aboutsummaryrefslogtreecommitdiff
path: root/tests/result
diff options
context:
space:
mode:
authorLuca Deri <deri@ntop.org>2022-05-04 12:10:01 +0200
committerLuca Deri <deri@ntop.org>2022-05-04 12:10:01 +0200
commit5dcb9c1c16d59650a5c7570a6957fa47e752643e (patch)
tree3201128d1cc93c37ecb260307081ba5aae5a7421 /tests/result
parentd5b922cfe4bbb6859e22a04cd240b863f4acb05b (diff)
Modified risk labels
Diffstat (limited to 'tests/result')
-rw-r--r--tests/result/EAQ.pcap.out4
-rw-r--r--tests/result/WebattackRCE.pcap.out268
-rw-r--r--tests/result/bad-dns-traffic.pcap.out6
-rw-r--r--tests/result/dns-tunnel-iodine.pcap.out2
-rw-r--r--tests/result/dns_exfiltration.pcap.out2
-rw-r--r--tests/result/emotet.pcap.out2
-rw-r--r--tests/result/exe_download.pcap.out2
-rw-r--r--tests/result/fuzz-2021-10-13.pcap.out2
-rw-r--r--tests/result/netflix.pcap.out2
-rw-r--r--tests/result/pps.pcap.out2
-rw-r--r--tests/result/quic_interop_V.pcapng.out12
-rw-r--r--tests/result/starcraft_battle.pcap.out4
-rw-r--r--tests/result/tls_esni_sni_both.pcap.out4
-rw-r--r--tests/result/tls_invalid_reads.pcap.out2
-rw-r--r--tests/result/tor.pcap.out6
-rw-r--r--tests/result/trickbot.pcap.out2
-rw-r--r--tests/result/weibo.pcap.out2
17 files changed, 162 insertions, 162 deletions
diff --git a/tests/result/EAQ.pcap.out b/tests/result/EAQ.pcap.out
index 80afecd54..ca82aa831 100644
--- a/tests/result/EAQ.pcap.out
+++ b/tests/result/EAQ.pcap.out
@@ -7,8 +7,8 @@ Confidence DPI : 31 (flows)
Google 23 11743 2
EAQ 174 10092 29
- 1 TCP 10.8.0.1:40467 <-> 173.194.119.24:80 [proto: 7.126/HTTP.Google][ClearText][Confidence: DPI][cat: Web/5][8 pkts/591 bytes <-> 6 pkts/9998 bytes][Goodput ratio: 23/97][0.51 sec][Hostname/SNI: www.google.com.br][bytes ratio: -0.888 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/8 76/114 400/349 146/137][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 74/1666 193/2818 45/1240][URL: www.google.com.br/?gfe_rd=cr&ei=1BxnVcP9OKKk8we50oDAAg][StatusCode: 200][Content-Type: text/html][User-Agent: test][Risk: ** HTTP Susp User-Agent **][Risk Score: 100][PLAIN TEXT (we50oDAAg HTTP/1.1)][Plen Bins: 0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,60]
- 2 TCP 10.8.0.1:53497 <-> 173.194.119.48:80 [proto: 7.126/HTTP.Google][ClearText][Confidence: DPI][cat: Web/5][5 pkts/390 bytes <-> 4 pkts/764 bytes][Goodput ratio: 26/72][0.20 sec][Hostname/SNI: www.google.com][bytes ratio: -0.324 (Download)][IAT c2s/s2c min/avg/max/stddev: 6/10 51/50 139/89 54/40][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 78/191 154/602 39/237][URL: www.google.com/][StatusCode: 302][Content-Type: text/html][User-Agent: test][Risk: ** HTTP Susp User-Agent **][Risk Score: 100][PLAIN TEXT (GET / HTTP/1.1)][Plen Bins: 0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 1 TCP 10.8.0.1:40467 <-> 173.194.119.24:80 [proto: 7.126/HTTP.Google][ClearText][Confidence: DPI][cat: Web/5][8 pkts/591 bytes <-> 6 pkts/9998 bytes][Goodput ratio: 23/97][0.51 sec][Hostname/SNI: www.google.com.br][bytes ratio: -0.888 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/8 76/114 400/349 146/137][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 74/1666 193/2818 45/1240][URL: www.google.com.br/?gfe_rd=cr&ei=1BxnVcP9OKKk8we50oDAAg][StatusCode: 200][Content-Type: text/html][User-Agent: test][Risk: ** HTTP Suspicious User-Agent **][Risk Score: 100][PLAIN TEXT (we50oDAAg HTTP/1.1)][Plen Bins: 0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,60]
+ 2 TCP 10.8.0.1:53497 <-> 173.194.119.48:80 [proto: 7.126/HTTP.Google][ClearText][Confidence: DPI][cat: Web/5][5 pkts/390 bytes <-> 4 pkts/764 bytes][Goodput ratio: 26/72][0.20 sec][Hostname/SNI: www.google.com][bytes ratio: -0.324 (Download)][IAT c2s/s2c min/avg/max/stddev: 6/10 51/50 139/89 54/40][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 78/191 154/602 39/237][URL: www.google.com/][StatusCode: 302][Content-Type: text/html][User-Agent: test][Risk: ** HTTP Suspicious User-Agent **][Risk Score: 100][PLAIN TEXT (GET / HTTP/1.1)][Plen Bins: 0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 UDP 10.8.0.1:39185 <-> 200.194.132.67:6000 [proto: 190/EAQ][ClearText][Confidence: DPI][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][Goodput ratio: 27/27][86.62 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 21509/21499 21642/21642 21860/21869 132/138][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58/58 58/58 0/0][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 UDP 10.8.0.1:42620 <-> 200.194.148.66:6000 [proto: 190/EAQ][ClearText][Confidence: DPI][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][Goodput ratio: 27/27][85.30 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 20533/20540 21310/21310 21609/21619 450/446][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58/58 58/58 0/0][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 UDP 10.8.0.1:43641 <-> 200.194.148.68:6000 [proto: 190/EAQ][ClearText][Confidence: DPI][cat: Network/14][5 pkts/290 bytes <-> 5 pkts/290 bytes][Goodput ratio: 27/27][85.29 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 20541/20540 21310/21304 21618/21649 445/445][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58/58 58/58 0/0][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/result/WebattackRCE.pcap.out b/tests/result/WebattackRCE.pcap.out
index 75922c91f..f81eb2580 100644
--- a/tests/result/WebattackRCE.pcap.out
+++ b/tests/result/WebattackRCE.pcap.out
@@ -7,39 +7,39 @@ HTTP 797 191003 797
1 TCP 127.0.0.1:51184 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/651 bytes -> 0 pkts/0 bytes][Goodput ratio: 90/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/vbulletin/ajax/api/hook/decodeArguments?arguments=O%3A12%3A%22vB_dB_Result%22%3A2%3A%7Bs%3A5%3A%22%00%2A%00db%22%3BO%3A17%3A%22vB_Database_MySQL%22%3A1%3A%7Bs%3A9%3A%22functions%22%3Ba%3A1%3A%7Bs%3A11%3A%22free_result%22%3Bs%3A6%3A%22assert%22%3][StatusCode: 0][Req Content-Type: application/x-www-form-urlencoded][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:007058)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /vbulletin/ajax/api/hook/de)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 TCP 127.0.0.1:51182 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/644 bytes -> 0 pkts/0 bytes][Goodput ratio: 90/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/vb/ajax/api/hook/decodeArguments?arguments=O%3A12%3A%22vB_dB_Result%22%3A2%3A%7Bs%3A5%3A%22%00%2A%00db%22%3BO%3A17%3A%22vB_Database_MySQL%22%3A1%3A%7Bs%3A9%3A%22functions%22%3Ba%3A1%3A%7Bs%3A11%3A%22free_result%22%3Bs%3A6%3A%22assert%22%3B%7D%7D][StatusCode: 0][Req Content-Type: application/x-www-form-urlencoded][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:007058)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /vb/ajax/api/hook/decodeArg)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 3 TCP 127.0.0.1:50946 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/387 bytes -> 0 pkts/0 bytes][Goodput ratio: 83/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/postnuke/html/index.php?Nikto=Forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001397)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (GET /postnuke/html/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 4 TCP 127.0.0.1:50970 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/387 bytes -> 0 pkts/0 bytes][Goodput ratio: 83/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/postnuke/html/index.php?Nikto=forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001398)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (GET /postnuke/html/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 5 TCP 127.0.0.1:50934 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/386 bytes -> 0 pkts/0 bytes][Goodput ratio: 83/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/postnuke/html/index.php?name=Forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001397)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (GET /postnuke/html/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 6 TCP 127.0.0.1:50958 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/386 bytes -> 0 pkts/0 bytes][Goodput ratio: 83/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/postnuke/html/index.php?name=forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001398)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (bGET /postnuke/html/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 7 TCP 127.0.0.1:50944 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/382 bytes -> 0 pkts/0 bytes][Goodput ratio: 83/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/postnuke/index.php?Nikto=Forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001397)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (YGET /postnuke/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 8 TCP 127.0.0.1:50968 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/382 bytes -> 0 pkts/0 bytes][Goodput ratio: 83/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/postnuke/index.php?Nikto=forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001398)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (lGET /postnuke/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 9 TCP 127.0.0.1:50932 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/381 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/postnuke/index.php?name=Forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001397)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (PGET /postnuke/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 10 TCP 127.0.0.1:50948 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/381 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/modules/index.php?Nikto=Forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001397)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (GET /modules/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 11 TCP 127.0.0.1:50956 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/381 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/postnuke/index.php?name=forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001398)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (aGET /postnuke/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 12 TCP 127.0.0.1:50972 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/381 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/modules/index.php?Nikto=forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001398)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (oGET /modules/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 13 TCP 127.0.0.1:50936 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/380 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/modules/index.php?name=Forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001397)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (SGET /modules/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 14 TCP 127.0.0.1:50960 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/380 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/modules/index.php?name=forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001398)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (eGET /modules/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 15 TCP 127.0.0.1:50950 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/379 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/phpBB/index.php?Nikto=Forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001397)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (GET /phpBB/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 16 TCP 127.0.0.1:50952 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/379 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/forum/index.php?Nikto=Forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001397)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (GET /forum/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 17 TCP 127.0.0.1:50974 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/379 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/phpBB/index.php?Nikto=forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001398)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (pGET /phpBB/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 18 TCP 127.0.0.1:50976 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/379 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/forum/index.php?Nikto=forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001398)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (rGET /forum/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 3 TCP 127.0.0.1:50946 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/387 bytes -> 0 pkts/0 bytes][Goodput ratio: 83/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/postnuke/html/index.php?Nikto=Forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001397)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /postnuke/html/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 4 TCP 127.0.0.1:50970 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/387 bytes -> 0 pkts/0 bytes][Goodput ratio: 83/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/postnuke/html/index.php?Nikto=forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001398)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /postnuke/html/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 5 TCP 127.0.0.1:50934 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/386 bytes -> 0 pkts/0 bytes][Goodput ratio: 83/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/postnuke/html/index.php?name=Forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001397)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /postnuke/html/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 6 TCP 127.0.0.1:50958 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/386 bytes -> 0 pkts/0 bytes][Goodput ratio: 83/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/postnuke/html/index.php?name=forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001398)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (bGET /postnuke/html/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 7 TCP 127.0.0.1:50944 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/382 bytes -> 0 pkts/0 bytes][Goodput ratio: 83/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/postnuke/index.php?Nikto=Forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001397)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (YGET /postnuke/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 8 TCP 127.0.0.1:50968 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/382 bytes -> 0 pkts/0 bytes][Goodput ratio: 83/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/postnuke/index.php?Nikto=forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001398)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (lGET /postnuke/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 9 TCP 127.0.0.1:50932 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/381 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/postnuke/index.php?name=Forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001397)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (PGET /postnuke/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 10 TCP 127.0.0.1:50948 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/381 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/modules/index.php?Nikto=Forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001397)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /modules/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 11 TCP 127.0.0.1:50956 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/381 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/postnuke/index.php?name=forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001398)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (aGET /postnuke/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 12 TCP 127.0.0.1:50972 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/381 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/modules/index.php?Nikto=forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001398)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (oGET /modules/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 13 TCP 127.0.0.1:50936 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/380 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/modules/index.php?name=Forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001397)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (SGET /modules/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 14 TCP 127.0.0.1:50960 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/380 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/modules/index.php?name=forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001398)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (eGET /modules/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 15 TCP 127.0.0.1:50950 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/379 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/phpBB/index.php?Nikto=Forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001397)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /phpBB/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 16 TCP 127.0.0.1:50952 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/379 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/forum/index.php?Nikto=Forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001397)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /forum/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 17 TCP 127.0.0.1:50974 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/379 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/phpBB/index.php?Nikto=forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001398)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (pGET /phpBB/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 18 TCP 127.0.0.1:50976 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/379 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/forum/index.php?Nikto=forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001398)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (rGET /forum/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
19 TCP 127.0.0.1:50878 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/378 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/postnuke/html/index.php?Nikto=Forums&file=viewtopic&t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001390)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /postnuke/html/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
20 TCP 127.0.0.1:50902 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/378 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/postnuke/html/index.php?Nikto=forums&file=viewtopic&t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001391)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /postnuke/html/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 21 TCP 127.0.0.1:50938 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/378 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/phpBB/index.php?name=Forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001397)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (TGET /phpBB/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 22 TCP 127.0.0.1:50940 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/378 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/forum/index.php?name=Forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001397)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (WGET /forum/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 23 TCP 127.0.0.1:50962 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/378 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/phpBB/index.php?name=forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001398)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (fGET /phpBB/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 24 TCP 127.0.0.1:50964 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/378 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/forum/index.php?name=forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001398)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (hGET /forum/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 21 TCP 127.0.0.1:50938 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/378 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/phpBB/index.php?name=Forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001397)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (TGET /phpBB/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 22 TCP 127.0.0.1:50940 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/378 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/forum/index.php?name=Forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001397)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (WGET /forum/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 23 TCP 127.0.0.1:50962 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/378 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/phpBB/index.php?name=forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001398)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (fGET /phpBB/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 24 TCP 127.0.0.1:50964 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/378 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/forum/index.php?name=forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001398)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (hGET /forum/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
25 TCP 127.0.0.1:50866 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/377 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/postnuke/html/index.php?name=Forums&file=viewtopic&t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001390)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /postnuke/html/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
26 TCP 127.0.0.1:50890 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/377 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/postnuke/html/index.php?name=forums&file=viewtopic&t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001391)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (/GET /postnuke/html/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
27 TCP 127.0.0.1:51158 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/376 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/phpmoadmin/wu-moadmin.php?collection=secpulse&action=listRows&find=array();phpinfo();exit;][StatusCode: 0][Req Content-Type: application/x-www-form-urlencoded][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:007011)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /phpmoadmin/wu)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
28 TCP 127.0.0.1:51160 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/376 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/wu-moadmin/wu-moadmin.php?collection=secpulse&action=listRows&find=array();phpinfo();exit;][StatusCode: 0][Req Content-Type: application/x-www-form-urlencoded][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:007011)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /wu)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
29 TCP 127.0.0.1:51170 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/376 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/phpmoadmin/wu-moadmin.php?collection=secpulse&action=listRows&find=array();phpinfo();exit;][StatusCode: 0][Req Content-Type: application/x-www-form-urlencoded][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:007011)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /phpmoadmin/wu)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
30 TCP 127.0.0.1:51174 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/376 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/wu-moadmin/wu-moadmin.php?collection=secpulse&action=listRows&find=array();phpinfo();exit;][StatusCode: 0][Req Content-Type: application/x-www-form-urlencoded][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:007011)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /wu)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 31 TCP 127.0.0.1:50990 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/374 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/index.php?name=PNphpBB2&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001400)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (GET /index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 31 TCP 127.0.0.1:50990 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/374 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/index.php?name=PNphpBB2&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001400)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
32 TCP 127.0.0.1:50876 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/373 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/postnuke/index.php?Nikto=Forums&file=viewtopic&t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001390)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /postnuke/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
33 TCP 127.0.0.1:50900 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/373 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/postnuke/index.php?Nikto=forums&file=viewtopic&t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001391)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /postnuke/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 34 TCP 127.0.0.1:50942 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/373 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/index.php?Nikto=Forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001397)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (GET /index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 35 TCP 127.0.0.1:50966 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/373 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/index.php?Nikto=forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001398)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (GET /index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 34 TCP 127.0.0.1:50942 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/373 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/index.php?Nikto=Forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001397)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 35 TCP 127.0.0.1:50966 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/373 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/index.php?Nikto=forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001398)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
36 TCP 127.0.0.1:51150 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/373 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/phpmoadmin/moadmin.php?collection=secpulse&action=listRows&find=array();phpinfo();exit;][StatusCode: 0][Req Content-Type: application/x-www-form-urlencoded][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:007011)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /phpmoadmin/moadmin.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
37 TCP 127.0.0.1:51152 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/373 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/wu-moadmin/moadmin.php?collection=secpulse&action=listRows&find=array();phpinfo();exit;][StatusCode: 0][Req Content-Type: application/x-www-form-urlencoded][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:007011)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /wu)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
38 TCP 127.0.0.1:51162 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/373 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/moadmin/wu-moadmin.php?collection=secpulse&action=listRows&find=array();phpinfo();exit;][StatusCode: 0][Req Content-Type: application/x-www-form-urlencoded][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:007011)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /moadmin/wu)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -50,10 +50,10 @@ HTTP 797 191003 797
43 TCP 127.0.0.1:50880 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/372 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/modules/index.php?Nikto=Forums&file=viewtopic&t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001390)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /modules/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
44 TCP 127.0.0.1:50888 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/372 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/postnuke/index.php?name=forums&file=viewtopic&t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001391)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /postnuke/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
45 TCP 127.0.0.1:50904 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/372 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/modules/index.php?Nikto=forums&file=viewtopic&t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001391)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /modules/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 46 TCP 127.0.0.1:50924 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/372 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/index.php?name=Forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001394)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (GET /index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 47 TCP 127.0.0.1:50926 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/372 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/index.php?name=forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001395)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (KGET /index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 48 TCP 127.0.0.1:50930 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/372 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/index.php?name=Forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001397)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (OGET /index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 49 TCP 127.0.0.1:50954 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/372 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/index.php?name=forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001398)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (GET /index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 46 TCP 127.0.0.1:50924 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/372 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/index.php?name=Forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001394)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 47 TCP 127.0.0.1:50926 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/372 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/index.php?name=forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001395)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (KGET /index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 48 TCP 127.0.0.1:50930 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/372 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/index.php?name=Forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001397)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (OGET /index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 49 TCP 127.0.0.1:50954 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/372 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/index.php?name=forums&file=viewtopic&t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001398)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
50 TCP 127.0.0.1:50868 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/371 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/modules/index.php?name=Forums&file=viewtopic&t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001390)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /modules/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
51 TCP 127.0.0.1:50892 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/371 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/modules/index.php?name=forums&file=viewtopic&t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001391)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /modules/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
52 TCP 127.0.0.1:50882 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/370 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/phpBB/index.php?Nikto=Forums&file=viewtopic&t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001390)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /phpBB/index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -74,19 +74,19 @@ HTTP 797 191003 797
67 TCP 127.0.0.1:50858 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/363 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/index.php?name=Forums&file=viewtopic&t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001388)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
68 TCP 127.0.0.1:50862 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/363 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/index.php?name=Forums&file=viewtopic&t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001390)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
69 TCP 127.0.0.1:50886 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/363 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/index.php?name=forums&file=viewtopic&t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001391)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /index.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 70 TCP 127.0.0.1:50982 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/363 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/postnuke/html/viewtopic.php?t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001399)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (wGET /postnuke/html/viewtopic.p)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 70 TCP 127.0.0.1:50982 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/363 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/postnuke/html/viewtopic.php?t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001399)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (wGET /postnuke/html/viewtopic.p)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
71 TCP 127.0.0.1:51148 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/362 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/moadmin.php?collection=secpulse&action=listRows&find=array();phpinfo();exit;][StatusCode: 0][Req Content-Type: application/x-www-form-urlencoded][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:007011)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /moadmin.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
72 TCP 127.0.0.1:51164 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/362 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/moadmin.php?collection=secpulse&action=listRows&find=array();phpinfo();exit;][StatusCode: 0][Req Content-Type: application/x-www-form-urlencoded][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:007011)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /moadmin.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
73 TCP 127.0.0.1:50566 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/359 bytes -> 0 pkts/0 bytes][Goodput ratio: 81/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/index.action][StatusCode: 0][Req Content-Type: %{#context['com.opensymphony.xwork2.dispatcher.HttpServletRespo][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:strutshock)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /index.action HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
74 TCP 127.0.0.1:50568 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/359 bytes -> 0 pkts/0 bytes][Goodput ratio: 81/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/login.action][StatusCode: 0][Req Content-Type: %{#context['com.opensymphony.xwork2.dispatcher.HttpServletRespo][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:strutshock)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /login.action HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 75 TCP 127.0.0.1:50980 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/358 bytes -> 0 pkts/0 bytes][Goodput ratio: 81/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/postnuke/viewtopic.php?t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001399)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (GET /postnuke/viewtopic.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 76 TCP 127.0.0.1:50984 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/357 bytes -> 0 pkts/0 bytes][Goodput ratio: 81/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/modules/viewtopic.php?t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001399)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (yGET /modules/viewtopic.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 77 TCP 127.0.0.1:50986 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/355 bytes -> 0 pkts/0 bytes][Goodput ratio: 81/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/phpBB/viewtopic.php?t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001399)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (GET /phpBB/viewtopic.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 78 TCP 127.0.0.1:50988 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/355 bytes -> 0 pkts/0 bytes][Goodput ratio: 81/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/forum/viewtopic.php?t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001399)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (GET /forum/viewtopic.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 75 TCP 127.0.0.1:50980 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/358 bytes -> 0 pkts/0 bytes][Goodput ratio: 81/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/postnuke/viewtopic.php?t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001399)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /postnuke/viewtopic.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 76 TCP 127.0.0.1:50984 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/357 bytes -> 0 pkts/0 bytes][Goodput ratio: 81/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/modules/viewtopic.php?t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001399)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (yGET /modules/viewtopic.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 77 TCP 127.0.0.1:50986 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/355 bytes -> 0 pkts/0 bytes][Goodput ratio: 81/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/phpBB/viewtopic.php?t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001399)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /phpBB/viewtopic.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 78 TCP 127.0.0.1:50988 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/355 bytes -> 0 pkts/0 bytes][Goodput ratio: 81/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/forum/viewtopic.php?t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001399)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /forum/viewtopic.php)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
79 TCP 127.0.0.1:50914 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/354 bytes -> 0 pkts/0 bytes][Goodput ratio: 81/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/postnuke/html/viewtopic.php?t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001392)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (AGET /postnuke/html/viewtopic.p)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
80 TCP 127.0.0.1:50912 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/349 bytes -> 0 pkts/0 bytes][Goodput ratio: 81/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/postnuke/viewtopic.php?t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001392)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /postnuke/viewtopic.php)][Plen Bins: 0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 81 TCP 127.0.0.1:50928 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/349 bytes -> 0 pkts/0 bytes][Goodput ratio: 81/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/viewtopic.php?t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001396)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (GET /viewtopic.php)][Plen Bins: 0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 82 TCP 127.0.0.1:50978 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/349 bytes -> 0 pkts/0 bytes][Goodput ratio: 81/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/viewtopic.php?t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001399)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (sGET /viewtopic.php)][Plen Bins: 0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 81 TCP 127.0.0.1:50928 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/349 bytes -> 0 pkts/0 bytes][Goodput ratio: 81/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/viewtopic.php?t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001396)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /viewtopic.php)][Plen Bins: 0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 82 TCP 127.0.0.1:50978 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/349 bytes -> 0 pkts/0 bytes][Goodput ratio: 81/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/viewtopic.php?t=2&rush=%6c%73%20%2d%61%6c&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001399)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (sGET /viewtopic.php)][Plen Bins: 0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
83 TCP 127.0.0.1:50916 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/348 bytes -> 0 pkts/0 bytes][Goodput ratio: 81/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/modules/viewtopic.php?t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001392)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (BGET /modules/viewtopic.php)][Plen Bins: 0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
84 TCP 127.0.0.1:50564 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/347 bytes -> 0 pkts/0 bytes][Goodput ratio: 81/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/][StatusCode: 0][Req Content-Type: %{#context['com.opensymphony.xwork2.dispatcher.HttpServletRespo][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:strutshock)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET / HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
85 TCP 127.0.0.1:50918 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/346 bytes -> 0 pkts/0 bytes][Goodput ratio: 81/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/phpBB/viewtopic.php?t=2&rush=%64%69%72&highlight=%2527.%70%61%73%73%74%68%72%75%28%24%48%54%54%50%5f%47%45%54%5f%56%41%52%53%5b%72%75%73%68%5d%29.%2527][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001392)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /phpBB/viewtopic.php)][Plen Bins: 0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -103,135 +103,135 @@ HTTP 797 191003 797
96 TCP 127.0.0.1:51192 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/331 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/wls-wsat/ParticipantPortType][StatusCode: 0][Req Content-Type: application/x-www-form-urlencoded][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:007184)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /wls)][Plen Bins: 0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
97 TCP 127.0.0.1:51186 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/326 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/shell?cat%20/etc/passwd][StatusCode: 0][Req Content-Type: application/x-www-form-urlencoded][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:007084)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /shell)][Plen Bins: 0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
98 TCP 127.0.0.1:51204 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/323 bytes -> 0 pkts/0 bytes][Goodput ratio: 79/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/shell?cat+/etc/hosts][StatusCode: 0][Req Content-Type: application/x-www-form-urlencoded][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:007235)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /shell)][Plen Bins: 0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 99 TCP 127.0.0.1:51008 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/316 bytes -> 0 pkts/0 bytes][Goodput ratio: 79/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/community/calendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003039)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (GET /community/calendar.php)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 100 TCP 127.0.0.1:51012 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/316 bytes -> 0 pkts/0 bytes][Goodput ratio: 79/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/vbulletin/calendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003040)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (GET /vbulletin/calendar.php)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 101 TCP 127.0.0.1:51004 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/314 bytes -> 0 pkts/0 bytes][Goodput ratio: 79/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/htforum/calendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003039)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (GET /htforum/calendar.php)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 102 TCP 127.0.0.1:51000 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/313 bytes -> 0 pkts/0 bytes][Goodput ratio: 79/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/forums/calendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003039)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (GET /forums/calendar.php)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 103 TCP 127.0.0.1:51002 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/313 bytes -> 0 pkts/0 bytes][Goodput ratio: 79/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/forumz/calendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003039)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (GET /forumz/calendar.php)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 104 TCP 127.0.0.1:50998 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/312 bytes -> 0 pkts/0 bytes][Goodput ratio: 79/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/forum/calendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003039)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (GET /forum/calendar.php)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 105 TCP 127.0.0.1:51006 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/312 bytes -> 0 pkts/0 bytes][Goodput ratio: 79/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/board/calendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003039)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (GET /board/calendar.php)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 106 TCP 127.0.0.1:51010 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/309 bytes -> 0 pkts/0 bytes][Goodput ratio: 78/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/vb/calendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003040)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (GET /vb/calendar.php)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 107 TCP 127.0.0.1:50996 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/306 bytes -> 0 pkts/0 bytes][Goodput ratio: 78/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/calendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003039)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (GET /calendar.php)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 99 TCP 127.0.0.1:51008 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/316 bytes -> 0 pkts/0 bytes][Goodput ratio: 79/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/community/calendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003039)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /community/calendar.php)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 100 TCP 127.0.0.1:51012 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/316 bytes -> 0 pkts/0 bytes][Goodput ratio: 79/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/vbulletin/calendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003040)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /vbulletin/calendar.php)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 101 TCP 127.0.0.1:51004 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/314 bytes -> 0 pkts/0 bytes][Goodput ratio: 79/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/htforum/calendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003039)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /htforum/calendar.php)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 102 TCP 127.0.0.1:51000 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/313 bytes -> 0 pkts/0 bytes][Goodput ratio: 79/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/forums/calendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003039)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /forums/calendar.php)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 103 TCP 127.0.0.1:51002 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/313 bytes -> 0 pkts/0 bytes][Goodput ratio: 79/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/forumz/calendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003039)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /forumz/calendar.php)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 104 TCP 127.0.0.1:50998 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/312 bytes -> 0 pkts/0 bytes][Goodput ratio: 79/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/forum/calendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003039)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /forum/calendar.php)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 105 TCP 127.0.0.1:51006 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/312 bytes -> 0 pkts/0 bytes][Goodput ratio: 79/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/board/calendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003039)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /board/calendar.php)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 106 TCP 127.0.0.1:51010 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/309 bytes -> 0 pkts/0 bytes][Goodput ratio: 78/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/vb/calendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003040)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /vb/calendar.php)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 107 TCP 127.0.0.1:50996 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/306 bytes -> 0 pkts/0 bytes][Goodput ratio: 78/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/calendar.php?calbirthdays=1&action=getday&day=2001-8-15&comma=%22;echo%20'';%20echo%20%60id%20%60;die();echo%22][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003039)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /calendar.php)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
108 TCP 127.0.0.1:49774 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/304 bytes -> 0 pkts/0 bytes][Goodput ratio: 78/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/typo3/dev/translations.php?ONLY=%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/HASH(0x5559e84fbc40)%00][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:Directory traversal check)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /typo)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
109 TCP 127.0.0.1:49778 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/299 bytes -> 0 pkts/0 bytes][Goodput ratio: 78/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/typo3/dev/translations.php?ONLY=%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/windows/win.ini%00][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:Directory traversal check)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /typo)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
110 TCP 127.0.0.1:49776 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/297 bytes -> 0 pkts/0 bytes][Goodput ratio: 78/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/typo3/dev/translations.php?ONLY=%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/winnt/win.ini%00][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:Directory traversal check)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /typo)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 111 TCP 127.0.0.1:49780 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/294 bytes -> 0 pkts/0 bytes][Goodput ratio: 77/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/typo3/dev/translations.php?ONLY=%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd%00][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:Directory traversal check)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (GET /typo)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 111 TCP 127.0.0.1:49780 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/294 bytes -> 0 pkts/0 bytes][Goodput ratio: 77/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/typo3/dev/translations.php?ONLY=%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd%00][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:Directory traversal check)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /typo)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
112 TCP 127.0.0.1:49772 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/293 bytes -> 0 pkts/0 bytes][Goodput ratio: 77/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/typo3/dev/translations.php?ONLY=%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/hosts%00][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:Directory traversal check)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /typo)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
113 TCP 127.0.0.1:49770 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/292 bytes -> 0 pkts/0 bytes][Goodput ratio: 77/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/typo3/dev/translations.php?ONLY=%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/boot.ini%00][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:Directory traversal check)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /typo)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 114 TCP 127.0.0.1:50464 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/289 bytes -> 0 pkts/0 bytes][Goodput ratio: 77/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/defaultwebpage.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /defaultwebpage.c)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 115 TCP 127.0.0.1:50478 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/289 bytes -> 0 pkts/0 bytes][Goodput ratio: 77/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/FormMail-clone.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /FormMail)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 116 TCP 127.0.0.1:50518 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/289 bytes -> 0 pkts/0 bytes][Goodput ratio: 77/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/restore_config.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /restore)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 117 TCP 127.0.0.1:50444 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/288 bytes -> 0 pkts/0 bytes][Goodput ratio: 77/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/administrator.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /administrator.cgi HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 118 TCP 127.0.0.1:50468 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/288 bytes -> 0 pkts/0 bytes][Goodput ratio: 77/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/entropysearch.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /entropysearch.cgi HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 119 TCP 127.0.0.1:50472 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/286 bytes -> 0 pkts/0 bytes][Goodput ratio: 77/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/environment.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /environment.cgi HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 120 TCP 127.0.0.1:50446 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/284 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/authLogin.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /authLogin.cgi HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 121 TCP 127.0.0.1:50480 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/284 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/guestbook.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /guestbook.cgi HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 122 TCP 127.0.0.1:50550 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/284 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/tmUnblock.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /tmUnblock.cgi HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 123 TCP 127.0.0.1:50466 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/283 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/download.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /download.c)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 124 TCP 127.0.0.1:50474 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/283 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/ezmlm-browse][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /ezmlm)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 125 TCP 127.0.0.1:50476 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/283 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/formmail.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /formmail.c)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 126 TCP 127.0.0.1:50482 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/283 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/helpdesk.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /helpdesk.c)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 127 TCP 127.0.0.1:50494 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/283 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/loadpage.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /loadpage.c)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 128 TCP 127.0.0.1:50538 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/283 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/test_cgi.php][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /test)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 129 TCP 127.0.0.1:50540 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/283 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/test.cgi.php][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /test.c)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 130 TCP 127.0.0.1:50454 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/282 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/cgiinfo.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /cgiinfo.cgi HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 131 TCP 127.0.0.1:50458 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/282 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/cgi_wrapper][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /cgi)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 132 TCP 127.0.0.1:50460 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/282 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/contact.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /contact.cgi HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 133 TCP 127.0.0.1:50502 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/282 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/pathtest.pl][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /pathtest.pl HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 134 TCP 127.0.0.1:50542 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/282 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/test_cgi.pl][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /test)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 135 TCP 127.0.0.1:50544 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/282 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/test-cgi.pl][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /test)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 136 TCP 127.0.0.1:50554 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/282 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/viewcvs.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /viewcvs.cgi HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 137 TCP 127.0.0.1:50448 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/281 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/bb-hist.sh][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /bb)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 138 TCP 127.0.0.1:50450 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/281 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/banner.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /banner.c)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 139 TCP 127.0.0.1:50456 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/281 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/cgitest.py][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /cgitest.py HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 140 TCP 127.0.0.1:50524 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/281 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/search.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /search.c)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 141 TCP 127.0.0.1:50526 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/281 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/server.php][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /server.php HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 142 TCP 127.0.0.1:50530 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/281 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/sysinfo.pl][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /sysinfo.pl HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 143 TCP 127.0.0.1:50442 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/280 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/admin.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /admin.cgi HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 144 TCP 127.0.0.1:50462 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/280 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/count.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /count.cgi HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 145 TCP 127.0.0.1:50484 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/280 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/index.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /index.cgi HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 146 TCP 127.0.0.1:50486 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/280 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/index.php][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /index.php HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 147 TCP 127.0.0.1:50496 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/280 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/login.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /login.cgi HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 148 TCP 127.0.0.1:50498 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/280 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/login.php][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /login.php HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 149 TCP 127.0.0.1:50552 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/280 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/uname.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /uname.cgi HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 150 TCP 127.0.0.1:50558 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/280 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/whois.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /whois.cgi HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 151 TCP 127.0.0.1:50452 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/279 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/book.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /book.c)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 152 TCP 127.0.0.1:50488 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/279 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/index.pl][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /index.pl HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 153 TCP 127.0.0.1:50490 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/279 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/info.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /info.c)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 154 TCP 127.0.0.1:50500 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/279 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/login.pl][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /login.pl HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 155 TCP 127.0.0.1:50514 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/279 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/php.fcgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /php.fc)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 156 TCP 127.0.0.1:50516 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/279 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/printenv][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /printenv HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 157 TCP 127.0.0.1:50534 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/279 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/test-cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /test)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 158 TCP 127.0.0.1:50536 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/279 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/test.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /test.c)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 159 TCP 127.0.0.1:50470 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/278 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/env.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /env.cgi HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 160 TCP 127.0.0.1:50492 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/278 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/info.sh][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /info.sh HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 161 TCP 127.0.0.1:50510 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/278 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/php-cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /php)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 162 TCP 127.0.0.1:50512 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/278 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/php.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /php.cgi HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 163 TCP 127.0.0.1:50520 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/278 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/ruby.rb][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /ruby.rb HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 164 TCP 127.0.0.1:50546 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/278 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/test.py][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /test.py HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 165 TCP 127.0.0.1:50548 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/278 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/test.sh][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /test.sh HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 166 TCP 127.0.0.1:50556 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/278 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/welcome][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /welcome HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 114 TCP 127.0.0.1:50464 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/289 bytes -> 0 pkts/0 bytes][Goodput ratio: 77/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/defaultwebpage.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /defaultwebpage.c)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 115 TCP 127.0.0.1:50478 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/289 bytes -> 0 pkts/0 bytes][Goodput ratio: 77/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/FormMail-clone.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /FormMail)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 116 TCP 127.0.0.1:50518 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/289 bytes -> 0 pkts/0 bytes][Goodput ratio: 77/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/restore_config.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /restore)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 117 TCP 127.0.0.1:50444 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/288 bytes -> 0 pkts/0 bytes][Goodput ratio: 77/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/administrator.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /administrator.cgi HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 118 TCP 127.0.0.1:50468 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/288 bytes -> 0 pkts/0 bytes][Goodput ratio: 77/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/entropysearch.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /entropysearch.cgi HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 119 TCP 127.0.0.1:50472 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/286 bytes -> 0 pkts/0 bytes][Goodput ratio: 77/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/environment.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /environment.cgi HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 120 TCP 127.0.0.1:50446 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/284 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/authLogin.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /authLogin.cgi HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 121 TCP 127.0.0.1:50480 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/284 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/guestbook.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /guestbook.cgi HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 122 TCP 127.0.0.1:50550 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/284 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/tmUnblock.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /tmUnblock.cgi HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 123 TCP 127.0.0.1:50466 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/283 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/download.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /download.c)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 124 TCP 127.0.0.1:50474 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/283 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/ezmlm-browse][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /ezmlm)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 125 TCP 127.0.0.1:50476 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/283 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/formmail.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /formmail.c)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 126 TCP 127.0.0.1:50482 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/283 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/helpdesk.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /helpdesk.c)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 127 TCP 127.0.0.1:50494 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/283 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/loadpage.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /loadpage.c)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 128 TCP 127.0.0.1:50538 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/283 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/test_cgi.php][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /test)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 129 TCP 127.0.0.1:50540 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/283 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/test.cgi.php][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /test.c)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 130 TCP 127.0.0.1:50454 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/282 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/cgiinfo.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /cgiinfo.cgi HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 131 TCP 127.0.0.1:50458 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/282 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/cgi_wrapper][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /cgi)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 132 TCP 127.0.0.1:50460 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/282 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/contact.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /contact.cgi HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 133 TCP 127.0.0.1:50502 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/282 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/pathtest.pl][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /pathtest.pl HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 134 TCP 127.0.0.1:50542 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/282 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/test_cgi.pl][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /test)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 135 TCP 127.0.0.1:50544 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/282 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/test-cgi.pl][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /test)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 136 TCP 127.0.0.1:50554 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/282 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/viewcvs.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /viewcvs.cgi HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 137 TCP 127.0.0.1:50448 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/281 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/bb-hist.sh][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /bb)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 138 TCP 127.0.0.1:50450 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/281 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/banner.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /banner.c)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 139 TCP 127.0.0.1:50456 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/281 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/cgitest.py][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /cgitest.py HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 140 TCP 127.0.0.1:50524 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/281 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/search.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /search.c)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 141 TCP 127.0.0.1:50526 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/281 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/server.php][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /server.php HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 142 TCP 127.0.0.1:50530 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/281 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/sysinfo.pl][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /sysinfo.pl HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 143 TCP 127.0.0.1:50442 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/280 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/admin.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /admin.cgi HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 144 TCP 127.0.0.1:50462 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/280 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/count.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /count.cgi HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 145 TCP 127.0.0.1:50484 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/280 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/index.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /index.cgi HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 146 TCP 127.0.0.1:50486 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/280 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/index.php][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /index.php HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 147 TCP 127.0.0.1:50496 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/280 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/login.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /login.cgi HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 148 TCP 127.0.0.1:50498 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/280 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/login.php][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /login.php HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 149 TCP 127.0.0.1:50552 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/280 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/uname.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /uname.cgi HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 150 TCP 127.0.0.1:50558 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/280 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/whois.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /whois.cgi HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 151 TCP 127.0.0.1:50452 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/279 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/book.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /book.c)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 152 TCP 127.0.0.1:50488 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/279 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/index.pl][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /index.pl HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 153 TCP 127.0.0.1:50490 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/279 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/info.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /info.c)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 154 TCP 127.0.0.1:50500 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/279 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/login.pl][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /login.pl HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 155 TCP 127.0.0.1:50514 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/279 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/php.fcgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /php.fc)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 156 TCP 127.0.0.1:50516 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/279 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/printenv][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /printenv HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 157 TCP 127.0.0.1:50534 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/279 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/test-cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /test)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 158 TCP 127.0.0.1:50536 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/279 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/test.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /test.c)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 159 TCP 127.0.0.1:50470 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/278 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/env.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /env.cgi HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 160 TCP 127.0.0.1:50492 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/278 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/info.sh][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /info.sh HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 161 TCP 127.0.0.1:50510 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/278 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/php-cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /php)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 162 TCP 127.0.0.1:50512 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/278 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/php.cgi][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /php.cgi HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 163 TCP 127.0.0.1:50520 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/278 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/ruby.rb][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /ruby.rb HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 164 TCP 127.0.0.1:50546 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/278 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/test.py][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /test.py HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 165 TCP 127.0.0.1:50548 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/278 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/test.sh][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /test.sh HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 166 TCP 127.0.0.1:50556 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/278 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/welcome][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /welcome HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
167 TCP 127.0.0.1:51070 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/278 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/reports/rwservlet?server=repserv+report=/tmp/hacker.rdf+destype=cache+desformat=PDF][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003437)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /reports/rwservlet)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 168 TCP 127.0.0.1:50522 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/277 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/search][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /search HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 169 TCP 127.0.0.1:50528 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/277 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/status][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /status HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 170 TCP 127.0.0.1:50506 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/275 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/php4][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /php4 HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 171 TCP 127.0.0.1:50508 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/275 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/php5][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /php5 HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 172 TCP 127.0.0.1:50532 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/275 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/test][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /test HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 173 TCP 127.0.0.1:51064 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/275 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/_vti_bin/..%255c..%255c..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003302)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Susp URL **][Risk Score: 160][PLAIN TEXT (bin/..)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 174 TCP 127.0.0.1:50504 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/274 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/php][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /php HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 168 TCP 127.0.0.1:50522 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/277 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/search][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /search HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 169 TCP 127.0.0.1:50528 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/277 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/status][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /status HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 170 TCP 127.0.0.1:50506 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/275 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/php4][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /php4 HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 171 TCP 127.0.0.1:50508 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/275 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/php5][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /php5 HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 172 TCP 127.0.0.1:50532 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/275 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/test][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /test HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 173 TCP 127.0.0.1:51064 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/275 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/_vti_bin/..%255c..%255c..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003302)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Suspicious URL **][Risk Score: 160][PLAIN TEXT (bin/..)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 174 TCP 127.0.0.1:50504 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/274 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/php][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET /php HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
175 TCP 127.0.0.1:50662 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/272 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/phpnuke/modules.php?name=Network_Tools&file=index&func=ping_host&hinput=%3Bid][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001164)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /phpnuke/modules.php)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 176 TCP 127.0.0.1:50438 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/271 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET / HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 177 TCP 127.0.0.1:50440 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/271 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET / HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 178 TCP 127.0.0.1:50560 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/271 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET / HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 176 TCP 127.0.0.1:50438 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/271 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET / HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 177 TCP 127.0.0.1:50440 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/271 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET / HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 178 TCP 127.0.0.1:50560 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/271 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/][StatusCode: 0][User-Agent: () { :; }; echo 93e4r0-CVE-2014-6271: true;echo;echo;][Risk: ** Known Proto on Non Std Port **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 160][PLAIN TEXT (GET / HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
179 TCP 127.0.0.1:50660 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/270 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/phpnuke/html/.php?name=Network_Tools&file=index&func=ping_host&hinput=%3Bid][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001163)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /phpnuke/html/.php)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
180 TCP 127.0.0.1:50656 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/269 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/nuke/modules.php?name=Network_Tools&file=index&func=ping_host&hinput=%3Bid][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001161)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /nuke/modules.php)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 181 TCP 127.0.0.1:50620 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/266 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/msadc/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir+c:%5c][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:000494)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Susp URL **][Risk Score: 160][PLAIN TEXT (GET /msadc/..)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 182 TCP 127.0.0.1:50622 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/266 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/msadc/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir+c:%5c][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:000495)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Susp URL **][Risk Score: 160][PLAIN TEXT (GET /msadc/..)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 183 TCP 127.0.0.1:51036 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/266 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/_vti_bin/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003199)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Susp URL **][Risk Score: 160][PLAIN TEXT (bin/..)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 184 TCP 127.0.0.1:51094 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/265 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/awcuser/cgi-bin/vcs?xsl=/vcs/vcs_home.xsl%26cat%20%22/etc/passwd%22%26][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:006994)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (GET /awcuser/cgi)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 181 TCP 127.0.0.1:50620 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/266 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/msadc/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir+c:%5c][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:000494)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Suspicious URL **][Risk Score: 160][PLAIN TEXT (GET /msadc/..)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 182 TCP 127.0.0.1:50622 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/266 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/msadc/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir+c:%5c][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:000495)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Suspicious URL **][Risk Score: 160][PLAIN TEXT (GET /msadc/..)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 183 TCP 127.0.0.1:51036 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/266 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/_vti_bin/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003199)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Suspicious URL **][Risk Score: 160][PLAIN TEXT (bin/..)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 184 TCP 127.0.0.1:51094 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/265 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/awcuser/cgi-bin/vcs?xsl=/vcs/vcs_home.xsl%26cat%20%22/etc/passwd%22%26][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:006994)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /awcuser/cgi)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
185 TCP 127.0.0.1:50654 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/264 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/modules.php?name=Network_Tools&file=index&func=ping_host&hinput=%3Bid][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001160)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (YGET /modules.php)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
186 TCP 127.0.0.1:50688 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/261 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/level/16/level/16/exec//show/running-config/interface/FastEthernet][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001262)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (rGET /level/16/level/16/exec//s)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 187 TCP 127.0.0.1:51054 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/258 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/msadc/..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003297)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Susp URL **][Risk Score: 160][PLAIN TEXT (GET /msadc/..)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 187 TCP 127.0.0.1:51054 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/258 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/msadc/..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003297)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Suspicious URL **][Risk Score: 160][PLAIN TEXT (GET /msadc/..)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
188 TCP 127.0.0.1:50594 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/257 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/forumdisplay.php?GLOBALS\[\]=1&f=2&comma=\".system\('id'\)\.\"][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:000070)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /forumdisplay.php)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 189 TCP 127.0.0.1:51026 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/255 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/pbserver/..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003194)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Susp URL **][Risk Score: 160][PLAIN TEXT (GET /pbserver/..)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 190 TCP 127.0.0.1:51020 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/254 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/cgi-bin/..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003191)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Susp URL **][Risk Score: 160][PLAIN TEXT (GET /cgi)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 191 TCP 127.0.0.1:51056 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/254 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/pbserver/..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003298)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Susp URL **][Risk Score: 160][PLAIN TEXT (GET /pbserver/..)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 192 TCP 127.0.0.1:51050 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/253 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/cgi-bin/..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003295)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Susp URL **][Risk Score: 160][PLAIN TEXT (GET /cgi)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 193 TCP 127.0.0.1:51024 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/252 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/msadc/..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003193)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Susp URL **][Risk Score: 160][PLAIN TEXT (GET /msadc/..)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 189 TCP 127.0.0.1:51026 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/255 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/pbserver/..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003194)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Suspicious URL **][Risk Score: 160][PLAIN TEXT (GET /pbserver/..)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 190 TCP 127.0.0.1:51020 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/254 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/cgi-bin/..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003191)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Suspicious URL **][Risk Score: 160][PLAIN TEXT (GET /cgi)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 191 TCP 127.0.0.1:51056 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/254 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/pbserver/..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003298)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Suspicious URL **][Risk Score: 160][PLAIN TEXT (GET /pbserver/..)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 192 TCP 127.0.0.1:51050 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/253 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/cgi-bin/..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003295)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Suspicious URL **][Risk Score: 160][PLAIN TEXT (GET /cgi)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 193 TCP 127.0.0.1:51024 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/252 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/msadc/..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003193)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Suspicious URL **][Risk Score: 160][PLAIN TEXT (GET /msadc/..)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
194 TCP 127.0.0.1:50632 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/250 bytes -> 0 pkts/0 bytes][Goodput ratio: 73/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/cgi-bin/handler/netsonar;cat /etc/passwd|?data=Download][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001070)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (HGET /c)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 195 TCP 127.0.0.1:51028 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/250 bytes -> 0 pkts/0 bytes][Goodput ratio: 73/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/rpc/..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003195)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Susp URL **][Risk Score: 160][PLAIN TEXT (GET /rpc/..)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 196 TCP 127.0.0.1:51034 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/248 bytes -> 0 pkts/0 bytes][Goodput ratio: 73/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir+c:\"][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003198)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Susp URL **][Risk Score: 160][PLAIN TEXT (GET /scripts/..)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 197 TCP 127.0.0.1:51052 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/248 bytes -> 0 pkts/0 bytes][Goodput ratio: 73/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/iisadmpwd/..%255c..%255cwinnt/system32/cmd.exe?/c+dir][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003296)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Susp URL **][Risk Score: 160][PLAIN TEXT (GET /iisadmpwd/..)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 198 TCP 127.0.0.1:51060 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/246 bytes -> 0 pkts/0 bytes][Goodput ratio: 73/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/scripts/..%255c..%255cwinnt/system32/cmd.exe?/c+dir][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003300)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Susp URL **][Risk Score: 160][PLAIN TEXT (GET /scripts/..)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 199 TCP 127.0.0.1:51062 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/246 bytes -> 0 pkts/0 bytes][Goodput ratio: 73/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/scripts/..%255c..%255cwinnt/system32/cmd.exe?/c+ver][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003301)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Susp URL **][Risk Score: 160][PLAIN TEXT (GET /scripts/..)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 200 TCP 127.0.0.1:50562 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/245 bytes -> 0 pkts/0 bytes][Goodput ratio: 73/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/../../../../../../../../../../../../etc/shadow][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:dishwasher)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Susp URL **][Risk Score: 160][PLAIN TEXT (GET /../../../../../../../../..)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 201 TCP 127.0.0.1:51022 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/245 bytes -> 0 pkts/0 bytes][Goodput ratio: 73/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/iisadmpwd/..%c0%af../winnt/system32/cmd.exe?/c+dir][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003192)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Susp URL **][Risk Score: 160][PLAIN TEXT (GET /iisadmpwd/..)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 195 TCP 127.0.0.1:51028 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/250 bytes -> 0 pkts/0 bytes][Goodput ratio: 73/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/rpc/..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003195)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Suspicious URL **][Risk Score: 160][PLAIN TEXT (GET /rpc/..)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 196 TCP 127.0.0.1:51034 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/248 bytes -> 0 pkts/0 bytes][Goodput ratio: 73/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir+c:\"][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003198)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Suspicious URL **][Risk Score: 160][PLAIN TEXT (GET /scripts/..)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 197 TCP 127.0.0.1:51052 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/248 bytes -> 0 pkts/0 bytes][Goodput ratio: 73/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/iisadmpwd/..%255c..%255cwinnt/system32/cmd.exe?/c+dir][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003296)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Suspicious URL **][Risk Score: 160][PLAIN TEXT (GET /iisadmpwd/..)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 198 TCP 127.0.0.1:51060 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/246 bytes -> 0 pkts/0 bytes][Goodput ratio: 73/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/scripts/..%255c..%255cwinnt/system32/cmd.exe?/c+dir][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003300)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Suspicious URL **][Risk Score: 160][PLAIN TEXT (GET /scripts/..)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 199 TCP 127.0.0.1:51062 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/246 bytes -> 0 pkts/0 bytes][Goodput ratio: 73/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/scripts/..%255c..%255cwinnt/system32/cmd.exe?/c+ver][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003301)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Suspicious URL **][Risk Score: 160][PLAIN TEXT (GET /scripts/..)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 200 TCP 127.0.0.1:50562 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/245 bytes -> 0 pkts/0 bytes][Goodput ratio: 73/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/../../../../../../../../../../../../etc/shadow][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:dishwasher)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Suspicious URL **][Risk Score: 160][PLAIN TEXT (GET /../../../../../../../../..)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 201 TCP 127.0.0.1:51022 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/245 bytes -> 0 pkts/0 bytes][Goodput ratio: 73/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/iisadmpwd/..%c0%af../winnt/system32/cmd.exe?/c+dir][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003192)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Suspicious URL **][Risk Score: 160][PLAIN TEXT (GET /iisadmpwd/..)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
202 TCP 127.0.0.1:49768 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/243 bytes -> 0 pkts/0 bytes][Goodput ratio: 73/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:apache_expect_xss)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET / HTTP/1.1)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 203 TCP 127.0.0.1:51018 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/243 bytes -> 0 pkts/0 bytes][Goodput ratio: 73/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/certsrv/..%c0%af../winnt/system32/cmd.exe?/c+dir][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003190)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Susp URL **][Risk Score: 160][PLAIN TEXT (GET /certsrv/..)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 204 TCP 127.0.0.1:51030 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/243 bytes -> 0 pkts/0 bytes][Goodput ratio: 73/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003196)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Susp URL **][Risk Score: 160][PLAIN TEXT (GET /scripts/..)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 205 TCP 127.0.0.1:51032 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/243 bytes -> 0 pkts/0 bytes][Goodput ratio: 73/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003197)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Susp URL **][Risk Score: 160][PLAIN TEXT (GET /scripts/..)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 206 TCP 127.0.0.1:51058 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/242 bytes -> 0 pkts/0 bytes][Goodput ratio: 72/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/rpc/..%255c..%255cwinnt/system32/cmd.exe?/c+dir][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003299)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Susp URL **][Risk Score: 160][PLAIN TEXT (GET /rpc/..)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 203 TCP 127.0.0.1:51018 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/243 bytes -> 0 pkts/0 bytes][Goodput ratio: 73/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/certsrv/..%c0%af../winnt/system32/cmd.exe?/c+dir][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003190)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Suspicious URL **][Risk Score: 160][PLAIN TEXT (GET /certsrv/..)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 204 TCP 127.0.0.1:51030 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/243 bytes -> 0 pkts/0 bytes][Goodput ratio: 73/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003196)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Suspicious URL **][Risk Score: 160][PLAIN TEXT (GET /scripts/..)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 205 TCP 127.0.0.1:51032 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/243 bytes -> 0 pkts/0 bytes][Goodput ratio: 73/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003197)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Suspicious URL **][Risk Score: 160][PLAIN TEXT (GET /scripts/..)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 206 TCP 127.0.0.1:51058 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/242 bytes -> 0 pkts/0 bytes][Goodput ratio: 72/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/rpc/..%255c..%255cwinnt/system32/cmd.exe?/c+dir][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003299)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Suspicious URL **][Risk Score: 160][PLAIN TEXT (GET /rpc/..)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
207 TCP 127.0.0.1:51082 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/242 bytes -> 0 pkts/0 bytes][Goodput ratio: 72/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/3rdparty/phpMyAdmin/server_sync.php?c=phpinfo()][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:006608)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /3rdparty/phpMyAdmin/server)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
208 TCP 127.0.0.1:51086 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/242 bytes -> 0 pkts/0 bytes][Goodput ratio: 72/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/3rdparty/phpmyadmin/server_sync.php?c=phpinfo()][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:006608)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /3rdparty/phpmyadmin/server)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
209 TCP 127.0.0.1:49718 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/241 bytes -> 0 pkts/0 bytes][Goodput ratio: 72/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:headers: BREACH Test)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (eGET / HTTP/1.1)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
210 TCP 127.0.0.1:50684 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/241 bytes -> 0 pkts/0 bytes][Goodput ratio: 72/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/level/16/level/16/exec//show/interfaces/status][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001260)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (oGET /level/16/level/16/exec//s)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
211 TCP 127.0.0.1:49764 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/240 bytes -> 0 pkts/0 bytes][Goodput ratio: 72/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/index][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:negotiate)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /index HTTP/1.1)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
212 TCP 127.0.0.1:50658 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/240 bytes -> 0 pkts/0 bytes][Goodput ratio: 72/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/perl/-e%20%22system('cat%20/etc/passwd');\%22][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001162)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /perl/)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 213 TCP 127.0.0.1:51048 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 72/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/certsrv/..%255cwinnt/system32/cmd.exe?/c+dir][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003294)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Susp URL **][Risk Score: 160][PLAIN TEXT (GET /certsrv/..)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 214 TCP 127.0.0.1:51068 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 72/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/ans/ans.pl?p=../../../../../usr/bin/id|&blah][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003371)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (GET /ans/ans.pl)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 213 TCP 127.0.0.1:51048 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 72/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/certsrv/..%255cwinnt/system32/cmd.exe?/c+dir][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003294)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Suspicious URL **][Risk Score: 160][PLAIN TEXT (GET /certsrv/..)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 214 TCP 127.0.0.1:51068 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/239 bytes -> 0 pkts/0 bytes][Goodput ratio: 72/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/ans/ans.pl?p=../../../../../usr/bin/id|&blah][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003371)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Suspicious URL **][Risk Score: 160][PLAIN TEXT (GET /ans/ans.pl)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
215 TCP 127.0.0.1:49550 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/238 bytes -> 0 pkts/0 bytes][Goodput ratio: 72/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/0hXC6ZUE.rdf+destype=cache+desformat=PDF][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:map_codes)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /0h)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
216 TCP 127.0.0.1:50680 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/237 bytes -> 0 pkts/0 bytes][Goodput ratio: 72/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/level/16/level/16/exec//show/configuration][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001258)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (lGET /level/16/level/16/exec//s)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
217 TCP 127.0.0.1:49690 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/235 bytes -> 0 pkts/0 bytes][Goodput ratio: 72/0][< 1 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][PLAIN TEXT (OGET /Microsoft)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
218 TCP 127.0.0.1:49702 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/235 bytes -> 0 pkts/0 bytes][Goodput ratio: 72/0][< 1 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][PLAIN TEXT (GET /Microsoft)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 219 TCP 127.0.0.1:50626 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/235 bytes -> 0 pkts/0 bytes][Goodput ratio: 72/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/athenareg.php?pass=%20;cat%20/etc/passwd][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:000667)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (@GET /athenareg.php)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 220 TCP 127.0.0.1:51066 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/235 bytes -> 0 pkts/0 bytes][Goodput ratio: 72/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/ans.pl?p=../../../../../usr/bin/id|&blah][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003370)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (GET /ans.pl)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 219 TCP 127.0.0.1:50626 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/235 bytes -> 0 pkts/0 bytes][Goodput ratio: 72/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/athenareg.php?pass=%20;cat%20/etc/passwd][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:000667)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (@GET /athenareg.php)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 220 TCP 127.0.0.1:51066 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/235 bytes -> 0 pkts/0 bytes][Goodput ratio: 72/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/ans.pl?p=../../../../../usr/bin/id|&blah][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003370)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Suspicious URL **][Risk Score: 160][PLAIN TEXT (GET /ans.pl)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
221 TCP 127.0.0.1:50608 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/234 bytes -> 0 pkts/0 bytes][Goodput ratio: 71/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/cgi-local/cgiemail-1.6/cgicso?query=AAA][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:000344)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /cgi)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
222 TCP 127.0.0.1:50682 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/234 bytes -> 0 pkts/0 bytes][Goodput ratio: 71/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/level/16/level/16/exec//show/interfaces][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001259)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (nGET /level/16/level/16/exec//s)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 223 TCP 127.0.0.1:51038 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/234 bytes -> 0 pkts/0 bytes][Goodput ratio: 71/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/admin/system.php3?cmd=cat%20/etc/passwd][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003216)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (GET /admin/system.php)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 223 TCP 127.0.0.1:51038 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/234 bytes -> 0 pkts/0 bytes][Goodput ratio: 71/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/admin/system.php3?cmd=cat%20/etc/passwd][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003216)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /admin/system.php)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
224 TCP 127.0.0.1:49664 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/233 bytes -> 0 pkts/0 bytes][Goodput ratio: 71/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:origin_reflection)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET / HTTP/1.1)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
225 TCP 127.0.0.1:51084 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/233 bytes -> 0 pkts/0 bytes][Goodput ratio: 71/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/phpMyAdmin/server_sync.php?c=phpinfo()][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:006608)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /phpMyAdmin/server)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
226 TCP 127.0.0.1:51088 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/233 bytes -> 0 pkts/0 bytes][Goodput ratio: 71/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/phpmyadmin/server_sync.php?c=phpinfo()][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:006608)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /phpmyadmin/server)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 227 TCP 127.0.0.1:51042 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/232 bytes -> 0 pkts/0 bytes][Goodput ratio: 71/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/admin/exec.php3?cmd=cat%20/etc/passwd][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003218)][Risk: ** RCE Injection **** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 310][PLAIN TEXT (GET /admin/exec.php)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 227 TCP 127.0.0.1:51042 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/232 bytes -> 0 pkts/0 bytes][Goodput ratio: 71/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/admin/exec.php3?cmd=cat%20/etc/passwd][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:003218)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /admin/exec.php)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
228 TCP 127.0.0.1:50574 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/231 bytes -> 0 pkts/0 bytes][Goodput ratio: 71/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/cfdocs/examples/cvbeans/beaninfo.cfm][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:000014)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /cfdocs/examples/cv)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
229 TCP 127.0.0.1:50644 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/231 bytes -> 0 pkts/0 bytes][Goodput ratio: 71/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/cfdocs/snippets/gettempdirectory.cfm][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001076)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /cfdocs/snippets/gettempdir)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
230 TCP 127.0.0.1:50652 -> 127.0.0.1:8080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/231 bytes -> 0 pkts/0 bytes][Goodput ratio: 71/0][< 1 sec][Hostname/SNI: 127.0.0.1][URL: 127.0.0.1/mods/apage/apage.cgi?f=file.htm.|id|][StatusCode: 0][User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:001159)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **][Risk Score: 60][PLAIN TEXT (GET /mods/apage/apage.c)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/result/bad-dns-traffic.pcap.out b/tests/result/bad-dns-traffic.pcap.out
index 7bc87216f..5722c08b2 100644
--- a/tests/result/bad-dns-traffic.pcap.out
+++ b/tests/result/bad-dns-traffic.pcap.out
@@ -5,6 +5,6 @@ Confidence DPI : 3 (flows)
DNS 382 99374 3
- 1 UDP 192.168.43.91:56354 <-> 4.2.2.4:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][203 pkts/51588 bytes <-> 146 pkts/43285 bytes][Goodput ratio: 83/86][92.47 sec][Hostname/SNI: c75900fdf525320021636f6d6d616e64202873697276696d65732900.skullseclabs.org][::][bytes ratio: 0.088 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 6/15 482/284 1046/2080 456/471][Pkt Len c2s/s2c min/avg/max/stddev: 95/95 254/296 290/325 74/65][Risk: ** Susp DGA Domain name **][Risk Score: 100][PLAIN TEXT (8244300)][Plen Bins: 0,5,5,0,0,0,0,50,39,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 2 UDP 192.168.43.91:35966 <-> 4.2.2.4:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][10 pkts/1125 bytes <-> 9 pkts/1293 bytes][Goodput ratio: 63/71][7.51 sec][Hostname/SNI: 958700a621c3620001636f6e736f6c65202873697276696d65732900.skullseclabs.org][::][bytes ratio: -0.069 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 78/49 782/776 1050/1358 405/481][Pkt Len c2s/s2c min/avg/max/stddev: 95/126 112/144 194/229 31/33][Risk: ** Susp DGA Domain name **][Risk Score: 100][PLAIN TEXT (3620001636f)][Plen Bins: 0,36,47,5,5,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 3 UDP 192.168.43.91:46961 <-> 4.2.2.4:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][7 pkts/926 bytes <-> 7 pkts/1157 bytes][Goodput ratio: 68/75][3.49 sec][Hostname/SNI: a05700e6da83510001636f6e736f6c65202873697276696d65732900.skullseclabs.org][::][bytes ratio: -0.111 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 87/56 668/645 1019/1049 428/481][Pkt Len c2s/s2c min/avg/max/stddev: 95/126 132/165 290/323 66/66][Risk: ** Susp DGA Domain name **][Risk Score: 100][PLAIN TEXT (da83510001636)][Plen Bins: 0,28,42,14,0,0,0,7,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 1 UDP 192.168.43.91:56354 <-> 4.2.2.4:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][203 pkts/51588 bytes <-> 146 pkts/43285 bytes][Goodput ratio: 83/86][92.47 sec][Hostname/SNI: c75900fdf525320021636f6d6d616e64202873697276696d65732900.skullseclabs.org][::][bytes ratio: 0.088 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 6/15 482/284 1046/2080 456/471][Pkt Len c2s/s2c min/avg/max/stddev: 95/95 254/296 290/325 74/65][Risk: ** Suspicious DGA Domain name **][Risk Score: 100][PLAIN TEXT (8244300)][Plen Bins: 0,5,5,0,0,0,0,50,39,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 2 UDP 192.168.43.91:35966 <-> 4.2.2.4:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][10 pkts/1125 bytes <-> 9 pkts/1293 bytes][Goodput ratio: 63/71][7.51 sec][Hostname/SNI: 958700a621c3620001636f6e736f6c65202873697276696d65732900.skullseclabs.org][::][bytes ratio: -0.069 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 78/49 782/776 1050/1358 405/481][Pkt Len c2s/s2c min/avg/max/stddev: 95/126 112/144 194/229 31/33][Risk: ** Suspicious DGA Domain name **][Risk Score: 100][PLAIN TEXT (3620001636f)][Plen Bins: 0,36,47,5,5,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 3 UDP 192.168.43.91:46961 <-> 4.2.2.4:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][7 pkts/926 bytes <-> 7 pkts/1157 bytes][Goodput ratio: 68/75][3.49 sec][Hostname/SNI: a05700e6da83510001636f6e736f6c65202873697276696d65732900.skullseclabs.org][::][bytes ratio: -0.111 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 87/56 668/645 1019/1049 428/481][Pkt Len c2s/s2c min/avg/max/stddev: 95/126 132/165 290/323 66/66][Risk: ** Suspicious DGA Domain name **][Risk Score: 100][PLAIN TEXT (da83510001636)][Plen Bins: 0,28,42,14,0,0,0,7,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/result/dns-tunnel-iodine.pcap.out b/tests/result/dns-tunnel-iodine.pcap.out
index 5d6ba20f5..835e09df2 100644
--- a/tests/result/dns-tunnel-iodine.pcap.out
+++ b/tests/result/dns-tunnel-iodine.pcap.out
@@ -5,4 +5,4 @@ Confidence DPI : 1 (flows)
DNS 434 70252 1
- 1 UDP 10.0.2.30:44639 <-> 10.0.2.20:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][222 pkts/26136 bytes <-> 212 pkts/44116 bytes][Goodput ratio: 64/80][24.49 sec][Hostname/SNI: vaaaakardli.pirate.sea][::][bytes ratio: -0.256 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 127/88 4005/4005 543/524][Pkt Len c2s/s2c min/avg/max/stddev: 82/93 118/208 323/1512 67/175][Risk: ** Susp DNS Traffic **][Risk Score: 100][PLAIN TEXT (vaaaakardli)][Plen Bins: 0,40,1,15,29,3,0,1,8,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 1 UDP 10.0.2.30:44639 <-> 10.0.2.20:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][222 pkts/26136 bytes <-> 212 pkts/44116 bytes][Goodput ratio: 64/80][24.49 sec][Hostname/SNI: vaaaakardli.pirate.sea][::][bytes ratio: -0.256 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 127/88 4005/4005 543/524][Pkt Len c2s/s2c min/avg/max/stddev: 82/93 118/208 323/1512 67/175][Risk: ** Suspicious DNS Traffic **][Risk Score: 100][PLAIN TEXT (vaaaakardli)][Plen Bins: 0,40,1,15,29,3,0,1,8,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/result/dns_exfiltration.pcap.out b/tests/result/dns_exfiltration.pcap.out
index 25fdee5be..d89665f15 100644
--- a/tests/result/dns_exfiltration.pcap.out
+++ b/tests/result/dns_exfiltration.pcap.out
@@ -5,4 +5,4 @@ Confidence DPI : 1 (flows)
DNS 300 73545 1
- 1 UDP 192.168.220.56:56373 <-> 192.168.203.167:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][150 pkts/32419 bytes <-> 150 pkts/41126 bytes][Goodput ratio: 81/85][59.99 sec][Hostname/SNI: e1aa8f8fdb1bbe8d5e04952141f7d4f82c7e3b06dcc8b87fad7a.19e4d098dc8c618f8d81cfeb02][::][bytes ratio: -0.118 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/1 398/397 1035/1015 491/489][Pkt Len c2s/s2c min/avg/max/stddev: 101/148 216/274 300/386 97/97][Risk: ** Susp DGA Domain name **][Risk Score: 100][PLAIN TEXT (dnscat)][Plen Bins: 0,24,0,23,0,0,0,0,26,26,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 1 UDP 192.168.220.56:56373 <-> 192.168.203.167:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][150 pkts/32419 bytes <-> 150 pkts/41126 bytes][Goodput ratio: 81/85][59.99 sec][Hostname/SNI: e1aa8f8fdb1bbe8d5e04952141f7d4f82c7e3b06dcc8b87fad7a.19e4d098dc8c618f8d81cfeb02][::][bytes ratio: -0.118 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/1 398/397 1035/1015 491/489][Pkt Len c2s/s2c min/avg/max/stddev: 101/148 216/274 300/386 97/97][Risk: ** Suspicious DGA Domain name **][Risk Score: 100][PLAIN TEXT (dnscat)][Plen Bins: 0,24,0,23,0,0,0,0,26,26,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/result/emotet.pcap.out b/tests/result/emotet.pcap.out
index 2b7fd4242..430ac12ee 100644
--- a/tests/result/emotet.pcap.out
+++ b/tests/result/emotet.pcap.out
@@ -13,7 +13,7 @@ JA3 Host Stats:
1 TCP 10.4.20.102:54319 <-> 107.161.178.210:80 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][272 pkts/16545 bytes <-> 557 pkts/800118 bytes][Goodput ratio: 1/96][9.12 sec][Hostname/SNI: gandhitoday.org][bytes ratio: -0.959 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 26/11 2171/1215 155/59][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 61/1436 279/1442 13/84][URL: gandhitoday.org/video/6JvA8/][StatusCode: 200][User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko][Risk: ** Binary App Transfer **][Risk Score: 250][PLAIN TEXT (GET /video/6J)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0]
- 2 TCP 10.4.25.101:49797 <-> 77.105.36.156:80 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Download/7][169 pkts/10292 bytes <-> 395 pkts/565664 bytes][Goodput ratio: 1/96][1.99 sec][Hostname/SNI: filmmogzivota.rs][bytes ratio: -0.964 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 12/4 292/171 38/19][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 61/1432 206/1442 11/107][URL: filmmogzivota.rs/SpryAssets/gDR/][StatusCode: 200][Content-Type: application/x-msdownload][User-Agent: vBKbaQgjyvRRbcgfvlsc][Risk: ** Binary App Transfer **** HTTP Susp User-Agent **][Risk Score: 350][PLAIN TEXT (GET /SpryAssets/gDR/ HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0]
+ 2 TCP 10.4.25.101:49797 <-> 77.105.36.156:80 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Download/7][169 pkts/10292 bytes <-> 395 pkts/565664 bytes][Goodput ratio: 1/96][1.99 sec][Hostname/SNI: filmmogzivota.rs][bytes ratio: -0.964 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 12/4 292/171 38/19][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 61/1432 206/1442 11/107][URL: filmmogzivota.rs/SpryAssets/gDR/][StatusCode: 200][Content-Type: application/x-msdownload][User-Agent: vBKbaQgjyvRRbcgfvlsc][Risk: ** Binary App Transfer **** HTTP Suspicious User-Agent **][Risk Score: 350][PLAIN TEXT (GET /SpryAssets/gDR/ HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0]
3 TCP 10.2.25.102:57309 <-> 193.252.22.84:587 [proto: 3/SMTP][ClearText][Confidence: DPI][cat: Email/3][303 pkts/420177 bytes <-> 323 pkts/18288 bytes][Goodput ratio: 96/5][19.04 sec][Hostname/SNI: opmta1mto02nd1][bytes ratio: 0.917 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 26/66 1205/3211 138/351][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 1387/57 1514/214 400/13][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][PLAIN TEXT (220 opmta)][Plen Bins: 7,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,83,0,0]
4 TCP 10.3.29.101:56309 <-> 104.161.127.22:80 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][72 pkts/4883 bytes <-> 136 pkts/184040 bytes][Goodput ratio: 20/96][11.81 sec][Hostname/SNI: fkl.co.ke][bytes ratio: -0.948 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 224/98 7597/7597 1122/760][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 68/1353 591/1415 81/273][URL: fkl.co.ke/wp-content/Elw3kPvOsZxM5/][StatusCode: 200][Content-Type: text/html][User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.74 Safari/537.36 Edg/99.0.1150.55][PLAIN TEXT (GET /wp)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0]
5 TCP 10.4.25.101:49803 <-> 138.197.147.101:443 [proto: 91/TLS][Encrypted][Confidence: DPI][cat: Web/5][61 pkts/4478 bytes <-> 75 pkts/99815 bytes][Goodput ratio: 16/96][28.39 sec][bytes ratio: -0.914 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 600/30 23191/1117 3362/144][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 73/1331 534/1442 63/364][Risk: ** Self-signed Cert **** TLS (probably) Not Carrying HTTPS **** Missing SNI TLS Extn **** Malicious JA3 Fingerp. **][Risk Score: 210][TLSv1.2][JA3C: 51c64c77e60f3980eea90869b68c58a8][JA3S: ec74a5c51106f0419184d0dd08fb05bc][Issuer: C=GB, ST=London, L=London, O=Global Security, OU=IT Department, CN=example.com][Subject: C=GB, ST=London, L=London, O=Global Security, OU=IT Department, CN=example.com][Certificate SHA-1: 43:A2:39:73:AC:4D:2C:15:7B:D6:4E:32:EA:22:11:B7:97:65:1A:93][Firefox][Validity: 2022-04-21 10:08:46 - 2023-04-21 10:08:46][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 1,0,1,0,1,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,93,0,0,0,0]
diff --git a/tests/result/exe_download.pcap.out b/tests/result/exe_download.pcap.out
index 6f7d50904..f81f153df 100644
--- a/tests/result/exe_download.pcap.out
+++ b/tests/result/exe_download.pcap.out
@@ -5,4 +5,4 @@ Confidence DPI : 1 (flows)
HTTP 703 717463 1
- 1 TCP 10.9.25.101:49165 <-> 144.91.69.195:80 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Download/7][203 pkts/11127 bytes <-> 500 pkts/706336 bytes][Goodput ratio: 1/96][5.18 sec][Hostname/SNI: 144.91.69.195][bytes ratio: -0.969 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 23/9 319/365 49/37][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 55/1413 207/1514 11/134][URL: 144.91.69.195/solar.php][StatusCode: 200][Content-Type: application/octet-stream][User-Agent: pwtyyEKzNtGatwnJjmCcBLbOveCVpc][Risk: ** Binary App Transfer **** HTTP Susp User-Agent **** HTTP Numeric IP Address **][Risk Score: 360][PLAIN TEXT (GET /solar.php HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0,2,0,0,7,0,0,63,0,0,24,0,0]
+ 1 TCP 10.9.25.101:49165 <-> 144.91.69.195:80 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Download/7][203 pkts/11127 bytes <-> 500 pkts/706336 bytes][Goodput ratio: 1/96][5.18 sec][Hostname/SNI: 144.91.69.195][bytes ratio: -0.969 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 23/9 319/365 49/37][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 55/1413 207/1514 11/134][URL: 144.91.69.195/solar.php][StatusCode: 200][Content-Type: application/octet-stream][User-Agent: pwtyyEKzNtGatwnJjmCcBLbOveCVpc][Risk: ** Binary App Transfer **** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 360][PLAIN TEXT (GET /solar.php HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0,2,0,0,7,0,0,63,0,0,24,0,0]
diff --git a/tests/result/fuzz-2021-10-13.pcap.out b/tests/result/fuzz-2021-10-13.pcap.out
index c511f5c2d..8a5dfd170 100644
--- a/tests/result/fuzz-2021-10-13.pcap.out
+++ b/tests/result/fuzz-2021-10-13.pcap.out
@@ -10,4 +10,4 @@ JA3 Host Stats:
1 3400:3a30:3035:2f75:706c:6f32:643f:6c3d 1
- 1 TCP [3400:3a30:3035:2f75:706c:6f32:643f:6c3d]:44288 -> [302e::3d00::8001]:0 [proto: 91/TLS][Encrypted][Confidence: DPI][cat: Web/5][1 pkts/197 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][< 1 sec][Risk: ** Known Proto on Non Std Port **** Obsolete TLS (v1.1 or older) **** TLS Susp Extension **][Risk Score: 250][TLS (0030)][JA3C: a5e5938747ae3199abb5d3fcd94f9e8d][PLAIN TEXT (005/uplo2)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 1 TCP [3400:3a30:3035:2f75:706c:6f32:643f:6c3d]:44288 -> [302e::3d00::8001]:0 [proto: 91/TLS][Encrypted][Confidence: DPI][cat: Web/5][1 pkts/197 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][< 1 sec][Risk: ** Known Proto on Non Std Port **** Obsolete TLS (v1.1 or older) **** TLS Suspicious Extn **][Risk Score: 250][TLS (0030)][JA3C: a5e5938747ae3199abb5d3fcd94f9e8d][PLAIN TEXT (005/uplo2)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/result/netflix.pcap.out b/tests/result/netflix.pcap.out
index a10b72a16..f93f547dc 100644
--- a/tests/result/netflix.pcap.out
+++ b/tests/result/netflix.pcap.out
@@ -20,7 +20,7 @@ JA3 Host Stats:
1 TCP 192.168.1.7:53217 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][ClearText][Confidence: DPI][cat: Video/26][667 pkts/50462 bytes <-> 1205 pkts/1807875 bytes][Goodput ratio: 12/96][26.40 sec][Hostname/SNI: 23.246.11.141][bytes ratio: -0.946 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 33/21 522/505 51/40][Pkt Len c2s/s2c min/avg/max/stddev: 60/74 76/1500 584/1514 69/116][URL: 23.246.11.141/?o=AQEfKq2oMrLRiWL2puNQJJ2TLhuiGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThpP7lHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=Dh278u2UpApOCGUj5RxV8azNWX8][StatusCode: 206][User-Agent: AppleCoreMedia/1.0.0.14C92 (iPhone; U; CPU OS 10_2 like Mac OS X; en_us)][Risk: ** HTTP Numeric IP Address **][Risk Score: 10][PLAIN TEXT (oMrLRiWL2)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0]
2 TCP 192.168.1.7:53183 <-> 23.246.3.140:80 [proto: 7.133/HTTP.NetFlix][ClearText][Confidence: DPI][cat: Video/26][502 pkts/40335 bytes <-> 805 pkts/1202445 bytes][Goodput ratio: 17/96][53.10 sec][Hostname/SNI: 23.246.3.140][bytes ratio: -0.935 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 117/55 5026/5044 455/248][Pkt Len c2s/s2c min/avg/max/stddev: 60/74 80/1494 581/1514 81/140][URL: 23.246.3.140/?o=AQEfKq2oMrLRiWL-p-VeIZ6WKRq-X6LMvaLqgxWBCuFbh09MpreORUUOO5Tx1683HPnLY6BPjN_9mlDuYihGZoXu9u0ozH8RFioBN_JDNiRscidjvoSdWmlyZgPNansW0lkBr4X81HvloOi8BS_exVSPhMyJQTB5bg&v=3&e=1484347850&t=-8u4vlcPuFqcOLnLyb9DDtK-bB4][StatusCode: 206][User-Agent: AppleCoreMedia/1.0.0.14C92 (iPhone; U; CPU OS 10_2 like Mac OS X; en_us)][Risk: ** HTTP Numeric IP Address **][Risk Score: 10][PLAIN TEXT (oMrLRiWL)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,97,0,0]
3 TCP 192.168.1.7:53210 <-> 23.246.11.133:80 [proto: 7.133/HTTP.NetFlix][ClearText][Confidence: DPI][cat: Video/26][293 pkts/23170 bytes <-> 495 pkts/736113 bytes][Goodput ratio: 16/96][46.97 sec][Hostname/SNI: 23.246.11.133][bytes ratio: -0.939 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 194/107 26359/26393 1829/1321][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 79/1487 582/1514 79/167][URL: 23.246.11.133/?o=AQEfKq2oMrLRiWL1ouVaJpeQLBWjGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_7lHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=JfEef80K02ynIjLLoi-HZB1uQ10][StatusCode: 206][User-Agent: AppleCoreMedia/1.0.0.14C92 (iPhone; U; CPU OS 10_2 like Mac OS X; en_us)][Risk: ** HTTP Numeric IP Address **][Risk Score: 10][PLAIN TEXT (oMrLRiWL1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,96,0,0]
- 4 TCP 192.168.1.7:53153 <-> 184.25.204.24:80 [proto: 7.133/HTTP.NetFlix][ClearText][Confidence: DPI][cat: Video/26][147 pkts/11558 bytes <-> 490 pkts/734346 bytes][Goodput ratio: 2/96][59.61 sec][Hostname/SNI: tp.akam.nflximg.com][bytes ratio: -0.969 (Download)][IAT c2s/s2c min/avg/max/stddev: 2/0 418/45 30607/2159 2956/164][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 79/1499 282/1514 21/140][URL: tp.akam.nflximg.com/tpa3/616/2041779616.bif][StatusCode: 200][Content-Type: text/plain][User-Agent: Argo/900 CFNetwork/808.2.16 Darwin/16.3.0][Risk: ** HTTP Susp Content **][Risk Score: 100][PLAIN TEXT (GET /tpa3/616/2041779616.bif HT)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0]
+ 4 TCP 192.168.1.7:53153 <-> 184.25.204.24:80 [proto: 7.133/HTTP.NetFlix][ClearText][Confidence: DPI][cat: Video/26][147 pkts/11558 bytes <-> 490 pkts/734346 bytes][Goodput ratio: 2/96][59.61 sec][Hostname/SNI: tp.akam.nflximg.com][bytes ratio: -0.969 (Download)][IAT c2s/s2c min/avg/max/stddev: 2/0 418/45 30607/2159 2956/164][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 79/1499 282/1514 21/140][URL: tp.akam.nflximg.com/tpa3/616/2041779616.bif][StatusCode: 200][Content-Type: text/plain][User-Agent: Argo/900 CFNetwork/808.2.16 Darwin/16.3.0][Risk: ** HTTP Suspicious Content **][Risk Score: 100][PLAIN TEXT (GET /tpa3/616/2041779616.bif HT)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0]
5 TCP 192.168.1.7:53141 <-> 104.86.97.179:443 [proto: 91.133/TLS.NetFlix][Encrypted][Confidence: DPI][cat: Video/26][83 pkts/7225 bytes <-> 147 pkts/202723 bytes][Goodput ratio: 20/95][73.78 sec][Hostname/SNI: art-s.nflximg.net][ALPN: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: -0.931 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1184/604 69170/69192 8780/6263][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 87/1379 293/1514 39/401][TLSv1.2][JA3C: c07cb55f88702033a8f52c046d23e0b2][ServerNames: secure.cdn.nflximg.net,*.nflxext.com,*.nflxvideo.net,*.nflxsearch.net,*.nrd.nflximg.net,*.nflximg.net][JA3S: ef6b224ce027c8e21e5a25d8a58255a3][Issuer: C=US, O=Symantec Corporation, OU=Symantec Trust Network, CN=Symantec Class 3 Secure Server CA - G4][Subject: C=US, ST=California, L=Los Gatos, O=Netflix, Inc., OU=Content Delivery Operations, CN=secure.cdn.nflximg.net][Certificate SHA-1: 0D:EF:D1:E6:29:11:1A:A5:88:B3:2F:04:65:D6:D7:AD:84:A2:52:26][Firefox][Validity: 2016-04-06 00:00:00 - 2017-04-05 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 1,4,6,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,87,0,0]
6 TCP 192.168.1.7:53184 <-> 23.246.11.141:80 [proto: 7.133/HTTP.NetFlix][ClearText][Confidence: DPI][cat: Video/26][75 pkts/6610 bytes <-> 103 pkts/150772 bytes][Goodput ratio: 23/95][6.10 sec][Hostname/SNI: 23.246.11.141][bytes ratio: -0.916 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/5 90/58 504/714 130/109][Pkt Len c2s/s2c min/avg/max/stddev: 60/74 88/1464 582/1514 100/228][URL: 23.246.11.141/?o=AQEfKq2oMrLRiWL2puNQJJqTIRqhGLjSseu23V2HX6kIiU9JpbCaBxxaIoz21qQNKuDUaOIZwdTlx23DMVxabbCwmvEluipDW2tvFMlhMRtwdhhVlbv9KGFabiu5KH0Slx0VjOK_wzThp_vlHhWA4kW9gayYEWtjNNKe&v=3&e=1484347850&t=TnP59JB1wb5UTOCr0m-KQU2kGPo][StatusCode: 206][User-Agent: AppleCoreMedia/1.0.0.14C92 (iPhone; U; CPU OS 10_2 like Mac OS X; en_us)][Risk: ** HTTP Numeric IP Address **][Risk Score: 10][PLAIN TEXT (oMrLRiWL2)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,98,0,0]
7 TCP 192.168.1.7:53149 <-> 184.25.204.25:80 [proto: 7.133/HTTP.NetFlix][ClearText][Confidence: DPI][cat: Video/26][40 pkts/3413 bytes <-> 86 pkts/125190 bytes][Goodput ratio: 7/95][34.92 sec][Hostname/SNI: art-2.nflximg.net][bytes ratio: -0.947 (Download)][IAT c2s/s2c min/avg/max/stddev: 6/12 1101/41 30978/402 5647/66][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 85/1456 311/1514 38/274][URL: art-2.nflximg.net/5758c/bb636e44b87ef854c331ed7b7b6e157e4945758c.jpg][StatusCode: 200][Content-Type: image/jpeg][User-Agent: Argo/9.1.0 (iPhone; iOS 10.2; Scale/2.00)][PLAIN TEXT (GET /5758)][Plen Bins: 0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,97,0,0]
diff --git a/tests/result/pps.pcap.out b/tests/result/pps.pcap.out
index 52e0c0278..2d3683259 100644
--- a/tests/result/pps.pcap.out
+++ b/tests/result/pps.pcap.out
@@ -17,7 +17,7 @@ Cybersec 23 25892 1
2 TCP 192.168.115.8:50778 <-> 223.26.106.20:80 [proto: 7.54/HTTP.PPStream][ClearText][Confidence: DPI][cat: Streaming/17][1 pkts/303 bytes <-> 528 pkts/692658 bytes][Goodput ratio: 82/96][0.82 sec][Hostname/SNI: preimage1.qiyipic.com][bytes ratio: -0.999 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/1 0/51 0/7][Pkt Len c2s/s2c min/avg/max/stddev: 303/180 303/1312 303/1314 0/49][URL: preimage1.qiyipic.com/preimage/20160506/f0/1f/v_110359998_m_611_160_90_1.jpg?no=1][StatusCode: 200][User-Agent: Qiyi List Client PC 5.2.15.2240][PLAIN TEXT (GET /preimage/20160506/f0/1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0]
3 TCP 192.168.115.8:50505 <-> 223.26.106.19:80 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][2 pkts/400 bytes <-> 244 pkts/319633 bytes][Goodput ratio: 73/96][0.11 sec][Hostname/SNI: static.qiyi.com][bytes ratio: -0.998 (Download)][IAT c2s/s2c min/avg/max/stddev: 35/0 35/0 35/35 0/2][Pkt Len c2s/s2c min/avg/max/stddev: 198/566 200/1310 202/1314 2/50][URL: static.qiyi.com/ext/common/qisu2/downloader.ini][StatusCode: 200][User-Agent: Downloader][PLAIN TEXT (GET /ext/common/qisu2/downloade)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0]
4 TCP 192.168.115.8:50491 <-> 223.26.106.66:80 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][1 pkts/426 bytes <-> 26 pkts/33872 bytes][Goodput ratio: 87/96][0.02 sec][Hostname/SNI: 223.26.106.66][bytes ratio: -0.975 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/0 0/3 0/1][Pkt Len c2s/s2c min/avg/max/stddev: 426/1022 426/1303 426/1314 0/56][URL: 223.26.106.66/videos/v0/20160625/a5/bf/8de9bb946972a88589d1667862292130.f4v?key=07eef1821e2379d3136ffe16082185ba2&src=iqiyi.com&&tn=137719&uuid=76a3085a-57760844-de][StatusCode: 0][User-Agent: QY-Player-Windows/2.0.102][Risk: ** HTTP Numeric IP Address **][Risk Score: 10][PLAIN TEXT (GET /videos/v)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,93,0,0,0,0,0,0,0,0]
- 5 TCP 192.168.115.8:50486 <-> 77.234.40.96:80 [proto: 7.283/HTTP.Cybersec][ClearText][Confidence: DPI][cat: Cybersecurity/33][11 pkts/11023 bytes <-> 12 pkts/14869 bytes][Goodput ratio: 95/96][13.04 sec][Hostname/SNI: bcu.ff.avast.com][bytes ratio: -0.149 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 68/0 307/0 127/0][Pkt Len c2s/s2c min/avg/max/stddev: 231/536 1002/1239 1314/1314 434/215][URL: bcu.ff.avast.com/bc2][StatusCode: 200][Req Content-Type: application/x-enc][User-Agent: {D699054D-1699-47D2-9B2B-E96F438C1160}][Risk: ** HTTP Susp User-Agent **][Risk Score: 100][PLAIN TEXT (POST /bc2 HTTP/1.1)][Plen Bins: 0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,4,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,0,75,0,0,0,0,0,0,0,0]
+ 5 TCP 192.168.115.8:50486 <-> 77.234.40.96:80 [proto: 7.283/HTTP.Cybersec][ClearText][Confidence: DPI][cat: Cybersecurity/33][11 pkts/11023 bytes <-> 12 pkts/14869 bytes][Goodput ratio: 95/96][13.04 sec][Hostname/SNI: bcu.ff.avast.com][bytes ratio: -0.149 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 68/0 307/0 127/0][Pkt Len c2s/s2c min/avg/max/stddev: 231/536 1002/1239 1314/1314 434/215][URL: bcu.ff.avast.com/bc2][StatusCode: 200][Req Content-Type: application/x-enc][User-Agent: {D699054D-1699-47D2-9B2B-E96F438C1160}][Risk: ** HTTP Suspicious User-Agent **][Risk Score: 100][PLAIN TEXT (POST /bc2 HTTP/1.1)][Plen Bins: 0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,4,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,0,75,0,0,0,0,0,0,0,0]
6 UDP 192.168.5.38:1900 -> 239.255.255.250:1900 [proto: 12/SSDP][ClearText][Confidence: DPI][cat: System/18][18 pkts/9327 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][6.36 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 46/0 393/0 2654/0 855/0][Pkt Len c2s/s2c min/avg/max/stddev: 473/0 518/0 553/0 30/0][PLAIN TEXT (NOTIFY )][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,66,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
7 TCP 192.168.115.8:50476 <-> 101.227.32.39:80 [proto: 7.54/HTTP.PPStream][ClearText][Confidence: DPI][cat: Streaming/17][1 pkts/656 bytes <-> 4 pkts/3897 bytes][Goodput ratio: 92/94][0.04 sec][Hostname/SNI: cache.video.iqiyi.com][URL: cache.video.iqiyi.com/vi/500494600/562e26caed5695900212eb3259070f8a/?src=1_11_114][StatusCode: 200][PLAIN TEXT (GET /vi/500494600/562)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,20,0,0,0,0,0,0,0,0,0,0,0,0,60,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
8 TCP 192.168.115.8:50495 <-> 202.108.14.236:80 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Streaming/17][3 pkts/2844 bytes <-> 3 pkts/597 bytes][Goodput ratio: 94/73][0.55 sec][Hostname/SNI: msg.71.am][bytes ratio: 0.653 (Upload)][IAT c2s/s2c min/avg/max/stddev: 117/118 216/217 315/316 99/99][Pkt Len c2s/s2c min/avg/max/stddev: 946/199 948/199 952/199 3/0][URL: msg.71.am/cp2.gif?a=4e3ae415a584748ac9aa31628f39d1e8&ai=&as=1:23:23|45&av=4.10.004&b=180932301&c=31&ct=5000000927558&d=2175&di=&dp=71000001&e=c4889e64ad9d9eeb9ff438910850c442&ec=&em=&fi=&g=0&l=MTE4LjE2My44Ljkw&mk=&nw=&od=5000000858874&oi=&p=a&pp=&rc=&rd=&][StatusCode: 200][User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)/QY-Player-Windows/2.0.102][PLAIN TEXT (GET /cp)][Plen Bins: 0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/result/quic_interop_V.pcapng.out b/tests/result/quic_interop_V.pcapng.out
index bf7e7eeb0..f3c8c5206 100644
--- a/tests/result/quic_interop_V.pcapng.out
+++ b/tests/result/quic_interop_V.pcapng.out
@@ -49,7 +49,7 @@ JA3 Host Stats:
31 UDP [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:38077 -> [2400:8902::f03c:91ff:fe69:a454]:443 [proto: 188/QUIC][Encrypted][Confidence: DPI][cat: Web/5][2 pkts/2588 bytes -> 0 pkts/0 bytes][Goodput ratio: 95/0][0.15 sec][Hostname/SNI: nghttp2.org][ALPN: hq-30;h3-30;hq-29;h3-29;hq-28;h3-28;hq-27;h3-27][TLS Supported Versions: TLSv1.3][TLSv1.3][JA3C: 7d9e7f6dec1cb1dd8b79d72b1366b6cf][Firefox][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0]
32 ICMPV6 [2001:19f0:4:34::1]:0 -> [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:0 [proto: 102/ICMPV6][ClearText][Confidence: DPI][cat: Network/14][2 pkts/2588 bytes -> 0 pkts/0 bytes][Goodput ratio: 95/0][0.06 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0]
33 ICMPV6 [2001:19f0:5:c21:5400:1ff:fe33:3b96]:0 -> [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:0 [proto: 102/ICMPV6][ClearText][Confidence: DPI][cat: Network/14][2 pkts/2588 bytes -> 0 pkts/0 bytes][Goodput ratio: 95/0][0.17 sec][PLAIN TEXT (bSuZ88)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0]
- 34 ICMP 51.158.105.98:0 -> 192.168.1.128:0 [proto: 81/ICMP][ClearText][Confidence: DPI][cat: Network/14][3 pkts/1770 bytes -> 0 pkts/0 bytes][Goodput ratio: 93/0][0.20 sec][Risk: ** Susp Entropy **][Risk Score: 50][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 34 ICMP 51.158.105.98:0 -> 192.168.1.128:0 [proto: 81/ICMP][ClearText][Confidence: DPI][cat: Network/14][3 pkts/1770 bytes -> 0 pkts/0 bytes][Goodput ratio: 93/0][0.20 sec][Risk: ** Suspicious Entropy **][Risk Score: 50][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
35 UDP [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:38394 <-> [2600:1f18:2310:d230:5103:7d9e:7d75:374f]:4433 [proto: 188/QUIC][Encrypted][Confidence: DPI][cat: Web/5][1 pkts/1294 bytes <-> 1 pkts/113 bytes][Goodput ratio: 95/45][0.14 sec][Hostname/SNI: test.privateoctopus.com][ALPN: hq-30;h3-30;hq-29;h3-29;hq-28;h3-28;hq-27;h3-27][TLS Supported Versions: TLSv1.3][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][TLSv1.3][JA3C: 7d9e7f6dec1cb1dd8b79d72b1366b6cf][Firefox][Plen Bins: 0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0]
36 UDP [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:52080 <-> [2600:1f18:2310:d230:5103:7d9e:7d75:374f]:4434 [proto: 188/QUIC][Encrypted][Confidence: DPI][cat: Web/5][1 pkts/1294 bytes <-> 1 pkts/113 bytes][Goodput ratio: 95/45][0.13 sec][Hostname/SNI: test.privateoctopus.com][ALPN: hq-30;h3-30;hq-29;h3-29;hq-28;h3-28;hq-27;h3-27][TLS Supported Versions: TLSv1.3][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][TLSv1.3][JA3C: 7d9e7f6dec1cb1dd8b79d72b1366b6cf][Firefox][Plen Bins: 0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0]
37 UDP [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:51040 <-> [2604:a880:800:a1::1279:3001]:4433 [proto: 188/QUIC][Encrypted][Confidence: DPI][cat: Web/5][1 pkts/1294 bytes <-> 1 pkts/109 bytes][Goodput ratio: 95/43][0.09 sec][Hostname/SNI: http3-test.litespeedtech.com][ALPN: hq-30;h3-30;hq-29;h3-29;hq-28;h3-28;hq-27;h3-27][TLS Supported Versions: TLSv1.3][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][TLSv1.3][JA3C: 7d9e7f6dec1cb1dd8b79d72b1366b6cf][Firefox][PLAIN TEXT (bOP/lk)][Plen Bins: 0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0]
@@ -68,10 +68,10 @@ JA3 Host Stats:
50 UDP [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:49270 <-> [2001:bc8:47a4:1c25::1]:4434 [proto: 188/QUIC][Encrypted][Confidence: DPI][cat: Web/5][1 pkts/1294 bytes <-> 1 pkts/85 bytes][Goodput ratio: 95/27][0.04 sec][Hostname/SNI: h3.stammw.eu][ALPN: hq-30;h3-30;hq-29;h3-29;hq-28;h3-28;hq-27;h3-27][TLS Supported Versions: TLSv1.3][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][TLSv1.3][JA3C: 7d9e7f6dec1cb1dd8b79d72b1366b6cf][Firefox][Plen Bins: 50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0]
51 UDP [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:51185 <-> [2001:bc8:47a4:1c25::1]:4433 [proto: 188/QUIC][Encrypted][Confidence: DPI][cat: Web/5][1 pkts/1294 bytes <-> 1 pkts/85 bytes][Goodput ratio: 95/27][0.03 sec][Hostname/SNI: h3.stammw.eu][ALPN: hq-30;h3-30;hq-29;h3-29;hq-28;h3-28;hq-27;h3-27][TLS Supported Versions: TLSv1.3][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][TLSv1.3][JA3C: 7d9e7f6dec1cb1dd8b79d72b1366b6cf][Firefox][Plen Bins: 50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0]
52 UDP [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:60346 <-> [2001:bc8:47a4:1c25::1]:443 [proto: 188/QUIC][Encrypted][Confidence: DPI][cat: Web/5][1 pkts/1294 bytes <-> 1 pkts/85 bytes][Goodput ratio: 95/27][0.03 sec][Hostname/SNI: h3.stammw.eu][ALPN: hq-30;h3-30;hq-29;h3-29;hq-28;h3-28;hq-27;h3-27][TLS Supported Versions: TLSv1.3][TLSv1.3][JA3C: 7d9e7f6dec1cb1dd8b79d72b1366b6cf][Firefox][Plen Bins: 50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0]
- 53 ICMP 202.238.220.92:0 <-> 192.168.1.128:0 [proto: 81/ICMP][ClearText][Confidence: DPI][cat: Network/14][2 pkts/1180 bytes <-> 2 pkts/194 bytes][Goodput ratio: 93/56][0.28 sec][Risk: ** Susp Entropy **][Risk Score: 50][Plen Bins: 0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 53 ICMP 202.238.220.92:0 <-> 192.168.1.128:0 [proto: 81/ICMP][ClearText][Confidence: DPI][cat: Network/14][2 pkts/1180 bytes <-> 2 pkts/194 bytes][Goodput ratio: 93/56][0.28 sec][Risk: ** Suspicious Entropy **][Risk Score: 50][Plen Bins: 0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
54 UDP 192.168.1.128:34903 <-> 18.189.84.245:443 [proto: 188.265/QUIC.AmazonAWS][Encrypted][Confidence: DPI][cat: Cloud/13][1 pkts/1294 bytes <-> 1 pkts/77 bytes][Goodput ratio: 97/45][0.13 sec][Hostname/SNI: fb.mvfst.net][ALPN: hq-30;h3-30;hq-29;h3-29;hq-28;h3-28;hq-27;h3-27][TLS Supported Versions: TLSv1.3][TLSv1.3][JA3C: 7d9e7f6dec1cb1dd8b79d72b1366b6cf][Firefox][Plen Bins: 0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0]
55 UDP 192.168.1.128:43475 <-> 18.189.84.245:4433 [proto: 188.265/QUIC.AmazonAWS][Encrypted][Confidence: DPI][cat: Cloud/13][1 pkts/1294 bytes <-> 1 pkts/73 bytes][Goodput ratio: 97/42][0.12 sec][Hostname/SNI: fb.mvfst.net][ALPN: hq-30;h3-30;hq-29;h3-29;hq-28;h3-28;hq-27;h3-27][TLS Supported Versions: TLSv1.3][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][TLSv1.3][JA3C: 7d9e7f6dec1cb1dd8b79d72b1366b6cf][Firefox][Plen Bins: 50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0]
- 56 ICMP 133.242.206.244:0 <-> 192.168.1.128:0 [proto: 81/ICMP][ClearText][Confidence: DPI][cat: Network/14][2 pkts/1180 bytes <-> 2 pkts/178 bytes][Goodput ratio: 93/53][0.22 sec][Risk: ** Susp Entropy **][Risk Score: 50][Plen Bins: 0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 56 ICMP 133.242.206.244:0 <-> 192.168.1.128:0 [proto: 81/ICMP][ClearText][Confidence: DPI][cat: Network/14][2 pkts/1180 bytes <-> 2 pkts/178 bytes][Goodput ratio: 93/53][0.22 sec][Risk: ** Suspicious Entropy **][Risk Score: 50][Plen Bins: 0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
57 UDP 192.168.1.128:41587 -> 131.159.24.198:4433 [proto: 188/QUIC][Encrypted][Confidence: DPI][cat: Web/5][1 pkts/1294 bytes -> 0 pkts/0 bytes][Goodput ratio: 97/0][< 1 sec][Hostname/SNI: pandora.cm.in.tum.de][ALPN: hq-30;h3-30;hq-29;h3-29;hq-28;h3-28;hq-27;h3-27][TLS Supported Versions: TLSv1.3][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][TLSv1.3][JA3C: 7d9e7f6dec1cb1dd8b79d72b1366b6cf][Firefox][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0]
58 UDP 192.168.1.128:43735 -> 51.158.105.98:4434 [proto: 188/QUIC][Encrypted][Confidence: DPI][cat: Web/5][1 pkts/1294 bytes -> 0 pkts/0 bytes][Goodput ratio: 97/0][< 1 sec][Hostname/SNI: quic.seemann.io][ALPN: hq-30;h3-30;hq-29;h3-29;hq-28;h3-28;hq-27;h3-27][TLS Supported Versions: TLSv1.3][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][TLSv1.3][JA3C: 7d9e7f6dec1cb1dd8b79d72b1366b6cf][Firefox][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0]
59 UDP 192.168.1.128:45250 -> 51.158.105.98:4433 [proto: 188/QUIC][Encrypted][Confidence: DPI][cat: Web/5][1 pkts/1294 bytes -> 0 pkts/0 bytes][Goodput ratio: 97/0][< 1 sec][Hostname/SNI: quic.seemann.io][ALPN: hq-30;h3-30;hq-29;h3-29;hq-28;h3-28;hq-27;h3-27][TLS Supported Versions: TLSv1.3][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][TLSv1.3][JA3C: 7d9e7f6dec1cb1dd8b79d72b1366b6cf][Firefox][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0]
@@ -87,9 +87,9 @@ JA3 Host Stats:
69 UDP [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:56073 -> [2604:a880:800:a1::1279:3001]:443 [proto: 188/QUIC][Encrypted][Confidence: DPI][cat: Web/5][1 pkts/1294 bytes -> 0 pkts/0 bytes][Goodput ratio: 95/0][< 1 sec][Hostname/SNI: http3-test.litespeedtech.com][ALPN: hq-30;h3-30;hq-29;h3-29;hq-28;h3-28;hq-27;h3-27][TLS Supported Versions: TLSv1.3][TLSv1.3][JA3C: 7d9e7f6dec1cb1dd8b79d72b1366b6cf][Firefox][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0]
70 ICMPV6 [2604:a880:800:a1::1279:3001]:0 -> [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:0 [proto: 102/ICMPV6][ClearText][Confidence: DPI][cat: Network/14][1 pkts/1294 bytes -> 0 pkts/0 bytes][Goodput ratio: 95/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0]
71 ICMPV6 [2001:4800:7817:101:be76:4eff:fe04:631d]:0 -> [2001:b07:ac9:d5ae:a4d3:fe47:691e:807d]:0 [proto: 102/ICMPV6][ClearText][Confidence: DPI][cat: Network/14][1 pkts/1294 bytes -> 0 pkts/0 bytes][Goodput ratio: 95/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0]
- 72 ICMP 131.159.24.198:0 -> 192.168.1.128:0 [proto: 81/ICMP][ClearText][Confidence: DPI][cat: Network/14][2 pkts/1180 bytes -> 0 pkts/0 bytes][Goodput ratio: 93/0][0.14 sec][Risk: ** Susp Entropy **][Risk Score: 50][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 73 ICMP 3.121.242.54:0 -> 192.168.1.128:0 [proto: 81/ICMP][ClearText][Confidence: DPI][cat: Network/14][1 pkts/590 bytes -> 0 pkts/0 bytes][Goodput ratio: 93/0][< 1 sec][Risk: ** Susp Entropy **][Risk Score: 50][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 74 ICMP 18.189.84.245:0 -> 192.168.1.128:0 [proto: 81/ICMP][ClearText][Confidence: DPI][cat: Network/14][1 pkts/590 bytes -> 0 pkts/0 bytes][Goodput ratio: 93/0][< 1 sec][Risk: ** Susp Entropy **][Risk Score: 50][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 72 ICMP 131.159.24.198:0 -> 192.168.1.128:0 [proto: 81/ICMP][ClearText][Confidence: DPI][cat: Network/14][2 pkts/1180 bytes -> 0 pkts/0 bytes][Goodput ratio: 93/0][0.14 sec][Risk: ** Suspicious Entropy **][Risk Score: 50][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 73 ICMP 3.121.242.54:0 -> 192.168.1.128:0 [proto: 81/ICMP][ClearText][Confidence: DPI][cat: Network/14][1 pkts/590 bytes -> 0 pkts/0 bytes][Goodput ratio: 93/0][< 1 sec][Risk: ** Suspicious Entropy **][Risk Score: 50][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 74 ICMP 18.189.84.245:0 -> 192.168.1.128:0 [proto: 81/ICMP][ClearText][Confidence: DPI][cat: Network/14][1 pkts/590 bytes -> 0 pkts/0 bytes][Goodput ratio: 93/0][< 1 sec][Risk: ** Suspicious Entropy **][Risk Score: 50][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
75 ICMP 192.168.1.128:0 -> 140.227.52.92:0 [proto: 81/ICMP][ClearText][Confidence: DPI][cat: Network/14][3 pkts/267 bytes -> 0 pkts/0 bytes][Goodput ratio: 53/0][0.17 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
76 ICMP 192.168.1.128:0 -> 40.112.191.60:0 [proto: 81/ICMP][ClearText][Confidence: DPI][cat: Network/14][2 pkts/194 bytes -> 0 pkts/0 bytes][Goodput ratio: 56/0][0.14 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
77 ICMP 192.168.1.128:0 -> 138.91.188.147:0 [proto: 81/ICMP][ClearText][Confidence: DPI][cat: Network/14][1 pkts/113 bytes -> 0 pkts/0 bytes][Goodput ratio: 62/0][< 1 sec][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/result/starcraft_battle.pcap.out b/tests/result/starcraft_battle.pcap.out
index ca8f111f0..9b39634a5 100644
--- a/tests/result/starcraft_battle.pcap.out
+++ b/tests/result/starcraft_battle.pcap.out
@@ -17,7 +17,7 @@ Google 22 2184 5
Github 3 234 1
Starcraft 236 51494 6
- 1 TCP 192.168.1.100:3508 <-> 87.248.221.254:80 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Download/7][90 pkts/5059 bytes <-> 89 pkts/129145 bytes][Goodput ratio: 4/96][3.22 sec][Hostname/SNI: llnw.blizzard.com][bytes ratio: -0.925 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 45/3 2914/58 341/11][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 56/1451 241/1514 20/291][URL: llnw.blizzard.com/sc2-pod-retail/AF11CD00/EU/24621.direct/s2-36281-BA356DD57557728843CAF63A12C79AA3.mfil][StatusCode: 200][Content-Type: application/octet-stream][User-Agent: Blizzard Web Client][Risk: ** Binary App Transfer **** Susp DGA Domain name **][Risk Score: 350][PLAIN TEXT (GET /sc)][Plen Bins: 0,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,97,0,0]
+ 1 TCP 192.168.1.100:3508 <-> 87.248.221.254:80 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Download/7][90 pkts/5059 bytes <-> 89 pkts/129145 bytes][Goodput ratio: 4/96][3.22 sec][Hostname/SNI: llnw.blizzard.com][bytes ratio: -0.925 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 45/3 2914/58 341/11][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 56/1451 241/1514 20/291][URL: llnw.blizzard.com/sc2-pod-retail/AF11CD00/EU/24621.direct/s2-36281-BA356DD57557728843CAF63A12C79AA3.mfil][StatusCode: 200][Content-Type: application/octet-stream][User-Agent: Blizzard Web Client][Risk: ** Binary App Transfer **** Suspicious DGA Domain name **][Risk Score: 350][PLAIN TEXT (GET /sc)][Plen Bins: 0,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,97,0,0]
2 TCP 192.168.1.100:3517 <-> 213.248.127.130:1119 [proto: 213/Starcraft][ClearText][Confidence: DPI][cat: Game/8][126 pkts/9157 bytes <-> 89 pkts/41021 bytes][Goodput ratio: 26/88][3.83 sec][bytes ratio: -0.635 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 30/37 1016/1086 104/133][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 73/461 249/1514 28/593][PLAIN TEXT (matteobracci1@gmail.com)][Plen Bins: 76,2,2,2,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,13,0,0]
3 TCP 192.168.1.100:3527 <-> 2.228.46.112:80 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][15 pkts/971 bytes <-> 26 pkts/36462 bytes][Goodput ratio: 15/96][0.10 sec][Hostname/SNI: bnetcmsus-a.akamaihd.net][bytes ratio: -0.948 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 7/3 33/34 13/9][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 65/1402 203/1514 37/387][URL: bnetcmsus-a.akamaihd.net/cms/bnet_thumbnail/gc/GCF1DHMH8FDY1434670037434.jpg][StatusCode: 200][Content-Type: image/jpeg][User-Agent: Battle.net Web Client][PLAIN TEXT (GET /cms/bnet)][Plen Bins: 0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,96,0,0]
4 TCP 192.168.1.100:3528 <-> 2.228.46.112:80 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][11 pkts/755 bytes <-> 18 pkts/24350 bytes][Goodput ratio: 20/96][0.10 sec][Hostname/SNI: bnetcmsus-a.akamaihd.net][bytes ratio: -0.940 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 12/4 37/64 16/16][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 69/1353 203/1514 43/456][URL: bnetcmsus-a.akamaihd.net/cms/bnet_thumbnail/4j/4J7OUIISCLTQ1436943629210.jpg][StatusCode: 200][Content-Type: image/jpeg][User-Agent: Battle.net Web Client][PLAIN TEXT (GET /cms/bnet)][Plen Bins: 0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,94,0,0]
@@ -41,7 +41,7 @@ Starcraft 236 51494 6
22 UDP 192.168.1.100:55468 <-> 192.168.1.254:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][2 pkts/168 bytes <-> 2 pkts/388 bytes][Goodput ratio: 50/78][0.09 sec][Hostname/SNI: bnetcmsus-a.akamaihd.net][2.228.46.112][PLAIN TEXT (bnetcmsus)][Plen Bins: 0,50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
23 UDP 173.194.40.22:443 <-> 192.168.1.100:53568 [proto: 126/Google][Encrypted][Confidence: Match by IP][cat: Web/5][3 pkts/243 bytes <-> 3 pkts/232 bytes][Goodput ratio: 48/45][28.94 sec][bytes ratio: 0.023 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 13855/13940 14457/14457 15059/14974 602/517][Pkt Len c2s/s2c min/avg/max/stddev: 77/66 81/77 83/83 3/8][Plen Bins: 16,83,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
24 UDP 192.168.1.100:58851 <-> 192.168.1.254:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][2 pkts/173 bytes <-> 2 pkts/282 bytes][Goodput ratio: 51/70][0.05 sec][Hostname/SNI: 110.212.58.216.in-addr.arpa][::][Plen Bins: 0,50,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 25 UDP 192.168.1.100:60026 <-> 192.168.1.254:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][2 pkts/154 bytes <-> 2 pkts/288 bytes][Goodput ratio: 45/71][0.08 sec][Hostname/SNI: llnw.blizzard.com][87.248.221.254][Risk: ** Susp DGA Domain name **][Risk Score: 100][PLAIN TEXT (blizzard)][Plen Bins: 0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 25 UDP 192.168.1.100:60026 <-> 192.168.1.254:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][2 pkts/154 bytes <-> 2 pkts/288 bytes][Goodput ratio: 45/71][0.08 sec][Hostname/SNI: llnw.blizzard.com][87.248.221.254][Risk: ** Suspicious DGA Domain name **][Risk Score: 100][PLAIN TEXT (blizzard)][Plen Bins: 0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
26 UDP 192.168.1.100:58818 <-> 192.168.1.254:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][2 pkts/172 bytes <-> 2 pkts/260 bytes][Goodput ratio: 51/67][0.06 sec][Hostname/SNI: 100.1.168.192.in-addr.arpa][::][PLAIN TEXT (dynect)][Plen Bins: 0,50,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
27 UDP 192.168.1.100:58831 <-> 192.168.1.254:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][2 pkts/172 bytes <-> 2 pkts/245 bytes][Goodput ratio: 51/65][0.17 sec][Hostname/SNI: 26.186.239.80.in-addr.arpa][::][Risk: ** Error Code **][Risk Score: 10][PLAIN TEXT (signup)][Plen Bins: 0,75,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
28 TCP 192.168.1.100:3532 <-> 2.228.46.112:80 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][3 pkts/320 bytes <-> 1 pkts/66 bytes][Goodput ratio: 45/0][0.04 sec][Hostname/SNI: bnetcmsus-a.akamaihd.net][URL: bnetcmsus-a.akamaihd.net/cms/bnet_header/78/78XH2UNU4JYK1434560551687.jpg][StatusCode: 0][User-Agent: Battle.net Web Client][PLAIN TEXT (GET /cms/bnet)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/result/tls_esni_sni_both.pcap.out b/tests/result/tls_esni_sni_both.pcap.out
index 4829fc14a..704c2bbd0 100644
--- a/tests/result/tls_esni_sni_both.pcap.out
+++ b/tests/result/tls_esni_sni_both.pcap.out
@@ -10,5 +10,5 @@ JA3 Host Stats:
1 192.168.1.21 1
- 1 TCP 192.168.1.21:55500 <-> 104.17.175.85:443 [proto: 91.220/TLS.Cloudflare][Encrypted][Confidence: DPI][cat: Web/5][11 pkts/1461 bytes <-> 9 pkts/7270 bytes][Goodput ratio: 58/93][0.13 sec][Hostname/SNI: these-are-not-the-droids-youre-looking-for.com][bytes ratio: -0.665 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 15/10 53/43 21/15][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 133/808 688/1514 179/685][Risk: ** TLS (probably) Not Carrying HTTPS **** TLS Susp ESNI Usage **][Risk Score: 60][TLSv1.3][JA3C: 077d20c3f8c5a1f091dc937c515b69c1][JA3S: d75f9129bb5d05492a65ff78e081bcb2][ESNI: B8845D1A37225D055CB7187B6D7CBD852ADFDA5269097680CB388AF4FC9F5C7BCE03772D5259820AFC2DA5C949A663F997D270BBD2525D0D7C4D83E6FA9CFA038C1E78C2C847BB2033853998E7D391737C1CBB3796A9F7F24D5E88F6C5AF94E95D93C2F8A168E73F18D090EAB69D7C689AFA7AD9BCAAFEFCF496509DD4DFEB3E96CE334F2B00A6C03C1F9C1BF5040BA031E789D03185DDB6BD2D2105A91463519A23CAAE0295E3F068B701D99B1AB486583C7254DDA07BE99D50C23E4681CB62A5FAA669ADFEF76693137788B3C0A5B0EEC36E004F8A11E7B5B14DD37F50C1F6F20D68828620BEFB7460A5D6910255C126F921FE6B70F2E9C7299683FAE6F9D068B139BAD1EF709DA821642B00FA7FD1BBA44EF6C3DAC61043C434224F3E570F62DAA4BF][ESNI Cipher: TLS_AES_128_GCM_SHA256][Firefox][Cipher: TLS_CHACHA20_POLY1305_SHA256][PLAIN TEXT (mw/KUc)][Plen Bins: 11,0,11,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,11,0,33,0,0]
- 2 TCP 192.168.1.21:55514 <-> 104.17.175.85:443 [proto: 91.220/TLS.Cloudflare][Encrypted][Confidence: DPI][cat: Web/5][10 pkts/1412 bytes <-> 8 pkts/5756 bytes][Goodput ratio: 60/92][0.12 sec][Hostname/SNI: you-think-thats-normal-tls-traffic-youre-seeing.com][bytes ratio: -0.606 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 15/11 50/38 20/14][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 141/720 693/1514 188/676][Risk: ** TLS (probably) Not Carrying HTTPS **** TLS Susp ESNI Usage **][Risk Score: 60][TLSv1.3][JA3C: 077d20c3f8c5a1f091dc937c515b69c1][JA3S: d75f9129bb5d05492a65ff78e081bcb2][ESNI: 4B80F11C3E3E40385229D888F5DB7398460E5FF5EC9E03E8331810BCD314C33227B55F4F0DADD4B813C9274B884ABDC0D2434429EBB559832A5D54B5D55B138366BDA28FF8DE68A292825CA14522CB5FB23A04CC654E9C6D9C5B967B20520D7FC4EFEC9D04154A40428DD4FB89742AFBAADD01105020F05B23C44F216802FDA5F9CDFBD129BAA1CCA4A4235E9F1E9D16A96FE72CEF01ACA433C697DD49D2389E1AAF817F54E971E4F290DE91ECB83A5876A3B37B97E66EBCBB90AEFE3BF39455BA2AECB7B4161D157606BCBE1E4D0C0391D57652585A1E6C49290F4D40FD6DE2EEBA63F76D6D7D924134335BA9EBE813A4197DAAC8EF6603A8B6C71AAF6A6FAAD92B1345DF53A2943845A7AB6A09CFC3783C8FBC72AD48B2ED5C04924E9DFBF57EBCDEBF][ESNI Cipher: TLS_AES_128_GCM_SHA256][Firefox][Cipher: TLS_CHACHA20_POLY1305_SHA256][Plen Bins: 12,0,12,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,12,0,25,0,0]
+ 1 TCP 192.168.1.21:55500 <-> 104.17.175.85:443 [proto: 91.220/TLS.Cloudflare][Encrypted][Confidence: DPI][cat: Web/5][11 pkts/1461 bytes <-> 9 pkts/7270 bytes][Goodput ratio: 58/93][0.13 sec][Hostname/SNI: these-are-not-the-droids-youre-looking-for.com][bytes ratio: -0.665 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 15/10 53/43 21/15][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 133/808 688/1514 179/685][Risk: ** TLS (probably) Not Carrying HTTPS **** TLS Suspicious ESNI Usage **][Risk Score: 60][TLSv1.3][JA3C: 077d20c3f8c5a1f091dc937c515b69c1][JA3S: d75f9129bb5d05492a65ff78e081bcb2][ESNI: B8845D1A37225D055CB7187B6D7CBD852ADFDA5269097680CB388AF4FC9F5C7BCE03772D5259820AFC2DA5C949A663F997D270BBD2525D0D7C4D83E6FA9CFA038C1E78C2C847BB2033853998E7D391737C1CBB3796A9F7F24D5E88F6C5AF94E95D93C2F8A168E73F18D090EAB69D7C689AFA7AD9BCAAFEFCF496509DD4DFEB3E96CE334F2B00A6C03C1F9C1BF5040BA031E789D03185DDB6BD2D2105A91463519A23CAAE0295E3F068B701D99B1AB486583C7254DDA07BE99D50C23E4681CB62A5FAA669ADFEF76693137788B3C0A5B0EEC36E004F8A11E7B5B14DD37F50C1F6F20D68828620BEFB7460A5D6910255C126F921FE6B70F2E9C7299683FAE6F9D068B139BAD1EF709DA821642B00FA7FD1BBA44EF6C3DAC61043C434224F3E570F62DAA4BF][ESNI Cipher: TLS_AES_128_GCM_SHA256][Firefox][Cipher: TLS_CHACHA20_POLY1305_SHA256][PLAIN TEXT (mw/KUc)][Plen Bins: 11,0,11,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,11,0,33,0,0]
+ 2 TCP 192.168.1.21:55514 <-> 104.17.175.85:443 [proto: 91.220/TLS.Cloudflare][Encrypted][Confidence: DPI][cat: Web/5][10 pkts/1412 bytes <-> 8 pkts/5756 bytes][Goodput ratio: 60/92][0.12 sec][Hostname/SNI: you-think-thats-normal-tls-traffic-youre-seeing.com][bytes ratio: -0.606 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 15/11 50/38 20/14][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 141/720 693/1514 188/676][Risk: ** TLS (probably) Not Carrying HTTPS **** TLS Suspicious ESNI Usage **][Risk Score: 60][TLSv1.3][JA3C: 077d20c3f8c5a1f091dc937c515b69c1][JA3S: d75f9129bb5d05492a65ff78e081bcb2][ESNI: 4B80F11C3E3E40385229D888F5DB7398460E5FF5EC9E03E8331810BCD314C33227B55F4F0DADD4B813C9274B884ABDC0D2434429EBB559832A5D54B5D55B138366BDA28FF8DE68A292825CA14522CB5FB23A04CC654E9C6D9C5B967B20520D7FC4EFEC9D04154A40428DD4FB89742AFBAADD01105020F05B23C44F216802FDA5F9CDFBD129BAA1CCA4A4235E9F1E9D16A96FE72CEF01ACA433C697DD49D2389E1AAF817F54E971E4F290DE91ECB83A5876A3B37B97E66EBCBB90AEFE3BF39455BA2AECB7B4161D157606BCBE1E4D0C0391D57652585A1E6C49290F4D40FD6DE2EEBA63F76D6D7D924134335BA9EBE813A4197DAAC8EF6603A8B6C71AAF6A6FAAD92B1345DF53A2943845A7AB6A09CFC3783C8FBC72AD48B2ED5C04924E9DFBF57EBCDEBF][ESNI Cipher: TLS_AES_128_GCM_SHA256][Firefox][Cipher: TLS_CHACHA20_POLY1305_SHA256][Plen Bins: 12,0,12,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,12,0,25,0,0]
diff --git a/tests/result/tls_invalid_reads.pcap.out b/tests/result/tls_invalid_reads.pcap.out
index 99e7d6967..50bf8a1c7 100644
--- a/tests/result/tls_invalid_reads.pcap.out
+++ b/tests/result/tls_invalid_reads.pcap.out
@@ -13,5 +13,5 @@ JA3 Host Stats:
1 TCP 192.168.10.101:3967 <-> 206.33.61.113:443 [proto: 91/TLS][Encrypted][Confidence: DPI][cat: Web/5][4 pkts/330 bytes <-> 3 pkts/1497 bytes][Goodput ratio: 31/89][0.08 sec][bytes ratio: -0.639 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/38 25/19 58/38 24/19][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 82/499 156/905 43/346][Risk: ** Obsolete TLS (v1.1 or older) **][Risk Score: 100][TLSv1][JA3S: 53611273a714cb4789c8222932efd5a7 (INSECURE)][Cipher: TLS_RSA_WITH_RC4_128_MD5][Plen Bins: 0,0,0,33,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 2 TCP 10.191.139.17:58552 <-> 54.221.224.45:443 [VLAN: 2][proto: GTP:91.275/TLS.Crashlytics][Encrypted][Confidence: DPI][cat: DataTransfer/4][2 pkts/442 bytes <-> 1 pkts/118 bytes][Goodput ratio: 41/0][0.23 sec][Hostname/SNI: e.crashlytics.com][ALPN: ][Risk: ** TLS Susp Extension **][Risk Score: 100][TLSv1.2][JA3C: 9d5430e6dfce44459702b74d790df353][Firefox][PLAIN TEXT (e.crashlytics.com)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 2 TCP 10.191.139.17:58552 <-> 54.221.224.45:443 [VLAN: 2][proto: GTP:91.275/TLS.Crashlytics][Encrypted][Confidence: DPI][cat: DataTransfer/4][2 pkts/442 bytes <-> 1 pkts/118 bytes][Goodput ratio: 41/0][0.23 sec][Hostname/SNI: e.crashlytics.com][ALPN: ][Risk: ** TLS Suspicious Extn **][Risk Score: 100][TLSv1.2][JA3C: 9d5430e6dfce44459702b74d790df353][Firefox][PLAIN TEXT (e.crashlytics.com)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 TCP 74.80.160.99:3258 -> 67.217.77.28:443 [proto: 91.132/TLS.Citrix][Encrypted][Confidence: DPI][cat: Network/14][1 pkts/64 bytes -> 0 pkts/0 bytes][Goodput ratio: 15/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/result/tor.pcap.out b/tests/result/tor.pcap.out
index 7ded6717f..95e6265e6 100644
--- a/tests/result/tor.pcap.out
+++ b/tests/result/tor.pcap.out
@@ -18,10 +18,10 @@ JA3 Host Stats:
1 TCP 192.168.1.252:51176 <-> 38.229.70.53:443 [proto: 91/TLS][Encrypted][Confidence: DPI][cat: Web/5][693 pkts/181364 bytes <-> 1133 pkts/1331914 bytes][Goodput ratio: 78/95][134.33 sec][Hostname/SNI: www.jmts2id.com][bytes ratio: -0.760 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 213/86 33482/11394 1582/404][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 262/1176 1514/1514 349/544][Risk: ** Obsolete TLS (v1.1 or older) **][Risk Score: 100][TLSv1][JA3C: 581a3c7f54555512b8cd16e87dfe165b][JA3S: e1691a31bfe345d2692da75636ddfb00][Issuer: CN=www.gg562izcxdvqdk.com][Subject: CN=www.fcsyvnlemwxv5p.net][Certificate SHA-1: C1:93:18:2C:A3:1D:AC:5F:C7:DE:17:8A:4E:B1:E8:13:BB:08:73:3A][Validity: 2013-09-15 00:00:00 - 2014-02-21 23:59:59][Cipher: TLS_DHE_RSA_WITH_AES_256_CBC_SHA][Plen Bins: 0,0,2,0,0,0,1,3,0,1,0,0,0,0,0,0,0,0,42,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,4,0,0,0,0,1,0,1,0,42,0,0]
- 2 TCP 192.168.1.252:51112 <-> 38.229.70.53:443 [proto: 91.163/TLS.Tor][Encrypted][Confidence: DPI][cat: VPN/2][580 pkts/145960 bytes <-> 996 pkts/1242832 bytes][Goodput ratio: 77/96][106.13 sec][Hostname/SNI: www.q4cyamnc6mtokjurvdclt.com][bytes ratio: -0.790 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 202/109 30770/31166 1830/1316][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 252/1248 1514/1514 355/507][Risk: ** Obsolete TLS (v1.1 or older) **** Susp DGA Domain name **** Unsafe Protocol **][Risk Score: 210][TLSv1][JA3C: 581a3c7f54555512b8cd16e87dfe165b][JA3S: e1691a31bfe345d2692da75636ddfb00][Issuer: CN=www.gg562izcxdvqdk.com][Subject: CN=www.fcsyvnlemwxv5p.net][Certificate SHA-1: C1:93:18:2C:A3:1D:AC:5F:C7:DE:17:8A:4E:B1:E8:13:BB:08:73:3A][Validity: 2013-09-15 00:00:00 - 2014-02-21 23:59:59][Cipher: TLS_DHE_RSA_WITH_AES_256_CBC_SHA][Plen Bins: 0,0,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,18,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,1,0,0,0,0,1,74,0,0]
+ 2 TCP 192.168.1.252:51112 <-> 38.229.70.53:443 [proto: 91.163/TLS.Tor][Encrypted][Confidence: DPI][cat: VPN/2][580 pkts/145960 bytes <-> 996 pkts/1242832 bytes][Goodput ratio: 77/96][106.13 sec][Hostname/SNI: www.q4cyamnc6mtokjurvdclt.com][bytes ratio: -0.790 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 202/109 30770/31166 1830/1316][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 252/1248 1514/1514 355/507][Risk: ** Obsolete TLS (v1.1 or older) **** Suspicious DGA Domain name **** Unsafe Protocol **][Risk Score: 210][TLSv1][JA3C: 581a3c7f54555512b8cd16e87dfe165b][JA3S: e1691a31bfe345d2692da75636ddfb00][Issuer: CN=www.gg562izcxdvqdk.com][Subject: CN=www.fcsyvnlemwxv5p.net][Certificate SHA-1: C1:93:18:2C:A3:1D:AC:5F:C7:DE:17:8A:4E:B1:E8:13:BB:08:73:3A][Validity: 2013-09-15 00:00:00 - 2014-02-21 23:59:59][Cipher: TLS_DHE_RSA_WITH_AES_256_CBC_SHA][Plen Bins: 0,0,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,18,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,1,0,0,0,0,1,74,0,0]
3 TCP 192.168.1.252:51110 <-> 91.143.93.242:443 [proto: 91/TLS][Encrypted][Confidence: DPI][cat: Web/5][62 pkts/22715 bytes <-> 79 pkts/45823 bytes][Goodput ratio: 84/91][109.04 sec][Hostname/SNI: www.ct7ctrgb6cr7.com][bytes ratio: -0.337 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2212/966 44777/37995 8343/4770][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 366/580 1514/1514 350/568][Risk: ** Obsolete TLS (v1.1 or older) **** TLS Cert About To Expire **][Risk Score: 150][TLSv1][JA3C: 581a3c7f54555512b8cd16e87dfe165b][JA3S: 184d532a16876b78846ae6a03f654890][Issuer: CN=www.xkgk7fdx362yyyxib.com][Subject: CN=www.g6ghvisevf3ibuu5.net][Certificate SHA-1: 94:F9:FF:E2:7F:DB:1F:B8:19:65:20:6F:F6:DE:B6:A5:D5:AF:14:C7][Validity: 2013-10-03 00:00:00 - 2013-11-18 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 2,1,1,1,1,0,1,0,0,3,0,0,0,0,0,0,2,0,58,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,1,0,1,0,22,0,0]
- 4 TCP 192.168.1.252:51175 <-> 91.143.93.242:443 [proto: 91.163/TLS.Tor][Encrypted][Confidence: DPI][cat: VPN/2][17 pkts/5489 bytes <-> 21 pkts/7031 bytes][Goodput ratio: 82/84][135.32 sec][Hostname/SNI: www.gfu7hbxpfp.com][bytes ratio: -0.123 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 10378/8441 132386/132736 35221/32094][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 323/335 640/1514 270/385][Risk: ** Obsolete TLS (v1.1 or older) **** Susp DGA Domain name **** Unsafe Protocol **** TLS Cert About To Expire **][Risk Score: 260][TLSv1][JA3C: 581a3c7f54555512b8cd16e87dfe165b][JA3S: 184d532a16876b78846ae6a03f654890][Issuer: CN=www.xkgk7fdx362yyyxib.com][Subject: CN=www.g6ghvisevf3ibuu5.net][Certificate SHA-1: 94:F9:FF:E2:7F:DB:1F:B8:19:65:20:6F:F6:DE:B6:A5:D5:AF:14:C7][Validity: 2013-10-03 00:00:00 - 2013-11-18 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,5,5,5,5,0,5,0,0,0,0,0,0,0,0,0,0,0,65,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0]
- 5 TCP 192.168.1.252:51111 <-> 46.59.52.31:443 [proto: 91.163/TLS.Tor][Encrypted][Confidence: DPI][cat: VPN/2][16 pkts/4858 bytes <-> 18 pkts/6284 bytes][Goodput ratio: 81/84][108.05 sec][Hostname/SNI: www.e6r5p57kbafwrxj3plz.com][bytes ratio: -0.128 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/3 6124/2564 71328/34353 19661/8817][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 304/349 640/1514 267/398][Risk: ** Obsolete TLS (v1.1 or older) **** Susp DGA Domain name **** Unsafe Protocol **][Risk Score: 210][TLSv1][JA3C: 581a3c7f54555512b8cd16e87dfe165b][JA3S: 184d532a16876b78846ae6a03f654890][Issuer: CN=www.gmvuy6mtjbxevwo3w.com][Subject: CN=www.bpcau5b3haif5els.net][Certificate SHA-1: 3A:B1:8A:6F:C3:F6:41:ED:77:D5:40:C3:85:79:8B:62:46:BC:65:9C][Validity: 2013-06-07 00:00:00 - 2014-02-07 00:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,5,5,5,5,0,5,0,0,0,0,0,0,0,0,0,0,0,63,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0]
+ 4 TCP 192.168.1.252:51175 <-> 91.143.93.242:443 [proto: 91.163/TLS.Tor][Encrypted][Confidence: DPI][cat: VPN/2][17 pkts/5489 bytes <-> 21 pkts/7031 bytes][Goodput ratio: 82/84][135.32 sec][Hostname/SNI: www.gfu7hbxpfp.com][bytes ratio: -0.123 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 10378/8441 132386/132736 35221/32094][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 323/335 640/1514 270/385][Risk: ** Obsolete TLS (v1.1 or older) **** Suspicious DGA Domain name **** Unsafe Protocol **** TLS Cert About To Expire **][Risk Score: 260][TLSv1][JA3C: 581a3c7f54555512b8cd16e87dfe165b][JA3S: 184d532a16876b78846ae6a03f654890][Issuer: CN=www.xkgk7fdx362yyyxib.com][Subject: CN=www.g6ghvisevf3ibuu5.net][Certificate SHA-1: 94:F9:FF:E2:7F:DB:1F:B8:19:65:20:6F:F6:DE:B6:A5:D5:AF:14:C7][Validity: 2013-10-03 00:00:00 - 2013-11-18 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,5,5,5,5,0,5,0,0,0,0,0,0,0,0,0,0,0,65,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0]
+ 5 TCP 192.168.1.252:51111 <-> 46.59.52.31:443 [proto: 91.163/TLS.Tor][Encrypted][Confidence: DPI][cat: VPN/2][16 pkts/4858 bytes <-> 18 pkts/6284 bytes][Goodput ratio: 81/84][108.05 sec][Hostname/SNI: www.e6r5p57kbafwrxj3plz.com][bytes ratio: -0.128 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/3 6124/2564 71328/34353 19661/8817][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 304/349 640/1514 267/398][Risk: ** Obsolete TLS (v1.1 or older) **** Suspicious DGA Domain name **** Unsafe Protocol **][Risk Score: 210][TLSv1][JA3C: 581a3c7f54555512b8cd16e87dfe165b][JA3S: 184d532a16876b78846ae6a03f654890][Issuer: CN=www.gmvuy6mtjbxevwo3w.com][Subject: CN=www.bpcau5b3haif5els.net][Certificate SHA-1: 3A:B1:8A:6F:C3:F6:41:ED:77:D5:40:C3:85:79:8B:62:46:BC:65:9C][Validity: 2013-06-07 00:00:00 - 2014-02-07 00:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,5,5,5,5,0,5,0,0,0,0,0,0,0,0,0,0,0,63,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0]
6 TCP 192.168.1.252:51174 <-> 212.83.155.250:443 [proto: 91/TLS][Encrypted][Confidence: DPI][cat: Web/5][16 pkts/3691 bytes <-> 16 pkts/6740 bytes][Goodput ratio: 75/87][135.27 sec][Hostname/SNI: www.t3i3ru.com][bytes ratio: -0.292 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/2 11234/11261 72591/72890 25060/25130][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 231/421 640/1514 243/403][Risk: ** Obsolete TLS (v1.1 or older) **** TLS Cert About To Expire **][Risk Score: 150][TLSv1][JA3C: 581a3c7f54555512b8cd16e87dfe165b][JA3S: 184d532a16876b78846ae6a03f654890][Issuer: CN=www.wohgpas45j6ucw.com][Subject: CN=www.7d43ah2kikrabj.net][Certificate SHA-1: F9:1D:5F:89:8F:D8:58:1E:45:E7:9B:A6:FD:90:95:77:FF:DD:E8:1B][Validity: 2013-09-11 00:00:00 - 2013-11-24 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,5,11,0,5,0,5,0,0,0,0,0,0,0,0,0,0,0,61,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0]
7 TCP 192.168.1.252:51185 <-> 62.210.137.230:443 [proto: 91/TLS][Encrypted][Confidence: DPI][cat: Web/5][15 pkts/3634 bytes <-> 14 pkts/6027 bytes][Goodput ratio: 76/87][74.24 sec][Hostname/SNI: www.6gyip7tqim7sieb.com][bytes ratio: -0.248 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/15 6155/6464 63835/63837 17571/19124][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 242/430 640/1514 247/416][Risk: ** Obsolete TLS (v1.1 or older) **][Risk Score: 100][TLSv1][JA3C: 581a3c7f54555512b8cd16e87dfe165b][JA3S: 184d532a16876b78846ae6a03f654890][Issuer: CN=www.a3uycdf3rn5md.com][Subject: CN=www.l7xvysfnvkb.net][Certificate SHA-1: EE:86:E7:21:36:93:23:30:DB:A0:09:48:55:16:CB:A8:E9:DA:01:D0][Validity: 2013-11-02 00:00:00 - 2014-02-17 00:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,6,12,0,6,0,6,0,0,0,0,0,0,0,0,0,0,0,57,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0]
8 UDP 192.168.1.1:17500 -> 192.168.1.255:17500 [proto: 121/Dropbox][ClearText][Confidence: DPI][cat: Cloud/13][10 pkts/1860 bytes -> 0 pkts/0 bytes][Goodput ratio: 77/0][600.89 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 30033/0 66765/0 360548/0 103868/0][Pkt Len c2s/s2c min/avg/max/stddev: 186/0 186/0 186/0 0/0][PLAIN TEXT ( 676879976)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/result/trickbot.pcap.out b/tests/result/trickbot.pcap.out
index d3833851e..c73c5c28a 100644
--- a/tests/result/trickbot.pcap.out
+++ b/tests/result/trickbot.pcap.out
@@ -5,4 +5,4 @@ Confidence DPI : 1 (flows)
HTTP 74 62002 1
- 1 TCP 10.12.29.101:61318 <-> 82.118.225.196:7080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][28 pkts/2801 bytes <-> 46 pkts/59201 bytes][Goodput ratio: 46/96][8.40 sec][Hostname/SNI: 82.118.225.196][bytes ratio: -0.910 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 327/167 1000/1000 339/292][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 100/1287 982/1514 182/426][URL: 82.118.225.196:7080/OK21pqJAtyyGBEo00sk][StatusCode: 200][Req Content-Type: application/x-www-form-urlencoded][Content-Type: text/html][User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Susp Content **][Risk Score: 160][PLAIN TEXT (POST /OK21p)][Plen Bins: 0,0,0,0,0,0,0,2,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,2,0,0,0,0,4,0,0,6,2,0,35,0,0,44,0,0]
+ 1 TCP 10.12.29.101:61318 <-> 82.118.225.196:7080 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][28 pkts/2801 bytes <-> 46 pkts/59201 bytes][Goodput ratio: 46/96][8.40 sec][Hostname/SNI: 82.118.225.196][bytes ratio: -0.910 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 327/167 1000/1000 339/292][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 100/1287 982/1514 182/426][URL: 82.118.225.196:7080/OK21pqJAtyyGBEo00sk][StatusCode: 200][Req Content-Type: application/x-www-form-urlencoded][Content-Type: text/html][User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** HTTP Suspicious Content **][Risk Score: 160][PLAIN TEXT (POST /OK21p)][Plen Bins: 0,0,0,0,0,0,0,2,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,2,0,0,0,0,4,0,0,6,2,0,35,0,0,44,0,0]
diff --git a/tests/result/weibo.pcap.out b/tests/result/weibo.pcap.out
index 22114bf64..eb350b259 100644
--- a/tests/result/weibo.pcap.out
+++ b/tests/result/weibo.pcap.out
@@ -37,7 +37,7 @@ JA3 Host Stats:
16 UDP 192.168.1.105:51440 <-> 192.168.1.1:53 [proto: 5.274/DNS.Alibaba][ClearText][Confidence: DPI][cat: Web/5][1 pkts/72 bytes <-> 1 pkts/171 bytes][Goodput ratio: 41/75][0.19 sec][Hostname/SNI: g.alicdn.com][47.89.65.229][PLAIN TEXT (alicdn)][Plen Bins: 50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
17 UDP 192.168.1.105:33822 <-> 192.168.1.1:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][1 pkts/76 bytes <-> 1 pkts/166 bytes][Goodput ratio: 44/74][0.47 sec][Hostname/SNI: login.taobao.com][140.205.170.63][PLAIN TEXT (taobao)][Plen Bins: 0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
18 UDP 192.168.1.105:18035 <-> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][ClearText][Confidence: DPI][cat: SocialNetwork/6][1 pkts/81 bytes <-> 1 pkts/159 bytes][Goodput ratio: 48/73][0.11 sec][Hostname/SNI: u1.img.mobile.sina.cn][222.73.28.96][PLAIN TEXT (mobile)][Plen Bins: 0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 19 UDP 192.168.1.105:50640 <-> 192.168.1.1:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][1 pkts/77 bytes <-> 1 pkts/157 bytes][Goodput ratio: 45/73][0.47 sec][Hostname/SNI: acjstb.aliyun.com][42.156.184.19][Risk: ** Susp DGA Domain name **][Risk Score: 100][PLAIN TEXT (alibabadns)][Plen Bins: 0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 19 UDP 192.168.1.105:50640 <-> 192.168.1.1:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][1 pkts/77 bytes <-> 1 pkts/157 bytes][Goodput ratio: 45/73][0.47 sec][Hostname/SNI: acjstb.aliyun.com][42.156.184.19][Risk: ** Suspicious DGA Domain name **][Risk Score: 100][PLAIN TEXT (alibabadns)][Plen Bins: 0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
20 UDP 192.168.1.105:7148 <-> 192.168.1.1:53 [proto: 5.200/DNS.Sina(Weibo)][ClearText][Confidence: DPI][cat: SocialNetwork/6][1 pkts/73 bytes <-> 1 pkts/142 bytes][Goodput ratio: 42/70][0.06 sec][Hostname/SNI: www.weibo.com][93.188.134.137][Plen Bins: 50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
21 TCP 192.168.1.105:35808 <-> 93.188.134.246:80 [proto: 7/HTTP][ClearText][Confidence: Match by port][cat: Web/5][2 pkts/140 bytes <-> 1 pkts/74 bytes][Goodput ratio: 0/0][0.06 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
22 TCP 192.168.1.105:50831 <-> 47.89.65.229:443 [proto: 91/TLS][Encrypted][Confidence: Match by port][cat: Web/5][2 pkts/128 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0/0][0.22 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Powered by cgit, Themed by Ted Yin.