aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLuca <deri@ntop.org>2019-08-08 18:09:12 +0200
committerLuca <deri@ntop.org>2019-08-08 18:09:12 +0200
commitc6e832be1808160065491b7845ec25ed061f7f0b (patch)
treef3fa15bc9c9d1091c3b076df5148b87db8eab076
parentcce8a6026fab8d62e8e2cf484ed14531b1dc248b (diff)
Various TLS/STUN improvememnts
Diffstat
-rw-r--r--example/ndpiReader.c26
-rw-r--r--example/reader_util.c49
-rw-r--r--src/include/ndpi_typedefs.h3
-rw-r--r--src/lib/ndpi_main.c19
-rw-r--r--src/lib/ndpi_utils.c12
-rw-r--r--src/lib/protocols/stun.c57
-rw-r--r--src/lib/protocols/tls.c99
-rw-r--r--src/lib/protocols/tor.c7
-rw-r--r--tests/result/1kxun.pcap.out204
-rw-r--r--tests/result/Instagram.pcap.out10
-rw-r--r--tests/result/KakaoTalk_talk.pcap.out5
-rw-r--r--tests/result/nintendo.pcap.out12
-rw-r--r--tests/result/ocs.pcap.out19
-rw-r--r--tests/result/pps.pcap.out213
-rw-r--r--tests/result/quic.pcap.out21
-rw-r--r--tests/result/skype.pcap.out364
-rw-r--r--tests/result/skype_no_unknown.pcap.out360
-rw-r--r--tests/result/starcraft_battle.pcap.out16
-rw-r--r--tests/result/tor.pcap.out19
-rw-r--r--tests/result/viber.pcap.out12
-rw-r--r--tests/result/webex.pcap.out2
-rw-r--r--tests/result/wechat.pcap.out44
-rw-r--r--tests/result/weibo.pcap.out6
-rw-r--r--tests/result/whatsapp_login_call.pcap.out32
-rw-r--r--tests/result/whatsapp_voice_and_message.pcap.out16
25 files changed, 866 insertions, 761 deletions
diff --git a/example/ndpiReader.c b/example/ndpiReader.c
index b5b787aa7..e800391de 100644
--- a/example/ndpiReader.c
+++ b/example/ndpiReader.c
@@ -90,6 +90,7 @@ static u_int8_t stats_flag = 0, bpf_filter_flag = 0;
static u_int8_t file_first_time = 1;
#endif
u_int8_t human_readeable_string_len = 5;
+u_int8_t max_num_udp_dissected_pkts = 16 /* 8 is enough for most protocols, Signal requires more */, max_num_tcp_dissected_pkts = 10;
static u_int32_t pcap_analysis_duration = (u_int32_t)-1;
static u_int16_t decode_tunnels = 0;
static u_int16_t num_loops = 1;
@@ -341,7 +342,8 @@ static void help(u_int long_help) {
#endif
"[-f <filter>][-s <duration>][-m <duration>]\n"
" [-p <protos>][-l <loops> [-q][-d][-J][-h][-e <len>][-t][-v <level>]\n"
- " [-n <threads>][-w <file>][-c <file>][-j <file>][-x <file>]\n\n"
+ " [-n <threads>][-w <file>][-c <file>][-j <file>][-x <file>]\n"
+ " [-T <num>][-U <num>]\n\n"
"Usage:\n"
" -i <file.pcap|device> | Specify a pcap file/playlist to read packets from or a\n"
" | device for live capture (comma-separated list)\n"
@@ -376,8 +378,13 @@ static void help(u_int long_help) {
" | >3 - full debug + dbg_proto = all\n"
" -b <file.json> | Specify a file to write port based diagnose statistics\n"
" -x <file.json> | Produce bpf filters for specified diagnose file. Use\n"
- " | this option only for .json files generated with -b flag.\n",
- human_readeable_string_len);
+ " | this option only for .json files generated with -b flag.\n"
+ " -T <num> | Max number of TCP processed packets before giving up [default: %u]\n"
+ " -U <num> | Max number of UDP processed packets before giving up [default: %u]\n"
+ ,
+ human_readeable_string_len,
+ max_num_tcp_dissected_pkts,
+ max_num_udp_dissected_pkts);
#ifndef WIN32
printf("\nExcap (wireshark) options:\n"
@@ -584,7 +591,8 @@ static void parseOptions(int argc, char **argv) {
}
#endif
- while((opt = getopt_long(argc, argv, "e:c:df:g:i:hp:l:s:tv:V:n:j:Jrp:w:q0123:456:7:89:m:b:x:", longopts, &option_idx)) != EOF) {
+ while((opt = getopt_long(argc, argv, "e:c:df:g:i:hp:l:s:tv:V:n:j:Jrp:w:q0123:456:7:89:m:b:x:T:U:",
+ longopts, &option_idx)) != EOF) {
#ifdef DEBUG_TRACE
if(trace) fprintf(trace, " #### -%c [%s] #### \n", opt, optarg ? optarg : "");
#endif
@@ -745,6 +753,16 @@ static void parseOptions(int argc, char **argv) {
_debug_protocols = strdup(optarg);
break;
+ case 'T':
+ max_num_tcp_dissected_pkts = atoi(optarg);
+ if(max_num_tcp_dissected_pkts < 3) max_num_tcp_dissected_pkts = 3;
+ break;
+
+ case 'U':
+ max_num_udp_dissected_pkts = atoi(optarg);
+ if(max_num_udp_dissected_pkts < 3) max_num_udp_dissected_pkts = 3;
+ break;
+
default:
help(0);
break;
diff --git a/example/reader_util.c b/example/reader_util.c
index 8fdca1311..fba2dfa38 100644
--- a/example/reader_util.c
+++ b/example/reader_util.c
@@ -79,6 +79,7 @@
extern u_int8_t enable_protocol_guess, enable_joy_stats;
extern u_int8_t verbose, human_readeable_string_len;
+extern u_int8_t max_num_udp_dissected_pkts /* 8 */, max_num_tcp_dissected_pkts /* 10 */;
/* ***************************************************** */
@@ -657,26 +658,28 @@ static struct ndpi_flow_info *get_ndpi_flow_info6(struct ndpi_workflow * workflo
void process_ndpi_collected_info(struct ndpi_workflow * workflow, struct ndpi_flow_info *flow) {
- /* Update SPLT scores. */
- if (flow->bidirectional) {
- flow->score = ndpi_classify(flow->src2dst_pkt_len, flow->src2dst_pkt_time,
- flow->dst2src_pkt_len, flow->dst2src_pkt_time,
- flow->src2dst_start, flow->dst2src_start,
- MAX_NUM_PKTS, flow->src_port, flow->dst_port,
- flow->src2dst_packets, flow->dst2src_packets,
- flow->src2dst_opackets, flow->dst2src_opackets,
- flow->src2dst_l4_bytes, flow->dst2src_l4_bytes, 1,
- flow->src2dst_byte_count, flow->dst2src_byte_count);
- } else {
- flow->score = ndpi_classify(flow->src2dst_pkt_len, flow->src2dst_pkt_time,
- NULL, NULL, flow->src2dst_start, flow->src2dst_start,
- MAX_NUM_PKTS, flow->src_port, flow->dst_port,
- flow->src2dst_packets, 0,
- flow->src2dst_opackets, 0,
- flow->src2dst_l4_bytes, 0, 1,
- flow->src2dst_byte_count, NULL);
+ if(enable_joy_stats) {
+ /* Update SPLT scores. */
+
+ if(flow->bidirectional)
+ flow->score = ndpi_classify(flow->src2dst_pkt_len, flow->src2dst_pkt_time,
+ flow->dst2src_pkt_len, flow->dst2src_pkt_time,
+ flow->src2dst_start, flow->dst2src_start,
+ MAX_NUM_PKTS, flow->src_port, flow->dst_port,
+ flow->src2dst_packets, flow->dst2src_packets,
+ flow->src2dst_opackets, flow->dst2src_opackets,
+ flow->src2dst_l4_bytes, flow->dst2src_l4_bytes, 1,
+ flow->src2dst_byte_count, flow->dst2src_byte_count);
+ else
+ flow->score = ndpi_classify(flow->src2dst_pkt_len, flow->src2dst_pkt_time,
+ NULL, NULL, flow->src2dst_start, flow->src2dst_start,
+ MAX_NUM_PKTS, flow->src_port, flow->dst_port,
+ flow->src2dst_packets, 0,
+ flow->src2dst_opackets, 0,
+ flow->src2dst_l4_bytes, 0, 1,
+ flow->src2dst_byte_count, NULL);
}
-
+
if(!flow->ndpi_flow) return;
snprintf(flow->host_server_name, sizeof(flow->host_server_name), "%s",
@@ -714,7 +717,9 @@ void process_ndpi_collected_info(struct ndpi_workflow * workflow, struct ndpi_fl
}
/* TLS */
else if((flow->detected_protocol.app_protocol == NDPI_PROTOCOL_TLS)
- || (flow->detected_protocol.master_protocol == NDPI_PROTOCOL_TLS)) {
+ || (flow->detected_protocol.master_protocol == NDPI_PROTOCOL_TLS)
+ || (flow->ndpi_flow->protos.stun_ssl.ssl.ja3_client[0] != '\0')
+ ) {
flow->ssh_tls.ssl_version = flow->ndpi_flow->protos.stun_ssl.ssl.ssl_version;
snprintf(flow->ssh_tls.client_info, sizeof(flow->ssh_tls.client_info), "%s",
flow->ndpi_flow->protos.stun_ssl.ssl.client_certificate);
@@ -849,8 +854,8 @@ static struct ndpi_proto packet_processing(struct ndpi_workflow * workflow,
if(!flow->detection_completed) {
u_int enough_packets =
- (((proto == IPPROTO_UDP) && ((flow->src2dst_packets + flow->dst2src_packets) > 8))
- || ((proto == IPPROTO_TCP) && ((flow->src2dst_packets + flow->dst2src_packets) > 10))) ? 1 : 0;
+ (((proto == IPPROTO_UDP) && ((flow->src2dst_packets + flow->dst2src_packets) > max_num_udp_dissected_pkts))
+ || ((proto == IPPROTO_TCP) && ((flow->src2dst_packets + flow->dst2src_packets) > max_num_tcp_dissected_pkts))) ? 1 : 0;
flow->detected_protocol = ndpi_detection_process_packet(workflow->ndpi_struct, ndpi_flow,
iph ? (uint8_t *)iph : (uint8_t *)iph6,
diff --git a/src/include/ndpi_typedefs.h b/src/include/ndpi_typedefs.h
index fa9c13599..4d877e801 100644
--- a/src/include/ndpi_typedefs.h
+++ b/src/include/ndpi_typedefs.h
@@ -773,8 +773,7 @@ struct ndpi_packet_struct {
u_int8_t ssl_certificate_detected:4, ssl_certificate_num_checks:4;
u_int8_t packet_lines_parsed_complete:1,
- packet_direction:1,
- empty_line_position_set:1;
+ packet_direction:1, empty_line_position_set:1, pad:5;
};
struct ndpi_detection_module_struct;
diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c
index 3906b717e..2f959c71e 100644
--- a/src/lib/ndpi_main.c
+++ b/src/lib/ndpi_main.c
@@ -2289,7 +2289,7 @@ int ndpi_get_custom_category_match(struct ndpi_detection_module_struct *ndpi_str
if(!ndpi_struct->custom_categories.categories_loaded)
return -1;
-
+
snprintf(ipbuf, sizeof(ipbuf)-1, "%s", name_or_ip);
ptr = strrchr(ipbuf, '/');
@@ -3782,7 +3782,7 @@ void check_ndpi_other_flow_func(struct ndpi_detection_module_struct *ndpi_struct
if((func != ndpi_struct->callback_buffer_non_tcp_udp[a].func)
&& (ndpi_struct->callback_buffer_non_tcp_udp[a].ndpi_selection_bitmask & *ndpi_selection_packet) ==
ndpi_struct->callback_buffer_non_tcp_udp[a].ndpi_selection_bitmask
- &&
+ &&
NDPI_BITMASK_COMPARE(flow->excluded_protocol_bitmask,
ndpi_struct->callback_buffer_non_tcp_udp[a].excluded_protocol_bitmask) == 0
&& NDPI_BITMASK_COMPARE(ndpi_struct->callback_buffer_non_tcp_udp[a].detection_bitmask,
@@ -3935,7 +3935,7 @@ u_int16_t ndpi_guess_host_protocol_id(struct ndpi_detection_module_struct *ndpi_
struct in_addr addr;
addr.s_addr = flow->packet.iph->saddr;
-
+
/* guess host protocol */
ret = ndpi_network_ptree_match(ndpi_struct, &addr);
@@ -4023,6 +4023,10 @@ ndpi_protocol ndpi_detection_giveup(struct ndpi_detection_module_struct *ndpi_st
if(flow->guessed_protocol_id == NDPI_PROTOCOL_STUN)
goto check_stun_export;
+ else if((flow->guessed_protocol_id == NDPI_PROTOCOL_HANGOUT_DUO)
+ || (flow->guessed_protocol_id == NDPI_PROTOCOL_MESSENGER)
+ || (flow->guessed_protocol_id == NDPI_PROTOCOL_WHATSAPP_VOICE))
+ ndpi_set_detected_protocol(ndpi_struct, flow, flow->guessed_protocol_id, NDPI_PROTOCOL_UNKNOWN);
else if((flow->l4.tcp.ssl_seen_client_cert == 1)
&& (flow->protos.stun_ssl.ssl.client_certificate[0] != '\0')) {
ndpi_set_detected_protocol(ndpi_struct, flow, NDPI_PROTOCOL_TLS, NDPI_PROTOCOL_UNKNOWN);
@@ -4576,7 +4580,7 @@ ndpi_protocol ndpi_detection_process_packet(struct ndpi_detection_module_struct
addr.s_addr = flow->packet.iph->saddr;
flow->guessed_host_protocol_id = ndpi_network_ptree_match(ndpi_struct, &addr);
-
+
if(flow->guessed_host_protocol_id == NDPI_PROTOCOL_UNKNOWN) {
addr.s_addr = flow->packet.iph->daddr;
flow->guessed_host_protocol_id = ndpi_network_ptree_match(ndpi_struct, &addr);
@@ -4595,7 +4599,7 @@ ndpi_protocol ndpi_detection_process_packet(struct ndpi_detection_module_struct
for(i=0; i<2; i++) {
u_int16_t port = (i == 0) ? ntohs(flow->packet.tcp->dest) : ntohs(flow->packet.tcp->source);
-
+
switch(port) {
case 80:
ret.master_protocol = NDPI_PROTOCOL_HTTP;
@@ -4604,7 +4608,7 @@ ndpi_protocol ndpi_detection_process_packet(struct ndpi_detection_module_struct
ret.master_protocol = NDPI_PROTOCOL_TLS; /* QUIC could also match */
break;
}
-
+
if(ret.master_protocol != NDPI_PROTOCOL_UNKNOWN)
break;
}
@@ -5925,7 +5929,7 @@ int ndpi_match_string_subprotocol(struct ndpi_detection_module_struct *ndpi_stru
ret_match->protocol_id = match.number,
ret_match->protocol_category = match.category,
ret_match->protocol_breed = match.breed;
-
+
return(match.number);
}
@@ -6235,4 +6239,3 @@ int ndpi_flowv6_flow_hash(u_int8_t l4_proto, struct ndpi_in6_addr *src_ip, struc
}
/* **************************************** */
-
diff --git a/src/lib/ndpi_utils.c b/src/lib/ndpi_utils.c
index 00e75c822..14a82065a 100644
--- a/src/lib/ndpi_utils.c
+++ b/src/lib/ndpi_utils.c
@@ -713,11 +713,13 @@ char* ndpi_ssl_version2str(u_int16_t version) {
static char v[8];
switch(version) {
- case 0x300: return("SSLv3");
- case 0x301: return("TLSv1");
- case 0x302: return("TLSv1.1");
- case 0x303: return("TLSv1.2");
- case 0x304: return("TLSv1.3");
+ case 0x0300: return("SSLv3");
+ case 0x0301: return("TLSv1");
+ case 0x0302: return("TLSv1.1");
+ case 0x0303: return("TLSv1.2");
+ case 0x0304: return("TLSv1.3");
+ case 0xfeff: return("DTLSv1.0");
+ case 0xfefd: return("DTLSv1.2");
}
if((version >= 0x7f00) && (version <= 0x7fff))
diff --git a/src/lib/protocols/stun.c b/src/lib/protocols/stun.c
index bcf957340..b0c307ea6 100644
--- a/src/lib/protocols/stun.c
+++ b/src/lib/protocols/stun.c
@@ -30,7 +30,7 @@
#define MAX_NUM_STUN_PKTS 8
-// #define DEBUG_STUN 1
+/* #define DEBUG_STUN 1 */
struct stun_packet_header {
u_int16_t msg_type, msg_len;
@@ -126,9 +126,16 @@ static ndpi_int_stun_t ndpi_int_check_stun(struct ndpi_detection_module_struct *
if(msg_type == 0x01 /* Binding Request */) {
flow->protos.stun_ssl.stun.num_binding_requests++;
- if((msg_len == 0) && (flow->guessed_host_protocol_id == NDPI_PROTOCOL_GOOGLE)) {
+
+ if((msg_len == 0) && (flow->guessed_host_protocol_id == NDPI_PROTOCOL_GOOGLE))
flow->guessed_host_protocol_id = NDPI_PROTOCOL_HANGOUT_DUO;
- }
+ else
+ flow->guessed_host_protocol_id = NDPI_PROTOCOL_STUN;
+
+ flow->protos.stun_ssl.stun.num_udp_pkts++;
+
+ if(msg_len == 0)
+ return(NDPI_IS_NOT_STUN); /* This to keep analyzing STUN instead of giving up */
}
if((msg_len == 0) && (flow->guessed_host_protocol_id == NDPI_PROTOCOL_UNKNOWN)) {
@@ -157,9 +164,20 @@ static ndpi_int_stun_t ndpi_int_check_stun(struct ndpi_detection_module_struct *
if((payload[0] != 0x80) && ((msg_len+20) > payload_length))
return(NDPI_IS_NOT_STUN);
- else
- flow->guessed_protocol_id = NDPI_PROTOCOL_STUN;
-
+ else {
+ switch(flow->guessed_protocol_id) {
+ case NDPI_PROTOCOL_HANGOUT_DUO:
+ case NDPI_PROTOCOL_MESSENGER:
+ case NDPI_PROTOCOL_WHATSAPP_VOICE:
+ /* Don't overwrite the protocol with sub-STUN protocols */
+ break;
+
+ default:
+ flow->guessed_protocol_id = NDPI_PROTOCOL_STUN;
+ break;
+ }
+ }
+
if(payload_length == (msg_len+20)) {
if(msg_type <= 0x000b) /* http://www.3cx.com/blog/voip-howto/stun-details/ */ {
u_int offset = 20;
@@ -183,6 +201,10 @@ static ndpi_int_stun_t ndpi_int_check_stun(struct ndpi_detection_module_struct *
if(x != 0)
len += 4-x;
+#ifdef DEBUG_STUN
+ printf("==> Attribute: %04X\n", attribute);
+#endif
+
switch(attribute) {
case 0x0008: /* Message Integrity */
case 0x0020: /* XOR-MAPPED-ADDRESSES */
@@ -197,9 +219,13 @@ static ndpi_int_stun_t ndpi_int_check_stun(struct ndpi_detection_module_struct *
if((msg_len == 100) || (msg_len == 104)) {
*is_messenger = 1;
return(NDPI_IS_STUN);
- } else if(msg_len == 76) {
+ } else if(msg_len == 76) {
*is_duo = 1;
- return(NDPI_IS_STUN);
+ if(1) {
+ flow->guessed_protocol_id = NDPI_PROTOCOL_HANGOUT_DUO;
+ return(NDPI_IS_NOT_STUN); /* This case is found also with signal traffic */
+ } else
+ return(NDPI_IS_STUN);
}
}
break;
@@ -211,6 +237,9 @@ static ndpi_int_stun_t ndpi_int_check_stun(struct ndpi_detection_module_struct *
&& (payload[offset+6] == 0x00)
&& (payload[offset+7] == 0x00)) {
/* Either skype for business or "normal" skype with multiparty call */
+#ifdef DEBUG_STUN
+ printf("==> Skype found\n");
+#endif
flow->protos.stun_ssl.stun.is_skype = 1;
return(NDPI_IS_STUN);
}
@@ -227,6 +256,10 @@ static ndpi_int_stun_t ndpi_int_check_stun(struct ndpi_detection_module_struct *
case 0x0800:
/* printf("====>>>> %04X\n", attribute); */
flow->protos.stun_ssl.stun.is_skype = 1;
+#ifdef DEBUG_STUN
+ printf("==> Skype (2) found\n");
+#endif
+
return(NDPI_IS_STUN);
break;
@@ -239,6 +272,10 @@ static ndpi_int_stun_t ndpi_int_check_stun(struct ndpi_detection_module_struct *
&& ((payload[offset+7] == 0x02) || (payload[offset+7] == 0x03))
) {
flow->protos.stun_ssl.stun.is_skype = 1;
+#ifdef DEBUG_STUN
+ printf("==> Skype (3) found\n");
+#endif
+
return(NDPI_IS_STUN);
}
break;
@@ -322,7 +359,7 @@ void ndpi_search_stun(struct ndpi_detection_module_struct *ndpi_struct, struct n
if(ndpi_int_check_stun(ndpi_struct, flow, packet->payload + 2,
packet->payload_packet_len - 2,
&is_whatsapp, &is_messenger, &is_duo) == NDPI_IS_STUN) {
- if(flow->guessed_protocol_id == 0) flow->guessed_protocol_id = NDPI_PROTOCOL_STUN;
+ if(flow->guessed_protocol_id == NDPI_PROTOCOL_UNKNOWN) flow->guessed_protocol_id = NDPI_PROTOCOL_STUN;
if(is_messenger) {
ndpi_set_detected_protocol(ndpi_struct, flow, NDPI_PROTOCOL_MESSENGER, NDPI_PROTOCOL_STUN);
@@ -350,7 +387,7 @@ void ndpi_search_stun(struct ndpi_detection_module_struct *ndpi_struct, struct n
if(ndpi_int_check_stun(ndpi_struct, flow, packet->payload,
packet->payload_packet_len,
&is_whatsapp, &is_messenger, &is_duo) == NDPI_IS_STUN) {
- if(flow->guessed_protocol_id == 0) flow->guessed_protocol_id = NDPI_PROTOCOL_STUN;
+ if(flow->guessed_protocol_id == NDPI_PROTOCOL_UNKNOWN) flow->guessed_protocol_id = NDPI_PROTOCOL_STUN;
if(is_messenger) {
ndpi_set_detected_protocol(ndpi_struct, flow, NDPI_PROTOCOL_MESSENGER, NDPI_PROTOCOL_STUN);
diff --git a/src/lib/protocols/tls.c b/src/lib/protocols/tls.c
index 635967380..c92f5e4f6 100644
--- a/src/lib/protocols/tls.c
+++ b/src/lib/protocols/tls.c
@@ -27,7 +27,7 @@
#include "ndpi_api.h"
-/* #define CERTIFICATE_DEBUG 1 */
+// #define DEBUG_TLS 1
#define NDPI_MAX_TLS_REQUEST_SIZE 10000
@@ -391,7 +391,7 @@ int getTLScertificate(struct ndpi_detection_module_struct *ndpi_struct,
memset(&ja3, 0, sizeof(ja3));
-#ifdef CERTIFICATE_DEBUG
+#ifdef DEBUG_TLS
{
u_int16_t tls_len = (packet->payload[3] << 8) + packet->payload[4];
@@ -429,7 +429,7 @@ int getTLScertificate(struct ndpi_detection_module_struct *ndpi_struct,
if(total_len > 4) {
u_int16_t base_offset = packet->tcp ? 43 : 59;
-#ifdef CERTIFICATE_DEBUG
+#ifdef DEBUG_TLS
printf("SSL [len: %u][handshake_protocol: %02X]\n", packet->payload_packet_len, handshake_protocol);
#endif
@@ -450,7 +450,7 @@ int getTLScertificate(struct ndpi_detection_module_struct *ndpi_struct,
u_int16_t offset = base_offset, extension_len, j;
u_int8_t session_id_len = packet->payload[offset];
-#ifdef CERTIFICATE_DEBUG
+#ifdef DEBUG_TLS
printf("SSL Server Hello [version: 0x%04X]\n", tls_version);
#endif
@@ -471,14 +471,14 @@ int getTLScertificate(struct ndpi_detection_module_struct *ndpi_struct,
flow->protos.stun_ssl.ssl.server_unsafe_cipher = ndpi_is_safe_ssl_cipher(ja3.cipher[0]);
flow->protos.stun_ssl.ssl.server_cipher = ja3.cipher[0];
-#ifdef CERTIFICATE_DEBUG
+#ifdef DEBUG_TLS
printf("SSL [server][session_id_len: %u][cipher: %04X]\n", session_id_len, ja3.cipher[0]);
#endif
offset += 2 + 1;
extension_len = ntohs(*((u_int16_t*)&packet->payload[offset]));
-#ifdef CERTIFICATE_DEBUG
+#ifdef DEBUG_TLS
printf("SSL [server][extension_len: %u]\n", extension_len);
#endif
offset += 2;
@@ -494,7 +494,7 @@ int getTLScertificate(struct ndpi_detection_module_struct *ndpi_struct,
if(ja3.num_tls_extension < MAX_NUM_JA3)
ja3.tls_extension[ja3.num_tls_extension++] = id;
-#ifdef CERTIFICATE_DEBUG
+#ifdef DEBUG_TLS
printf("SSL [server][extension_id: %u/0x%04X]\n", id, id);
#endif
@@ -513,11 +513,11 @@ int getTLScertificate(struct ndpi_detection_module_struct *ndpi_struct,
for(i=0; i<ja3.num_tls_extension; i++)
ja3_str_len += snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, "%s%u", (i > 0) ? "-" : "", ja3.tls_extension[i]);
-#ifdef CERTIFICATE_DEBUG
+#ifdef DEBUG_TLS
printf("SSL [server] %s\n", ja3_str);
#endif
-#ifdef CERTIFICATE_DEBUG
+#ifdef DEBUG_TLS
printf("[JA3] Server: %s \n", ja3_str);
#endif
@@ -529,7 +529,7 @@ int getTLScertificate(struct ndpi_detection_module_struct *ndpi_struct,
j += snprintf(&flow->protos.stun_ssl.ssl.ja3_server[j],
sizeof(flow->protos.stun_ssl.ssl.ja3_server)-j, "%02x", md5_hash[i]);
-#ifdef CERTIFICATE_DEBUG
+#ifdef DEBUG_TLS
printf("[JA3] Server: %s \n", flow->protos.stun_ssl.ssl.ja3_server);
#endif
@@ -592,7 +592,7 @@ int getTLScertificate(struct ndpi_detection_module_struct *ndpi_struct,
} else if(handshake_protocol == 0x01 /* Client Hello */) {
u_int offset;
-#ifdef CERTIFICATE_DEBUG
+#ifdef DEBUG_TLS
printf("[base_offset: %u][payload_packet_len: %u]\n", base_offset, packet->payload_packet_len);
#endif
@@ -620,7 +620,7 @@ int getTLScertificate(struct ndpi_detection_module_struct *ndpi_struct,
cipher_offset = base_offset+4;
}
-#ifdef CERTIFICATE_DEBUG
+#ifdef DEBUG_TLS
printf("Client SSL [client cipher_len: %u][tls_version: 0x%04X]\n", cipher_len, tls_version);
#endif
@@ -628,7 +628,7 @@ int getTLScertificate(struct ndpi_detection_module_struct *ndpi_struct,
for(i=0; i<cipher_len;) {
u_int16_t *id = (u_int16_t*)&packet->payload[cipher_offset+i];
-#ifdef CERTIFICATE_DEBUG
+#ifdef DEBUG_TLS
printf("Client SSL [cipher suite: %u/0x%04X] [%u/%u]\n", ntohs(*id), ntohs(*id), i, cipher_len);
#endif
if((*id == 0) || (packet->payload[cipher_offset+i] != packet->payload[cipher_offset+i+1])) {
@@ -641,7 +641,7 @@ int getTLScertificate(struct ndpi_detection_module_struct *ndpi_struct,
ja3.cipher[ja3.num_cipher++] = ntohs(*id);
else {
invalid_ja3 = 1;
-#ifdef CERTIFICATE_DEBUG
+#ifdef DEBUG_TLS
printf("Client SSL Invalid cipher %u\n", ja3.num_cipher);
#endif
}
@@ -651,7 +651,7 @@ int getTLScertificate(struct ndpi_detection_module_struct *ndpi_struct,
}
} else {
invalid_ja3 = 1;
-#ifdef CERTIFICATE_DEBUG
+#ifdef DEBUG_TLS
printf("Client SSL Invalid len %u vs %u\n", (cipher_offset+cipher_len), total_len);
#endif
}
@@ -668,7 +668,7 @@ int getTLScertificate(struct ndpi_detection_module_struct *ndpi_struct,
compression_len = packet->payload[offset];
offset++;
-#ifdef CERTIFICATE_DEBUG
+#ifdef DEBUG_TLS
printf("Client SSL [compression_len: %u]\n", compression_len);
#endif
@@ -679,7 +679,7 @@ int getTLScertificate(struct ndpi_detection_module_struct *ndpi_struct,
extensions_len = ntohs(*((u_int16_t*)&packet->payload[offset]));
offset += 2;
-#ifdef CERTIFICATE_DEBUG
+#ifdef DEBUG_TLS
printf("Client SSL [extensions_len: %u]\n", extensions_len);
#endif
@@ -698,7 +698,7 @@ int getTLScertificate(struct ndpi_detection_module_struct *ndpi_struct,
extension_len = ntohs(*((u_int16_t*)&packet->payload[offset+extension_offset]));
extension_offset += 2;
-#ifdef CERTIFICATE_DEBUG
+#ifdef DEBUG_TLS
printf("Client SSL [extension_id: %u][extension_len: %u]\n", extension_id, extension_len);
#endif
@@ -709,7 +709,7 @@ int getTLScertificate(struct ndpi_detection_module_struct *ndpi_struct,
ja3.tls_extension[ja3.num_tls_extension++] = extension_id;
else {
invalid_ja3 = 1;
-#ifdef CERTIFICATE_DEBUG
+#ifdef DEBUG_TLS
printf("Client SSL Invalid extensions %u\n", ja3.num_tls_extension);
#endif
}
@@ -732,7 +732,7 @@ int getTLScertificate(struct ndpi_detection_module_struct *ndpi_struct,
} else if(extension_id == 10 /* supported groups */) {
u_int16_t s_offset = offset+extension_offset + 2;
-#ifdef CERTIFICATE_DEBUG
+#ifdef DEBUG_TLS
printf("Client SSL [EllipticCurveGroups: len=%u]\n", extension_len);
#endif
@@ -740,7 +740,7 @@ int getTLScertificate(struct ndpi_detection_module_struct *ndpi_struct,
for(i=0; i<extension_len-2;) {
u_int16_t s_group = ntohs(*((u_int16_t*)&packet->payload[s_offset+i]));
-#ifdef CERTIFICATE_DEBUG
+#ifdef DEBUG_TLS
printf("Client SSL [EllipticCurve: %u/0x%04X]\n", s_group, s_group);
#endif
if((s_group == 0) || (packet->payload[s_offset+i] != packet->payload[s_offset+i+1])) {
@@ -749,7 +749,7 @@ int getTLScertificate(struct ndpi_detection_module_struct *ndpi_struct,
ja3.elliptic_curve[ja3.num_elliptic_curve++] = s_group;
else {
invalid_ja3 = 1;
-#ifdef CERTIFICATE_DEBUG
+#ifdef DEBUG_TLS
printf("Client SSL Invalid num elliptic %u\n", ja3.num_elliptic_curve);
#endif
}
@@ -759,21 +759,21 @@ int getTLScertificate(struct ndpi_detection_module_struct *ndpi_struct,
}
} else {
invalid_ja3 = 1;
-#ifdef CERTIFICATE_DEBUG
+#ifdef DEBUG_TLS
printf("Client SSL Invalid len %u vs %u\n", (s_offset+extension_len-1), total_len);
#endif
}
} else if(extension_id == 11 /* ec_point_formats groups */) {
u_int16_t s_offset = offset+extension_offset + 1;
-#ifdef CERTIFICATE_DEBUG
+#ifdef DEBUG_TLS
printf("Client SSL [EllipticCurveFormat: len=%u]\n", extension_len);
#endif
if((s_offset+extension_len) < total_len) {
for(i=0; i<extension_len-1;i++) {
u_int8_t s_group = packet->payload[s_offset+i];
-#ifdef CERTIFICATE_DEBUG
+#ifdef DEBUG_TLS
printf("Client SSL [EllipticCurveFormat: %u]\n", s_group);
#endif
@@ -781,14 +781,14 @@ int getTLScertificate(struct ndpi_detection_module_struct *ndpi_struct,
ja3.elliptic_curve_point_format[ja3.num_elliptic_curve_point_format++] = s_group;
else {
invalid_ja3 = 1;
-#ifdef CERTIFICATE_DEBUG
+#ifdef DEBUG_TLS
printf("Client SSL Invalid num elliptic %u\n", ja3.num_elliptic_curve_point_format);
#endif
}
}
} else {
invalid_ja3 = 1;
-#ifdef CERTIFICATE_DEBUG
+#ifdef DEBUG_TLS
printf("Client SSL Invalid len %u vs %u\n", s_offset+extension_len, total_len);
#endif
}
@@ -796,7 +796,7 @@ int getTLScertificate(struct ndpi_detection_module_struct *ndpi_struct,
extension_offset += extension_len;
-#ifdef CERTIFICATE_DEBUG
+#ifdef DEBUG_TLS
printf("Client SSL [extension_offset/len: %u/%u]\n", extension_offset, extension_len);
#endif
} /* while */
@@ -831,7 +831,7 @@ int getTLScertificate(struct ndpi_detection_module_struct *ndpi_struct,
ja3_str_len += snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, "%s%u",
(i > 0) ? "-" : "", ja3.elliptic_curve_point_format[i]);
-#ifdef CERTIFICATE_DEBUG
+#ifdef DEBUG_TLS
printf("[JA3] Client: %s \n", ja3_str);
#endif
@@ -843,7 +843,7 @@ int getTLScertificate(struct ndpi_detection_module_struct *ndpi_struct,
j += snprintf(&flow->protos.stun_ssl.ssl.ja3_client[j],
sizeof(flow->protos.stun_ssl.ssl.ja3_client)-j, "%02x", md5_hash[i]);
-#ifdef CERTIFICATE_DEBUG
+#ifdef DEBUG_TLS
printf("[JA3] Client: %s \n", flow->protos.stun_ssl.ssl.ja3_client);
#endif
}
@@ -918,7 +918,7 @@ void getSSLorganization(struct ndpi_detection_module_struct *ndpi_struct,
if(is_printable == 1) {
snprintf(flow->protos.stun_ssl.ssl.server_organization,
sizeof(flow->protos.stun_ssl.ssl.server_organization), "%s", buffer);
-#ifdef CERTIFICATE_DEBUG
+#ifdef DEBUG_TLS
printf("Certificate organization: %s\n", flow->protos.stun_ssl.ssl.server_organization);
#endif
}
@@ -943,7 +943,7 @@ int sslTryAndRetrieveServerCertificate(struct ndpi_detection_module_struct *ndpi
if(rc > 0) {
char organization[64];
-
+
// try fetch server organization once server certificate is found
organization[0] = '\0';
getSSLorganization(ndpi_struct, flow, organization, sizeof(organization));
@@ -955,12 +955,13 @@ int sslTryAndRetrieveServerCertificate(struct ndpi_detection_module_struct *ndpi
}
/* Client hello, Server Hello, and certificate packets probably all checked in this case */
- if((packet->ssl_certificate_num_checks >= 3)
+ if(((packet->ssl_certificate_num_checks >= 3)
&& (flow->l4.tcp.seen_syn)
&& (flow->l4.tcp.seen_syn_ack)
&& (flow->l4.tcp.seen_ack) /* We have seen the 3-way handshake */)
- {
- /* We're done processing extra packets since we've probably checked all possible cert packets */
+ || (flow->protos.stun_ssl.ssl.ja3_server[0] != '\0')
+ ) {
+ /* We're done processing extra packets since we've probably checked all possible cert packets */
return 0;
}
}
@@ -1000,7 +1001,7 @@ int tlsDetectProtocolFromCertificate(struct ndpi_detection_module_struct *ndpi_s
if(rc > 0) {
packet->ssl_certificate_detected++;
-#ifdef CERTIFICATE_DEBUG
+#ifdef DEBUG_TLS
NDPI_LOG_DBG2(ndpi_struct, "***** [SSL] %s\n", certificate);
#endif
ndpi_protocol_match_result ret_match;
@@ -1242,12 +1243,28 @@ void ndpi_search_tls_tcp_udp(struct ndpi_detection_module_struct *ndpi_struct,
if(packet->udp != NULL) {
/* DTLS dissector */
- int rc = sslTryAndRetrieveServerCertificate(ndpi_struct, flow);
-
- if(rc) flow->guessed_protocol_id = NDPI_PROTOCOL_TLS;
+ int rc;
+
+ rc = sslTryAndRetrieveServerCertificate(ndpi_struct, flow);
- if(flow->l4.tcp.ssl_seen_server_cert)
- ndpi_int_tls_add_connection(ndpi_struct, flow, NDPI_PROTOCOL_TLS);
+#ifdef DEBUG_TLS
+ printf("==>> %u [rc: %u][len: %u][%s][version: %u]\n",
+ flow->guessed_host_protocol_id, rc, packet->payload_packet_len, flow->protos.stun_ssl.ssl.ja3_server,
+ flow->protos.stun_ssl.ssl.ssl_version);
+#endif
+
+ if(flow->protos.stun_ssl.ssl.ssl_version != 0) {
+ flow->guessed_protocol_id = NDPI_PROTOCOL_TLS;
+
+ if(flow->protos.stun_ssl.stun.num_udp_pkts > 0) {
+ /* In Signal protocol STUN turns into DTLS... */
+ ndpi_int_tls_add_connection(ndpi_struct, flow, NDPI_PROTOCOL_SIGNAL);
+ } else if(flow->protos.stun_ssl.ssl.ja3_server[0] != '\0') {
+ /* Wait the server certificate the bless this flow as TLS */
+ ndpi_int_tls_add_connection(ndpi_struct, flow, NDPI_PROTOCOL_TLS);
+ }
+ }
+
return;
}
diff --git a/src/lib/protocols/tor.c b/src/lib/protocols/tor.c
index fb8d1bd2c..3b2dd06c4 100644
--- a/src/lib/protocols/tor.c
+++ b/src/lib/protocols/tor.c
@@ -22,8 +22,8 @@ int ndpi_is_tls_tor(struct ndpi_detection_module_struct *ndpi_struct,
struct ndpi_flow_struct *flow, char *certificate) {
int prev_num = 0, numbers_found = 0, num_found = 0, i, len, num_impossible = 0;
char dummy[48], *dot, *name;
-
- if(certificate == NULL)
+
+ if((certificate == NULL) || (certificate[0] == '\0'))
return(0);
else
len = strlen(certificate);
@@ -99,7 +99,8 @@ void ndpi_search_tor(struct ndpi_detection_module_struct *ndpi_struct, struct nd
NDPI_LOG_DBG(ndpi_struct, "search for TOR\n");
- if(packet->tcp != NULL) {
+ if((packet->tcp != NULL)
+ && (!packet->ssl_certificate_detected)) {
u_int16_t dport, sport;
sport = ntohs(packet->tcp->source), dport = ntohs(packet->tcp->dest);
diff --git a/tests/result/1kxun.pcap.out b/tests/result/1kxun.pcap.out
index fbea661c4..cc445652b 100644
--- a/tests/result/1kxun.pcap.out
+++ b/tests/result/1kxun.pcap.out
@@ -1,3 +1,4 @@
+Unknown 22 6088 12
DNS 2 378 1
HTTP 524 220123 9
MDNS 1 82 1
@@ -6,12 +7,14 @@ NetBIOS 31 3589 8
SSDP 143 36951 13
DHCP 24 8208 5
QQ 28 5216 2
+STUN 2 340 2
RTP 2 132 1
-TLS 218 35141 68
+TLS 105 21914 7
DHCPV6 10 980 3
Facebook 19 6840 2
Google 3 176 1
GenericProtocol 433 311919 14
+LLMNR 89 6799 47
JA3 Host Stats:
IP Address # JA3C
@@ -49,101 +52,104 @@ JA3 Host Stats:
29 UDP 192.168.3.95:59468 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][12 pkts/2100 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
30 UDP 192.168.5.9:55484 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][12 pkts/2100 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
31 TCP 192.168.5.16:53624 <-> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][7 pkts/996 bytes <-> 5 pkts/986 bytes][Host: api.magicansoft.com][PLAIN TEXT (GET /comMagicanApi/composite/ap)]
- 32 UDP 192.168.10.110:60480 -> 255.255.255.255:62976 [proto: 91/TLS][cat: Web/5][5 pkts/1795 bytes -> 0 pkts/0 bytes]
- 33 UDP 192.168.101.33:55485 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][10 pkts/1750 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
- 34 UDP 192.168.5.49:51704 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1611 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
- 35 UDP 192.168.5.50:64674 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1611 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
- 36 UDP 192.168.5.37:57325 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1575 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
- 37 TCP 192.168.115.8:49607 <-> 218.244.135.170:9099 [proto: 7/HTTP][cat: Web/5][10 pkts/880 bytes <-> 3 pkts/572 bytes][Host: 218.244.135.170][PLAIN TEXT (GET /api/qq)]
- 38 UDP 192.168.5.47:60267 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][8 pkts/1432 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
- 39 UDP 192.168.5.41:55312 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][8 pkts/1400 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
- 40 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][4 pkts/1368 bytes -> 0 pkts/0 bytes][Host: shen][DHCP Fingerprint: 1,121,3,6,15,119,252][PLAIN TEXT (android)]
- 41 UDP 192.168.5.16:68 <-> 192.168.119.1:67 [proto: 18/DHCP][cat: Network/14][2 pkts/684 bytes <-> 2 pkts/684 bytes][Host: macbook-air][DHCP Fingerprint: 1,3,6,15,119,95,252,44,46]
- 42 UDP 192.168.5.48:49701 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][7 pkts/1253 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
- 43 UDP 192.168.3.236:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][13 pkts/1196 bytes -> 0 pkts/0 bytes][PLAIN TEXT (FDEBFEEBFACACACACACACACACACAAA)]
- 44 UDP [2001:b030:214:100:c2a0:bbff:fe73:eb47]:62976 -> [ff02::1]:62976 [proto: 91/TLS][cat: Web/5][2 pkts/782 bytes -> 0 pkts/0 bytes][PLAIN TEXT (Switch)]
- 45 UDP [2001:b020:6::c2a0:bbff:fe73:eb57]:62976 -> [ff02::1]:62976 [proto: 91/TLS][cat: Web/5][2 pkts/782 bytes -> 0 pkts/0 bytes][PLAIN TEXT (Switch)]
- 46 UDP 192.168.10.7:62976 -> 255.255.255.255:62976 [proto: 91/TLS][cat: Web/5][2 pkts/718 bytes -> 0 pkts/0 bytes][PLAIN TEXT (Switch)]
- 47 UDP 192.168.125.30:62976 -> 255.255.255.255:62976 [proto: 91/TLS][cat: Web/5][2 pkts/718 bytes -> 0 pkts/0 bytes][PLAIN TEXT (Switch)]
- 48 UDP 192.168.5.45:138 -> 192.168.255.255:138 [proto: 10/NetBIOS][cat: System/18][3 pkts/648 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( ENEBEDECEPEPELEBEJ)]
- 49 UDP 192.168.115.8:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][6 pkts/552 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( FHFAEBEECACACACACACACACACACACA)]
- 50 UDP 192.168.5.67:138 -> 192.168.255.255:138 [proto: 10/NetBIOS][cat: System/18][2 pkts/549 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( FDEBEOEKEJ)]
- 51 UDP [fe80::406:55a8:6453:25dd]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network/14][5 pkts/490 bytes -> 0 pkts/0 bytes]
- 52 UDP [fe80::beee:7bff:fe0c:b3de]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network/14][4 pkts/392 bytes -> 0 pkts/0 bytes]
- 53 UDP 192.168.5.16:63372 <-> 168.95.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/89 bytes <-> 1 pkts/289 bytes][Host: dl-obs.official.line.naver.jp][PLAIN TEXT (official)]
- 54 UDP 192.168.140.140:62976 -> 255.255.255.255:62976 [proto: 91/TLS][cat: Web/5][1 pkts/359 bytes -> 0 pkts/0 bytes][PLAIN TEXT (Switch)]
- 55 TCP 192.168.115.8:49596 <-> 203.66.182.87:443 [proto: 91/TLS][cat: Web/5][4 pkts/220 bytes <-> 2 pkts/132 bytes]
- 56 UDP 192.168.5.9:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][1 pkts/342 bytes -> 0 pkts/0 bytes][Host: joanna-pc][DHCP Fingerprint: 1,15,3,6,44,46,47,31,33,121,249,43,252][PLAIN TEXT (Joanna)]
- 57 UDP 192.168.5.41:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][1 pkts/342 bytes -> 0 pkts/0 bytes][Host: kevin-pc][DHCP Fingerprint: 1,15,3,6,44,46,47,31,33,121,249,43,252][PLAIN TEXT (MSFT 5.07)]
- 58 UDP 192.168.115.8:60724 <-> 8.8.8.8:53 [proto: 5.137/DNS.GenericProtocol][cat: Media/1][2 pkts/146 bytes <-> 1 pkts/137 bytes][Host: pic.1kxun.com]
- 59 UDP 192.168.0.104:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][3 pkts/276 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( FDEDCOEBFC)]
- 60 UDP 192.168.115.8:51024 <-> 8.8.8.8:53 [proto: 5.137/DNS.GenericProtocol][cat: Media/1][2 pkts/160 bytes <-> 1 pkts/112 bytes][Host: jp.kankan.1kxun.mobi][PLAIN TEXT (kankan)]
- 61 UDP 192.168.115.8:54420 <-> 8.8.8.8:53 [proto: 5.48/DNS.QQ][cat: Chat/9][2 pkts/150 bytes <-> 1 pkts/116 bytes][Host: vv.video.qq.com]
- 62 UDP 192.168.115.8:52723 <-> 8.8.8.8:53 [proto: 5.137/DNS.GenericProtocol][cat: Media/1][2 pkts/152 bytes <-> 1 pkts/108 bytes][Host: kankan.1kxun.com][PLAIN TEXT (kankan)]
- 63 UDP 192.168.115.8:52723 <-> 168.95.1.1:53 [proto: 5.137/DNS.GenericProtocol][cat: Media/1][2 pkts/152 bytes <-> 1 pkts/108 bytes][Host: kankan.1kxun.com][PLAIN TEXT (kankan)]
- 64 UDP 192.168.115.8:51458 -> 224.0.0.252:5355 [proto: 91/TLS][cat: Web/5][4 pkts/256 bytes -> 0 pkts/0 bytes][Host: wpad]
- 65 TCP 192.168.5.16:53613 -> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][3 pkts/198 bytes -> 0 pkts/0 bytes]
- 66 UDP [fe80::4e5e:cff:feea:365]:5678 -> [ff02::1]:5678 [proto: 91/TLS][cat: Web/5][1 pkts/197 bytes -> 0 pkts/0 bytes][PLAIN TEXT (6.35.1 )]
- 67 UDP [fe80::9bd:81dd:2fdc:5750]:61548 -> [ff02::1:3]:5355 [proto: 91/TLS][cat: Web/5][2 pkts/190 bytes -> 0 pkts/0 bytes][Host: caesar-thinkpad][PLAIN TEXT (caesar)]
- 68 UDP [fe80::9bd:81dd:2fdc:5750]:64568 -> [ff02::1:3]:5355 [proto: 91/TLS][cat: Web/5][2 pkts/190 bytes -> 0 pkts/0 bytes][Host: caesar-thinkpad][PLAIN TEXT (caesar)]
- 69 UDP [fe80::4e5e:cff:fe9a:ec54]:5678 -> [ff02::1]:5678 [proto: 91/TLS][cat: Web/5][1 pkts/185 bytes -> 0 pkts/0 bytes][PLAIN TEXT (6.35.1 )]
- 70 UDP 192.168.5.45:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][2 pkts/184 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( EOEBFDEGEJEMEFCACACACACACACACA)]
- 71 UDP [fe80::e98f:bae2:19f7:6b0f]:51451 -> [ff02::1:3]:5355 [proto: 91/TLS][cat: Web/5][2 pkts/184 bytes -> 0 pkts/0 bytes][Host: ____________]
- 72 UDP [fe80::e98f:bae2:19f7:6b0f]:54888 -> [ff02::1:3]:5355 [proto: 91/TLS][cat: Web/5][2 pkts/184 bytes -> 0 pkts/0 bytes][Host: ____________]
- 73 UDP [fe80::e98f:bae2:19f7:6b0f]:58779 -> [ff02::1:3]:5355 [proto: 91/TLS][cat: Web/5][2 pkts/184 bytes -> 0 pkts/0 bytes][Host: ____________]
- 74 UDP [fe80::e034:7be:d8f9:6197]:49766 -> [ff02::1:3]:5355 [proto: 91/TLS][cat: Web/5][2 pkts/182 bytes -> 0 pkts/0 bytes][Host: charming-PC][PLAIN TEXT (charming)]
- 75 UDP [fe80::5d92:62a8:ebde:1319]:49735 -> [ff02::1:3]:5355 [proto: 91/TLS][cat: Web/5][2 pkts/178 bytes -> 0 pkts/0 bytes][Host: WANGS-LTW]
- 76 UDP [fe80::5d92:62a8:ebde:1319]:58468 -> [ff02::1:3]:5355 [proto: 91/TLS][cat: Web/5][2 pkts/178 bytes -> 0 pkts/0 bytes][Host: WANGS-LTW]
- 77 UDP 192.168.119.1:56861 -> 255.255.255.255:5678 [proto: 91/TLS][cat: Web/5][1 pkts/177 bytes -> 0 pkts/0 bytes][PLAIN TEXT (6.35.1 )]
- 78 TCP 192.168.115.8:49581 <-> 64.233.189.128:80 [proto: 7.126/HTTP.Google][cat: Web/5][2 pkts/110 bytes <-> 1 pkts/66 bytes]
- 79 UDP [fe80::4568:efbc:40b1:1346]:50194 -> [ff02::1:3]:5355 [proto: 91/TLS][cat: Web/5][2 pkts/176 bytes -> 0 pkts/0 bytes][Host: kevin-PC]
- 80 UDP [fe80::4568:efbc:40b1:1346]:57148 -> [ff02::1:3]:5355 [proto: 91/TLS][cat: Web/5][2 pkts/176 bytes -> 0 pkts/0 bytes][Host: kevin-PC]
- 81 UDP [fe80::5d92:62a8:ebde:1319]:61172 -> [ff02::1:3]:5355 [proto: 91/TLS][cat: Web/5][2 pkts/174 bytes -> 0 pkts/0 bytes][Host: sonusav][PLAIN TEXT (sonusav)]
- 82 UDP [fe80::5d92:62a8:ebde:1319]:53938 -> [ff02::1:3]:5355 [proto: 91/TLS][cat: Web/5][2 pkts/172 bytes -> 0 pkts/0 bytes][Host: isatap][PLAIN TEXT (isatap)]
- 83 UDP [fe80::5d92:62a8:ebde:1319]:63659 -> [ff02::1:3]:5355 [proto: 91/TLS][cat: Web/5][2 pkts/172 bytes -> 0 pkts/0 bytes][Host: isatap][PLAIN TEXT (isatap)]
- 84 UDP [fe80::edf5:240a:c8c0:8312]:53962 -> [ff02::1:3]:5355 [proto: 91/TLS][cat: Web/5][2 pkts/172 bytes -> 0 pkts/0 bytes][Host: RO_X1C]
- 85 UDP [fe80::edf5:240a:c8c0:8312]:61603 -> [ff02::1:3]:5355 [proto: 91/TLS][cat: Web/5][2 pkts/172 bytes -> 0 pkts/0 bytes][Host: RO_X1C]
- 86 UDP 59.120.208.218:50151 -> 255.255.255.255:1947 [proto: 91/TLS][cat: Web/5][2 pkts/164 bytes -> 0 pkts/0 bytes][PLAIN TEXT (AABHZW50cmljZV9)]
- 87 UDP 192.168.2.186:32768 -> 255.255.255.255:1947 [proto: 91/TLS][cat: Web/5][2 pkts/164 bytes -> 0 pkts/0 bytes][PLAIN TEXT (icRVSoU)]
- 88 UDP 192.168.119.2:43786 -> 255.255.255.255:5678 [proto: 91/TLS][cat: Web/5][1 pkts/163 bytes -> 0 pkts/0 bytes][PLAIN TEXT (6.35.4 )]
- 89 UDP 192.168.5.49:61548 -> 224.0.0.252:5355 [proto: 91/TLS][cat: Web/5][2 pkts/150 bytes -> 0 pkts/0 bytes][Host: caesar-thinkpad][PLAIN TEXT (caesar)]
- 90 UDP 192.168.5.49:64568 -> 224.0.0.252:5355 [proto: 91/TLS][cat: Web/5][2 pkts/150 bytes -> 0 pkts/0 bytes][Host: caesar-thinkpad][PLAIN TEXT (caesar)]
- 91 UDP 192.168.3.95:51451 -> 224.0.0.252:5355 [proto: 91/TLS][cat: Web/5][2 pkts/144 bytes -> 0 pkts/0 bytes][Host: ____________]
- 92 UDP 192.168.3.95:54888 -> 224.0.0.252:5355 [proto: 91/TLS][cat: Web/5][2 pkts/144 bytes -> 0 pkts/0 bytes][Host: ____________]
- 93 UDP 192.168.3.95:58779 -> 224.0.0.252:5355 [proto: 91/TLS][cat: Web/5][2 pkts/144 bytes -> 0 pkts/0 bytes][Host: ____________]
- 94 UDP 192.168.0.100:50925 -> 255.255.255.255:5678 [proto: 91/TLS][cat: Web/5][1 pkts/142 bytes -> 0 pkts/0 bytes][PLAIN TEXT (6.35.1 )]
- 95 UDP 192.168.5.50:57143 -> 224.0.0.252:5355 [proto: 91/TLS][cat: Web/5][2 pkts/142 bytes -> 0 pkts/0 bytes][Host: charming-PC][PLAIN TEXT (charming)]
- 96 UDP 192.168.5.50:62756 -> 224.0.0.252:5355 [proto: 91/TLS][cat: Web/5][2 pkts/142 bytes -> 0 pkts/0 bytes][Host: charming-PC][PLAIN TEXT (charming)]
- 97 UDP 192.168.5.48:59797 -> 224.0.0.252:5355 [proto: 91/TLS][cat: Web/5][2 pkts/140 bytes -> 0 pkts/0 bytes][Host: Kasper-mac][PLAIN TEXT (Kasper)]
- 98 UDP 192.168.3.236:62069 -> 224.0.0.252:5355 [proto: 91/TLS][cat: Web/5][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: WANGS-LTW]
- 99 UDP 192.168.3.236:65496 -> 224.0.0.252:5355 [proto: 91/TLS][cat: Web/5][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: WANGS-LTW]
- 100 UDP 192.168.5.9:58456 -> 224.0.0.252:5355 [proto: 91/TLS][cat: Web/5][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: Joanna-PC][PLAIN TEXT (Joanna)]
- 101 UDP 192.168.5.9:62822 -> 224.0.0.252:5355 [proto: 91/TLS][cat: Web/5][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: Joanna-PC][PLAIN TEXT (Joanna)]
- 102 UDP 192.168.101.33:58456 -> 224.0.0.252:5355 [proto: 91/TLS][cat: Web/5][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: Joanna-PC][PLAIN TEXT (Joanna)]
- 103 UDP 192.168.101.33:62822 -> 224.0.0.252:5355 [proto: 91/TLS][cat: Web/5][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: Joanna-PC][PLAIN TEXT (Joanna)]
- 104 UDP 192.168.5.37:54506 -> 224.0.0.252:5355 [proto: 91/TLS][cat: Web/5][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: notebook][PLAIN TEXT (notebook)]
- 105 UDP 192.168.5.37:56366 -> 224.0.0.252:5355 [proto: 91/TLS][cat: Web/5][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: notebook][PLAIN TEXT (notebook)]
- 106 UDP 192.168.5.41:54470 -> 224.0.0.252:5355 [proto: 91/TLS][cat: Web/5][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: kevin-PC]
- 107 UDP 192.168.5.44:58702 -> 224.0.0.252:5355 [proto: 91/TLS][cat: Web/5][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: jason-PC]
- 108 UDP 192.168.5.44:59571 -> 224.0.0.252:5355 [proto: 91/TLS][cat: Web/5][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: jason-PC]
- 109 UDP 192.168.5.57:64428 -> 224.0.0.252:5355 [proto: 91/TLS][cat: Web/5][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: Usher-PC]
- 110 UDP 192.168.5.57:65150 -> 224.0.0.252:5355 [proto: 91/TLS][cat: Web/5][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: Usher-PC]
- 111 UDP 192.168.3.236:51714 -> 224.0.0.252:5355 [proto: 91/TLS][cat: Web/5][2 pkts/132 bytes -> 0 pkts/0 bytes][Host: isatap][PLAIN TEXT (isatap)]
- 112 UDP 192.168.3.236:56043 -> 224.0.0.252:5355 [proto: 91/TLS][cat: Web/5][2 pkts/132 bytes -> 0 pkts/0 bytes][Host: isatap][PLAIN TEXT (isatap)]
- 113 UDP 192.168.5.47:53962 -> 224.0.0.252:5355 [proto: 91/TLS][cat: Web/5][2 pkts/132 bytes -> 0 pkts/0 bytes][Host: RO_X1C]
- 114 UDP 192.168.5.47:61603 -> 224.0.0.252:5355 [proto: 87/RTP][cat: Media/1][2 pkts/132 bytes -> 0 pkts/0 bytes]
- 115 TCP 192.168.5.16:53605 -> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][2 pkts/126 bytes -> 0 pkts/0 bytes]
- 116 TCP 192.168.5.16:53622 <-> 192.168.115.75:443 [proto: 91/TLS][cat: Web/5][1 pkts/60 bytes <-> 1 pkts/60 bytes]
- 117 UDP [fe80::f65c:89ff:fe89:e607]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network/14][1 pkts/98 bytes -> 0 pkts/0 bytes]
- 118 UDP 192.168.5.45:59461 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( EHEGEJEMEFCACACACACACACACACACA)]
- 119 UDP 192.168.5.45:59789 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( FDEBEOEKEJ)]
- 120 UDP [fe80::e034:7be:d8f9:6197]:57143 -> [ff02::1:3]:5355 [proto: 91/TLS][cat: Web/5][1 pkts/91 bytes -> 0 pkts/0 bytes][Host: charming-PC][PLAIN TEXT (charming)]
- 121 UDP [fe80::e034:7be:d8f9:6197]:62756 -> [ff02::1:3]:5355 [proto: 91/TLS][cat: Web/5][1 pkts/91 bytes -> 0 pkts/0 bytes][Host: charming-PC][PLAIN TEXT (charming)]
- 122 UDP 192.168.5.16:123 -> 17.253.26.125:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes -> 0 pkts/0 bytes]
- 123 UDP 59.120.208.212:32768 -> 255.255.255.255:1947 [proto: 91/TLS][cat: Web/5][1 pkts/82 bytes -> 0 pkts/0 bytes][PLAIN TEXT (dDYcTc4)]
- 124 UDP 192.168.5.64:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][PLAIN TEXT (googlecast)]
- 125 UDP 192.168.5.50:49766 -> 224.0.0.252:5355 [proto: 91/TLS][cat: Web/5][1 pkts/71 bytes -> 0 pkts/0 bytes][Host: charming-PC][PLAIN TEXT (charming)]
- 126 UDP 192.168.5.50:50030 -> 224.0.0.252:5355 [proto: 91/TLS][cat: Web/5][1 pkts/71 bytes -> 0 pkts/0 bytes][Host: charming-PC][PLAIN TEXT (charming)]
- 127 UDP 192.168.5.41:55593 -> 224.0.0.252:5355 [proto: 91/TLS][cat: Web/5][1 pkts/68 bytes -> 0 pkts/0 bytes][Host: kevin-PC]
- 128 UDP 192.168.5.44:59062 -> 224.0.0.252:5355 [proto: 91/TLS][cat: Web/5][1 pkts/68 bytes -> 0 pkts/0 bytes][Host: jason-PC]
- 129 UDP 192.168.3.236:59730 -> 224.0.0.252:5355 [proto: 91/TLS][cat: Web/5][1 pkts/67 bytes -> 0 pkts/0 bytes][Host: sonusav][PLAIN TEXT (sonusav)]
+ 32 UDP 192.168.101.33:55485 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][10 pkts/1750 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
+ 33 UDP 192.168.5.49:51704 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1611 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
+ 34 UDP 192.168.5.50:64674 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1611 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
+ 35 UDP 192.168.5.37:57325 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1575 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
+ 36 TCP 192.168.115.8:49607 <-> 218.244.135.170:9099 [proto: 7/HTTP][cat: Web/5][10 pkts/880 bytes <-> 3 pkts/572 bytes][Host: 218.244.135.170][PLAIN TEXT (GET /api/qq)]
+ 37 UDP 192.168.5.47:60267 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][8 pkts/1432 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
+ 38 UDP 192.168.5.41:55312 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][8 pkts/1400 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
+ 39 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][4 pkts/1368 bytes -> 0 pkts/0 bytes][Host: shen][DHCP Fingerprint: 1,121,3,6,15,119,252][PLAIN TEXT (android)]
+ 40 UDP 192.168.5.16:68 <-> 192.168.119.1:67 [proto: 18/DHCP][cat: Network/14][2 pkts/684 bytes <-> 2 pkts/684 bytes][Host: macbook-air][DHCP Fingerprint: 1,3,6,15,119,95,252,44,46]
+ 41 UDP 192.168.5.48:49701 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][7 pkts/1253 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
+ 42 UDP 192.168.3.236:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][13 pkts/1196 bytes -> 0 pkts/0 bytes][PLAIN TEXT (FDEBFEEBFACACACACACACACACACAAA)]
+ 43 UDP 192.168.5.45:138 -> 192.168.255.255:138 [proto: 10/NetBIOS][cat: System/18][3 pkts/648 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( ENEBEDECEPEPELEBEJ)]
+ 44 UDP 192.168.115.8:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][6 pkts/552 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( FHFAEBEECACACACACACACACACACACA)]
+ 45 UDP 192.168.5.67:138 -> 192.168.255.255:138 [proto: 10/NetBIOS][cat: System/18][2 pkts/549 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( FDEBEOEKEJ)]
+ 46 UDP [fe80::406:55a8:6453:25dd]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network/14][5 pkts/490 bytes -> 0 pkts/0 bytes]
+ 47 UDP [fe80::beee:7bff:fe0c:b3de]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network/14][4 pkts/392 bytes -> 0 pkts/0 bytes]
+ 48 UDP 192.168.5.16:63372 <-> 168.95.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/89 bytes <-> 1 pkts/289 bytes][Host: dl-obs.official.line.naver.jp][PLAIN TEXT (official)]
+ 49 TCP 192.168.115.8:49596 <-> 203.66.182.87:443 [proto: 91/TLS][cat: Web/5][4 pkts/220 bytes <-> 2 pkts/132 bytes]
+ 50 UDP 192.168.5.9:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][1 pkts/342 bytes -> 0 pkts/0 bytes][Host: joanna-pc][DHCP Fingerprint: 1,15,3,6,44,46,47,31,33,121,249,43,252][PLAIN TEXT (Joanna)]
+ 51 UDP 192.168.5.41:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][1 pkts/342 bytes -> 0 pkts/0 bytes][Host: kevin-pc][DHCP Fingerprint: 1,15,3,6,44,46,47,31,33,121,249,43,252][PLAIN TEXT (MSFT 5.07)]
+ 52 UDP 192.168.115.8:60724 <-> 8.8.8.8:53 [proto: 5.137/DNS.GenericProtocol][cat: Media/1][2 pkts/146 bytes <-> 1 pkts/137 bytes][Host: pic.1kxun.com]
+ 53 UDP 192.168.0.104:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][3 pkts/276 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( FDEDCOEBFC)]
+ 54 UDP 192.168.115.8:51024 <-> 8.8.8.8:53 [proto: 5.137/DNS.GenericProtocol][cat: Media/1][2 pkts/160 bytes <-> 1 pkts/112 bytes][Host: jp.kankan.1kxun.mobi][PLAIN TEXT (kankan)]
+ 55 UDP 192.168.115.8:54420 <-> 8.8.8.8:53 [proto: 5.48/DNS.QQ][cat: Chat/9][2 pkts/150 bytes <-> 1 pkts/116 bytes][Host: vv.video.qq.com]
+ 56 UDP 192.168.115.8:52723 <-> 8.8.8.8:53 [proto: 5.137/DNS.GenericProtocol][cat: Media/1][2 pkts/152 bytes <-> 1 pkts/108 bytes][Host: kankan.1kxun.com][PLAIN TEXT (kankan)]
+ 57 UDP 192.168.115.8:52723 <-> 168.95.1.1:53 [proto: 5.137/DNS.GenericProtocol][cat: Media/1][2 pkts/152 bytes <-> 1 pkts/108 bytes][Host: kankan.1kxun.com][PLAIN TEXT (kankan)]
+ 58 UDP 192.168.115.8:51458 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][4 pkts/256 bytes -> 0 pkts/0 bytes][Host: wpad]
+ 59 TCP 192.168.5.16:53613 -> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][3 pkts/198 bytes -> 0 pkts/0 bytes]
+ 60 UDP [fe80::9bd:81dd:2fdc:5750]:61548 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/190 bytes -> 0 pkts/0 bytes][Host: caesar-thinkpad][PLAIN TEXT (caesar)]
+ 61 UDP [fe80::9bd:81dd:2fdc:5750]:64568 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/190 bytes -> 0 pkts/0 bytes][Host: caesar-thinkpad][PLAIN TEXT (caesar)]
+ 62 UDP 192.168.5.45:137 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][2 pkts/184 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( EOEBFDEGEJEMEFCACACACACACACACA)]
+ 63 UDP [fe80::e98f:bae2:19f7:6b0f]:51451 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/184 bytes -> 0 pkts/0 bytes][Host: ____________]
+ 64 UDP [fe80::e98f:bae2:19f7:6b0f]:54888 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/184 bytes -> 0 pkts/0 bytes][Host: ____________]
+ 65 UDP [fe80::e98f:bae2:19f7:6b0f]:58779 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/184 bytes -> 0 pkts/0 bytes][Host: ____________]
+ 66 UDP [fe80::e034:7be:d8f9:6197]:49766 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/182 bytes -> 0 pkts/0 bytes][Host: charming-PC][PLAIN TEXT (charming)]
+ 67 UDP [fe80::5d92:62a8:ebde:1319]:49735 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/178 bytes -> 0 pkts/0 bytes][Host: WANGS-LTW]
+ 68 UDP [fe80::5d92:62a8:ebde:1319]:58468 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/178 bytes -> 0 pkts/0 bytes][Host: WANGS-LTW]
+ 69 UDP 192.168.119.1:56861 -> 255.255.255.255:5678 [proto: 78/STUN][cat: Network/14][1 pkts/177 bytes -> 0 pkts/0 bytes][PLAIN TEXT (6.35.1 )]
+ 70 TCP 192.168.115.8:49581 <-> 64.233.189.128:80 [proto: 7.126/HTTP.Google][cat: Web/5][2 pkts/110 bytes <-> 1 pkts/66 bytes]
+ 71 UDP [fe80::4568:efbc:40b1:1346]:50194 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/176 bytes -> 0 pkts/0 bytes][Host: kevin-PC]
+ 72 UDP [fe80::4568:efbc:40b1:1346]:57148 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/176 bytes -> 0 pkts/0 bytes][Host: kevin-PC]
+ 73 UDP [fe80::5d92:62a8:ebde:1319]:61172 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/174 bytes -> 0 pkts/0 bytes][Host: sonusav][PLAIN TEXT (sonusav)]
+ 74 UDP [fe80::5d92:62a8:ebde:1319]:53938 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Host: isatap][PLAIN TEXT (isatap)]
+ 75 UDP [fe80::5d92:62a8:ebde:1319]:63659 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Host: isatap][PLAIN TEXT (isatap)]
+ 76 UDP [fe80::edf5:240a:c8c0:8312]:53962 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Host: RO_X1C]
+ 77 UDP [fe80::edf5:240a:c8c0:8312]:61603 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/172 bytes -> 0 pkts/0 bytes][Host: RO_X1C]
+ 78 UDP 192.168.119.2:43786 -> 255.255.255.255:5678 [proto: 78/STUN][cat: Network/14][1 pkts/163 bytes -> 0 pkts/0 bytes][PLAIN TEXT (6.35.4 )]
+ 79 UDP 192.168.5.49:61548 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/150 bytes -> 0 pkts/0 bytes][Host: caesar-thinkpad][PLAIN TEXT (caesar)]
+ 80 UDP 192.168.5.49:64568 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/150 bytes -> 0 pkts/0 bytes][Host: caesar-thinkpad][PLAIN TEXT (caesar)]
+ 81 UDP 192.168.3.95:51451 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/144 bytes -> 0 pkts/0 bytes][Host: ____________]
+ 82 UDP 192.168.3.95:54888 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/144 bytes -> 0 pkts/0 bytes][Host: ____________]
+ 83 UDP 192.168.3.95:58779 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/144 bytes -> 0 pkts/0 bytes][Host: ____________]
+ 84 UDP 192.168.5.50:57143 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/142 bytes -> 0 pkts/0 bytes][Host: charming-PC][PLAIN TEXT (charming)]
+ 85 UDP 192.168.5.50:62756 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/142 bytes -> 0 pkts/0 bytes][Host: charming-PC][PLAIN TEXT (charming)]
+ 86 UDP 192.168.5.48:59797 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/140 bytes -> 0 pkts/0 bytes][Host: Kasper-mac][PLAIN TEXT (Kasper)]
+ 87 UDP 192.168.3.236:62069 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: WANGS-LTW]
+ 88 UDP 192.168.3.236:65496 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: WANGS-LTW]
+ 89 UDP 192.168.5.9:58456 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: Joanna-PC][PLAIN TEXT (Joanna)]
+ 90 UDP 192.168.5.9:62822 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: Joanna-PC][PLAIN TEXT (Joanna)]
+ 91 UDP 192.168.101.33:58456 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: Joanna-PC][PLAIN TEXT (Joanna)]
+ 92 UDP 192.168.101.33:62822 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/138 bytes -> 0 pkts/0 bytes][Host: Joanna-PC][PLAIN TEXT (Joanna)]
+ 93 UDP 192.168.5.37:54506 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: notebook][PLAIN TEXT (notebook)]
+ 94 UDP 192.168.5.37:56366 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: notebook][PLAIN TEXT (notebook)]
+ 95 UDP 192.168.5.41:54470 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: kevin-PC]
+ 96 UDP 192.168.5.44:58702 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: jason-PC]
+ 97 UDP 192.168.5.44:59571 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: jason-PC]
+ 98 UDP 192.168.5.57:64428 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: Usher-PC]
+ 99 UDP 192.168.5.57:65150 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: Usher-PC]
+ 100 UDP 192.168.3.236:51714 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes][Host: isatap][PLAIN TEXT (isatap)]
+ 101 UDP 192.168.3.236:56043 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes][Host: isatap][PLAIN TEXT (isatap)]
+ 102 UDP 192.168.5.47:53962 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes][Host: RO_X1C]
+ 103 UDP 192.168.5.47:61603 -> 224.0.0.252:5355 [proto: 87/RTP][cat: Media/1][2 pkts/132 bytes -> 0 pkts/0 bytes]
+ 104 TCP 192.168.5.16:53605 -> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][2 pkts/126 bytes -> 0 pkts/0 bytes]
+ 105 TCP 192.168.5.16:53622 <-> 192.168.115.75:443 [proto: 91/TLS][cat: Web/5][1 pkts/60 bytes <-> 1 pkts/60 bytes]
+ 106 UDP [fe80::f65c:89ff:fe89:e607]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network/14][1 pkts/98 bytes -> 0 pkts/0 bytes]
+ 107 UDP 192.168.5.45:59461 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( EHEGEJEMEFCACACACACACACACACACA)]
+ 108 UDP 192.168.5.45:59789 -> 192.168.255.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( FDEBEOEKEJ)]
+ 109 UDP [fe80::e034:7be:d8f9:6197]:57143 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/91 bytes -> 0 pkts/0 bytes][Host: charming-PC][PLAIN TEXT (charming)]
+ 110 UDP [fe80::e034:7be:d8f9:6197]:62756 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/91 bytes -> 0 pkts/0 bytes][Host: charming-PC][PLAIN TEXT (charming)]
+ 111 UDP 192.168.5.16:123 -> 17.253.26.125:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes -> 0 pkts/0 bytes]
+ 112 UDP 192.168.5.64:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][1 pkts/82 bytes -> 0 pkts/0 bytes][PLAIN TEXT (googlecast)]
+ 113 UDP 192.168.5.50:49766 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/71 bytes -> 0 pkts/0 bytes][Host: charming-PC][PLAIN TEXT (charming)]
+ 114 UDP 192.168.5.50:50030 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/71 bytes -> 0 pkts/0 bytes][Host: charming-PC][PLAIN TEXT (charming)]
+ 115 UDP 192.168.5.41:55593 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/68 bytes -> 0 pkts/0 bytes][Host: kevin-PC]
+ 116 UDP 192.168.5.44:59062 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/68 bytes -> 0 pkts/0 bytes][Host: jason-PC]
+ 117 UDP 192.168.3.236:59730 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][1 pkts/67 bytes -> 0 pkts/0 bytes][Host: sonusav][PLAIN TEXT (sonusav)]
+
+
+Undetected flows:
+ 1 UDP 192.168.10.110:60480 -> 255.255.255.255:62976 [proto: 0/Unknown][5 pkts/1795 bytes -> 0 pkts/0 bytes]
+ 2 UDP [2001:b030:214:100:c2a0:bbff:fe73:eb47]:62976 -> [ff02::1]:62976 [proto: 0/Unknown][2 pkts/782 bytes -> 0 pkts/0 bytes][PLAIN TEXT (Switch)]
+ 3 UDP [2001:b020:6::c2a0:bbff:fe73:eb57]:62976 -> [ff02::1]:62976 [proto: 0/Unknown][2 pkts/782 bytes -> 0 pkts/0 bytes][PLAIN TEXT (Switch)]
+ 4 UDP 192.168.10.7:62976 -> 255.255.255.255:62976 [proto: 0/Unknown][2 pkts/718 bytes -> 0 pkts/0 bytes][PLAIN TEXT (Switch)]
+ 5 UDP 192.168.125.30:62976 -> 255.255.255.255:62976 [proto: 0/Unknown][2 pkts/718 bytes -> 0 pkts/0 bytes][PLAIN TEXT (Switch)]
+ 6 UDP 192.168.140.140:62976 -> 255.255.255.255:62976 [proto: 0/Unknown][1 pkts/359 bytes -> 0 pkts/0 bytes][PLAIN TEXT (Switch)]
+ 7 UDP [fe80::4e5e:cff:feea:365]:5678 -> [ff02::1]:5678 [proto: 0/Unknown][1 pkts/197 bytes -> 0 pkts/0 bytes][PLAIN TEXT (6.35.1 )]
+ 8 UDP [fe80::4e5e:cff:fe9a:ec54]:5678 -> [ff02::1]:5678 [proto: 0/Unknown][1 pkts/185 bytes -> 0 pkts/0 bytes][PLAIN TEXT (6.35.1 )]
+ 9 UDP 59.120.208.218:50151 -> 255.255.255.255:1947 [proto: 0/Unknown][2 pkts/164 bytes -> 0 pkts/0 bytes][PLAIN TEXT (AABHZW50cmljZV9)]
+ 10 UDP 192.168.2.186:32768 -> 255.255.255.255:1947 [proto: 0/Unknown][2 pkts/164 bytes -> 0 pkts/0 bytes][PLAIN TEXT (icRVSoU)]
+ 11 UDP 192.168.0.100:50925 -> 255.255.255.255:5678 [proto: 0/Unknown][1 pkts/142 bytes -> 0 pkts/0 bytes][PLAIN TEXT (6.35.1 )]
+ 12 UDP 59.120.208.212:32768 -> 255.255.255.255:1947 [proto: 0/Unknown][1 pkts/82 bytes -> 0 pkts/0 bytes][PLAIN TEXT (dDYcTc4)]
diff --git a/tests/result/Instagram.pcap.out b/tests/result/Instagram.pcap.out
index 6ca04a417..8a97e29e0 100644
--- a/tests/result/Instagram.pcap.out
+++ b/tests/result/Instagram.pcap.out
@@ -1,6 +1,7 @@
+Unknown 1 66 1
HTTP 116 91784 6
ICMP 5 510 1
-TLS 3 235 2
+TLS 2 169 1
Facebook 251 215986 5
Dropbox 5 725 2
Instagram 363 255094 16
@@ -40,5 +41,8 @@ JA3 Host Stats:
28 TCP 192.168.0.103:58690 -> 46.33.70.159:443 [proto: 91/TLS][cat: Web/5][2 pkts/169 bytes -> 0 pkts/0 bytes]
29 UDP 192.168.0.106:17500 -> 192.168.0.255:17500 [proto: 121/Dropbox][cat: Cloud/13][1 pkts/145 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( 413767116)]
30 TCP 46.33.70.150:80 <-> 192.168.0.103:40855 [proto: 7/HTTP][cat: Web/5][1 pkts/74 bytes <-> 1 pkts/66 bytes]
- 31 UDP 192.168.0.103:27124 -> 8.8.8.8:53 [proto: 91.211/TLS.Instagram][cat: SocialNetwork/6][1 pkts/85 bytes -> 0 pkts/0 bytes][Host: photos-b.ak.instagram.com][PLAIN TEXT (photos)]
- 32 UDP 192.168.0.1:520 -> 192.168.0.255:520 [proto: 91/TLS][cat: Web/5][1 pkts/66 bytes -> 0 pkts/0 bytes]
+ 31 UDP 192.168.0.103:27124 -> 8.8.8.8:53 [proto: 5.211/DNS.Instagram][cat: SocialNetwork/6][1 pkts/85 bytes -> 0 pkts/0 bytes][Host: photos-b.ak.instagram.com][PLAIN TEXT (photos)]
+
+
+Undetected flows:
+ 1 UDP 192.168.0.1:520 -> 192.168.0.255:520 [proto: 0/Unknown][1 pkts/66 bytes -> 0 pkts/0 bytes]
diff --git a/tests/result/KakaoTalk_talk.pcap.out b/tests/result/KakaoTalk_talk.pcap.out
index 6015a8c7a..b399fd3e3 100644
--- a/tests/result/KakaoTalk_talk.pcap.out
+++ b/tests/result/KakaoTalk_talk.pcap.out
@@ -1,11 +1,10 @@
HTTP 5 280 1
QQ 15 1727 1
RTP 2991 398751 2
-TLS 50 11306 2
+TLS 90 21844 3
Facebook 34 4401 4
Google 4 359 4
HTTP_Proxy 16 1838 2
-Tor 40 10538 1
Amazon 4 396 1
KakaoTalk_Voice 44 6196 2
@@ -16,7 +15,7 @@ JA3 Host Stats:
1 UDP 10.24.82.188:11320 <-> 1.201.1.174:23044 [proto: 87/RTP][cat: Media/1][757 pkts/106335 bytes <-> 746 pkts/93906 bytes][PLAIN TEXT (46yOXQ)]
2 UDP 10.24.82.188:10268 <-> 1.201.1.174:23046 [proto: 87/RTP][cat: Media/1][746 pkts/93906 bytes <-> 742 pkts/104604 bytes][PLAIN TEXT (46yOXQ)]
- 3 TCP 10.24.82.188:58857 <-> 110.76.143.50:9001 [proto: 163/Tor][cat: VPN/2][22 pkts/5326 bytes <-> 18 pkts/5212 bytes][PLAIN TEXT (Kakao.com)]
+ 3 TCP 10.24.82.188:58857 <-> 110.76.143.50:9001 [proto: 91/TLS][cat: Web/5][22 pkts/5326 bytes <-> 18 pkts/5212 bytes][TLSv1][JA3C: 4b79ae67eb3b2cf1c75e68ea0100ca1b][server: kakao.com][JA3S: 4ea82b75038dd27e8a1cb69d8b839b26 (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA]
4 TCP 10.24.82.188:32968 <-> 110.76.143.50:8080 [proto: 91/TLS][cat: Web/5][23 pkts/4380 bytes <-> 22 pkts/5728 bytes][TLSv1][JA3C: 4b79ae67eb3b2cf1c75e68ea0100ca1b][server: kakao.com][JA3S: 4ea82b75038dd27e8a1cb69d8b839b26 (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA]
5 TCP 10.24.82.188:59954 <-> 173.252.88.128:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][15 pkts/2932 bytes <-> 14 pkts/1092 bytes][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][JA3S: 07dddc59e60135c7b479d39c3ae686af][Cipher: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA]
6 UDP 10.24.82.188:10269 <-> 1.201.1.174:23047 [proto: 194/KakaoTalk_Voice][cat: VoIP/10][12 pkts/1692 bytes <-> 10 pkts/1420 bytes]
diff --git a/tests/result/nintendo.pcap.out b/tests/result/nintendo.pcap.out
index 933c43edc..903ae840f 100644
--- a/tests/result/nintendo.pcap.out
+++ b/tests/result/nintendo.pcap.out
@@ -17,14 +17,14 @@ JA3 Host Stats:
8 UDP 192.168.12.114:52119 <-> 109.21.255.11:50251 [proto: 173/Nintendo][cat: Game/8][8 pkts/1024 bytes <-> 8 pkts/1024 bytes]
9 UDP 192.168.12.114:52119 <-> 134.3.248.25:56955 [proto: 173/Nintendo][cat: Game/8][8 pkts/1040 bytes <-> 7 pkts/922 bytes]
10 ICMP 151.6.184.100:0 -> 192.168.12.114:0 [proto: 81/ICMP][cat: Network/14][21 pkts/1470 bytes -> 0 pkts/0 bytes]
- 11 UDP 192.168.12.114:10184 <-> 192.168.12.1:53 [proto: 91.173/TLS.Nintendo][cat: Game/8][4 pkts/368 bytes <-> 4 pkts/400 bytes][Host: g2df33d01-lp1.p.srv.nintendo.net][PLAIN TEXT (nintendo)]
- 12 UDP 192.168.12.114:52119 -> 52.10.205.177:34343 [proto: 91.178/TLS.Amazon][cat: Web/5][1 pkts/730 bytes -> 0 pkts/0 bytes]
+ 11 UDP 192.168.12.114:10184 <-> 192.168.12.1:53 [proto: 5.173/DNS.Nintendo][cat: Game/8][4 pkts/368 bytes <-> 4 pkts/400 bytes][Host: g2df33d01-lp1.p.srv.nintendo.net][PLAIN TEXT (nintendo)]
+ 12 UDP 192.168.12.114:52119 -> 52.10.205.177:34343 [proto: 178/Amazon][cat: Web/5][1 pkts/730 bytes -> 0 pkts/0 bytes]
13 ICMP 151.6.184.98:0 -> 192.168.12.114:0 [proto: 81/ICMP][cat: Network/14][9 pkts/630 bytes -> 0 pkts/0 bytes]
- 14 UDP 192.168.12.114:55915 <-> 35.158.74.61:10025 [proto: 91.178/TLS.Amazon][cat: Web/5][5 pkts/290 bytes <-> 5 pkts/290 bytes]
+ 14 UDP 192.168.12.114:55915 <-> 35.158.74.61:10025 [proto: 178/Amazon][cat: Web/5][5 pkts/290 bytes <-> 5 pkts/290 bytes]
15 UDP 192.168.12.114:18874 <-> 192.168.12.1:53 [proto: 5.173/DNS.Nintendo][cat: Game/8][1 pkts/110 bytes <-> 1 pkts/281 bytes][Host: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com][PLAIN TEXT (fb203858ebc)]
16 UDP 192.168.12.114:51035 <-> 192.168.12.1:53 [proto: 5.173/DNS.Nintendo][cat: Game/8][1 pkts/110 bytes <-> 1 pkts/281 bytes][Host: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com][PLAIN TEXT (fb203858ebc)]
17 UDP 192.168.12.114:52119 -> 35.158.74.61:33335 [proto: 173/Nintendo][cat: Game/8][3 pkts/354 bytes -> 0 pkts/0 bytes]
- 18 UDP 192.168.12.114:55915 -> 35.158.74.61:33335 [proto: 91.178/TLS.Amazon][cat: Web/5][3 pkts/318 bytes -> 0 pkts/0 bytes][PLAIN TEXT (NATTestId)]
- 19 UDP 192.168.12.114:55915 -> 52.10.205.177:34343 [proto: 91.178/TLS.Amazon][cat: Web/5][1 pkts/298 bytes -> 0 pkts/0 bytes]
- 20 UDP 192.168.12.114:55915 -> 35.158.74.61:33334 [proto: 91.178/TLS.Amazon][cat: Web/5][5 pkts/290 bytes -> 0 pkts/0 bytes]
+ 18 UDP 192.168.12.114:55915 -> 35.158.74.61:33335 [proto: 178/Amazon][cat: Web/5][3 pkts/318 bytes -> 0 pkts/0 bytes][PLAIN TEXT (NATTestId)]
+ 19 UDP 192.168.12.114:55915 -> 52.10.205.177:34343 [proto: 178/Amazon][cat: Web/5][1 pkts/298 bytes -> 0 pkts/0 bytes]
+ 20 UDP 192.168.12.114:55915 -> 35.158.74.61:33334 [proto: 178/Amazon][cat: Web/5][5 pkts/290 bytes -> 0 pkts/0 bytes]
21 TCP 192.168.12.114:11534 <-> 54.146.242.74:443 [proto: 91.178/TLS.Amazon][cat: Web/5][1 pkts/54 bytes <-> 1 pkts/54 bytes]
diff --git a/tests/result/ocs.pcap.out b/tests/result/ocs.pcap.out
index 3ca2466b5..7354137cb 100644
--- a/tests/result/ocs.pcap.out
+++ b/tests/result/ocs.pcap.out
@@ -1,6 +1,7 @@
Unknown 6 360 1
+DNS 3 214 3
HTTP 13 1019 2
-Google 30 3390 6
+Google 27 3176 3
Amazon 20 2715 1
OCS 863 57552 7
PlayStore 1 72 1
@@ -22,14 +23,14 @@ JA3 Host Stats:
9 TCP 192.168.180.2:44959 -> 137.135.129.206:80 [proto: 7.7/HTTP][cat: Web/5][7 pkts/540 bytes -> 0 pkts/0 bytes][Host: api.eu01.capptain.com][PLAIN TEXT (GET /ip)]
10 TCP 192.168.180.2:53356 -> 137.135.129.206:80 [proto: 7.7/HTTP][cat: Web/5][6 pkts/479 bytes -> 0 pkts/0 bytes][Host: api.eu01.capptain.com][PLAIN TEXT (GET /xmpp)]
11 TCP 192.168.180.2:47699 -> 64.233.184.188:5228 [proto: 126/Google][cat: Web/5][2 pkts/120 bytes -> 0 pkts/0 bytes]
- 12 UDP 192.168.180.2:3621 -> 8.8.8.8:53 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/77 bytes -> 0 pkts/0 bytes][Host: xmpp.device06.eu01.capptain.com][PLAIN TEXT (device06)]
- 13 UDP 192.168.180.2:48770 -> 8.8.8.8:53 [proto: 91.228/TLS.PlayStore][cat: SoftwareUpdate/19][1 pkts/72 bytes -> 0 pkts/0 bytes][Host: android.clients.google.com][PLAIN TEXT (android)]
- 14 UDP 192.168.180.2:40097 -> 8.8.8.8:53 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/70 bytes -> 0 pkts/0 bytes][Host: settings.crashlytics.com][PLAIN TEXT (settings)]
- 15 UDP 192.168.180.2:1291 -> 8.8.8.8:53 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/67 bytes -> 0 pkts/0 bytes][Host: api.eu01.capptain.com][PLAIN TEXT (capptain)]
- 16 UDP 192.168.180.2:11793 -> 8.8.8.8:53 [proto: 91.239/TLS.GoogleServices][cat: Web/5][1 pkts/65 bytes -> 0 pkts/0 bytes][Host: play.googleapis.com][PLAIN TEXT (googleapis)]
- 17 UDP 192.168.180.2:38472 -> 8.8.8.8:53 [proto: 91.218/TLS.OCS][cat: Media/1][1 pkts/63 bytes -> 0 pkts/0 bytes][Host: ocu03.labgency.ws][PLAIN TEXT (labgency)]
- 18 UDP 192.168.180.2:2589 -> 8.8.8.8:53 [proto: 91.218/TLS.OCS][cat: Media/1][1 pkts/61 bytes -> 0 pkts/0 bytes][Host: ocs.labgency.ws][PLAIN TEXT (labgency)]
- 19 UDP 192.168.180.2:24245 -> 8.8.8.8:53 [proto: 91.218/TLS.OCS][cat: Media/1][1 pkts/56 bytes -> 0 pkts/0 bytes][Host: www.ocs.fr]
+ 12 UDP 192.168.180.2:3621 -> 8.8.8.8:53 [proto: 5.5/DNS][cat: Network/14][1 pkts/77 bytes -> 0 pkts/0 bytes][Host: xmpp.device06.eu01.capptain.com][PLAIN TEXT (device06)]
+ 13 UDP 192.168.180.2:48770 -> 8.8.8.8:53 [proto: 5.228/DNS.PlayStore][cat: SoftwareUpdate/19][1 pkts/72 bytes -> 0 pkts/0 bytes][Host: android.clients.google.com][PLAIN TEXT (android)]
+ 14 UDP 192.168.180.2:40097 -> 8.8.8.8:53 [proto: 5.5/DNS][cat: Network/14][1 pkts/70 bytes -> 0 pkts/0 bytes][Host: settings.crashlytics.com][PLAIN TEXT (settings)]
+ 15 UDP 192.168.180.2:1291 -> 8.8.8.8:53 [proto: 5.5/DNS][cat: Network/14][1 pkts/67 bytes -> 0 pkts/0 bytes][Host: api.eu01.capptain.com][PLAIN TEXT (capptain)]
+ 16 UDP 192.168.180.2:11793 -> 8.8.8.8:53 [proto: 5.239/DNS.GoogleServices][cat: Web/5][1 pkts/65 bytes -> 0 pkts/0 bytes][Host: play.googleapis.com][PLAIN TEXT (googleapis)]
+ 17 UDP 192.168.180.2:38472 -> 8.8.8.8:53 [proto: 5.218/DNS.OCS][cat: Media/1][1 pkts/63 bytes -> 0 pkts/0 bytes][Host: ocu03.labgency.ws][PLAIN TEXT (labgency)]
+ 18 UDP 192.168.180.2:2589 -> 8.8.8.8:53 [proto: 5.218/DNS.OCS][cat: Media/1][1 pkts/61 bytes -> 0 pkts/0 bytes][Host: ocs.labgency.ws][PLAIN TEXT (labgency)]
+ 19 UDP 192.168.180.2:24245 -> 8.8.8.8:53 [proto: 5.218/DNS.OCS][cat: Media/1][1 pkts/56 bytes -> 0 pkts/0 bytes][Host: www.ocs.fr]
Undetected flows:
diff --git a/tests/result/pps.pcap.out b/tests/result/pps.pcap.out
index caf9251c0..c8c26b57d 100644
--- a/tests/result/pps.pcap.out
+++ b/tests/result/pps.pcap.out
@@ -1,113 +1,116 @@
+Unknown 990 378832 34
HTTP 73 69236 13
SSDP 63 17143 10
-TLS 990 378832 34
Google 2 1093 1
GenericProtocol 1429 1780307 49
1 TCP 192.168.115.8:50780 <-> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/303 bytes <-> 541 pkts/710082 bytes][Host: preimage1.qiyipic.com][PLAIN TEXT (GET /preimage/20160506/f0/1)]
2 TCP 192.168.115.8:50778 <-> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/303 bytes <-> 528 pkts/692658 bytes][Host: preimage1.qiyipic.com][PLAIN TEXT (GET /preimage/20160506/f0/1)]
3 TCP 192.168.115.8:50505 <-> 223.26.106.19:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][2 pkts/400 bytes <-> 244 pkts/319633 bytes][Host: static.qiyi.com][PLAIN TEXT (GET /ext/common/qisu2/downloade)]
- 4 UDP 1.173.5.226:22636 <-> 192.168.115.8:22793 [proto: 91/TLS][cat: Web/5][130 pkts/143912 bytes <-> 270 pkts/21334 bytes][PLAIN TEXT (lllllllh)]
- 5 UDP 192.168.115.8:22793 <-> 114.42.0.158:7716 [proto: 91/TLS][cat: Web/5][229 pkts/18091 bytes <-> 109 pkts/120663 bytes][PLAIN TEXT (66666662)]
- 6 UDP 118.171.15.56:5544 <-> 192.168.115.8:22793 [proto: 91/TLS][cat: Web/5][30 pkts/33210 bytes <-> 71 pkts/5609 bytes][PLAIN TEXT (YYYYYYY)]
- 7 TCP 192.168.115.8:50491 <-> 223.26.106.66:80 [proto: 7.7/HTTP][cat: Web/5][1 pkts/426 bytes <-> 26 pkts/33872 bytes][Host: 223.26.106.66][PLAIN TEXT (GET /videos/v)]
- 8 TCP 192.168.115.8:50486 <-> 77.234.40.96:80 [proto: 7/HTTP][cat: Web/5][11 pkts/11023 bytes <-> 12 pkts/14869 bytes][Host: bcu.ff.avast.com][PLAIN TEXT (POST /bc2 HTTP/1.1)]
- 9 UDP 192.168.115.8:22793 <-> 219.228.107.156:1250 [proto: 91/TLS][cat: Web/5][34 pkts/2686 bytes <-> 11 pkts/12177 bytes][PLAIN TEXT (CCCCCCC)]
- 10 UDP 192.168.115.8:22793 <-> 222.197.138.12:6956 [proto: 91/TLS][cat: Web/5][30 pkts/2370 bytes <-> 10 pkts/10042 bytes][PLAIN TEXT (hhhhhhhl)]
- 11 UDP 192.168.5.38:1900 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][18 pkts/9327 bytes -> 0 pkts/0 bytes][PLAIN TEXT (NOTIFY )]
- 12 TCP 192.168.115.8:50476 <-> 101.227.32.39:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/656 bytes <-> 4 pkts/3897 bytes][Host: cache.video.iqiyi.com][PLAIN TEXT (GET /vi/500494600/562)]
- 13 UDP 192.168.115.8:22793 <-> 202.198.7.89:16039 [proto: 91/TLS][cat: Web/5][2 pkts/158 bytes <-> 3 pkts/3323 bytes][PLAIN TEXT (bTTTUQX)]
- 14 TCP 192.168.115.8:50495 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][3 pkts/2844 bytes <-> 3 pkts/597 bytes][Host: msg.71.am][PLAIN TEXT (GET /cp)]
- 15 TCP 77.234.41.35:80 <-> 192.168.115.8:49174 [proto: 7/HTTP][cat: Web/5][4 pkts/2953 bytes <-> 1 pkts/356 bytes][PLAIN TEXT (HTTP/1.1 200 OK)]
- 16 TCP 192.168.115.8:50767 <-> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][4 pkts/800 bytes <-> 4 pkts/2112 bytes][Host: static.qiyi.com][PLAIN TEXT (GET /ext/common/qisu2/masauto.i)]
- 17 TCP 192.168.115.8:50488 <-> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/311 bytes <-> 2 pkts/2035 bytes][Host: meta.video.qiyi.com][PLAIN TEXT (GET /20160625/a)]
- 18 TCP 192.168.115.8:50471 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][2 pkts/1898 bytes <-> 2 pkts/398 bytes][Host: msg.71.am][PLAIN TEXT (GET /cp)]
- 19 TCP 192.168.115.8:50501 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][2 pkts/1893 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /cp)]
- 20 TCP 192.168.115.8:50463 <-> 101.227.200.11:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][2 pkts/1555 bytes <-> 1 pkts/306 bytes][Host: api.cupid.iqiyi.com][PLAIN TEXT (GET /track2)]
- 21 TCP 192.168.115.8:50496 <-> 101.227.200.11:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][2 pkts/1555 bytes <-> 1 pkts/306 bytes][Host: api.cupid.iqiyi.com][PLAIN TEXT (GET /track2)]
- 22 TCP 192.168.115.8:50779 <-> 111.206.22.77:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][2 pkts/1438 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com][PLAIN TEXT (GET /b)]
- 23 UDP 192.168.5.38:58897 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1575 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
- 24 UDP 192.168.115.1:50945 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1539 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
- 25 TCP 192.168.115.8:50464 <-> 123.125.112.49:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/707 bytes <-> 1 pkts/744 bytes][Host: click.hm.baidu.com][PLAIN TEXT (GET /clk)]
- 26 TCP 192.168.115.8:50492 <-> 111.206.13.3:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/389 bytes <-> 2 pkts/1034 bytes][Host: pdata.video.qiyi.com][PLAIN TEXT (GET /2efc)]
- 27 TCP 192.168.115.8:50777 <-> 111.206.22.77:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/1186 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com][PLAIN TEXT (GET /b)]
- 28 TCP 192.168.115.8:50494 <-> 223.26.106.66:80 [proto: 7/HTTP][cat: Web/5][2 pkts/887 bytes <-> 1 pkts/443 bytes][Host: 223.26.106.66][PLAIN TEXT (GET /videos/v)]
- 29 TCP 192.168.115.8:50497 <-> 123.125.112.49:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/1004 bytes <-> 2 pkts/301 bytes][Host: click.hm.baidu.com][PLAIN TEXT (GET /mkt.gif)]
- 30 TCP 192.168.115.8:50499 <-> 111.206.22.76:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/1097 bytes <-> 1 pkts/199 bytes][Host: msg.iqiyi.com][PLAIN TEXT (GET /b)]
- 31 TCP 192.168.115.8:50474 <-> 202.108.14.221:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/1100 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com][PLAIN TEXT (GET /b)]
- 32 TCP 192.168.115.8:50507 <-> 223.26.106.19:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/212 bytes <-> 1 pkts/1063 bytes][Host: static.qiyi.com][PLAIN TEXT (GET /ext/common/qisu2/downloadh)]
- 33 TCP 192.168.115.8:50485 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/947 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /cp)]
- 34 TCP 192.168.115.8:50502 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/947 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /cp)]
- 35 TCP 192.168.115.8:50493 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/946 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /cp)]
- 36 TCP 192.168.115.8:50771 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/946 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /cp)]
- 37 TCP 192.168.115.8:50473 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/944 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /core)]
- 38 TCP 192.168.115.8:50475 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/941 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /cp)]
- 39 TCP 192.168.115.8:50500 <-> 23.41.133.163:80 [proto: 7/HTTP][cat: Web/5][1 pkts/289 bytes <-> 1 pkts/839 bytes][Host: s1.symcb.com][PLAIN TEXT (GET /pca3)]
- 40 TCP 192.168.115.8:50773 <-> 202.108.14.221:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/919 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /core)]
- 41 TCP 192.168.115.8:50466 <-> 203.66.182.24:80 [proto: 7.126/HTTP.Google][cat: Web/5][1 pkts/280 bytes <-> 1 pkts/813 bytes][Host: clients1.google.com][PLAIN TEXT (GET /ocsp/MEkwRzBFMEMwQ)]
- 42 UDP 192.168.5.50:52529 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1074 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
- 43 UDP 192.168.5.28:60023 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1050 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
- 44 UDP 192.168.5.57:59648 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1050 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
- 45 TCP 192.168.115.8:50504 -> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/946 bytes -> 0 pkts/0 bytes][Host: msg.71.am][PLAIN TEXT (GET /cp)]
- 46 TCP 192.168.115.8:50769 <-> 101.227.200.11:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/604 bytes <-> 1 pkts/291 bytes][Host: api.cupid.iqiyi.com][PLAIN TEXT (GET /ccs HTTP/1.1)]
- 47 TCP 192.168.115.8:50498 <-> 36.110.220.15:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/694 bytes <-> 1 pkts/199 bytes][Host: msg.video.qiyi.com][PLAIN TEXT (GET /tmpstats.gif)]
- 48 TCP 192.168.115.8:50503 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/683 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /core)]
- 49 UDP 192.168.5.41:50374 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][5 pkts/875 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
- 50 TCP 192.168.115.8:50490 <-> 119.188.13.188:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/357 bytes <-> 1 pkts/479 bytes][Host: pdata.video.qiyi.com][PLAIN TEXT (GET /2efc)]
- 51 TCP 192.168.115.8:50467 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/629 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /core)]
- 52 TCP 192.168.115.8:50484 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/622 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /core)]
- 53 TCP 192.168.115.8:50477 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/614 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /core)]
- 54 TCP 192.168.115.8:50774 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/587 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /core)]
- 55 TCP 192.168.115.8:50469 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/573 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /core)]
- 56 TCP 192.168.115.8:50482 <-> 140.205.243.64:80 [proto: 7/HTTP][cat: Web/5][1 pkts/444 bytes <-> 1 pkts/283 bytes][Host: cmc.tanx.com][PLAIN TEXT (GET /andc)]
- 57 TCP 192.168.115.8:50768 <-> 223.26.106.19:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/198 bytes <-> 1 pkts/526 bytes][Host: static.qiyi.com][PLAIN TEXT (GET /ext/common/qisu2/masblog.i)]
- 58 TCP 192.168.5.15:65128 <-> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][1 pkts/331 bytes <-> 1 pkts/390 bytes][Host: api.magicansoft.com][PLAIN TEXT (GET /comMagicanApi/composite/ap)]
- 59 TCP 192.168.115.8:50509 <-> 106.38.219.107:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/163 bytes <-> 2 pkts/557 bytes][Host: iplocation.geo.qiyi.com][PLAIN TEXT (GET /cityjson HTTP/1.1)]
- 60 TCP 192.168.5.15:65127 <-> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][1 pkts/323 bytes <-> 1 pkts/390 bytes][Host: api.magicansoft.com][PLAIN TEXT (GET /comMagicanApi/index.php/To)]
- 61 TCP 192.168.115.8:50766 <-> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/198 bytes <-> 1 pkts/493 bytes][Host: static.qiyi.com][PLAIN TEXT (GET /ext/common/qisu2/masflag.i)]
- 62 TCP 192.168.115.8:50487 -> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/683 bytes -> 0 pkts/0 bytes][Host: msg.71.am][PLAIN TEXT (GET /core)]
- 63 TCP 192.168.115.8:50489 <-> 119.188.13.188:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/253 bytes <-> 1 pkts/430 bytes][Host: pdata.video.qiyi.com][PLAIN TEXT (GET /k HTTP/1.1)]
- 64 TCP 192.168.115.8:50772 <-> 123.125.111.70:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/399 bytes <-> 1 pkts/275 bytes][Host: nl.rcd.iqiyi.com][PLAIN TEXT (GET /apis/urc/setrc)]
- 65 TCP 192.168.115.8:50775 <-> 123.125.111.70:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/399 bytes <-> 1 pkts/275 bytes][Host: nl.rcd.iqiyi.com][PLAIN TEXT (GET /apis/urc/setrc)]
- 66 TCP 192.168.115.8:50470 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/424 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com][PLAIN TEXT (GET /b)]
- 67 TCP 192.168.115.8:50508 <-> 223.26.106.19:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/198 bytes <-> 1 pkts/420 bytes][Host: static.qiyi.com][PLAIN TEXT (GET /ext/common/qisu2/Q)]
- 68 TCP 192.168.115.8:50483 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/417 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /core)]
- 69 TCP 192.168.115.8:50776 <-> 111.206.22.77:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/394 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com][PLAIN TEXT (GET /b)]
- 70 UDP 192.168.115.8:22793 -> 1.169.136.116:17951 [proto: 91/TLS][cat: Web/5][4 pkts/512 bytes -> 0 pkts/0 bytes][PLAIN TEXT (444444)]
- 71 UDP 192.168.115.8:22793 -> 114.41.144.153:10492 [proto: 91/TLS][cat: Web/5][4 pkts/512 bytes -> 0 pkts/0 bytes][PLAIN TEXT (444444)]
- 72 TCP 192.168.115.8:50765 <-> 36.110.220.15:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/264 bytes <-> 1 pkts/199 bytes][Host: msg.video.qiyi.com][PLAIN TEXT (GET /tmpstats.gif)]
- 73 TCP 202.108.14.219:80 -> 192.168.115.8:50295 [proto: 7/HTTP][cat: Web/5][2 pkts/398 bytes -> 0 pkts/0 bytes][PLAIN TEXT (HTTP/1.1 200 OK)]
- 74 UDP 192.168.5.48:63930 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/358 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
- 75 TCP 117.79.81.135:80 -> 192.168.115.8:50443 [proto: 7/HTTP][cat: Web/5][1 pkts/347 bytes -> 0 pkts/0 bytes][PLAIN TEXT (HTTP/1.1 302 Found)]
- 76 TCP 192.168.115.8:50781 -> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/303 bytes -> 0 pkts/0 bytes][Host: preimage1.qiyipic.com][PLAIN TEXT (GET /preimage/20160506/f0/1)]
- 77 UDP 192.168.115.8:22793 -> 218.61.39.103:17788 [proto: 91/TLS][cat: Web/5][2 pkts/300 bytes -> 0 pkts/0 bytes]
- 78 UDP 192.168.115.8:22793 -> 119.188.133.182:17788 [proto: 91/TLS][cat: Web/5][2 pkts/260 bytes -> 0 pkts/0 bytes]
- 79 UDP 192.168.115.8:22793 -> 183.61.167.104:17788 [proto: 91/TLS][cat: Web/5][2 pkts/260 bytes -> 0 pkts/0 bytes]
- 80 UDP 192.168.115.8:22793 -> 218.61.39.87:17788 [proto: 91/TLS][cat: Web/5][2 pkts/260 bytes -> 0 pkts/0 bytes]
- 81 UDP 183.228.182.44:13913 <-> 192.168.115.8:22793 [proto: 91/TLS][cat: Web/5][1 pkts/87 bytes <-> 2 pkts/170 bytes][PLAIN TEXT (wsssss)]
- 82 TCP 202.108.14.219:80 -> 192.168.115.8:50506 [proto: 7/HTTP][cat: Web/5][1 pkts/199 bytes -> 0 pkts/0 bytes][PLAIN TEXT (HTTP/1.1 200 OK)]
- 83 UDP 192.168.115.8:22793 -> 183.61.167.82:17788 [proto: 91/TLS][cat: Web/5][2 pkts/188 bytes -> 0 pkts/0 bytes]
- 84 UDP 192.168.115.8:22793 -> 220.130.154.23:35941 [proto: 91/TLS][cat: Web/5][2 pkts/174 bytes -> 0 pkts/0 bytes]
- 85 UDP 192.168.5.63:60976 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/165 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
- 86 UDP 192.168.115.8:22793 -> 111.249.53.196:32443 [proto: 91/TLS][cat: Web/5][2 pkts/158 bytes -> 0 pkts/0 bytes][PLAIN TEXT (222222266)]
- 87 UDP 192.168.115.8:22793 -> 1.175.128.104:5185 [proto: 91/TLS][cat: Web/5][2 pkts/132 bytes -> 0 pkts/0 bytes]
- 88 UDP 192.168.115.8:22793 -> 36.233.39.81:18590 [proto: 91/TLS][cat: Web/5][2 pkts/132 bytes -> 0 pkts/0 bytes]
- 89 UDP 192.168.115.8:22793 -> 36.237.154.69:4316 [proto: 91/TLS][cat: Web/5][2 pkts/132 bytes -> 0 pkts/0 bytes]
- 90 UDP 192.168.115.8:22793 -> 61.223.204.67:11102 [proto: 91/TLS][cat: Web/5][2 pkts/132 bytes -> 0 pkts/0 bytes]
- 91 UDP 192.168.115.8:22793 -> 61.227.170.88:20227 [proto: 91/TLS][cat: Web/5][2 pkts/132 bytes -> 0 pkts/0 bytes]
- 92 UDP 192.168.115.8:22793 -> 111.117.101.81:10162 [proto: 91/TLS][cat: Web/5][2 pkts/132 bytes -> 0 pkts/0 bytes]
- 93 UDP 192.168.115.8:22793 -> 111.250.102.66:1107 [proto: 91/TLS][cat: Web/5][2 pkts/132 bytes -> 0 pkts/0 bytes]
- 94 UDP 192.168.115.8:22793 -> 114.37.142.173:1074 [proto: 91/TLS][cat: Web/5][2 pkts/132 bytes -> 0 pkts/0 bytes]
- 95 UDP 192.168.115.8:22793 -> 114.47.91.129:22576 [proto: 91/TLS][cat: Web/5][2 pkts/132 bytes -> 0 pkts/0 bytes]
- 96 UDP 192.168.115.8:22793 -> 115.157.62.243:29006 [proto: 91/TLS][cat: Web/5][2 pkts/132 bytes -> 0 pkts/0 bytes]
- 97 UDP 192.168.115.8:22793 -> 121.248.133.93:12757 [proto: 91/TLS][cat: Web/5][2 pkts/132 bytes -> 0 pkts/0 bytes]
- 98 UDP 192.168.115.8:22793 -> 202.112.31.89:29072 [proto: 91/TLS][cat: Web/5][2 pkts/132 bytes -> 0 pkts/0 bytes]
- 99 UDP 192.168.115.8:22793 -> 210.44.171.1:29702 [proto: 91/TLS][cat: Web/5][2 pkts/132 bytes -> 0 pkts/0 bytes]
- 100 UDP 192.168.115.8:22793 -> 210.44.232.243:21044 [proto: 91/TLS][cat: Web/5][2 pkts/132 bytes -> 0 pkts/0 bytes]
- 101 UDP 192.168.115.8:22793 -> 210.47.12.19:33738 [proto: 91/TLS][cat: Web/5][2 pkts/132 bytes -> 0 pkts/0 bytes]
- 102 UDP 192.168.115.8:22793 -> 210.47.12.20:33738 [proto: 91/TLS][cat: Web/5][2 pkts/132 bytes -> 0 pkts/0 bytes]
- 103 UDP 192.168.115.8:22793 -> 222.26.74.190:1037 [proto: 91/TLS][cat: Web/5][2 pkts/132 bytes -> 0 pkts/0 bytes]
- 104 UDP 192.168.115.8:22793 -> 222.26.193.119:7133 [proto: 91/TLS][cat: Web/5][2 pkts/132 bytes -> 0 pkts/0 bytes]
- 105 UDP 192.168.5.63:39383 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/130 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
- 106 TCP 192.168.115.8:50462 -> 202.108.14.236:80 [proto: 7/HTTP][cat: Web/5][2 pkts/108 bytes -> 0 pkts/0 bytes]
- 107 TCP 192.168.5.15:65125 -> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][1 pkts/66 bytes -> 0 pkts/0 bytes]
+ 4 TCP 192.168.115.8:50491 <-> 223.26.106.66:80 [proto: 7.7/HTTP][cat: Web/5][1 pkts/426 bytes <-> 26 pkts/33872 bytes][Host: 223.26.106.66][PLAIN TEXT (GET /videos/v)]
+ 5 TCP 192.168.115.8:50486 <-> 77.234.40.96:80 [proto: 7/HTTP][cat: Web/5][11 pkts/11023 bytes <-> 12 pkts/14869 bytes][Host: bcu.ff.avast.com][PLAIN TEXT (POST /bc2 HTTP/1.1)]
+ 6 UDP 192.168.5.38:1900 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][18 pkts/9327 bytes -> 0 pkts/0 bytes][PLAIN TEXT (NOTIFY )]
+ 7 TCP 192.168.115.8:50476 <-> 101.227.32.39:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/656 bytes <-> 4 pkts/3897 bytes][Host: cache.video.iqiyi.com][PLAIN TEXT (GET /vi/500494600/562)]
+ 8 TCP 192.168.115.8:50495 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][3 pkts/2844 bytes <-> 3 pkts/597 bytes][Host: msg.71.am][PLAIN TEXT (GET /cp)]
+ 9 TCP 77.234.41.35:80 <-> 192.168.115.8:49174 [proto: 7/HTTP][cat: Web/5][4 pkts/2953 bytes <-> 1 pkts/356 bytes][PLAIN TEXT (HTTP/1.1 200 OK)]
+ 10 TCP 192.168.115.8:50767 <-> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][4 pkts/800 bytes <-> 4 pkts/2112 bytes][Host: static.qiyi.com][PLAIN TEXT (GET /ext/common/qisu2/masauto.i)]
+ 11 TCP 192.168.115.8:50488 <-> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/311 bytes <-> 2 pkts/2035 bytes][Host: meta.video.qiyi.com][PLAIN TEXT (GET /20160625/a)]
+ 12 TCP 192.168.115.8:50471 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][2 pkts/1898 bytes <-> 2 pkts/398 bytes][Host: msg.71.am][PLAIN TEXT (GET /cp)]
+ 13 TCP 192.168.115.8:50501 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][2 pkts/1893 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /cp)]
+ 14 TCP 192.168.115.8:50463 <-> 101.227.200.11:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][2 pkts/1555 bytes <-> 1 pkts/306 bytes][Host: api.cupid.iqiyi.com][PLAIN TEXT (GET /track2)]
+ 15 TCP 192.168.115.8:50496 <-> 101.227.200.11:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][2 pkts/1555 bytes <-> 1 pkts/306 bytes][Host: api.cupid.iqiyi.com][PLAIN TEXT (GET /track2)]
+ 16 TCP 192.168.115.8:50779 <-> 111.206.22.77:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][2 pkts/1438 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com][PLAIN TEXT (GET /b)]
+ 17 UDP 192.168.5.38:58897 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1575 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
+ 18 UDP 192.168.115.1:50945 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][9 pkts/1539 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
+ 19 TCP 192.168.115.8:50464 <-> 123.125.112.49:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/707 bytes <-> 1 pkts/744 bytes][Host: click.hm.baidu.com][PLAIN TEXT (GET /clk)]
+ 20 TCP 192.168.115.8:50492 <-> 111.206.13.3:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/389 bytes <-> 2 pkts/1034 bytes][Host: pdata.video.qiyi.com][PLAIN TEXT (GET /2efc)]
+ 21 TCP 192.168.115.8:50777 <-> 111.206.22.77:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/1186 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com][PLAIN TEXT (GET /b)]
+ 22 TCP 192.168.115.8:50494 <-> 223.26.106.66:80 [proto: 7/HTTP][cat: Web/5][2 pkts/887 bytes <-> 1 pkts/443 bytes][Host: 223.26.106.66][PLAIN TEXT (GET /videos/v)]
+ 23 TCP 192.168.115.8:50497 <-> 123.125.112.49:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/1004 bytes <-> 2 pkts/301 bytes][Host: click.hm.baidu.com][PLAIN TEXT (GET /mkt.gif)]
+ 24 TCP 192.168.115.8:50499 <-> 111.206.22.76:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/1097 bytes <-> 1 pkts/199 bytes][Host: msg.iqiyi.com][PLAIN TEXT (GET /b)]
+ 25 TCP 192.168.115.8:50474 <-> 202.108.14.221:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/1100 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com][PLAIN TEXT (GET /b)]
+ 26 TCP 192.168.115.8:50507 <-> 223.26.106.19:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/212 bytes <-> 1 pkts/1063 bytes][Host: static.qiyi.com][PLAIN TEXT (GET /ext/common/qisu2/downloadh)]
+ 27 TCP 192.168.115.8:50485 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/947 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /cp)]
+ 28 TCP 192.168.115.8:50502 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/947 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /cp)]
+ 29 TCP 192.168.115.8:50493 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/946 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /cp)]
+ 30 TCP 192.168.115.8:50771 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/946 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /cp)]
+ 31 TCP 192.168.115.8:50473 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/944 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /core)]
+ 32 TCP 192.168.115.8:50475 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/941 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /cp)]
+ 33 TCP 192.168.115.8:50500 <-> 23.41.133.163:80 [proto: 7/HTTP][cat: Web/5][1 pkts/289 bytes <-> 1 pkts/839 bytes][Host: s1.symcb.com][PLAIN TEXT (GET /pca3)]
+ 34 TCP 192.168.115.8:50773 <-> 202.108.14.221:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/919 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /core)]
+ 35 TCP 192.168.115.8:50466 <-> 203.66.182.24:80 [proto: 7.126/HTTP.Google][cat: Web/5][1 pkts/280 bytes <-> 1 pkts/813 bytes][Host: clients1.google.com][PLAIN TEXT (GET /ocsp/MEkwRzBFMEMwQ)]
+ 36 UDP 192.168.5.50:52529 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1074 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
+ 37 UDP 192.168.5.28:60023 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1050 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
+ 38 UDP 192.168.5.57:59648 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][6 pkts/1050 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
+ 39 TCP 192.168.115.8:50504 -> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/946 bytes -> 0 pkts/0 bytes][Host: msg.71.am][PLAIN TEXT (GET /cp)]
+ 40 TCP 192.168.115.8:50769 <-> 101.227.200.11:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/604 bytes <-> 1 pkts/291 bytes][Host: api.cupid.iqiyi.com][PLAIN TEXT (GET /ccs HTTP/1.1)]
+ 41 TCP 192.168.115.8:50498 <-> 36.110.220.15:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/694 bytes <-> 1 pkts/199 bytes][Host: msg.video.qiyi.com][PLAIN TEXT (GET /tmpstats.gif)]
+ 42 TCP 192.168.115.8:50503 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/683 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /core)]
+ 43 UDP 192.168.5.41:50374 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][5 pkts/875 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
+ 44 TCP 192.168.115.8:50490 <-> 119.188.13.188:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/357 bytes <-> 1 pkts/479 bytes][Host: pdata.video.qiyi.com][PLAIN TEXT (GET /2efc)]
+ 45 TCP 192.168.115.8:50467 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/629 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /core)]
+ 46 TCP 192.168.115.8:50484 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/622 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /core)]
+ 47 TCP 192.168.115.8:50477 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/614 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /core)]
+ 48 TCP 192.168.115.8:50774 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/587 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /core)]
+ 49 TCP 192.168.115.8:50469 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/573 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /core)]
+ 50 TCP 192.168.115.8:50482 <-> 140.205.243.64:80 [proto: 7/HTTP][cat: Web/5][1 pkts/444 bytes <-> 1 pkts/283 bytes][Host: cmc.tanx.com][PLAIN TEXT (GET /andc)]
+ 51 TCP 192.168.115.8:50768 <-> 223.26.106.19:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/198 bytes <-> 1 pkts/526 bytes][Host: static.qiyi.com][PLAIN TEXT (GET /ext/common/qisu2/masblog.i)]
+ 52 TCP 192.168.5.15:65128 <-> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][1 pkts/331 bytes <-> 1 pkts/390 bytes][Host: api.magicansoft.com][PLAIN TEXT (GET /comMagicanApi/composite/ap)]
+ 53 TCP 192.168.115.8:50509 <-> 106.38.219.107:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/163 bytes <-> 2 pkts/557 bytes][Host: iplocation.geo.qiyi.com][PLAIN TEXT (GET /cityjson HTTP/1.1)]
+ 54 TCP 192.168.5.15:65127 <-> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][1 pkts/323 bytes <-> 1 pkts/390 bytes][Host: api.magicansoft.com][PLAIN TEXT (GET /comMagicanApi/index.php/To)]
+ 55 TCP 192.168.115.8:50766 <-> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/198 bytes <-> 1 pkts/493 bytes][Host: static.qiyi.com][PLAIN TEXT (GET /ext/common/qisu2/masflag.i)]
+ 56 TCP 192.168.115.8:50487 -> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/683 bytes -> 0 pkts/0 bytes][Host: msg.71.am][PLAIN TEXT (GET /core)]
+ 57 TCP 192.168.115.8:50489 <-> 119.188.13.188:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/253 bytes <-> 1 pkts/430 bytes][Host: pdata.video.qiyi.com][PLAIN TEXT (GET /k HTTP/1.1)]
+ 58 TCP 192.168.115.8:50772 <-> 123.125.111.70:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/399 bytes <-> 1 pkts/275 bytes][Host: nl.rcd.iqiyi.com][PLAIN TEXT (GET /apis/urc/setrc)]
+ 59 TCP 192.168.115.8:50775 <-> 123.125.111.70:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/399 bytes <-> 1 pkts/275 bytes][Host: nl.rcd.iqiyi.com][PLAIN TEXT (GET /apis/urc/setrc)]
+ 60 TCP 192.168.115.8:50470 <-> 202.108.14.236:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/424 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com][PLAIN TEXT (GET /b)]
+ 61 TCP 192.168.115.8:50508 <-> 223.26.106.19:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/198 bytes <-> 1 pkts/420 bytes][Host: static.qiyi.com][PLAIN TEXT (GET /ext/common/qisu2/Q)]
+ 62 TCP 192.168.115.8:50483 <-> 202.108.14.219:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/417 bytes <-> 1 pkts/199 bytes][Host: msg.71.am][PLAIN TEXT (GET /core)]
+ 63 TCP 192.168.115.8:50776 <-> 111.206.22.77:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/394 bytes <-> 1 pkts/194 bytes][Host: msg.iqiyi.com][PLAIN TEXT (GET /b)]
+ 64 TCP 192.168.115.8:50765 <-> 36.110.220.15:80 [proto: 7.137/HTTP.GenericProtocol][cat: Media/1][1 pkts/264 bytes <-> 1 pkts/199 bytes][Host: msg.video.qiyi.com][PLAIN TEXT (GET /tmpstats.gif)]
+ 65 TCP 202.108.14.219:80 -> 192.168.115.8:50295 [proto: 7/HTTP][cat: Web/5][2 pkts/398 bytes -> 0 pkts/0 bytes][PLAIN TEXT (HTTP/1.1 200 OK)]
+ 66 UDP 192.168.5.48:63930 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/358 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
+ 67 TCP 117.79.81.135:80 -> 192.168.115.8:50443 [proto: 7/HTTP][cat: Web/5][1 pkts/347 bytes -> 0 pkts/0 bytes][PLAIN TEXT (HTTP/1.1 302 Found)]
+ 68 TCP 192.168.115.8:50781 -> 223.26.106.20:80 [proto: 7.137/HTTP.GenericProtocol][cat: Streaming/17][1 pkts/303 bytes -> 0 pkts/0 bytes][Host: preimage1.qiyipic.com][PLAIN TEXT (GET /preimage/20160506/f0/1)]
+ 69 TCP 202.108.14.219:80 -> 192.168.115.8:50506 [proto: 7/HTTP][cat: Web/5][1 pkts/199 bytes -> 0 pkts/0 bytes][PLAIN TEXT (HTTP/1.1 200 OK)]
+ 70 UDP 192.168.5.63:60976 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/165 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
+ 71 UDP 192.168.5.63:39383 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][1 pkts/130 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
+ 72 TCP 192.168.115.8:50462 -> 202.108.14.236:80 [proto: 7/HTTP][cat: Web/5][2 pkts/108 bytes -> 0 pkts/0 bytes]
+ 73 TCP 192.168.5.15:65125 -> 68.233.253.133:80 [proto: 7/HTTP][cat: Web/5][1 pkts/66 bytes -> 0 pkts/0 bytes]
+
+
+Undetected flows:
+ 1 UDP 1.173.5.226:22636 <-> 192.168.115.8:22793 [proto: 0/Unknown][130 pkts/143912 bytes <-> 270 pkts/21334 bytes][PLAIN TEXT (lllllllh)]
+ 2 UDP 192.168.115.8:22793 <-> 114.42.0.158:7716 [proto: 0/Unknown][229 pkts/18091 bytes <-> 109 pkts/120663 bytes][PLAIN TEXT (66666662)]
+ 3 UDP 118.171.15.56:5544 <-> 192.168.115.8:22793 [proto: 0/Unknown][30 pkts/33210 bytes <-> 71 pkts/5609 bytes][PLAIN TEXT (YYYYYYY)]
+ 4 UDP 192.168.115.8:22793 <-> 219.228.107.156:1250 [proto: 0/Unknown][34 pkts/2686 bytes <-> 11 pkts/12177 bytes][PLAIN TEXT (CCCCCCC)]
+ 5 UDP 192.168.115.8:22793 <-> 222.197.138.12:6956 [proto: 0/Unknown][30 pkts/2370 bytes <-> 10 pkts/10042 bytes][PLAIN TEXT (hhhhhhhl)]
+ 6 UDP 192.168.115.8:22793 <-> 202.198.7.89:16039 [proto: 0/Unknown][2 pkts/158 bytes <-> 3 pkts/3323 bytes][PLAIN TEXT (bTTTUQX)]
+ 7 UDP 192.168.115.8:22793 -> 1.169.136.116:17951 [proto: 0/Unknown][4 pkts/512 bytes -> 0 pkts/0 bytes][PLAIN TEXT (444444)]
+ 8 UDP 192.168.115.8:22793 -> 114.41.144.153:10492 [proto: 0/Unknown][4 pkts/512 bytes -> 0 pkts/0 bytes][PLAIN TEXT (444444)]
+ 9 UDP 192.168.115.8:22793 -> 218.61.39.103:17788 [proto: 0/Unknown][2 pkts/300 bytes -> 0 pkts/0 bytes]
+ 10 UDP 192.168.115.8:22793 -> 119.188.133.182:17788 [proto: 0/Unknown][2 pkts/260 bytes -> 0 pkts/0 bytes]
+ 11 UDP 192.168.115.8:22793 -> 183.61.167.104:17788 [proto: 0/Unknown][2 pkts/260 bytes -> 0 pkts/0 bytes]
+ 12 UDP 192.168.115.8:22793 -> 218.61.39.87:17788 [proto: 0/Unknown][2 pkts/260 bytes -> 0 pkts/0 bytes]
+ 13 UDP 183.228.182.44:13913 <-> 192.168.115.8:22793 [proto: 0/Unknown][1 pkts/87 bytes <-> 2 pkts/170 bytes][PLAIN TEXT (wsssss)]
+ 14 UDP 192.168.115.8:22793 -> 183.61.167.82:17788 [proto: 0/Unknown][2 pkts/188 bytes -> 0 pkts/0 bytes]
+ 15 UDP 192.168.115.8:22793 -> 220.130.154.23:35941 [proto: 0/Unknown][2 pkts/174 bytes -> 0 pkts/0 bytes]
+ 16 UDP 192.168.115.8:22793 -> 111.249.53.196:32443 [proto: 0/Unknown][2 pkts/158 bytes -> 0 pkts/0 bytes][PLAIN TEXT (222222266)]
+ 17 UDP 192.168.115.8:22793 -> 1.175.128.104:5185 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes]
+ 18 UDP 192.168.115.8:22793 -> 36.233.39.81:18590 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes]
+ 19 UDP 192.168.115.8:22793 -> 36.237.154.69:4316 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes]
+ 20 UDP 192.168.115.8:22793 -> 61.223.204.67:11102 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes]
+ 21 UDP 192.168.115.8:22793 -> 61.227.170.88:20227 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes]
+ 22 UDP 192.168.115.8:22793 -> 111.117.101.81:10162 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes]
+ 23 UDP 192.168.115.8:22793 -> 111.250.102.66:1107 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes]
+ 24 UDP 192.168.115.8:22793 -> 114.37.142.173:1074 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes]
+ 25 UDP 192.168.115.8:22793 -> 114.47.91.129:22576 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes]
+ 26 UDP 192.168.115.8:22793 -> 115.157.62.243:29006 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes]
+ 27 UDP 192.168.115.8:22793 -> 121.248.133.93:12757 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes]
+ 28 UDP 192.168.115.8:22793 -> 202.112.31.89:29072 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes]
+ 29 UDP 192.168.115.8:22793 -> 210.44.171.1:29702 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes]
+ 30 UDP 192.168.115.8:22793 -> 210.44.232.243:21044 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes]
+ 31 UDP 192.168.115.8:22793 -> 210.47.12.19:33738 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes]
+ 32 UDP 192.168.115.8:22793 -> 210.47.12.20:33738 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes]
+ 33 UDP 192.168.115.8:22793 -> 222.26.74.190:1037 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes]
+ 34 UDP 192.168.115.8:22793 -> 222.26.193.119:7133 [proto: 0/Unknown][2 pkts/132 bytes -> 0 pkts/0 bytes]
diff --git a/tests/result/quic.pcap.out b/tests/result/quic.pcap.out
index fc299d4fe..b700cc82e 100644
--- a/tests/result/quic.pcap.out
+++ b/tests/result/quic.pcap.out
@@ -1,15 +1,18 @@
-TLS 6 7072 1
+Unknown 6 7072 1
GMail 413 254874 1
YouTube 85 76193 5
Google 14 10427 3
1 UDP 192.168.1.109:57833 <-> 216.58.212.101:443 [proto: 188.122/QUIC.GMail][cat: Email/3][161 pkts/23930 bytes <-> 252 pkts/230944 bytes][Host: mail.google.com][PLAIN TEXT (mail.google.com)]
2 UDP 192.168.1.109:35236 <-> 216.58.210.206:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][25 pkts/5276 bytes <-> 44 pkts/53157 bytes][Host: www.youtube.com][PLAIN TEXT (www.youtube.com)]
- 3 UDP 10.0.0.4:40134 -> 10.0.0.3:6121 [proto: 91/TLS][cat: Web/5][6 pkts/7072 bytes -> 0 pkts/0 bytes]
- 4 UDP 192.168.1.105:34438 <-> 216.58.210.238:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][4 pkts/3682 bytes <-> 3 pkts/2863 bytes][Host: www.youtube.com][PLAIN TEXT (www.youtube.com)]
- 5 UDP 192.168.1.105:40030 <-> 216.58.201.227:443 [proto: 188.126/QUIC.Google][cat: Web/5][3 pkts/2866 bytes <-> 3 pkts/2863 bytes][Host: fonts.gstatic.com][PLAIN TEXT (fonts.gstatic.com)]
- 6 UDP 192.168.1.105:55934 <-> 216.58.201.238:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][2 pkts/2784 bytes <-> 2 pkts/2784 bytes][Host: s.ytimg.com][PLAIN TEXT (s.ytimg.com)]
- 7 UDP 192.168.1.105:45669 <-> 172.217.16.4:443 [proto: 188.126/QUIC.Google][cat: Web/5][3 pkts/1550 bytes <-> 2 pkts/2784 bytes][Host: www.google.com][PLAIN TEXT (www.google.comO)]
- 8 UDP 192.168.1.105:48445 <-> 216.58.214.110:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][2 pkts/1471 bytes <-> 1 pkts/1392 bytes][Host: i.ytimg.com][PLAIN TEXT (i.ytimg.com)]
- 9 UDP 192.168.1.105:53817 <-> 216.58.210.225:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][1 pkts/1392 bytes <-> 1 pkts/1392 bytes][Host: yt3.ggpht.com][PLAIN TEXT (yt3.ggpht.com)]
- 10 UDP 192.168.1.105:40461 <-> 172.217.16.3:443 [proto: 188.126/QUIC.Google][cat: Web/5][2 pkts/241 bytes <-> 1 pkts/123 bytes]
+ 3 UDP 192.168.1.105:34438 <-> 216.58.210.238:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][4 pkts/3682 bytes <-> 3 pkts/2863 bytes][Host: www.youtube.com][PLAIN TEXT (www.youtube.com)]
+ 4 UDP 192.168.1.105:40030 <-> 216.58.201.227:443 [proto: 188.126/QUIC.Google][cat: Web/5][3 pkts/2866 bytes <-> 3 pkts/2863 bytes][Host: fonts.gstatic.com][PLAIN TEXT (fonts.gstatic.com)]
+ 5 UDP 192.168.1.105:55934 <-> 216.58.201.238:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][2 pkts/2784 bytes <-> 2 pkts/2784 bytes][Host: s.ytimg.com][PLAIN TEXT (s.ytimg.com)]
+ 6 UDP 192.168.1.105:45669 <-> 172.217.16.4:443 [proto: 188.126/QUIC.Google][cat: Web/5][3 pkts/1550 bytes <-> 2 pkts/2784 bytes][Host: www.google.com][PLAIN TEXT (www.google.comO)]
+ 7 UDP 192.168.1.105:48445 <-> 216.58.214.110:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][2 pkts/1471 bytes <-> 1 pkts/1392 bytes][Host: i.ytimg.com][PLAIN TEXT (i.ytimg.com)]
+ 8 UDP 192.168.1.105:53817 <-> 216.58.210.225:443 [proto: 188.124/QUIC.YouTube][cat: Media/1][1 pkts/1392 bytes <-> 1 pkts/1392 bytes][Host: yt3.ggpht.com][PLAIN TEXT (yt3.ggpht.com)]
+ 9 UDP 192.168.1.105:40461 <-> 172.217.16.3:443 [proto: 188.126/QUIC.Google][cat: Web/5][2 pkts/241 bytes <-> 1 pkts/123 bytes]
+
+
+Undetected flows:
+ 1 UDP 10.0.0.4:40134 -> 10.0.0.3:6121 [proto: 0/Unknown][6 pkts/7072 bytes -> 0 pkts/0 bytes]
diff --git a/tests/result/skype.pcap.out b/tests/result/skype.pcap.out
index 530661ee7..1541c0928 100644
--- a/tests/result/skype.pcap.out
+++ b/tests/result/skype.pcap.out
@@ -1,4 +1,4 @@
-Unknown 167 20481 9
+Unknown 175 20913 11
DNS 2 267 1
MDNS 8 1736 2
NTP 2 180 1
@@ -6,7 +6,7 @@ SSDP 101 38156 6
SkypeCall 730 71378 170
ICMP 8 656 1
IGMP 5 258 4
-TLS 104 9308 9
+TLS 96 8876 7
Dropbox 38 17948 5
Skype 1409 253031 79
Apple 3 168 1
@@ -112,37 +112,37 @@ JA3 Host Stats:
90 UDP 192.168.1.92:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][4 pkts/828 bytes -> 0 pkts/0 bytes][PLAIN TEXT (afpovertc)]
91 TCP 192.168.1.34:50125 <-> 91.190.218.125:12350 [proto: 125/Skype][cat: VoIP/10][6 pkts/417 bytes <-> 4 pkts/352 bytes]
92 ICMP 192.168.1.1:0 -> 192.168.1.34:0 [proto: 81/ICMP][cat: Network/14][8 pkts/656 bytes -> 0 pkts/0 bytes]
- 93 UDP 192.168.1.34:55159 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][7 pkts/651 bytes -> 0 pkts/0 bytes][Host: a.config.skype.trafficmanager.net][PLAIN TEXT (config)]
- 94 UDP 192.168.1.34:63108 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][7 pkts/651 bytes -> 0 pkts/0 bytes][Host: a.config.skype.trafficmanager.net][PLAIN TEXT (config)]
- 95 UDP 192.168.1.34:49903 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][9 pkts/648 bytes -> 0 pkts/0 bytes][Host: ui.skype.com]
- 96 UDP 192.168.1.34:52850 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][8 pkts/648 bytes -> 0 pkts/0 bytes][Host: conn.skype.akadns.net][PLAIN TEXT (akadns)]
- 97 UDP 192.168.1.34:55711 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][8 pkts/648 bytes -> 0 pkts/0 bytes][Host: conn.skype.akadns.net][PLAIN TEXT (akadns)]
- 98 UDP 192.168.1.34:49360 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][PLAIN TEXT (skypedata)]
- 99 UDP 192.168.1.34:54343 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst13.r.skype.net]
- 100 UDP 192.168.1.34:57726 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][PLAIN TEXT (skypedata)]
- 101 UDP 192.168.1.34:58368 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst13.r.skype.net]
- 102 UDP 192.168.1.34:58458 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][PLAIN TEXT (skypedata)]
- 103 UDP 192.168.1.34:60288 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][PLAIN TEXT (skypedata)]
- 104 UDP 192.168.1.34:63421 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][PLAIN TEXT (skypedata)]
- 105 UDP 192.168.1.34:65037 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][PLAIN TEXT (skypedata)]
- 106 UDP 192.168.1.34:49990 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst6.r.skype.net]
- 107 UDP 192.168.1.34:52742 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst5.r.skype.net]
- 108 UDP 192.168.1.34:56387 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst5.r.skype.net]
- 109 UDP 192.168.1.34:57288 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst6.r.skype.net]
+ 93 UDP 192.168.1.34:55159 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/651 bytes -> 0 pkts/0 bytes][Host: a.config.skype.trafficmanager.net][PLAIN TEXT (config)]
+ 94 UDP 192.168.1.34:63108 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/651 bytes -> 0 pkts/0 bytes][Host: a.config.skype.trafficmanager.net][PLAIN TEXT (config)]
+ 95 UDP 192.168.1.34:49903 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][9 pkts/648 bytes -> 0 pkts/0 bytes][Host: ui.skype.com]
+ 96 UDP 192.168.1.34:52850 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][8 pkts/648 bytes -> 0 pkts/0 bytes][Host: conn.skype.akadns.net][PLAIN TEXT (akadns)]
+ 97 UDP 192.168.1.34:55711 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][8 pkts/648 bytes -> 0 pkts/0 bytes][Host: conn.skype.akadns.net][PLAIN TEXT (akadns)]
+ 98 UDP 192.168.1.34:49360 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][PLAIN TEXT (skypedata)]
+ 99 UDP 192.168.1.34:54343 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst13.r.skype.net]
+ 100 UDP 192.168.1.34:57726 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][PLAIN TEXT (skypedata)]
+ 101 UDP 192.168.1.34:58368 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst13.r.skype.net]
+ 102 UDP 192.168.1.34:58458 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][PLAIN TEXT (skypedata)]
+ 103 UDP 192.168.1.34:60288 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][PLAIN TEXT (skypedata)]
+ 104 UDP 192.168.1.34:63421 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][PLAIN TEXT (skypedata)]
+ 105 UDP 192.168.1.34:65037 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][PLAIN TEXT (skypedata)]
+ 106 UDP 192.168.1.34:49990 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst6.r.skype.net]
+ 107 UDP 192.168.1.34:52742 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst5.r.skype.net]
+ 108 UDP 192.168.1.34:56387 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst5.r.skype.net]
+ 109 UDP 192.168.1.34:57288 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst6.r.skype.net]
110 TCP 192.168.1.34:50146 -> 157.56.53.51:443 [proto: 91/TLS][cat: Web/5][8 pkts/608 bytes -> 0 pkts/0 bytes]
111 TCP 192.168.1.34:50129 <-> 91.190.218.125:12350 [proto: 125/Skype][cat: VoIP/10][6 pkts/353 bytes <-> 4 pkts/246 bytes]
- 112 UDP 192.168.1.34:49163 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com][PLAIN TEXT (config)]
- 113 UDP 192.168.1.34:51802 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com][PLAIN TEXT (config)]
- 114 UDP 192.168.1.34:52714 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com][PLAIN TEXT (config)]
- 115 UDP 192.168.1.34:57406 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com][PLAIN TEXT (config)]
- 116 UDP 192.168.1.34:49793 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][7 pkts/532 bytes -> 0 pkts/0 bytes][Host: dsn4.d.skype.net]
- 117 UDP 192.168.1.34:65045 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][7 pkts/532 bytes -> 0 pkts/0 bytes][Host: dsn4.d.skype.net]
- 118 UDP 192.168.1.34:54396 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][7 pkts/511 bytes -> 0 pkts/0 bytes][Host: api.skype.com]
- 119 UDP 192.168.1.34:65426 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][7 pkts/511 bytes -> 0 pkts/0 bytes][Host: api.skype.com]
+ 112 UDP 192.168.1.34:49163 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com][PLAIN TEXT (config)]
+ 113 UDP 192.168.1.34:51802 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com][PLAIN TEXT (config)]
+ 114 UDP 192.168.1.34:52714 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com][PLAIN TEXT (config)]
+ 115 UDP 192.168.1.34:57406 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com][PLAIN TEXT (config)]
+ 116 UDP 192.168.1.34:49793 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/532 bytes -> 0 pkts/0 bytes][Host: dsn4.d.skype.net]
+ 117 UDP 192.168.1.34:65045 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/532 bytes -> 0 pkts/0 bytes][Host: dsn4.d.skype.net]
+ 118 UDP 192.168.1.34:54396 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/511 bytes -> 0 pkts/0 bytes][Host: api.skype.com]
+ 119 UDP 192.168.1.34:65426 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/511 bytes -> 0 pkts/0 bytes][Host: api.skype.com]
120 TCP 192.168.1.34:50109 <-> 91.190.216.125:12350 [proto: 125/Skype][cat: VoIP/10][3 pkts/297 bytes <-> 3 pkts/186 bytes]
121 UDP 192.168.1.92:57621 -> 192.168.1.255:57621 [proto: 156/Spotify][cat: Music/25][5 pkts/430 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SpotUdp)]
122 TCP 192.168.1.34:50110 <-> 91.190.216.125:12350 [proto: 125/Skype][cat: VoIP/10][3 pkts/191 bytes <-> 3 pkts/186 bytes]
- 123 UDP 192.168.1.34:55893 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][5 pkts/360 bytes -> 0 pkts/0 bytes][Host: ui.skype.com]
+ 123 UDP 192.168.1.34:55893 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][5 pkts/360 bytes -> 0 pkts/0 bytes][Host: ui.skype.com]
124 UDP 192.168.1.34:49485 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
125 UDP 192.168.1.34:51066 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
126 UDP 192.168.1.34:56886 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][2 pkts/349 bytes -> 0 pkts/0 bytes][PLAIN TEXT (SEARCH )]
@@ -151,159 +151,157 @@ JA3 Host Stats:
129 UDP 192.168.1.34:13021 -> 176.26.55.167:63773 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes]
130 UDP 192.168.1.34:58681 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/101 bytes <-> 1 pkts/166 bytes][Host: db3msgr5011709.gateway.messenger.live.com][PLAIN TEXT (MSGR5011709)]
131 UDP 192.168.1.34:62454 <-> 192.168.1.1:53 [proto: 5.143/DNS.AppleiCloud][cat: Web/5][1 pkts/101 bytes <-> 1 pkts/133 bytes][Host: p05-keyvalueservice.icloud.com.akadns.net][PLAIN TEXT (valueservice)]
- 132 UDP 192.168.1.34:49511 -> 192.168.1.1:5351 [proto: 91/TLS][cat: Web/5][4 pkts/216 bytes -> 0 pkts/0 bytes]
- 133 UDP 192.168.1.34:54067 -> 192.168.1.1:5351 [proto: 91/TLS][cat: Web/5][4 pkts/216 bytes -> 0 pkts/0 bytes]
- 134 UDP 192.168.1.34:123 <-> 17.253.48.245:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes <-> 1 pkts/90 bytes]
- 135 UDP 192.168.1.34:51879 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net][PLAIN TEXT (akamaiedge)]
- 136 UDP 192.168.1.34:63321 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net][PLAIN TEXT (akamaiedge)]
- 137 UDP 192.168.1.34:64085 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e7768.b.akamaiedge.net][PLAIN TEXT (akamaiedge)]
- 138 TCP 192.168.1.34:50024 <-> 17.172.100.36:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/60 bytes]
- 139 IGMP 192.168.0.254:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][2 pkts/92 bytes -> 0 pkts/0 bytes]
- 140 UDP 192.168.1.34:13021 -> 64.4.23.145:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
- 141 UDP 192.168.1.34:13021 -> 65.55.223.26:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
- 142 UDP 192.168.1.34:13021 -> 65.55.223.33:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
- 143 UDP 192.168.1.34:13021 -> 157.55.56.168:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
- 144 UDP 192.168.1.34:13021 -> 157.55.130.146:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
- 145 UDP 192.168.1.34:13021 -> 157.55.130.154:40005 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
- 146 UDP 192.168.1.34:13021 -> 157.55.235.147:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
- 147 UDP 192.168.1.34:13021 -> 157.55.235.152:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
- 148 UDP 192.168.1.34:13021 -> 213.199.179.155:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
- 149 UDP 192.168.1.34:13021 -> 111.221.74.28:40014 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
- 150 UDP 192.168.1.34:13021 -> 111.221.77.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
- 151 UDP 192.168.1.34:13021 -> 111.221.77.155:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
- 152 UDP 192.168.1.34:13021 -> 111.221.77.159:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
- 153 UDP 192.168.1.34:13021 -> 111.221.77.172:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
- 154 UDP 192.168.1.34:13021 -> 157.55.130.156:40034 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
- 155 UDP 192.168.1.34:13021 -> 157.55.235.161:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
- 156 UDP 192.168.1.34:13021 -> 157.55.235.176:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
- 157 UDP 192.168.1.34:13021 -> 157.56.52.27:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
- 158 UDP 192.168.1.34:13021 -> 157.56.52.28:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
- 159 UDP 192.168.1.34:13021 -> 64.4.23.143:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
- 160 UDP 192.168.1.34:13021 -> 64.4.23.155:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
- 161 UDP 192.168.1.34:13021 -> 65.55.223.29:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
- 162 UDP 192.168.1.34:13021 -> 111.221.74.15:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
- 163 UDP 192.168.1.34:13021 -> 111.221.77.145:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
- 164 UDP 192.168.1.34:13021 -> 111.221.77.166:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
- 165 UDP 192.168.1.34:13021 -> 157.55.56.142:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
- 166 UDP 192.168.1.34:13021 -> 157.55.56.151:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
- 167 UDP 192.168.1.34:13021 -> 157.55.56.175:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
- 168 UDP 192.168.1.34:13021 -> 157.55.130.143:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
- 169 UDP 192.168.1.34:13021 -> 157.55.235.155:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
- 170 UDP 192.168.1.34:13021 -> 157.56.52.17:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
- 171 UDP 192.168.1.34:13021 -> 64.4.23.166:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
- 172 UDP 192.168.1.34:13021 -> 65.55.223.25:40028 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
- 173 UDP 192.168.1.34:13021 -> 65.55.223.43:40002 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
- 174 UDP 192.168.1.34:13021 -> 111.221.74.43:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
- 175 UDP 192.168.1.34:13021 -> 111.221.77.151:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
- 176 UDP 192.168.1.34:13021 -> 157.55.56.162:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
- 177 UDP 192.168.1.34:13021 -> 157.55.130.147:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
- 178 UDP 192.168.1.34:13021 -> 157.55.235.175:40008 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
- 179 UDP 192.168.1.34:13021 -> 213.199.179.150:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
- 180 UDP 192.168.1.34:13021 -> 111.221.74.12:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes]
- 181 UDP 192.168.1.34:13021 -> 111.221.74.48:40008 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes]
- 182 UDP 192.168.1.34:13021 -> 111.221.77.165:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes]
- 183 UDP 192.168.1.34:13021 -> 213.199.179.141:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes]
- 184 UDP 192.168.1.34:13021 -> 213.199.179.143:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes]
- 185 UDP 192.168.1.34:13021 -> 213.199.179.154:40034 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes]
- 186 UDP 192.168.1.34:13021 -> 65.55.223.28:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes]
- 187 UDP 192.168.1.34:13021 -> 111.221.74.40:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes]
- 188 UDP 192.168.1.34:13021 -> 157.55.130.175:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes]
- 189 UDP 192.168.1.34:13021 -> 157.56.52.26:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes]
- 190 UDP 192.168.1.34:13021 -> 213.199.179.165:40007 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes]
- 191 UDP 192.168.1.34:13021 -> 64.4.23.141:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes]
- 192 UDP 192.168.1.34:13021 -> 111.221.74.29:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes]
- 193 UDP 192.168.1.34:13021 -> 111.221.74.31:40021 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes]
- 194 UDP 192.168.1.34:13021 -> 111.221.77.176:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes]
- 195 UDP 192.168.1.34:13021 -> 157.55.235.153:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes]
- 196 UDP 192.168.1.34:13021 -> 213.199.179.168:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes]
- 197 UDP 192.168.1.34:13021 -> 64.4.23.151:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
- 198 UDP 192.168.1.34:13021 -> 64.4.23.165:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
- 199 UDP 192.168.1.34:13021 -> 111.221.77.142:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
- 200 UDP 192.168.1.34:13021 -> 157.55.130.151:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
- 201 UDP 192.168.1.34:13021 -> 64.4.23.168:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
- 202 UDP 192.168.1.34:13021 -> 65.55.223.21:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
- 203 UDP 192.168.1.34:13021 -> 65.55.223.45:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
- 204 UDP 192.168.1.34:13021 -> 111.221.74.44:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
- 205 UDP 192.168.1.34:13021 -> 111.221.74.46:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
- 206 UDP 192.168.1.34:13021 -> 111.221.77.153:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
- 207 UDP 192.168.1.34:13021 -> 157.55.56.148:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
- 208 UDP 192.168.1.34:13021 -> 157.55.235.157:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
- 209 UDP 192.168.1.34:13021 -> 157.55.235.172:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
- 210 UDP 192.168.1.34:13021 -> 157.56.52.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
- 211 UDP 192.168.1.34:13021 -> 213.199.179.170:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
- 212 UDP 192.168.1.34:13021 -> 64.4.23.150:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
- 213 UDP 192.168.1.34:13021 -> 64.4.23.159:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
- 214 UDP 192.168.1.34:13021 -> 65.55.223.17:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
- 215 UDP 192.168.1.34:13021 -> 111.221.74.17:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
- 216 UDP 192.168.1.34:13021 -> 111.221.74.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
- 217 UDP 192.168.1.34:13021 -> 111.221.74.32:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
- 218 UDP 192.168.1.34:13021 -> 111.221.74.42:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
- 219 UDP 192.168.1.34:13021 -> 157.55.56.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
- 220 UDP 192.168.1.34:13021 -> 157.55.56.161:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
- 221 UDP 192.168.1.34:13021 -> 157.55.130.155:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
- 222 UDP 192.168.1.34:13021 -> 157.55.130.165:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
- 223 UDP 192.168.1.34:13021 -> 157.55.235.142:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
- 224 UDP 192.168.1.34:13021 -> 157.56.52.33:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
- 225 UDP 192.168.1.34:13021 -> 213.199.179.162:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
- 226 UDP 192.168.1.34:13021 -> 64.4.23.148:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
- 227 UDP 192.168.1.34:13021 -> 65.55.223.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
- 228 UDP 192.168.1.34:13021 -> 65.55.223.41:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
- 229 UDP 192.168.1.34:13021 -> 111.221.77.148:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
- 230 UDP 192.168.1.34:13021 -> 157.55.130.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
- 231 UDP 192.168.1.34:13021 -> 157.55.235.143:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
- 232 UDP 192.168.1.34:13021 -> 157.55.235.160:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
- 233 UDP 192.168.1.34:13021 -> 157.55.235.166:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
- 234 UDP 192.168.1.34:13021 -> 157.56.52.37:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
- 235 UDP 192.168.1.34:13021 -> 64.4.23.140:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
- 236 UDP 192.168.1.34:13021 -> 64.4.23.170:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
- 237 UDP 192.168.1.34:13021 -> 111.221.74.19:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
- 238 UDP 192.168.1.34:13021 -> 111.221.77.160:40028 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
- 239 UDP 192.168.1.34:13021 -> 111.221.77.168:40007 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
- 240 UDP 192.168.1.34:13021 -> 157.55.56.145:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
- 241 UDP 192.168.1.34:13021 -> 157.55.56.165:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
- 242 UDP 192.168.1.34:13021 -> 157.55.235.145:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
- 243 UDP 192.168.1.34:13021 -> 157.56.52.15:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
- 244 UDP 192.168.1.34:13021 -> 65.55.223.24:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
- 245 UDP 192.168.1.34:13021 -> 111.221.74.16:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
- 246 UDP 192.168.1.34:13021 -> 111.221.77.141:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
- 247 UDP 192.168.1.34:13021 -> 111.221.77.149:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
- 248 UDP 192.168.1.34:13021 -> 111.221.77.154:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
- 249 UDP 192.168.1.34:13021 -> 157.55.130.157:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
- 250 UDP 192.168.1.34:13021 -> 157.55.130.160:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
- 251 UDP 192.168.1.34:13021 -> 157.55.130.172:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
- 252 UDP 192.168.1.34:13021 -> 157.56.52.45:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
- 253 UDP 192.168.1.34:13021 -> 213.199.179.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
- 254 UDP 192.168.1.34:13021 -> 213.199.179.146:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
- 255 UDP 192.168.1.34:13021 -> 64.4.23.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
- 256 UDP 192.168.1.34:13021 -> 64.4.23.173:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
- 257 UDP 192.168.1.34:13021 -> 65.55.223.15:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
- 258 UDP 192.168.1.34:13021 -> 65.55.223.38:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
- 259 UDP 192.168.1.34:13021 -> 65.55.223.44:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
- 260 UDP 192.168.1.34:13021 -> 111.221.74.25:40028 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
- 261 UDP 192.168.1.34:13021 -> 111.221.77.143:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
- 262 UDP 192.168.1.34:13021 -> 157.55.130.144:40034 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
- 263 UDP 192.168.1.34:13021 -> 157.55.235.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
- 264 UDP 192.168.1.34:13021 -> 213.199.179.145:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
- 265 UDP 192.168.1.34:13021 -> 65.55.223.20:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
- 266 UDP 192.168.1.34:13021 -> 111.221.74.24:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
- 267 UDP 192.168.1.34:13021 -> 111.221.77.140:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
- 268 UDP 192.168.1.34:13021 -> 157.55.56.166:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
- 269 UDP 192.168.1.34:13021 -> 157.55.130.148:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
- 270 UDP 192.168.1.34:13021 -> 157.55.235.158:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
- 271 UDP 192.168.1.34:13021 -> 157.55.235.159:40021 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
- 272 UDP 192.168.1.34:13021 -> 157.55.235.173:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
- 273 UDP 192.168.1.34:13021 -> 157.56.52.21:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
- 274 UDP 192.168.1.34:13021 -> 157.56.52.24:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
- 275 UDP 192.168.1.34:13021 -> 157.56.52.47:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
- 276 UDP 192.168.1.34:13021 -> 213.199.179.152:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
- 277 IGMP 192.168.1.1:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes]
- 278 IGMP 192.168.1.92:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes]
- 279 UDP 192.168.1.34:13021 -> 65.55.223.39:443 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes]
- 280 UDP 192.168.1.34:13021 -> 71.62.0.85:33647 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes]
- 281 UDP 192.168.1.34:13021 -> 106.188.249.186:15120 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes]
- 282 UDP 192.168.1.34:13021 -> 157.55.130.145:443 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes]
- 283 UDP 192.168.1.34:13021 -> 176.97.100.249:26635 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes]
- 284 IGMP 192.168.1.34:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][1 pkts/46 bytes -> 0 pkts/0 bytes]
+ 132 UDP 192.168.1.34:123 <-> 17.253.48.245:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes <-> 1 pkts/90 bytes]
+ 133 UDP 192.168.1.34:51879 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net][PLAIN TEXT (akamaiedge)]
+ 134 UDP 192.168.1.34:63321 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net][PLAIN TEXT (akamaiedge)]
+ 135 UDP 192.168.1.34:64085 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e7768.b.akamaiedge.net][PLAIN TEXT (akamaiedge)]
+ 136 TCP 192.168.1.34:50024 <-> 17.172.100.36:443 [proto: 91.140/TLS.Apple][cat: Web/5][2 pkts/108 bytes <-> 1 pkts/60 bytes]
+ 137 IGMP 192.168.0.254:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][2 pkts/92 bytes -> 0 pkts/0 bytes]
+ 138 UDP 192.168.1.34:13021 -> 64.4.23.145:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
+ 139 UDP 192.168.1.34:13021 -> 65.55.223.26:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
+ 140 UDP 192.168.1.34:13021 -> 65.55.223.33:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
+ 141 UDP 192.168.1.34:13021 -> 157.55.56.168:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
+ 142 UDP 192.168.1.34:13021 -> 157.55.130.146:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
+ 143 UDP 192.168.1.34:13021 -> 157.55.130.154:40005 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
+ 144 UDP 192.168.1.34:13021 -> 157.55.235.147:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
+ 145 UDP 192.168.1.34:13021 -> 157.55.235.152:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
+ 146 UDP 192.168.1.34:13021 -> 213.199.179.155:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
+ 147 UDP 192.168.1.34:13021 -> 111.221.74.28:40014 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
+ 148 UDP 192.168.1.34:13021 -> 111.221.77.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
+ 149 UDP 192.168.1.34:13021 -> 111.221.77.155:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
+ 150 UDP 192.168.1.34:13021 -> 111.221.77.159:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
+ 151 UDP 192.168.1.34:13021 -> 111.221.77.172:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
+ 152 UDP 192.168.1.34:13021 -> 157.55.130.156:40034 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
+ 153 UDP 192.168.1.34:13021 -> 157.55.235.161:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
+ 154 UDP 192.168.1.34:13021 -> 157.55.235.176:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
+ 155 UDP 192.168.1.34:13021 -> 157.56.52.27:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
+ 156 UDP 192.168.1.34:13021 -> 157.56.52.28:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
+ 157 UDP 192.168.1.34:13021 -> 64.4.23.143:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
+ 158 UDP 192.168.1.34:13021 -> 64.4.23.155:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
+ 159 UDP 192.168.1.34:13021 -> 65.55.223.29:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
+ 160 UDP 192.168.1.34:13021 -> 111.221.74.15:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
+ 161 UDP 192.168.1.34:13021 -> 111.221.77.145:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
+ 162 UDP 192.168.1.34:13021 -> 111.221.77.166:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
+ 163 UDP 192.168.1.34:13021 -> 157.55.56.142:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
+ 164 UDP 192.168.1.34:13021 -> 157.55.56.151:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
+ 165 UDP 192.168.1.34:13021 -> 157.55.56.175:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
+ 166 UDP 192.168.1.34:13021 -> 157.55.130.143:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
+ 167 UDP 192.168.1.34:13021 -> 157.55.235.155:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
+ 168 UDP 192.168.1.34:13021 -> 157.56.52.17:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
+ 169 UDP 192.168.1.34:13021 -> 64.4.23.166:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
+ 170 UDP 192.168.1.34:13021 -> 65.55.223.25:40028 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
+ 171 UDP 192.168.1.34:13021 -> 65.55.223.43:40002 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
+ 172 UDP 192.168.1.34:13021 -> 111.221.74.43:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
+ 173 UDP 192.168.1.34:13021 -> 111.221.77.151:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
+ 174 UDP 192.168.1.34:13021 -> 157.55.56.162:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
+ 175 UDP 192.168.1.34:13021 -> 157.55.130.147:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
+ 176 UDP 192.168.1.34:13021 -> 157.55.235.175:40008 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
+ 177 UDP 192.168.1.34:13021 -> 213.199.179.150:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
+ 178 UDP 192.168.1.34:13021 -> 111.221.74.12:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes]
+ 179 UDP 192.168.1.34:13021 -> 111.221.74.48:40008 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes]
+ 180 UDP 192.168.1.34:13021 -> 111.221.77.165:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes]
+ 181 UDP 192.168.1.34:13021 -> 213.199.179.141:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes]
+ 182 UDP 192.168.1.34:13021 -> 213.199.179.143:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes]
+ 183 UDP 192.168.1.34:13021 -> 213.199.179.154:40034 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes]
+ 184 UDP 192.168.1.34:13021 -> 65.55.223.28:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes]
+ 185 UDP 192.168.1.34:13021 -> 111.221.74.40:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes]
+ 186 UDP 192.168.1.34:13021 -> 157.55.130.175:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes]
+ 187 UDP 192.168.1.34:13021 -> 157.56.52.26:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes]
+ 188 UDP 192.168.1.34:13021 -> 213.199.179.165:40007 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes]
+ 189 UDP 192.168.1.34:13021 -> 64.4.23.141:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes]
+ 190 UDP 192.168.1.34:13021 -> 111.221.74.29:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes]
+ 191 UDP 192.168.1.34:13021 -> 111.221.74.31:40021 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes]
+ 192 UDP 192.168.1.34:13021 -> 111.221.77.176:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes]
+ 193 UDP 192.168.1.34:13021 -> 157.55.235.153:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes]
+ 194 UDP 192.168.1.34:13021 -> 213.199.179.168:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes]
+ 195 UDP 192.168.1.34:13021 -> 64.4.23.151:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
+ 196 UDP 192.168.1.34:13021 -> 64.4.23.165:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
+ 197 UDP 192.168.1.34:13021 -> 111.221.77.142:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
+ 198 UDP 192.168.1.34:13021 -> 157.55.130.151:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
+ 199 UDP 192.168.1.34:13021 -> 64.4.23.168:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
+ 200 UDP 192.168.1.34:13021 -> 65.55.223.21:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
+ 201 UDP 192.168.1.34:13021 -> 65.55.223.45:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
+ 202 UDP 192.168.1.34:13021 -> 111.221.74.44:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
+ 203 UDP 192.168.1.34:13021 -> 111.221.74.46:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
+ 204 UDP 192.168.1.34:13021 -> 111.221.77.153:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
+ 205 UDP 192.168.1.34:13021 -> 157.55.56.148:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
+ 206 UDP 192.168.1.34:13021 -> 157.55.235.157:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
+ 207 UDP 192.168.1.34:13021 -> 157.55.235.172:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
+ 208 UDP 192.168.1.34:13021 -> 157.56.52.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
+ 209 UDP 192.168.1.34:13021 -> 213.199.179.170:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
+ 210 UDP 192.168.1.34:13021 -> 64.4.23.150:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
+ 211 UDP 192.168.1.34:13021 -> 64.4.23.159:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
+ 212 UDP 192.168.1.34:13021 -> 65.55.223.17:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
+ 213 UDP 192.168.1.34:13021 -> 111.221.74.17:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
+ 214 UDP 192.168.1.34:13021 -> 111.221.74.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
+ 215 UDP 192.168.1.34:13021 -> 111.221.74.32:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
+ 216 UDP 192.168.1.34:13021 -> 111.221.74.42:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
+ 217 UDP 192.168.1.34:13021 -> 157.55.56.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
+ 218 UDP 192.168.1.34:13021 -> 157.55.56.161:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
+ 219 UDP 192.168.1.34:13021 -> 157.55.130.155:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
+ 220 UDP 192.168.1.34:13021 -> 157.55.130.165:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
+ 221 UDP 192.168.1.34:13021 -> 157.55.235.142:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
+ 222 UDP 192.168.1.34:13021 -> 157.56.52.33:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
+ 223 UDP 192.168.1.34:13021 -> 213.199.179.162:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
+ 224 UDP 192.168.1.34:13021 -> 64.4.23.148:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
+ 225 UDP 192.168.1.34:13021 -> 65.55.223.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
+ 226 UDP 192.168.1.34:13021 -> 65.55.223.41:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
+ 227 UDP 192.168.1.34:13021 -> 111.221.77.148:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
+ 228 UDP 192.168.1.34:13021 -> 157.55.130.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
+ 229 UDP 192.168.1.34:13021 -> 157.55.235.143:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
+ 230 UDP 192.168.1.34:13021 -> 157.55.235.160:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
+ 231 UDP 192.168.1.34:13021 -> 157.55.235.166:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
+ 232 UDP 192.168.1.34:13021 -> 157.56.52.37:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
+ 233 UDP 192.168.1.34:13021 -> 64.4.23.140:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
+ 234 UDP 192.168.1.34:13021 -> 64.4.23.170:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
+ 235 UDP 192.168.1.34:13021 -> 111.221.74.19:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
+ 236 UDP 192.168.1.34:13021 -> 111.221.77.160:40028 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
+ 237 UDP 192.168.1.34:13021 -> 111.221.77.168:40007 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
+ 238 UDP 192.168.1.34:13021 -> 157.55.56.145:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
+ 239 UDP 192.168.1.34:13021 -> 157.55.56.165:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
+ 240 UDP 192.168.1.34:13021 -> 157.55.235.145:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
+ 241 UDP 192.168.1.34:13021 -> 157.56.52.15:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
+ 242 UDP 192.168.1.34:13021 -> 65.55.223.24:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
+ 243 UDP 192.168.1.34:13021 -> 111.221.74.16:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
+ 244 UDP 192.168.1.34:13021 -> 111.221.77.141:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
+ 245 UDP 192.168.1.34:13021 -> 111.221.77.149:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
+ 246 UDP 192.168.1.34:13021 -> 111.221.77.154:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
+ 247 UDP 192.168.1.34:13021 -> 157.55.130.157:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
+ 248 UDP 192.168.1.34:13021 -> 157.55.130.160:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
+ 249 UDP 192.168.1.34:13021 -> 157.55.130.172:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
+ 250 UDP 192.168.1.34:13021 -> 157.56.52.45:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
+ 251 UDP 192.168.1.34:13021 -> 213.199.179.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
+ 252 UDP 192.168.1.34:13021 -> 213.199.179.146:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
+ 253 UDP 192.168.1.34:13021 -> 64.4.23.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
+ 254 UDP 192.168.1.34:13021 -> 64.4.23.173:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
+ 255 UDP 192.168.1.34:13021 -> 65.55.223.15:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
+ 256 UDP 192.168.1.34:13021 -> 65.55.223.38:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
+ 257 UDP 192.168.1.34:13021 -> 65.55.223.44:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
+ 258 UDP 192.168.1.34:13021 -> 111.221.74.25:40028 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
+ 259 UDP 192.168.1.34:13021 -> 111.221.77.143:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
+ 260 UDP 192.168.1.34:13021 -> 157.55.130.144:40034 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
+ 261 UDP 192.168.1.34:13021 -> 157.55.235.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
+ 262 UDP 192.168.1.34:13021 -> 213.199.179.145:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
+ 263 UDP 192.168.1.34:13021 -> 65.55.223.20:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
+ 264 UDP 192.168.1.34:13021 -> 111.221.74.24:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
+ 265 UDP 192.168.1.34:13021 -> 111.221.77.140:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
+ 266 UDP 192.168.1.34:13021 -> 157.55.56.166:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
+ 267 UDP 192.168.1.34:13021 -> 157.55.130.148:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
+ 268 UDP 192.168.1.34:13021 -> 157.55.235.158:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
+ 269 UDP 192.168.1.34:13021 -> 157.55.235.159:40021 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
+ 270 UDP 192.168.1.34:13021 -> 157.55.235.173:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
+ 271 UDP 192.168.1.34:13021 -> 157.56.52.21:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
+ 272 UDP 192.168.1.34:13021 -> 157.56.52.24:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
+ 273 UDP 192.168.1.34:13021 -> 157.56.52.47:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
+ 274 UDP 192.168.1.34:13021 -> 213.199.179.152:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
+ 275 IGMP 192.168.1.1:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes]
+ 276 IGMP 192.168.1.92:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes]
+ 277 UDP 192.168.1.34:13021 -> 65.55.223.39:443 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes]
+ 278 UDP 192.168.1.34:13021 -> 71.62.0.85:33647 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes]
+ 279 UDP 192.168.1.34:13021 -> 106.188.249.186:15120 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes]
+ 280 UDP 192.168.1.34:13021 -> 157.55.130.145:443 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes]
+ 281 UDP 192.168.1.34:13021 -> 176.97.100.249:26635 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes]
+ 282 IGMP 192.168.1.34:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][1 pkts/46 bytes -> 0 pkts/0 bytes]
Undetected flows:
@@ -315,4 +313,6 @@ Undetected flows:
6 TCP 192.168.1.34:50142 <-> 80.14.46.121:4415 [proto: 0/Unknown][12 pkts/985 bytes <-> 6 pkts/489 bytes]
7 TCP 192.168.1.34:50144 <-> 78.202.226.115:29059 [proto: 0/Unknown][10 pkts/797 bytes <-> 4 pkts/342 bytes]
8 TCP 192.168.1.34:50145 -> 157.56.53.51:12350 [proto: 0/Unknown][8 pkts/608 bytes -> 0 pkts/0 bytes]
- 9 TCP 192.168.1.34:50140 <-> 76.167.161.6:20274 [proto: 0/Unknown][2 pkts/132 bytes <-> 1 pkts/74 bytes]
+ 9 UDP 192.168.1.34:49511 -> 192.168.1.1:5351 [proto: 0/Unknown][4 pkts/216 bytes -> 0 pkts/0 bytes]
+ 10 UDP 192.168.1.34:54067 -> 192.168.1.1:5351 [proto: 0/Unknown][4 pkts/216 bytes -> 0 pkts/0 bytes]
+ 11 TCP 192.168.1.34:50140 <-> 76.167.161.6:20274 [proto: 0/Unknown][2 pkts/132 bytes <-> 1 pkts/74 bytes]
diff --git a/tests/result/skype_no_unknown.pcap.out b/tests/result/skype_no_unknown.pcap.out
index 48cdad6ad..81fdd9577 100644
--- a/tests/result/skype_no_unknown.pcap.out
+++ b/tests/result/skype_no_unknown.pcap.out
@@ -1,4 +1,4 @@
-Unknown 182 61575 11
+Unknown 186 61791 12
DNS 2 267 1
MDNS 3 400 2
NetBIOS 22 3106 7
@@ -6,7 +6,7 @@ SSDP 40 14100 3
SkypeCall 454 39996 164
ICMP 4 328 1
IGMP 4 226 4
-TLS 83 7958 7
+TLS 79 7742 6
Dropbox 16 7342 5
Skype 837 150140 59
Apple 76 19581 1
@@ -83,26 +83,26 @@ JA3 Host Stats:
63 TCP 192.168.1.34:51318 <-> 212.161.8.36:13392 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][7 pkts/571 bytes <-> 3 pkts/286 bytes]
64 UDP 192.168.1.34:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][7 pkts/680 bytes -> 0 pkts/0 bytes][PLAIN TEXT (FPFPENFDECFCEPFHFDEFFPFPACAB)]
65 TCP 192.168.1.34:51299 <-> 91.190.216.125:12350 [proto: 125/Skype][cat: VoIP/10][6 pkts/353 bytes <-> 5 pkts/306 bytes]
- 66 UDP 192.168.1.34:58631 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][8 pkts/648 bytes -> 0 pkts/0 bytes][Host: conn.skype.akadns.net][PLAIN TEXT (akadns)]
- 67 UDP 192.168.1.34:60688 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][8 pkts/648 bytes -> 0 pkts/0 bytes][Host: conn.skype.akadns.net][PLAIN TEXT (akadns)]
- 68 UDP 192.168.1.34:50055 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][PLAIN TEXT (skypedata)]
- 69 UDP 192.168.1.34:51753 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][PLAIN TEXT (skypedata)]
- 70 UDP 192.168.1.34:53372 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst11.r.skype.net]
- 71 UDP 192.168.1.34:55866 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][PLAIN TEXT (skypedata)]
- 72 UDP 192.168.1.34:57592 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst11.r.skype.net]
- 73 UDP 192.168.1.34:61095 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][PLAIN TEXT (skypedata)]
- 74 UDP 192.168.1.34:60413 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst0.r.skype.net]
- 75 UDP 192.168.1.34:64364 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst0.r.skype.net]
+ 66 UDP 192.168.1.34:58631 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][8 pkts/648 bytes -> 0 pkts/0 bytes][Host: conn.skype.akadns.net][PLAIN TEXT (akadns)]
+ 67 UDP 192.168.1.34:60688 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][8 pkts/648 bytes -> 0 pkts/0 bytes][Host: conn.skype.akadns.net][PLAIN TEXT (akadns)]
+ 68 UDP 192.168.1.34:50055 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][PLAIN TEXT (skypedata)]
+ 69 UDP 192.168.1.34:51753 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][PLAIN TEXT (skypedata)]
+ 70 UDP 192.168.1.34:53372 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst11.r.skype.net]
+ 71 UDP 192.168.1.34:55866 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][PLAIN TEXT (skypedata)]
+ 72 UDP 192.168.1.34:57592 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst11.r.skype.net]
+ 73 UDP 192.168.1.34:61095 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/623 bytes -> 0 pkts/0 bytes][Host: pipe.prd.skypedata.akadns.net][PLAIN TEXT (skypedata)]
+ 74 UDP 192.168.1.34:60413 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst0.r.skype.net]
+ 75 UDP 192.168.1.34:64364 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/616 bytes -> 0 pkts/0 bytes][Host: 335.0.7.7.3.rst0.r.skype.net]
76 TCP 192.168.1.34:51302 <-> 91.190.216.125:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][6 pkts/353 bytes <-> 4 pkts/246 bytes]
- 77 UDP 192.168.1.34:63514 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][8 pkts/576 bytes -> 0 pkts/0 bytes][Host: ui.skype.com]
- 78 UDP 192.168.1.34:55028 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: a.config.skype.com][PLAIN TEXT (config)]
- 79 UDP 192.168.1.34:63342 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com][PLAIN TEXT (config)]
- 80 UDP 192.168.1.34:64258 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com][PLAIN TEXT (config)]
- 81 UDP 192.168.1.34:64971 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: a.config.skype.com][PLAIN TEXT (config)]
- 82 UDP 192.168.1.34:59113 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][7 pkts/539 bytes -> 0 pkts/0 bytes][Host: dsn13.d.skype.net]
- 83 UDP 192.168.1.34:62875 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][7 pkts/539 bytes -> 0 pkts/0 bytes][Host: dsn13.d.skype.net]
- 84 UDP 192.168.1.34:49864 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][7 pkts/511 bytes -> 0 pkts/0 bytes][Host: api.skype.com]
- 85 UDP 192.168.1.34:64240 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][7 pkts/511 bytes -> 0 pkts/0 bytes][Host: api.skype.com]
+ 77 UDP 192.168.1.34:63514 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][8 pkts/576 bytes -> 0 pkts/0 bytes][Host: ui.skype.com]
+ 78 UDP 192.168.1.34:55028 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: a.config.skype.com][PLAIN TEXT (config)]
+ 79 UDP 192.168.1.34:63342 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com][PLAIN TEXT (config)]
+ 80 UDP 192.168.1.34:64258 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: b.config.skype.com][PLAIN TEXT (config)]
+ 81 UDP 192.168.1.34:64971 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/546 bytes -> 0 pkts/0 bytes][Host: a.config.skype.com][PLAIN TEXT (config)]
+ 82 UDP 192.168.1.34:59113 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/539 bytes -> 0 pkts/0 bytes][Host: dsn13.d.skype.net]
+ 83 UDP 192.168.1.34:62875 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/539 bytes -> 0 pkts/0 bytes][Host: dsn13.d.skype.net]
+ 84 UDP 192.168.1.34:49864 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/511 bytes -> 0 pkts/0 bytes][Host: api.skype.com]
+ 85 UDP 192.168.1.34:64240 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/511 bytes -> 0 pkts/0 bytes][Host: api.skype.com]
86 TCP 192.168.1.34:51296 <-> 91.190.216.125:12350 [proto: 125/Skype][cat: VoIP/10][3 pkts/293 bytes <-> 3 pkts/186 bytes]
87 TCP 192.168.1.34:51308 -> 80.121.84.93:443 [proto: 91/TLS][cat: Web/5][6 pkts/468 bytes -> 0 pkts/0 bytes]
88 UDP 192.168.1.1:138 -> 192.168.1.34:138 [proto: 10/NetBIOS][cat: System/18][2 pkts/452 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( EBEMEJEDEFEHEBFEEFCACACACACACA)]
@@ -117,163 +117,162 @@ JA3 Host Stats:
97 UDP 192.168.1.34:13021 -> 174.49.171.224:32011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes]
98 UDP 192.168.1.34:57694 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/101 bytes <-> 1 pkts/166 bytes][Host: db3msgr5011709.gateway.messenger.live.com][PLAIN TEXT (MSGR5011709)]
99 UDP [fe80::c62c:3ff:fe06:49fe]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][cat: Network/14][2 pkts/258 bytes -> 0 pkts/0 bytes]
- 100 UDP 192.168.1.34:59052 -> 192.168.1.1:5351 [proto: 91/TLS][cat: Web/5][4 pkts/216 bytes -> 0 pkts/0 bytes]
- 101 UDP 192.168.1.92:138 -> 192.168.1.255:138 [proto: 10/NetBIOS][cat: System/18][1 pkts/216 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( EMFFEDEBFDCNEJENEBEDCACACACACA)]
- 102 TCP 192.168.1.34:51283 <-> 111.221.74.48:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][2 pkts/132 bytes <-> 1 pkts/74 bytes]
- 103 UDP 192.168.1.34:59788 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net][PLAIN TEXT (akamaiedge)]
- 104 UDP 192.168.1.34:63661 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net][PLAIN TEXT (akamaiedge)]
- 105 UDP 192.168.1.92:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][1 pkts/142 bytes -> 0 pkts/0 bytes][Lucas-iMac.local]
- 106 UDP 192.168.1.92:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( FHEPFCELEHFCEPFFFACACACACACACA)]
- 107 UDP 192.168.1.92:53826 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( EMFFEDEBFDCNEJENEBEDCACACACACA)]
- 108 UDP 192.168.1.34:61016 -> 192.168.1.1:53 [proto: 91.125/TLS.Skype][cat: VoIP/10][1 pkts/80 bytes -> 0 pkts/0 bytes][Host: apps.skypeassets.com][PLAIN TEXT (skypeassets)]
- 109 UDP 192.168.1.34:13021 -> 64.4.23.148:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
- 110 UDP 192.168.1.34:13021 -> 64.4.23.171:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
- 111 UDP 192.168.1.34:13021 -> 65.55.223.27:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
- 112 UDP 192.168.1.34:13021 -> 111.221.74.40:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
- 113 UDP 192.168.1.34:13021 -> 111.221.77.151:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
- 114 UDP 192.168.1.34:13021 -> 111.221.77.173:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
- 115 UDP 192.168.1.34:13021 -> 157.55.56.147:40014 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
- 116 UDP 192.168.1.34:13021 -> 157.55.130.167:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
- 117 UDP 192.168.1.34:13021 -> 157.55.235.144:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
- 118 UDP 192.168.1.34:13021 -> 157.56.52.15:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
- 119 UDP 192.168.1.34:13021 -> 213.199.179.141:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
- 120 UDP 192.168.1.34:13021 -> 213.199.179.156:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
- 121 UDP 192.168.1.34:13021 -> 64.4.23.143:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
- 122 UDP 192.168.1.34:13021 -> 111.221.74.28:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
- 123 UDP 192.168.1.34:13021 -> 111.221.77.170:40021 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
- 124 UDP 192.168.1.34:13021 -> 157.56.52.39:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
- 125 UDP 192.168.1.34:13021 -> 157.56.52.43:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
- 126 UDP 192.168.1.34:13021 -> 213.199.179.143:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
- 127 UDP 192.168.1.34:13021 -> 213.199.179.154:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
- 128 UDP 192.168.1.34:13021 -> 213.199.179.165:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
- 129 UDP 192.168.1.34:13021 -> 65.55.223.15:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
- 130 UDP 192.168.1.34:13021 -> 65.55.223.24:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
- 131 UDP 192.168.1.34:13021 -> 65.55.223.32:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
- 132 UDP 192.168.1.34:13021 -> 65.55.223.43:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
- 133 UDP 192.168.1.34:13021 -> 111.221.74.20:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
- 134 UDP 192.168.1.34:13021 -> 111.221.77.154:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
- 135 UDP 192.168.1.34:13021 -> 157.55.130.149:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
- 136 UDP 192.168.1.34:13021 -> 157.55.235.168:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
- 137 UDP 192.168.1.34:13021 -> 157.56.52.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
- 138 UDP 192.168.1.34:13021 -> 157.56.52.20:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
- 139 UDP 192.168.1.34:13021 -> 213.199.179.160:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
- 140 UDP 192.168.1.34:13021 -> 64.4.23.158:40021 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
- 141 UDP 192.168.1.34:13021 -> 64.4.23.173:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
- 142 UDP 192.168.1.34:13021 -> 65.55.223.42:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
- 143 UDP 192.168.1.34:13021 -> 65.55.223.44:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
- 144 UDP 192.168.1.34:13021 -> 111.221.74.33:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
- 145 UDP 192.168.1.34:13021 -> 111.221.77.165:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
- 146 UDP 192.168.1.34:13021 -> 157.55.56.140:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
- 147 UDP 192.168.1.34:13021 -> 157.55.56.170:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
- 148 UDP 192.168.1.34:13021 -> 157.55.130.165:40028 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
- 149 UDP 192.168.1.34:13021 -> 157.55.130.170:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
- 150 UDP 192.168.1.34:13021 -> 157.55.235.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
- 151 UDP 192.168.1.34:13021 -> 157.56.52.25:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
- 152 UDP 192.168.1.34:13021 -> 213.199.179.172:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
- 153 UDP 192.168.1.34:13021 -> 64.4.23.165:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes]
- 154 UDP 192.168.1.34:13021 -> 111.221.77.149:40016 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes]
- 155 UDP 192.168.1.34:13021 -> 157.55.235.148:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes]
- 156 UDP 192.168.1.34:13021 -> 157.56.52.13:40021 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes]
- 157 UDP 192.168.1.34:13021 -> 157.56.52.38:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes]
- 158 UDP 192.168.1.34:13021 -> 157.56.52.42:40005 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes]
- 159 UDP 192.168.1.34:13021 -> 213.199.179.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes]
- 160 UDP 192.168.1.34:13021 -> 64.4.23.155:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes]
- 161 UDP 192.168.1.34:13021 -> 65.55.223.22:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes]
- 162 UDP 192.168.1.34:13021 -> 65.55.223.28:40014 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes]
- 163 UDP 192.168.1.34:13021 -> 65.55.223.33:40002 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes]
- 164 UDP 192.168.1.34:13021 -> 157.55.235.155:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes]
- 165 UDP 192.168.1.34:13021 -> 157.55.235.175:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes]
- 166 UDP 192.168.1.34:13021 -> 64.4.23.145:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes]
- 167 UDP 192.168.1.34:13021 -> 111.221.74.19:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes]
- 168 UDP 192.168.1.34:13021 -> 111.221.74.34:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes]
- 169 UDP 192.168.1.34:13021 -> 157.55.130.146:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes]
- 170 UDP 192.168.1.34:13021 -> 157.55.235.158:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes]
- 171 UDP 192.168.1.34:13021 -> 157.55.235.176:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes]
- 172 UDP 192.168.1.34:13021 -> 213.199.179.149:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes]
- 173 UDP 192.168.1.34:13021 -> 64.4.23.142:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
- 174 UDP 192.168.1.34:13021 -> 111.221.74.24:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
- 175 UDP 192.168.1.34:13021 -> 111.221.77.159:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
- 176 UDP 192.168.1.34:13021 -> 157.55.56.142:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
- 177 UDP 192.168.1.34:13021 -> 157.55.56.145:40008 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
- 178 UDP 192.168.1.34:13021 -> 157.55.130.140:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
- 179 UDP 192.168.1.34:13021 -> 157.55.130.148:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
- 180 UDP 192.168.1.34:13021 -> 157.55.130.152:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
- 181 UDP 192.168.1.34:13021 -> 157.55.130.173:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
- 182 UDP 192.168.1.34:13021 -> 157.55.235.174:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
- 183 UDP 192.168.1.34:13021 -> 157.56.52.27:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
- 184 UDP 192.168.1.34:13021 -> 213.199.179.173:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
- 185 UDP 192.168.1.34:13021 -> 64.4.23.149:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
- 186 UDP 192.168.1.34:13021 -> 65.55.223.13:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
- 187 UDP 192.168.1.34:13021 -> 111.221.74.15:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
- 188 UDP 192.168.1.34:13021 -> 157.55.56.146:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
- 189 UDP 192.168.1.34:13021 -> 157.55.130.150:40007 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
- 190 UDP 192.168.1.34:13021 -> 157.55.130.171:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
- 191 UDP 192.168.1.34:13021 -> 157.55.235.143:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
- 192 UDP 192.168.1.34:13021 -> 157.56.52.33:40002 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
- 193 UDP 192.168.1.34:13021 -> 213.199.179.174:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
- 194 UDP 192.168.1.34:13021 -> 64.4.23.154:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
- 195 UDP 192.168.1.34:13021 -> 65.55.223.16:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
- 196 UDP 192.168.1.34:13021 -> 65.55.223.17:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
- 197 UDP 192.168.1.34:13021 -> 65.55.223.65:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
- 198 UDP 192.168.1.34:13021 -> 111.221.74.27:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
- 199 UDP 192.168.1.34:13021 -> 111.221.74.44:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
- 200 UDP 192.168.1.34:13021 -> 111.221.77.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
- 201 UDP 192.168.1.34:13021 -> 111.221.77.160:40016 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
- 202 UDP 192.168.1.34:13021 -> 157.56.52.24:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
- 203 UDP 192.168.1.34:13021 -> 213.199.179.140:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
- 204 UDP 192.168.1.34:13021 -> 64.4.23.151:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
- 205 UDP 192.168.1.34:13021 -> 64.4.23.176:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
- 206 UDP 192.168.1.34:13021 -> 157.55.130.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
- 207 UDP 192.168.1.34:13021 -> 157.55.235.172:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
- 208 UDP 192.168.1.34:13021 -> 213.199.179.144:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
- 209 UDP 192.168.1.34:13021 -> 111.221.77.145:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
- 210 UDP 192.168.1.34:13021 -> 157.55.56.150:40014 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
- 211 UDP 192.168.1.34:13021 -> 157.55.130.175:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
- 212 UDP 192.168.1.34:13021 -> 157.55.235.160:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
- 213 UDP 192.168.1.34:13021 -> 157.56.52.19:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
- 214 UDP 192.168.1.34:13021 -> 213.199.179.146:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
- 215 UDP 192.168.1.34:13021 -> 64.4.23.140:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
- 216 UDP 192.168.1.34:13021 -> 65.55.223.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
- 217 UDP 192.168.1.34:13021 -> 65.55.223.18:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
- 218 UDP 192.168.1.34:13021 -> 111.221.74.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
- 219 UDP 192.168.1.34:13021 -> 111.221.74.42:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
- 220 UDP 192.168.1.34:13021 -> 111.221.74.43:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
- 221 UDP 192.168.1.34:13021 -> 111.221.74.46:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
- 222 UDP 192.168.1.34:13021 -> 111.221.77.143:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
- 223 UDP 192.168.1.34:13021 -> 157.55.56.161:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
- 224 UDP 192.168.1.34:13021 -> 157.55.56.167:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
- 225 UDP 192.168.1.34:13021 -> 157.55.130.144:40016 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
- 226 UDP 192.168.1.34:13021 -> 157.55.130.160:40008 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
- 227 UDP 192.168.1.34:13021 -> 157.55.235.166:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
- 228 UDP 192.168.1.34:13021 -> 157.56.52.12:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
- 229 UDP 192.168.1.34:13021 -> 157.56.52.29:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
- 230 UDP 192.168.1.34:13021 -> 64.4.23.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
- 231 UDP 192.168.1.34:13021 -> 64.4.23.170:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
- 232 UDP 192.168.1.34:13021 -> 65.55.223.20:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
- 233 UDP 192.168.1.34:13021 -> 157.55.56.143:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
- 234 UDP 192.168.1.34:13021 -> 157.55.130.154:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
- 235 UDP 192.168.1.34:13021 -> 157.55.235.162:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
- 236 UDP 192.168.1.34:13021 -> 157.55.235.171:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
- 237 UDP 192.168.1.34:13021 -> 157.56.52.16:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
- 238 UDP 192.168.1.34:13021 -> 157.56.52.17:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
- 239 UDP 192.168.1.34:13021 -> 111.221.74.13:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
- 240 UDP 192.168.1.34:13021 -> 111.221.74.38:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
- 241 UDP 192.168.1.34:13021 -> 111.221.77.171:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
- 242 UDP 192.168.1.34:13021 -> 157.55.130.156:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
- 243 UDP 192.168.1.34:13021 -> 157.55.130.157:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
- 244 UDP 192.168.1.34:13021 -> 157.55.130.159:40016 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
- 245 UDP 192.168.1.34:13021 -> 157.55.235.167:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
- 246 UDP 192.168.1.34:13021 -> 157.56.52.40:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
- 247 UDP 192.168.1.34:13021 -> 213.199.179.145:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
- 248 IGMP 192.168.1.219:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes]
- 249 IGMP 192.168.1.219:0 -> 233.89.188.1:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes]
- 250 IGMP 192.168.1.229:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes]
- 251 UDP 192.168.1.34:13021 -> 111.221.74.14:443 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes]
- 252 UDP 192.168.1.34:13021 -> 133.236.67.25:49195 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes]
- 253 UDP 192.168.1.34:13021 -> 157.55.235.141:443 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes]
- 254 UDP 192.168.1.34:13021 -> 189.138.161.88:19521 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes]
- 255 UDP 192.168.1.34:13021 -> 189.188.134.174:22436 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes]
- 256 IGMP 192.168.0.254:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][1 pkts/46 bytes -> 0 pkts/0 bytes]
+ 100 UDP 192.168.1.92:138 -> 192.168.1.255:138 [proto: 10/NetBIOS][cat: System/18][1 pkts/216 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( EMFFEDEBFDCNEJENEBEDCACACACACA)]
+ 101 TCP 192.168.1.34:51283 <-> 111.221.74.48:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][2 pkts/132 bytes <-> 1 pkts/74 bytes]
+ 102 UDP 192.168.1.34:59788 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net][PLAIN TEXT (akamaiedge)]
+ 103 UDP 192.168.1.34:63661 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Host: e4593.g.akamaiedge.net][PLAIN TEXT (akamaiedge)]
+ 104 UDP 192.168.1.92:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][cat: Network/14][1 pkts/142 bytes -> 0 pkts/0 bytes][Lucas-iMac.local]
+ 105 UDP 192.168.1.92:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( FHEPFCELEHFCEPFFFACACACACACACA)]
+ 106 UDP 192.168.1.92:53826 -> 192.168.1.255:137 [proto: 10/NetBIOS][cat: System/18][1 pkts/92 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( EMFFEDEBFDCNEJENEBEDCACACACACA)]
+ 107 UDP 192.168.1.34:61016 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][1 pkts/80 bytes -> 0 pkts/0 bytes][Host: apps.skypeassets.com][PLAIN TEXT (skypeassets)]
+ 108 UDP 192.168.1.34:13021 -> 64.4.23.148:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
+ 109 UDP 192.168.1.34:13021 -> 64.4.23.171:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
+ 110 UDP 192.168.1.34:13021 -> 65.55.223.27:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
+ 111 UDP 192.168.1.34:13021 -> 111.221.74.40:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
+ 112 UDP 192.168.1.34:13021 -> 111.221.77.151:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
+ 113 UDP 192.168.1.34:13021 -> 111.221.77.173:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
+ 114 UDP 192.168.1.34:13021 -> 157.55.56.147:40014 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
+ 115 UDP 192.168.1.34:13021 -> 157.55.130.167:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
+ 116 UDP 192.168.1.34:13021 -> 157.55.235.144:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
+ 117 UDP 192.168.1.34:13021 -> 157.56.52.15:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
+ 118 UDP 192.168.1.34:13021 -> 213.199.179.141:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
+ 119 UDP 192.168.1.34:13021 -> 213.199.179.156:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/79 bytes -> 0 pkts/0 bytes]
+ 120 UDP 192.168.1.34:13021 -> 64.4.23.143:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
+ 121 UDP 192.168.1.34:13021 -> 111.221.74.28:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
+ 122 UDP 192.168.1.34:13021 -> 111.221.77.170:40021 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
+ 123 UDP 192.168.1.34:13021 -> 157.56.52.39:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
+ 124 UDP 192.168.1.34:13021 -> 157.56.52.43:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
+ 125 UDP 192.168.1.34:13021 -> 213.199.179.143:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
+ 126 UDP 192.168.1.34:13021 -> 213.199.179.154:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
+ 127 UDP 192.168.1.34:13021 -> 213.199.179.165:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/78 bytes -> 0 pkts/0 bytes]
+ 128 UDP 192.168.1.34:13021 -> 65.55.223.15:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
+ 129 UDP 192.168.1.34:13021 -> 65.55.223.24:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
+ 130 UDP 192.168.1.34:13021 -> 65.55.223.32:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
+ 131 UDP 192.168.1.34:13021 -> 65.55.223.43:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
+ 132 UDP 192.168.1.34:13021 -> 111.221.74.20:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
+ 133 UDP 192.168.1.34:13021 -> 111.221.77.154:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
+ 134 UDP 192.168.1.34:13021 -> 157.55.130.149:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
+ 135 UDP 192.168.1.34:13021 -> 157.55.235.168:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
+ 136 UDP 192.168.1.34:13021 -> 157.56.52.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
+ 137 UDP 192.168.1.34:13021 -> 157.56.52.20:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
+ 138 UDP 192.168.1.34:13021 -> 213.199.179.160:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/77 bytes -> 0 pkts/0 bytes]
+ 139 UDP 192.168.1.34:13021 -> 64.4.23.158:40021 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
+ 140 UDP 192.168.1.34:13021 -> 64.4.23.173:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
+ 141 UDP 192.168.1.34:13021 -> 65.55.223.42:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
+ 142 UDP 192.168.1.34:13021 -> 65.55.223.44:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
+ 143 UDP 192.168.1.34:13021 -> 111.221.74.33:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
+ 144 UDP 192.168.1.34:13021 -> 111.221.77.165:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
+ 145 UDP 192.168.1.34:13021 -> 157.55.56.140:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
+ 146 UDP 192.168.1.34:13021 -> 157.55.56.170:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
+ 147 UDP 192.168.1.34:13021 -> 157.55.130.165:40028 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
+ 148 UDP 192.168.1.34:13021 -> 157.55.130.170:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
+ 149 UDP 192.168.1.34:13021 -> 157.55.235.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
+ 150 UDP 192.168.1.34:13021 -> 157.56.52.25:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
+ 151 UDP 192.168.1.34:13021 -> 213.199.179.172:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/76 bytes -> 0 pkts/0 bytes]
+ 152 UDP 192.168.1.34:13021 -> 64.4.23.165:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes]
+ 153 UDP 192.168.1.34:13021 -> 111.221.77.149:40016 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes]
+ 154 UDP 192.168.1.34:13021 -> 157.55.235.148:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes]
+ 155 UDP 192.168.1.34:13021 -> 157.56.52.13:40021 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes]
+ 156 UDP 192.168.1.34:13021 -> 157.56.52.38:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes]
+ 157 UDP 192.168.1.34:13021 -> 157.56.52.42:40005 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes]
+ 158 UDP 192.168.1.34:13021 -> 213.199.179.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/75 bytes -> 0 pkts/0 bytes]
+ 159 UDP 192.168.1.34:13021 -> 64.4.23.155:40004 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes]
+ 160 UDP 192.168.1.34:13021 -> 65.55.223.22:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes]
+ 161 UDP 192.168.1.34:13021 -> 65.55.223.28:40014 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes]
+ 162 UDP 192.168.1.34:13021 -> 65.55.223.33:40002 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes]
+ 163 UDP 192.168.1.34:13021 -> 157.55.235.155:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes]
+ 164 UDP 192.168.1.34:13021 -> 157.55.235.175:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/74 bytes -> 0 pkts/0 bytes]
+ 165 UDP 192.168.1.34:13021 -> 64.4.23.145:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes]
+ 166 UDP 192.168.1.34:13021 -> 111.221.74.19:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes]
+ 167 UDP 192.168.1.34:13021 -> 111.221.74.34:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes]
+ 168 UDP 192.168.1.34:13021 -> 157.55.130.146:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes]
+ 169 UDP 192.168.1.34:13021 -> 157.55.235.158:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes]
+ 170 UDP 192.168.1.34:13021 -> 157.55.235.176:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes]
+ 171 UDP 192.168.1.34:13021 -> 213.199.179.149:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/73 bytes -> 0 pkts/0 bytes]
+ 172 UDP 192.168.1.34:13021 -> 64.4.23.142:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
+ 173 UDP 192.168.1.34:13021 -> 111.221.74.24:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
+ 174 UDP 192.168.1.34:13021 -> 111.221.77.159:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
+ 175 UDP 192.168.1.34:13021 -> 157.55.56.142:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
+ 176 UDP 192.168.1.34:13021 -> 157.55.56.145:40008 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
+ 177 UDP 192.168.1.34:13021 -> 157.55.130.140:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
+ 178 UDP 192.168.1.34:13021 -> 157.55.130.148:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
+ 179 UDP 192.168.1.34:13021 -> 157.55.130.152:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
+ 180 UDP 192.168.1.34:13021 -> 157.55.130.173:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
+ 181 UDP 192.168.1.34:13021 -> 157.55.235.174:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
+ 182 UDP 192.168.1.34:13021 -> 157.56.52.27:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
+ 183 UDP 192.168.1.34:13021 -> 213.199.179.173:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/72 bytes -> 0 pkts/0 bytes]
+ 184 UDP 192.168.1.34:13021 -> 64.4.23.149:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
+ 185 UDP 192.168.1.34:13021 -> 65.55.223.13:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
+ 186 UDP 192.168.1.34:13021 -> 111.221.74.15:40026 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
+ 187 UDP 192.168.1.34:13021 -> 157.55.56.146:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
+ 188 UDP 192.168.1.34:13021 -> 157.55.130.150:40007 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
+ 189 UDP 192.168.1.34:13021 -> 157.55.130.171:40012 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
+ 190 UDP 192.168.1.34:13021 -> 157.55.235.143:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
+ 191 UDP 192.168.1.34:13021 -> 157.56.52.33:40002 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
+ 192 UDP 192.168.1.34:13021 -> 213.199.179.174:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/71 bytes -> 0 pkts/0 bytes]
+ 193 UDP 192.168.1.34:13021 -> 64.4.23.154:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
+ 194 UDP 192.168.1.34:13021 -> 65.55.223.16:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
+ 195 UDP 192.168.1.34:13021 -> 65.55.223.17:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
+ 196 UDP 192.168.1.34:13021 -> 65.55.223.65:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
+ 197 UDP 192.168.1.34:13021 -> 111.221.74.27:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
+ 198 UDP 192.168.1.34:13021 -> 111.221.74.44:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
+ 199 UDP 192.168.1.34:13021 -> 111.221.77.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
+ 200 UDP 192.168.1.34:13021 -> 111.221.77.160:40016 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
+ 201 UDP 192.168.1.34:13021 -> 157.56.52.24:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
+ 202 UDP 192.168.1.34:13021 -> 213.199.179.140:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/70 bytes -> 0 pkts/0 bytes]
+ 203 UDP 192.168.1.34:13021 -> 64.4.23.151:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
+ 204 UDP 192.168.1.34:13021 -> 64.4.23.176:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
+ 205 UDP 192.168.1.34:13021 -> 157.55.130.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
+ 206 UDP 192.168.1.34:13021 -> 157.55.235.172:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
+ 207 UDP 192.168.1.34:13021 -> 213.199.179.144:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/69 bytes -> 0 pkts/0 bytes]
+ 208 UDP 192.168.1.34:13021 -> 111.221.77.145:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
+ 209 UDP 192.168.1.34:13021 -> 157.55.56.150:40014 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
+ 210 UDP 192.168.1.34:13021 -> 157.55.130.175:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
+ 211 UDP 192.168.1.34:13021 -> 157.55.235.160:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
+ 212 UDP 192.168.1.34:13021 -> 157.56.52.19:40020 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
+ 213 UDP 192.168.1.34:13021 -> 213.199.179.146:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/68 bytes -> 0 pkts/0 bytes]
+ 214 UDP 192.168.1.34:13021 -> 64.4.23.140:40003 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
+ 215 UDP 192.168.1.34:13021 -> 65.55.223.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
+ 216 UDP 192.168.1.34:13021 -> 65.55.223.18:40025 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
+ 217 UDP 192.168.1.34:13021 -> 111.221.74.18:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
+ 218 UDP 192.168.1.34:13021 -> 111.221.74.42:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
+ 219 UDP 192.168.1.34:13021 -> 111.221.74.43:40001 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
+ 220 UDP 192.168.1.34:13021 -> 111.221.74.46:40027 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
+ 221 UDP 192.168.1.34:13021 -> 111.221.77.143:40022 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
+ 222 UDP 192.168.1.34:13021 -> 157.55.56.161:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
+ 223 UDP 192.168.1.34:13021 -> 157.55.56.167:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
+ 224 UDP 192.168.1.34:13021 -> 157.55.130.144:40016 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
+ 225 UDP 192.168.1.34:13021 -> 157.55.130.160:40008 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
+ 226 UDP 192.168.1.34:13021 -> 157.55.235.166:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
+ 227 UDP 192.168.1.34:13021 -> 157.56.52.12:40031 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
+ 228 UDP 192.168.1.34:13021 -> 157.56.52.29:40010 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/67 bytes -> 0 pkts/0 bytes]
+ 229 UDP 192.168.1.34:13021 -> 64.4.23.146:33033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
+ 230 UDP 192.168.1.34:13021 -> 64.4.23.170:40011 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
+ 231 UDP 192.168.1.34:13021 -> 65.55.223.20:40023 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
+ 232 UDP 192.168.1.34:13021 -> 157.55.56.143:40018 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
+ 233 UDP 192.168.1.34:13021 -> 157.55.130.154:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
+ 234 UDP 192.168.1.34:13021 -> 157.55.235.162:40033 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
+ 235 UDP 192.168.1.34:13021 -> 157.55.235.171:40006 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
+ 236 UDP 192.168.1.34:13021 -> 157.56.52.16:40032 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
+ 237 UDP 192.168.1.34:13021 -> 157.56.52.17:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/66 bytes -> 0 pkts/0 bytes]
+ 238 UDP 192.168.1.34:13021 -> 111.221.74.13:40009 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
+ 239 UDP 192.168.1.34:13021 -> 111.221.74.38:40015 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
+ 240 UDP 192.168.1.34:13021 -> 111.221.77.171:40030 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
+ 241 UDP 192.168.1.34:13021 -> 157.55.130.156:40019 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
+ 242 UDP 192.168.1.34:13021 -> 157.55.130.157:40013 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
+ 243 UDP 192.168.1.34:13021 -> 157.55.130.159:40016 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
+ 244 UDP 192.168.1.34:13021 -> 157.55.235.167:40029 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
+ 245 UDP 192.168.1.34:13021 -> 157.56.52.40:40017 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
+ 246 UDP 192.168.1.34:13021 -> 213.199.179.145:40024 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/64 bytes -> 0 pkts/0 bytes]
+ 247 IGMP 192.168.1.219:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes]
+ 248 IGMP 192.168.1.219:0 -> 233.89.188.1:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes]
+ 249 IGMP 192.168.1.229:0 -> 224.0.0.251:0 [proto: 82/IGMP][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes]
+ 250 UDP 192.168.1.34:13021 -> 111.221.74.14:443 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes]
+ 251 UDP 192.168.1.34:13021 -> 133.236.67.25:49195 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes]
+ 252 UDP 192.168.1.34:13021 -> 157.55.235.141:443 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes]
+ 253 UDP 192.168.1.34:13021 -> 189.138.161.88:19521 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes]
+ 254 UDP 192.168.1.34:13021 -> 189.188.134.174:22436 [proto: 125.38/Skype.SkypeCall][cat: VoIP/10][1 pkts/60 bytes -> 0 pkts/0 bytes]
+ 255 IGMP 192.168.0.254:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][1 pkts/46 bytes -> 0 pkts/0 bytes]
Undetected flows:
@@ -286,5 +285,6 @@ Undetected flows:
7 TCP 192.168.1.34:51301 <-> 82.224.110.241:38895 [proto: 0/Unknown][11 pkts/835 bytes <-> 7 pkts/647 bytes]
8 TCP 192.168.1.34:51303 -> 80.121.84.93:62381 [proto: 0/Unknown][7 pkts/546 bytes -> 0 pkts/0 bytes]
9 TCP 192.168.1.34:51306 -> 80.121.84.93:62381 [proto: 0/Unknown][6 pkts/468 bytes -> 0 pkts/0 bytes]
- 10 TCP 192.168.1.34:51300 <-> 76.167.161.6:20274 [proto: 0/Unknown][2 pkts/132 bytes <-> 1 pkts/74 bytes]
- 11 TCP 192.168.1.34:51319 -> 212.161.8.36:13392 [proto: 0/Unknown][1 pkts/78 bytes -> 0 pkts/0 bytes]
+ 10 UDP 192.168.1.34:59052 -> 192.168.1.1:5351 [proto: 0/Unknown][4 pkts/216 bytes -> 0 pkts/0 bytes]
+ 11 TCP 192.168.1.34:51300 <-> 76.167.161.6:20274 [proto: 0/Unknown][2 pkts/132 bytes <-> 1 pkts/74 bytes]
+ 12 TCP 192.168.1.34:51319 -> 212.161.8.36:13392 [proto: 0/Unknown][1 pkts/78 bytes -> 0 pkts/0 bytes]
diff --git a/tests/result/starcraft_battle.pcap.out b/tests/result/starcraft_battle.pcap.out
index bd47cfc1c..79367d46b 100644
--- a/tests/result/starcraft_battle.pcap.out
+++ b/tests/result/starcraft_battle.pcap.out
@@ -1,12 +1,12 @@
-DNS 22 2431 6
+DNS 26 2848 7
HTTP 450 294880 19
SSDP 11 4984 1
WorldOfWarcraft 9 880 1
IGMP 2 120 1
-TLS 46 3171 14
+TLS 38 2548 11
Google 22 2184 5
Github 3 234 1
-Starcraft 232 51288 4
+Starcraft 236 51494 6
1 TCP 192.168.1.100:3508 <-> 87.248.221.254:80 [proto: 7/HTTP][cat: Web/5][90 pkts/5059 bytes <-> 89 pkts/129145 bytes][Host: llnw.blizzard.com][PLAIN TEXT (GET /sc)]
2 TCP 192.168.1.100:3517 <-> 213.248.127.130:1119 [proto: 213/Starcraft][cat: Game/8][126 pkts/9157 bytes <-> 89 pkts/41021 bytes][PLAIN TEXT (matteobracci1@gmail.com)]
@@ -34,7 +34,7 @@ Starcraft 232 51288 4
24 UDP 192.168.1.100:58851 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/173 bytes <-> 2 pkts/282 bytes][Host: 110.212.58.216.in-addr.arpa]
25 UDP 192.168.1.100:60026 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/154 bytes <-> 2 pkts/288 bytes][Host: llnw.blizzard.com][PLAIN TEXT (blizzard)]
26 UDP 192.168.1.100:58818 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/172 bytes <-> 2 pkts/260 bytes][Host: 100.1.168.192.in-addr.arpa][PLAIN TEXT (dynect)]
- 27 UDP 192.168.1.100:58831 <-> 192.168.1.254:53 [proto: 91/TLS][cat: Web/5][2 pkts/172 bytes <-> 2 pkts/245 bytes][Host: 26.186.239.80.in-addr.arpa][client: ][PLAIN TEXT (signup)]
+ 27 UDP 192.168.1.100:58831 <-> 192.168.1.254:53 [proto: 5.5/DNS][cat: Network/14][2 pkts/172 bytes <-> 2 pkts/245 bytes][Host: 26.186.239.80.in-addr.arpa][PLAIN TEXT (signup)]
28 TCP 192.168.1.100:3532 <-> 2.228.46.112:80 [proto: 7.7/HTTP][cat: Web/5][3 pkts/320 bytes <-> 1 pkts/66 bytes][Host: bnetcmsus-a.akamaihd.net][PLAIN TEXT (GET /cms/bnet)]
29 TCP 192.168.1.100:3533 <-> 2.228.46.112:80 [proto: 7.7/HTTP][cat: Web/5][3 pkts/320 bytes <-> 1 pkts/66 bytes][Host: bnetcmsus-a.akamaihd.net][PLAIN TEXT (GET /cms/bnet)]
30 UDP 192.168.1.100:53145 <-> 192.168.1.254:53 [proto: 5/DNS][cat: Network/14][2 pkts/152 bytes <-> 2 pkts/184 bytes][Host: nydus.battle.net][PLAIN TEXT (battle)]
@@ -53,10 +53,10 @@ Starcraft 232 51288 4
43 TCP 192.168.1.100:2759 <-> 64.233.184.188:5228 [proto: 126/Google][cat: Web/5][1 pkts/55 bytes <-> 1 pkts/66 bytes]
44 TCP 192.168.1.100:3052 <-> 216.58.212.110:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/55 bytes <-> 1 pkts/66 bytes]
45 IGMP 192.168.1.107:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network/14][2 pkts/120 bytes -> 0 pkts/0 bytes]
- 46 UDP 192.168.1.100:53146 <-> 5.42.180.154:1119 [proto: 91.213/TLS.Starcraft][cat: Game/8][1 pkts/44 bytes <-> 1 pkts/60 bytes]
- 47 UDP 192.168.1.100:53146 <-> 62.115.246.51:1119 [proto: 91.213/TLS.Starcraft][cat: Game/8][1 pkts/44 bytes <-> 1 pkts/60 bytes]
- 48 UDP 192.168.1.100:6113 <-> 213.248.127.166:1119 [proto: 91/TLS][cat: Web/5][1 pkts/43 bytes <-> 1 pkts/60 bytes]
- 49 UDP 192.168.1.100:6113 <-> 213.248.127.212:1119 [proto: 91/TLS][cat: Web/5][1 pkts/43 bytes <-> 1 pkts/60 bytes]
+ 46 UDP 192.168.1.100:53146 <-> 5.42.180.154:1119 [proto: 213/Starcraft][cat: Game/8][1 pkts/44 bytes <-> 1 pkts/60 bytes]
+ 47 UDP 192.168.1.100:53146 <-> 62.115.246.51:1119 [proto: 213/Starcraft][cat: Game/8][1 pkts/44 bytes <-> 1 pkts/60 bytes]
+ 48 UDP 192.168.1.100:6113 <-> 213.248.127.166:1119 [proto: 213/Starcraft][cat: Game/8][1 pkts/43 bytes <-> 1 pkts/60 bytes]
+ 49 UDP 192.168.1.100:6113 <-> 213.248.127.212:1119 [proto: 213/Starcraft][cat: Game/8][1 pkts/43 bytes <-> 1 pkts/60 bytes]
50 TCP 192.168.1.100:3534 -> 2.228.46.112:80 [proto: 7/HTTP][cat: Web/5][1 pkts/66 bytes -> 0 pkts/0 bytes]
51 TCP 80.239.186.26:443 -> 192.168.1.100:3476 [proto: 91/TLS][cat: Web/5][1 pkts/60 bytes -> 0 pkts/0 bytes]
52 TCP 80.239.186.40:443 -> 192.168.1.100:3478 [proto: 91/TLS][cat: Web/5][1 pkts/60 bytes -> 0 pkts/0 bytes]
diff --git a/tests/result/tor.pcap.out b/tests/result/tor.pcap.out
index cec37dfd0..601cacc4c 100644
--- a/tests/result/tor.pcap.out
+++ b/tests/result/tor.pcap.out
@@ -4,13 +4,18 @@ DHCPV6 6 906 1
Dropbox 10 1860 1
Tor 3676 3014362 7
- 1 TCP 192.168.1.252:51176 <-> 38.229.70.53:443 [proto: 163/Tor][cat: VPN/2][693 pkts/181364 bytes <-> 1133 pkts/1331914 bytes][PLAIN TEXT (id.com)]
- 2 TCP 192.168.1.252:51112 <-> 38.229.70.53:443 [proto: 163/Tor][cat: VPN/2][580 pkts/145960 bytes <-> 996 pkts/1242832 bytes][PLAIN TEXT (cyamnc6)]
- 3 TCP 192.168.1.252:51110 <-> 91.143.93.242:443 [proto: 163/Tor][cat: VPN/2][62 pkts/22715 bytes <-> 79 pkts/45823 bytes][PLAIN TEXT (www.ct7)]
- 4 TCP 192.168.1.252:51175 <-> 91.143.93.242:443 [proto: 163/Tor][cat: VPN/2][17 pkts/5489 bytes <-> 21 pkts/7031 bytes][PLAIN TEXT (www.gfu)]
- 5 TCP 192.168.1.252:51111 <-> 46.59.52.31:443 [proto: 163/Tor][cat: VPN/2][16 pkts/4858 bytes <-> 18 pkts/6284 bytes][PLAIN TEXT (57kbafwrx)]
- 6 TCP 192.168.1.252:51174 <-> 212.83.155.250:443 [proto: 163/Tor][cat: VPN/2][16 pkts/3691 bytes <-> 16 pkts/6740 bytes][PLAIN TEXT (ru.com)]
- 7 TCP 192.168.1.252:51185 <-> 62.210.137.230:443 [proto: 163/Tor][cat: VPN/2][15 pkts/3634 bytes <-> 14 pkts/6027 bytes][PLAIN TEXT (sieb.com)]
+JA3 Host Stats:
+ IP Address # JA3C
+ 1 192.168.1.252 1
+
+
+ 1 TCP 192.168.1.252:51176 <-> 38.229.70.53:443 [proto: 163/Tor][cat: VPN/2][693 pkts/181364 bytes <-> 1133 pkts/1331914 bytes][TLSv1][client: www.jmts2id.com][JA3C: 581a3c7f54555512b8cd16e87dfe165b][server: www.gg562izcxdvqdk.com][JA3S: e1691a31bfe345d2692da75636ddfb00][Cipher: TLS_DHE_RSA_WITH_AES_256_CBC_SHA][PLAIN TEXT (id.com)]
+ 2 TCP 192.168.1.252:51112 <-> 38.229.70.53:443 [proto: 163/Tor][cat: VPN/2][580 pkts/145960 bytes <-> 996 pkts/1242832 bytes][TLSv1][client: www.q4cyamnc6mtokjurvdclt.com][JA3C: 581a3c7f54555512b8cd16e87dfe165b][PLAIN TEXT (cyamnc6)]
+ 3 TCP 192.168.1.252:51110 <-> 91.143.93.242:443 [proto: 163/Tor][cat: VPN/2][62 pkts/22715 bytes <-> 79 pkts/45823 bytes][TLSv1][client: www.ct7ctrgb6cr7.com][JA3C: 581a3c7f54555512b8cd16e87dfe165b][PLAIN TEXT (www.ct7)]
+ 4 TCP 192.168.1.252:51175 <-> 91.143.93.242:443 [proto: 163/Tor][cat: VPN/2][17 pkts/5489 bytes <-> 21 pkts/7031 bytes][TLSv1][client: www.gfu7hbxpfp.com][JA3C: 581a3c7f54555512b8cd16e87dfe165b][server: www.xkgk7fdx362yyyxib.com][JA3S: 184d532a16876b78846ae6a03f654890][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA][PLAIN TEXT (www.gfu)]
+ 5 TCP 192.168.1.252:51111 <-> 46.59.52.31:443 [proto: 163/Tor][cat: VPN/2][16 pkts/4858 bytes <-> 18 pkts/6284 bytes][TLSv1][client: www.e6r5p57kbafwrxj3plz.com][JA3C: 581a3c7f54555512b8cd16e87dfe165b][PLAIN TEXT (57kbafwrx)]
+ 6 TCP 192.168.1.252:51174 <-> 212.83.155.250:443 [proto: 163/Tor][cat: VPN/2][16 pkts/3691 bytes <-> 16 pkts/6740 bytes][TLSv1][client: www.t3i3ru.com][JA3C: 581a3c7f54555512b8cd16e87dfe165b][PLAIN TEXT (ru.com)]
+ 7 TCP 192.168.1.252:51185 <-> 62.210.137.230:443 [proto: 163/Tor][cat: VPN/2][15 pkts/3634 bytes <-> 14 pkts/6027 bytes][TLSv1][client: www.6gyip7tqim7sieb.com][JA3C: 581a3c7f54555512b8cd16e87dfe165b][PLAIN TEXT (sieb.com)]
8 UDP 192.168.1.1:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][cat: Cloud/13][10 pkts/1860 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( 676879976)]
9 UDP [fe80::c583:1972:5728:7323]:546 -> [ff02::1:2]:547 [proto: 103/DHCPV6][cat: Network/14][6 pkts/906 bytes -> 0 pkts/0 bytes][PLAIN TEXT (Endian)]
10 UDP 192.168.1.252:138 -> 192.168.1.255:138 [proto: 10/NetBIOS][cat: System/18][1 pkts/252 bytes -> 0 pkts/0 bytes][PLAIN TEXT ( EFEOEEEJEBEOCNFAEDCACACACACACA)]
diff --git a/tests/result/viber.pcap.out b/tests/result/viber.pcap.out
index 18462a66f..f14526bca 100644
--- a/tests/result/viber.pcap.out
+++ b/tests/result/viber.pcap.out
@@ -1,12 +1,12 @@
DNS 8 1267 4
MDNS 4 412 1
ICMP 2 3028 1
-TLS 105 14653 6
+TLS 12 824 2
ICMPV6 2 140 1
Facebook 2 281 1
Google 32 9133 3
GenericProtocol 19 7773 1
-Viber 175 85695 5
+Viber 268 99524 9
Amazon 71 24849 3
JA3 Host Stats:
@@ -22,8 +22,8 @@ JA3 Host Stats:
6 TCP 192.168.0.17:36986 <-> 54.69.166.226:443 [proto: 91.178/TLS.Amazon][cat: Web/5][11 pkts/1437 bytes <-> 11 pkts/6412 bytes][TLSv1.2][client: mapi.apptimize.com][JA3C: d8c87b9bfde38897979e41242626c2f3][server: *.apptimize.com][JA3S: 8d2a028aa94425f76ced7826b1f39039][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
7 TCP 192.168.0.17:55746 <-> 151.101.1.130:443 [proto: 91.137/TLS.GenericProtocol][cat: Media/1][10 pkts/1534 bytes <-> 9 pkts/6239 bytes][TLSv1.2][client: venetia.iad.appboy.com][JA3C: d8c87b9bfde38897979e41242626c2f3][server: y.ssl.fastly.net][JA3S: 860fcf58fd757e26aa8911e5eaff6b53][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
8 TCP 192.168.0.17:36988 <-> 54.69.166.226:443 [proto: 91.178/TLS.Amazon][cat: Web/5][11 pkts/1462 bytes <-> 11 pkts/6163 bytes][TLSv1.2][client: mapi.apptimize.com][JA3C: d8c87b9bfde38897979e41242626c2f3][server: *.apptimize.com][JA3S: 8d2a028aa94425f76ced7826b1f39039][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
- 9 UDP 192.168.0.17:47171 <-> 18.201.4.32:7985 [proto: 91/TLS][cat: Web/5][24 pkts/5035 bytes <-> 22 pkts/2302 bytes][PLAIN TEXT (Android)]
- 10 UDP 192.168.0.17:38190 <-> 18.201.4.3:7985 [proto: 91/TLS][cat: Web/5][25 pkts/4344 bytes <-> 18 pkts/1872 bytes][PLAIN TEXT (Android)]
+ 9 UDP 192.168.0.17:47171 <-> 18.201.4.32:7985 [proto: 144/Viber][cat: VoIP/10][24 pkts/5035 bytes <-> 22 pkts/2302 bytes][PLAIN TEXT (Android)]
+ 10 UDP 192.168.0.17:38190 <-> 18.201.4.3:7985 [proto: 144/Viber][cat: VoIP/10][25 pkts/4344 bytes <-> 18 pkts/1872 bytes][PLAIN TEXT (Android)]
11 ICMP 192.168.0.17:0 <-> 192.168.0.15:0 [proto: 81/ICMP][cat: Network/14][1 pkts/1514 bytes <-> 1 pkts/1514 bytes][PLAIN TEXT (1234567890ABCDEFGHIJKLMNOPQ)]
12 UDP 192.168.0.17:62872 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network/14][1 pkts/78 bytes <-> 1 pkts/373 bytes][Host: mapi.apptimize.com][PLAIN TEXT (apptimize)]
13 TCP 192.168.0.17:33744 <-> 18.201.4.3:443 [proto: 91/TLS][cat: Web/5][4 pkts/272 bytes <-> 2 pkts/140 bytes]
@@ -38,5 +38,5 @@ JA3 Host Stats:
22 UDP 192.168.0.17:35331 <-> 192.168.0.15:53 [proto: 5/DNS][cat: Network/14][1 pkts/79 bytes <-> 1 pkts/95 bytes][Host: app-measurement.com][PLAIN TEXT (measurement)]
23 UDP 192.168.0.17:50097 <-> 192.168.0.15:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/74 bytes <-> 1 pkts/90 bytes][Host: www.google.com][PLAIN TEXT (google)]
24 ICMPV6 [fe80::3207:4dff:fea3:5fa7]:0 -> [ff02::2]:0 [proto: 102/ICMPV6][cat: Network/14][2 pkts/140 bytes -> 0 pkts/0 bytes]
- 25 UDP 192.168.0.17:38190 <-> 18.201.4.3:7987 [proto: 91/TLS][cat: Web/5][1 pkts/76 bytes <-> 1 pkts/62 bytes]
- 26 UDP 192.168.0.17:47171 <-> 18.201.4.32:7987 [proto: 91/TLS][cat: Web/5][1 pkts/76 bytes <-> 1 pkts/62 bytes]
+ 25 UDP 192.168.0.17:38190 <-> 18.201.4.3:7987 [proto: 144/Viber][cat: VoIP/10][1 pkts/76 bytes <-> 1 pkts/62 bytes]
+ 26 UDP 192.168.0.17:47171 <-> 18.201.4.32:7987 [proto: 144/Viber][cat: VoIP/10][1 pkts/76 bytes <-> 1 pkts/62 bytes]
diff --git a/tests/result/webex.pcap.out b/tests/result/webex.pcap.out
index d78fce4fe..bd80b8122 100644
--- a/tests/result/webex.pcap.out
+++ b/tests/result/webex.pcap.out
@@ -47,7 +47,7 @@ JA3 Host Stats:
35 TCP 10.8.0.1:59756 <-> 78.46.237.91:80 [proto: 7/HTTP][cat: Web/5][6 pkts/970 bytes <-> 6 pkts/821 bytes][Host: cp.pushwoosh.com][PLAIN TEXT (POST /j)]
36 TCP 10.8.0.1:33559 <-> 80.74.110.68:443 [proto: 91/TLS][cat: Web/5][7 pkts/1280 bytes <-> 6 pkts/453 bytes][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][JA3S: 6dfe5eb347aa509fc445e5628d467a2b (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5]
37 TCP 10.8.0.1:59757 <-> 78.46.237.91:80 [proto: 7/HTTP][cat: Web/5][5 pkts/624 bytes <-> 5 pkts/767 bytes][Host: cp.pushwoosh.com][PLAIN TEXT (POST /j)]
- 38 UDP 10.8.0.1:51772 <-> 62.109.229.158:9000 [proto: 91.141/TLS.Webex][cat: VoIP/10][14 pkts/1071 bytes <-> 2 pkts/100 bytes]
+ 38 UDP 10.8.0.1:51772 <-> 62.109.229.158:9000 [proto: 141/Webex][cat: VoIP/10][14 pkts/1071 bytes <-> 2 pkts/100 bytes]
39 TCP 10.8.0.1:41350 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][6 pkts/614 bytes <-> 5 pkts/399 bytes][TLSv1.2][client: radcom.webex.com][JA3C: f9010d8c34749bdf7659b52227e6f91b][JA3S: c253ec3ad88e42f8da4032682892f9a0 (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5]
40 TCP 10.8.0.1:41351 <-> 64.68.105.103:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][5 pkts/560 bytes <-> 4 pkts/345 bytes][TLSv1.2][client: radcom.webex.com][JA3C: f9010d8c34749bdf7659b52227e6f91b][JA3S: c253ec3ad88e42f8da4032682892f9a0 (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5]
41 TCP 10.8.0.1:51190 <-> 62.109.224.120:443 [proto: 91.141/TLS.Webex][cat: VoIP/10][7 pkts/501 bytes <-> 4 pkts/216 bytes][TLSv1][JA3C: 7cb93b2404a98399e9f84c74fef1fb8f]
diff --git a/tests/result/wechat.pcap.out b/tests/result/wechat.pcap.out
index e3dc185dd..6eb1fbbc4 100644
--- a/tests/result/wechat.pcap.out
+++ b/tests/result/wechat.pcap.out
@@ -1,3 +1,4 @@
+DNS 6 494 3
HTTP 70 4620 8
MDNS 116 10672 4
NTP 1 90 1
@@ -5,9 +6,10 @@ NetBIOS 12 1579 2
DHCP 1 342 1
QQ 26 9402 2
IGMP 24 1280 4
-TLS 39 2647 12
+TLS 21 1209 3
ICMPV6 4 328 3
Google 113 24811 15
+LLMNR 12 944 6
WeChat 1251 606425 49
GoogleDocs 15 5114 2
@@ -90,19 +92,19 @@ JA3 Host Stats:
72 TCP 192.168.1.103:40741 <-> 203.205.151.211:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/108 bytes]
73 IGMP 192.168.1.254:0 -> 224.0.0.1:0 [proto: 82/IGMP][cat: Network/14][4 pkts/200 bytes -> 0 pkts/0 bytes]
74 TCP 192.168.1.103:54085 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][2 pkts/132 bytes <-> 1 pkts/66 bytes]
- 75 UDP [fe80::91f9:3df3:7436:6cd6]:50440 -> [ff02::1:3]:5355 [proto: 91/TLS][cat: Web/5][2 pkts/180 bytes -> 0 pkts/0 bytes][Host: lbjamwptxz][PLAIN TEXT (lbjamwptx)]
- 76 UDP [fe80::91f9:3df3:7436:6cd6]:49195 -> [ff02::1:3]:5355 [proto: 91/TLS][cat: Web/5][2 pkts/176 bytes -> 0 pkts/0 bytes][Host: cansaqcq][PLAIN TEXT (cansaqcq)]
- 77 UDP [fe80::91f9:3df3:7436:6cd6]:50577 -> [ff02::1:3]:5355 [proto: 91/TLS][cat: Web/5][2 pkts/176 bytes -> 0 pkts/0 bytes][Host: mcztmpkc][PLAIN TEXT (mcztmpkc)]
- 78 UDP 192.168.1.103:43705 -> 192.168.1.254:53 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][2 pkts/172 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com.lan][PLAIN TEXT (webpush)]
- 79 UDP 192.168.1.103:42856 -> 192.168.1.254:53 [proto: 91/TLS][cat: Web/5][2 pkts/170 bytes -> 0 pkts/0 bytes][Host: 1.debian.pool.ntp.org.lan][PLAIN TEXT (debian)]
- 80 UDP 192.168.1.103:45366 -> 192.168.1.254:53 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][2 pkts/164 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com][PLAIN TEXT (webpush)]
- 81 UDP 192.168.1.103:56367 -> 192.168.1.254:53 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][2 pkts/164 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com][PLAIN TEXT (webpush)]
- 82 UDP 192.168.1.103:41759 -> 192.168.1.254:53 [proto: 91/TLS][cat: Web/5][2 pkts/162 bytes -> 0 pkts/0 bytes][Host: 2.debian.pool.ntp.org][PLAIN TEXT (debian)]
- 83 UDP 192.168.1.103:44063 -> 192.168.1.254:53 [proto: 91/TLS][cat: Web/5][2 pkts/162 bytes -> 0 pkts/0 bytes][Host: 1.debian.pool.ntp.org][PLAIN TEXT (debian)]
- 84 UDP 192.168.1.103:42074 -> 192.168.1.254:53 [proto: 91.126/TLS.Google][cat: Web/5][2 pkts/158 bytes -> 0 pkts/0 bytes][Host: ssl.gstatic.com.lan][PLAIN TEXT (gstatic)]
- 85 UDP 192.168.1.100:54124 -> 224.0.0.252:5355 [proto: 91/TLS][cat: Web/5][2 pkts/140 bytes -> 0 pkts/0 bytes][Host: lbjamwptxz][PLAIN TEXT (lbjamwptx)]
- 86 UDP 192.168.1.100:49832 -> 224.0.0.252:5355 [proto: 91/TLS][cat: Web/5][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: cansaqcq][PLAIN TEXT (cansaqcq)]
- 87 UDP 192.168.1.100:57401 -> 224.0.0.252:5355 [proto: 91/TLS][cat: Web/5][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: mcztmpkc][PLAIN TEXT (mcztmpkc)]
+ 75 UDP [fe80::91f9:3df3:7436:6cd6]:50440 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/180 bytes -> 0 pkts/0 bytes][Host: lbjamwptxz][PLAIN TEXT (lbjamwptx)]
+ 76 UDP [fe80::91f9:3df3:7436:6cd6]:49195 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/176 bytes -> 0 pkts/0 bytes][Host: cansaqcq][PLAIN TEXT (cansaqcq)]
+ 77 UDP [fe80::91f9:3df3:7436:6cd6]:50577 -> [ff02::1:3]:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/176 bytes -> 0 pkts/0 bytes][Host: mcztmpkc][PLAIN TEXT (mcztmpkc)]
+ 78 UDP 192.168.1.103:43705 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][2 pkts/172 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com.lan][PLAIN TEXT (webpush)]
+ 79 UDP 192.168.1.103:42856 -> 192.168.1.254:53 [proto: 5.5/DNS][cat: Network/14][2 pkts/170 bytes -> 0 pkts/0 bytes][Host: 1.debian.pool.ntp.org.lan][PLAIN TEXT (debian)]
+ 80 UDP 192.168.1.103:45366 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][2 pkts/164 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com][PLAIN TEXT (webpush)]
+ 81 UDP 192.168.1.103:56367 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][2 pkts/164 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com][PLAIN TEXT (webpush)]
+ 82 UDP 192.168.1.103:41759 -> 192.168.1.254:53 [proto: 5.5/DNS][cat: Network/14][2 pkts/162 bytes -> 0 pkts/0 bytes][Host: 2.debian.pool.ntp.org][PLAIN TEXT (debian)]
+ 83 UDP 192.168.1.103:44063 -> 192.168.1.254:53 [proto: 5.5/DNS][cat: Network/14][2 pkts/162 bytes -> 0 pkts/0 bytes][Host: 1.debian.pool.ntp.org][PLAIN TEXT (debian)]
+ 84 UDP 192.168.1.103:42074 -> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][2 pkts/158 bytes -> 0 pkts/0 bytes][Host: ssl.gstatic.com.lan][PLAIN TEXT (gstatic)]
+ 85 UDP 192.168.1.100:54124 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/140 bytes -> 0 pkts/0 bytes][Host: lbjamwptxz][PLAIN TEXT (lbjamwptx)]
+ 86 UDP 192.168.1.100:49832 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: cansaqcq][PLAIN TEXT (cansaqcq)]
+ 87 UDP 192.168.1.100:57401 -> 224.0.0.252:5355 [proto: 154/LLMNR][cat: Network/14][2 pkts/136 bytes -> 0 pkts/0 bytes][Host: mcztmpkc][PLAIN TEXT (mcztmpkc)]
88 TCP 192.168.1.103:54106 -> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][2 pkts/132 bytes -> 0 pkts/0 bytes]
89 TCP 192.168.1.103:54109 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][1 pkts/66 bytes <-> 1 pkts/66 bytes]
90 TCP 192.168.1.103:54110 <-> 203.205.151.162:443 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][1 pkts/66 bytes <-> 1 pkts/66 bytes]
@@ -110,12 +112,12 @@ JA3 Host Stats:
92 ICMPV6 [fe80::842:a3f3:a286:6c5b]:0 -> [ff02::2]:0 [proto: 102/ICMPV6][cat: Network/14][2 pkts/132 bytes -> 0 pkts/0 bytes]
93 0 [fe80::842:a3f3:a286:6c5b]:0 -> [ff02::16]:0 [proto: 102/ICMPV6][cat: Network/14][1 pkts/110 bytes -> 0 pkts/0 bytes]
94 UDP 192.168.1.103:37578 -> 193.204.114.233:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes -> 0 pkts/0 bytes]
- 95 UDP 192.168.1.103:44346 -> 192.168.1.254:53 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][1 pkts/86 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com.lan][PLAIN TEXT (webpush)]
- 96 UDP 192.168.1.103:53515 -> 192.168.1.254:53 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][1 pkts/86 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com.lan][PLAIN TEXT (webpush)]
+ 95 UDP 192.168.1.103:44346 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][1 pkts/86 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com.lan][PLAIN TEXT (webpush)]
+ 96 UDP 192.168.1.103:53515 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][1 pkts/86 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com.lan][PLAIN TEXT (webpush)]
97 ICMPV6 [::]:0 -> [ff02::1:ff86:6c5b]:0 [proto: 102/ICMPV6][cat: Network/14][1 pkts/86 bytes -> 0 pkts/0 bytes]
- 98 UDP 192.168.1.103:33915 -> 192.168.1.254:53 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][1 pkts/82 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com][PLAIN TEXT (webpush)]
- 99 UDP 192.168.1.103:43317 -> 192.168.1.254:53 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][1 pkts/82 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com][PLAIN TEXT (webpush)]
- 100 UDP 192.168.1.103:58165 -> 192.168.1.254:53 [proto: 91.197/TLS.WeChat][cat: SocialNetwork/6][1 pkts/82 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com][PLAIN TEXT (webpush)]
- 101 UDP 192.168.1.103:59567 -> 192.168.1.254:53 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/79 bytes -> 0 pkts/0 bytes][Host: ssl.gstatic.com.lan][PLAIN TEXT (gstatic)]
- 102 UDP 192.168.1.103:42589 -> 192.168.1.254:53 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/75 bytes -> 0 pkts/0 bytes][Host: ssl.gstatic.com][PLAIN TEXT (gstatic)]
+ 98 UDP 192.168.1.103:33915 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][1 pkts/82 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com][PLAIN TEXT (webpush)]
+ 99 UDP 192.168.1.103:43317 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][1 pkts/82 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com][PLAIN TEXT (webpush)]
+ 100 UDP 192.168.1.103:58165 -> 192.168.1.254:53 [proto: 5.197/DNS.WeChat][cat: Chat/9][1 pkts/82 bytes -> 0 pkts/0 bytes][Host: webpush.web.wechat.com][PLAIN TEXT (webpush)]
+ 101 UDP 192.168.1.103:59567 -> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/79 bytes -> 0 pkts/0 bytes][Host: ssl.gstatic.com.lan][PLAIN TEXT (gstatic)]
+ 102 UDP 192.168.1.103:42589 -> 192.168.1.254:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/75 bytes -> 0 pkts/0 bytes][Host: ssl.gstatic.com][PLAIN TEXT (gstatic)]
103 IGMP 192.168.1.108:0 -> 224.0.0.22:0 [proto: 82/IGMP][cat: Network/14][1 pkts/54 bytes -> 0 pkts/0 bytes]
diff --git a/tests/result/weibo.pcap.out b/tests/result/weibo.pcap.out
index 5dcc96cbf..6d3d81316 100644
--- a/tests/result/weibo.pcap.out
+++ b/tests/result/weibo.pcap.out
@@ -42,7 +42,7 @@ JA3 Host Stats:
30 TCP 192.168.1.105:40440 <-> 54.225.163.210:443 [proto: 91.178/TLS.Amazon][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/66 bytes]
31 TCP 192.168.1.105:58480 <-> 216.58.214.78:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/66 bytes]
32 TCP 192.168.1.105:58481 <-> 216.58.214.78:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/66 bytes]
- 33 UDP 192.168.1.105:11798 -> 192.168.1.1:53 [proto: 91.200/TLS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/77 bytes -> 0 pkts/0 bytes][Host: account.weibo.com][PLAIN TEXT (account)]
+ 33 UDP 192.168.1.105:11798 -> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/77 bytes -> 0 pkts/0 bytes][Host: account.weibo.com][PLAIN TEXT (account)]
34 TCP 192.168.1.105:42280 -> 222.73.28.96:80 [proto: 7/HTTP][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes]
35 TCP 192.168.1.105:47721 -> 140.205.170.63:443 [proto: 91/TLS][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes]
36 TCP 192.168.1.105:47723 -> 140.205.170.63:443 [proto: 91/TLS][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes]
@@ -52,5 +52,5 @@ JA3 Host Stats:
40 TCP 192.168.1.105:52271 -> 42.156.184.19:443 [proto: 91/TLS][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes]
41 TCP 192.168.1.105:52272 -> 42.156.184.19:443 [proto: 91/TLS][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes]
42 TCP 192.168.1.105:52274 -> 42.156.184.19:443 [proto: 91/TLS][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes]
- 43 UDP 192.168.1.105:50533 -> 192.168.1.1:53 [proto: 91.200/TLS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/74 bytes -> 0 pkts/0 bytes][Host: data.weibo.com]
- 44 UDP 192.168.1.105:16804 -> 192.168.1.1:53 [proto: 91.200/TLS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/70 bytes -> 0 pkts/0 bytes][Host: c.weibo.cn]
+ 43 UDP 192.168.1.105:50533 -> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/74 bytes -> 0 pkts/0 bytes][Host: data.weibo.com]
+ 44 UDP 192.168.1.105:16804 -> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][cat: SocialNetwork/6][1 pkts/70 bytes -> 0 pkts/0 bytes][Host: c.weibo.cn]
diff --git a/tests/result/whatsapp_login_call.pcap.out b/tests/result/whatsapp_login_call.pcap.out
index 684e71b53..ddddd743b 100644
--- a/tests/result/whatsapp_login_call.pcap.out
+++ b/tests/result/whatsapp_login_call.pcap.out
@@ -17,8 +17,8 @@ JA3 Host Stats:
1 192.168.2.4 1
- 1 UDP 192.168.2.4:51518 <-> 91.253.176.65:9344 [proto: 91.189/TLS.WhatsAppVoice][cat: VoIP/10][186 pkts/27025 bytes <-> 278 pkts/25895 bytes][PLAIN TEXT (zTdFPOk)]
- 2 UDP 192.168.2.4:52794 <-> 91.253.176.65:9665 [proto: 91.189/TLS.WhatsAppVoice][cat: VoIP/10][141 pkts/17530 bytes <-> 57 pkts/12888 bytes]
+ 1 UDP 192.168.2.4:51518 <-> 91.253.176.65:9344 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][186 pkts/27025 bytes <-> 278 pkts/25895 bytes][PLAIN TEXT (zTdFPOk)]
+ 2 UDP 192.168.2.4:52794 <-> 91.253.176.65:9665 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][141 pkts/17530 bytes <-> 57 pkts/12888 bytes]
3 TCP 192.168.2.4:49202 <-> 184.173.179.37:5222 [proto: 142/WhatsApp][cat: Chat/9][100 pkts/14711 bytes <-> 80 pkts/10163 bytes][PLAIN TEXT (iPhone)]
4 TCP 192.168.2.4:49204 <-> 17.173.66.102:443 [proto: 91.140/TLS.Apple][cat: Web/5][29 pkts/11770 bytes <-> 24 pkts/6612 bytes][TLSv1.2][client: p53-buy.itunes.apple.com][JA3C: 799135475da362592a4be9199d258726][JA3S: c253ec3ad88e42f8da4032682892f9a0 (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5]
5 TCP 192.168.2.4:49201 <-> 17.178.104.12:443 [proto: 91.140/TLS.Apple][cat: Web/5][21 pkts/7644 bytes <-> 17 pkts/9576 bytes][TLSv1.2][client: query.ess.apple.com][JA3C: 799135475da362592a4be9199d258726][server: *.ess.apple.com][JA3S: c253ec3ad88e42f8da4032682892f9a0 (INSECURE)][organization: Apple Inc.][Cipher: TLS_RSA_WITH_RC4_128_MD5]
@@ -32,20 +32,20 @@ JA3 Host Stats:
13 UDP 192.168.2.4:51518 -> 1.194.90.191:60312 [proto: 78/STUN][cat: Network/14][15 pkts/1290 bytes -> 0 pkts/0 bytes]
14 UDP 192.168.2.4:52794 -> 1.194.90.191:51727 [proto: 78/STUN][cat: Network/14][12 pkts/1032 bytes -> 0 pkts/0 bytes]
15 ICMP 192.168.2.4:0 -> 91.253.176.65:0 [proto: 81/ICMP][cat: Network/14][10 pkts/700 bytes -> 0 pkts/0 bytes]
- 16 UDP 192.168.2.4:51518 <-> 31.13.64.48:3478 [proto: 91.189/TLS.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
- 17 UDP 192.168.2.4:51518 <-> 31.13.70.48:3478 [proto: 91.189/TLS.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
- 18 UDP 192.168.2.4:51518 <-> 31.13.73.48:3478 [proto: 91.189/TLS.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
- 19 UDP 192.168.2.4:51518 <-> 31.13.79.192:3478 [proto: 91.189/TLS.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
- 20 UDP 192.168.2.4:51518 <-> 31.13.85.48:3478 [proto: 91.189/TLS.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
- 21 UDP 192.168.2.4:51518 <-> 31.13.91.48:3478 [proto: 91.189/TLS.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
- 22 UDP 192.168.2.4:51518 <-> 31.13.100.14:3478 [proto: 91.189/TLS.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
- 23 UDP 192.168.2.4:52794 <-> 31.13.73.48:3478 [proto: 91.189/TLS.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
- 24 UDP 192.168.2.4:52794 <-> 31.13.74.48:3478 [proto: 91.189/TLS.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
- 25 UDP 192.168.2.4:52794 <-> 31.13.79.192:3478 [proto: 91.189/TLS.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][PLAIN TEXT (ay.OF@)]
- 26 UDP 192.168.2.4:52794 <-> 31.13.90.48:3478 [proto: 91.189/TLS.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
- 27 UDP 192.168.2.4:52794 <-> 31.13.93.48:3478 [proto: 91.189/TLS.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
- 28 UDP 192.168.2.4:52794 <-> 173.252.114.1:3478 [proto: 91.189/TLS.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
- 29 UDP 192.168.2.4:52794 <-> 179.60.192.48:3478 [proto: 91.189/TLS.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
+ 16 UDP 192.168.2.4:51518 <-> 31.13.64.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
+ 17 UDP 192.168.2.4:51518 <-> 31.13.70.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
+ 18 UDP 192.168.2.4:51518 <-> 31.13.73.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
+ 19 UDP 192.168.2.4:51518 <-> 31.13.79.192:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
+ 20 UDP 192.168.2.4:51518 <-> 31.13.85.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
+ 21 UDP 192.168.2.4:51518 <-> 31.13.91.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
+ 22 UDP 192.168.2.4:51518 <-> 31.13.100.14:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
+ 23 UDP 192.168.2.4:52794 <-> 31.13.73.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
+ 24 UDP 192.168.2.4:52794 <-> 31.13.74.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
+ 25 UDP 192.168.2.4:52794 <-> 31.13.79.192:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes][PLAIN TEXT (ay.OF@)]
+ 26 UDP 192.168.2.4:52794 <-> 31.13.90.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
+ 27 UDP 192.168.2.4:52794 <-> 31.13.93.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
+ 28 UDP 192.168.2.4:52794 <-> 173.252.114.1:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
+ 29 UDP 192.168.2.4:52794 <-> 179.60.192.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
30 TCP 192.168.2.4:49172 <-> 23.50.148.228:443 [proto: 91/TLS][cat: Web/5][3 pkts/174 bytes <-> 2 pkts/217 bytes]
31 TCP 192.168.2.4:49192 <-> 93.186.135.8:80 [proto: 7/HTTP][cat: Web/5][3 pkts/198 bytes <-> 2 pkts/132 bytes]
32 UDP 192.168.2.4:51897 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][cat: Web/5][1 pkts/79 bytes <-> 1 pkts/251 bytes][Host: query.ess.apple.com][PLAIN TEXT (akadns)]
diff --git a/tests/result/whatsapp_voice_and_message.pcap.out b/tests/result/whatsapp_voice_and_message.pcap.out
index 15c91043e..b9fb1b209 100644
--- a/tests/result/whatsapp_voice_and_message.pcap.out
+++ b/tests/result/whatsapp_voice_and_message.pcap.out
@@ -6,11 +6,11 @@ WhatsAppVoice 44 5916 8
3 TCP 10.8.0.1:44819 <-> 158.85.58.42:5222 [proto: 142/WhatsApp][cat: Chat/9][15 pkts/2690 bytes <-> 15 pkts/2019 bytes][PLAIN TEXT (Android)]
4 TCP 10.8.0.1:49721 <-> 158.85.58.109:5222 [proto: 142/WhatsApp][cat: Chat/9][26 pkts/2311 bytes <-> 26 pkts/2300 bytes][PLAIN TEXT (Android)]
5 TCP 10.8.0.1:51570 <-> 158.85.5.199:443 [proto: 142/WhatsApp][cat: Chat/9][14 pkts/1123 bytes <-> 13 pkts/1097 bytes][PLAIN TEXT (Android)]
- 6 UDP 10.8.0.1:53620 <-> 31.13.73.48:3478 [proto: 91.189/TLS.WhatsAppVoice][cat: VoIP/10][5 pkts/840 bytes <-> 4 pkts/344 bytes]
- 7 UDP 10.8.0.1:53620 <-> 31.13.64.48:3478 [proto: 91.189/TLS.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
- 8 UDP 10.8.0.1:53620 <-> 31.13.74.48:3478 [proto: 91.189/TLS.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
- 9 UDP 10.8.0.1:53620 <-> 31.13.79.192:3478 [proto: 91.189/TLS.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
- 10 UDP 10.8.0.1:53620 <-> 31.13.84.48:3478 [proto: 91.189/TLS.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
- 11 UDP 10.8.0.1:53620 <-> 31.13.93.48:3478 [proto: 91.189/TLS.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
- 12 UDP 10.8.0.1:53620 <-> 173.252.121.1:3478 [proto: 91.189/TLS.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
- 13 UDP 10.8.0.1:53620 <-> 179.60.192.48:3478 [proto: 91.189/TLS.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
+ 6 UDP 10.8.0.1:53620 <-> 31.13.73.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][5 pkts/840 bytes <-> 4 pkts/344 bytes]
+ 7 UDP 10.8.0.1:53620 <-> 31.13.64.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
+ 8 UDP 10.8.0.1:53620 <-> 31.13.74.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
+ 9 UDP 10.8.0.1:53620 <-> 31.13.79.192:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
+ 10 UDP 10.8.0.1:53620 <-> 31.13.84.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
+ 11 UDP 10.8.0.1:53620 <-> 31.13.93.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
+ 12 UDP 10.8.0.1:53620 <-> 173.252.121.1:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
+ 13 UDP 10.8.0.1:53620 <-> 179.60.192.48:3478 [proto: 78.189/STUN.WhatsAppVoice][cat: VoIP/10][3 pkts/504 bytes <-> 2 pkts/172 bytes]
Powered by cgit, Themed by Ted Yin.