21 TCP 192.168.115.8:50777 <-> 111.206.22.77:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/1186 bytes <-> 1 pkts/194 bytes][Goodput ratio: 95/72][0.09 sec][Host: msg.iqiyi.com][URL: msg.iqiyi.com/b?pf=201&p=11&p1=114&ap=0&source1=list&source2=online_l&t=11&ct=pc__ad_play&album_id=180932301&c1=479531000&clt=homedl&cn=160505-%E6%AD%A3%E7%89%87%EF%BC%9A%E9%83%91%E6%81%BA%E6%AC%A7%E5%B7%B4%E4%BA%8C%E6%AC%A1%E5%BD%92%E6%9D%A5%E5%8F%8D%E9%][StatusCode: 200][User-Agent: Qiyi List Client PC 5.2.15.2240][PLAIN TEXT (GET /b)]
22 TCP 192.168.115.8:50494 <-> 223.26.106.66:80 [proto: 7/HTTP][cat: Web/5][2 pkts/887 bytes <-> 1 pkts/443 bytes][Goodput ratio: 88/88][2.24 sec][Host: 223.26.106.66][URL: 223.26.106.66/videos/v0/20160625/a5/bf/8de9bb946972a88589d1667862292130.f4v?key=07eef1821e2379d3136ffe16082185ba2&src=iqiyi.com&qyid=aaoefdtqgfdepxc2tnv3piucgcb4eofn&qypid=2012&uuid=76a3085a-57760844-8b][StatusCode: 200][User-Agent: HCDNClient_WINPC;libcurl/7.26.0 OpenSSL/1.0.1g zlib/1.2.5;QK/10.0.0.293][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (GET /videos/v)]
23 TCP 192.168.115.8:50497 <-> 123.125.112.49:80 [proto: 7/HTTP][cat: Web/5][1 pkts/1004 bytes <-> 2 pkts/301 bytes][Goodput ratio: 95/62][0.10 sec][Host: click.hm.baidu.com][URL: click.hm.baidu.com/mkt.gif?ai=8452891900c903ae7a876447923a5aec&et=0][StatusCode: 204][User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /mkt.gif)]
24 TCP 192.168.115.8:50499 <-> 111.206.22.76:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/1097 bytes <-> 1 pkts/199 bytes][Goodput ratio: 95/73][0.78 sec][Host: msg.iqiyi.com][URL: msg.iqiyi.com/b?t=5&pf=201&p=11&p1=114&rn=1467353167221&a=34&clt=tvg2015_baikeB_comment_show&type=pc&ref=noref&url=http%3A//vodguide.pps.iqiyi.com/page.php%3Fversion%3D5.2.15.2240%23class%3D200003719%2524%2524%2524%2524180932301%26entityid%3D479531000%26b][StatusCode: 200][User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)][PLAIN TEXT (GET /b)]
25 TCP 192.168.115.8:50474 <-> 202.108.14.221:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/1100 bytes <-> 1 pkts/194 bytes][Goodput ratio: 95/72][0.05 sec][Host: msg.iqiyi.com][URL: msg.iqiyi.com/b?c1=6&s1=1&macid=aaoefdtqgfdepxc2tnv3piucgcb4eofn&channelid=000&nu=&e=1352528&se=1253811&r=500494600&aduid=d07dfd30f0ee4e48bbcaf1208c758471&ctm=1375211&playsource=001004000&vid=562e26caed5695900212eb3259070f8a&albumid=500494600&ra=2&td=2265][StatusCode: 200][User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.307][PLAIN TEXT (GET /b)]
26 TCP 192.168.115.8:50507 <-> 223.26.106.19:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/212 bytes <-> 1 pkts/1063 bytes][Goodput ratio: 74/95][0.00 sec][Host: static.qiyi.com][URL: static.qiyi.com/ext/common/qisu2/downloadhelper.ini][StatusCode: 200][User-Agent: DownloadHelper_runxx][PLAIN TEXT (GET /ext/common/qisu2/downloadh)]
27 TCP 192.168.115.8:50485 <-> 202.108.14.236:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/947 bytes <-> 1 pkts/199 bytes][Goodput ratio: 94/73][0.16 sec][Host: msg.71.am][URL: msg.71.am/cp2.gif?a=4e3ae415a584748ac9aa31628f39d1e8&ai=&as=1:23:23|45&av=4.10.004&b=180932301&c=31&ct=5000000927558&d=2175&di=&dp=71000001&e=c4889e64ad9d9eeb9ff438910850c442&ec=&em=&fi=&g=0&l=MTE4LjE2My44Ljkw&mk=&nw=&od=5000000858874&oi=&p=a&pp=&rc=&rd=&][StatusCode: 200][User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /cp)]
28 TCP 192.168.115.8:50502 <-> 202.108.14.236:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/947 bytes <-> 1 pkts/199 bytes][Goodput ratio: 94/73][0.09 sec][Host: msg.71.am][URL: msg.71.am/cp2.gif?a=4e3ae415a584748ac9aa31628f39d1e8&ai=&as=1:45:23|45&av=4.10.004&b=180932301&c=31&ct=5000000923447&d=2175&di=&dp=71000001&e=c4889e64ad9d9eeb9ff438910850c442&ec=&em=&fi=&g=0&l=MTE4LjE2My44Ljkw&mk=&nw=&od=5000000854934&oi=&p=a&pp=&rc=&rd=&][StatusCode: 200][User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /cp)]
29 TCP 192.168.115.8:50493 <-> 202.108.14.236:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/946 bytes <-> 1 pkts/199 bytes][Goodput ratio: 94/73][0.06 sec][Host: msg.71.am][URL: msg.71.am/cp2.gif?a=4e3ae415a584748ac9aa31628f39d1e8&ai=&as=1:23:23|45&av=4.10.004&b=180932301&c=31&ct=5000000927558&d=2175&di=&dp=71000001&e=c4889e64ad9d9eeb9ff438910850c442&ec=&em=&fi=&g=0&l=MTE4LjE2My44Ljkw&mk=&nw=&od=5000000858874&oi=&p=a&pp=&rc=&rd=&][StatusCode: 200][User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /cp)]
30 TCP 192.168.115.8:50771 <-> 202.108.14.236:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/946 bytes <-> 1 pkts/199 bytes][Goodput ratio: 94/73][0.10 sec][Host: msg.71.am][URL: msg.71.am/cp2.gif?a=4e3ae415a584748ac9aa31628f39d1e8&ai=&as=1:45:23|45&av=4.10.004&b=180932301&c=31&ct=5000000923447&d=2175&di=&dp=71000001&e=c4889e64ad9d9eeb9ff438910850c442&ec=&em=&fi=&g=0&l=MTE4LjE2My44Ljkw&mk=&nw=&od=5000000854934&oi=&p=a&pp=&rc=&rd=&][StatusCode: 200][User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /cp)]
31 TCP 192.168.115.8:50473 <-> 202.108.14.219:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/944 bytes <-> 1 pkts/199 bytes][Goodput ratio: 94/73][0.18 sec][Host: msg.71.am][URL: msg.71.am/core?t=1&reset=0&vfrmtp=1&tm1=&tm2=0&tm21=0&tm22=0&tm23=0&tm24=0&tm3=117&tm31=0&tm32=47&tm33=78&tm34=1&tm4=137&tm41=0&tm42=16&tm43=125&tm44=2&tm5=165&tm51=0&tm52=0&tm53=0&tm54=10&tm6=&tm62=0&tm63=0&tm7=0&tm71=0&tm72=0&tm73=0&tm8=0&tm81=0&tm82=0&][StatusCode: 200][User-Agent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /core)]
32 TCP 192.168.115.8:50475 <-> 202.108.14.236:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/941 bytes <-> 1 pkts/199 bytes][Goodput ratio: 94/73][0.06 sec][Host: msg.71.am][URL: msg.71.am/cp2.gif?a=4e3ae415a584748ac9aa31628f39d1e8&ai=&as=1:2:1|2&av=4.10.004&b=204076701&c=6&ct=5000000926795&d=158&di=&dp=71000001&e=512ab77de7f67d49f24d3511778220d0&ec=&em=&fi=&g=0&l=MTE4LjE2My44Ljkw&mk=&nw=&od=5000000856344&oi=&p=a&pp=&rc=&rd=&ri=&s][StatusCode: 200][User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /cp)]
33 TCP 192.168.115.8:50500 <-> 23.41.133.163:80 [proto: 7/HTTP][cat: Web/5][1 pkts/289 bytes <-> 1 pkts/839 bytes][Goodput ratio: 81/93][0.00 sec][Host: s1.symcb.com][URL: s1.symcb.com/pca3-g5.crl][StatusCode: 200][User-Agent: Microsoft-CryptoAPI/6.1][PLAIN TEXT (GET /pca3)]
34 TCP 192.168.115.8:50773 <-> 202.108.14.221:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/919 bytes <-> 1 pkts/199 bytes][Goodput ratio: 94/73][0.10 sec][Host: msg.71.am][URL: msg.71.am/core?t=1&reset=0&vfrmtp=1&tm1=&tm2=0&tm21=0&tm22=0&tm23=0&tm24=0&tm3=209&tm31=94&tm32=31&tm33=78&tm34=1&tm4=176&tm41=47&tm42=16&tm43=78&tm44=7&tm5=328&tm51=0&tm52=0&tm53=0&tm54=63&tm6=&tm62=0&tm63=0&tm7=0&tm71=0&tm72=0&tm73=0&tm8=0&tm81=0&tm82=0][StatusCode: 200][User-Agent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /core)]
35 TCP 192.168.115.8:50466 <-> 203.66.182.24:80 [proto: 7.126/HTTP.Google][cat: Web/5][1 pkts/280 bytes <-> 1 pkts/813 bytes][Goodput ratio: 80/93][0.00 sec][Host: clients1.google.com][URL: clients1.google.com/ocsp/MEkwRzBFMEMwQTAJBgUrDgMCGgUABBTy4Gr5hYodjXCbSRkjeqm1Gih%2BZAQUSt0GFhu89mi1dvWBtrtiGrpagS8CCEYrFXkq2ugz][StatusCode: 200][User-Agent: Microsoft-CryptoAPI/6.1][PLAIN TEXT (GET /ocsp/MEkwRzBFMEMwQ)]
36 UDP 192.168.5.50:52529 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1074 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][15.01 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2999/0 3001/0 3005/0 2/0][Pkt Len c2s/s2c min/avg/max/stddev: 179/0 179/0 179/0 0/0][PLAIN TEXT (SEARCH )]
37 UDP 192.168.5.28:60023 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1050 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][15.02 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 3000/0 3004/0 3014/0 5/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )]
38 UDP 192.168.5.57:59648 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1050 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][15.04 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2999/0 3008/0 3038/0 15/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )]
39 TCP 192.168.115.8:50504 -> 202.108.14.236:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/946 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][Host: msg.71.am][URL: msg.71.am/cp2.gif?a=4e3ae415a584748ac9aa31628f39d1e8&ai=&as=1:45:23|45&av=4.10.004&b=180932301&c=31&ct=5000000923447&d=2175&di=&dp=71000001&e=c4889e64ad9d9eeb9ff438910850c442&ec=&em=&fi=&g=0&l=MTE4LjE2My44Ljkw&mk=&nw=&od=5000000854934&oi=&p=a&pp=&rc=&rd=&][StatusCode: 0][User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /cp)]
40 TCP 192.168.115.8:50769 <-> 101.227.200.11:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/604 bytes <-> 1 pkts/291 bytes][Goodput ratio: 91/81][0.03 sec][Host: api.cupid.iqiyi.com][URL: api.cupid.iqiyi.com/ccs][StatusCode: 200][User-Agent: CookieClear_runxx][PLAIN TEXT (GET /ccs HTTP/1.1)]
41 TCP 192.168.115.8:50498 <-> 36.110.220.15:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/694 bytes <-> 1 pkts/199 bytes][Goodput ratio: 92/73][0.09 sec][Host: msg.video.qiyi.com][URL: msg.video.qiyi.com/tmpstats.gif?type=recctplay20121226&usract=show&ppuid=-1&uid=aaoefdtqgfdepxc2tnv3piucgcb4eofn&event_id=4b0868920b0f8285320a9e00ee0369e5&cid=31&bkt=pps_c_zebra_main_default&area=pps_c_zebra&platform=2012&albumlist=470694500,471591300,465][StatusCode: 200][User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)][PLAIN TEXT (GET /tmpstats.gif)]
42 TCP 192.168.115.8:50503 <-> 202.108.14.219:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/683 bytes <-> 1 pkts/199 bytes][Goodput ratio: 92/73][0.06 sec][Host: msg.71.am][URL: msg.71.am/core?t=2&chipid=Intel%28R%29%20Core%28TM%29%20i5%2D2557M%20CPU%20%40%201%2E70GHz&tm=30&ra=1&ishcdn=2&pf=201&p=11&p1=114&p2=3000&sdktp=1&c1=6&r=500494600&aid=502959900&u=aaoefdtqgfdepxc2tnv3piucgcb4eofn&pu=&os=windows&v=5%2E2%2E15%2E2240&krv=2%2E][StatusCode: 200][User-Agent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /core)]
43 UDP 192.168.5.41:50374 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][5 pkts/875 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][12.04 sec][PLAIN TEXT (SEARCH )]
44 TCP 192.168.115.8:50490 <-> 119.188.13.188:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/357 bytes <-> 1 pkts/479 bytes][Goodput ratio: 85/89][0.04 sec][Host: pdata.video.qiyi.com][URL: pdata.video.qiyi.com/2efc8cd5fbe0f4ee498fb1c2fc1de8b6/videos/v0/20160625/a5/bf/8de9bb946972a88589d1667862292130.f4v?&tn=137719][StatusCode: 200][User-Agent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /2efc)]
45 TCP 192.168.115.8:50467 <-> 202.108.14.219:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/629 bytes <-> 1 pkts/199 bytes][Goodput ratio: 91/73][0.09 sec][Host: msg.71.am][URL: msg.71.am/core?t=11&ct=adstart&starttm=1097&reset=1&ra=2&pf=201&p=11&p1=114&p2=3000&sdktp=1&c1=6&r=500494600&aid=502959900&u=aaoefdtqgfdepxc2tnv3piucgcb4eofn&pu=&os=windows&v=5%2E2%2E15%2E2240&krv=2%2E0%2E102&dt=&hu=-1&rn=1467353119&islocal=0&as=d19f64047][StatusCode: 200][User-Agent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /core)]
46 TCP 192.168.115.8:50484 <-> 202.108.14.219:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/622 bytes <-> 1 pkts/199 bytes][Goodput ratio: 91/73][0.09 sec][Host: msg.71.am][URL: msg.71.am/core?t=5&a=4&isfinish=2&tm=7&ra=2&tra=1&pf=201&p=11&p1=114&p2=3000&sdktp=1&c1=6&r=500494600&aid=502959900&u=aaoefdtqgfdepxc2tnv3piucgcb4eofn&pu=&os=windows&v=5%2E2%2E15%2E2240&krv=2%2E0%2E102&dt=&hu=-1&rn=1467353147&islocal=0&as=d19f64047b641cd6][StatusCode: 200][User-Agent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /core)]
47 TCP 192.168.115.8:50477 <-> 202.108.14.219:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/614 bytes <-> 1 pkts/199 bytes][Goodput ratio: 91/73][0.17 sec][Host: msg.71.am][URL: msg.71.am/core?t=11&ct=adend&reset=0&ra=2&pf=201&p=11&p1=114&p2=3000&sdktp=1&c1=6&r=500494600&aid=502959900&u=aaoefdtqgfdepxc2tnv3piucgcb4eofn&pu=&os=windows&v=5%2E2%2E15%2E2240&krv=2%2E0%2E102&dt=&hu=-1&rn=1467353140&islocal=0&as=d19f64047b641cd6ff096b04][StatusCode: 200][User-Agent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /core)]
48 TCP 192.168.115.8:50774 <-> 202.108.14.219:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/587 bytes <-> 1 pkts/199 bytes][Goodput ratio: 91/73][0.13 sec][Host: msg.71.am][URL: msg.71.am/core?t=11&ct=adend&reset=0&ra=1&pf=201&p=11&p1=114&p2=3000&sdktp=1&c1=31&r=479531000&aid=180932301&u=aaoefdtqgfdepxc2tnv3piucgcb4eofn&pu=&os=Windows%207&v=5%2E2%2E15%2E2240&krv=2%2E0%2E102&dt=&hu=-1&rn=1467353195&islocal=0&as=0311c5a0d5596063db5][StatusCode: 200][User-Agent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /core)]
49 TCP 192.168.115.8:50469 <-> 202.108.14.219:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/573 bytes <-> 1 pkts/199 bytes][Goodput ratio: 90/73][0.15 sec][Host: msg.71.am][URL: msg.71.am/core?t=5&a=2&ra=1&pf=201&p=11&p1=114&p2=3000&sdktp=1&c1=31&r=479531000&aid=180932301&u=aaoefdtqgfdepxc2tnv3piucgcb4eofn&pu=&os=Windows%207&v=5%2E2%2E15%2E2240&krv=2%2E0%2E102&dt=&hu=-1&rn=1467353139&islocal=0&as=0311c5a0d5596063db5944bd76b6cbff&][StatusCode: 200][User-Agent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /core)]
50 TCP 192.168.115.8:50482 <-> 140.205.243.64:80 [proto: 7/HTTP][cat: Web/5][1 pkts/444 bytes <-> 1 pkts/283 bytes][Goodput ratio: 88/81][0.09 sec][Host: cmc.tanx.com][URL: cmc.tanx.com/andc?andc_uid=6693851615885049011&andc_ver=1][StatusCode: 200][User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)][PLAIN TEXT (GET /andc)]
51 TCP 192.168.115.8:50768 <-> 223.26.106.19:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/198 bytes <-> 1 pkts/526 bytes][Goodput ratio: 72/90][0.00 sec][Host: static.qiyi.com][URL: static.qiyi.com/ext/common/qisu2/masblog.ini][StatusCode: 200][User-Agent: masblog_runxx][Risk: ** HTTP Suspicious User-Agent **][PLAIN TEXT (GET /ext/common/qisu2/masblog.i)]
52 TCP 192.168.5.15:65128 <-> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][1 pkts/331 bytes <-> 1 pkts/390 bytes][Goodput ratio: 80/83][0.22 sec][Host: api.magicansoft.com][URL: api.magicansoft.com/comMagicanApi/composite/app.php/Global/Index/ip][StatusCode: 502][User-Agent: Magican (unknown version) CFNetwork/720.5.7 Darwin/14.5.0 (x86_64)][PLAIN TEXT (GET /comMagicanApi/composite/ap)]
53 TCP 192.168.115.8:50509 <-> 106.38.219.107:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/163 bytes <-> 2 pkts/557 bytes][Goodput ratio: 66/80][0.09 sec][Host: iplocation.geo.qiyi.com][URL: iplocation.geo.qiyi.com/cityjson][StatusCode: 200][User-Agent: QYAgent_runxx][PLAIN TEXT (GET /cityjson HTTP/1.1)]
54 TCP 192.168.5.15:65127 <-> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][1 pkts/323 bytes <-> 1 pkts/390 bytes][Goodput ratio: 79/83][0.21 sec][Host: api.magicansoft.com][URL: api.magicansoft.com/comMagicanApi/index.php/ToolBox/version][StatusCode: 502][User-Agent: Magican (unknown version) CFNetwork/720.5.7 Darwin/14.5.0 (x86_64)][PLAIN TEXT (GET /comMagicanApi/index.php/To)]
55 TCP 192.168.115.8:50766 <-> 223.26.106.20:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/198 bytes <-> 1 pkts/493 bytes][Goodput ratio: 72/89][0.00 sec][Host: static.qiyi.com][URL: static.qiyi.com/ext/common/qisu2/masflag.ini][StatusCode: 200][User-Agent: masflag_runxx][Risk: ** HTTP Suspicious User-Agent **][PLAIN TEXT (GET /ext/common/qisu2/masflag.i)]
56 TCP 192.168.115.8:50487 -> 202.108.14.219:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/683 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][< 1 sec][Host: msg.71.am][URL: msg.71.am/core?t=2&chipid=Intel%28R%29%20Core%28TM%29%20i5%2D2557M%20CPU%20%40%201%2E70GHz&tm=15&ra=1&ishcdn=2&pf=201&p=11&p1=114&p2=3000&sdktp=1&c1=6&r=500494600&aid=502959900&u=aaoefdtqgfdepxc2tnv3piucgcb4eofn&pu=&os=windows&v=5%2E2%2E15%2E2240&krv=2%2E][StatusCode: 0][User-Agent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /core)]
57 TCP 192.168.115.8:50489 <-> 119.188.13.188:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/253 bytes <-> 1 pkts/430 bytes][Goodput ratio: 78/87][0.04 sec][Host: pdata.video.qiyi.com][URL: pdata.video.qiyi.com/k][StatusCode: 200][User-Agent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /k HTTP/1.1)]
58 TCP 192.168.115.8:50772 <-> 123.125.111.70:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/399 bytes <-> 1 pkts/275 bytes][Goodput ratio: 86/80][0.14 sec][Host: nl.rcd.iqiyi.com][URL: nl.rcd.iqiyi.com/apis/urc/setrc?ckuid=aaoefdtqgfdepxc2tnv3piucgcb4eofn&tvId=479531000&videoPlayTime=-1&addtime=1467353195&terminalId=12&vType=0&com=2&ppsTvidType=2&agent_type=30][StatusCode: 200][User-Agent: Qiyi List Client PC 5.2.15.2240][PLAIN TEXT (GET /apis/urc/setrc)]
59 TCP 192.168.115.8:50775 <-> 123.125.111.70:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/399 bytes <-> 1 pkts/275 bytes][Goodput ratio: 86/80][3.07 sec][Host: nl.rcd.iqiyi.com][URL: nl.rcd.iqiyi.com/apis/urc/setrc?ckuid=aaoefdtqgfdepxc2tnv3piucgcb4eofn&tvId=479531000&videoPlayTime=-1&addtime=1467353195&terminalId=12&vType=0&com=2&ppsTvidType=2&agent_type=30][StatusCode: 200][User-Agent: Qiyi List Client PC 5.2.15.2240][PLAIN TEXT (GET /apis/urc/setrc)]
60 TCP 192.168.115.8:50470 <-> 202.108.14.236:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/424 bytes <-> 1 pkts/194 bytes][Goodput ratio: 87/72][0.11 sec][Host: msg.iqiyi.com][URL: msg.iqiyi.com/b?t=5&pf=201&p=11&p1=114&a=34&ct=onclick&type=pc&as=&clt=pc_play_player_click&mv=5.2.15.2240&pu=&rn=0FE172EC44C44B86AEEDE54AA00541C457406&u=aaoefdtqgfdepxc2tnv3piucgcb4eofn&v=2.0.102.30147][StatusCode: 200][User-Agent: Qiyi List Client PC 5.2.15.2240][PLAIN TEXT (GET /b)]
61 TCP 192.168.115.8:50508 <-> 223.26.106.19:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/198 bytes <-> 1 pkts/420 bytes][Goodput ratio: 72/87][0.00 sec][Host: static.qiyi.com][URL: static.qiyi.com/ext/common/qisu2/QYAgent.ini][StatusCode: 200][User-Agent: QYAgent_runxx][PLAIN TEXT (GET /ext/common/qisu2/Q)]
62 TCP 192.168.115.8:50483 <-> 202.108.14.219:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/417 bytes <-> 1 pkts/199 bytes][Goodput ratio: 87/73][0.09 sec][Host: msg.71.am][URL: msg.71.am/core?t=1503291&type=vs&uuid=aaoefdtqgfdepxc2tnv3piucgcb4eofn&area=OVERSEA|TW_HiNet&from=BS_High&to=BS_Standard&player_switch_bs_time=41714&average_download_speed_=158515.200000][StatusCode: 200][User-Agent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /core)]
63 TCP 192.168.115.8:50776 <-> 111.206.22.77:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/394 bytes <-> 1 pkts/194 bytes][Goodput ratio: 86/72][0.09 sec][Host: msg.iqiyi.com][URL: msg.iqiyi.com/b?t=11&pf=201&p=11&p1=114&s1=0&ct=140819_adsyn&adsyn=1&brinfo=IE_IE9_9.0.8112.16421_1&os=Windows%207&rn=19252&u=aaoefdtqgfdepxc2tnv3piucgcb4eofn&v=5.2.15.2240][StatusCode: 200][User-Agent: Qiyi List Client PC 5.2.15.2240][PLAIN TEXT (GET /b)]
64 TCP 192.168.115.8:50765 <-> 36.110.220.15:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/264 bytes <-> 1 pkts/199 bytes][Goodput ratio: 79/73][0.07 sec][Host: msg.video.qiyi.com][URL: msg.video.qiyi.com/tmpstats.gif?method=qiubiter&os=windows-6.1.7601_sp1&uuid=350C3F1AC75D40bc90D602DA4E67A72D&softversion=1.0.0.1&source=pps&tasktype=gettaskinfo][StatusCode: 200][User-Agent: QIYiAngent][PLAIN TEXT (GET /tmpstats.gif)]
65 TCP 202.108.14.219:80 -> 192.168.115.8:50295 [proto: 7/HTTP][cat: Web/5][2 pkts/398 bytes -> 0 pkts/0 bytes][Goodput ratio: 73/0][0.07 sec][PLAIN TEXT (HTTP/1.1 200 OK)]
66 UDP 192.168.5.48:63930 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/358 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][3.00 sec][PLAIN TEXT (SEARCH )]
67 TCP 117.79.81.135:80 -> 192.168.115.8:50443 [proto: 7/HTTP][cat: Web/5][1 pkts/347 bytes -> 0 pkts/0 bytes][Goodput ratio: 84/0][< 1 sec][PLAIN TEXT (HTTP/1.1 302 Found)]
68 TCP 192.168.115.8:50781 -> 223.26.106.20:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/303 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Host: preimage1.qiyipic.com][URL: preimage1.qiyipic.com/preimage/20160506/f0/1f/v_110359998_m_611_160_90_3.jpg?no=3][StatusCode: 0][User-Agent: Qiyi List Client PC 5.2.15.2240][PLAIN TEXT (GET /preimage/20160506/f0/1)]
69 TCP 202.108.14.219:80 -> 192.168.115.8:50506 [proto: 7/HTTP][cat: Web/5][1 pkts/199 bytes -> 0 pkts/0 bytes][Goodput ratio: 73/0][< 1 sec][PLAIN TEXT (HTTP/1.1 200 OK)]
70 UDP 192.168.5.63:60976 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/165 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][< 1 sec][PLAIN TEXT (SEARCH )]
71 UDP 192.168.5.63:39383 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/130 bytes -> 0 pkts/0 bytes][Goodput ratio: 67/0][< 1 sec][PLAIN TEXT (SEARCH )]
72 TCP 192.168.115.8:50462 -> 202.108.14.236:80 [proto: 7/HTTP][cat: Web/5][2 pkts/108 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][0.00 sec]
73 TCP 192.168.5.15:65125 -> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][1 pkts/66 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec]
1 TCP 192.168.115.8:50780 <-> 223.26.106.20:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/303 bytes <-> 541 pkts/710082 bytes][Goodput ratio: 82/96][0.98 sec][Host: preimage1.qiyipic.com][bytes ratio: -0.999 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/2 0/77 0/8][Pkt Len c2s/s2c min/avg/max/stddev: 303/522 303/1313 303/1314 0/34][URL: preimage1.qiyipic.com/preimage/20160506/f0/1f/v_110359998_m_611_160_90_2.jpg?no=2][StatusCode: 200][User-Agent: Qiyi List Client PC 5.2.15.2240][PLAIN TEXT (GET /preimage/20160506/f0/1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,99,0,0,0,0,0,0,0]
2 TCP 192.168.115.8:50778 <-> 223.26.106.20:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/303 bytes <-> 528 pkts/692658 bytes][Goodput ratio: 82/96][0.82 sec][Host: preimage1.qiyipic.com][bytes ratio: -0.999 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/1 0/51 0/7][Pkt Len c2s/s2c min/avg/max/stddev: 303/180 303/1312 303/1314 0/49][URL: preimage1.qiyipic.com/preimage/20160506/f0/1f/v_110359998_m_611_160_90_1.jpg?no=1][StatusCode: 200][User-Agent: Qiyi List Client PC 5.2.15.2240][PLAIN TEXT (GET /preimage/20160506/f0/1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,99,0,0,0,0,0,0,0]
3 TCP 192.168.115.8:50505 <-> 223.26.106.19:80 [proto: 7/HTTP][cat: Streaming/17][2 pkts/400 bytes <-> 244 pkts/319633 bytes][Goodput ratio: 73/96][0.11 sec][Host: static.qiyi.com][bytes ratio: -0.998 (Download)][IAT c2s/s2c min/avg/max/stddev: 35/0 35/0 35/35 0/2][Pkt Len c2s/s2c min/avg/max/stddev: 198/566 200/1310 202/1314 2/50][URL: static.qiyi.com/ext/common/qisu2/downloader.ini][StatusCode: 200][User-Agent: Downloader][PLAIN TEXT (GET /ext/common/qisu2/downloade)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,98,0,0,0,0,0,0,0]
4 TCP 192.168.115.8:50491 <-> 223.26.106.66:80 [proto: 7/HTTP][cat: Web/5][1 pkts/426 bytes <-> 26 pkts/33872 bytes][Goodput ratio: 87/96][0.02 sec][Host: 223.26.106.66][bytes ratio: -0.975 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/0 0/3 0/1][Pkt Len c2s/s2c min/avg/max/stddev: 426/1022 426/1303 426/1314 0/56][URL: 223.26.106.66/videos/v0/20160625/a5/bf/8de9bb946972a88589d1667862292130.f4v?key=07eef1821e2379d3136ffe16082185ba2&src=iqiyi.com&&tn=137719&uuid=76a3085a-57760844-de][StatusCode: 0][User-Agent: QY-Player-Windows/2.0.102][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (GET /videos/v)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,92,0,0,0,0,0,0,0]
5 TCP 192.168.115.8:50486 <-> 77.234.40.96:80 [proto: 7/HTTP][cat: Web/5][11 pkts/11023 bytes <-> 12 pkts/14869 bytes][Goodput ratio: 95/96][13.04 sec][Host: bcu.ff.avast.com][bytes ratio: -0.149 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 68/0 307/0 127/0][Pkt Len c2s/s2c min/avg/max/stddev: 231/536 1002/1239 1314/1314 434/215][URL: bcu.ff.avast.com/bc2][StatusCode: 0][Content-Type: application/x-enc][User-Agent: {D699054D-1699-47D2-9B2B-E96F438C1160}][PLAIN TEXT (POST /bc2 HTTP/1.1)][Plen Bins: 0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,4,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,0,73,0,0,0,0,0,0,0]
6 UDP 192.168.5.38:1900 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][18 pkts/9327 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][6.36 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 46/0 393/0 2654/0 855/0][Pkt Len c2s/s2c min/avg/max/stddev: 473/0 518/0 553/0 30/0][PLAIN TEXT (NOTIFY )][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,66,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
7 TCP 192.168.115.8:50476 <-> 101.227.32.39:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/656 bytes <-> 4 pkts/3897 bytes][Goodput ratio: 92/94][0.04 sec][Host: cache.video.iqiyi.com][URL: cache.video.iqiyi.com/vi/500494600/562e26caed5695900212eb3259070f8a/?src=1_11_114][StatusCode: 200][PLAIN TEXT (GET /vi/500494600/562)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,20,0,0,0,0,0,0,0,0,0,0,0,0,60,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
8 TCP 192.168.115.8:50495 <-> 202.108.14.236:80 [proto: 7/HTTP][cat: Streaming/17][3 pkts/2844 bytes <-> 3 pkts/597 bytes][Goodput ratio: 94/73][0.55 sec][Host: msg.71.am][bytes ratio: 0.653 (Upload)][IAT c2s/s2c min/avg/max/stddev: 117/118 216/217 315/316 99/99][Pkt Len c2s/s2c min/avg/max/stddev: 946/199 948/199 952/199 3/0][URL: msg.71.am/cp2.gif?a=4e3ae415a584748ac9aa31628f39d1e8&ai=&as=1:23:23|45&av=4.10.004&b=180932301&c=31&ct=5000000927558&d=2175&di=&dp=71000001&e=c4889e64ad9d9eeb9ff438910850c442&ec=&em=&fi=&g=0&l=MTE4LjE2My44Ljkw&mk=&nw=&od=5000000858874&oi=&p=a&pp=&rc=&rd=&][StatusCode: 200][User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /cp)][Plen Bins: 0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
9 TCP 77.234.41.35:80 <-> 192.168.115.8:49174 [proto: 7/HTTP][cat: Web/5][4 pkts/2953 bytes <-> 1 pkts/356 bytes][Goodput ratio: 93/85][0.24 sec][PLAIN TEXT (HTTP/1.1 200 OK)][Plen Bins: 0,20,0,0,20,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,40,0,0,0,0,0,0,0]
10 TCP 192.168.115.8:50767 <-> 223.26.106.20:80 [proto: 7/HTTP][cat: Streaming/17][4 pkts/800 bytes <-> 4 pkts/2112 bytes][Goodput ratio: 73/90][0.09 sec][Host: static.qiyi.com][bytes ratio: -0.451 (Download)][IAT c2s/s2c min/avg/max/stddev: 19/19 27/27 34/35 6/7][Pkt Len c2s/s2c min/avg/max/stddev: 198/526 200/528 202/530 2/2][URL: static.qiyi.com/ext/common/qisu2/masauto.ini][StatusCode: 200][User-Agent: masauto_runxx][Risk: ** HTTP Suspicious User-Agent **][PLAIN TEXT (GET /ext/common/qisu2/masauto.i)][Plen Bins: 0,0,0,0,50,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
11 TCP 192.168.115.8:50488 <-> 223.26.106.20:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/311 bytes <-> 2 pkts/2035 bytes][Goodput ratio: 82/95][0.06 sec][Host: meta.video.qiyi.com][URL: meta.video.qiyi.com/20160625/a5/bf/413f91ad101e780a6b63f826e28b9920.xml][StatusCode: 200][User-Agent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /20160625/a)][Plen Bins: 0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0]
12 TCP 192.168.115.8:50471 <-> 202.108.14.236:80 [proto: 7/HTTP][cat: Streaming/17][2 pkts/1898 bytes <-> 2 pkts/398 bytes][Goodput ratio: 94/73][2.78 sec][Host: msg.71.am][URL: msg.71.am/cp2.gif?a=4e3ae415a584748ac9aa31628f39d1e8&ai=1||71000001||5000000858874||5000000927558||roll&as=&av=4.10.004&b=180932301&c=31&ct=&d=2175&di=&dp=&e=c4889e64ad9d9eeb9ff438910850c442&ec=&em=&fi=&g=0&l=MTE4LjE2My44Ljkw&mk=&nw=&od=&oi=&p=t&pp=&rc=-1][StatusCode: 200][User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /cp)][Plen Bins: 0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
13 TCP 192.168.115.8:50501 <-> 202.108.14.236:80 [proto: 7/HTTP][cat: Streaming/17][2 pkts/1893 bytes <-> 1 pkts/199 bytes][Goodput ratio: 94/73][7.29 sec][Host: msg.71.am][URL: msg.71.am/cp2.gif?a=4e3ae415a584748ac9aa31628f39d1e8&ai=&as=1:45:23|45&av=4.10.004&b=180932301&c=31&ct=5000000923447&d=2175&di=&dp=71000001&e=c4889e64ad9d9eeb9ff438910850c442&ec=&em=&fi=&g=0&l=MTE4LjE2My44Ljkw&mk=&nw=&od=5000000854934&oi=&p=a&pp=&rc=&rd=&][StatusCode: 200][User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /cp)][Plen Bins: 0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,66,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
14 TCP 192.168.115.8:50463 <-> 101.227.200.11:80 [proto: 7/HTTP][cat: Streaming/17][2 pkts/1555 bytes <-> 1 pkts/306 bytes][Goodput ratio: 93/82][0.04 sec][Host: api.cupid.iqiyi.com][URL: api.cupid.iqiyi.com/track2?a=1&as=1;2,3;4,5&b=1467353138&c=ae87cb3cfdf494aa48dc608909f69250&cv=5.2.15.2240&d=5000000858874&dr=2175&f=4e3ae415a584748ac9aa31628f39d1e8&g=0_aaoefdtqgfdepxc2tnv3piucgcb4eofn&h=&i=qc_100001_100140&iv=0&j=31&k=180932301&kp=4e3ae][StatusCode: 200][User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /track2)][Plen Bins: 0,0,0,0,0,33,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0]
15 TCP 192.168.115.8:50496 <-> 101.227.200.11:80 [proto: 7/HTTP][cat: Streaming/17][2 pkts/1555 bytes <-> 1 pkts/306 bytes][Goodput ratio: 93/82][0.04 sec][Host: api.cupid.iqiyi.com][URL: api.cupid.iqiyi.com/track2?a=0&as=1;2,3;4,5&b=1467353165&c=966542c82a5694d0e943d50d5fcf5a55&cv=5.2.15.2240&d=5000000854934&dr=2175&f=4e3ae415a584748ac9aa31628f39d1e8&g=0_aaoefdtqgfdepxc2tnv3piucgcb4eofn&h=&i=qc_100001_100140&iv=0&j=31&k=180932301&kp=4e3ae][StatusCode: 200][User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /track2)][Plen Bins: 0,0,0,0,0,33,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0]
16 TCP 192.168.115.8:50779 <-> 111.206.22.77:80 [proto: 7/HTTP][cat: Streaming/17][2 pkts/1438 bytes <-> 1 pkts/194 bytes][Goodput ratio: 92/72][0.10 sec][Host: msg.iqiyi.com][URL: msg.iqiyi.com/b?pf=201&p=11&p1=114&ap=0&source1=list&source2=online_l&t=201&ct=clt__pl_play&album_id=180932301&c1=479531000&clt=homedl&cn=160505-%E6%AD%A3%E7%89%87%EF%BC%9A%E9%83%91%E6%81%BA%E6%AC%A7%E5%B7%B4%E4%BA%8C%E6%AC%A1%E5%BD%92%E6%9D%A5%E5%8F%8D%E][StatusCode: 200][User-Agent: Qiyi List Client PC 5.2.15.2240][PLAIN TEXT (GET /b)][Plen Bins: 0,0,33,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0]
17 UDP 192.168.5.38:58897 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1575 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][24.02 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2999/0 3002/0 3008/0 3/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
18 UDP 192.168.115.1:50945 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1539 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][6.03 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 30/0 753/0 2839/0 1189/0][Pkt Len c2s/s2c min/avg/max/stddev: 165/0 171/0 175/0 5/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,44,55,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
19 TCP 192.168.115.8:50464 <-> 123.125.112.49:80 [proto: 7/HTTP][cat: Web/5][1 pkts/707 bytes <-> 1 pkts/744 bytes][Goodput ratio: 92/93][0.12 sec][Host: click.hm.baidu.com][URL: click.hm.baidu.com/clk?53e25e33e064c657c06b558e5c3c33fd][StatusCode: 302][User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /clk)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
20 TCP 192.168.115.8:50492 <-> 111.206.13.3:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/389 bytes <-> 2 pkts/1034 bytes][Goodput ratio: 86/89][0.28 sec][Host: pdata.video.qiyi.com][URL: pdata.video.qiyi.com/2efc8cd5fbe0f4ee498fb1c2fc1de8b6/videos/v0/20160625/a5/bf/8de9bb946972a88589d1667862292130.f4v?qyid=aaoefdtqgfdepxc2tnv3piucgcb4eofn&qypid=2012][StatusCode: 200][User-Agent: HCDNClient_WINPC;libcurl/7.26.0 OpenSSL/1.0.1g zlib/1.2.5;QK/10.0.0.293][PLAIN TEXT (GET /2efc)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,33,0,0,0,66,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
21 TCP 192.168.115.8:50777 <-> 111.206.22.77:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/1186 bytes <-> 1 pkts/194 bytes][Goodput ratio: 95/72][0.09 sec][Host: msg.iqiyi.com][URL: msg.iqiyi.com/b?pf=201&p=11&p1=114&ap=0&source1=list&source2=online_l&t=11&ct=pc__ad_play&album_id=180932301&c1=479531000&clt=homedl&cn=160505-%E6%AD%A3%E7%89%87%EF%BC%9A%E9%83%91%E6%81%BA%E6%AC%A7%E5%B7%B4%E4%BA%8C%E6%AC%A1%E5%BD%92%E6%9D%A5%E5%8F%8D%E9%][StatusCode: 200][User-Agent: Qiyi List Client PC 5.2.15.2240][PLAIN TEXT (GET /b)][Plen Bins: 0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0]
22 TCP 192.168.115.8:50494 <-> 223.26.106.66:80 [proto: 7/HTTP][cat: Web/5][2 pkts/887 bytes <-> 1 pkts/443 bytes][Goodput ratio: 88/88][2.24 sec][Host: 223.26.106.66][URL: 223.26.106.66/videos/v0/20160625/a5/bf/8de9bb946972a88589d1667862292130.f4v?key=07eef1821e2379d3136ffe16082185ba2&src=iqiyi.com&qyid=aaoefdtqgfdepxc2tnv3piucgcb4eofn&qypid=2012&uuid=76a3085a-57760844-8b][StatusCode: 200][User-Agent: HCDNClient_WINPC;libcurl/7.26.0 OpenSSL/1.0.1g zlib/1.2.5;QK/10.0.0.293][Risk: ** HTTP Numeric IP Address **][PLAIN TEXT (GET /videos/v)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,33,66,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
23 TCP 192.168.115.8:50497 <-> 123.125.112.49:80 [proto: 7/HTTP][cat: Web/5][1 pkts/1004 bytes <-> 2 pkts/301 bytes][Goodput ratio: 95/62][0.10 sec][Host: click.hm.baidu.com][URL: click.hm.baidu.com/mkt.gif?ai=8452891900c903ae7a876447923a5aec&et=0][StatusCode: 204][User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /mkt.gif)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
24 TCP 192.168.115.8:50499 <-> 111.206.22.76:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/1097 bytes <-> 1 pkts/199 bytes][Goodput ratio: 95/73][0.78 sec][Host: msg.iqiyi.com][URL: msg.iqiyi.com/b?t=5&pf=201&p=11&p1=114&rn=1467353167221&a=34&clt=tvg2015_baikeB_comment_show&type=pc&ref=noref&url=http%3A//vodguide.pps.iqiyi.com/page.php%3Fversion%3D5.2.15.2240%23class%3D200003719%2524%2524%2524%2524180932301%26entityid%3D479531000%26b][StatusCode: 200][User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)][PLAIN TEXT (GET /b)][Plen Bins: 0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
25 TCP 192.168.115.8:50474 <-> 202.108.14.221:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/1100 bytes <-> 1 pkts/194 bytes][Goodput ratio: 95/72][0.05 sec][Host: msg.iqiyi.com][URL: msg.iqiyi.com/b?c1=6&s1=1&macid=aaoefdtqgfdepxc2tnv3piucgcb4eofn&channelid=000&nu=&e=1352528&se=1253811&r=500494600&aduid=d07dfd30f0ee4e48bbcaf1208c758471&ctm=1375211&playsource=001004000&vid=562e26caed5695900212eb3259070f8a&albumid=500494600&ra=2&td=2265][StatusCode: 200][User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.307][PLAIN TEXT (GET /b)][Plen Bins: 0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
26 TCP 192.168.115.8:50507 <-> 223.26.106.19:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/212 bytes <-> 1 pkts/1063 bytes][Goodput ratio: 74/95][0.00 sec][Host: static.qiyi.com][URL: static.qiyi.com/ext/common/qisu2/downloadhelper.ini][StatusCode: 200][User-Agent: DownloadHelper_runxx][PLAIN TEXT (GET /ext/common/qisu2/downloadh)][Plen Bins: 0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
27 TCP 192.168.115.8:50485 <-> 202.108.14.236:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/947 bytes <-> 1 pkts/199 bytes][Goodput ratio: 94/73][0.16 sec][Host: msg.71.am][URL: msg.71.am/cp2.gif?a=4e3ae415a584748ac9aa31628f39d1e8&ai=&as=1:23:23|45&av=4.10.004&b=180932301&c=31&ct=5000000927558&d=2175&di=&dp=71000001&e=c4889e64ad9d9eeb9ff438910850c442&ec=&em=&fi=&g=0&l=MTE4LjE2My44Ljkw&mk=&nw=&od=5000000858874&oi=&p=a&pp=&rc=&rd=&][StatusCode: 200][User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /cp)][Plen Bins: 0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
28 TCP 192.168.115.8:50502 <-> 202.108.14.236:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/947 bytes <-> 1 pkts/199 bytes][Goodput ratio: 94/73][0.09 sec][Host: msg.71.am][URL: msg.71.am/cp2.gif?a=4e3ae415a584748ac9aa31628f39d1e8&ai=&as=1:45:23|45&av=4.10.004&b=180932301&c=31&ct=5000000923447&d=2175&di=&dp=71000001&e=c4889e64ad9d9eeb9ff438910850c442&ec=&em=&fi=&g=0&l=MTE4LjE2My44Ljkw&mk=&nw=&od=5000000854934&oi=&p=a&pp=&rc=&rd=&][StatusCode: 200][User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /cp)][Plen Bins: 0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
29 TCP 192.168.115.8:50493 <-> 202.108.14.236:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/946 bytes <-> 1 pkts/199 bytes][Goodput ratio: 94/73][0.06 sec][Host: msg.71.am][URL: msg.71.am/cp2.gif?a=4e3ae415a584748ac9aa31628f39d1e8&ai=&as=1:23:23|45&av=4.10.004&b=180932301&c=31&ct=5000000927558&d=2175&di=&dp=71000001&e=c4889e64ad9d9eeb9ff438910850c442&ec=&em=&fi=&g=0&l=MTE4LjE2My44Ljkw&mk=&nw=&od=5000000858874&oi=&p=a&pp=&rc=&rd=&][StatusCode: 200][User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /cp)][Plen Bins: 0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
30 TCP 192.168.115.8:50771 <-> 202.108.14.236:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/946 bytes <-> 1 pkts/199 bytes][Goodput ratio: 94/73][0.10 sec][Host: msg.71.am][URL: msg.71.am/cp2.gif?a=4e3ae415a584748ac9aa31628f39d1e8&ai=&as=1:45:23|45&av=4.10.004&b=180932301&c=31&ct=5000000923447&d=2175&di=&dp=71000001&e=c4889e64ad9d9eeb9ff438910850c442&ec=&em=&fi=&g=0&l=MTE4LjE2My44Ljkw&mk=&nw=&od=5000000854934&oi=&p=a&pp=&rc=&rd=&][StatusCode: 200][User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /cp)][Plen Bins: 0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
31 TCP 192.168.115.8:50473 <-> 202.108.14.219:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/944 bytes <-> 1 pkts/199 bytes][Goodput ratio: 94/73][0.18 sec][Host: msg.71.am][URL: msg.71.am/core?t=1&reset=0&vfrmtp=1&tm1=&tm2=0&tm21=0&tm22=0&tm23=0&tm24=0&tm3=117&tm31=0&tm32=47&tm33=78&tm34=1&tm4=137&tm41=0&tm42=16&tm43=125&tm44=2&tm5=165&tm51=0&tm52=0&tm53=0&tm54=10&tm6=&tm62=0&tm63=0&tm7=0&tm71=0&tm72=0&tm73=0&tm8=0&tm81=0&tm82=0&][StatusCode: 200][User-Agent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /core)][Plen Bins: 0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
32 TCP 192.168.115.8:50475 <-> 202.108.14.236:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/941 bytes <-> 1 pkts/199 bytes][Goodput ratio: 94/73][0.06 sec][Host: msg.71.am][URL: msg.71.am/cp2.gif?a=4e3ae415a584748ac9aa31628f39d1e8&ai=&as=1:2:1|2&av=4.10.004&b=204076701&c=6&ct=5000000926795&d=158&di=&dp=71000001&e=512ab77de7f67d49f24d3511778220d0&ec=&em=&fi=&g=0&l=MTE4LjE2My44Ljkw&mk=&nw=&od=5000000856344&oi=&p=a&pp=&rc=&rd=&ri=&s][StatusCode: 200][User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /cp)][Plen Bins: 0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
33 TCP 192.168.115.8:50500 <-> 23.41.133.163:80 [proto: 7/HTTP][cat: Web/5][1 pkts/289 bytes <-> 1 pkts/839 bytes][Goodput ratio: 81/93][0.00 sec][Host: s1.symcb.com][URL: s1.symcb.com/pca3-g5.crl][StatusCode: 200][User-Agent: Microsoft-CryptoAPI/6.1][PLAIN TEXT (GET /pca3)][Plen Bins: 0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
34 TCP 192.168.115.8:50773 <-> 202.108.14.221:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/919 bytes <-> 1 pkts/199 bytes][Goodput ratio: 94/73][0.10 sec][Host: msg.71.am][URL: msg.71.am/core?t=1&reset=0&vfrmtp=1&tm1=&tm2=0&tm21=0&tm22=0&tm23=0&tm24=0&tm3=209&tm31=94&tm32=31&tm33=78&tm34=1&tm4=176&tm41=47&tm42=16&tm43=78&tm44=7&tm5=328&tm51=0&tm52=0&tm53=0&tm54=63&tm6=&tm62=0&tm63=0&tm7=0&tm71=0&tm72=0&tm73=0&tm8=0&tm81=0&tm82=0][StatusCode: 200][User-Agent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /core)][Plen Bins: 0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
35 TCP 192.168.115.8:50466 <-> 203.66.182.24:80 [proto: 7.126/HTTP.Google][cat: Web/5][1 pkts/280 bytes <-> 1 pkts/813 bytes][Goodput ratio: 80/93][0.00 sec][Host: clients1.google.com][URL: clients1.google.com/ocsp/MEkwRzBFMEMwQTAJBgUrDgMCGgUABBTy4Gr5hYodjXCbSRkjeqm1Gih%2BZAQUSt0GFhu89mi1dvWBtrtiGrpagS8CCEYrFXkq2ugz][StatusCode: 200][User-Agent: Microsoft-CryptoAPI/6.1][PLAIN TEXT (GET /ocsp/MEkwRzBFMEMwQ)][Plen Bins: 0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
36 UDP 192.168.5.50:52529 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1074 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][15.01 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2999/0 3001/0 3005/0 2/0][Pkt Len c2s/s2c min/avg/max/stddev: 179/0 179/0 179/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
37 UDP 192.168.5.28:60023 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1050 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][15.02 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 3000/0 3004/0 3014/0 5/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
38 UDP 192.168.5.57:59648 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1050 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][15.04 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2999/0 3008/0 3038/0 15/0][Pkt Len c2s/s2c min/avg/max/stddev: 175/0 175/0 175/0 0/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
39 TCP 192.168.115.8:50504 -> 202.108.14.236:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/946 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][Host: msg.71.am][URL: msg.71.am/cp2.gif?a=4e3ae415a584748ac9aa31628f39d1e8&ai=&as=1:45:23|45&av=4.10.004&b=180932301&c=31&ct=5000000923447&d=2175&di=&dp=71000001&e=c4889e64ad9d9eeb9ff438910850c442&ec=&em=&fi=&g=0&l=MTE4LjE2My44Ljkw&mk=&nw=&od=5000000854934&oi=&p=a&pp=&rc=&rd=&][StatusCode: 0][User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR ][PLAIN TEXT (GET /cp)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
40 TCP 192.168.115.8:50769 <-> 101.227.200.11:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/604 bytes <-> 1 pkts/291 bytes][Goodput ratio: 91/81][0.03 sec][Host: api.cupid.iqiyi.com][URL: api.cupid.iqiyi.com/ccs][StatusCode: 200][User-Agent: CookieClear_runxx][PLAIN TEXT (GET /ccs HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
41 TCP 192.168.115.8:50498 <-> 36.110.220.15:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/694 bytes <-> 1 pkts/199 bytes][Goodput ratio: 92/73][0.09 sec][Host: msg.video.qiyi.com][URL: msg.video.qiyi.com/tmpstats.gif?type=recctplay20121226&usract=show&ppuid=-1&uid=aaoefdtqgfdepxc2tnv3piucgcb4eofn&event_id=4b0868920b0f8285320a9e00ee0369e5&cid=31&bkt=pps_c_zebra_main_default&area=pps_c_zebra&platform=2012&albumlist=470694500,471591300,465][StatusCode: 200][User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)][PLAIN TEXT (GET /tmpstats.gif)][Plen Bins: 0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
42 TCP 192.168.115.8:50503 <-> 202.108.14.219:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/683 bytes <-> 1 pkts/199 bytes][Goodput ratio: 92/73][0.06 sec][Host: msg.71.am][URL: msg.71.am/core?t=2&chipid=Intel%28R%29%20Core%28TM%29%20i5%2D2557M%20CPU%20%40%201%2E70GHz&tm=30&ra=1&ishcdn=2&pf=201&p=11&p1=114&p2=3000&sdktp=1&c1=6&r=500494600&aid=502959900&u=aaoefdtqgfdepxc2tnv3piucgcb4eofn&pu=&os=windows&v=5%2E2%2E15%2E2240&krv=2%2E][StatusCode: 200][User-Agent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /core)][Plen Bins: 0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
43 UDP 192.168.5.41:50374 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][5 pkts/875 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][12.04 sec][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
44 TCP 192.168.115.8:50490 <-> 119.188.13.188:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/357 bytes <-> 1 pkts/479 bytes][Goodput ratio: 85/89][0.04 sec][Host: pdata.video.qiyi.com][URL: pdata.video.qiyi.com/2efc8cd5fbe0f4ee498fb1c2fc1de8b6/videos/v0/20160625/a5/bf/8de9bb946972a88589d1667862292130.f4v?&tn=137719][StatusCode: 200][User-Agent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /2efc)][Plen Bins: 0,0,0,0,0,0,0,0,0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
45 TCP 192.168.115.8:50467 <-> 202.108.14.219:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/629 bytes <-> 1 pkts/199 bytes][Goodput ratio: 91/73][0.09 sec][Host: msg.71.am][URL: msg.71.am/core?t=11&ct=adstart&starttm=1097&reset=1&ra=2&pf=201&p=11&p1=114&p2=3000&sdktp=1&c1=6&r=500494600&aid=502959900&u=aaoefdtqgfdepxc2tnv3piucgcb4eofn&pu=&os=windows&v=5%2E2%2E15%2E2240&krv=2%2E0%2E102&dt=&hu=-1&rn=1467353119&islocal=0&as=d19f64047][StatusCode: 200][User-Agent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /core)][Plen Bins: 0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
46 TCP 192.168.115.8:50484 <-> 202.108.14.219:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/622 bytes <-> 1 pkts/199 bytes][Goodput ratio: 91/73][0.09 sec][Host: msg.71.am][URL: msg.71.am/core?t=5&a=4&isfinish=2&tm=7&ra=2&tra=1&pf=201&p=11&p1=114&p2=3000&sdktp=1&c1=6&r=500494600&aid=502959900&u=aaoefdtqgfdepxc2tnv3piucgcb4eofn&pu=&os=windows&v=5%2E2%2E15%2E2240&krv=2%2E0%2E102&dt=&hu=-1&rn=1467353147&islocal=0&as=d19f64047b641cd6][StatusCode: 200][User-Agent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /core)][Plen Bins: 0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
47 TCP 192.168.115.8:50477 <-> 202.108.14.219:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/614 bytes <-> 1 pkts/199 bytes][Goodput ratio: 91/73][0.17 sec][Host: msg.71.am][URL: msg.71.am/core?t=11&ct=adend&reset=0&ra=2&pf=201&p=11&p1=114&p2=3000&sdktp=1&c1=6&r=500494600&aid=502959900&u=aaoefdtqgfdepxc2tnv3piucgcb4eofn&pu=&os=windows&v=5%2E2%2E15%2E2240&krv=2%2E0%2E102&dt=&hu=-1&rn=1467353140&islocal=0&as=d19f64047b641cd6ff096b04][StatusCode: 200][User-Agent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /core)][Plen Bins: 0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
48 TCP 192.168.115.8:50774 <-> 202.108.14.219:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/587 bytes <-> 1 pkts/199 bytes][Goodput ratio: 91/73][0.13 sec][Host: msg.71.am][URL: msg.71.am/core?t=11&ct=adend&reset=0&ra=1&pf=201&p=11&p1=114&p2=3000&sdktp=1&c1=31&r=479531000&aid=180932301&u=aaoefdtqgfdepxc2tnv3piucgcb4eofn&pu=&os=Windows%207&v=5%2E2%2E15%2E2240&krv=2%2E0%2E102&dt=&hu=-1&rn=1467353195&islocal=0&as=0311c5a0d5596063db5][StatusCode: 200][User-Agent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /core)][Plen Bins: 0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
49 TCP 192.168.115.8:50469 <-> 202.108.14.219:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/573 bytes <-> 1 pkts/199 bytes][Goodput ratio: 90/73][0.15 sec][Host: msg.71.am][URL: msg.71.am/core?t=5&a=2&ra=1&pf=201&p=11&p1=114&p2=3000&sdktp=1&c1=31&r=479531000&aid=180932301&u=aaoefdtqgfdepxc2tnv3piucgcb4eofn&pu=&os=Windows%207&v=5%2E2%2E15%2E2240&krv=2%2E0%2E102&dt=&hu=-1&rn=1467353139&islocal=0&as=0311c5a0d5596063db5944bd76b6cbff&][StatusCode: 200][User-Agent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /core)][Plen Bins: 0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
50 TCP 192.168.115.8:50482 <-> 140.205.243.64:80 [proto: 7/HTTP][cat: Web/5][1 pkts/444 bytes <-> 1 pkts/283 bytes][Goodput ratio: 88/81][0.09 sec][Host: cmc.tanx.com][URL: cmc.tanx.com/andc?andc_uid=6693851615885049011&andc_ver=1][StatusCode: 200][User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)][PLAIN TEXT (GET /andc)][Plen Bins: 0,0,0,0,0,0,0,50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
51 TCP 192.168.115.8:50768 <-> 223.26.106.19:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/198 bytes <-> 1 pkts/526 bytes][Goodput ratio: 72/90][0.00 sec][Host: static.qiyi.com][URL: static.qiyi.com/ext/common/qisu2/masblog.ini][StatusCode: 200][User-Agent: masblog_runxx][Risk: ** HTTP Suspicious User-Agent **][PLAIN TEXT (GET /ext/common/qisu2/masblog.i)][Plen Bins: 0,0,0,0,50,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
52 TCP 192.168.5.15:65128 <-> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][1 pkts/331 bytes <-> 1 pkts/390 bytes][Goodput ratio: 80/83][0.22 sec][Host: api.magicansoft.com][URL: api.magicansoft.com/comMagicanApi/composite/app.php/Global/Index/ip][StatusCode: 502][User-Agent: Magican (unknown version) CFNetwork/720.5.7 Darwin/14.5.0 (x86_64)][PLAIN TEXT (GET /comMagicanApi/composite/ap)][Plen Bins: 0,0,0,0,0,0,0,0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
53 TCP 192.168.115.8:50509 <-> 106.38.219.107:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/163 bytes <-> 2 pkts/557 bytes][Goodput ratio: 66/80][0.09 sec][Host: iplocation.geo.qiyi.com][URL: iplocation.geo.qiyi.com/cityjson][StatusCode: 200][User-Agent: QYAgent_runxx][PLAIN TEXT (GET /cityjson HTTP/1.1)][Plen Bins: 33,0,0,33,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
54 TCP 192.168.5.15:65127 <-> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][1 pkts/323 bytes <-> 1 pkts/390 bytes][Goodput ratio: 79/83][0.21 sec][Host: api.magicansoft.com][URL: api.magicansoft.com/comMagicanApi/index.php/ToolBox/version][StatusCode: 502][User-Agent: Magican (unknown version) CFNetwork/720.5.7 Darwin/14.5.0 (x86_64)][PLAIN TEXT (GET /comMagicanApi/index.php/To)][Plen Bins: 0,0,0,0,0,0,0,0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
55 TCP 192.168.115.8:50766 <-> 223.26.106.20:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/198 bytes <-> 1 pkts/493 bytes][Goodput ratio: 72/89][0.00 sec][Host: static.qiyi.com][URL: static.qiyi.com/ext/common/qisu2/masflag.ini][StatusCode: 200][User-Agent: masflag_runxx][Risk: ** HTTP Suspicious User-Agent **][PLAIN TEXT (GET /ext/common/qisu2/masflag.i)][Plen Bins: 0,0,0,0,50,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
56 TCP 192.168.115.8:50487 -> 202.108.14.219:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/683 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][< 1 sec][Host: msg.71.am][URL: msg.71.am/core?t=2&chipid=Intel%28R%29%20Core%28TM%29%20i5%2D2557M%20CPU%20%40%201%2E70GHz&tm=15&ra=1&ishcdn=2&pf=201&p=11&p1=114&p2=3000&sdktp=1&c1=6&r=500494600&aid=502959900&u=aaoefdtqgfdepxc2tnv3piucgcb4eofn&pu=&os=windows&v=5%2E2%2E15%2E2240&krv=2%2E][StatusCode: 0][User-Agent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /core)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
57 TCP 192.168.115.8:50489 <-> 119.188.13.188:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/253 bytes <-> 1 pkts/430 bytes][Goodput ratio: 78/87][0.04 sec][Host: pdata.video.qiyi.com][URL: pdata.video.qiyi.com/k][StatusCode: 200][User-Agent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /k HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
58 TCP 192.168.115.8:50772 <-> 123.125.111.70:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/399 bytes <-> 1 pkts/275 bytes][Goodput ratio: 86/80][0.14 sec][Host: nl.rcd.iqiyi.com][URL: nl.rcd.iqiyi.com/apis/urc/setrc?ckuid=aaoefdtqgfdepxc2tnv3piucgcb4eofn&tvId=479531000&videoPlayTime=-1&addtime=1467353195&terminalId=12&vType=0&com=2&ppsTvidType=2&agent_type=30][StatusCode: 200][User-Agent: Qiyi List Client PC 5.2.15.2240][PLAIN TEXT (GET /apis/urc/setrc)][Plen Bins: 0,0,0,0,0,0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
59 TCP 192.168.115.8:50775 <-> 123.125.111.70:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/399 bytes <-> 1 pkts/275 bytes][Goodput ratio: 86/80][3.07 sec][Host: nl.rcd.iqiyi.com][URL: nl.rcd.iqiyi.com/apis/urc/setrc?ckuid=aaoefdtqgfdepxc2tnv3piucgcb4eofn&tvId=479531000&videoPlayTime=-1&addtime=1467353195&terminalId=12&vType=0&com=2&ppsTvidType=2&agent_type=30][StatusCode: 200][User-Agent: Qiyi List Client PC 5.2.15.2240][PLAIN TEXT (GET /apis/urc/setrc)][Plen Bins: 0,0,0,0,0,0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
60 TCP 192.168.115.8:50470 <-> 202.108.14.236:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/424 bytes <-> 1 pkts/194 bytes][Goodput ratio: 87/72][0.11 sec][Host: msg.iqiyi.com][URL: msg.iqiyi.com/b?t=5&pf=201&p=11&p1=114&a=34&ct=onclick&type=pc&as=&clt=pc_play_player_click&mv=5.2.15.2240&pu=&rn=0FE172EC44C44B86AEEDE54AA00541C457406&u=aaoefdtqgfdepxc2tnv3piucgcb4eofn&v=2.0.102.30147][StatusCode: 200][User-Agent: Qiyi List Client PC 5.2.15.2240][PLAIN TEXT (GET /b)][Plen Bins: 0,0,0,0,50,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
61 TCP 192.168.115.8:50508 <-> 223.26.106.19:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/198 bytes <-> 1 pkts/420 bytes][Goodput ratio: 72/87][0.00 sec][Host: static.qiyi.com][URL: static.qiyi.com/ext/common/qisu2/QYAgent.ini][StatusCode: 200][User-Agent: QYAgent_runxx][PLAIN TEXT (GET /ext/common/qisu2/Q)][Plen Bins: 0,0,0,0,50,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
62 TCP 192.168.115.8:50483 <-> 202.108.14.219:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/417 bytes <-> 1 pkts/199 bytes][Goodput ratio: 87/73][0.09 sec][Host: msg.71.am][URL: msg.71.am/core?t=1503291&type=vs&uuid=aaoefdtqgfdepxc2tnv3piucgcb4eofn&area=OVERSEA|TW_HiNet&from=BS_High&to=BS_Standard&player_switch_bs_time=41714&average_download_speed_=158515.200000][StatusCode: 200][User-Agent: QY-Player-Windows/2.0.102][PLAIN TEXT (GET /core)][Plen Bins: 0,0,0,0,50,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
63 TCP 192.168.115.8:50776 <-> 111.206.22.77:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/394 bytes <-> 1 pkts/194 bytes][Goodput ratio: 86/72][0.09 sec][Host: msg.iqiyi.com][URL: msg.iqiyi.com/b?t=11&pf=201&p=11&p1=114&s1=0&ct=140819_adsyn&adsyn=1&brinfo=IE_IE9_9.0.8112.16421_1&os=Windows%207&rn=19252&u=aaoefdtqgfdepxc2tnv3piucgcb4eofn&v=5.2.15.2240][StatusCode: 200][User-Agent: Qiyi List Client PC 5.2.15.2240][PLAIN TEXT (GET /b)][Plen Bins: 0,0,0,0,50,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
64 TCP 192.168.115.8:50765 <-> 36.110.220.15:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/264 bytes <-> 1 pkts/199 bytes][Goodput ratio: 79/73][0.07 sec][Host: msg.video.qiyi.com][URL: msg.video.qiyi.com/tmpstats.gif?method=qiubiter&os=windows-6.1.7601_sp1&uuid=350C3F1AC75D40bc90D602DA4E67A72D&softversion=1.0.0.1&source=pps&tasktype=gettaskinfo][StatusCode: 200][User-Agent: QIYiAngent][PLAIN TEXT (GET /tmpstats.gif)][Plen Bins: 0,0,0,0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
65 TCP 202.108.14.219:80 -> 192.168.115.8:50295 [proto: 7/HTTP][cat: Web/5][2 pkts/398 bytes -> 0 pkts/0 bytes][Goodput ratio: 73/0][0.07 sec][PLAIN TEXT (HTTP/1.1 200 OK)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
66 UDP 192.168.5.48:63930 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/358 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][3.00 sec][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
67 TCP 117.79.81.135:80 -> 192.168.115.8:50443 [proto: 7/HTTP][cat: Web/5][1 pkts/347 bytes -> 0 pkts/0 bytes][Goodput ratio: 84/0][< 1 sec][PLAIN TEXT (HTTP/1.1 302 Found)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
68 TCP 192.168.115.8:50781 -> 223.26.106.20:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/303 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Host: preimage1.qiyipic.com][URL: preimage1.qiyipic.com/preimage/20160506/f0/1f/v_110359998_m_611_160_90_3.jpg?no=3][StatusCode: 0][User-Agent: Qiyi List Client PC 5.2.15.2240][PLAIN TEXT (GET /preimage/20160506/f0/1)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
69 TCP 202.108.14.219:80 -> 192.168.115.8:50506 [proto: 7/HTTP][cat: Web/5][1 pkts/199 bytes -> 0 pkts/0 bytes][Goodput ratio: 73/0][< 1 sec][PLAIN TEXT (HTTP/1.1 200 OK)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
70 UDP 192.168.5.63:60976 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/165 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][< 1 sec][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
71 UDP 192.168.5.63:39383 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/130 bytes -> 0 pkts/0 bytes][Goodput ratio: 67/0][< 1 sec][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
72 TCP 192.168.115.8:50462 -> 202.108.14.236:80 [proto: 7/HTTP][cat: Web/5][2 pkts/108 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][0.00 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
73 TCP 192.168.5.15:65125 -> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][1 pkts/66 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Undetected flows:
1 UDP 1.173.5.226:22636 <-> 192.168.115.8:22793 [proto: 0/Unknown][130 pkts/143912 bytes <-> 270 pkts/21334 bytes][Goodput ratio: 96/47][0.55 sec][bytes ratio: 0.742 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 4/1 17/19 5/4][Pkt Len c2s/s2c min/avg/max/stddev: 1107/79 1107/79 1109/81 0/0][PLAIN TEXT (lllllllh)]
2 UDP 192.168.115.8:22793 <-> 114.42.0.158:7716 [proto: 0/Unknown][229 pkts/18091 bytes <-> 109 pkts/120663 bytes][Goodput ratio: 47/96][0.54 sec][bytes ratio: -0.739 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2/4 30/32 5/7][Pkt Len c2s/s2c min/avg/max/stddev: 79/1107 79/1107 79/1107 0/0][PLAIN TEXT (66666662)]
3 UDP 118.171.15.56:5544 <-> 192.168.115.8:22793 [proto: 0/Unknown][30 pkts/33210 bytes <-> 71 pkts/5609 bytes][Goodput ratio: 96/47][0.55 sec][bytes ratio: 0.711 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2/0 17/7 25/25 7/9][Pkt Len c2s/s2c min/avg/max/stddev: 1107/79 1107/79 1107/79 0/0][PLAIN TEXT (YYYYYYY)]
4 UDP 192.168.115.8:22793 <-> 219.228.107.156:1250 [proto: 0/Unknown][34 pkts/2686 bytes <-> 11 pkts/12177 bytes][Goodput ratio: 47/96][0.51 sec][bytes ratio: -0.639 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/30 15/46 45/68 18/14][Pkt Len c2s/s2c min/avg/max/stddev: 79/1107 79/1107 79/1107 0/0][PLAIN TEXT (CCCCCCC)]
5 UDP 192.168.115.8:22793 <-> 222.197.138.12:6956 [proto: 0/Unknown][30 pkts/2370 bytes <-> 10 pkts/10042 bytes][Goodput ratio: 47/96][0.54 sec][bytes ratio: -0.618 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/12 17/44 71/77 22/23][Pkt Len c2s/s2c min/avg/max/stddev: 79/61 79/1004 79/1125 0/314][PLAIN TEXT (hhhhhhhl)]
6 UDP 192.168.115.8:22793 <-> 202.198.7.89:16039 [proto: 0/Unknown][2 pkts/158 bytes <-> 3 pkts/3323 bytes][Goodput ratio: 47/96][0.22 sec][PLAIN TEXT (bTTTUQX)]
7 UDP 192.168.115.8:22793 -> 1.169.136.116:17951 [proto: 0/Unknown][4 pkts/512 bytes -> 0 pkts/0 bytes][Goodput ratio: 67/0][0.00 sec][PLAIN TEXT (444444)]
8 UDP 192.168.115.8:22793 -> 114.41.144.153:10492 [proto: 0/Unknown][4 pkts/512 bytes -> 0 pkts/0 bytes][Goodput ratio: 67/0][0.00 sec][PLAIN TEXT (444444)]
9 UDP 192.168.115.8:22793 -> 218.61.39.103:17788 [proto: 0/Unknown][2 pkts/300 bytes -> 0 pkts/0 bytes][Goodput ratio: 72/0][< 1 sec]
10 UDP 192.168.115.8:22793 -> 119.188.133.182:17788 [proto: 0/Unknown][2 pkts/260 bytes -> 0 pkts/0 bytes][Goodput ratio: 67/0][< 1 sec]
11 UDP 192.168.115.8:22793 -> 183.61.167.104:17788 [proto: 0/Unknown][2 pkts/260 bytes -> 0 pkts/0 bytes][Goodput ratio: 67/0][< 1 sec]
12 UDP 192.168.115.8:22793 -> 218.61.39.87:17788 [proto: 0/Unknown][2 pkts/260 bytes -> 0 pkts/0 bytes][Goodput ratio: 67/0][0.00 sec]
13 UDP 183.228.182.44:13913 <-> 192.168.115.8:22793 [proto: 0/Unknown][1 pkts/87 bytes <-> 2 pkts/170 bytes][Goodput ratio: 51/50][< 1 sec][PLAIN TEXT (wsssss)]
14 UDP 192.168.115.8:22793 -> 183.61.167.82:17788 [proto: 0/Unknown][2 pkts/188 bytes -> 0 pkts/0 bytes][Goodput ratio: 55/0][0.00 sec]
15 UDP 192.168.115.8:22793 -> 220.130.154.23:35941 [proto: 0/Unknown][2 pkts/174 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][0.00 sec]
16 UDP 192.168.115.8:22793 -> 111.249.53.196:32443 [proto: 0/Unknown][2 pkts/158 bytes -> 0 pkts/0 bytes][Goodput ratio: 47/0][0.00 sec][PLAIN TEXT (222222266)]
17 UDP 192.168.115.8:22793 -> 1.175.128.104:5185 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][< 1 sec]
18 UDP 192.168.115.8:22793 -> 36.233.39.81:18590 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][0.00 sec]
19 UDP 192.168.115.8:22793 -> 36.237.154.69:4316 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][0.00 sec]
20 UDP 192.168.115.8:22793 -> 61.223.204.67:11102 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][< 1 sec]
21 UDP 192.168.115.8:22793 -> 61.227.170.88:20227 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][< 1 sec]
22 UDP 192.168.115.8:22793 -> 111.117.101.81:10162 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][< 1 sec]
23 UDP 192.168.115.8:22793 -> 111.250.102.66:1107 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][< 1 sec]
24 UDP 192.168.115.8:22793 -> 114.37.142.173:1074 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][0.00 sec]
25 UDP 192.168.115.8:22793 -> 114.47.91.129:22576 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][< 1 sec]
26 UDP 192.168.115.8:22793 -> 115.157.62.243:29006 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][< 1 sec]
27 UDP 192.168.115.8:22793 -> 121.248.133.93:12757 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][< 1 sec]
28 UDP 192.168.115.8:22793 -> 202.112.31.89:29072 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][< 1 sec]
29 UDP 192.168.115.8:22793 -> 210.44.171.1:29702 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][< 1 sec]
30 UDP 192.168.115.8:22793 -> 210.44.232.243:21044 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][< 1 sec]
31 UDP 192.168.115.8:22793 -> 210.47.12.19:33738 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][< 1 sec]
32 UDP 192.168.115.8:22793 -> 210.47.12.20:33738 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][< 1 sec]
33 UDP 192.168.115.8:22793 -> 222.26.74.190:1037 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][< 1 sec]
34 UDP 192.168.115.8:22793 -> 222.26.193.119:7133 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][< 1 sec]
1 UDP 1.173.5.226:22636 <-> 192.168.115.8:22793 [proto: 0/Unknown][130 pkts/143912 bytes <-> 270 pkts/21334 bytes][Goodput ratio: 96/47][0.55 sec][bytes ratio: 0.742 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 4/1 17/19 5/4][Pkt Len c2s/s2c min/avg/max/stddev: 1107/79 1107/79 1109/81 0/0][PLAIN TEXT (lllllllh)][Plen Bins: 0,67,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,32,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 UDP 192.168.115.8:22793 <-> 114.42.0.158:7716 [proto: 0/Unknown][229 pkts/18091 bytes <-> 109 pkts/120663 bytes][Goodput ratio: 47/96][0.54 sec][bytes ratio: -0.739 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2/4 30/32 5/7][Pkt Len c2s/s2c min/avg/max/stddev: 79/1107 79/1107 79/1107 0/0][PLAIN TEXT (66666662)][Plen Bins: 0,67,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,32,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 UDP 118.171.15.56:5544 <-> 192.168.115.8:22793 [proto: 0/Unknown][30 pkts/33210 bytes <-> 71 pkts/5609 bytes][Goodput ratio: 96/47][0.55 sec][bytes ratio: 0.711 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2/0 17/7 25/25 7/9][Pkt Len c2s/s2c min/avg/max/stddev: 1107/79 1107/79 1107/79 0/0][PLAIN TEXT (YYYYYYY)][Plen Bins: 0,70,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,29,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 UDP 192.168.115.8:22793 <-> 219.228.107.156:1250 [proto: 0/Unknown][34 pkts/2686 bytes <-> 11 pkts/12177 bytes][Goodput ratio: 47/96][0.51 sec][bytes ratio: -0.639 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/30 15/46 45/68 18/14][Pkt Len c2s/s2c min/avg/max/stddev: 79/1107 79/1107 79/1107 0/0][PLAIN TEXT (CCCCCCC)][Plen Bins: 0,75,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,24,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 UDP 192.168.115.8:22793 <-> 222.197.138.12:6956 [proto: 0/Unknown][30 pkts/2370 bytes <-> 10 pkts/10042 bytes][Goodput ratio: 47/96][0.54 sec][bytes ratio: -0.618 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/12 17/44 71/77 22/23][Pkt Len c2s/s2c min/avg/max/stddev: 79/61 79/1004 79/1125 0/314][PLAIN TEXT (hhhhhhhl)][Plen Bins: 2,75,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,22,0,0,0,0,0,0,0,0,0,0,0,0,0]
6 UDP 192.168.115.8:22793 <-> 202.198.7.89:16039 [proto: 0/Unknown][2 pkts/158 bytes <-> 3 pkts/3323 bytes][Goodput ratio: 47/96][0.22 sec][PLAIN TEXT (bTTTUQX)][Plen Bins: 0,40,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,60,0,0,0,0,0,0,0,0,0,0,0,0,0]
7 UDP 192.168.115.8:22793 -> 1.169.136.116:17951 [proto: 0/Unknown][4 pkts/512 bytes -> 0 pkts/0 bytes][Goodput ratio: 67/0][0.00 sec][PLAIN TEXT (444444)][Plen Bins: 50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
8 UDP 192.168.115.8:22793 -> 114.41.144.153:10492 [proto: 0/Unknown][4 pkts/512 bytes -> 0 pkts/0 bytes][Goodput ratio: 67/0][0.00 sec][PLAIN TEXT (444444)][Plen Bins: 50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
9 UDP 192.168.115.8:22793 -> 218.61.39.103:17788 [proto: 0/Unknown][2 pkts/300 bytes -> 0 pkts/0 bytes][Goodput ratio: 72/0][< 1 sec][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
10 UDP 192.168.115.8:22793 -> 119.188.133.182:17788 [proto: 0/Unknown][2 pkts/260 bytes -> 0 pkts/0 bytes][Goodput ratio: 67/0][< 1 sec][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
11 UDP 192.168.115.8:22793 -> 183.61.167.104:17788 [proto: 0/Unknown][2 pkts/260 bytes -> 0 pkts/0 bytes][Goodput ratio: 67/0][< 1 sec][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
12 UDP 192.168.115.8:22793 -> 218.61.39.87:17788 [proto: 0/Unknown][2 pkts/260 bytes -> 0 pkts/0 bytes][Goodput ratio: 67/0][0.00 sec][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
13 UDP 183.228.182.44:13913 <-> 192.168.115.8:22793 [proto: 0/Unknown][1 pkts/87 bytes <-> 2 pkts/170 bytes][Goodput ratio: 51/50][< 1 sec][PLAIN TEXT (wsssss)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
14 UDP 192.168.115.8:22793 -> 183.61.167.82:17788 [proto: 0/Unknown][2 pkts/188 bytes -> 0 pkts/0 bytes][Goodput ratio: 55/0][0.00 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
15 UDP 192.168.115.8:22793 -> 220.130.154.23:35941 [proto: 0/Unknown][2 pkts/174 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][0.00 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
16 UDP 192.168.115.8:22793 -> 111.249.53.196:32443 [proto: 0/Unknown][2 pkts/158 bytes -> 0 pkts/0 bytes][Goodput ratio: 47/0][0.00 sec][PLAIN TEXT (222222266)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
17 UDP 192.168.115.8:22793 -> 1.175.128.104:5185 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
18 UDP 192.168.115.8:22793 -> 36.233.39.81:18590 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][0.00 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
19 UDP 192.168.115.8:22793 -> 36.237.154.69:4316 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][0.00 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
20 UDP 192.168.115.8:22793 -> 61.223.204.67:11102 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
21 UDP 192.168.115.8:22793 -> 61.227.170.88:20227 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
22 UDP 192.168.115.8:22793 -> 111.117.101.81:10162 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
23 UDP 192.168.115.8:22793 -> 111.250.102.66:1107 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
24 UDP 192.168.115.8:22793 -> 114.37.142.173:1074 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][0.00 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
25 UDP 192.168.115.8:22793 -> 114.47.91.129:22576 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
26 UDP 192.168.115.8:22793 -> 115.157.62.243:29006 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
27 UDP 192.168.115.8:22793 -> 121.248.133.93:12757 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
28 UDP 192.168.115.8:22793 -> 202.112.31.89:29072 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
29 UDP 192.168.115.8:22793 -> 210.44.171.1:29702 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
30 UDP 192.168.115.8:22793 -> 210.44.232.243:21044 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
31 UDP 192.168.115.8:22793 -> 210.47.12.19:33738 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
32 UDP 192.168.115.8:22793 -> 210.47.12.20:33738 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
33 UDP 192.168.115.8:22793 -> 222.26.74.190:1037 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
34 UDP 192.168.115.8:22793 -> 222.26.193.119:7133 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

16
tests/result/ps_vue.pcap.out
View file

@ -2,11 +2,11 @@ PS_VUE 1724 2198169 1
TLS 11 1401 5
Amazon 5 1380 2
1 TCP 8.252.2.139:80 -> 192.168.1.132:59198 [proto: 7.64/HTTP.PS_VUE][cat: Video/26][1724 pkts/2198169 bytes -> 0 pkts/0 bytes][Goodput ratio: 96/0][16.15 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 9/0 1184/0 56/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/0 1275/0 1372/0 336/0][PLAIN TEXT (ovwuGc)]
2 TCP 13.33.255.96:443 -> 192.168.1.132:55076 [proto: 91.178/TLS.Amazon][cat: Web/5][4 pkts/1294 bytes -> 0 pkts/0 bytes][Goodput ratio: 83/0][10.18 sec]
3 TCP 63.140.57.73:443 -> 192.168.1.132:61267 [proto: 91/TLS][cat: Web/5][2 pkts/791 bytes -> 0 pkts/0 bytes][Goodput ratio: 86/0][0.02 sec]
4 TCP 209.102.209.13:443 -> 192.168.1.132:65112 [proto: 91/TLS][cat: Web/5][3 pkts/193 bytes -> 0 pkts/0 bytes][Goodput ratio: 16/0][8.00 sec]
5 TCP 23.57.89.123:443 -> 192.168.1.132:52217 [proto: 91/TLS][cat: Web/5][2 pkts/139 bytes -> 0 pkts/0 bytes][Goodput ratio: 22/0][< 1 sec]
6 TCP 23.57.89.123:443 -> 192.168.1.132:55648 [proto: 91/TLS][cat: Web/5][2 pkts/139 bytes -> 0 pkts/0 bytes][Goodput ratio: 22/0][< 1 sec]
7 TCP 23.57.89.123:443 -> 192.168.1.132:62694 [proto: 91/TLS][cat: Web/5][2 pkts/139 bytes -> 0 pkts/0 bytes][Goodput ratio: 22/0][< 1 sec]
8 TCP 34.217.165.102:443 -> 192.168.1.132:63577 [proto: 91.178/TLS.Amazon][cat: Web/5][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 37/0][< 1 sec]
1 TCP 8.252.2.139:80 -> 192.168.1.132:59198 [proto: 7.64/HTTP.PS_VUE][cat: Video/26][1724 pkts/2198169 bytes -> 0 pkts/0 bytes][Goodput ratio: 96/0][16.15 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 9/0 1184/0 56/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/0 1275/0 1372/0 336/0][PLAIN TEXT (ovwuGc)][Plen Bins: 5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,88,0,0,0,0,0]
2 TCP 13.33.255.96:443 -> 192.168.1.132:55076 [proto: 91.178/TLS.Amazon][cat: Web/5][4 pkts/1294 bytes -> 0 pkts/0 bytes][Goodput ratio: 83/0][10.18 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 TCP 63.140.57.73:443 -> 192.168.1.132:61267 [proto: 91/TLS][cat: Web/5][2 pkts/791 bytes -> 0 pkts/0 bytes][Goodput ratio: 86/0][0.02 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 TCP 209.102.209.13:443 -> 192.168.1.132:65112 [proto: 91/TLS][cat: Web/5][3 pkts/193 bytes -> 0 pkts/0 bytes][Goodput ratio: 16/0][8.00 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 TCP 23.57.89.123:443 -> 192.168.1.132:52217 [proto: 91/TLS][cat: Web/5][2 pkts/139 bytes -> 0 pkts/0 bytes][Goodput ratio: 22/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
6 TCP 23.57.89.123:443 -> 192.168.1.132:55648 [proto: 91/TLS][cat: Web/5][2 pkts/139 bytes -> 0 pkts/0 bytes][Goodput ratio: 22/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
7 TCP 23.57.89.123:443 -> 192.168.1.132:62694 [proto: 91/TLS][cat: Web/5][2 pkts/139 bytes -> 0 pkts/0 bytes][Goodput ratio: 22/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
8 TCP 34.217.165.102:443 -> 192.168.1.132:63577 [proto: 91.178/TLS.Amazon][cat: Web/5][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 37/0][< 1 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

20
tests/result/quic.pcap.out
View file

@ -3,16 +3,16 @@ GMail 413 254874 1
YouTube 85 76193 5
Google 14 10427 3
1 UDP 192.168.1.109:57833 <-> 216.58.212.101:443 [proto: 188.122/QUIC.GMail][cat: Email/3][161 pkts/23930 bytes <-> 252 pkts/230944 bytes][Goodput ratio: 72/95][37.93 sec][Host: mail.google.com][bytes ratio: -0.812 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 303/161 21144/21225 1960/1485][Pkt Len c2s/s2c min/avg/max/stddev: 67/61 149/916 1392/1392 207/581][PLAIN TEXT (mail.google.com)]
2 UDP 192.168.1.109:35236 <-> 216.58.210.206:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][25 pkts/5276 bytes <-> 44 pkts/53157 bytes][Goodput ratio: 80/97][1.00 sec][Host: www.youtube.com][bytes ratio: -0.819 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 52/26 803/828 183/134][Pkt Len c2s/s2c min/avg/max/stddev: 79/61 211/1208 1392/1392 358/430][PLAIN TEXT (www.youtube.com)]
3 UDP 192.168.1.105:34438 <-> 216.58.210.238:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][4 pkts/3682 bytes <-> 3 pkts/2863 bytes][Goodput ratio: 95/96][0.10 sec][Host: www.youtube.com][bytes ratio: 0.125 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 22/20 33/10 52/20 13/10][Pkt Len c2s/s2c min/avg/max/stddev: 82/79 920/954 1392/1392 538/619][PLAIN TEXT (www.youtube.com)]
4 UDP 192.168.1.105:40030 <-> 216.58.201.227:443 [proto: 188.126/QUIC.Google][cat: Web/5][3 pkts/2866 bytes <-> 3 pkts/2863 bytes][Goodput ratio: 96/96][0.10 sec][Host: fonts.gstatic.com][bytes ratio: 0.001 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 25/21 50/10 74/21 24/10][Pkt Len c2s/s2c min/avg/max/stddev: 82/79 955/954 1392/1392 618/619][PLAIN TEXT (fonts.gstatic.com)]
5 UDP 192.168.1.105:55934 <-> 216.58.201.238:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][2 pkts/2784 bytes <-> 2 pkts/2784 bytes][Goodput ratio: 97/97][0.09 sec][Host: s.ytimg.com][PLAIN TEXT (s.ytimg.com)]
6 UDP 192.168.1.105:45669 <-> 172.217.16.4:443 [proto: 188.126/QUIC.Google][cat: Web/5][3 pkts/1550 bytes <-> 2 pkts/2784 bytes][Goodput ratio: 92/97][0.16 sec][Host: www.google.com][PLAIN TEXT (www.google.comO)]
7 UDP 192.168.1.105:48445 <-> 216.58.214.110:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][2 pkts/1471 bytes <-> 1 pkts/1392 bytes][Goodput ratio: 94/97][0.10 sec][Host: i.ytimg.com][PLAIN TEXT (i.ytimg.com)]
8 UDP 192.168.1.105:53817 <-> 216.58.210.225:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][1 pkts/1392 bytes <-> 1 pkts/1392 bytes][Goodput ratio: 97/97][0.08 sec][Host: yt3.ggpht.com][PLAIN TEXT (yt3.ggpht.com)]
9 UDP 192.168.1.105:40461 <-> 172.217.16.3:443 [proto: 188.126/QUIC.Google][cat: Web/5][2 pkts/241 bytes <-> 1 pkts/123 bytes][Goodput ratio: 65/65][0.09 sec]
1 UDP 192.168.1.109:57833 <-> 216.58.212.101:443 [proto: 188.122/QUIC.GMail][cat: Email/3][161 pkts/23930 bytes <-> 252 pkts/230944 bytes][Goodput ratio: 72/95][37.93 sec][Host: mail.google.com][bytes ratio: -0.812 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 303/161 21144/21225 1960/1485][Pkt Len c2s/s2c min/avg/max/stddev: 67/61 149/916 1392/1392 207/581][PLAIN TEXT (mail.google.com)][Plen Bins: 4,34,1,5,3,0,3,0,0,0,0,1,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,36,0,0,0,0]
2 UDP 192.168.1.109:35236 <-> 216.58.210.206:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][25 pkts/5276 bytes <-> 44 pkts/53157 bytes][Goodput ratio: 80/97][1.00 sec][Host: www.youtube.com][bytes ratio: -0.819 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 52/26 803/828 183/134][Pkt Len c2s/s2c min/avg/max/stddev: 79/61 211/1208 1392/1392 358/430][PLAIN TEXT (www.youtube.com)][Plen Bins: 1,34,1,0,0,0,0,0,0,0,2,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,55,0,0,0,0]
3 UDP 192.168.1.105:34438 <-> 216.58.210.238:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][4 pkts/3682 bytes <-> 3 pkts/2863 bytes][Goodput ratio: 95/96][0.10 sec][Host: www.youtube.com][bytes ratio: 0.125 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 22/20 33/10 52/20 13/10][Pkt Len c2s/s2c min/avg/max/stddev: 82/79 920/954 1392/1392 538/619][PLAIN TEXT (www.youtube.com)][Plen Bins: 0,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,57,0,0,0,0]
4 UDP 192.168.1.105:40030 <-> 216.58.201.227:443 [proto: 188.126/QUIC.Google][cat: Web/5][3 pkts/2866 bytes <-> 3 pkts/2863 bytes][Goodput ratio: 96/96][0.10 sec][Host: fonts.gstatic.com][bytes ratio: 0.001 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 25/21 50/10 74/21 24/10][Pkt Len c2s/s2c min/avg/max/stddev: 82/79 955/954 1392/1392 618/619][PLAIN TEXT (fonts.gstatic.com)][Plen Bins: 0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,66,0,0,0,0]
5 UDP 192.168.1.105:55934 <-> 216.58.201.238:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][2 pkts/2784 bytes <-> 2 pkts/2784 bytes][Goodput ratio: 97/97][0.09 sec][Host: s.ytimg.com][PLAIN TEXT (s.ytimg.com)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0]
6 UDP 192.168.1.105:45669 <-> 172.217.16.4:443 [proto: 188.126/QUIC.Google][cat: Web/5][3 pkts/1550 bytes <-> 2 pkts/2784 bytes][Goodput ratio: 92/97][0.16 sec][Host: www.google.com][PLAIN TEXT (www.google.comO)][Plen Bins: 0,40,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,60,0,0,0,0]
7 UDP 192.168.1.105:48445 <-> 216.58.214.110:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][2 pkts/1471 bytes <-> 1 pkts/1392 bytes][Goodput ratio: 94/97][0.10 sec][Host: i.ytimg.com][PLAIN TEXT (i.ytimg.com)][Plen Bins: 0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,66,0,0,0,0]
8 UDP 192.168.1.105:53817 <-> 216.58.210.225:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][1 pkts/1392 bytes <-> 1 pkts/1392 bytes][Goodput ratio: 97/97][0.08 sec][Host: yt3.ggpht.com][PLAIN TEXT (yt3.ggpht.com)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0]
9 UDP 192.168.1.105:40461 <-> 172.217.16.3:443 [proto: 188.126/QUIC.Google][cat: Web/5][2 pkts/241 bytes <-> 1 pkts/123 bytes][Goodput ratio: 65/65][0.09 sec][Plen Bins: 0,33,33,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Undetected flows:
1 UDP 10.0.0.4:40134 -> 10.0.0.3:6121 [proto: 0/Unknown][6 pkts/7072 bytes -> 0 pkts/0 bytes][Goodput ratio: 96/0][4.00 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 150/0 800/0 1749/0 595/0][Pkt Len c2s/s2c min/avg/max/stddev: 112/0 1179/0 1392/0 477/0]
1 UDP 10.0.0.4:40134 -> 10.0.0.3:6121 [proto: 0/Unknown][6 pkts/7072 bytes -> 0 pkts/0 bytes][Goodput ratio: 96/0][4.00 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 150/0 800/0 1749/0 595/0][Pkt Len c2s/s2c min/avg/max/stddev: 112/0 1179/0 1392/0 477/0][Plen Bins: 0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,83,0,0,0,0]

2
tests/result/quic046.pcap.out
View file

@ -1,3 +1,3 @@
YouTube 100 91297 1
1 UDP 192.168.1.236:50587 <-> 216.58.206.86:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][37 pkts/6724 bytes <-> 63 pkts/84573 bytes][Goodput ratio: 77/97][0.05 sec][Host: i.ytimg.com][bytes ratio: -0.853 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/0 1/5 0/1][Pkt Len c2s/s2c min/avg/max/stddev: 70/62 182/1342 1392/1392 304/222][PLAIN TEXT (i.ytimg.com)]
1 UDP 192.168.1.236:50587 <-> 216.58.206.86:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][37 pkts/6724 bytes <-> 63 pkts/84573 bytes][Goodput ratio: 77/97][0.05 sec][Host: i.ytimg.com][bytes ratio: -0.853 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/0 1/5 0/1][Pkt Len c2s/s2c min/avg/max/stddev: 70/62 182/1342 1392/1392 304/222][PLAIN TEXT (i.ytimg.com)][Plen Bins: 26,1,1,0,5,2,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,61,0,0,0,0]

42
tests/result/quickplay.pcap.out
View file

@ -4,24 +4,24 @@ Facebook 6 1740 3
Google 2 378 1
Amazon 2 1469 1
1 TCP 10.54.169.250:52009 <-> 120.28.35.40:80 [proto: 7/HTTP][cat: Streaming/17][35 pkts/17902 bytes <-> 30 pkts/28000 bytes][Goodput ratio: 89/94][101.50 sec][Host: vod-singtelhawk.quickplay.com][bytes ratio: -0.220 (Download)][IAT c2s/s2c min/avg/max/stddev: 182/2021 3144/2862 23289/5776 4036/929][Pkt Len c2s/s2c min/avg/max/stddev: 500/76 511/933 587/1456 27/494][URL: vod-singtelhawk.quickplay.com/seg/vol1/s/Warner/qpmezzhawkdigitalcontagion2054033featureenglish20ltrt23976fps7834192/2015-02-02/STV80R192/qpmezz-Hawk_Digital_CONTAGION_2054033_FEATURE_ENGLISH_2_0_LTRT_23976fps_7834192.m2t_STV80R192-0020.ts][StatusCode: 0][User-Agent: Mozilla/5.0 (Linux; Android 4.4.4; MI 3W Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobil][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)]
2 TCP 10.54.169.250:52019 <-> 120.28.35.40:80 [proto: 7/HTTP][cat: Streaming/17][14 pkts/7028 bytes <-> 11 pkts/12578 bytes][Goodput ratio: 89/95][109.64 sec][Host: vod-singtelhawk.quickplay.com][bytes ratio: -0.283 (Download)][IAT c2s/s2c min/avg/max/stddev: 1066/2163 7709/7600 23311/23043 9303/8905][Pkt Len c2s/s2c min/avg/max/stddev: 502/652 502/1143 502/1456 0/288][URL: vod-singtelhawk.quickplay.com/seg/vol1/s/Warner/qpmezzhawkdigitalcontagion2054033featureenglish20ltrt23976fps7834192/2015-02-02/STV510R360/qpmezz-Hawk_Digital_CONTAGION_2054033_FEATURE_ENGLISH_2_0_LTRT_23976fps_7834192.m2t_STV510R360-0055.ts][StatusCode: 0][User-Agent: Mozilla/5.0 (Linux; Android 4.4.4; MI 3W Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobil][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)]
3 TCP 10.54.169.250:52017 <-> 120.28.35.40:80 [proto: 7/HTTP][cat: Streaming/17][5 pkts/2510 bytes <-> 3 pkts/3522 bytes][Goodput ratio: 89/95][53.74 sec][Host: vod-singtelhawk.quickplay.com][bytes ratio: -0.168 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 2521/3055 13434/13894 23447/24732 10022/10838][Pkt Len c2s/s2c min/avg/max/stddev: 502/822 502/1174 502/1456 0/264][URL: vod-singtelhawk.quickplay.com/seg/vol1/s/Warner/qpmezzhawkdigitalcontagion2054033featureenglish20ltrt23976fps7834192/2015-02-02/STV510R360/qpmezz-Hawk_Digital_CONTAGION_2054033_FEATURE_ENGLISH_2_0_LTRT_23976fps_7834192.m2t_STV510R360-0048.ts][StatusCode: 0][User-Agent: Mozilla/5.0 (Linux; Android 4.4.4; MI 3W Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobil][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)]
4 TCP 10.54.169.250:52018 <-> 120.28.35.40:80 [proto: 7/HTTP][cat: Streaming/17][4 pkts/2008 bytes <-> 3 pkts/3040 bytes][Goodput ratio: 89/94][28.60 sec][Host: vod-singtelhawk.quickplay.com][bytes ratio: -0.204 (Download)][IAT c2s/s2c min/avg/max/stddev: 2241/2426 9534/3315 23958/4204 10200/889][Pkt Len c2s/s2c min/avg/max/stddev: 502/128 502/1013 502/1456 0/626][URL: vod-singtelhawk.quickplay.com/seg/vol1/s/Warner/qpmezzhawkdigitalcontagion2054033featureenglish20ltrt23976fps7834192/2015-02-02/STV510R360/qpmezz-Hawk_Digital_CONTAGION_2054033_FEATURE_ENGLISH_2_0_LTRT_23976fps_7834192.m2t_STV510R360-0052.ts][StatusCode: 0][User-Agent: Mozilla/5.0 (Linux; Android 4.4.4; MI 3W Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobil][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)]
5 TCP 10.54.169.250:52022 <-> 120.28.35.40:80 [proto: 7/HTTP][cat: Streaming/17][4 pkts/2008 bytes <-> 3 pkts/2276 bytes][Goodput ratio: 89/93][10.17 sec][Host: vod-singtelhawk.quickplay.com][bytes ratio: -0.063 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 3284/3295 3390/3322 3535/3349 106/27][Pkt Len c2s/s2c min/avg/max/stddev: 502/188 502/759 502/1456 0/525][URL: vod-singtelhawk.quickplay.com/seg/vol1/s/Warner/qpmezzhawkdigitalcontagion2054033featureenglish20ltrt23976fps7834192/2015-02-02/STV510R360/qpmezz-Hawk_Digital_CONTAGION_2054033_FEATURE_ENGLISH_2_0_LTRT_23976fps_7834192.m2t_STV510R360-0068.ts][StatusCode: 0][User-Agent: Mozilla/5.0 (Linux; Android 4.4.4; MI 3W Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobil][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)]
6 TCP 10.54.169.250:50669 <-> 120.28.35.41:80 [proto: 7/HTTP][cat: Streaming/17][2 pkts/844 bytes <-> 2 pkts/2836 bytes][Goodput ratio: 87/96][9.29 sec][Host: api-singtelhawk.quickplay.com][URL: api-singtelhawk.quickplay.com/solr/RestApiSingTel_PH/restapi/categories/HUD?apiKey=qwerty&device=androidmobile&locale=eng&network=WIFI&pageNumber=1&pageSize=50][StatusCode: 200][User-Agent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; MI 3W MIUI/V6.4.2.0.KXDMICB)][PLAIN TEXT (GET /solr/RestApiSingTel)]
7 TCP 10.54.169.250:50668 <-> 120.28.35.41:80 [proto: 7/HTTP][cat: Streaming/17][2 pkts/733 bytes <-> 2 pkts/2627 bytes][Goodput ratio: 85/96][9.24 sec][Host: api-singtelhawk.quickplay.com][URL: api-singtelhawk.quickplay.com/solr/RestApiSingTel_PH/restapi/categories/HUD?apiKey=qwerty&device=androidmobile&locale=eng&network=WIFI&pageNumber=1&pageSize=50][StatusCode: 200][User-Agent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; MI 3W MIUI/V6.4.2.0.KXDMICB)][PLAIN TEXT (GET /solr/RestApiSingTel)]
8 TCP 10.54.169.250:52021 <-> 120.28.35.40:80 [proto: 7/HTTP][cat: Streaming/17][3 pkts/1506 bytes <-> 1 pkts/1248 bytes][Goodput ratio: 89/95][27.01 sec][Host: vod-singtelhawk.quickplay.com][URL: vod-singtelhawk.quickplay.com/seg/vol1/s/Warner/qpmezzhawkdigitalcontagion2054033featureenglish20ltrt23976fps7834192/2015-02-02/STV510R360/qpmezz-Hawk_Digital_CONTAGION_2054033_FEATURE_ENGLISH_2_0_LTRT_23976fps_7834192.m2t_STV510R360-0066.ts][StatusCode: 0][User-Agent: Mozilla/5.0 (Linux; Android 4.4.4; MI 3W Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobil][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)]
9 TCP 10.54.169.250:52007 <-> 120.28.35.40:80 [proto: 7/HTTP][cat: Streaming/17][3 pkts/1583 bytes <-> 1 pkts/1152 bytes][Goodput ratio: 89/95][2.46 sec][Host: vod-singtelhawk.quickplay.com][URL: vod-singtelhawk.quickplay.com/seg/vol1/s/Warner/qpmezzhawkdigitalcontagion2054033featureenglish20ltrt23976fps7834192/2015-02-02/STV80R192/qpmezz-Hawk_Digital_CONTAGION_2054033_FEATURE_ENGLISH_2_0_LTRT_23976fps_7834192.m2t_STV80R192-index.m3u8?e=1428999699][StatusCode: 0][User-Agent: Mozilla/5.0 (Linux; Android 4.4.4; MI 3W Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobil][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)]
10 TCP 10.54.169.250:44256 <-> 120.28.5.41:80 [proto: 7/HTTP][cat: Streaming/17][2 pkts/1086 bytes <-> 1 pkts/1225 bytes][Goodput ratio: 90/95][0.64 sec][Host: play-singtelhawk.quickplay.com][URL: play-singtelhawk.quickplay.com/vstb/playlist_5_6241_357.m3u8?action=145&appId=5006&carrierId=23&appVersion=1.0&contentId=6241&contentTypeId=3&deviceName=androidmobile&encodingId=357&drmId=4&drmVersion=1.5&delivery=5&prefLanguage=eng&webvtt=true&userid=091][StatusCode: 0][User-Agent: Mozilla/5.0 (Linux; Android 4.4.4; MI 3W Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobil][PLAIN TEXT (GET /vstb/playlist)]
11 TCP 10.54.169.250:56381 <-> 54.179.140.65:80 [proto: 7.178/HTTP.Amazon][cat: Web/5][1 pkts/638 bytes <-> 1 pkts/831 bytes][Goodput ratio: 91/93][0.32 sec][Host: api.account.xiaomi.com][URL: api.account.xiaomi.com/pass/v2/safe/user/coreInfo?signature=u%2F73dEXBHbejev0ISNwnGyyfeTw%3D&userId=Mz5Xr5UXKuw83hxd6Yms2w%3D%3D][StatusCode: 200][User-Agent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; MI 3W MIUI/V6.4.2.0.KXDMICB)][PLAIN TEXT (GET /pass/v)]
12 TCP 10.54.169.250:54883 <-> 203.205.151.160:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][2 pkts/1192 bytes <-> 1 pkts/145 bytes][Goodput ratio: 91/61][2.08 sec][Host: hkextshort.weixin.qq.com][URL: hkextshort.weixin.qq.comhttp://hkextshort.weixin.qq.com/cgi-bin/micromsg-bin/mmsnssync][StatusCode: 0][User-Agent: MicroMessenger Client][PLAIN TEXT (POST http)]
13 TCP 10.54.169.250:54885 <-> 203.205.151.160:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][1 pkts/461 bytes <-> 2 pkts/522 bytes][Goodput ratio: 88/78][2.81 sec][Host: hkextshort.weixin.qq.com][URL: hkextshort.weixin.qq.comhttp://hkextshort.weixin.qq.com/cgi-bin/micromsg-bin/getcontactlabellist][StatusCode: 200][User-Agent: MicroMessenger Client][PLAIN TEXT (POST http)]
14 TCP 10.54.169.250:35670 <-> 203.205.147.215:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][1 pkts/681 bytes <-> 1 pkts/262 bytes][Goodput ratio: 92/78][0.14 sec][Host: hkminorshort.weixin.qq.com][URL: hkminorshort.weixin.qq.comhttp://hkminorshort.weixin.qq.com/cgi-bin/micromsg-bin/rtkvreport][StatusCode: 200][User-Agent: MicroMessenger Client][PLAIN TEXT (POST http)]
15 TCP 10.54.169.250:42762 <-> 203.205.129.101:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][1 pkts/616 bytes <-> 1 pkts/261 bytes][Goodput ratio: 91/78][0.37 sec][Host: hkextshort.weixin.qq.com][URL: hkextshort.weixin.qq.comhttp://hkextshort.weixin.qq.com/cgi-bin/micromsg-bin/androidgcmreg][StatusCode: 200][User-Agent: MicroMessenger Client][PLAIN TEXT (POST http)]
16 TCP 10.54.169.250:42761 <-> 203.205.129.101:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][1 pkts/380 bytes <-> 1 pkts/261 bytes][Goodput ratio: 85/78][0.34 sec][Host: hkextshort.weixin.qq.com][URL: hkextshort.weixin.qq.comhttp://hkextshort.weixin.qq.com/cgi-bin/micromsg-bin/mmbatchemojidownload][StatusCode: 200][User-Agent: MicroMessenger Client][PLAIN TEXT (POST http)]
17 TCP 10.54.169.250:52285 <-> 173.252.74.22:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][1 pkts/243 bytes <-> 1 pkts/339 bytes][Goodput ratio: 77/83][0.46 sec][Host: www.facebook.com][URL: www.facebook.com/mobile/status.php][StatusCode: 204][User-Agent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; MI 3W MIUI/V6.4.2.0.KXDMICB)][PLAIN TEXT (GET /mobile/status.php HTTP/1.1)]
18 TCP 10.54.169.250:52288 <-> 173.252.74.22:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][1 pkts/243 bytes <-> 1 pkts/339 bytes][Goodput ratio: 77/83][0.46 sec][Host: www.facebook.com][URL: www.facebook.com/mobile/status.php][StatusCode: 204][User-Agent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; MI 3W MIUI/V6.4.2.0.KXDMICB)][PLAIN TEXT (GET /mobile/status.php HTTP/1.1)]
19 TCP 10.54.169.250:44793 <-> 31.13.68.49:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][1 pkts/237 bytes <-> 1 pkts/339 bytes][Goodput ratio: 76/83][0.34 sec][Host: www.facebook.com][URL: www.facebook.com/mobile/status.php][StatusCode: 204][User-Agent: Dalvik/1.6.0 (Linux; U; Android 4.4.2; GT-I9505 Build/KOT49H)][PLAIN TEXT (GET /mobile/status.php HTTP/1.1)]
20 TCP 10.54.169.250:33064 <-> 120.28.5.18:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/358 bytes <-> 1 pkts/109 bytes][Goodput ratio: 84/48][0.31 sec][Host: api-singtelhawk.quickplay.com][URL: api-singtelhawk.quickplay.com/solr/RestApiSingTel_PH/restapi/home?apiKey=qwerty&device=androidmobile&locale=eng&network=WIFI&pageNumber=1&pageSize=50][StatusCode: 0][User-Agent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; MI 3W MIUI/V6.4.2.0.KXDMICB)][PLAIN TEXT (GET /solr/RestApiSingTel)]
21 TCP 10.54.169.250:33277 <-> 120.28.26.231:80 [proto: 7.126/HTTP.Google][cat: Web/5][1 pkts/241 bytes <-> 1 pkts/137 bytes][Goodput ratio: 76/59][0.06 sec][Host: clients3.google.com][URL: clients3.google.com/generate_204][StatusCode: 204][User-Agent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; MI 3W MIUI/V6.4.2.0.KXDMICB)][PLAIN TEXT (GET /generate)]
1 TCP 10.54.169.250:52009 <-> 120.28.35.40:80 [proto: 7/HTTP][cat: Streaming/17][35 pkts/17902 bytes <-> 30 pkts/28000 bytes][Goodput ratio: 89/94][101.50 sec][Host: vod-singtelhawk.quickplay.com][bytes ratio: -0.220 (Download)][IAT c2s/s2c min/avg/max/stddev: 182/2021 3144/2862 23289/5776 4036/929][Pkt Len c2s/s2c min/avg/max/stddev: 500/76 511/933 587/1456 27/494][URL: vod-singtelhawk.quickplay.com/seg/vol1/s/Warner/qpmezzhawkdigitalcontagion2054033featureenglish20ltrt23976fps7834192/2015-02-02/STV80R192/qpmezz-Hawk_Digital_CONTAGION_2054033_FEATURE_ENGLISH_2_0_LTRT_23976fps_7834192.m2t_STV80R192-0020.ts][StatusCode: 0][User-Agent: Mozilla/5.0 (Linux; Android 4.4.4; MI 3W Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobil][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)][Plen Bins: 3,0,0,3,1,1,0,0,0,1,0,0,0,46,1,1,7,0,1,0,0,0,0,0,3,0,0,0,3,1,0,0,0,1,1,0,3,3,0,0,0,0,0,13,0,0,0]
2 TCP 10.54.169.250:52019 <-> 120.28.35.40:80 [proto: 7/HTTP][cat: Streaming/17][14 pkts/7028 bytes <-> 11 pkts/12578 bytes][Goodput ratio: 89/95][109.64 sec][Host: vod-singtelhawk.quickplay.com][bytes ratio: -0.283 (Download)][IAT c2s/s2c min/avg/max/stddev: 1066/2163 7709/7600 23311/23043 9303/8905][Pkt Len c2s/s2c min/avg/max/stddev: 502/652 502/1143 502/1456 0/288][URL: vod-singtelhawk.quickplay.com/seg/vol1/s/Warner/qpmezzhawkdigitalcontagion2054033featureenglish20ltrt23976fps7834192/2015-02-02/STV510R360/qpmezz-Hawk_Digital_CONTAGION_2054033_FEATURE_ENGLISH_2_0_LTRT_23976fps_7834192.m2t_STV510R360-0055.ts][StatusCode: 0][User-Agent: Mozilla/5.0 (Linux; Android 4.4.4; MI 3W Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobil][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,56,0,0,0,0,4,0,0,0,0,8,0,0,4,0,0,0,0,0,0,0,4,4,0,0,0,4,0,4,0,12,0,0,0]
3 TCP 10.54.169.250:52017 <-> 120.28.35.40:80 [proto: 7/HTTP][cat: Streaming/17][5 pkts/2510 bytes <-> 3 pkts/3522 bytes][Goodput ratio: 89/95][53.74 sec][Host: vod-singtelhawk.quickplay.com][bytes ratio: -0.168 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 2521/3055 13434/13894 23447/24732 10022/10838][Pkt Len c2s/s2c min/avg/max/stddev: 502/822 502/1174 502/1456 0/264][URL: vod-singtelhawk.quickplay.com/seg/vol1/s/Warner/qpmezzhawkdigitalcontagion2054033featureenglish20ltrt23976fps7834192/2015-02-02/STV510R360/qpmezz-Hawk_Digital_CONTAGION_2054033_FEATURE_ENGLISH_2_0_LTRT_23976fps_7834192.m2t_STV510R360-0048.ts][StatusCode: 0][User-Agent: Mozilla/5.0 (Linux; Android 4.4.4; MI 3W Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobil][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,62,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,12,0,0,0]
4 TCP 10.54.169.250:52018 <-> 120.28.35.40:80 [proto: 7/HTTP][cat: Streaming/17][4 pkts/2008 bytes <-> 3 pkts/3040 bytes][Goodput ratio: 89/94][28.60 sec][Host: vod-singtelhawk.quickplay.com][bytes ratio: -0.204 (Download)][IAT c2s/s2c min/avg/max/stddev: 2241/2426 9534/3315 23958/4204 10200/889][Pkt Len c2s/s2c min/avg/max/stddev: 502/128 502/1013 502/1456 0/626][URL: vod-singtelhawk.quickplay.com/seg/vol1/s/Warner/qpmezzhawkdigitalcontagion2054033featureenglish20ltrt23976fps7834192/2015-02-02/STV510R360/qpmezz-Hawk_Digital_CONTAGION_2054033_FEATURE_ENGLISH_2_0_LTRT_23976fps_7834192.m2t_STV510R360-0052.ts][StatusCode: 0][User-Agent: Mozilla/5.0 (Linux; Android 4.4.4; MI 3W Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobil][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)][Plen Bins: 0,0,14,0,0,0,0,0,0,0,0,0,0,57,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,28,0,0,0]
5 TCP 10.54.169.250:52022 <-> 120.28.35.40:80 [proto: 7/HTTP][cat: Streaming/17][4 pkts/2008 bytes <-> 3 pkts/2276 bytes][Goodput ratio: 89/93][10.17 sec][Host: vod-singtelhawk.quickplay.com][bytes ratio: -0.063 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 3284/3295 3390/3322 3535/3349 106/27][Pkt Len c2s/s2c min/avg/max/stddev: 502/188 502/759 502/1456 0/525][URL: vod-singtelhawk.quickplay.com/seg/vol1/s/Warner/qpmezzhawkdigitalcontagion2054033featureenglish20ltrt23976fps7834192/2015-02-02/STV510R360/qpmezz-Hawk_Digital_CONTAGION_2054033_FEATURE_ENGLISH_2_0_LTRT_23976fps_7834192.m2t_STV510R360-0068.ts][StatusCode: 0][User-Agent: Mozilla/5.0 (Linux; Android 4.4.4; MI 3W Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobil][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)][Plen Bins: 0,0,0,0,14,0,0,0,0,0,0,0,0,57,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0]
6 TCP 10.54.169.250:50669 <-> 120.28.35.41:80 [proto: 7/HTTP][cat: Streaming/17][2 pkts/844 bytes <-> 2 pkts/2836 bytes][Goodput ratio: 87/96][9.29 sec][Host: api-singtelhawk.quickplay.com][URL: api-singtelhawk.quickplay.com/solr/RestApiSingTel_PH/restapi/categories/HUD?apiKey=qwerty&device=androidmobile&locale=eng&network=WIFI&pageNumber=1&pageSize=50][StatusCode: 200][User-Agent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; MI 3W MIUI/V6.4.2.0.KXDMICB)][PLAIN TEXT (GET /solr/RestApiSingTel)][Plen Bins: 0,0,0,0,0,0,0,0,0,25,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,25,0,0,0]
7 TCP 10.54.169.250:50668 <-> 120.28.35.41:80 [proto: 7/HTTP][cat: Streaming/17][2 pkts/733 bytes <-> 2 pkts/2627 bytes][Goodput ratio: 85/96][9.24 sec][Host: api-singtelhawk.quickplay.com][URL: api-singtelhawk.quickplay.com/solr/RestApiSingTel_PH/restapi/categories/HUD?apiKey=qwerty&device=androidmobile&locale=eng&network=WIFI&pageNumber=1&pageSize=50][StatusCode: 200][User-Agent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; MI 3W MIUI/V6.4.2.0.KXDMICB)][PLAIN TEXT (GET /solr/RestApiSingTel)][Plen Bins: 0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,25,0,0,0,0,0]
8 TCP 10.54.169.250:52021 <-> 120.28.35.40:80 [proto: 7/HTTP][cat: Streaming/17][3 pkts/1506 bytes <-> 1 pkts/1248 bytes][Goodput ratio: 89/95][27.01 sec][Host: vod-singtelhawk.quickplay.com][URL: vod-singtelhawk.quickplay.com/seg/vol1/s/Warner/qpmezzhawkdigitalcontagion2054033featureenglish20ltrt23976fps7834192/2015-02-02/STV510R360/qpmezz-Hawk_Digital_CONTAGION_2054033_FEATURE_ENGLISH_2_0_LTRT_23976fps_7834192.m2t_STV510R360-0066.ts][StatusCode: 0][User-Agent: Mozilla/5.0 (Linux; Android 4.4.4; MI 3W Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobil][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,75,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0]
9 TCP 10.54.169.250:52007 <-> 120.28.35.40:80 [proto: 7/HTTP][cat: Streaming/17][3 pkts/1583 bytes <-> 1 pkts/1152 bytes][Goodput ratio: 89/95][2.46 sec][Host: vod-singtelhawk.quickplay.com][URL: vod-singtelhawk.quickplay.com/seg/vol1/s/Warner/qpmezzhawkdigitalcontagion2054033featureenglish20ltrt23976fps7834192/2015-02-02/STV80R192/qpmezz-Hawk_Digital_CONTAGION_2054033_FEATURE_ENGLISH_2_0_LTRT_23976fps_7834192.m2t_STV80R192-index.m3u8?e=1428999699][StatusCode: 0][User-Agent: Mozilla/5.0 (Linux; Android 4.4.4; MI 3W Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobil][PLAIN TEXT (GET /seg/vol1/s/Warner/qpmezz)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0]
10 TCP 10.54.169.250:44256 <-> 120.28.5.41:80 [proto: 7/HTTP][cat: Streaming/17][2 pkts/1086 bytes <-> 1 pkts/1225 bytes][Goodput ratio: 90/95][0.64 sec][Host: play-singtelhawk.quickplay.com][URL: play-singtelhawk.quickplay.com/vstb/playlist_5_6241_357.m3u8?action=145&appId=5006&carrierId=23&appVersion=1.0&contentId=6241&contentTypeId=3&deviceName=androidmobile&encodingId=357&drmId=4&drmVersion=1.5&delivery=5&prefLanguage=eng&webvtt=true&userid=091][StatusCode: 0][User-Agent: Mozilla/5.0 (Linux; Android 4.4.4; MI 3W Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobil][PLAIN TEXT (GET /vstb/playlist)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,66,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0]
11 TCP 10.54.169.250:56381 <-> 54.179.140.65:80 [proto: 7.178/HTTP.Amazon][cat: Web/5][1 pkts/638 bytes <-> 1 pkts/831 bytes][Goodput ratio: 91/93][0.32 sec][Host: api.account.xiaomi.com][URL: api.account.xiaomi.com/pass/v2/safe/user/coreInfo?signature=u%2F73dEXBHbejev0ISNwnGyyfeTw%3D&userId=Mz5Xr5UXKuw83hxd6Yms2w%3D%3D][StatusCode: 200][User-Agent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; MI 3W MIUI/V6.4.2.0.KXDMICB)][PLAIN TEXT (GET /pass/v)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
12 TCP 10.54.169.250:54883 <-> 203.205.151.160:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][2 pkts/1192 bytes <-> 1 pkts/145 bytes][Goodput ratio: 91/61][2.08 sec][Host: hkextshort.weixin.qq.com][URL: hkextshort.weixin.qq.comhttp://hkextshort.weixin.qq.com/cgi-bin/micromsg-bin/mmsnssync][StatusCode: 0][User-Agent: MicroMessenger Client][PLAIN TEXT (POST http)][Plen Bins: 0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,66,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
13 TCP 10.54.169.250:54885 <-> 203.205.151.160:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][1 pkts/461 bytes <-> 2 pkts/522 bytes][Goodput ratio: 88/78][2.81 sec][Host: hkextshort.weixin.qq.com][URL: hkextshort.weixin.qq.comhttp://hkextshort.weixin.qq.com/cgi-bin/micromsg-bin/getcontactlabellist][StatusCode: 200][User-Agent: MicroMessenger Client][PLAIN TEXT (POST http)][Plen Bins: 0,0,0,0,0,0,66,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
14 TCP 10.54.169.250:35670 <-> 203.205.147.215:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][1 pkts/681 bytes <-> 1 pkts/262 bytes][Goodput ratio: 92/78][0.14 sec][Host: hkminorshort.weixin.qq.com][URL: hkminorshort.weixin.qq.comhttp://hkminorshort.weixin.qq.com/cgi-bin/micromsg-bin/rtkvreport][StatusCode: 200][User-Agent: MicroMessenger Client][PLAIN TEXT (POST http)][Plen Bins: 0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
15 TCP 10.54.169.250:42762 <-> 203.205.129.101:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][1 pkts/616 bytes <-> 1 pkts/261 bytes][Goodput ratio: 91/78][0.37 sec][Host: hkextshort.weixin.qq.com][URL: hkextshort.weixin.qq.comhttp://hkextshort.weixin.qq.com/cgi-bin/micromsg-bin/androidgcmreg][StatusCode: 200][User-Agent: MicroMessenger Client][PLAIN TEXT (POST http)][Plen Bins: 0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
16 TCP 10.54.169.250:42761 <-> 203.205.129.101:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][1 pkts/380 bytes <-> 1 pkts/261 bytes][Goodput ratio: 85/78][0.34 sec][Host: hkextshort.weixin.qq.com][URL: hkextshort.weixin.qq.comhttp://hkextshort.weixin.qq.com/cgi-bin/micromsg-bin/mmbatchemojidownload][StatusCode: 200][User-Agent: MicroMessenger Client][PLAIN TEXT (POST http)][Plen Bins: 0,0,0,0,0,0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
17 TCP 10.54.169.250:52285 <-> 173.252.74.22:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][1 pkts/243 bytes <-> 1 pkts/339 bytes][Goodput ratio: 77/83][0.46 sec][Host: www.facebook.com][URL: www.facebook.com/mobile/status.php][StatusCode: 204][User-Agent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; MI 3W MIUI/V6.4.2.0.KXDMICB)][PLAIN TEXT (GET /mobile/status.php HTTP/1.1)][Plen Bins: 0,0,0,0,0,50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
18 TCP 10.54.169.250:52288 <-> 173.252.74.22:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][1 pkts/243 bytes <-> 1 pkts/339 bytes][Goodput ratio: 77/83][0.46 sec][Host: www.facebook.com][URL: www.facebook.com/mobile/status.php][StatusCode: 204][User-Agent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; MI 3W MIUI/V6.4.2.0.KXDMICB)][PLAIN TEXT (GET /mobile/status.php HTTP/1.1)][Plen Bins: 0,0,0,0,0,50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
19 TCP 10.54.169.250:44793 <-> 31.13.68.49:80 [proto: 7.119/HTTP.Facebook][cat: SocialNetwork/6][1 pkts/237 bytes <-> 1 pkts/339 bytes][Goodput ratio: 76/83][0.34 sec][Host: www.facebook.com][URL: www.facebook.com/mobile/status.php][StatusCode: 204][User-Agent: Dalvik/1.6.0 (Linux; U; Android 4.4.2; GT-I9505 Build/KOT49H)][PLAIN TEXT (GET /mobile/status.php HTTP/1.1)][Plen Bins: 0,0,0,0,0,50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
20 TCP 10.54.169.250:33064 <-> 120.28.5.18:80 [proto: 7/HTTP][cat: Streaming/17][1 pkts/358 bytes <-> 1 pkts/109 bytes][Goodput ratio: 84/48][0.31 sec][Host: api-singtelhawk.quickplay.com][URL: api-singtelhawk.quickplay.com/solr/RestApiSingTel_PH/restapi/home?apiKey=qwerty&device=androidmobile&locale=eng&network=WIFI&pageNumber=1&pageSize=50][StatusCode: 0][User-Agent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; MI 3W MIUI/V6.4.2.0.KXDMICB)][PLAIN TEXT (GET /solr/RestApiSingTel)][Plen Bins: 0,50,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
21 TCP 10.54.169.250:33277 <-> 120.28.26.231:80 [proto: 7.126/HTTP.Google][cat: Web/5][1 pkts/241 bytes <-> 1 pkts/137 bytes][Goodput ratio: 76/59][0.06 sec][Host: clients3.google.com][URL: clients3.google.com/generate_204][StatusCode: 204][User-Agent: Dalvik/1.6.0 (Linux; U; Android 4.4.4; MI 3W MIUI/V6.4.2.0.KXDMICB)][PLAIN TEXT (GET /generate)][Plen Bins: 0,0,50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

2
tests/result/rdp.pcap.out
View file

@ -1,3 +1,3 @@
RDP 2010 622743 1
1 TCP 172.16.2.185:52494 <-> 192.168.2.142:3389 [proto: 88/RDP][cat: RemoteAccess/12][936 pkts/58890 bytes <-> 1074 pkts/563853 bytes][Goodput ratio: 30/92][7.55 sec][bytes ratio: -0.811 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 6/5 850/850 40/38][Pkt Len c2s/s2c min/avg/max/stddev: 44/44 63/525 622/1317 44/511][PLAIN TEXT (192.168.2.142)]
1 TCP 172.16.2.185:52494 <-> 192.168.2.142:3389 [proto: 88/RDP][cat: RemoteAccess/12][936 pkts/58890 bytes <-> 1074 pkts/563853 bytes][Goodput ratio: 30/92][7.55 sec][bytes ratio: -0.811 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 6/5 850/850 40/38][Pkt Len c2s/s2c min/avg/max/stddev: 44/44 63/525 622/1317 44/511][PLAIN TEXT (192.168.2.142)][Plen Bins: 1,59,21,5,1,0,0,0,0,0,0,1,0,0,1,1,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0]

10
tests/result/rx.pcap.out
View file

@ -1,7 +1,7 @@
RX 132 26475 5
1 UDP 131.114.219.168:7001 <-> 192.167.206.241:7000 [proto: 223/RX][cat: RPC/16][48 pkts/6808 bytes <-> 31 pkts/5568 bytes][Goodput ratio: 70/77][20.45 sec][bytes ratio: 0.100 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 509/13 19828/65 3094/18][Pkt Len c2s/s2c min/avg/max/stddev: 70/74 142/180 510/782 117/123][PLAIN TEXT (UZ.SNS.IT)]
2 UDP 131.114.219.168:7001 <-> 192.167.206.124:7003 [proto: 223/RX][cat: RPC/16][18 pkts/1833 bytes <-> 9 pkts/8086 bytes][Goodput ratio: 59/95][0.72 sec][bytes ratio: -0.630 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/20 47/76 240/282 63/93][Pkt Len c2s/s2c min/avg/max/stddev: 82/130 102/898 134/1118 15/411][PLAIN TEXT (root.cell)]
3 UDP 131.114.219.168:7001 <-> 192.167.206.124:7000 [proto: 223/RX][cat: RPC/16][10 pkts/2085 bytes <-> 10 pkts/1057 bytes][Goodput ratio: 80/60][20.17 sec][bytes ratio: 0.327 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2/0 2520/4 19845/17 6549/5][Pkt Len c2s/s2c min/avg/max/stddev: 70/74 208/106 510/198 183/34][PLAIN TEXT (UZ.SNS.IT)]
4 UDP 131.114.219.168:38331 <-> 192.167.206.124:7002 [proto: 223/RX][cat: RPC/16][2 pkts/441 bytes <-> 1 pkts/78 bytes][Goodput ratio: 81/46][0.01 sec]
5 UDP 131.114.219.168:41559 <-> 192.167.206.124:7002 [proto: 223/RX][cat: RPC/16][2 pkts/441 bytes <-> 1 pkts/78 bytes][Goodput ratio: 81/46][0.01 sec]
1 UDP 131.114.219.168:7001 <-> 192.167.206.241:7000 [proto: 223/RX][cat: RPC/16][48 pkts/6808 bytes <-> 31 pkts/5568 bytes][Goodput ratio: 70/77][20.45 sec][bytes ratio: 0.100 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 509/13 19828/65 3094/18][Pkt Len c2s/s2c min/avg/max/stddev: 70/74 142/180 510/782 117/123][PLAIN TEXT (UZ.SNS.IT)][Plen Bins: 2,25,40,0,17,6,0,0,0,0,0,0,2,0,3,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 UDP 131.114.219.168:7001 <-> 192.167.206.124:7003 [proto: 223/RX][cat: RPC/16][18 pkts/1833 bytes <-> 9 pkts/8086 bytes][Goodput ratio: 59/95][0.72 sec][bytes ratio: -0.630 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/20 47/76 240/282 63/93][Pkt Len c2s/s2c min/avg/max/stddev: 82/130 102/898 134/1118 15/411][PLAIN TEXT (root.cell)][Plen Bins: 0,25,48,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 UDP 131.114.219.168:7001 <-> 192.167.206.124:7000 [proto: 223/RX][cat: RPC/16][10 pkts/2085 bytes <-> 10 pkts/1057 bytes][Goodput ratio: 80/60][20.17 sec][bytes ratio: 0.327 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2/0 2520/4 19845/17 6549/5][Pkt Len c2s/s2c min/avg/max/stddev: 70/74 208/106 510/198 183/34][PLAIN TEXT (UZ.SNS.IT)][Plen Bins: 10,30,40,0,5,0,0,0,0,0,0,0,5,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 UDP 131.114.219.168:38331 <-> 192.167.206.124:7002 [proto: 223/RX][cat: RPC/16][2 pkts/441 bytes <-> 1 pkts/78 bytes][Goodput ratio: 81/46][0.01 sec][Plen Bins: 0,33,33,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 UDP 131.114.219.168:41559 <-> 192.167.206.124:7002 [proto: 223/RX][cat: RPC/16][2 pkts/441 bytes <-> 1 pkts/78 bytes][Goodput ratio: 81/46][0.01 sec][Plen Bins: 0,33,33,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

2
tests/result/s7comm.pcap.out
View file

@ -1,3 +1,3 @@
s7comm 55 5260 1
1 TCP 192.168.1.10:4185 <-> 192.168.1.40:102 [proto: 249/s7comm][cat: Network/14][36 pkts/3146 bytes <-> 19 pkts/2114 bytes][Goodput ratio: 38/51][0.14 sec][bytes ratio: 0.196 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/3 3/6 8/12 3/3][Pkt Len c2s/s2c min/avg/max/stddev: 61/74 87/111 301/275 54/44][PLAIN TEXT (TestHMI00040)]
1 TCP 192.168.1.10:4185 <-> 192.168.1.40:102 [proto: 249/s7comm][cat: Network/14][36 pkts/3146 bytes <-> 19 pkts/2114 bytes][Goodput ratio: 38/51][0.14 sec][bytes ratio: 0.196 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/3 3/6 8/12 3/3][Pkt Len c2s/s2c min/avg/max/stddev: 61/74 87/111 301/275 54/44][PLAIN TEXT (TestHMI00040)][Plen Bins: 52,32,9,0,0,0,1,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]

2
tests/result/selfsigned.pcap.out
View file

@ -5,4 +5,4 @@ JA3 Host Stats:
1 127.0.0.1 1
1 TCP 127.0.0.1:51607 <-> 127.0.0.1:3001 [proto: 91/TLS][cat: Web/5][10 pkts/1421 bytes <-> 10 pkts/2345 bytes][Goodput ratio: 60/76][0.05 sec][ALPN: h2;http/1.1][bytes ratio: -0.245 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 5/7 32/32 10/11][Pkt Len c2s/s2c min/avg/max/stddev: 56/44 142/234 573/1413 156/408][Risk: ** Self-signed Certificate **** TLS Expired Certificate **][TLSv1.2][Client: localhost][JA3C: 2a26b1a62e40d25d4de3babc9d532f30][JA3S: 0debd3853f330c574b05e0b6d882dc27][Issuer: C=IT, ST=Some-State, O=ntop.org][Subject: C=IT, ST=Some-State, O=ntop.org][Certificate SHA-1: AF:CC:98:49:F2:00:0E:05:21:18:6C:77:5F:2A:CF:10:44:6E:D8:8B][Validity: 2015-10-10 15:55:47 - 2016-10-09 15:55:47][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384]
1 TCP 127.0.0.1:51607 <-> 127.0.0.1:3001 [proto: 91/TLS][cat: Web/5][10 pkts/1421 bytes <-> 10 pkts/2345 bytes][Goodput ratio: 60/76][0.05 sec][ALPN: h2;http/1.1][bytes ratio: -0.245 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 5/7 32/32 10/11][Pkt Len c2s/s2c min/avg/max/stddev: 56/44 142/234 573/1413 156/408][Risk: ** Self-signed Certificate **** TLS Expired Certificate **][TLSv1.2][Client: localhost][JA3C: 2a26b1a62e40d25d4de3babc9d532f30][JA3S: 0debd3853f330c574b05e0b6d882dc27][Issuer: C=IT, ST=Some-State, O=ntop.org][Subject: C=IT, ST=Some-State, O=ntop.org][Certificate SHA-1: AF:CC:98:49:F2:00:0E:05:21:18:6C:77:5F:2A:CF:10:44:6E:D8:8B][Validity: 2015-10-10 15:55:47 - 2016-10-09 15:55:47][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 14,14,0,14,0,0,14,0,0,0,0,14,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0]

Some files were not shown because too many files have changed in this diff Show more